Kan noen se på log

[jom2]

 

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 09/02/2008 at 12:29 PM

 

Application Version : 4.20.1046

 

Core Rules Database Version : 3554

Trace Rules Database Version: 1542

 

Scan type : Quick Scan

Total Scan Time : 00:51:42

 

Memory items scanned : 685

Memory threats detected : 0

Registry items scanned : 410

Registry threats detected : 0

File items scanned : 17859

File threats detected : 0

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:56:44, on 02.09.2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Windows\system32\WerCon.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Eraser\Eraser.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Windows\system32\conime.exe

C:\Windows\Explorer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.adressa.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O1 - Hosts: ::1 localhost

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKLM\..\Run: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

O4 - HKCU\..\Run: [switcher] "C:\Program Files\Switcher\Switcher.exe" /quiet

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE')

O4 - Startup: CCC.lnk = ?

O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvkoo.com/update/KooPlayer.ocx

O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} (KooPlayer Control) - http://www.tvkoo.com/update/UKooPlayer.ocx

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

 

--

End of file - 7420 bytes

 

 

 

 

ComboFix 08-09-01.01 - Mona 2008-09-02 12:41:32.2 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1044.18.1035 [GMT 2:00]

Running from: C:\Users\M\Desktop\ComboFix.exe

* Created a new restore point

.

 

((((((((((((((((((((((((( Files Created from 2008-08-02 to 2008-09-02 )))))))))))))))))))))))))))))))

.

 

2008-09-02 11:28 . 2008-09-02 11:28 <DIR> d--hs---- C:\found.000

2008-09-02 10:12 . 2008-09-02 10:12 <DIR> d-------- C:\Program Files\SUPERAntiSpyware

2008-09-02 10:11 . 2008-09-02 10:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard

2008-09-02 10:02 . 2008-09-02 10:02 <DIR> d-------- C:\Program Files\Yahoo!

2008-09-02 09:40 . 2008-09-02 09:40 <DIR> d-------- C:\Users\M\AppData\Roaming\Malwarebytes

2008-09-02 09:40 . 2008-09-02 09:40 <DIR> d-------- C:\Users\All Users\Malwarebytes

2008-09-02 09:40 . 2008-09-02 09:40 <DIR> d-------- C:\ProgramData\Malwarebytes

2008-09-02 09:40 . 2008-09-02 09:40 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-09-02 09:40 . 2008-09-02 00:16 38,528 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys

2008-09-02 09:40 . 2008-09-02 00:16 17,200 --a------ C:\Windows\System32\drivers\mbam.sys

2008-08-25 20:02 . 2008-07-16 03:32 2,048 --a------ C:\Windows\System32\tzres.dll

2008-08-24 18:32 . 2008-06-27 03:55 1,383,424 --a------ C:\Windows\System32\mshtml.tlb

2008-08-24 18:32 . 2008-06-27 06:15 827,392 --a------ C:\Windows\System32\wininet.dll

2008-08-24 18:32 . 2008-04-10 07:12 738,304 --a------ C:\Windows\System32\inetcomm.dll

2008-08-24 18:32 . 2008-06-19 05:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL

2008-08-24 18:32 . 2008-04-18 07:48 269,312 --a------ C:\Windows\System32\es.dll

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-09-02 08:12 --------- d-----w C:\Users\M\AppData\Roaming\SUPERAntiSpyware.com

2008-09-01 19:44 --------- d-----w C:\Users\M\AppData\Roaming\uTorrent

2008-08-25 18:00 --------- d-----w C:\Program Files\Windows Mail

2008-07-20 18:01 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2008-07-20 17:25 --------- d-----w C:\Program Files\iTunes

2008-07-20 17:25 --------- d-----w C:\Program Files\iPod

2008-07-20 17:23 --------- d-----w C:\Program Files\QuickTime

2008-07-19 14:36 51,280 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys

2008-07-11 18:49 --------- d-----w C:\Program Files\Sun

2008-07-11 18:49 --------- d-----w C:\Program Files\Java

2008-07-10 07:35 32,000 ----a-w C:\Windows\system32\drivers\usbaapl.sys

2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll

2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll

2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll

2008-06-06 20:44 174 --sha-w C:\Program Files\desktop.ini

2008-06-06 20:21 82,432 ----a-w C:\Windows\System32\axaltocm.dll

2008-06-06 20:21 101,888 ----a-w C:\Windows\System32\ifxcardm.dll

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920]

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]

"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544]

"Switcher"="C:\Program Files\Switcher\Switcher.exe" [2007-10-28 12:35 425984]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 09:33 125952]

"Eraser"="C:\Program Files\Eraser\Eraser.exe" [2007-12-23 01:03 916240]

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-08-19 23:34 1576176]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-04-16 16:10 184320]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-27 16:35 857648]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 16:38 78008]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]

"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 10:24 16384]

"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544]

"SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-07 10:23 405504]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 09:47 116040]

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-10 10:51 289064]

 

C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-09-29 09:57:36 49152]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe [2007-07-20 18:13:26 1180952]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.YV12"= yv12vfw.dll

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{915D3F79-BD76-4EF4-840D-ABF3F408ED1D}"= C:\Program Files\Dell\MediaDirect\PowerCinema.exe:CyberLink PowerCinema

"{F96171C9-0A51-47B7-8C62-278E9AE0E31A}"= C:\Program Files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program

"{81A36582-5AEF-45E7-ADB4-1D4D9C2DA0C4}"= C:\Program Files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine

"{0EBE64AD-9467-4D9E-9D4C-9FE6A5F37F03}"= C:\Program Files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server

"{C6928DC2-0CDE-4772-AFE3-929E227FDB9B}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)

"{F8F62008-2FA5-434C-ACD6-BF1A43827170}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

"{BD06F9B3-3C76-43E9-8413-04719E61EE92}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire

"TCP Query User{5C4770DE-F93D-4137-AD83-5136AEB000F8}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent

"UDP Query User{CEB0AEC0-8C89-4690-AEFF-69F973325738}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent

"{B8342042-2DF1-47BA-B716-C2C020F68F55}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour

"{8B09D8E6-718D-4841-8E5F-8E808588EE07}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour

"TCP Query User{447826A0-A5B2-4A8F-A97B-8BD73EA84848}C:\\users\\m\\program files\\utorrent\\utorrent.exe"= UDP:C:\users\mona\program files\utorrent\utorrent.exe:utorrent.exe

"UDP Query User{D30DE8C4-B2A6-46EF-8018-7A6062F7B044}C:\\users\\m\\program files\\utorrent\\utorrent.exe"= TCP:C:\users\mona\program files\utorrent\utorrent.exe:utorrent.exe

"TCP Query User{82FDD333-4AC2-4430-9FF7-5BF4C0107DBD}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer

"UDP Query User{9FEF1BF4-2AD0-41F8-8282-75BB1051D154}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer

"{FD5A570F-6C6E-4CC8-A19C-F206D953F890}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes

"{5B2CD027-E627-4B15-A2B0-384AEB062D74}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

"{945CB940-EBB1-49BB-A6D4-9F9D869B5467}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)

"{1DA7E001-7164-4E53-B8CE-D74E9E50A53A}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

 

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 16:35]

R2 AESTFilters;Andrea ST Filters Service;C:\Windows\system32\aestsrv.exe [2007-08-29 13:25]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]

R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 16:36]

R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-20 22:13]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4483b075-a4f8-11dc-b95c-001c26f079e5}]

\shell\AutoRun\command - E:\AutoTransfer.exe

.

.

------- Supplementary Scan -------

.

FireFox -: Profile - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\brtvv4dp.default\

FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.no/ig?hl=no

.

 

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-02 12:44:25

Windows 6.0.6001 Service Pack 1 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2008-09-02 12:45:43

ComboFix-quarantined-files.txt 2008-09-02 10:45:39

 

Pre-Run: 64,747,470,848 byte ledig

Post-Run: 64,727,334,912 byte ledig

 

132 --- E O F --- 2008-09-02 07:23:58

 

 

[snippsat]

Ser bra ut dette

 

Du kan fjerne combofix ved å skrive combofix /u fra kjør-vinduet. Denne kommandoen gjør at filer i karantene og backups blir slette. Systemgjenopprettingsmappa nullstilt etc.

 

Surf trygt.