Kannutt Skrevet 28. mars 2011 Rapporter Del Skrevet 28. mars 2011 Hjelp! Maskinen min går tregt, nettleser fungerer bare periodevis, og flere administrator oppgaver er fratatt meg. Har lest denne tråden: https://www.diskusjon.no/index.php?showtopic=691246 Har lastet ned og kjørt, og fått logger fra Malwarebytes Anti-Malware og Combofix. Kan noen hjelpe?? Jeg er sånn passe "grønn" her, så setter veldig pris på hjelp! Logg fra Malwarebytes: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databaseversjon: 6195 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 28.03.2011 16:38:57 mbam-log-2011-03-28 (16-38-57).txt Skanntype: Hurtigsøk Objekter skannet: 149506 Tid tilbakelagt: 6 minutt(er), 24 sekund(er) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert 0 Minneprosesser infisert: (Ingen skadelige objekter funnet) Minnemoduler infisert: (Ingen skadelige objekter funnet) Registernøkler infisert: (Ingen skadelige objekter funnet) Registerverdier infisert: (Ingen skadelige objekter funnet) Registerfiler infisert: (Ingen skadelige objekter funnet) Mapper infisert: (Ingen skadelige objekter funnet) Filer infisert (Ingen skadelige objekter funnet) Logg fra combofix: ComboFix 11-03-27.02 - Kon 28.03.2011 16:56:14.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.47.1044.18.3003.1742 [GMT 2:00] Kjører fra: c:\users\Kon\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\dlumd10.dll c:\windows\system32\dlumd9.dll c:\windows\Temp\log.txt . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2011-02-28 til 2011-03-28 ))))))))))))))))))))))))))))))))) . . 2011-03-28 15:03 . 2011-03-28 15:03 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-03-28 14:32 . 2011-03-28 14:32 -------- d-----w- c:\users\Kon\AppData\Roaming\Malwarebytes 2011-03-28 14:32 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-03-28 14:32 . 2011-03-28 14:32 -------- d-----w- c:\programdata\Malwarebytes 2011-03-28 14:31 . 2011-03-28 14:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-03-28 14:31 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-03-26 18:07 . 2010-03-23 12:15 13936 ----a-w- c:\windows\system32\drivers\dlkmdldr.sys 2011-03-26 18:07 . 2010-03-23 12:15 165488 ----a-w- c:\windows\system32\drivers\dlkmd.sys 2011-03-26 17:42 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll 2011-03-26 17:39 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll 2011-03-26 17:39 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2011-03-26 17:39 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2011-03-26 17:39 . 2011-01-06 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-03-26 17:39 . 2009-10-23 17:10 714240 ----a-w- c:\windows\system32\timedate.cpl 2011-03-26 17:39 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-03-26 17:39 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll 2011-03-26 17:39 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll 2011-03-26 17:34 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll 2011-03-26 17:34 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll 2011-03-26 17:34 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe 2011-03-26 17:34 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2011-03-26 17:34 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe 2011-03-26 17:34 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2011-03-26 17:34 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2011-03-26 17:34 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll 2011-03-26 17:34 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll 2011-03-26 17:23 . 2011-03-26 17:23 -------- d-----w- c:\program files\Common Files\Adobe 2011-03-26 17:22 . 2011-03-26 17:22 -------- d-----w- c:\program files\Common Files\Java 2011-03-26 17:22 . 2011-02-02 20:40 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-03-26 15:54 . 2011-03-26 15:54 -------- d-----w- c:\users\Kon\AppData\Local\Microsoft Games 2011-03-26 15:35 . 2011-03-26 15:35 979456 ----a-w- c:\windows\system32\MFH264Dec.dll 2011-03-26 14:41 . 2011-03-26 14:41 -------- d-----w- c:\users\Kon\AppData\Roaming\AVG10 2011-03-26 14:31 . 2011-03-26 14:31 -------- d-----w- c:\users\Kon\AppData\Local\Mozilla 2011-03-26 02:12 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2011-03-26 02:12 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll 2011-03-26 02:12 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll 2011-03-26 02:12 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2011-03-26 02:12 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll 2011-03-26 02:09 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe 2011-03-25 21:58 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe 2011-03-25 21:58 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2011-03-25 21:58 . 2010-10-15 14:08 3602320 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-03-25 21:58 . 2010-10-15 14:08 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-03-25 21:58 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll 2011-03-25 21:56 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll 2011-03-25 21:56 . 2010-05-27 20:08 81920 ----a-w- c:\windows\system32\iccvid.dll 2011-03-25 21:56 . 2010-08-17 14:11 128000 ----a-w- c:\windows\system32\spoolsv.exe 2011-03-25 21:56 . 2010-01-29 15:40 1616384 ----a-w- c:\program files\Windows Mail\msoe.dll 2011-03-25 21:56 . 2010-02-23 11:10 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-03-25 21:56 . 2010-02-23 11:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-03-25 21:56 . 2010-02-23 11:10 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-03-25 21:56 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll 2011-03-25 21:55 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe 2011-03-25 21:55 . 2010-06-17 18:08 10926592 ----a-w- c:\program files\Movie Maker\MOVIEMK.dll 2011-03-25 21:55 . 2010-06-17 16:16 150016 ----a-w- c:\program files\Movie Maker\MOVIEMK.exe 2011-03-25 21:55 . 2010-04-05 17:02 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL 2011-03-25 21:55 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll 2011-03-25 21:55 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll 2011-03-25 21:55 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll 2011-03-25 21:55 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe 2011-03-25 21:55 . 2010-01-21 15:05 62464 ----a-w- c:\windows\system32\l3codeca.acm 2011-03-25 21:55 . 2009-04-11 06:27 220672 ----a-w- c:\windows\system32\l3codecp.acm 2011-03-25 21:55 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll 2011-03-25 21:55 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll 2011-03-25 21:54 . 2010-11-04 18:55 601600 ----a-w- c:\windows\system32\schedsvc.dll 2011-03-25 21:54 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll 2011-03-25 21:54 . 2010-11-04 18:56 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll 2011-03-25 21:54 . 2010-11-04 18:55 270336 ----a-w- c:\windows\system32\taskcomp.dll 2011-03-25 21:54 . 2010-11-04 16:34 171520 ----a-w- c:\windows\system32\taskeng.exe 2011-03-25 21:54 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe 2011-03-25 21:54 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll 2011-03-25 21:49 . 2010-06-16 16:04 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-03-25 21:48 . 2010-05-27 20:08 739328 ----a-w- c:\windows\system32\inetcomm.dll 2011-03-25 21:32 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll 2011-03-25 21:31 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-18 18:03 . 2011-03-26 14:28 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-12 186904] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-03-25 30192] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-04-11 7399968] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-04-11 1833504] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824] "LManager"="c:\program files\Launch Manager\LManager.exe" [2009-04-09 1071624] "BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-05-26 253696] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2009-03-30 62760] "Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-05-15 440864] "ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-04-29 176128] "TosDockApp"="c:\program files\TOSHIBA\dynadock_II\TosDockApp.exe" [2008-10-21 169272] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-03 1848648] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-11-23 565248] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . R2 gupdate;Googles oppdateringstjeneste (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472] R3 cmusbser;%CMUSBSER%;c:\windows\system32\DRIVERS\cmusbser.sys [2006-12-13 87040] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-25 30192] R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424] S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys [2010-03-23 13936] S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2010-03-23 4752744] S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2009-04-11 117256] S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-05-15 703008] S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-05-26 62208] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632] S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2009-04-29 118784] S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568] S3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.2.24075.0.sys [2010-03-23 21888] S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys [2010-03-23 165488] S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-12-05 112640] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C60x86.sys [2009-09-04 53248] S3 NETw1v32;Intel® Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw1v32.sys [2009-06-19 5958144] S3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [2008-09-08 1499648] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2011-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 06:10] . 2011-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 06:10] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.google.no/ mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0414&s=2&o=vp32&d=1109&m=aspire_4810t uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s FF - ProfilePath - c:\users\Kon\AppData\Roaming\Mozilla\Firefox\Profiles\iioo4xea.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.no/ . - - - - TOMME PEKERE FJERNET - - - - . Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-TosDockSvr - c:\program files\TOSHIBA\dynadock_II\TosDockSvr.exe HKLM-Run-Cm106Sound - cm106.cpl SafeBoot-mcmscsvc SafeBoot-MCODS . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-03-28 17:03 Windows 6.0.6002 Service Pack 2 NTFS . skanner skjulte prosesser ... . skanner skjulte autostart-oppføringer ... . skanner skjulte filer ... . skanning vellykket skjulte filer: 0 . ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Tidspunkt ferdig: 2011-03-28 17:05:12 ComboFix-quarantined-files.txt 2011-03-28 15:05 . Pre-Run: 381 893 840 896 byte ledig Post-Run: 381 366 509 568 byte ledig . - - End Of File - - DA99A78F5B47690DF6BAF29198E5F09E Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå