Spywarefri Forum | Acer Aspire 6920 - Kører alt alt for langsomt

Acer Aspire 6920 - Kører alt alt for langsomt

[ Ignorer ] JokkenEnterprises
08.02.2010 23:21:40 Helt nyt medlem Antal indlæg: 7	Hej spywarefri.dk Jeg har et nærmest prekær problem med min computer. Jeg har, som overskriften siger, en Acer Aspire Bærbar pc med nummeret 6920. Jeg har haft så mange problemer med min computer, at jeg tænkte at dette var den eneste udvej :( Håber virkelig i kan hjælpe mig med at fixe den lave hastighed den kører med pt. Jeg har en ven, som har nøjagtig samme computer købt på næsten samme tidspunkt - forskellen er bare den, at hans computer kører mindst 4 gange så hurtig som min. Det synes jeg jo er sørgeligt. Købte derfor Windows 7, der til min store skuffelse viste sig ikke at understøttes af modellen. 1000 kr. lige ud af vinduet. Har derfor skiftet tilbage til Vista for at se om det skulle hjælpe. Har formateret min computer flere gange med sikkerheds-DVD’erne jeg lavede med fabriksindstillinger osv, men det lader ikke til at virke. Har købt en HijackThis og loggen ser således ud: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:07:20, on 08-02-2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18385) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\rundll32.exe C:\Windows\PLFSetI.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe C:\Program Files\League of Legends\lol.launcher.exe C:\Users\Johan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Johan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Johan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Johan\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://da.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://da.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://da.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [CLMLServer] “C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe” O4 - HKLM\..\Run: [PlayMovie] “C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe” O4 - HKLM\..\Run: [ArcadeDeluxeAgent] “C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe” O4 - HKLM\..\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe” O4 - HKLM\..\Run: [SBAMTray] C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe O4 - HKCU\..\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOKAL TJENESTE’) O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOKAL TJENESTE’) O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETVÆRKSTJENESTE’) O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send billede til &Bluetooth;-enhed… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send siden til &Bluetooth;-enhed… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra ‘Tools’ menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra ‘Tools’ menuitem: S&end; til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra ‘Tools’ menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe — End of file - 9311 bytes Jeg har Windows 7 DVD osv. og vil egentlig gerne installere det senere hen, men min mission er nu at få min computer til at fungere igen. Håber i vil hjælpe ! Mvh. Johan Klitgård
[ Ignorer ] [ # 1 ] Magic Spywarefri
09.02.2010 05:30:41 Administrator Team Spywarefri Antal indlæg: 26199	Hej og velkommen Hent og installer Ccleaner her: http://www.filehippo.com/download_ccleaner.html Klik på Download Latest Version Fjern flueben ved - Installer Yahoo toolbar Når du åbner programmet for første gang, vil der være flueben i alle felter. Hvis du ønsker at bevare cookies, kan du fjerne dette flueben. Klik på Kør Cleaner, for at få renset din computer. Du vil nu få en advarsel, om at disse filer slettes fuldstændigt fra dit system, og om du ønsker at fortsætte. Klik på Ok for at svare ja til det. Sæt flueben ved -> Vis mig ikke denne besked igen. Genstart. Hent Combofix, og gem den på dit skrivebord, som alg.exe: ComboFix Luk alle andre vinduer ned. Kør så combofix.exe, og følg anvisningerne. Du må ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C: Combofix txt Indholdet af denne fil må du gerne lægge herind NB. Før du sender logfilerne, beder vi dig om at fjerne enhvert P2P/fildelings program, hvis du har nogen, og dette inkluderer Torrent software, før vi renser computeren. Signatur Medlem af: Alliance of Security Analysis Professionals
[ Ignorer ] [ # 2 ] JokkenEnterprises
09.02.2010 19:30:31 Helt nyt medlem Antal indlæg: 7	Hej igen. Og tak for den hurtige tilbagemelding! Jeg er allerede bruger af det effektive CCleaner, og benytter det regelmæssigt. Men har for en god ordens skyld nu også kørt den igennem et par gange. Derudover har jeg også scannet og defragmenteret med AusLogics BoostSpeed, hvilket er et købeprogram jeg ligeledes elsker. Du søgte en rapport fra “Combofix.exe” og den ser således ud: ComboFix 10-02-08.09 - Johan 09-02-2010 16:47:20.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.45.1030.18.3069.1670 [GMT 1:00] Kører fra: c:\users\Johan\Desktop\ComboFix.exe SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\temp D:\resycled . ((((((((((((((((((((((((((((( Filer skabt fra 2010-01-09 til 2010-02-09 ))))))))))))))))))))))))))))))))))) . 2010-02-09 15:59 . 2010-02-09 16:01 ———— d——-w- c:\users\Johan\AppData\Local\temp 2010-02-09 15:59 . 2010-02-09 15:59 ———— d——-w- c:\users\Default\AppData\Local\temp 2010-02-08 22:19 . 2010-02-08 22:19 ———— d——-w- c:\users\Johan\AppData\Roaming\Malwarebytes 2010-02-08 22:19 . 2010-01-07 15:07 38224 ——a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-02-08 22:19 . 2010-02-08 22:19 ———— d——-w- c:\program files\Malwarebytes’ Anti-Malware 2010-02-08 22:19 . 2010-02-08 22:19 ———— d——-w- c:\programdata\Malwarebytes 2010-02-08 22:19 . 2010-01-07 15:07 19160 ——a-w- c:\windows\system32\drivers\mbam.sys 2010-02-08 22:06 . 2010-02-08 22:06 ———— d——-w- c:\program files\Trend Micro 2010-02-07 20:25 . 2010-02-07 20:25 ———— d——-w- c:\program files\Mumble 2010-02-07 17:36 . 2010-02-07 17:36 ———— d——-w- c:\program files\Bullfrog 2010-02-07 17:36 . 1996-11-05 15:13 299008 ——a-w- c:\windows\uninst.exe 2010-02-07 17:18 . 2010-02-07 17:18 0 ——a-w- c:\windows\system32\SBRC.dat 2010-02-07 14:19 . 2010-02-07 14:19 ———— d——-w- c:\users\Johan\AppData\Roaming\Sunbelt 2010-02-07 14:19 . 2010-02-07 14:19 ———— d——-w- c:\programdata\Sunbelt 2010-02-07 14:15 . 2009-07-15 07:17 203056 ——a-w- c:\windows\system32\drivers\sbtis.sys 2010-02-07 14:15 . 2010-02-07 14:15 ———— d——-w- c:\program files\Sunbelt Software 2010-02-05 22:06 . 2010-02-05 22:06 ———— d——-w- C:\PFiles 2010-02-05 17:04 . 2010-02-05 17:04 ———— d——-w- c:\windows\Sun 2010-02-05 17:03 . 2010-02-05 17:03 ———— d——-w- c:\program files\Common Files\Java 2010-02-05 17:03 . 2010-02-05 17:03 411368 ——a-w- c:\windows\system32\deploytk.dll 2010-02-05 17:02 . 2010-02-05 17:02 ———— d——-w- c:\program files\Java 2010-02-05 16:15 . 2010-02-05 16:15 ———— d——-w- c:\program files\Common Files\xing shared 2010-02-05 16:15 . 2010-02-05 16:15 ———— d——-w- c:\program files\Real 2010-02-05 16:15 . 2010-02-05 16:16 ———— d——-w- c:\program files\Common Files\Real 2010-02-03 19:42 . 2010-02-07 20:13 ———— d——-w- c:\users\Johan\AppData\Roaming\skypePM 2010-02-03 19:39 . 2010-02-07 21:03 ———— d——-w- c:\users\Johan\AppData\Roaming\Skype 2010-02-03 19:38 . 2010-02-03 19:38 ———— d——-w- c:\program files\Common Files\Skype 2010-02-03 19:38 . 2010-02-03 19:38 ———— d——-r- c:\program files\Skype 2010-02-03 19:38 . 2010-02-03 19:38 ———— d——-w- c:\programdata\Skype 2010-02-03 16:14 . 2009-08-24 12:16 378368 ——a-w- c:\windows\system32\winhttp.dll 2010-02-02 21:14 . 2010-02-02 21:14 ———— d——-w- c:\programdata\Office Genuine Advantage 2010-02-02 21:00 . 2010-02-02 21:00 ———— d——-w- c:\users\Public\Roaming 2010-02-02 21:00 . 2010-02-02 21:00 ———— d——-w- c:\users\Johan\Roaming 2010-02-02 21:00 . 2010-02-02 21:00 ———— d——-w- c:\users\Johan\AppData\Roaming\Intel 2010-02-02 21:00 . 2010-02-02 21:00 ———— d——-w- c:\users\Default\Roaming 2010-02-02 21:00 . 2010-02-02 21:00 ———— d——-w- c:\programdata\Roaming 2010-02-02 20:59 . 2010-02-02 20:59 ———— d——-w- c:\program files\Cisco 2010-02-02 20:59 . 2010-02-02 20:59 ———— d——-w- c:\program files\Common Files\Intel 2010-02-02 20:59 . 2010-02-02 20:59 ———— d——-w- c:\programdata\Intel 2010-02-02 20:55 . 2009-06-15 15:21 499712 ——a-w- c:\windows\system32\kerberos.dll 2010-02-02 20:55 . 2009-06-15 15:24 270848 ——a-w- c:\windows\system32\schannel.dll 2010-02-02 19:01 . 2010-02-02 20:17 ———— d——-w- c:\users\Johan\AppData\Roaming\TeamViewer 2010-02-02 19:00 . 2010-02-02 19:00 ———— d——-w- c:\program files\TeamViewer 2010-02-02 17:48 . 2010-02-02 17:48 ———— d——-w- c:\users\Johan\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1 2010-02-02 16:23 . 2008-10-10 03:52 4379984 ——a-w- c:\windows\system32\D3DX9_40.dll 2010-02-02 16:22 . 2008-03-05 14:56 3786760 ——a-w- c:\windows\system32\D3DX9_37.dll 2010-02-02 16:21 . 2007-03-12 15:42 3495784 ——a-w- c:\windows\system32\d3dx9_33.dll 2010-02-02 16:20 . 2005-05-26 14:34 2297552 ——a-w- c:\windows\system32\d3dx9_26.dll 2010-02-02 16:15 . 2010-02-02 16:17 ———— d—h—w- c:\windows\msdownld.tmp 2010-02-02 16:14 . 2010-02-02 16:16 ———— d——-w- c:\program files\Common Files\Adobe AIR 2010-02-02 16:09 . 2010-02-08 21:18 ———— d——-w- c:\program files\League of Legends 2010-02-02 16:07 . 2010-02-02 16:07 ———— d——-w- c:\users\Johan\AppData\Roaming\Yahoo! 2010-02-01 19:12 . 2010-02-01 19:12 ———— d——-w- C:\BC31 2010-02-01 19:12 . 2003-02-20 20:51 398416 ———w- c:\windows\system\VBRUN300.DLL 2010-02-01 19:12 . 2003-02-20 20:49 35712 ———w- c:\windows\system\TWAOPS01.DLL 2010-02-01 19:12 . 2003-02-20 18:51 80304 ———w- c:\windows\system\TWAVBX.DLL 2010-02-01 19:12 . 2003-02-20 18:50 20480 ———w- c:\windows\system\TWAOPS32.DLL 2010-02-01 19:12 . 2003-02-20 18:50 29696 ———w- c:\windows\system\WIN32CMI.DLL 2010-02-01 19:12 . 2003-02-20 18:49 19456 ———w- c:\windows\system\TWAVER32.EXE 2010-02-01 19:12 . 2003-02-20 18:49 7437 ———w- c:\windows\system\TWADST10.EXE 2010-02-01 19:12 . 2003-02-20 18:48 7968 ———w- c:\windows\system\TWACALL.EXE 2010-02-01 19:12 . 2003-02-20 18:48 28496 ———w- c:\windows\system\TWARSC01.DLL 2010-02-01 17:52 . 2010-02-01 17:54 ———— d——-w- c:\users\Johan\AppData\Roaming\Ventrilo 2010-02-01 17:35 . 2010-02-01 17:35 ———— d——-w- c:\program files\Ventrilo 2010-02-01 17:34 . 2010-02-01 17:34 ———— d——-w- c:\program files\Common Files\Wise Installation Wizard 2010-02-01 16:43 . 2010-02-01 17:30 99633 ——a-w- c:\windows\War3Unin.dat 2010-02-01 16:43 . 2010-02-01 17:03 2829 ——a-w- c:\windows\War3Unin.pif 2010-02-01 16:43 . 2010-02-01 17:03 139264 ——a-w- c:\windows\War3Unin.exe 2010-02-01 16:42 . 2010-02-08 21:16 ———— d——-w- c:\program files\Warcraft III 2010-02-01 16:08 . 2010-02-01 17:04 ———— d——-w- c:\users\Johan\AppData\Local\Apple Computer 2010-02-01 16:08 . 2010-02-01 17:04 ———— d——-w- c:\users\Johan\AppData\Roaming\Apple Computer 2010-02-01 16:07 . 2009-05-18 13:17 26600 ——a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2010-02-01 16:07 . 2008-04-17 12:12 107368 ——a-w- c:\windows\system32\GEARAspi.dll 2010-02-01 16:07 . 2010-02-01 16:07 ———— dc——w- c:\windows\system32\DRVSTORE 2010-02-01 16:03 . 2010-02-01 16:03 ———— d——-w- c:\program files\iPod 2010-02-01 16:03 . 2010-02-01 16:07 ———— d——-w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2010-02-01 16:03 . 2010-02-01 16:07 ———— d——-w- c:\program files\iTunes 2010-02-01 16:00 . 2010-02-01 16:00 ———— d——-w- c:\program files\Bonjour 2010-02-01 15:56 . 2010-02-01 15:59 ———— d——-w- c:\program files\QuickTime 2010-02-01 15:56 . 2010-02-01 16:03 ———— d——-w- c:\programdata\Apple Computer 2010-02-01 15:55 . 2010-02-01 15:55 ———— d——-w- c:\users\Johan\AppData\Local\Apple 2010-02-01 15:55 . 2010-02-01 15:55 ———— d——-w- c:\program files\Apple Software Update 2010-02-01 15:51 . 2010-02-01 16:03 ———— d——-w- c:\program files\Common Files\Apple 2010-02-01 15:51 . 2010-02-01 15:51 ———— d——-w- c:\programdata\Apple 2010-02-01 15:03 . 2010-02-01 15:32 ———— d——-w- c:\program files\RocketDock 2010-02-01 14:58 . 2010-02-01 14:58 ———— d——-w- c:\program files\CCleaner 2010-02-01 14:47 . 2010-02-01 14:47 ———— d——-w- c:\program files\Common Files\Adobe 2010-01-31 21:46 . 2010-01-31 21:47 ———— d——-w- c:\users\Johan\AppData\Local\Google 2010-01-31 21:46 . 2010-01-31 21:46 ———— d——-w- c:\users\Johan\AppData\Local\Apps 2010-01-31 21:46 . 2010-01-31 21:46 ———— d——-w- c:\users\Johan\AppData\Local\Deployment 2010-01-31 21:11 . 2010-01-31 21:11 ———— d——-w- c:\users\Default\AppData\Local\Microsoft Help 2010-01-31 20:27 . 2010-02-08 17:52 ———— d——-w- c:\users\Johan\Tracing 2010-01-31 20:24 . 2010-02-03 22:04 ———— d——-w- c:\users\Johan\AppData\Local\Adobe 2010-01-31 20:23 . 2010-01-31 20:23 ———— d——-w- c:\program files\Microsoft 2010-01-31 20:23 . 2010-01-31 20:24 ———— d——-w- c:\program files\Windows Live 2010-01-31 20:19 . 2010-01-31 20:19 ———— d——-w- c:\program files\Common Files\Windows Live 2010-01-31 19:11 . 2009-10-29 09:41 2048 ——a-w- c:\windows\system32\tzres.dll 2010-01-31 18:26 . 2009-11-09 13:22 24064 ——a-w- c:\windows\system32\nshhttp.dll 2010-01-31 18:26 . 2009-11-09 11:04 411136 ——a-w- c:\windows\system32\drivers\http.sys 2010-01-31 18:26 . 2009-11-09 13:20 31232 ——a-w- c:\windows\system32\httpapi.dll 2010-01-31 18:04 . 2008-06-20 01:14 97800 ——a-w- c:\windows\system32\infocardapi.dll 2010-01-31 18:04 . 2008-06-20 01:14 105016 ——a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2010-01-31 18:04 . 2008-06-20 01:14 43544 ——a-w- c:\windows\system32\PresentationHostProxy.dll 2010-01-31 18:04 . 2008-06-20 01:14 11264 ——a-w- c:\windows\system32\icardres.dll 2010-01-31 18:04 . 2008-06-20 01:14 622080 ——a-w- c:\windows\system32\icardagt.exe 2010-01-31 18:04 . 2008-06-20 01:14 781344 ——a-w- c:\windows\system32\PresentationNative_v0300.dll 2010-01-31 18:04 . 2008-06-20 01:14 326160 ——a-w- c:\windows\system32\PresentationHost.exe 2010-01-31 17:59 . 2008-07-27 18:03 96760 ——a-w- c:\windows\system32\dfshim.dll 2010-01-31 17:59 . 2008-07-27 18:03 282112 ——a-w- c:\windows\system32\mscoree.dll 2010-01-31 17:59 . 2008-07-27 18:03 41984 ——a-w- c:\windows\system32\netfxperf.dll 2010-01-31 17:58 . 2008-07-27 18:03 158720 ——a-w- c:\windows\system32\mscorier.dll 2010-01-31 17:58 . 2008-07-27 18:03 83968 ——a-w- c:\windows\system32\mscories.dll 2010-01-31 17:57 . 2010-01-31 17:57 ———— d——-w- c:\program files\MSXML 4.0 2010-01-31 02:49 . 2008-06-26 01:45 12240896 ——a-w- c:\windows\system32\NlsLexicons0007.dll 2010-01-31 02:49 . 2008-06-26 01:45 2644480 ——a-w- c:\windows\system32\NlsLexicons0009.dll 2010-01-31 02:49 . 2008-06-26 03:29 801280 ——a-w- c:\windows\system32\NaturalLanguage6.dll 2010-01-31 02:29 . 2008-10-22 03:57 241152 ——a-w- c:\windows\system32\PortableDeviceApi.dll 2010-01-31 02:29 . 2009-08-14 17:07 897608 ——a-w- c:\windows\system32\drivers\tcpip.sys 2010-01-31 02:29 . 2009-08-14 16:29 104960 ——a-w- c:\windows\system32\netiohlp.dll 2010-01-31 02:29 . 2009-08-14 14:16 27136 ——a-w- c:\windows\system32\NETSTAT.EXE 2010-01-31 02:29 . 2009-08-14 14:16 19968 ——a-w- c:\windows\system32\ARP.EXE 2010-01-31 02:29 . 2009-08-14 14:16 9728 ——a-w- c:\windows\system32\TCPSVCS.EXE 2010-01-31 02:29 . 2009-08-14 14:16 10240 ——a-w- c:\windows\system32\finger.exe 2010-01-31 02:29 . 2009-08-14 14:16 8704 ——a-w- c:\windows\system32\HOSTNAME.EXE 2010-01-31 02:29 . 2009-08-14 14:16 17920 ——a-w- c:\windows\system32\ROUTE.EXE . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-08 21:18 . 2010-02-01 17:27 27839 ——a-w- c:\programdata\nvModes.dat 2010-02-08 17:56 . 2008-01-21 05:51 77202 ——a-w- c:\windows\system32\perfc006.dat 2010-02-08 17:56 . 2008-01-21 05:51 463344 ——a-w- c:\windows\system32\perfh006.dat 2010-02-07 14:06 . 2008-04-20 11:44 ———— d——-w- c:\programdata\McAfee 2010-02-03 19:42 . 2010-02-03 19:42 56 —-ha-w- c:\programdata\ezsidmv.dat 2010-02-02 21:18 . 2008-04-20 12:21 ———— d——-w- c:\program files\Yahoo! 2010-02-02 21:18 . 2008-04-20 11:38 ———— d—h—w- c:\program files\InstallShield Installation Information 2010-02-02 21:18 . 2008-04-20 12:31 ———— d——-w- c:\program files\eSobi 2010-02-02 20:59 . 2008-04-20 11:31 ———— d——-w- c:\program files\Intel 2010-02-02 20:38 . 2008-04-20 11:38 319456 ——a-w- c:\windows\DIFxAPI.dll 2010-02-02 16:15 . 2010-02-02 16:15 38784 ——a-w- c:\users\Johan\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-02-02 16:15 . 2010-02-02 16:14 38784 ——a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-02-01 15:49 . 2008-04-20 11:54 ———— d——-w- c:\program files\Acer GameZone 2010-01-31 23:36 . 2008-04-20 12:08 ———— d——-w- c:\programdata\Microsoft Help 2010-01-31 23:35 . 2008-04-20 12:10 ———— d——-w- c:\program files\Microsoft Works 2010-01-31 20:16 . 2008-04-20 11:46 ———— d——-w- c:\programdata\SiteAdvisor 2010-01-31 20:09 . 2006-11-02 11:18 ———— d——-w- c:\program files\Windows Mail 2010-01-31 20:07 . 2006-11-02 10:25 665600 ——a-w- c:\windows\inf\drvindex.dat 2010-01-30 20:30 . 2010-01-30 19:59 ———— d——-w- c:\program files\Acer Inc 2010-01-30 20:28 . 2010-01-30 20:28 ———— d——-w- c:\users\Johan\AppData\Roaming\Acer 2010-01-30 20:28 . 2008-04-20 11:43 ———— d——-w- c:\program files\Acer 2010-01-30 20:27 . 2010-01-30 20:18 ———— d——-w- c:\program files\Acer Arcade Deluxe 2010-01-30 20:25 . 2010-01-30 20:23 ———— d——-w- c:\programdata\CyberLink 2010-01-30 19:36 . 2010-01-30 19:36 ———— d-sh—we c:\programdata\Skrivebord 2010-01-30 19:36 . 2010-01-30 19:36 ———— d-sh—we c:\programdata\Skabeloner 2010-01-30 19:36 . 2010-01-30 19:36 ———— d-sh—we c:\programdata\Menuen Start 2010-01-30 19:36 . 2010-01-30 19:36 ———— d-sh—we c:\programdata\Favoritter 2010-01-30 19:36 . 2010-01-30 19:36 ———— d-sh—we c:\programdata\Dokumenter 2010-01-30 19:36 . 2010-01-30 19:36 ———— d-sh—we c:\program files\Fælles filer 2010-01-04 16:02 . 2010-01-04 16:02 27984 ——a-w- c:\windows\system32\sbbd.exe 2009-12-18 13:05 . 2010-01-31 02:30 833024 ——a-w- c:\windows\system32\wininet.dll 2009-12-18 13:01 . 2010-01-31 02:30 78336 ——a-w- c:\windows\system32\ieencode.dll 2009-12-18 10:14 . 2010-01-31 02:30 26624 ——a-w- c:\windows\system32\ieUnatt.exe 2009-11-12 16:07 . 2009-11-12 16:07 79144 ——a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @=”{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}” [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 21:38 121392 ——a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “msnmsgr”=“c:\program files\Windows Live\Messenger\msnmsgr.exe” [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Windows Defender”=“c:\program files\Windows Defender\MSASCui.exe” [2008-01-21 1008184] “SynTPEnh”=“c:\program files\Synaptics\SynTP\SynTPEnh.exe” [2008-01-18 1033512] “NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2008-03-07 13527584] “NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2008-03-07 92704] “PLFSetI”=“c:\windows\PLFSetI.exe” [2007-10-23 200704] “LManager”=“c:\progra~1\LAUNCH~1\LManager.exe” [2008-03-13 805384] “CLMLServer”=“c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe” [2008-03-05 167936] “PlayMovie”=“c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe” [2008-03-04 167936] “ArcadeDeluxeAgent”=“c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe” [2008-03-05 147456] “TkBellExe”=“c:\program files\Common Files\Real\Update_OB\realsched.exe” [2010-02-05 198160] “SBAMTray”=“c:\program files\Sunbelt Software\VIPRE\SBAMTray.exe” [2010-01-04 959824] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “EnableUIADesktopToggle”= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000] 2010-01-30 19:50 3024384 ——a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc] @=“Service” [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @=“Service” [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk backup=c:\windows\pss\Acer VCM.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk backup=c:\windows\pss\BTTray.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2009-12-11 14:57 948672 ——a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2009-12-22 00:57 35760 ——a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray] 2008-02-25 16:57 34040 ——a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio] 2008-03-07 01:36 544768 ——a-w- c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader] 2008-03-04 21:38 526896 ——a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC] 2008-03-11 17:30 397312 ——a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-01-31 21:46 135664 ——atw- c:\users\Johan\AppData\Local\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2007-10-03 13:44 178712 ——a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-11-12 15:33 141600 ——a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-07-26 15:44 3883856 ——a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 22:08 417792 ——a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-01-11 14:21 246504 ——a-w- c:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp] 2008-01-29 08:03 303104 ——a-w- c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZPdtWzdVitaKey MC3000] 2010-01-30 19:50 3642368 ——a-w- c:\program files\Acer\Acer Bio Protection\PdtWzd.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] “DisableMonitoring”=dword:00000001 R0 AlfaFF;AlfaFF File System mini-filter;c:\windows\System32\drivers\AlfaFF.sys [30-01-2010 20:50 43184] R1 SBRE;SBRE;c:\windows\System32\drivers\SBREDrv.sys [13-10-2009 08:22 95024] R1 sbtis;sbtis;c:\windows\System32\drivers\sbtis.sys [07-02-2010 15:15 203056] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [30-01-2010 21:24 41456] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [25-02-2008 17:57 21752] R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [30-01-2010 21:27 81504] R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [20-04-2008 12:43 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [25-02-2008 01:02 49152] R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [30-01-2010 21:27 122368] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [25-02-2008 17:53 131072] R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [30-01-2010 21:28 233472] R2 SBAMSvc;VIPRE Antivirus + Antispyware;c:\program files\Sunbelt Software\VIPRE\SBAMSvc.exe [04-01-2010 17:02 1012080] R2 sbapifs;sbapifs;c:\windows\System32\drivers\sbapifs.sys [10-08-2009 19:06 69936] R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [12-01-2010 15:57 185640] R3 itecir;ITECIR Infrared Receiver;c:\windows\System32\drivers\itecir.sys [20-04-2008 12:42 54784] R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17-11-2008 07:40 3668480] R3 vfs101x;vfs101x;c:\windows\System32\drivers\vfs101x.sys [15-02-2008 09:09 40752] . Indhold af mappen ‘Planlagte Opgaver’ 2010-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-686116719-5241088-2064858995-1000Core.job - c:\users\Johan\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-31 21:46] 2010-02-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-686116719-5241088-2064858995-1000UA.job - c:\users\Johan\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-31 21:46] . . ———- Yderligere scanning———- . uStart Page = hxxp://da.intl.acer.yahoo.com mStart Page = hxxp://da.intl.acer.yahoo.com uInternet Settings,ProxyOverride = .local IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send billede til &Bluetooth;-enhed… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send siden til &Bluetooth;-enhed… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm . - - - - TOMME GENVEJE FJERNET - - - - HKLM-Run-eRecoveryService - (no file) *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-02-09 17:02 Windows 6.0.6001 Service Pack 1 NTFS scanner skjulte processer ... scanner skjulte autostarter ... scanner skjulte filer ... scanning gennemført med succes skjulte filer: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] “ImagePath”=”\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl” .——————————- LÅSTE REGISTRERINGS NØGLER——————————- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) “BlindDial”=dword:00000000 “MSCurrentCountry”=dword:000000b5 .——————————- DLLs startet under kørende Processer——————————- - - - - - - - > ‘Explorer.exe’(648) c:\program files\Sunbelt Software\VIPRE\oehook.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\windows\system32\btncopy.dll .————————————Andre kørende processer———————————— . c:\windows\system32\nvvsvc.exe c:\windows\system32\vfsFPService.exe c:\windows\system32\WLANExt.exe c:\windows\system32\rundll32.exe c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe c:\windows\system32\agrsmsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\program files\Intel\WiFi\bin\EvtEng.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\program files\Cyberlink\Shared files\RichVideo.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\conime.exe c:\program files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe . ************************************************************************ . Gennemført tid: 2010-02-09 17:12:08 - maskinen blev genstartet ComboFix-quarantined-files.txt 2010-02-09 16:12 Pre-Kørsel: 56.979.673.088 byte ledig Post-Kørsel: 56.438.206.464 byte ledig - - End Of File - - CD36EF9389C12A9FDAD44968DD31707B Har set nogle af de nuværende svar igennem og har dermed set, at det er en god idé at køre med AntiMalware bytes, hvilket jeg også har gjort nu. Loggen for denne scanning ser således ud: Malwarebytes’ Anti-Malware 1.44 Database version: 3709 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 09-02-2010 07:48:54 mbam-log-2010-02-09 (07-48-54).txt Skan type: Fuldstændig skanning (C:\\|D:\\|) Objekter skannet: 257054 Tid tilbagelagt: 1 hour(s), 10 minute(s), 57 second(s) Inficerede Hukommelses Processer: 0 Inficerede Hukommelses Moduler: 0 Inficerede Registeringsdatabase Nøgler: 0 Inficerede Registeringsdatabase Værdier: 0 Inficerede Registeringsdatabase Filer: 0 Inficerede Mapper: 0 Inficerede Filer: 0 Inficerede Hukommelses Processer: (Ingen mistænkelige filer fundet) Inficerede Hukommelses Moduler: (Ingen mistænkelige filer fundet) Inficerede Registeringsdatabase Nøgler: (Ingen mistænkelige filer fundet) Inficerede Registeringsdatabase Værdier: (Ingen mistænkelige filer fundet) Inficerede Registeringsdatabase Filer: (Ingen mistænkelige filer fundet) Inficerede Mapper: (Ingen mistænkelige filer fundet) Inficerede Filer: (Ingen mistænkelige filer fundet) Jeg har ingen P2P programmer e.l. installeret, og hvis de findes er det klart en fejl. Mvh. Johan Klitgård
[ Ignorer ] [ # 3 ] Magic Spywarefri
10.02.2010 06:08:19 Administrator Team Spywarefri Antal indlæg: 26199	Det ser egentlig godt nok ud. Fortæl lige hvordan tingene kører nu ? Signatur Medlem af: Alliance of Security Analysis Professionals
[ Ignorer ] [ # 4 ] JokkenEnterprises
10.02.2010 15:35:54 Helt nyt medlem Antal indlæg: 7	Ingen forskel desværre :s Benytter mig af VIPRE Antivirus&Spyware;, som er et købeprogram (http://www.vipreantivirus.com/) Jeg har Intel Core2 Duo prossesor med T5750 CPU dertil 2.00GHz, 4GB RAM og NVIDIA GeForce 9500M GS grafikkort. Tror du måske det er mine drivers, der er noget galt med? I så fald hvad kan jeg gøre for at få de nyeste drivers til min computer? Mvh. Johan Klitgård
[ Ignorer ] [ # 5 ] JokkenEnterprises
10.02.2010 21:37:19 Helt nyt medlem Antal indlæg: 7	Jeg prøvede i dag med en systemscan via Command Promt; Den velkendte Scf /scannow mislykkedes. Den skrev fejl?:O http://picpanda.com/images/v6s2w39jc77ithcy2wnq.jpg Jeg begynder at fornemme, at der er noget galt. Hvad tror du, det er? Mvh. Johan Klitgård
[ Ignorer ] [ # 6 ] JokkenEnterprises
13.02.2010 12:24:05 Helt nyt medlem Antal indlæg: 7	Er der nogle bud folkens?:) Mvh. Johan Klitgård
[ Ignorer ] [ # 7 ] JokkenEnterprises
17.02.2010 21:41:40 Helt nyt medlem Antal indlæg: 7	Hmm… Der er ikke nogle, der gider at hjælpe eller hvordan?:( I kan da i det mindste sige, at i ikke kan fixe mit problem, hvis det forholder sig således..?
[ Ignorer ] [ # 8 ] FBJ Emeritus
18.02.2010 19:32:16 Redaktør Supporter Emeritus Antal indlæg: 16740	Hejsa Du har ret - vi burde sige, at vi er løbet tør for ideer. Beklager… Du siger, at du har formatteret computeren flere gange - og det har ikke hjulpet. Hvis din computer, ganske ren, nyformatteret og nyinstalleret er væsentlig langsommere end din kammerats tilsvarende computer så lyder det for mig som om, at det er hardwaren som den er gal med (og sådan et problem kan vi ikke fixe). Har du mulighed for at bringe den tilbage til forhandleren eller er den ikke længere under garanti? Signatur Gode råd om sikkerhed….