ERROLOL Skrevet 1. april 2011 Del Skrevet 1. april 2011 (endret) Hei! Har i flere dager hatt problemer med treg pc, tregt internett og at pcen skrur seg av hver dag kl 16:50 (NT-Myndighet, brukt begge 'fixerne fra Symantec, de fant ingenting) og at noe merkelig har skjedd med bakgrunnen min. Combofixer fant èn ting som de endret, men har ingen log fra det.. Håper at dere litt mer dataflinke har peiling på hva jeg kan gjøre for å bli kvitt dritten.... http://bildr.no/view/855577 (bakgrunnen og irritasjonsmomentet) MBAM log: mbam-log-2011-04-01 (20-59-58).txt Får ikke lagt til hijackthis log, har tydligvis ikke rettigheter til det på dette forumet Endret 1. april 2011 av ERROLOL Lenke til kommentar
ERROLOL Skrevet 1. april 2011 Forfatter Del Skrevet 1. april 2011 Combofix log; ComboFix 11-04-01.01 - Jonas 01.04.2011 21:31:05.2.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.2047.1264 [GMT 2:00] Kjører fra: c:\documents and settings\Jonas\Mine dokumenter\Downloads\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . . -- Forrige skanning -- . Infisert kopi av c:\windows\system32\ws2_32.dll ble funnet og desinfisert Gjenopprettet kopi fra - c:\windows\ServicePackFiles\i386\ws2_32.dll . -------- . . ((((((((((((((((((((((((((((((((((((((( Drivere/Tjenester ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_USNJSVC -------\Service_usnjsvc . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2011-03-01 til 2011-04-01 ))))))))))))))))))))))))))))))))) . . 2011-04-01 19:10 . 2011-04-01 19:22 -------- d--h--r- c:\documents and settings\Jonas\Siste 2011-04-01 18:46 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll 2011-04-01 18:45 . 2011-04-01 18:45 -------- d-----w- c:\documents and settings\Jonas\Programdata\Malwarebytes 2011-04-01 18:45 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-04-01 18:45 . 2011-04-01 18:45 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes 2011-04-01 18:45 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-01 18:45 . 2011-04-01 18:45 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2011-04-01 18:21 . 2011-04-01 18:21 388096 ----a-r- c:\documents and settings\Jonas\Programdata\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-04-01 18:21 . 2011-04-01 18:21 -------- d-----w- c:\programfiler\Trend Micro 2011-04-01 15:32 . 2011-02-23 13:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-04-01 15:32 . 2011-02-23 13:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-04-01 15:32 . 2011-02-23 13:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-04-01 15:32 . 2011-02-23 13:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-04-01 15:32 . 2011-02-23 13:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-04-01 15:32 . 2011-02-23 13:55 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-04-01 15:32 . 2011-02-23 13:55 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-04-01 15:32 . 2011-02-23 13:54 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-04-01 15:30 . 2011-02-23 14:04 40648 ----a-w- c:\windows\avastSS.scr 2011-04-01 15:30 . 2011-02-23 14:04 190016 ----a-w- c:\windows\system32\aswBoot.exe 2011-04-01 15:30 . 2011-04-01 15:30 -------- d-----w- c:\programfiler\AVAST Software 2011-04-01 15:30 . 2011-04-01 15:30 -------- d-----w- c:\documents and settings\All Users\Programdata\AVAST Software 2011-04-01 15:24 . 2011-04-01 15:25 -------- d-----w- c:\documents and settings\Jonas\Programdata\QuickScan 2011-03-31 18:52 . 2011-03-31 18:53 -------- d-----w- c:\programfiler\CCleaner 2011-03-31 16:42 . 2011-03-31 16:42 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2011-03-31 16:34 . 2011-03-31 16:34 -------- d-----w- c:\programfiler\Eidos 2011-03-31 09:42 . 2011-03-31 09:42 -------- d-----w- C:\spoolerlogs 2011-03-30 20:45 . 2011-03-30 20:45 -------- d-----w- c:\programfiler\Talaturen's IP Changer 2011-03-30 20:39 . 2011-04-01 15:10 -------- d-----w- c:\programfiler\Asprate 2011-03-30 20:35 . 2011-03-30 20:35 5632 ----a-w- c:\windows\system32\spdg.dll 2011-03-30 20:31 . 2011-03-30 20:31 -------- d-----w- c:\documents and settings\LocalService\Lokale innstillinger\Programdata\ESET 2011-03-30 14:53 . 2011-03-30 14:54 -------- d-----w- c:\documents and settings\Jonas\Programdata\Tibiacast 2011-03-27 15:43 . 2011-03-27 15:43 -------- d-----w- c:\programfiler\TUGBot 2011-03-26 13:43 . 2011-03-26 13:44 -------- d-----w- c:\documents and settings\Jonas\Programdata\DAEMON Tools Lite 2011-03-26 13:43 . 2011-03-26 13:43 -------- d-----w- c:\documents and settings\All Users\Programdata\DAEMON Tools Lite 2011-03-24 19:13 . 2011-04-01 18:45 -------- d-----w- c:\windows\system32\XPSViewer 2011-03-24 19:13 . 2011-03-24 19:13 -------- d-----w- c:\programfiler\Reference Assemblies 2011-03-24 19:13 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll 2011-03-24 19:12 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2011-03-24 19:12 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2011-03-24 19:12 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2011-03-24 19:12 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2011-03-24 19:12 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2011-03-24 19:12 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2011-03-24 19:12 . 2011-03-24 19:13 -------- d-----w- C:\fe62ea6ed3eb58ead04f808e2a37bc 2011-03-24 19:12 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2011-03-24 19:12 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2011-03-24 19:08 . 2011-03-24 19:08 -------- d-----w- c:\windows\system32\xlive 2011-03-24 19:08 . 2011-03-24 19:09 -------- d-----w- c:\programfiler\Microsoft Games for Windows - LIVE 2011-03-24 18:58 . 2011-03-24 18:58 -------- d-----w- c:\programfiler\Capcom 2011-03-22 14:32 . 2011-03-25 22:32 -------- d-----w- c:\documents and settings\Jonas\Programdata\vlc 2011-03-22 14:15 . 2011-03-22 14:15 -------- d-----w- c:\programfiler\VideoLAN 2011-03-20 17:04 . 2011-03-20 17:04 -------- d-----w- c:\programfiler\Microsoft Silverlight 2011-03-19 23:29 . 2011-03-19 23:29 -------- d-----w- c:\documents and settings\Jonas\Lokale innstillinger\Programdata\PCHealth 2011-03-19 18:23 . 2011-03-19 18:23 -------- d-----w- c:\documents and settings\Jonas\Programdata\2K Sports 2011-03-19 18:21 . 2011-03-19 18:21 -------- d--h--w- c:\windows\msdownld.tmp 2011-03-19 17:17 . 2011-03-19 17:17 8192 ----a-w- c:\windows\system32\srvany.exe 2011-03-19 17:17 . 2011-03-19 17:17 -------- d-----w- c:\documents and settings\Administrator 2011-03-19 17:14 . 2011-03-24 19:13 -------- d-----w- c:\programfiler\MSBuild 2011-03-19 17:13 . 2011-03-19 17:13 -------- d-----w- c:\programfiler\Microsoft Sync Framework 2011-03-19 17:13 . 2011-03-19 17:13 -------- d-----w- c:\documents and settings\All Users\Microsoft 2011-03-19 17:11 . 2011-03-19 17:11 -------- d-----w- c:\programfiler\Microsoft Analysis Services 2011-03-19 17:11 . 2011-03-19 17:14 -------- d-----w- c:\windows\SHELLNEW 2011-03-19 17:11 . 2011-03-19 17:11 -------- d-----w- c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Microsoft Help 2011-03-19 17:11 . 2011-03-19 23:25 -------- d-----w- c:\documents and settings\All Users\Programdata\Microsoft Help 2011-03-19 17:10 . 2011-03-19 17:10 -------- d-----r- C:\MSOCache 2011-03-19 16:57 . 2011-03-19 16:57 -------- d-----w- c:\documents and settings\Jonas\Lokale innstillinger\Programdata\ESET 2011-03-19 16:16 . 2008-04-14 16:22 26624 ----a-w- c:\documents and settings\LocalService\Programdata\Microsoft\UPnP Device Host\upnphost\udhisapi.dll 2011-03-19 16:15 . 2011-03-19 16:15 -------- d-----w- c:\programfiler\Windows Media Connect 2 2011-03-19 16:14 . 2011-03-19 16:15 -------- d-----w- c:\windows\system32\drivers\UMDF 2011-03-19 16:14 . 2011-03-19 16:14 -------- d-----w- c:\windows\system32\LogFiles 2011-03-19 16:03 . 2011-03-19 16:03 -------- d-----w- c:\programfiler\SopCast 2011-03-19 15:54 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2011-03-19 15:54 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll 2011-03-18 22:48 . 2011-03-29 16:09 -------- d-----w- c:\documents and settings\All Users\Programdata\regid.1986-12.com.adobe 2011-03-18 22:20 . 2011-03-19 23:29 -------- d-----w- c:\documents and settings\Jonas\Contacts 2011-03-18 22:19 . 2011-03-18 22:19 -------- dc----w- c:\windows\system32\DRVSTORE 2011-03-18 22:19 . 2011-03-18 22:19 -------- d-----w- c:\documents and settings\All Users\Programdata\WindowsLiveInstaller 2011-03-18 22:18 . 2011-03-18 22:19 -------- d-----w- c:\programfiler\Windows Live 2011-03-18 22:18 . 2011-03-18 22:18 -------- d-----w- c:\documents and settings\All Users\Programdata\WLInstaller 2011-03-18 21:52 . 2011-03-18 21:52 -------- d-----w- c:\programfiler\Adobe Media Player 2011-03-18 21:50 . 2011-03-18 21:50 -------- d-----w- c:\programfiler\Fellesfiler\Adobe AIR 2011-03-18 21:48 . 2011-03-24 18:21 -------- d-----w- c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Adobe 2011-03-18 20:44 . 2011-03-18 20:44 -------- d-----w- c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Sports Interactive 2011-03-18 20:27 . 2011-03-18 20:27 -------- d--h--w- c:\programfiler\Zero G Registry 2011-03-18 20:27 . 2011-03-18 20:27 -------- d-----w- c:\programfiler\Sports Interactive 2011-03-18 20:27 . 2011-03-18 20:27 -------- d--h--w- c:\documents and settings\Jonas\InstallAnywhere 2011-03-18 20:27 . 2011-03-18 20:27 -------- d-----w- c:\documents and settings\Jonas\Programdata\Sports Interactive 2011-03-18 20:24 . 2011-03-18 20:24 -------- d-----w- c:\programfiler\Fellesfiler\Java 2011-03-18 20:22 . 2011-03-18 20:22 -------- d-----w- c:\documents and settings\All Users\Programdata\McAfee 2011-03-18 20:11 . 2011-03-18 20:11 -------- d-----w- c:\programfiler\PowerISO 2011-03-17 14:13 . 2011-04-01 15:20 -------- d-----w- c:\documents and settings\Jonas\Programdata\Dropbox 2011-03-13 15:36 . 2011-03-19 16:13 -------- d-----w- C:\FM Genie Scout 11 . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-02-23 13:54 . 2011-04-01 15:32 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-02-09 13:53 . 2007-10-29 12:00 270848 ----a-w- c:\windows\system32\sbe.dll 2011-02-09 13:53 . 2007-10-29 12:00 186880 ----a-w- c:\windows\system32\encdec.dll 2011-02-02 20:40 . 2010-12-27 18:57 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-02 18:19 . 2010-12-27 18:57 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-02-02 07:58 . 2010-12-27 17:44 2067456 ----a-w- c:\windows\system32\mstscax.dll 2011-01-27 11:57 . 2010-12-27 17:44 677888 ----a-w- c:\windows\system32\mstsc.exe 2011-01-21 14:44 . 2007-10-29 12:00 439296 ----a-w- c:\windows\system32\shimgvw.dll 2011-01-07 14:09 . 2007-10-29 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll . . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-02-23 14:04 122512 ----a-w- c:\programfiler\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-16 13851752] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2007-05-17 12:11 5729136 ----a-w- c:\programfiler\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2010-12-27 19:24 1242448 ----a-w- c:\programfiler\Steam\steam.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-10-29 13:49 249064 ----a-w- c:\programfiler\Fellesfiler\Java\Java Update\jusched.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\uTorrent\\uTorrent.exe"= "c:\\Programfiler\\Steam\\Steam.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\Programfiler\\Ventrilo\\Ventrilo.exe"= "c:\\Programfiler\\mIRC\\mirc.exe"= "c:\\Programfiler\\Sports Interactive\\Football Manager 2011 Russian\\fm.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= "c:\\Programfiler\\SopCast\\adv\\SopAdver.exe"= "c:\\Programfiler\\SopCast\\SopCast.exe"= "c:\\Programfiler\\Microsoft Office\\Office14\\GROOVE.EXE"= "c:\\Programfiler\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Programfiler\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Programfiler\\Capcom\\Dead Rising 2\\deadrising2.exe"= . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [01.04.2011 17:32 371544] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [01.04.2011 17:32 301528] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [01.04.2011 17:32 19544] S3 CM1083264;C-Media CM108 Like Sound UDAX Interface;c:\windows\system32\drivers\CM108.sys [27.12.2010 21:35 1294336] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\programfiler\Microsoft Office\Office14\GROOVE.EXE [21.01.2010 18:51 30963576] S3 osppsvc;Office Software Protection Platform;c:\programfiler\Fellesfiler\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09.01.2010 21:37 4640000] S4 KMService;KMService;c:\windows\system32\srvany.exe [19.03.2011 19:17 8192] . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2011-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1972579041-839522115-1003Core.job - c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe [2010-12-27 18:24] . 2011-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-1972579041-839522115-1003UA.job - c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe [2010-12-27 18:24] . . ------- Tilleggsskanning ------- . Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\programfiler\Fellesfiler\Microsoft Shared\OFFICE14\MSOXMLMF.DLL . - - - - TOMME PEKERE FJERNET - - - - . MSConfigStartUp-AdobeCS5ServiceManager - c:\programfiler\Fellesfiler\Adobe\CS5ServiceManager\CS5ServiceManager.exe MSConfigStartUp-DAEMON Tools Lite - c:\programfiler\DAEMON Tools Lite\DTLite.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-04-01 21:45 Windows 5.1.2600 Service Pack 3 NTFS . skanner skjulte prosesser ... . skanner skjulte autostart-oppføringer ... . skanner skjulte filer ... . . C:\## aswSnx private storage . skanning vellykket skjulte filer: 1 . ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_USERS\S-1-5-21-1078081533-1972579041-839522115-1003\Software\G*e*n*i*e*"!\FM Genie Scout 11] "GameDir"="c:\\FM Genie Scout 11\\games" "ShortlistDir"="c:\\FM Genie Scout 11\\shortlists" "FMPath"="c:\\Programfiler\\Sports Interactive\\Football Manager 2011 Russian" "ScreenshotsDir"="c:\\FM Genie Scout 11" "SaveDir"="c:\\FM Genie Scout 11\\" "HistoryDir"="c:\\FM Genie Scout 11\\History Points" "LangDB"="c:\\FM Genie Scout 11\\lang_db.dat" "LastSaveGame"="c:\\Documents and Settings\\Jonas\\Mine dokumenter\\Sports Interactive\\Football Manager 2011\\games\\gunnawinevr.fm" "Language"="English" "LoadLangDB"=dword:00000001 "CompressHistoryPoints"=dword:00000000 "HighlightedAttributes"=dword:00000000 "MinCondition"=dword:00000050 "GraphStep"=dword:00000000 "SkinName"="PSV Eindhoven" "LastUpdateCheck"=dword:00009eb2 "HighQualityGUI"=dword:00000001 "AutomaticallyUpdateCheck"=dword:00000001 "AdvancedGeneration"=dword:00000000 "TranslateStaffSkills"=dword:00000001 "TranslatePlayerSkills"=dword:00000001 "TranslatePositions"=dword:00000001 "ShowHistory"=dword:00000001 "Version"=dword:00000080 "UniqueID"="34-A800-EDAF" "UseProxy"=dword:00000000 "ProxyHost"="" "ProxyPort"="" "UseAuthentication"=dword:00000000 "UserName"="" "UserPassword"="" "PlayerSearchFeatureNum"=dword:00000009 "StaffSearchFeatureNum"=dword:00000000 "ClubSearchFeatureNum"=dword:00000000 "FilterByClubFeatureNum"=dword:00000000 "CompareFeatureNum"=dword:00000000 "ShortlistFeatureNum"=dword:00000000 "ExportFeatureNum"=dword:00000000 "HistoryFeatureNum"=dword:00000000 "LanguageDBFeatureNum"=dword:0000000a "HintsFeatureNum"=dword:00000001 "GenieReportFeatureNum"=dword:00000008 "TopFormationFeatureNum"=dword:00000000 "ScreenshotFeatureNum"=dword:00000000 "Currency"=dword:00000056 . [HKEY_USERS\S-1-5-21-1078081533-1972579041-839522115-1003\Software\G*e*n*i*e*"!\FM Genie Scout 11g] "PicturesNumber"=dword:00000000 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- . - - - - - - - > 'explorer.exe'(3452) c:\progra~1\FELLES~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~3\Office14\1033\GrooveIntlResource.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\system32\nvsvc32.exe c:\programfiler\AVAST Software\Avast\AvastSvc.exe c:\programfiler\Java\jre6\bin\jqs.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.1.0.0_2\plugin\ClickClean.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe c:\documents and settings\Jonas\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe . ************************************************************************** . Tidspunkt ferdig: 2011-04-01 21:50:54 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2011-04-01 19:50 . Pre-Run: 712 749 572 096 byte ledig Post-Run: 712 689 999 872 byte ledig . - - End Of File - - 53E3540DADAA08DB6452B5EAFBCD2018 Lenke til kommentar
norbat Skrevet 1. april 2011 Del Skrevet 1. april 2011 (endret) Loggfila til combofix ligger vanligvis rett under c: , evt. ta et søk etter comobfix.txt Der var visst loggen, ja Fortsatt problemer med shutdown? Ang. ikoner: Høyreklikk på skrivebordet->Egenskaper->Skrivebord->Tilpass skrivebord...->Web Fjern avmerkingen under Web-sider Endret 1. april 2011 av norbat Lenke til kommentar
ERROLOL Skrevet 1. april 2011 Forfatter Del Skrevet 1. april 2011 Loggfila til combofix ligger vanligvis rett under c: , evt. ta et søk etter comobfix.txt Nettopp lastet den opp :-) her er hijackthislog forresten; http://pastebin.com/2qwnKS7a Lenke til kommentar
ERROLOL Skrevet 1. april 2011 Forfatter Del Skrevet 1. april 2011 Se innlegget over Fikset ikonene, men vet ikke om shutdown :/ Får vel vente til 16:50 i morgem....... Lenke til kommentar
norbat Skrevet 1. april 2011 Del Skrevet 1. april 2011 Du kan prøve å stille klokka på pc'n til 16.48, vent 2 min. og se hva som skjer. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå