Gå til innhold

Combofix-logg, noen som vil se over?

^fmj

Av ^fmj
i IKT-drift og sikkerhet

Anbefalte innlegg

^fmj

^fmj

Skrevet
Skrevet (endret)

Klikk for å se/fjerne innholdet nedenfor
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

D:\desktop.ini

 

.

((((((((((((((((((((((((((((((((((((((( Drivere/Tjenester )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_IPFW

-------\Legacy_IP_FW

 

 

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-04-24 til 2009-05-24 )))))))))))))))))))))))))))))))))

.

 

2009-05-24 02:21 . 2009-05-24 02:21 -------- d-----w c:\programfiler\Unlocker

2009-05-24 02:20 . 2009-03-04 21:30 69936 ----a-w c:\windows\system32\drivers\sbapifs.sys

2009-05-24 02:20 . 2008-09-12 07:38 13360 ----a-w c:\windows\system32\drivers\sbaphd.sys

2009-05-24 01:43 . 2009-05-24 01:43 -------- d-----w c:\windows\system32\oodag

2009-05-24 01:41 . 2009-05-24 01:41 -------- d-----w c:\programfiler\OO Software

2009-05-24 01:33 . 2009-05-24 01:33 -------- d-----w c:\windows\ie8updates

2009-05-24 01:31 . 2009-04-25 05:30 102400 ------w c:\windows\system32\dllcache\iecompat.dll

2009-05-24 01:20 . 2009-05-24 01:31 -------- dc-h--w c:\windows\ie8

2009-05-24 00:50 . 2001-04-06 11:57 238080 ----a-w c:\windows\system32\OOD2000.exe

2009-05-24 00:50 . 2001-04-05 15:40 598016 ----a-w c:\windows\system32\OOD2KCRS.dll

2009-05-24 00:50 . 2001-04-05 15:21 29272 ----a-w c:\windows\system32\OOD2KBS.exe

2009-05-24 00:50 . 2000-11-01 12:12 16384 ----a-w c:\windows\system32\ood2kmsg.dll

2009-05-24 00:50 . 2009-05-24 00:50 -------- d-----w c:\programfiler\OOD2KFRE

2009-05-24 00:50 . 2000-11-09 17:31 24576 ----a-w c:\windows\system32\OODCSPRO.dll

2009-05-24 00:03 . 2009-05-24 00:03 -------- d-----w c:\programfiler\Drive Cleanup Wizard

2009-05-23 23:38 . 2009-05-23 23:38 -------- d-----w c:\documents and settings\All Users\Programdata\SUPERAntiSpyware.com

2009-05-23 23:37 . 2009-05-23 23:37 -------- d-----w c:\programfiler\SUPERAntiSpyware

2009-05-23 23:32 . 2009-05-23 23:32 -------- d-----w c:\programfiler\Fellesfiler\Wise Installation Wizard

2009-05-23 19:46 . 2009-05-23 19:50 -------- d-----w c:\programfiler\MATCO

2009-05-23 19:37 . 2009-05-23 19:37 -------- d-----w c:\programfiler\Defraggler

2009-05-23 19:37 . 2009-05-23 19:37 -------- d-----w c:\programfiler\ToniArts

2009-05-23 19:24 . 2009-05-23 19:24 -------- d-----w c:\documents and settings\All Users\Programdata\Sunbelt

2009-05-23 19:09 . 2009-05-23 19:09 -------- d-----w c:\programfiler\Sunbelt Software

2009-05-23 19:06 . 2008-10-09 07:48 202928 ----a-w c:\windows\system32\drivers\sbtis.sys

2009-05-23 19:04 . 2009-05-23 19:04 -------- d-----w c:\programfiler\CCleaner

2009-05-23 17:33 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys

2009-05-23 17:33 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys

2009-05-23 17:33 . 2009-05-23 17:33 -------- d-----w c:\programfiler\Malwarebytes' Anti-Malware

2009-05-23 17:33 . 2009-05-23 17:33 -------- d-----w c:\documents and settings\All Users\Programdata\Malwarebytes

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-05-24 02:43 . 2007-05-04 12:53 -------- d---a-w c:\documents and settings\All Users\Programdata\TEMP

2009-05-24 02:14 . 2008-06-16 22:04 -------- d-----w c:\documents and settings\All Users\Programdata\avg8

2009-05-24 00:50 . 2006-10-26 17:35 -------- d--h--w c:\programfiler\InstallShield Installation Information

2009-05-24 00:37 . 2006-10-26 17:36 -------- d-----w c:\programfiler\Modem Helper

2009-05-23 19:01 . 2008-06-16 22:05 11952 ----a-w c:\windows\system32\avgrsstx.dll

2009-05-23 19:01 . 2008-06-16 22:05 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys

2009-05-23 19:01 . 2008-01-15 11:30 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys

2009-05-23 19:01 . 2008-06-16 22:05 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys

2009-05-23 13:37 . 2008-12-25 12:28 -------- d-----w c:\programfiler\DNA

2009-05-20 23:35 . 2007-01-22 17:33 -------- d-----w c:\programfiler\lx_cats

2009-05-17 11:34 . 2004-09-28 17:07 63362 ----a-w c:\windows\system32\perfc014.dat

2009-05-17 11:34 . 2004-09-28 17:07 390504 ----a-w c:\windows\system32\perfh014.dat

2009-04-24 09:47 . 2009-02-24 19:17 -------- d-----w c:\programfiler\NCH Software

2009-04-24 09:44 . 2008-10-17 08:40 -------- d-----w c:\programfiler\Fellesfiler\Apple

2009-04-07 23:41 . 2009-04-07 23:41 1316096 ----a-w c:\windows\system32\ooscrsav.scr

2009-04-07 23:41 . 2009-04-07 23:41 730368 ----a-w c:\windows\system32\oodsvct.exe

2009-04-07 23:40 . 2009-04-07 23:40 1377536 ----a-w c:\windows\system32\oodag.exe

2009-04-07 23:39 . 2009-04-07 23:39 2553088 ----a-w c:\windows\system32\oodtray.exe

2009-04-07 23:39 . 2009-04-07 23:39 194816 ----a-w c:\windows\system32\oodbs.exe

2009-04-07 23:35 . 2009-04-07 23:35 951552 ----a-w c:\windows\system32\oodtrrs.dll

2009-04-07 23:35 . 2009-04-07 23:35 541952 ----a-w c:\windows\system32\oodssrs.dll

2009-04-07 23:34 . 2009-04-07 23:34 9984 ----a-w c:\windows\system32\oodbsrs.dll

2009-04-07 23:34 . 2009-04-07 23:34 8448 ----a-w c:\windows\system32\OODAGRS.DLL

2009-04-07 23:34 . 2009-04-07 23:34 15616 ----a-w c:\windows\system32\OODAGMG.DLL

2009-04-07 13:00 . 2009-04-07 13:00 37896 ----a-w c:\windows\system32\drivers\oobctm.sys

2009-04-07 12:59 . 2009-04-07 12:59 15104 ----a-w c:\windows\system32\ootmapi.dll

2009-03-28 12:41 . 2009-03-28 12:41 -------- d-----w c:\programfiler\Microsoft Silverlight

2009-03-17 11:26 . 2009-03-17 11:26 65320 ----a-w c:\windows\system32\sbbd.exe

2009-03-08 02:34 . 2004-09-28 17:07 914944 ----a-w c:\windows\system32\wininet.dll

2009-03-08 02:34 . 2004-09-28 17:06 43008 ----a-w c:\windows\system32\licmgr10.dll

2009-03-08 02:33 . 2004-09-28 17:06 18944 ----a-w c:\windows\system32\corpol.dll

2009-03-08 02:33 . 2004-09-28 17:07 420352 ----a-w c:\windows\system32\vbscript.dll

2009-03-08 02:32 . 2004-09-28 17:06 72704 ----a-w c:\windows\system32\admparse.dll

2009-03-08 02:32 . 2004-09-28 17:06 71680 ----a-w c:\windows\system32\iesetup.dll

2009-03-08 02:31 . 2004-09-28 17:06 34816 ----a-w c:\windows\system32\imgutil.dll

2009-03-08 02:31 . 2004-09-28 17:06 48128 ----a-w c:\windows\system32\mshtmler.dll

2009-03-08 02:31 . 2004-09-28 17:06 45568 ----a-w c:\windows\system32\mshta.exe

2009-03-08 02:22 . 2004-09-28 17:06 156160 ----a-w c:\windows\system32\msls31.dll

2009-03-06 14:24 . 2004-09-28 17:06 284160 ----a-w c:\windows\system32\pdh.dll

2008-07-13 17:11 . 2008-07-13 17:11 2228534 ----a-w c:\programfiler\audacity-win-1.2.6.exe

2008-07-13 17:08 . 2008-07-13 17:07 1512927 ----a-w c:\programfiler\LADSPA_plugins-win-0.4.15.exe

2007-08-10 16:52 . 2006-11-11 12:35 56 --sh--r c:\windows\system32\0693109433.sys

2008-01-11 08:48 . 2006-11-08 17:14 88 --sh--r c:\windows\system32\3394109306.sys

2008-01-11 08:48 . 2006-11-08 17:14 6944 --sha-w c:\windows\system32\KGyGaAvL.sys

.

 

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"SUPERAntiSpyware"="c:\programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-05-14 1830128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]

"ATICCC"="c:\programfiler\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]

"IntelZeroConfig"="c:\programfiler\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 667718]

"IntelWireless"="c:\programfiler\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 602182]

"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]

"ISUSPM Startup"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]

"ISUSScheduler"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]

"lxcrmon.exe"="c:\programfiler\Lexmark 2400 Series\lxcrmon.exe" [2006-01-22 286720]

"EzPrint"="c:\programfiler\Lexmark 2400 Series\ezprint.exe" [2006-02-07 98304]

"LXCRCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll" [2005-12-01 65536]

"V0220Mon.exe"="c:\windows\V0220Mon.exe" [2006-06-29 32768]

"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-02-20 136600]

"SBAMTray"="c:\programfiler\Sunbelt Software\VIPRE\SBAMTray.exe" [2009-03-17 955688]

"QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2009-01-05 413696]

"OODefragTray"="c:\windows\system32\oodtray.exe" [2009-04-07 2553088]

"UnlockerAssistant"="c:\programfiler\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]

"SigmatelSysTrayApp"="stsystra.exe" - c:\windows\stsystra.exe [2006-03-24 282624]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

BTTray.lnk - c:\programfiler\WIDCOMM\Bluetooth Software\BTTray.exe [2006-5-24 622653]

Dell Network Assistant.lnk - c:\windows\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe [2006-10-26 7168]

Device Detector 3.lnk - c:\programfiler\Olympus\DeviceDetector\DevDtct2.exe [2008-5-20 118784]

Digital Line Detect.lnk - c:\programfiler\Digital Line Detect\DLG.exe [2006-10-26 24576]

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2008-12-22 10:05 356352 ----a-w c:\programfiler\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-05-23 19:01 11952 ----a-w c:\windows\system32\avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

@="Service"

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^Adobe Reader Speed Launch.lnk]

path=c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\Adobe Reader Speed Launch.lnk

backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programfiler\\Messenger\\msmsgs.exe"=

"c:\\Programfiler\\BitTorrent\\bittorrent.exe"=

"c:\\Programfiler\\LimeWire\\LimeWire.exe"=

"c:\\Programfiler\\Fellesfiler\\Nero\\Nero Web\\SetupX.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programfiler\\Dell Network Assistant\\ezi_hnm2.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Programfiler\\DNA\\btdna.exe"=

"c:\\Programfiler\\iTunes\\iTunes.exe"=

"c:\\Programfiler\\SightSpeed\\SightSpeed.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol

"10426:UDP"= 10426:UDP:SingleClick ICC

 

R0 PzWDM;PzWDM;c:\windows\system32\drivers\PzWDM.sys [29.09.2008 22:20 15172]

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [17.06.2008 00:05 325896]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [17.06.2008 00:05 108552]

R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [14.05.2009 14:22 9968]

R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [14.05.2009 14:22 72944]

R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [24.05.2009 04:20 13360]

R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [23.05.2009 21:06 202928]

R2 Buzzsaw_Defragmentation;Buzzsaw_Defragmentation;c:\programfiler\MATCO\BuzzSawService.exe [23.07.2007 12:27 327680]

R2 SBAMSvc;VIPRE Antivirus + Antispyware;c:\programfiler\Sunbelt Software\VIPRE\SBAMSvc.exe [17.03.2009 13:26 894248]

R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [24.05.2009 04:20 69936]

R3 SASENUM;SASENUM;c:\programfiler\SUPERAntiSpyware\SASENUM.SYS [14.05.2009 14:22 7408]

S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe --> c:\progra~1\AVG\AVG8\avgemc.exe [?]

S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe --> c:\progra~1\AVG\AVG8\avgwdsvc.exe [?]

S3 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [22.10.2008 17:08 92464]

S3 SynasUSB;SynasUSB;c:\windows\system32\drivers\synasUSB.sys [22.05.2008 23:56 18432]

S3 V0220Dev;Live! Cam Video IM;c:\windows\system32\drivers\V0220Dev.sys [24.02.2008 23:14 146112]

S3 V0220Vfx;V0220VFX;c:\windows\system32\drivers\V0220Vfx.sys [24.02.2008 23:14 6272]

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

 

2009-05-19 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

 

2009-05-24 c:\windows\Tasks\Se etter oppdateringer for Windows Live Toolbar.job

- c:\programfiler\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]

.

- - - - TOMME PEKERE FJERNET - - - -

 

HKLM-Run-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe

SafeBoot-procexp90.Sys

 

 

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://www.vol.no/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = hxxp://www.sonic.com/links.asp?prod=9&SNML=CAL2AQR7D5P443F8J|CSMTHRM2VKQ2FKT4S|CY695VKQ7EY77F8MB|C2AJZ7PZ8G5676GVU|CTG3Q8P5R

PWG3C3F|SC-BRANCH_0_FROM_200B94A&SRNM=CSMTHRM2VKQ2FKT4S&LANG=ENU&type=PurchaseCP&ext1=Sonic%20DigitalMedia%20LE%20v7

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Windows Live Search - c:\programfiler\Windows Live Toolbar\msntb.dll/search.htm

IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: Send til &Bluetooth-enhet... - c:\programfiler\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Åpne i ny bakgrunnsflik - c:\programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/229?1e46a3d62cf24bf8855e4709c17b508f

IE: Åpne i ny forgrunnsflik - c:\programfiler\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/230?1e46a3d62cf24bf8855e4709c17b508f

DPF: {4445EA6A-9008-40D5-9160-035FDE5214C4} - hxxp://www.123hjemmeside.no/builder/pages/Mpu-dk-1-0-0-8.cab

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-05-24 04:44

Windows 5.1.2600 Service Pack 3 NTFS

 

skanner skjulte prosesser ...

 

skanner skjulte autostart-oppføringer ...

 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

LXCRCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16??????????????????????????????????????????????

????????????????????????????????????????????????????????????????????????????????????

?????????????????????????????????????????????????

 

skanner skjulte filer ...

 

skanning vellykket

skjulte filer: 0

 

**************************************************************************

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

 

[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders\¸* 7*]

"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Programdata\\Intel\\Wireless\\"

 

[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders\À* 7*]

"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Programdata\\Intel\\Wireless\\"

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

 

- - - - - - - > 'winlogon.exe'(940)

c:\programfiler\SUPERAntiSpyware\SASWINLO.dll

c:\windows\system32\Ati2evxx.dll

 

- - - - - - - > 'explorer.exe'(3148)

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\btncopy.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andre Kjørende Prosesser ------------------------

.

c:\windows\system32\ati2evxx.exe

c:\programfiler\Intel\Wireless\Bin\EvtEng.exe

c:\programfiler\Intel\Wireless\Bin\S24EvMon.exe

c:\programfiler\Intel\Wireless\Bin\WLKEEPER.exe

c:\windows\system32\ati2evxx.exe

c:\programfiler\WIDCOMM\Bluetooth Software\bin\btwdins.exe

c:\programfiler\Dell Network Assistant\hnm_svc.exe

c:\programfiler\Java\jre6\bin\jqs.exe

c:\programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\programfiler\Nero\Nero8\Nero BackItUp\NBService.exe

c:\windows\system32\oodag.exe

c:\windows\system32\IoctlSvc.exe

c:\programfiler\Intel\Wireless\Bin\RegSrvc.exe

c:\programfiler\Dell Network Assistant\ezi_hnm2.exe

c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

c:\windows\system32\lxcrcoms.exe

c:\windows\system32\wbem\wmiapsrv.exe

c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe

c:\windows\system32\WGATray.exe

.

**************************************************************************

.

Tidspunkt ferdig: 2009-05-24 4:47 - maskinen ble startet på nytt

ComboFix-quarantined-files.txt 2009-05-24 02:47

Endret av ^fmj
Lenke til kommentar

Videoannonse

Videoannonse
Annonse
snippsat

snippsat

Skrevet
Skrevet (endret)

2 Drivere/tjenster med maleware + 1 fil ble slettet.

 

Loggen ser bra ut.

 

Kan du ta en rask scan med denne.

 

Last ned MBAM til skrivebordet.

Velg Norsk språkdrakt-->kjør hurtig systemskann.

Når MBAM er ferdig åpner den en logg,den poster du.

 

Regner med at det der bra ut.

 

Avslutt med dette.

 

Du kan fjerne combofix ved å skrive combofix /u fra kjør-vinduet. Denne kommandoen gjør at filer i karantene og backups blir slette. Systemgjenopprettingsmappa nullstilt etc.

 

Sjekk om software er oppdatert Secunia

 

Surf trygt.

Endret av SNIPPSAT
Lenke til kommentar
snippsat

snippsat

Skrevet
Skrevet (endret)

Det kan ha vært noe som i den filen som ikke skulle vært der.

 

Nå har det seg sånn med "desktop.ini" den kan man slette uten at det gir noen problemer.

 

Det vil bli lagd er ny en når man forander noe av dette(view setting folder, web style, details, thumbnails)

Endret av SNIPPSAT
Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste
×
×
  • Opprett ny...