Gå til innhold

hjelp med ComboFix

fsx

Av fsx
i IKT-drift og sikkerhet

Anbefalte innlegg

Videoannonse

Videoannonse
Annonse
fsx

fsx

Skrevet
  • Forfatter
Skrevet
hei jeg tenkte og kjøre ComboFix men sletter den viktige dataer?. kan jeg kjøre den uten det blir feil på systemet??

Hvorfor skal du kjøre combofix?

slette virus men når jeg starter den sletter den vel ting i system32 :thumbdown:

Hvis det er noe der som ikke skal være der så gjør den det. Du burde kjøre mbam først. Se i signaturen min.

hei jeg har mbram malware -

Lenke til kommentar
Bruker-158599

Bruker-158599

Skrevet
Skrevet
hei jeg tenkte og kjøre ComboFix men sletter den viktige dataer?. kan jeg kjøre den uten det blir feil på systemet??

Hvorfor skal du kjøre combofix?

slette virus men når jeg starter den sletter den vel ting i system32 :thumbdown:

Hvis det er noe der som ikke skal være der så gjør den det. Du burde kjøre mbam først. Se i signaturen min.

hei jeg har mbram malware -

Kjør mbam og slett det den finner så poster du logg.

Lenke til kommentar
fsx

fsx

Skrevet
  • Forfatter
Skrevet
Hei!

 

Combofix er det kraftigste verktøy her på forumet og vill ikke slette noen filer.

Den vil opprette en logg som du må poste her slik at vi kan se igjen om den og gi deg beskjed hva du skal gjøre.

Hvis du har tenkt til å slette virus osv... så kan du kjøre disse programmene:

Malwarebytes Anti-Malware (MBAM)

SuperAntiSpyware (SAS)

 

Håper jeg kunne hjelpe :)

ok men sletter den ikke ting system32 også

Lenke til kommentar
fsx

fsx

Skrevet
  • Forfatter
Skrevet

har er loggen kjørt av combofix..

 

ComboFix 09-09-14.02 - younas 16.09.2009 20:35.1.3 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1044.18.3326.1563 [GMT 2:00]

Kjører fra: c:\users\younas\Desktop\ComboFix.exe

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

* Anti-virus er aktiv

 

.

 

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\$recycle.bin\S-1-5-21-4288147535-3973791172-4071292720-500

 

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-08-16 til 2009-09-16 )))))))))))))))))))))))))))))))))

.

 

2009-09-16 18:49 . 2009-09-16 18:49 -------- d-----w- c:\users\Default\AppData\Local\temp

2009-09-10 11:11 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys

2009-09-10 11:11 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll

2009-09-10 11:11 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE

2009-09-10 11:11 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

2009-09-10 11:11 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE

2009-09-10 11:11 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE

2009-09-10 11:11 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE

2009-09-10 11:11 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe

2009-09-10 11:11 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE

2009-09-10 11:11 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll

2009-09-10 11:10 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll

2009-09-10 11:10 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll

2009-09-10 11:10 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll

2009-09-10 11:10 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll

2009-09-10 11:10 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll

2009-09-08 12:53 . 2009-09-08 12:53 -------- d-----w- c:\programdata\SiteAdvisor

2009-09-08 12:53 . 2009-09-08 12:53 -------- d-----w- c:\program files\SiteAdvisor

2009-09-08 12:50 . 2009-07-08 11:44 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2009-09-08 12:50 . 2009-07-08 11:44 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys

2009-09-08 12:50 . 2009-07-08 11:44 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2009-09-08 12:50 . 2009-07-16 10:32 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys

2009-09-08 12:50 . 2009-09-08 12:50 -------- d-----w- c:\program files\Common Files\McAfee

2009-09-08 12:50 . 2009-09-14 17:15 -------- d-----w- c:\program files\McAfee

2009-09-08 12:48 . 2009-07-08 11:43 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys

2009-09-08 12:37 . 2009-09-08 16:19 -------- d-----w- c:\programdata\McAfee

2009-09-08 12:12 . 2004-09-07 04:14 279624 ----a-w- c:\windows\system32\mcgdmgr.dll

2009-09-08 12:12 . 2009-09-08 12:50 -------- d-----w- c:\program files\McAfee.com

2009-09-08 12:12 . 2004-10-04 10:29 341064 ----a-w- c:\windows\system32\mcinsctl.dll

2009-09-07 13:37 . 2009-09-07 13:37 -------- d-----w- c:\users\younas\AppData\Roaming\Creative

2009-09-07 13:35 . 2009-09-08 08:01 -------- d-----w- c:\programdata\Creative

2009-09-07 13:28 . 2006-10-06 06:17 53248 ------w- c:\windows\Ctregrun.exe

2009-09-07 13:26 . 2006-11-10 01:00 126976 ----a-w- c:\windows\system32\V0330Vfw.dll

2009-09-07 13:26 . 2007-08-08 05:48 157696 ----a-w- c:\windows\system32\drivers\V0330Vid.sys

2009-09-07 13:26 . 2007-06-14 01:52 90112 ----a-w- c:\windows\CtDrvIns.exe

2009-09-07 13:26 . 2007-04-30 01:10 266240 ----a-w- c:\windows\system32\V0330Cvw.dll

2009-09-07 13:26 . 2007-04-30 01:03 32768 ----a-w- c:\windows\V0330Mon.exe

2009-09-07 13:26 . 2007-04-26 01:10 32768 ----a-w- c:\windows\system32\V0330Hwx.dll

2009-09-07 13:26 . 2007-04-25 01:10 20480 ----a-w- c:\windows\system32\V0330Srv.exe

2009-09-07 13:26 . 2007-04-24 01:10 36864 ----a-w- c:\windows\system32\V0330Pin.dll

2009-09-07 13:26 . 2007-04-24 01:10 20480 ----a-w- c:\windows\V0330Cfg.exe

2009-09-07 13:26 . 2006-12-13 02:35 4516 ----a-w- c:\windows\system32\drivers\V0330STB.SYS

2009-09-07 13:26 . 2005-07-07 01:07 36864 ----a-w- c:\windows\system32\CtCamMgr.dll

2009-09-07 12:55 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe

2009-09-07 12:54 . 2009-09-07 13:28 -------- d-----w- c:\program files\Creative

2009-09-05 16:18 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll

2009-09-05 16:18 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll

2009-09-05 16:18 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll

2009-09-05 16:18 . 2009-09-05 16:18 -------- d-----w- c:\program files\Alwil Software

2009-09-05 15:39 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-09-05 14:26 . 2009-09-05 14:26 0 ----a-w- c:\windows\nsreg.dat

2009-09-05 14:26 . 2009-09-05 14:26 -------- d-----w- c:\users\younas\AppData\Local\Mozilla

2009-09-03 18:38 . 2009-09-03 18:38 -------- d-----w- c:\programdata\Trymedia

2009-09-03 15:23 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2009-09-03 15:23 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2009-09-01 19:01 . 2009-09-01 19:01 -------- d-----w- c:\programdata\Office Genuine Advantage

2009-09-01 16:51 . 2009-09-01 16:51 -------- d-----w- c:\users\younas\AppData\Roaming\Template

2009-09-01 12:50 . 2009-03-08 11:33 18944 ----a-w- c:\windows\system32\corpol.dll

2009-09-01 12:49 . 2009-09-01 12:49 -------- d-----w- c:\users\younas\AppData\Local\Microsoft Help

2009-09-01 12:24 . 2009-09-01 12:24 680 ----a-w- c:\users\younas\AppData\Local\d3d9caps.dat

2009-08-31 19:07 . 2009-08-31 19:07 -------- d-----w- c:\users\younas\AppData\Roaming\PeerNetworking

2009-08-30 08:30 . 2009-08-30 08:30 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2009-08-29 20:20 . 2008-04-16 10:57 42552 ----a-w- c:\windows\system32\drivers\ale_nf.sys

2009-08-29 11:50 . 2009-08-29 11:50 -------- d-----w- c:\program files\MSXML 4.0

2009-08-29 11:50 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll

2009-08-29 11:25 . 2009-08-29 11:25 -------- d-----w- c:\users\younas\AppData\Roaming\Nero

2009-08-28 22:09 . 2008-01-21 02:24 638976 ----a-w- c:\windows\system32\win_utilman.exe

2009-08-28 22:08 . 2009-08-28 22:08 -------- d-----w- c:\users\younas\AppData\Local\Apps

2009-08-28 19:46 . 2009-08-28 19:46 -------- d-----w- c:\users\younas\AppData\Roaming\Packard Bell

2009-08-28 18:24 . 2009-09-01 15:05 -------- d-----w- C:\FSXTMP

2009-08-28 18:06 . 2009-09-05 20:15 -------- d-----w- c:\users\younas\AppData\Local\Adobe

2009-08-28 18:06 . 2009-08-28 18:06 -------- d-----w- c:\programdata\FLEXnet

2009-08-28 17:41 . 2009-09-16 14:32 -------- d-----w- c:\users\younas\Tracing

2009-08-28 17:35 . 2009-09-07 20:58 -------- d-----w- c:\users\younas\AppData\Local\Microsoft Games

2009-08-28 17:27 . 2009-08-28 17:27 -------- d-----w- c:\users\younas\AppData\Local\Ahead

2009-08-28 17:25 . 2009-08-28 17:25 -------- d-----w- c:\programdata\Nero

2009-08-28 17:25 . 2009-08-28 17:25 -------- d-----w- c:\program files\Nero

2009-08-28 17:25 . 2009-08-28 17:26 -------- d-----w- c:\program files\Common Files\Nero

2009-08-28 17:19 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll

2009-08-28 17:05 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll

2009-08-28 17:05 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2009-08-28 17:05 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2009-08-28 17:05 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll

2009-08-28 17:05 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe

2009-08-28 17:05 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2009-08-28 17:05 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe

2009-08-28 17:00 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll

2009-08-28 17:00 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll

2009-08-28 17:00 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll

2009-08-28 17:00 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll

2009-08-28 17:00 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

2009-08-28 16:58 . 2008-06-06 03:27 38912 ----a-w- c:\windows\system32\xolehlp.dll

2009-08-28 16:58 . 2008-06-06 03:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll

2009-08-28 16:58 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll

2009-08-28 16:58 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll

2009-08-28 16:58 . 2009-08-28 16:58 -------- d-----w- c:\users\younas\AppData\Local\Symantec

2009-08-28 16:57 . 2008-07-16 12:00 487424 ----a-w- c:\windows\system32\INT15.dll

2009-08-28 16:57 . 2008-07-16 11:56 17952 ----a-w- c:\windows\system32\drivers\int15_64.sys

2009-08-28 16:57 . 2008-07-16 11:56 15392 ----a-w- c:\windows\system32\drivers\int15.sys

2009-08-28 16:56 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll

2009-08-28 16:56 . 2008-12-16 02:42 288768 ----a-w- c:\windows\system32\drivers\srv.sys

2009-08-28 16:54 . 2009-08-28 16:54 -------- d-----w- c:\program files\DIFX

2009-08-28 16:54 . 2009-08-28 16:54 -------- d-----w- c:\program files\YUAN

2009-08-28 16:54 . 2009-09-07 20:28 71648 ----a-w- c:\users\younas\AppData\Local\GDIPFONTCACHEV1.DAT

2009-08-28 16:54 . 2009-09-05 15:36 -------- d-----w- c:\users\younas\AppData\Local\Packard Bell

2009-08-28 16:54 . 2009-08-28 16:54 -------- d-----w- c:\programdata\NVIDIA

2009-08-28 16:52 . 2008-10-29 06:29 2927104 ----a-w- c:\windows\explorer.exe

2009-08-28 16:48 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll

2009-08-28 16:47 . 2009-08-28 16:47 56 ---ha-w- c:\windows\system32\ezsidmv.dat

2009-08-28 16:47 . 2008-02-03 10:00 290248 ----a-w- c:\windows\system32\ezsvc7x.dll

2009-08-28 16:47 . 2008-02-03 10:00 129992 ----a-w- c:\windows\system32\ezsvc7.dll

2009-08-28 16:47 . 2009-08-28 16:47 8172 ----a-w- c:\windows\system32\ezdigsgn.dat

2009-08-28 16:47 . 2009-08-28 16:47 91136 ----a-w- c:\windows\system32\ezUninst.exe

2009-08-28 16:47 . 2009-08-28 16:47 49152 ----a-w- c:\windows\system32\ezUPBHook.dll

2009-08-28 16:47 . 2009-08-28 16:47 268288 ----a-w- c:\windows\system32\ezSetup.exe

2009-08-28 16:47 . 2009-08-28 16:47 15872 ----a-w- c:\windows\system32\ezMAPIHelper.exe

2009-08-28 16:47 . 2009-08-28 16:47 111104 ----a-w- c:\windows\system32\ezShellStart.exe

2009-08-28 16:44 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll

2009-08-28 16:44 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe

2009-08-28 16:44 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll

2009-08-28 16:44 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll

2009-08-28 16:44 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll

2009-08-28 16:44 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll

2009-08-28 16:44 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll

2009-08-28 16:44 . 2008-10-16 12:08 162064 ----a-w- c:\windows\system32\wuwebv.dll

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-16 17:19 . 2009-02-20 06:56 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-09-16 17:04 . 2009-09-16 15:25 -------- d-----w- c:\program files\Pando Networks

2009-09-16 16:13 . 2009-09-16 16:13 -------- d-----w- c:\program files\GamersFirst

2009-09-16 16:12 . 2009-09-16 15:27 608744450 ----a-w- c:\program files\WarRock20081102.exe

2009-09-16 12:37 . 2008-01-21 06:14 76272 ----a-w- c:\windows\system32\perfc014.dat

2009-09-16 12:37 . 2008-01-21 06:14 452088 ----a-w- c:\windows\system32\perfh014.dat

2009-09-14 19:39 . 2009-09-14 19:39 -------- d-----w- c:\users\younas\AppData\Roaming\Malwarebytes

2009-09-14 19:39 . 2009-09-14 19:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-09-14 19:39 . 2009-09-14 19:39 -------- d-----w- c:\programdata\Malwarebytes

2009-09-14 07:21 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-09-10 12:54 . 2009-09-14 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-09-10 12:53 . 2009-09-14 19:39 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-09-07 13:25 . 2009-02-20 06:56 -------- d-----w- c:\program files\Common Files\InstallShield

2009-09-03 19:45 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games

2009-09-01 12:49 . 2009-02-20 07:06 -------- d-----w- c:\programdata\Microsoft Help

2009-09-01 12:22 . 2009-02-20 07:26 -------- d-----w- c:\programdata\Norton

2009-08-30 08:33 . 2009-02-20 07:09 -------- d-----w- c:\program files\Microsoft Works

2009-08-29 17:54 . 2009-02-20 07:18 -------- d-----w- c:\program files\Google

2009-08-29 11:27 . 2009-08-29 11:27 0 ----a-w- c:\users\younas\AppData\Roaming\wklnhst.dat

2009-08-28 22:18 . 2009-02-20 14:36 -------- d-----w- c:\program files\PACKARD BELL

2009-08-28 17:30 . 2009-02-20 07:26 -------- d-----w- c:\programdata\Symantec

2009-08-28 16:59 . 2009-08-28 16:59 0 ----a-w- c:\windows\system32\drivers\PACKARDBELLBV_IMEDIAA5520NCD_1.0_PTU090X0199220AE662700.MRK

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Start-meny

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Skrivebord

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Programdata

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Maler

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Favoritter

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Dokumenter

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\program files\Fellesfiler

2009-08-28 16:37 . 2009-08-28 16:37 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll

2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll

2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe

2009-07-21 21:52 . 2009-09-01 12:51 915456 ----a-w- c:\windows\system32\wininet.dll

2009-07-21 21:47 . 2009-09-01 12:51 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-07-21 21:47 . 2009-09-01 12:51 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-07-21 20:13 . 2009-09-01 12:51 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-07-14 13:00 . 2009-08-28 16:55 313344 ----a-w- c:\windows\system32\wmpdxm.dll

2009-07-14 12:59 . 2009-08-28 16:55 4096 ----a-w- c:\windows\system32\dxmasf.dll

2009-07-14 12:58 . 2009-08-28 16:55 7680 ----a-w- c:\windows\system32\spwmp.dll

2009-07-14 10:59 . 2009-08-28 16:55 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2009-07-08 11:44 . 2009-07-08 11:44 214024 ----a-w- c:\windows\system32\drivers\mfehidk.sys

.

 

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-04-28 1828136]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-28 68856]

"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-21 192000]

"CTRegRun"="c:\windows\CTRegRun.EXE" [2006-10-06 53248]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-21 2153472]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]

"FujiKeyboard"="c:\acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe" [2008-09-18 79416]

"SmpcSys"="c:\program files\Packard Bell\SetupMyPC\SmpSys.exe" [2008-07-07 1038136]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13584928]

"V0330Mon.exe"="c:\windows\V0330Mon.exe" [2007-04-30 32768]

"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-09 645328]

"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-07 1176808]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-09-10 420176]

"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-03-26 5369856]

"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"HideFastUserSwitching"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

SetupExecute REG_MULTI_SZ

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{064FC79D-7C6E-4B0C-934C-C40CA33A132C}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server

"{0C1CC5C5-06EE-4469-BD63-61D2474088D6}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server

"{BE48E75D-A499-420A-8BC2-456B520E0CEE}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{AE26182E-CE6E-4F7D-B339-14E98A7F36A7}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{0C9B59A7-CAE6-4AEA-9751-3E3A46A79076}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

"{63C63D0B-2C30-41E9-88DD-54005F239712}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

 

R2 ETService;Empowering Technology Service;c:\program files\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe [28.08.2009 18:57 24576]

R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21.01.2008 04:23 21504]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.09.2009 21:39 269648]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [08.09.2009 14:52 203280]

R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [14.09.2009 21:39 19160]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [14.09.2009 21:39 38224]

R3 V0330VID;WebCam Vista/Live! Cam Chat;c:\windows\System32\drivers\V0330Vid.sys [07.09.2009 15:26 157696]

S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [11.09.2007 01:45 124832]

 

--- Andre tjenester/drivere lastet i minnet ---

 

*NewlyCreated* - MBAMPROTECTOR

*NewlyCreated* - MBAMSWISSARMY

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

 

2009-09-16 c:\windows\Tasks\Malwarebytes' Scheduled Scan for younas.job

- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-14 12:53]

 

2009-09-16 c:\windows\Tasks\Malwarebytes' Scheduled Update for younas.job

- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-14 12:53]

 

2009-09-08 c:\windows\Tasks\McDefragTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-08 19:26]

 

2009-09-08 c:\windows\Tasks\McQcTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-08 19:26]

.

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&s=1&o=vp32&d=0809&m=imedia_a5520_ncd

mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&s=1&o=vp32&d=0809&m=imedia_a5520_ncd

FF - ProfilePath - c:\users\younas\AppData\Roaming\Mozilla\Firefox\Profiles\mjk4uvlu.default\

FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

 

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

.

- - - - TOMME PEKERE FJERNET - - - -

 

HKLM-Run-NPCTray - c:\program files\Norman\npc\bin\npc_tray.exe

HKLM-Run-eRecoveryService - (no file)

AddRemove-Creative VF0330 - c:\windows\CtDrvIns.exe -uninstall -script VF0330.uns -unsext NT -plugin V0330Pin.dll

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-09-16 20:49

Windows 6.0.6001 Service Pack 1 NTFS

 

skanner skjulte prosesser ...

 

skanner skjulte autostart-oppføringer ...

 

skanner skjulte filer ...

 

skanning vellykket

skjulte filer: 0

 

**************************************************************************

.

Tidspunkt ferdig: 2009-09-16 20:53

ComboFix-quarantined-files.txt 2009-09-16 18:53

 

Pre-Run: 520 819 191 808 byte ledig

Post-Run: 520 428 322 816 byte ledig

 

288 --- E O F --- 2009-09-15 12:43

Lenke til kommentar
fsx

fsx

Skrevet
  • Forfatter
Skrevet
Hei!

 

Combofix er det kraftigste verktøy her på forumet og vill ikke slette noen filer.

Den vil opprette en logg som du må poste her slik at vi kan se igjen om den og gi deg beskjed hva du skal gjøre.

Hvis du har tenkt til å slette virus osv... så kan du kjøre disse programmene:

Malwarebytes Anti-Malware (MBAM)

SuperAntiSpyware (SAS)

 

Håper jeg kunne hjelpe :)

ok men sletter den ikke ting system32 også

Hvis det ligger ting i system 32 som ikke skal være der så sletter den det.

ok det er bra så den sletter bare ting som ikke skal være dær?

Lenke til kommentar
Bruker-158599

Bruker-158599

Skrevet
Skrevet
Hei!

 

Combofix er det kraftigste verktøy her på forumet og vill ikke slette noen filer.

Den vil opprette en logg som du må poste her slik at vi kan se igjen om den og gi deg beskjed hva du skal gjøre.

Hvis du har tenkt til å slette virus osv... så kan du kjøre disse programmene:

Malwarebytes Anti-Malware (MBAM)

SuperAntiSpyware (SAS)

 

Håper jeg kunne hjelpe :)

ok men sletter den ikke ting system32 også

Hvis det ligger ting i system 32 som ikke skal være der så sletter den det.

ok det er bra så den sletter bare ting som ikke skal være dær?

Ja, det stemmer. Den sletter det den vet den kan slette, så kommer det noen å analyserer loggen som du har lagt ut og sletter det de finner. :)

Lenke til kommentar
fsx

fsx

Skrevet
  • Forfatter
Skrevet
Hei!

 

Combofix er det kraftigste verktøy her på forumet og vill ikke slette noen filer.

Den vil opprette en logg som du må poste her slik at vi kan se igjen om den og gi deg beskjed hva du skal gjøre.

Hvis du har tenkt til å slette virus osv... så kan du kjøre disse programmene:

Malwarebytes Anti-Malware (MBAM)

SuperAntiSpyware (SAS)

 

Håper jeg kunne hjelpe :)

ok men sletter den ikke ting system32 også

Hvis det ligger ting i system 32 som ikke skal være der så sletter den det.

ok jeg kjørte system søk på MBRAM eller hva det heter. også kjørte jeg mcafee di to antivirus programene fant ingenting skal jeg kjøre ComboFix eller

ok det er bra så den sletter bare ting som ikke skal være dær?

Ja, det stemmer. Den sletter det den vet den kan slette, så kommer det noen å analyserer loggen som du har lagt ut og sletter det de finner. :)

Lenke til kommentar
fsx

fsx

Skrevet
  • Forfatter
Skrevet
Loggen viser ikke noe malware. Har du mistanke om noe?

ja pc jobber lit treigt for tiden. er det fordi jeg har så manga antivirus programer ??

Ja, du skal bare la ett kjøre om gangen og ha et instalert om gangen.De kan begynne å krangle. Mbam er ikke et antivirusprogram vis du lurer på det.

 

Avinstaler de andre antivirus programmene dine og behold ett.

ehh.. egentlig crasher pc for at jeg har for manga antivirus programer men dete er ny pc vil være godt beskytet mot virus

Lenke til kommentar
Bruker-158599

Bruker-158599

Skrevet
Skrevet
Loggen viser ikke noe malware. Har du mistanke om noe?

ja pc jobber lit treigt for tiden. er det fordi jeg har så manga antivirus programer ??

Ja, du skal bare la ett kjøre om gangen og ha et instalert om gangen.De kan begynne å krangle. Mbam er ikke et antivirusprogram vis du lurer på det.

 

Avinstaler de andre antivirus programmene dine og behold ett.

ehh.. egentlig crasher pc for at jeg har for manga antivirus programer men dete er ny pc vil være godt beskytet mot virus

Det gjør det bare værre å ha så mange da. Det er ikke anbefalt. Avinstaler alle untatt ett, det samme gjelder brannmurer.

 

Ja, det er derfor den er så treg.

Lenke til kommentar
fsx

fsx

Skrevet
  • Forfatter
Skrevet (endret)
Loggen viser ikke noe malware. Har du mistanke om noe?

ja pc jobber lit treigt for tiden. er det fordi jeg har så manga antivirus programer ??

Ja, du skal bare la ett kjøre om gangen og ha et instalert om gangen.De kan begynne å krangle. Mbam er ikke et antivirusprogram vis du lurer på det.

 

Avinstaler de andre antivirus programmene dine og behold ett.

ehh.. egentlig crasher pc for at jeg har for manga antivirus programer men dete er ny pc vil være godt beskytet mot virus

Det gjør det bare værre å ha så mange da. Det er ikke anbefalt. Avinstaler alle untatt ett, det samme gjelder brannmurer.

 

Ja, det er derfor den er så treg.

ok men når jeg trykks avslutt på MBRAM eller hva det heter. da funka pc igjen uten at den crasha

Endret av fsx
Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste

  • Hvem er aktive   0 medlemmer

    • Ingen innloggede medlemmer aktive
×
×
  • Opprett ny...