Gå til innhold

Poster utskilt fra veiledertråden-2

norbat

Av norbat
i IKT-drift og sikkerhet

Anbefalte innlegg

Videoannonse

Videoannonse
Annonse
norbat

norbat

Skrevet
  • Forfatter
Skrevet

Hvis vi konsentrerer oss om Combofix, så skal du altså legge programmer rett på skrivebordet. Høyreklikk på fila og velg Kjør. Hvis det fortsatt er problemer med å kjøre programmet, så gjør du følgende:

 

Restart pc i sikker modus (tapp F8-tasten under oppstart, velg sikker modus)

Logg deg inn med din bruker, og prøv og kjør Combofix nå.

Lenke til kommentar
hojohansen

hojohansen

Skrevet
Skrevet
Hvis vi konsentrerer oss om Combofix, så skal du altså legge programmer rett på skrivebordet. Høyreklikk på fila og velg Kjør. Hvis det fortsatt er problemer med å kjøre programmet, så gjør du følgende:

 

Restart pc i sikker modus (tapp F8-tasten under oppstart, velg sikker modus)

Logg deg inn med din bruker, og prøv og kjør Combofix nå.

 

 

Jeg laster ned den til HD, så kopierer jeg den til skrivebordet.. er det galt? (hvis det er så det skal gjøres så fungerer det ikke)

Lenke til kommentar
r2d290

r2d290

Skrevet
Skrevet

Når du har lagret det på skrivebordet, skal du dobbelklikke på combofix, og følge veiledningen til programmet. Ikke klikk på combofix-vinduet mens programmet kjører.

 

Når programmet er ferdig, vil det sprette opp en logg. Denne kopierer du, og limer inn i forumet :)

Lenke til kommentar
hojohansen

hojohansen

Skrevet
Skrevet

Skal jeg slette comboFix etter på eller??

---------------------------------------------------------------------------------------------------------------------------------------

ComboFix 08-10-14.01 -

* Created a new restore point

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\autorun.inf

C:\Documents and Settings\HoJ\Start-meny\Programmer\Oppstart\TA_Start.lnk

C:\resycled

C:\resycled\boot.com

C:\WINDOWS\Downloaded Program Files\setup.inf

C:\WINDOWS\system32\skinboxer43.dll

D:\Autorun.inf

E:\Autorun.inf

M:\Autorun.inf

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_pqasghjd

 

 

((((((((((((((((((((((((( Files Created from 2008-09-14 to 2008-10-14 )))))))))))))))))))))))))))))))

.

 

2008-10-14 16:13 . 2008-10-14 20:06 <DIR> dr-h----- C:\Documents and Settings\HoJ\Siste

2008-10-14 10:14 . 2008-10-14 10:14 <DIR> d-------- C:\Programfiler\Malwarebytes' Anti-Malware

2008-10-14 10:14 . 2008-10-14 10:14 <DIR> d-------- C:\Documents and Settings\HoJ\Programdata\Malwarebytes

2008-10-14 10:14 . 2008-10-14 10:14 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Malwarebytes

2008-10-14 10:14 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2008-10-14 10:14 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys

2008-10-14 10:09 . 2008-10-14 10:09 <DIR> d-------- C:\Programfiler\CCleaner

2008-10-14 08:41 . 2008-10-14 20:05 <DIR> d-------- C:\Documents and Settings\HoJ\problem

2008-10-14 07:10 . 2008-10-14 07:10 <DIR> d-------- C:\WINDOWS\system32\NtmsData

2008-10-14 02:28 . 2008-10-14 02:28 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware

2008-10-14 02:28 . 2008-10-14 02:28 <DIR> d-------- C:\Documents and Settings\HoJ\Programdata\SUPERAntiSpyware.com

2008-10-14 02:28 . 2008-10-14 02:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com

2008-10-14 02:27 . 2008-10-14 02:27 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard

2008-10-13 23:13 . 2008-10-14 13:39 <DIR> d--h----- C:\$AVG8.VAULT$

2008-10-13 16:35 . 2008-10-13 16:35 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys

2008-10-13 16:35 . 2008-10-13 16:35 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll

2008-10-13 16:34 . 2008-10-13 16:36 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg

2008-10-13 16:00 . 2008-10-13 16:00 <DIR> d-------- C:\Programfiler\Poad

2008-10-13 15:43 . 2008-10-13 15:43 <DIR> d-------- C:\WINDOWS\E80F62FF5D3C4A1984099721F2928206.TMP

2008-10-08 21:07 . 2008-10-08 21:07 <DIR> dr-h----- C:\Documents and Settings\HoJ\Programdata\SecuROM

2008-10-08 06:54 . 2008-10-08 06:54 <DIR> d-------- C:\Documents and Settings\Anne Beth\Programdata\Nero

2008-10-07 22:46 . 2008-10-07 22:46 <DIR> d-------- C:\Programfiler\Electronic Arts

2008-10-07 22:46 . 2008-10-07 22:46 <DIR> d-------- C:\ProgramData

2008-10-07 22:46 . 2008-10-07 22:46 5,990 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg

2008-10-07 22:45 . 2008-10-07 22:45 <DIR> d-------- C:\Documents and Settings\HoJ\Programdata\Leadertech

2008-10-05 09:26 . 2008-10-05 13:58 357,768 --a------ C:\Documents and Settings\HoJ\SymXPep2.dll

2008-10-04 11:57 . 2008-10-04 11:57 <DIR> d-------- C:\Programfiler\Guitar Pro 5

2008-10-03 16:48 . 2008-10-03 16:48 <DIR> d-------- C:\Documents and Settings\HoJ\Programdata\Symantec

2008-10-03 16:43 . 2008-10-04 13:55 <DIR> d-------- C:\Programfiler\Symantec

2008-10-03 16:43 . 2008-10-04 13:55 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS

2008-10-03 16:43 . 2008-10-04 13:55 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL

2008-10-03 16:43 . 2008-10-04 13:55 10,671 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT

2008-10-03 16:43 . 2008-10-04 13:55 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF

2008-10-03 16:35 . 2008-10-03 16:37 64,146,632 --a------ C:\Programfiler\nis2008.exe

2008-10-03 08:39 . 2008-10-14 01:17 <DIR> d-------- C:\Programfiler\xsbbbfg

2008-10-03 08:39 . 2008-10-03 16:28 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\xafsdsty

2008-10-01 08:41 . 2008-10-01 08:41 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Emotum

2008-09-29 19:08 . 2008-10-14 19:50 <DIR> d-------- C:\Programfiler\Telenor

2008-09-29 19:08 . 2008-10-14 19:50 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Telenor

2008-09-29 19:06 . 2008-10-14 16:25 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Symantec

2008-09-26 07:24 . 2001-10-06 13:36 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys

2008-09-26 07:24 . 2001-10-06 13:36 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys

2008-09-21 22:11 . 2007-02-26 17:15 61,984 --a------ C:\WINDOWS\system32\drivers\xusb21.sys

2008-09-21 22:11 . 2008-09-21 22:11 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb21_01001.Wdf

2008-09-21 19:50 . 2008-09-21 19:50 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01001_Coinstaller_Critical.Wdf

2008-09-21 19:50 . 2008-09-21 19:50 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb20_01001.Wdf

2008-09-21 19:49 . 2008-09-21 22:11 <DIR> d-------- C:\Programfiler\Microsoft Xbox 360 Accessories

2008-09-21 19:48 . 2008-09-21 19:49 16,831,304 --a------ C:\Temp\Xbox360_32Fra.exe

2008-09-21 07:58 . 2008-09-21 07:58 <DIR> d-------- C:\Documents and Settings\HoJ\Programdata\Thinstall

2008-09-20 13:01 . 2008-09-20 13:01 <DIR> d-------- C:\Programfiler\iTunes

2008-09-20 13:01 . 2008-09-20 13:01 <DIR> d-------- C:\Programfiler\iPod

2008-09-20 13:01 . 2008-09-20 13:01 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

2008-09-20 12:59 . 2008-09-20 13:00 <DIR> d-------- C:\Programfiler\QuickTime

2008-09-16 19:35 . 2008-09-16 19:35 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe AIR

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-10-13 21:29 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared

2008-10-13 14:34 --------- d-----w C:\Documents and Settings\All Users\Programdata\avg8

2008-10-13 14:07 --------- d---a-w C:\Documents and Settings\All Users\Programdata\TEMP

2008-10-13 14:07 --------- d-----w C:\Documents and Settings\All Users\Programdata\PC Tools

2008-10-11 23:21 --------- d-----w C:\Documents and Settings\HoJ\Programdata\dvdcss

2008-10-11 20:54 --------- d-----w C:\Documents and Settings\HoJ\Programdata\U3

2008-10-11 16:27 --------- d-----w C:\Documents and Settings\HoJ\Programdata\foobar2000

2008-10-09 18:55 --------- d-----w C:\Programfiler\Free Easy Burner

2008-10-07 20:46 --------- d--h--w C:\Programfiler\InstallShield Installation Information

2008-10-02 14:29 21,792 ----a-w C:\Documents and Settings\HoJ\Programdata\GDIPFONTCACHEV1.DAT

2008-09-29 06:32 --------- d-----w C:\Programfiler\Exact Audio Copy

2008-09-21 20:14 --------- d-----w C:\Programfiler\Apple Software Update

2008-09-20 11:00 --------- d-----w C:\Programfiler\Fellesfiler\Apple

2008-09-20 10:52 --------- d-----w C:\Programfiler\Bonjour

2008-09-16 01:05 43,872 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys

2008-09-15 16:56 --------- d-----w C:\Documents and Settings\HoJ\Programdata\Sabeltann2

2008-08-14 20:03 --------- d-----w C:\Documents and Settings\All Users\Programdata\Digital Film Tools

2008-08-14 19:58 --------- d-----w C:\Documents and Settings\HoJ\Programdata\Alien Skin

2008-08-14 19:58 --------- d-----w C:\Documents and Settings\All Users\Programdata\Digital Anarchy

2008-08-14 17:50 --------- d-----w C:\Programfiler\PictureCode

2008-08-14 07:52 --------- d-----w C:\Programfiler\Riff Interactive

2008-08-05 10:35 20 ---h--w C:\Documents and Settings\All Users\Programdata\PKP_DLdw.DAT

2008-08-05 10:32 20 ---h--w C:\Documents and Settings\All Users\Programdata\PKP_DLdu.DAT

2007-01-26 13:50 6,144 ----a-w C:\Documents and Settings\Anne Beth\Programdata\internaldb1879.dat

2008-06-24 08:03 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Lokale innstillinger\Logg\History.IE5\MSHist012008062420080625\index.dat

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]

"MsnMsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

"DAEMON Tools"="C:\Programfiler\DAEMON Tools\daemon.exe" [2006-11-12 157592]

"updateMgr"="C:\Programfiler\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programfiler\Fellesfiler\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]

"SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 7700480]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 86016]

"Adobe Photo Downloader"="C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]

"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]

"mxomssmenu"="C:\Programfiler\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-09-06 169264]

"NeroFilterCheck"="C:\Programfiler\Fellesfiler\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]

"NBKeyScan"="C:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]

"QuickTime Task"="C:\Programfiler\QuickTime\QTTask.exe" [2008-09-06 413696]

"iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2008-09-10 289576]

"XboxStat"="C:\Programfiler\Microsoft Xbox 360 Accessories\XboxStat.exe" [2007-09-26 734264]

"Telenorhjelpen"="C:\Programfiler\Telenor\Telenorhjelpen\Telenor.exe" [2008-02-07 189120]

"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-13 1234712]

"nwiz"="nwiz.exe" [2006-10-22 C:\WINDOWS\system32\nwiz.exe]

"SoundMan"="SOUNDMAN.EXE" [2005-01-20 C:\WINDOWS\SOUNDMAN.EXE]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

"PcSync"="C:\Programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304]

 

C:\Documents and Settings\HoJ\Start-meny\Programmer\Oppstart\

.security [2008-10-03 0]

Nikon Monitor.lnk - C:\Programfiler\Fellesfiler\Nikon\Monitor\NkMonitor.exe [2007-06-14 479232]

 

C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\

.security [2008-10-03 0]

Adobe Reader Speed Launch.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]

Microsoft Office.lnk - C:\Programfiler\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2008-07-23 16:28 352256 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.wmv3"= C:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

--a------ 2006-11-08 14:27 222208 C:\Programfiler\Nokia\Nokia PC Suite 6\LaunchApplication.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"FirewallOverride"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Programfiler\\BitLord\\BitLord.exe"=

"C:\\Programfiler\\Messenger\\msmsgs.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

"E:\\spill\\Pro Evolution Soccer 2008\\PES2008.exe"=

"C:\\Documents and Settings\\HoJ\\Skrivebord\\PES2008.exe"=

"C:\\WINDOWS\\system32\\winver.exe"=

"E:\\spill\\Beijing\\Beijing.exe"=

"C:\\Programfiler\\Bonjour\\mDNSResponder.exe"=

"C:\\Programfiler\\iTunes\\iTunes.exe"=

"C:\\Programfiler\\Telenor\\Telenorhjelpen\\Telenor.exe"=

"C:\\Programfiler\\AVG\\AVG8\\avgupd.exe"=

"C:\\Programfiler\\Electronic Arts\\EADM\\Core.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"9000:TCP"= 9000:TCP:SlimServer 9000 tcp

"3483:UDP"= 3483:UDP:SlimServer 3483 udp

"3483:TCP"= 3483:TCP:SlimServer 3483 tcp

"16499:TCP"= 16499:TCP:BitComet 16499 TCP

"16499:UDP"= 16499:UDP:BitComet 16499 UDP

 

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-10-13 97928]

R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-13 231704]

R2 FAH@E:+spill+EA SPORTS+FIFA 09 Demo1+FAH.exe;FAH@E:+spill+EA SPORTS+FIFA 09 Demo1+FAH.exe;E:\spill\EA SPORTS\FIFA 09 Demo1\FAH.exe [2008-10-02 253952]

R2 Maxtor Sync Service;Maxtor Service;C:\Programfiler\Maxtor\Sync\SyncServices.exe [2007-09-28 156976]

R2 NMSAccessU;NMSAccessU;E:\Programmer\CDBurnerXP\NMSAccessU.exe [2008-03-09 71096]

S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\system32\ASNDIS5.SYS [2002-09-09 16269]

S3 xusb20;Xbox 360 Wireless Receiver for Windows Driver Service;C:\WINDOWS\system32\DRIVERS\xusb20.sys [2006-10-13 50048]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{02d2d1f8-7311-11dc-b16c-0015f24b98fb}]

\Shell\AutoRun\command - M:\LaunchU3.exe -a

.

Contents of the 'Scheduled Tasks' folder

 

2008-10-09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

- C:\Programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

 

2008-10-14 C:\WINDOWS\Tasks\Se etter oppdateringer for Windows Live Toolbar.job

- C:\Programfiler\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]

 

2008-10-14 C:\WINDOWS\Tasks\User_Feed_Synchronization-{3EF55AE2-D5EF-471E-BF7D-56146F7B36C5}.job

- C:\WINDOWS\system32\msfeedssync.exe [2007-08-13 19:36]

.

- - - - ORPHANS REMOVED - - - -

 

HKLM-Run-C:\WINDOWS\system32\kdwsh.exe - C:\WINDOWS\system32\kdwsh.exe

HKU-Default-Run-swg - C:\Programfiler\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

HKLM-Explorer_Run-0eJso1SCTA - C:\Documents and Settings\All Users\Programdata\xafsdsty\nyhitivi.exe

 

 

.

------- Supplementary Scan -------

.

FireFox -: Profile - C:\Documents and Settings\HoJ\Programdata\Mozilla\Firefox\Profiles\8yk8a630.default\

FireFox -: prefs.js - STARTUP.HOMEPAGE - google.com

.

 

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-10-14 20:34:04

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

"ServiceDll"="C:\WINDOWS\system32\es.dll"

 

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FAH@E:+spill+EA SPORTS+FIFA 09 Demo1+FAH.exe]

.

------------------------ Other Running Processes ------------------------

.

C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Programfiler\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Programfiler\Bonjour\mDNSResponder.exe

C:\Documents and Settings\All Users\Programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE

C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe

C:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

E:\spill\EA SPORTS\FIFA 09 Demo1\FahCore_82.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\Programfiler\iPod\bin\iPodService.exe

C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexingService.exe

C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe

C:\Programfiler\Windows Live\Messenger\usnsvc.exe

.

**************************************************************************

.

Completion time: 2008-10-14 20:45:33 - machine was rebooted

ComboFix-quarantined-files.txt 2008-10-14 18:45:23

 

Pre-Run: 166 687 600 640 byte ledig

Post-Run: 166,746,730,496 byte ledig

 

245 --- E O F --- 2008-09-17 01:00:30

Lenke til kommentar
hojohansen

hojohansen

Skrevet
Skrevet
Så fortsetter du med å installere Malwarebytes anti-malware, og kjør en rask skann.

Post loggen OM den finner noe.

 

Følgende to mapper skal slettes:

C:\Programfiler\xsbbbfg

C:\Documents and Settings\All Users\Programdata\xafsdsty

 

 

Den fant ikke noe... Hvordan sletter jeg disse to mappene, ved å "fysisk" slette den på hd, eller med et program.

 

Skal combofix slettes fra maskinen etterpå eller skal jeg bare la den være?

 

 

Takker så MYE for hjelpen! :thumbup:

Lenke til kommentar
norbat

norbat

Skrevet
  • Forfatter
Skrevet

Det raskeste er å slette de direkte fra hd ved å bruke utforskeren til å bla seg fram til der de ligger.

Det kan være at du må slå på "Vis skjulte filer og mapper" for å se mappene (kontrollpanel->mappealternativer->Vis)

 

Combofix fjerner du til slutt når alt ser ut til å fungere slik det bør. Det fjernes ved å skrive combofix /u i kjør-feltet (Start->kjør)

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste

  • Hvem er aktive   0 medlemmer

    • Ingen innloggede medlemmer aktive
×
×
  • Opprett ny...