Broddern Skrevet 20. mars 2010 Del Skrevet 20. mars 2010 Fruen fikk endel svineri fra facebook....trenger hjelp til å se over logger og om jeg ble kvitt dem.det jeg hadde som jeg vet om er koobface.n kobbface.o,koobface.y og generic.ba logger: ComboFix 10-03-19.08 - Berit 20.03.2010 14:08:26.1.1 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.47.1044.18.2429.1583 [GMT 1:00] Kjører fra: c:\users\Berit\Desktop\Ny mappe\ComboFix.exe SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-2365545147-1999384947-2466353664-500 c:\$recycle.bin\S-1-5-21-3970377895-658940101-3556860769-500 c:\users\augustin\AppData\Local\010112010146111103.xxe c:\users\Berit\AppData\Local\010112010146111103.xxe c:\users\Berit\AppData\Local\rdr_1268852191.exe c:\windows\system32\Connect.dll . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-02-20 til 2010-03-20 ))))))))))))))))))))))))))))))))) . 2010-03-20 13:17 . 2010-03-20 13:17 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-03-20 13:17 . 2010-03-20 13:17 -------- d-----w- c:\users\augustin\AppData\Local\temp 2010-03-20 12:23 . 2010-03-20 12:23 -------- d-----w- c:\users\Berit\AppData\Roaming\Malwarebytes 2010-03-20 12:23 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-20 12:23 . 2010-03-20 12:23 -------- d-----w- c:\programdata\Malwarebytes 2010-03-20 12:23 . 2010-03-20 12:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-20 12:23 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-19 08:06 . 2010-03-19 08:06 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe 2010-03-19 08:06 . 2010-03-19 08:06 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys 2010-03-19 08:06 . 2010-03-19 08:06 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys 2010-03-19 08:06 . 2010-03-20 08:51 -------- d-----w- c:\users\Berit\AppData\Roaming\Spyware Terminator 2010-03-19 08:06 . 2010-03-19 15:03 -------- d-----w- c:\programdata\Spyware Terminator 2010-03-19 08:06 . 2010-03-19 08:07 -------- d-----w- c:\program files\Spyware Terminator 2010-03-18 16:45 . 2010-03-18 16:45 -------- d-----w- c:\users\Berit\AppData\Local\Threat Expert 2010-03-18 16:27 . 2010-03-18 16:27 -------- d-----w- c:\programdata\RegCure 2010-03-18 16:27 . 2010-03-18 16:46 -------- d-----w- c:\program files\RegCure 2010-03-17 20:03 . 2010-03-17 17:45 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-03-17 17:44 . 2010-03-17 17:44 329048 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\RPAPI.dll 2010-03-17 17:44 . 2010-03-17 17:44 94712 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\PrivacyClean.dll 2010-03-17 17:44 . 2010-03-17 17:44 17480 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\EmailScannerBridge.dll 2010-03-17 17:44 . 2010-03-17 17:44 961984 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\CEAPI.dll 2010-03-17 17:44 . 2010-03-17 17:44 835312 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe 2010-03-17 17:44 . 2010-03-17 17:44 842992 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe 2010-03-17 17:44 . 2010-03-17 17:44 1593320 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\Ad-Aware.exe 2010-03-17 17:44 . 2010-03-17 17:44 815184 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWTray.exe 2010-03-17 17:44 . 2010-03-17 17:44 1229232 ----a-w- c:\programdata\Lavasoft\Ad-Aware\update\AAWService.exe 2010-03-17 17:42 . 2010-03-17 17:42 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 2010-03-17 17:42 . 2010-02-04 15:53 2954656 -c--a-w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe 2010-03-17 17:42 . 2010-03-17 17:43 -------- d-----w- c:\program files\Lavasoft 2010-03-16 08:19 . 2010-03-16 08:19 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-03-06 06:36 . 2010-03-06 06:36 -------- d-----w- c:\users\augustin\AppData\Local\Apple 2010-03-06 02:01 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe 2010-03-04 10:24 . 2010-03-04 10:24 -------- d-----w- c:\users\augustin\AppData\Local\Google 2010-03-04 09:52 . 2010-03-04 09:53 -------- d-----w- c:\users\augustin\AppData\Local\Microsoft Games 2010-03-02 21:46 . 2010-03-02 23:27 -------- d-----w- c:\users\Berit\AppData\Local\Apple Computer 2010-03-02 21:46 . 2010-03-02 23:21 -------- d-----w- c:\users\Berit\AppData\Roaming\Apple Computer 2010-03-02 21:45 . 2009-05-18 13:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2010-03-02 21:45 . 2008-04-17 12:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll 2010-03-02 21:44 . 2010-03-02 21:44 -------- d-----w- c:\program files\iPod 2010-03-02 21:43 . 2010-03-02 21:44 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2010-03-02 21:43 . 2010-03-02 21:44 -------- d-----w- c:\program files\iTunes 2010-03-02 21:43 . 2010-03-02 21:43 -------- d-----w- c:\program files\Bonjour 2010-03-02 21:42 . 2010-03-02 21:42 -------- d-----w- c:\program files\QuickTime 2010-03-02 21:42 . 2010-03-02 21:43 -------- d-----w- c:\programdata\Apple Computer 2010-03-02 21:41 . 2010-03-02 21:41 -------- d-----w- c:\users\Berit\AppData\Local\Apple 2010-03-02 21:41 . 2010-03-02 21:41 -------- d-----w- c:\program files\Apple Software Update 2010-03-02 21:35 . 2010-03-02 21:47 -------- d-----w- c:\programdata\Apple 2010-03-02 21:35 . 2010-03-02 21:44 -------- d-----w- c:\program files\Common Files\Apple 2010-02-24 05:43 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll 2010-02-24 05:42 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll 2010-02-24 05:42 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll 2010-02-24 05:42 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-02-24 05:42 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-02-24 05:42 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe 2010-02-24 05:42 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-02-24 05:42 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-02-24 05:42 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-02-24 05:42 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll 2010-02-24 05:38 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-02-24 05:38 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-02-24 05:38 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-20 13:02 . 2010-02-11 07:02 -------- d-----w- c:\users\Berit\AppData\Roaming\Skype 2010-03-18 16:44 . 2010-02-16 10:55 -------- d-----w- c:\program files\McAfee Security Scan 2010-03-16 08:20 . 2010-01-21 18:55 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-03-16 08:19 . 2010-01-21 18:55 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-03-16 08:19 . 2010-01-21 18:55 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-03-11 02:14 . 2008-03-24 13:24 -------- d-----w- c:\programdata\Microsoft Help 2010-03-11 02:12 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-03-04 09:51 . 2010-02-05 18:01 75536 ----a-w- c:\users\augustin\AppData\Local\GDIPFONTCACHEV1.DAT 2010-03-02 21:26 . 2010-03-02 21:26 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2010-02-25 09:37 . 2007-10-08 17:23 75536 ----a-w- c:\users\Berit\AppData\Local\GDIPFONTCACHEV1.DAT 2010-02-21 04:58 . 2010-02-04 15:32 -------- d-----w- c:\users\Berit\AppData\Roaming\Spotify 2010-02-16 10:59 . 2009-01-30 23:34 -------- d-----w- c:\program files\Common Files\Adobe 2010-02-16 10:55 . 2010-02-16 10:55 -------- d-----w- c:\programdata\McAfee 2010-02-15 17:41 . 2010-02-15 17:41 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe 2010-02-10 21:51 . 2010-02-10 18:34 -------- d-----w- c:\programdata\VIZ_MPS 2010-02-10 18:34 . 2010-02-10 18:34 -------- d-----w- c:\program files\Vizky 2010-02-08 23:32 . 2010-02-05 23:32 -------- d-----w- c:\users\augustin\AppData\Roaming\Skype 2010-02-07 14:31 . 2008-08-06 19:49 -------- d-----w- c:\program files\Google 2010-02-07 09:01 . 2010-02-07 09:01 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb6508.tmp.exe 2010-02-05 23:31 . 2010-02-05 23:30 -------- d-----r- c:\program files\Skype 2010-02-05 23:31 . 2010-02-05 23:31 -------- d-----w- c:\program files\Common Files\Skype 2010-02-05 23:30 . 2010-02-05 23:30 -------- d-----w- c:\programdata\Skype 2010-02-04 15:53 . 2010-03-17 17:45 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-02-04 15:32 . 2010-02-04 15:32 -------- d-----w- c:\program files\Spotify 2010-01-30 02:34 . 2007-06-27 19:08 76478 ----a-w- c:\windows\system32\perfc014.dat 2010-01-30 02:34 . 2007-06-27 19:08 452334 ----a-w- c:\windows\system32\perfh014.dat 2010-01-30 02:24 . 2010-01-30 02:24 -------- d-----w- c:\program files\Windows Portable Devices 2010-01-30 02:24 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2010-01-30 02:24 . 2010-01-30 02:24 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2010-01-21 21:14 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Calendar 2010-01-21 21:14 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Sidebar 2010-01-21 21:14 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Collaboration 2010-01-21 21:14 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Photo Gallery 2010-01-21 21:13 . 2006-11-02 12:35 -------- d-----w- c:\program files\Windows Defender 2010-01-21 18:53 . 2010-01-21 18:53 -------- d-----w- c:\programdata\avg9 2010-01-21 18:53 . 2008-06-18 15:10 -------- d-----w- c:\program files\AVG 2010-01-21 18:38 . 2010-01-18 22:44 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-21 17:14 . 2010-01-21 17:14 -------- d-----w- c:\program files\CCleaner 2010-01-20 02:16 . 2008-03-24 13:30 -------- d-----w- c:\program files\Microsoft Works 2010-01-19 15:50 . 2010-01-19 15:50 -------- d-----w- c:\program files\EA GAMES 2010-01-14 10:12 . 2010-01-18 16:16 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-12 05:48 . 2010-01-12 05:48 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-01-12 05:48 . 2010-01-12 05:48 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-01-06 15:38 . 2010-02-24 05:38 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll 2010-01-06 15:38 . 2010-02-24 05:38 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll 2010-01-06 15:38 . 2010-02-24 05:38 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll 2010-01-06 15:38 . 2010-02-24 05:38 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll 2010-01-02 06:38 . 2010-01-29 22:20 916480 ----a-w- c:\windows\system32\wininet.dll 2010-01-02 06:32 . 2010-01-29 22:20 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-01-02 06:32 . 2010-01-29 22:20 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-01-02 04:57 . 2010-01-29 22:20 133632 ----a-w- c:\windows\system32\ieUnatt.exe . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-02-26 149040] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-05 39408] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-03-19 3037696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184] "S3Trayp"="S3trayp.exe" [2007-03-07 176128] "HDAudDeck"="c:\program files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe" [2007-02-16 1122304] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-10 815104] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):7e,2a,cd,3d,e0,9a,ca,01 R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-03-24 716272] R2 gupdate;Googles oppdateringstjeneste (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 135664] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-02-04 64288] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-16 216200] S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-03-16 242696] S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-03-19 142592] S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-16 916760] S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-16 308064] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-17 1229232] S3 FETND6V;VIA Rhine Family Fast Ethernet Adapter Driver;c:\windows\system32\DRIVERS\fetnd6v.sys [2008-09-22 43520] S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\DRIVERS\sis163u.sys [2007-05-07 218624] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2010-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 14:31] 2010-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 14:31] 2010-03-19 c:\windows\Tasks\RegCure Program Check.job - c:\program files\RegCure\RegCure.exe [2010-02-23 23:20] 2010-03-20 c:\windows\Tasks\RegCure Startup.job - c:\program files\RegCure\RegCure.exe [2010-02-23 23:20] 2010-03-19 c:\windows\Tasks\RegCure.job - c:\program files\RegCure\RegCure.exe [2010-02-23 23:20] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.startsiden.no/ uInternet Settings,ProxyOverride = *.local IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html LSP: c:\windows\system32\wpclsp.dll . . ------- Filassosiasjoner ------- . vbefile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %* vbsfile\shell\open2\command="%SystemRoot%\System32\CScript.exe" "%1" %* jsefile\shell\open2\command=c:\windows\System32\CScript.exe "%1" %* . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-20 14:17 Windows 6.0.6002 Service Pack 2 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run HDAudDeck = c:\program files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe 1???????????????????????????????????????????????????????? skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Tidspunkt ferdig: 2010-03-20 14:21:46 ComboFix-quarantined-files.txt 2010-03-20 13:21 Pre-Run: 5 162 770 432 byte ledig Post-Run: 5 038 956 544 byte ledig - - End Of File - - 1E6FBFEDC69471271F8A0220B0DB0D40 Malwarebytes' Anti-Malware 1.44 Databaseversjon: 3886 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18882 20.03.2010 13:50:45 mbam-log-2010-03-20 (13-50-45).txt Skanntype: Rask Skann Objekter skannet: 114970 Tid tilbakelagt: 25 minute(s), 5 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 1 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 4 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> Quarantined and deleted successfully. Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: c:\Windows\bill104.exe (Worm.KoobFace) -> Quarantined and deleted successfully. C:\Windows\ligh (Koobface.Trace) -> Quarantined and deleted successfully. C:\Windows\bk23567.dat (KoobFace.Trace) -> Quarantined and deleted successfully. C:\Windows\fdgg34353edfgdfdf (KoobFace.Trace) -> Quarantined and deleted successfully. Lenke til kommentar
norbat Skrevet 20. mars 2010 Del Skrevet 20. mars 2010 Combofix-loggen ser grei ut. Pc'n skulle være ren nå, men det kan være lurt å endre passord på kontoer knyttet til bla. msn og epost da Koobface har evnen til å snappe opp slikt. Du kan også avinstallere combofix ved å skrive combofix /uninstall fra start -> søk/kjør-feltet. Lenke til kommentar
Broddern Skrevet 20. mars 2010 Forfatter Del Skrevet 20. mars 2010 okay,hjertlig takk :)jeg bruker siste avg antivirus og addaware på denne pvcen men ble infisert uansett...noen tips til hva jeg kan bruke/gjøre for at det ikke skal gjenta seg ? Lenke til kommentar
norbat Skrevet 20. mars 2010 Del Skrevet 20. mars 2010 Man kan aldri garantere seg mot å bli infisert så lenge man selv er den som til syvende og sist installerer malwaren, men du kan godt starte med å bytte ut AVG med Avira. Avira har et reklamebanner som dukker opp i ny og ne, men dette kan man stoppe om man ønsker. Behold Malwarebytes. Gratisversjonen har ikke real-timebeskyttelse, så den må du oppdatere og kjøre skann manuelt med i ny og ne. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå