Tror jeg har virus, her er loggen?

fsx · 16. september 2009

ComboFix 09-09-14.02 - younas 16.09.2009 20:35.1.3 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1044.18.3326.1563 [GMT 2:00]

Kjører fra: c:\users\younas\Desktop\ComboFix.exe

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

* Anti-virus er aktiv

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\$recycle.bin\S-1-5-21-4288147535-3973791172-4071292720-500

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-08-16 til 2009-09-16 )))))))))))))))))))))))))))))))))

.

2009-09-16 18:49 . 2009-09-16 18:49 -------- d-----w- c:\users\Default\AppData\Local\temp

2009-09-10 11:11 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys

2009-09-10 11:11 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll

2009-09-10 11:11 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE

2009-09-10 11:11 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

2009-09-10 11:11 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE

2009-09-10 11:11 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE

2009-09-10 11:11 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE

2009-09-10 11:11 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe

2009-09-10 11:11 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE

2009-09-10 11:11 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll

2009-09-10 11:10 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll

2009-09-10 11:10 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll

2009-09-10 11:10 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll

2009-09-10 11:10 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll

2009-09-10 11:10 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll

2009-09-08 12:53 . 2009-09-08 12:53 -------- d-----w- c:\programdata\SiteAdvisor

2009-09-08 12:53 . 2009-09-08 12:53 -------- d-----w- c:\program files\SiteAdvisor

2009-09-08 12:50 . 2009-07-08 11:44 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2009-09-08 12:50 . 2009-07-08 11:44 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys

2009-09-08 12:50 . 2009-07-08 11:44 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys

2009-09-08 12:50 . 2009-07-16 10:32 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys

2009-09-08 12:50 . 2009-09-08 12:50 -------- d-----w- c:\program files\Common Files\McAfee

2009-09-08 12:50 . 2009-09-14 17:15 -------- d-----w- c:\program files\McAfee

2009-09-08 12:48 . 2009-07-08 11:43 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys

2009-09-08 12:37 . 2009-09-08 16:19 -------- d-----w- c:\programdata\McAfee

2009-09-08 12:12 . 2004-09-07 04:14 279624 ----a-w- c:\windows\system32\mcgdmgr.dll

2009-09-08 12:12 . 2009-09-08 12:50 -------- d-----w- c:\program files\McAfee.com

2009-09-08 12:12 . 2004-10-04 10:29 341064 ----a-w- c:\windows\system32\mcinsctl.dll

2009-09-07 13:37 . 2009-09-07 13:37 -------- d-----w- c:\users\younas\AppData\Roaming\Creative

2009-09-07 13:35 . 2009-09-08 08:01 -------- d-----w- c:\programdata\Creative

2009-09-07 13:28 . 2006-10-06 06:17 53248 ------w- c:\windows\Ctregrun.exe

2009-09-07 13:26 . 2006-11-10 01:00 126976 ----a-w- c:\windows\system32\V0330Vfw.dll

2009-09-07 13:26 . 2007-08-08 05:48 157696 ----a-w- c:\windows\system32\drivers\V0330Vid.sys

2009-09-07 13:26 . 2007-06-14 01:52 90112 ----a-w- c:\windows\CtDrvIns.exe

2009-09-07 13:26 . 2007-04-30 01:10 266240 ----a-w- c:\windows\system32\V0330Cvw.dll

2009-09-07 13:26 . 2007-04-30 01:03 32768 ----a-w- c:\windows\V0330Mon.exe

2009-09-07 13:26 . 2007-04-26 01:10 32768 ----a-w- c:\windows\system32\V0330Hwx.dll

2009-09-07 13:26 . 2007-04-25 01:10 20480 ----a-w- c:\windows\system32\V0330Srv.exe

2009-09-07 13:26 . 2007-04-24 01:10 36864 ----a-w- c:\windows\system32\V0330Pin.dll

2009-09-07 13:26 . 2007-04-24 01:10 20480 ----a-w- c:\windows\V0330Cfg.exe

2009-09-07 13:26 . 2006-12-13 02:35 4516 ----a-w- c:\windows\system32\drivers\V0330STB.SYS

2009-09-07 13:26 . 2005-07-07 01:07 36864 ----a-w- c:\windows\system32\CtCamMgr.dll

2009-09-07 12:55 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe

2009-09-07 12:54 . 2009-09-07 13:28 -------- d-----w- c:\program files\Creative

2009-09-05 16:18 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll

2009-09-05 16:18 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll

2009-09-05 16:18 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll

2009-09-05 16:18 . 2009-09-05 16:18 -------- d-----w- c:\program files\Alwil Software

2009-09-05 15:39 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2009-09-05 14:26 . 2009-09-05 14:26 0 ----a-w- c:\windows\nsreg.dat

2009-09-05 14:26 . 2009-09-05 14:26 -------- d-----w- c:\users\younas\AppData\Local\Mozilla

2009-09-03 18:38 . 2009-09-03 18:38 -------- d-----w- c:\programdata\Trymedia

2009-09-03 15:23 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2009-09-03 15:23 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2009-09-01 19:01 . 2009-09-01 19:01 -------- d-----w- c:\programdata\Office Genuine Advantage

2009-09-01 16:51 . 2009-09-01 16:51 -------- d-----w- c:\users\younas\AppData\Roaming\Template

2009-09-01 12:50 . 2009-03-08 11:33 18944 ----a-w- c:\windows\system32\corpol.dll

2009-09-01 12:49 . 2009-09-01 12:49 -------- d-----w- c:\users\younas\AppData\Local\Microsoft Help

2009-09-01 12:24 . 2009-09-01 12:24 680 ----a-w- c:\users\younas\AppData\Local\d3d9caps.dat

2009-08-31 19:07 . 2009-08-31 19:07 -------- d-----w- c:\users\younas\AppData\Roaming\PeerNetworking

2009-08-30 08:30 . 2009-08-30 08:30 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2009-08-29 20:20 . 2008-04-16 10:57 42552 ----a-w- c:\windows\system32\drivers\ale_nf.sys

2009-08-29 11:50 . 2009-08-29 11:50 -------- d-----w- c:\program files\MSXML 4.0

2009-08-29 11:50 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll

2009-08-29 11:25 . 2009-08-29 11:25 -------- d-----w- c:\users\younas\AppData\Roaming\Nero

2009-08-28 22:09 . 2008-01-21 02:24 638976 ----a-w- c:\windows\system32\win_utilman.exe

2009-08-28 22:08 . 2009-08-28 22:08 -------- d-----w- c:\users\younas\AppData\Local\Apps

2009-08-28 19:46 . 2009-08-28 19:46 -------- d-----w- c:\users\younas\AppData\Roaming\Packard Bell

2009-08-28 18:24 . 2009-09-01 15:05 -------- d-----w- C:\FSXTMP

2009-08-28 18:06 . 2009-09-05 20:15 -------- d-----w- c:\users\younas\AppData\Local\Adobe

2009-08-28 18:06 . 2009-08-28 18:06 -------- d-----w- c:\programdata\FLEXnet

2009-08-28 17:41 . 2009-09-16 14:32 -------- d-----w- c:\users\younas\Tracing

2009-08-28 17:35 . 2009-09-07 20:58 -------- d-----w- c:\users\younas\AppData\Local\Microsoft Games

2009-08-28 17:27 . 2009-08-28 17:27 -------- d-----w- c:\users\younas\AppData\Local\Ahead

2009-08-28 17:25 . 2009-08-28 17:25 -------- d-----w- c:\programdata\Nero

2009-08-28 17:25 . 2009-08-28 17:25 -------- d-----w- c:\program files\Nero

2009-08-28 17:25 . 2009-08-28 17:26 -------- d-----w- c:\program files\Common Files\Nero

2009-08-28 17:19 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll

2009-08-28 17:05 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll

2009-08-28 17:05 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2009-08-28 17:05 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2009-08-28 17:05 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll

2009-08-28 17:05 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe

2009-08-28 17:05 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2009-08-28 17:05 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe

2009-08-28 17:00 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll

2009-08-28 17:00 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll

2009-08-28 17:00 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll

2009-08-28 17:00 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll

2009-08-28 17:00 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

2009-08-28 16:58 . 2008-06-06 03:27 38912 ----a-w- c:\windows\system32\xolehlp.dll

2009-08-28 16:58 . 2008-06-06 03:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll

2009-08-28 16:58 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll

2009-08-28 16:58 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll

2009-08-28 16:58 . 2009-08-28 16:58 -------- d-----w- c:\users\younas\AppData\Local\Symantec

2009-08-28 16:57 . 2008-07-16 12:00 487424 ----a-w- c:\windows\system32\INT15.dll

2009-08-28 16:57 . 2008-07-16 11:56 17952 ----a-w- c:\windows\system32\drivers\int15_64.sys

2009-08-28 16:57 . 2008-07-16 11:56 15392 ----a-w- c:\windows\system32\drivers\int15.sys

2009-08-28 16:56 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll

2009-08-28 16:56 . 2008-12-16 02:42 288768 ----a-w- c:\windows\system32\drivers\srv.sys

2009-08-28 16:54 . 2009-08-28 16:54 -------- d-----w- c:\program files\DIFX

2009-08-28 16:54 . 2009-08-28 16:54 -------- d-----w- c:\program files\YUAN

2009-08-28 16:54 . 2009-09-07 20:28 71648 ----a-w- c:\users\younas\AppData\Local\GDIPFONTCACHEV1.DAT

2009-08-28 16:54 . 2009-09-05 15:36 -------- d-----w- c:\users\younas\AppData\Local\Packard Bell

2009-08-28 16:54 . 2009-08-28 16:54 -------- d-----w- c:\programdata\NVIDIA

2009-08-28 16:52 . 2008-10-29 06:29 2927104 ----a-w- c:\windows\explorer.exe

2009-08-28 16:48 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll

2009-08-28 16:47 . 2009-08-28 16:47 56 ---ha-w- c:\windows\system32\ezsidmv.dat

2009-08-28 16:47 . 2008-02-03 10:00 290248 ----a-w- c:\windows\system32\ezsvc7x.dll

2009-08-28 16:47 . 2008-02-03 10:00 129992 ----a-w- c:\windows\system32\ezsvc7.dll

2009-08-28 16:47 . 2009-08-28 16:47 8172 ----a-w- c:\windows\system32\ezdigsgn.dat

2009-08-28 16:47 . 2009-08-28 16:47 91136 ----a-w- c:\windows\system32\ezUninst.exe

2009-08-28 16:47 . 2009-08-28 16:47 49152 ----a-w- c:\windows\system32\ezUPBHook.dll

2009-08-28 16:47 . 2009-08-28 16:47 268288 ----a-w- c:\windows\system32\ezSetup.exe

2009-08-28 16:47 . 2009-08-28 16:47 15872 ----a-w- c:\windows\system32\ezMAPIHelper.exe

2009-08-28 16:47 . 2009-08-28 16:47 111104 ----a-w- c:\windows\system32\ezShellStart.exe

2009-08-28 16:44 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll

2009-08-28 16:44 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe

2009-08-28 16:44 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll

2009-08-28 16:44 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll

2009-08-28 16:44 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll

2009-08-28 16:44 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll

2009-08-28 16:44 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll

2009-08-28 16:44 . 2008-10-16 12:08 162064 ----a-w- c:\windows\system32\wuwebv.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-09-16 17:19 . 2009-02-20 06:56 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-09-16 17:04 . 2009-09-16 15:25 -------- d-----w- c:\program files\Pando Networks

2009-09-16 16:13 . 2009-09-16 16:13 -------- d-----w- c:\program files\GamersFirst

2009-09-16 16:12 . 2009-09-16 15:27 608744450 ----a-w- c:\program files\WarRock20081102.exe

2009-09-16 12:37 . 2008-01-21 06:14 76272 ----a-w- c:\windows\system32\perfc014.dat

2009-09-16 12:37 . 2008-01-21 06:14 452088 ----a-w- c:\windows\system32\perfh014.dat

2009-09-14 19:39 . 2009-09-14 19:39 -------- d-----w- c:\users\younas\AppData\Roaming\Malwarebytes

2009-09-14 19:39 . 2009-09-14 19:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-09-14 19:39 . 2009-09-14 19:39 -------- d-----w- c:\programdata\Malwarebytes

2009-09-14 07:21 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-09-10 12:54 . 2009-09-14 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-09-10 12:53 . 2009-09-14 19:39 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-09-07 13:25 . 2009-02-20 06:56 -------- d-----w- c:\program files\Common Files\InstallShield

2009-09-03 19:45 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games

2009-09-01 12:49 . 2009-02-20 07:06 -------- d-----w- c:\programdata\Microsoft Help

2009-09-01 12:22 . 2009-02-20 07:26 -------- d-----w- c:\programdata\Norton

2009-08-30 08:33 . 2009-02-20 07:09 -------- d-----w- c:\program files\Microsoft Works

2009-08-29 17:54 . 2009-02-20 07:18 -------- d-----w- c:\program files\Google

2009-08-29 11:27 . 2009-08-29 11:27 0 ----a-w- c:\users\younas\AppData\Roaming\wklnhst.dat

2009-08-28 22:18 . 2009-02-20 14:36 -------- d-----w- c:\program files\PACKARD BELL

2009-08-28 17:30 . 2009-02-20 07:26 -------- d-----w- c:\programdata\Symantec

2009-08-28 16:59 . 2009-08-28 16:59 0 ----a-w- c:\windows\system32\drivers\PACKARDBELLBV_IMEDIAA5520NCD_1.0_PTU090X0199220AE662700.MRK

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Start-meny

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Skrivebord

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Programdata

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Maler

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Favoritter

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Dokumenter

2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\program files\Fellesfiler

2009-08-28 16:37 . 2009-08-28 16:37 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll

2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll

2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe

2009-07-21 21:52 . 2009-09-01 12:51 915456 ----a-w- c:\windows\system32\wininet.dll

2009-07-21 21:47 . 2009-09-01 12:51 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-07-21 21:47 . 2009-09-01 12:51 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-07-21 20:13 . 2009-09-01 12:51 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-07-14 13:00 . 2009-08-28 16:55 313344 ----a-w- c:\windows\system32\wmpdxm.dll

2009-07-14 12:59 . 2009-08-28 16:55 4096 ----a-w- c:\windows\system32\dxmasf.dll

2009-07-14 12:58 . 2009-08-28 16:55 7680 ----a-w- c:\windows\system32\spwmp.dll

2009-07-14 10:59 . 2009-08-28 16:55 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2009-07-08 11:44 . 2009-07-08 11:44 214024 ----a-w- c:\windows\system32\drivers\mfehidk.sys

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-04-28 1828136]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-28 68856]

"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-21 192000]

"CTRegRun"="c:\windows\CTRegRun.EXE" [2006-10-06 53248]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-21 2153472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]

"FujiKeyboard"="c:\acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe" [2008-09-18 79416]

"SmpcSys"="c:\program files\Packard Bell\SetupMyPC\SmpSys.exe" [2008-07-07 1038136]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13584928]

"V0330Mon.exe"="c:\windows\V0330Mon.exe" [2007-04-30 32768]

"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-09 645328]

"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-07 1176808]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-09-10 420176]

"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-03-26 5369856]

"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

"HideFastUserSwitching"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

SetupExecute REG_MULTI_SZ

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{064FC79D-7C6E-4B0C-934C-C40CA33A132C}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server

"{0C1CC5C5-06EE-4469-BD63-61D2474088D6}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server

"{BE48E75D-A499-420A-8BC2-456B520E0CEE}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{AE26182E-CE6E-4F7D-B339-14E98A7F36A7}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{0C9B59A7-CAE6-4AEA-9751-3E3A46A79076}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

"{63C63D0B-2C30-41E9-88DD-54005F239712}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

R2 ETService;Empowering Technology Service;c:\program files\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe [28.08.2009 18:57 24576]

R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21.01.2008 04:23 21504]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.09.2009 21:39 269648]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [08.09.2009 14:52 203280]

R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [14.09.2009 21:39 19160]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [14.09.2009 21:39 38224]

R3 V0330VID;WebCam Vista/Live! Cam Chat;c:\windows\System32\drivers\V0330Vid.sys [07.09.2009 15:26 157696]

S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [11.09.2007 01:45 124832]

--- Andre tjenester/drivere lastet i minnet ---

*NewlyCreated* - MBAMPROTECTOR

*NewlyCreated* - MBAMSWISSARMY

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2009-09-16 c:\windows\Tasks\Malwarebytes' Scheduled Scan for younas.job

- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-14 12:53]

2009-09-16 c:\windows\Tasks\Malwarebytes' Scheduled Update for younas.job

- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-14 12:53]

2009-09-08 c:\windows\Tasks\McDefragTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-08 19:26]

2009-09-08 c:\windows\Tasks\McQcTask.job

- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-08 19:26]

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&s=1&o=vp32&d=0809&m=imedia_a5520_ncd

mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&s=1&o=vp32&d=0809&m=imedia_a5520_ncd

FF - ProfilePath - c:\users\younas\AppData\Roaming\Mozilla\Firefox\Profiles\mjk4uvlu.default\

FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

.

- - - - TOMME PEKERE FJERNET - - - -

HKLM-Run-NPCTray - c:\program files\Norman\npc\bin\npc_tray.exe

HKLM-Run-eRecoveryService - (no file)

AddRemove-Creative VF0330 - c:\windows\CtDrvIns.exe -uninstall -script VF0330.uns -unsext NT -plugin V0330Pin.dll

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-09-16 20:49

Windows 6.0.6001 Service Pack 1 NTFS

skanner skjulte prosesser ...

skanner skjulte autostart-oppføringer ...

skanner skjulte filer ...

skanning vellykket

skjulte filer: 0

**************************************************************************

.

Tidspunkt ferdig: 2009-09-16 20:53

ComboFix-quarantined-files.txt 2009-09-16 18:53

Pre-Run: 520 819 191 808 byte ledig

Post-Run: 520 428 322 816 byte ledig

288 --- E O F --- 2009-09-15 12:43

ogs når jeg sletta det så kunne jeg ikke åpne noe men det viser seg at det ikke hvar sletta

jblas44 · 16. september 2009

Dette er vel ikke det rette stedet å poste om virus, prøv heller her.

fsx · 16. september 2009

hei moderator kan du flytte dene. posta feil

Endret 17. september 2009 av fsx

Hrodebert · 16. september 2009

Husk å være nøye med å plassere innlegg og tråder i korrekt kategori. Spør en moderator om du er i tvil. Denne tråden var plassert i feil kategori og er blitt flyttet til korrekt eller mer passende kategori.

Reaksjoner på moderering går som alltid via "Personlig Melding".

fsx · 17. september 2009

hei jeg tenkte og kjøre ComboFix men sletter den viktige dataer

Bruker-158599 · 17. september 2009

hei jeg tenkte og kjøre ComboFix men sletter den viktige dataer

Nei, da hadde vi ikke brukt den.

Swafty · 17. september 2009

hei jeg tenkte og kjøre ComboFix men sletter den viktige dataer

Gjør den det? Shit.. jeg har brukt den :cry: IM DOOMED!!

Bruker-158599 · 17. september 2009

hei jeg tenkte og kjøre ComboFix men sletter den viktige dataer

Gjør den det? Shit.. jeg har brukt den IM DOOMED!!

Nei, den gjør ikke det.

norbat · 17. september 2009

https://www.diskusjon.no/index.php?session=...&p=14371430

Logg inn

Tror jeg har virus, her er loggen?

Anbefalte innlegg

fsx

Lenke til kommentar

Videoannonse

jblas44

Lenke til kommentar

fsx

Lenke til kommentar

Hrodebert

Lenke til kommentar

fsx

Lenke til kommentar

Bruker-158599

Lenke til kommentar

Swafty

Lenke til kommentar

Bruker-158599

Lenke til kommentar

norbat

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Opprett konto

Logg inn

Hvem er aktive 0 medlemmer