supehue Skrevet 12. november 2009 Del Skrevet 12. november 2009 hei i går så tok jeg en system gjenopreting og da kom virus og alt så kjørte jeg ComboFix da funka det men det er en ting som er borte jeg går ikke slettet helle hadisken jeg har windows vista. men jeg har ikke (packard bell recovery mangner) det er borte det skule væra inne på pc hva skal jeg gjøre skal jeg kjøpe en recovery disk ?? Lenke til kommentar
McMuffin Skrevet 12. november 2009 Del Skrevet 12. november 2009 Tror det er mer enn bare pc'en som bør fikses her.. On topic: Hva ser du på skjermen når du starter pc'en? Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 Tror det er mer enn bare pc'en som bør fikses her.. On topic: Hva ser du på skjermen når du starter pc'en? skjermen er helt svart men når jeg kjørte combofix da blei det fjernet da komm pc til seg selv igjen men sliter endå men at kanskje hackere har kommet seg in på pc og sletta filer Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 har er loggen ComboFix 09-11-11.02 - younas 11.11.2009 20:29.1.3 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.47.1044.18.3326.2248 [GMT 1:00] Kjører fra: c:\users\younas\Downloads\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . Følgende filer ble deaktivert: c:\windows\system32\YEYIVUFU.DLL ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-4288147535-3973791172-4071292720-500 C:\install.exe c:\programdata\29485634 c:\programdata\29485634\29485634.bat c:\programdata\29485634\29485634.exe c:\users\younas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.lnk c:\users\younas\Desktop\Security Tool.lnk c:\windows\system32\1384,088.exe c:\windows\system32\3182,271.exe c:\windows\system32\hosopovo.dll c:\windows\system32\rumenite.dll c:\windows\system32\seyomaju.dll c:\windows\system32\wenigewe.dll c:\programdata\Microsoft\Network\Downloader\qmgr0.dat . . . . kunne ikke slettes c:\programdata\Microsoft\Network\Downloader\qmgr1.dat . . . . kunne ikke slettes ----- BITS: Mulige infiserte sider ----- hxxp://82.98.231.102 . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-10-11 til 2009-11-11 ))))))))))))))))))))))))))))))))) . 2009-11-11 19:44 . 2009-11-11 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-11-11 19:19 . 2009-11-11 19:19 680 ----a-w- c:\users\younas\AppData\Local\d3d9caps.dat 2009-11-11 18:12 . 2009-10-31 02:49 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091111.006\NAVEX32A.DLL 2009-11-11 18:12 . 2009-10-31 02:49 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091111.006\NAVENG.SYS 2009-11-11 18:12 . 2009-10-31 02:49 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091111.006\EECTRL.SYS 2009-11-11 18:12 . 2009-10-31 02:49 2747952 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091111.006\CCERASER.DLL 2009-11-11 18:12 . 2009-10-31 02:49 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091111.006\ECMSVR32.DLL 2009-11-11 18:12 . 2009-10-31 02:49 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091111.006\NAVENG32.DLL 2009-11-11 18:12 . 2009-10-31 02:49 1323568 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091111.006\NAVEX15.SYS 2009-11-11 18:12 . 2009-10-31 02:49 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091111.006\ERASER.SYS 2009-11-11 17:23 . 2009-11-11 17:23 152158 ----a-w- c:\users\younas\AppData\Roaming\melt.exe 2009-11-11 15:23 . 2009-11-11 15:23 74240 ----a-w- C:\Bind2.exe 2009-11-11 15:23 . 2009-11-11 15:23 152158 ----a-w- C:\Bind1.exe 2009-11-10 19:22 . 2009-11-11 14:01 -------- d-----w- c:\users\younas\AppData\Local\WarRockDF 2009-11-10 18:03 . 2009-11-10 18:03 -------- d-----w- c:\programdata\McAfee 2009-11-10 17:39 . 2009-11-10 20:25 4096 d-----w- c:\users\younas\AppData\Roaming\vlc 2009-11-10 17:38 . 2009-11-10 17:38 -------- d-----w- c:\program files\VideoLAN 2009-11-10 16:51 . 2009-11-10 17:52 -------- d-sh--r- c:\users\younas\AppData\Roaming\System32config 2009-11-10 15:31 . 2009-11-10 15:31 -------- d-----w- c:\program files\Ask.com 2009-11-10 13:38 . 2009-11-10 13:38 -------- d-----w- c:\program files\Microsoft Sync Framework 2009-11-10 13:35 . 2009-11-10 13:35 -------- d-----w- c:\program files\Microsoft 2009-11-08 18:22 . 2009-04-11 06:28 638976 ----a-w- c:\windows\system32\win_utilman.exe 2009-11-08 18:03 . 2009-11-08 18:03 -------- d-----w- c:\programdata\McAfee Security Scan 2009-11-08 14:19 . 2009-11-08 14:19 -------- d-----w- c:\programdata\Electronic Arts 2009-11-08 14:18 . 2009-11-08 14:18 -------- d-----w- c:\program files\Electronic Arts 2009-11-08 10:46 . 2009-11-08 10:46 -------- d-----w- c:\users\younas\AppData\Roaming\Packard Bell 2009-11-07 17:44 . 2009-11-07 17:44 -------- d-----w- c:\users\younas\AppData\Local\RsHacker_Team 2009-11-07 17:30 . 2009-11-07 17:30 -------- d-----w- c:\users\younas\AppData\Local\Deployment 2009-11-07 17:30 . 2009-11-07 17:30 -------- d-----w- c:\users\younas\AppData\Local\Apps 2009-11-07 15:12 . 2009-11-07 15:12 -------- d-----w- c:\users\younas\AppData\Local\Adobe 2009-11-07 15:09 . 2009-11-07 15:09 -------- d-----w- c:\program files\amBX 2009-11-07 15:09 . 2009-11-07 15:09 -------- d-----w- c:\windows\Downloaded Installations 2009-11-06 19:39 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\IDSvix86.sys 2009-11-06 19:39 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\IDSXpx86.sys 2009-11-06 19:39 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\Scxpx86.dll 2009-11-06 19:39 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\IDSxpx86.dll 2009-11-06 19:39 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\IDSviA64.sys 2009-11-06 18:56 . 2009-11-06 18:56 613208 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-11-06 17:10 . 2009-11-11 14:16 63 ----a-w- c:\users\younas\jagex_runescape_preferences2.dat 2009-11-06 17:09 . 2009-11-11 14:15 38 ----a-w- c:\users\younas\jagex_runescape_preferences.dat 2009-11-06 17:08 . 2009-11-07 20:45 -------- d-----w- c:\windows\.jagex_cache_32 2009-11-06 17:08 . 2009-11-06 17:08 -------- d-----w- c:\windows\Sun 2009-11-06 17:07 . 2009-11-06 17:07 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-11-06 17:07 . 2009-11-06 17:07 -------- d-----w- c:\program files\Java 2009-11-06 13:19 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2009-11-06 13:19 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-11-06 13:19 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2009-11-06 13:19 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-11-06 13:19 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2009-11-06 13:19 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-11-06 13:19 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2009-11-06 13:19 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2009-11-06 13:19 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2009-11-05 17:06 . 2009-11-05 17:06 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2009-11-05 16:55 . 2007-07-19 17:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll 2009-11-05 16:55 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll 2009-11-05 16:55 . 2007-07-19 17:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll 2009-11-05 15:29 . 2009-11-05 16:42 -------- d-----w- c:\users\younas\AppData\Local\GamersFirst LIVE! 2009-11-05 15:29 . 2009-11-05 15:29 -------- d-----w- c:\program files\DNA 2009-11-05 15:29 . 2009-11-11 19:02 -------- d-----w- c:\program files\GamersFirst 2009-11-04 13:30 . 2009-11-04 13:30 -------- d-----w- c:\program files\Microsoft Silverlight 2009-11-01 21:21 . 2009-11-01 21:22 -------- d-----w- c:\windows\system32\ca-ES 2009-11-01 21:21 . 2009-11-01 21:22 -------- d-----w- c:\windows\system32\eu-ES 2009-11-01 21:21 . 2009-11-01 21:22 -------- d-----w- c:\windows\system32\vi-VN 2009-11-01 19:55 . 2009-11-01 19:55 4096 d-----w- c:\windows\system32\EventProviders 2009-11-01 12:25 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll 2009-11-01 12:25 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll 2009-11-01 12:25 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe 2009-11-01 12:23 . 2009-04-11 06:28 87040 ----a-w- c:\windows\system32\mssitlb.dll 2009-11-01 12:22 . 2009-04-11 06:28 642560 ----a-w- c:\windows\system32\rasgcw.dll 2009-11-01 12:21 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll 2009-11-01 12:21 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll 2009-11-01 12:21 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2009-11-01 12:20 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2009-10-31 23:04 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll 2009-10-31 19:25 . 2009-10-21 17:38 732536 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091021.001\Scxpx86.dll 2009-10-31 19:25 . 2009-10-21 17:38 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091021.001\IDSxpx86.dll 2009-10-31 19:25 . 2009-10-21 17:38 466480 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091021.001\IDSviA64.sys 2009-10-31 19:25 . 2009-10-21 17:38 342576 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091021.001\IDSvix86.sys 2009-10-31 19:25 . 2009-10-21 17:38 329080 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091021.001\IDSXpx86.sys 2009-10-31 16:01 . 2009-08-26 00:08 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys 2009-10-31 16:01 . 2009-11-01 19:46 -------- d-----w- c:\program files\Symantec 2009-10-31 16:01 . 2009-11-01 19:46 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2009-10-31 16:01 . 2009-10-31 19:25 -------- d-----w- c:\program files\Common Files\Symantec Shared 2009-10-31 15:47 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll 2009-10-31 15:28 . 2009-10-31 15:28 -------- d-----w- c:\program files\MSXML 4.0 2009-10-31 15:28 . 2009-10-31 15:28 -------- d-----w- c:\program files\Common Files\Microsoft Games 2009-10-31 15:07 . 2009-11-11 19:48 -------- d-----w- c:\users\younas\Tracing 2009-10-31 14:35 . 2009-08-14 16:27 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-10-31 14:35 . 2009-08-14 13:49 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-10-31 14:35 . 2009-08-14 13:49 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-10-31 14:35 . 2009-08-14 13:49 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-10-31 14:35 . 2009-08-14 13:49 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-10-31 14:35 . 2009-08-14 13:49 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-10-31 14:35 . 2009-08-14 13:49 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-10-31 14:35 . 2009-08-14 13:49 10240 ----a-w- c:\windows\system32\finger.exe 2009-10-31 14:35 . 2009-08-14 13:48 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys 2009-10-31 14:35 . 2009-08-14 13:48 105984 ----a-w- c:\windows\system32\netiohlp.dll 2009-10-31 14:35 . 2009-08-14 15:53 17920 ----a-w- c:\windows\system32\netevent.dll 2009-10-31 14:32 . 2009-04-11 06:28 1696768 ----a-w- c:\windows\system32\gameux.dll 2009-10-31 14:32 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-10-31 14:32 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-10-31 14:31 . 2009-07-11 19:01 513536 ----a-w- c:\windows\system32\wlansvc.dll 2009-10-31 14:31 . 2009-07-11 19:01 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-10-31 14:31 . 2009-07-11 19:01 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-10-31 14:31 . 2009-07-11 19:01 65024 ----a-w- c:\windows\system32\wlanapi.dll 2009-10-31 14:31 . 2009-07-11 17:03 127488 ----a-w- c:\windows\system32\L2SecHC.dll 2009-10-31 14:31 . 2009-04-11 06:28 68096 ----a-w- c:\windows\system32\wlanhlp.dll 2009-10-31 14:31 . 2009-04-21 11:39 2034688 ----a-w- c:\windows\system32\win32k.sys 2009-10-31 14:29 . 2009-06-10 11:42 160256 ----a-w- c:\windows\system32\wkssvc.dll 2009-10-31 14:28 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2009-10-31 14:28 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll 2009-10-31 14:28 . 2009-07-15 12:39 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-10-31 14:28 . 2009-04-23 12:15 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-10-31 14:28 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL 2009-10-31 14:28 . 2009-10-31 14:28 -------- d-----w- c:\users\younas\AppData\Local\Ahead 2009-10-31 14:27 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe 2009-10-31 14:26 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-10-31 14:26 . 2009-07-15 12:39 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-10-31 14:26 . 2009-07-15 12:39 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-10-31 14:25 . 2009-10-31 14:25 -------- d-----w- c:\program files\Nero 2009-10-31 14:25 . 2009-10-31 14:26 4096 d-----w- c:\program files\Common Files\Nero 2009-10-31 14:25 . 2009-10-31 14:25 -------- d-----w- c:\programdata\Nero 2009-10-31 14:15 . 2009-10-31 14:15 -------- d-----w- c:\program files\Vstep 2009-10-31 14:13 . 2009-10-31 14:13 -------- d-----w- c:\users\younas\AppData\Local\Symantec . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-11 19:25 . 2008-01-21 06:14 452088 ----a-w- c:\windows\system32\perfh014.dat 2009-11-11 19:25 . 2008-01-21 06:14 76272 ----a-w- c:\windows\system32\perfc014.dat 2009-11-11 18:35 . 2009-02-20 07:09 32768 d-----w- c:\program files\Microsoft Works 2009-11-11 18:35 . 2009-10-31 14:06 28672 d-----w- c:\program files\EasyBits For Kids 2009-11-11 18:35 . 2009-02-20 06:56 4096 d--h--w- c:\program files\InstallShield Installation Information 2009-11-11 18:34 . 2009-02-20 07:21 4096 d-----w- c:\program files\Windows Live 2009-11-11 18:34 . 2009-02-20 07:06 8192 d-----w- c:\programdata\Microsoft Help 2009-11-11 17:43 . 2009-02-20 07:18 4096 d-----w- c:\program files\Google 2009-11-11 17:42 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar 2009-11-11 17:42 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery 2009-11-11 17:42 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal 2009-11-11 17:42 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender 2009-11-11 17:42 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration 2009-11-11 17:42 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-11-11 17:42 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail 2009-11-01 21:20 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-01 19:46 . 2009-10-31 16:01 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF 2009-11-01 19:46 . 2009-10-31 16:01 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT 2009-10-31 16:03 . 2009-02-20 07:26 -------- d-----w- c:\programdata\Symantec 2009-10-31 16:02 . 2009-02-20 07:26 -------- d-----w- c:\programdata\Norton 2009-10-31 15:06 . 2006-11-02 12:37 4096 d-----w- c:\program files\Microsoft Games 2009-10-31 15:04 . 2009-02-20 06:56 -------- d-----w- c:\program files\Common Files\InstallShield 2009-10-31 14:17 . 2009-10-31 14:17 0 ----a-w- c:\windows\system32\drivers\PACKARDBELLBV_IMEDIAA5520NCD_1.0_PTU090X0199220AE662700.MRK 2009-10-31 14:13 . 2009-02-20 14:36 4096 d-----w- c:\program files\PACKARD BELL 2009-10-31 14:06 . 2009-10-31 14:06 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-10-31 14:06 . 2009-10-31 14:06 8172 ----a-w- c:\windows\system32\ezdigsgn.dat 2009-10-31 14:06 . 2009-10-31 14:06 91136 ----a-w- c:\windows\system32\ezUninst.exe 2009-10-31 14:06 . 2009-10-31 14:06 49152 ----a-w- c:\windows\system32\ezUPBHook.dll 2009-10-31 14:06 . 2009-10-31 14:06 268288 ----a-w- c:\windows\system32\ezSetup.exe 2009-10-31 14:06 . 2009-10-31 14:06 15872 ----a-w- c:\windows\system32\ezMAPIHelper.exe 2009-10-31 14:06 . 2009-10-31 14:06 111104 ----a-w- c:\windows\system32\ezShellStart.exe 2009-10-31 14:06 . 2009-10-31 14:06 157168 ----a-w- c:\programdata\Partner\partner.dll 2009-10-31 14:06 . 2009-10-31 14:06 110576 ----a-w- c:\programdata\Partner\partner.exe 2009-10-31 14:06 . 2009-10-31 14:06 -------- d-----w- c:\programdata\Partner 2009-10-31 14:01 . 2009-10-31 14:01 -------- d-sh--we c:\programdata\Start-meny 2009-10-31 14:01 . 2009-10-31 14:01 -------- d-sh--we c:\programdata\Skrivebord 2009-10-31 14:01 . 2009-10-31 14:01 -------- d-sh--we c:\programdata\Programdata 2009-10-31 14:01 . 2009-10-31 14:01 -------- d-sh--we c:\programdata\Maler 2009-10-31 14:01 . 2009-10-31 14:01 -------- d-sh--we c:\programdata\Favoritter 2009-10-31 14:01 . 2009-10-31 14:01 -------- d-sh--we c:\programdata\Dokumenter 2009-10-31 14:01 . 2009-10-31 14:01 -------- d-sh--we c:\program files\Fellesfiler 2009-10-31 13:56 . 2009-10-31 13:56 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-10-01 09:29 . 2009-10-31 14:29 195440 ----a-w- c:\windows\system32\MpSigStub.exe 2009-09-10 16:48 . 2009-10-31 14:30 218624 ----a-w- c:\windows\system32\msv1_0.dll 2009-08-27 13:29 . 2009-10-31 14:30 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-08-27 12:40 . 2009-10-31 14:30 834048 ----a-w- c:\windows\system32\wininet.dll 2009-08-17 22:33 . 2009-08-17 22:33 1193832 ----a-w- c:\windows\system32\FM20.DLL 2009-08-11 16:01 . 2009-08-11 16:01 1212987 --sha-w- c:\windows\System32\barihuye.exe . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] 2009-10-31 14:06 157168 ----a-w- c:\programdata\Partner\partner.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-07-10 16:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-04-28 1828136] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-09-03 3342336] "WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2009-04-11 2153472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "FujiKeyboard"="c:\acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe" [2008-09-18 79416] "SmpcSys"="c:\program files\Packard Bell\SetupMyPC\SmpSys.exe" [2008-07-07 1038136] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-02-20 30192] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13584928] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-06 149280] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-03-26 5369856] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2009-10-28 2665328] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):0d,bf,78,3d,3a,5b,ca,01 R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1007020.00B\SymEFA.sys [01.11.2009 20:46 310320] R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\NIS\1007020.00B\BHDrvx86.sys [01.11.2009 20:46 259632] R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1007020.00B\cchpx86.sys [01.11.2009 20:46 482432] R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105.001\IDSvix86.sys [06.11.2009 20:39 343088] R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [11.09.2007 00:45 124832] R2 amBX Service;amBX Service;c:\program files\amBX\System\amBX_Service.exe [10.10.2007 17:09 66560] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21.01.2008 03:23 21504] R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [01.11.2009 20:46 117640] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [31.10.2009 03:49 102448] R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\NIS\1007020.00B\symndisv.sys [01.11.2009 20:46 48688] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [03.11.2009 12:40 135664] S3 amBX Engine;amBX Engine;c:\program files\amBX\System\amBX_Engine.exe [10.10.2007 17:11 433664] S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [20.02.2009 08:18 30192] S3 Partner Service;Partner Service;c:\programdata\Partner\partner.exe [31.10.2009 15:06 110576] --- Andre tjenester/drivere lastet i minnet --- *NewlyCreated* - MBR *Deregistered* - mbr HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-03 11:40] 2009-11-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-03 11:40] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.ask.com?o=14978&l=dis mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&s=1&o=vp32&d=1009&m=imedia_a5520_ncd uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . - - - - TOMME PEKERE FJERNET - - - - HKCU-Run-java2 - c:\windows\system32\java2.exe HKCU-Run-svvhost2 - c:\windows\system32\svvhost2.exe HKCU-Run-winlogin2 - c:\windows\system32\winlogin2.exe HKCU-Run-swinlogin - c:\windows\system32\swinlogin.exe HKCU-Run-29485634 - c:\programdata\29485634\29485634.exe HKLM-Run-29485634 - c:\programdata\29485634\29485634.exe AddRemove-Farming Simulator 2009 - c:\program files\Farming Simulator 2009\unins000.exe AddRemove-NIS2009 - c:\program files\Norton Internet Security\Engine\16.0.0.125\RunCmd.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url] Rootkit scan 2009-11-11 20:48 Windows 6.0.6002 Service Pack 2 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url] device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x85553170]<< kernel: MBR read successfully user & kernel MBR OK ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.7.2.11\diMaster.dll\" /prefetch:1" . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\rundll32.exe c:\windows\system32\HidService.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\system32\IoctlSvc.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\DllHost.exe c:\acer\Preload\Autorun\DRV\FUJI Keyboard\AOSD.exe c:\program files\Common Files\Nero\Lib\NMIndexingService.exe c:\windows\ehome\ehmsas.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Windows Live\Contacts\wlcomm.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************** . Tidspunkt ferdig: 2009-11-11 20:56 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2009-11-11 19:56 Pre-Run: 514 077 118 464 byte ledig Post-Run: 513 378 594 816 byte ledig - - End Of File - - 8C9D79DDB88FBE405DA24AB97322729A Lenke til kommentar
McMuffin Skrevet 12. november 2009 Del Skrevet 12. november 2009 Siden du kan komme deg inn på systemet: Ta backup av viktige filer, formater og reinstaller. Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 Siden du kan komme deg inn på systemet: Ta backup av viktige filer, formater og reinstaller. OKEY osen gjør jeg det?? Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 noen hacker har kanskje fjernet "packard bell recovery mangner" er borte dete må være en hacker jeg vil gjerne fåt fiksa dete men vis jeg går tilbake i tid da crasher pc igjen!? Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 (endret) MAYDAY MAYDAY HJELP. JEG BLIR INVADRERT MED TORJANER EN TORJAN HORSE BLIR IKKE FJERNET HVA GJØR JEG?????. ps pc er helt ny Endret 12. november 2009 av supehue Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 skal jeg ta dete på garantien Lenke til kommentar
Crazy_Man Skrevet 12. november 2009 Del Skrevet 12. november 2009 Med tanke på nicket ditt og hvordan du skriver så bør du nok det ja Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 Med tanke på nicket ditt og hvordan du skriver så bør du nok det ja men hva skal jeg si til dem på elkjøp da Lenke til kommentar
McMuffin Skrevet 12. november 2009 Del Skrevet 12. november 2009 Siden du skriver som om du skulle vært tilbakestående tror jeg nok det det best om du gir pc'en tilbake til butikken med beskjed om å fikse den. Tar forbehold om troll. Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 Siden du skriver som om du skulle vært tilbakestående tror jeg nok det det best om du gir pc'en tilbake til butikken med beskjed om å fikse den. Tar forbehold om troll. JEG ER INGEN TROLL SER DU IKKE AT JEG HAR GRAMTIKFEIL??. jeg veit ikke men er det ikke bare og få en ny pc og sånt?? Lenke til kommentar
Qtecman Skrevet 12. november 2009 Del Skrevet 12. november 2009 Siden du skriver som om du skulle vært tilbakestående tror jeg nok det det best om du gir pc'en tilbake til butikken med beskjed om å fikse den. Tar forbehold om troll. La butikken beholde den og be om å få pengene igjen. Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 Siden du skriver som om du skulle vært tilbakestående tror jeg nok det det best om du gir pc'en tilbake til butikken med beskjed om å fikse den. Tar forbehold om troll. La butikken beholde den og be om å få pengene igjen. 1. får jeg pengene igjen?. 2. og hva skal jeg si da?. 3. har dere fåt pc"en igjen når dere har fåt problemer?. Lenke til kommentar
Qtecman Skrevet 12. november 2009 Del Skrevet 12. november 2009 Bare henvis butikken til denne tråden på Diskusjon.no, så forstår nok butikken problemet og hever kjøpet. Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 Bare henvis butikken til denne tråden på Diskusjon.no, så forstår nok butikken problemet og hever kjøpet. er du sikker Lenke til kommentar
McMuffin Skrevet 12. november 2009 Del Skrevet 12. november 2009 Gå og prøv da, hvis det virkelig er noe galt med pc'en og du klarer å formulere deg bedre enn du gjør her forstår de problemet og gir deg ny pc eller pengene igjen, evt fikser den. Lenke til kommentar
supehue Skrevet 12. november 2009 Forfatter Del Skrevet 12. november 2009 pc funker nå jeg tryket F11 og krisegjenoprettet pc Lenke til kommentar
Qtecman Skrevet 12. november 2009 Del Skrevet 12. november 2009 Det var jo nesten litt synd, jeg tror butikken (og flere) virkelig hadde ønsket at den pc`en ble levert inn igjen til butikken. Men gratulerer iallefall. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå