Gå til innhold

» Data » IKT-drift og sikkerhet

Virus på pcen?

kendo

Av kendo
12. mai 2011 i IKT-drift og sikkerhet

Anbefalte innlegg

kendo

kendo

Skrevet 12. mai 2011

- Del

Skrevet 12. mai 2011

Har en laptop der noe merkelig har begynt å skje. Et problem jeg har opplevd de siste ukene er at harddisken varierer i antall gB ledig lagringsplass uten at jeg verken har installert/lastet ned eller slettet noe som helst av data. Trodde først at dette var bare meg som hadde sett feil, men i dag tidlig så jeg at ledig plass på harddisken var 800 mb, og en halv time senere 5,4 gb. Kan dette være en harddisk eller noe annet med pcen som begynner å ta kvelden? Eller kan det være et virus av et slag? Kjører microsoft security essentials. Kan legge til at jeg har windows vista, og kjører SP 1, ikke SP 2 om det har noe å si. Av en eller annen grunn forårsaker MSE at pcen får bluescreenanfall når SP 2 installeres. Noe annet jeg kan legge til er at når jeg surfer på nettet med firefox og skriver inn en adresse ok klikker enter, havner jeg inn på en side som jeg tidligere har vært inne på, dette skjer og når jeg har trykket på bokmerker. Skjer flere ganger om dagen. Om dette kan være virusrelatert, aner jeg ikke. Takker for alle svar.

Lenke til kommentar

Videoannonse

Annonse

PerB

PerB

Skrevet 12. mai 2011

- Del

Skrevet 12. mai 2011

Øverst i delforumet ligger det en sticky som forklarer hva du skal gjøre for at noen skal ha sjangse til å hjelpe deg.

Lenke til kommentar

kendo

kendo

Skrevet 12. mai 2011

Forfatter

- Del

Skrevet 12. mai 2011 (endret)

Beklager det Her er loggene etter å ha kjørt MBAM og ComboFix:

MBAM:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Databaseversjon: 6559

Windows 6.0.6001 Service Pack 1

Internet Explorer 8.0.6001.19048

12.05.2011 07:58:02

mbam-log-2011-05-12 (07-58-02).txt

Skanntype: Hurtigsøk

Objekter skannet: 176425

Tid tilbakelagt: 4 minutt(er), 31 sekund(er)

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 0

Registerverdier infisert: 0

Registerfiler infisert: 0

Mapper infisert: 0

Filer infisert 0

Minneprosesser infisert:

(Ingen skadelige objekter funnet)

Minnemoduler infisert:

(Ingen skadelige objekter funnet)

Registernøkler infisert:

(Ingen skadelige objekter funnet)

Registerverdier infisert:

(Ingen skadelige objekter funnet)

Registerfiler infisert:

(Ingen skadelige objekter funnet)

Mapper infisert:

(Ingen skadelige objekter funnet)

Filer infisert

(Ingen skadelige objekter funnet)

Combofix:

ComboFix 11-05-11.02 - Eivind 12.05.2011 8:09.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1044.18.3066.1872 [GMT 2:00]

Kjører fra: c:\users\Eivind\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\Thumbs.db

Q:\AUTORUN.INF

S:\Autorun.inf

.

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2011-04-12 til 2011-05-12 )))))))))))))))))))))))))))))))))

.

.

2011-05-12 05:51 . 2011-05-12 05:51 -------- d-----w- c:\users\Eivind\AppData\Roaming\Malwarebytes

2011-05-12 05:51 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-12 05:51 . 2011-05-12 05:51 -------- d-----w- c:\programdata\Malwarebytes

2011-05-12 05:51 . 2011-05-12 05:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-05-12 05:51 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-11 19:32 . 2011-05-11 19:33 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1686C8F8-7B59-4656-AF99-C7D64C750753}\MpKsla9eb2247.sys

2011-05-11 19:32 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1686C8F8-7B59-4656-AF99-C7D64C750753}\mpengine.dll

2011-05-09 15:58 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll

2011-05-09 15:58 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll

2011-05-09 15:56 . 2011-05-09 15:56 -------- d-----w- c:\program files\Microsoft Works

2011-05-09 15:52 . 2011-05-09 15:52 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2011-05-09 15:50 . 2011-05-09 15:50 -------- d-----r- C:\MSOCache

2011-05-09 12:50 . 2011-05-09 12:50 -------- d-----w- c:\program files\Microsoft Silverlight

2011-04-30 14:02 . 2011-04-30 14:02 -------- d-----w- c:\users\Eivind\AppData\Local\Electronic Arts

2011-04-30 14:02 . 2011-04-30 14:02 -------- d-----w- c:\programdata\Electronic Arts

2011-04-30 14:02 . 2011-04-30 14:02 -------- d-----w- c:\program files\Electronic Arts

2011-04-27 16:32 . 2011-04-27 17:39 -------- d-----w- C:\20edb8a067a22908cc

2011-04-25 18:00 . 2011-04-27 17:43 -------- d-----w- c:\users\UpdatusUser

2011-04-25 16:30 . 2011-04-25 16:30 -------- d-----w- c:\program files\CDisplay

2011-04-25 13:14 . 2011-04-25 13:14 -------- d-----w- c:\program files\iPod

2011-04-25 13:11 . 2011-04-25 13:11 -------- d-----w- c:\program files\Bonjour

2011-04-18 14:31 . 2011-04-18 14:33 -------- d-----w- c:\users\Eivind\AppData\Local\Google

2011-04-18 14:31 . 2011-04-18 14:32 -------- d-----w- c:\program files\Google

2011-04-16 11:35 . 2006-10-18 19:05 232448 ----a-w- c:\windows\system32\mp3fhg.acm

2011-04-16 11:35 . 2011-01-17 20:20 2600448 ----a-w- c:\windows\system32\x264vfw.dll

2011-04-16 11:35 . 2010-12-07 18:40 183808 ----a-w- c:\windows\system32\xvidvfw.dll

2011-04-16 11:35 . 2010-12-07 18:22 810496 ----a-w- c:\windows\system32\xvidcore.dll

2011-04-16 11:35 . 2010-11-03 19:08 237568 ----a-w- c:\windows\system32\yv12vfw.dll

2011-04-16 11:35 . 2010-01-17 16:18 151552 ----a-w- c:\windows\system32\ac3acm.acm

2011-04-16 11:35 . 2002-08-22 05:00 413760 ----a-w- c:\windows\system32\DivXc32f.dll

2011-04-16 11:35 . 2002-08-01 10:03 413760 ----a-w- c:\windows\system32\DivXc32.dll

2011-04-16 11:35 . 2011-02-28 08:00 80896 ----a-w- c:\windows\system32\ff_vfw.dll

2011-04-16 11:35 . 2011-04-16 11:35 -------- d-----w- c:\program files\K-Lite Codec Pack

2011-04-15 22:36 . 2010-04-14 17:46 80896 ----a-w- c:\windows\system32\MSNP.ax

2011-04-15 22:36 . 2010-04-14 17:47 293376 ----a-w- c:\windows\system32\psisdecd.dll

2011-04-15 22:36 . 2010-04-14 17:47 217088 ----a-w- c:\windows\system32\psisrndr.ax

2011-04-15 22:28 . 2011-03-10 16:12 1136640 ----a-w- c:\windows\system32\mfc42.dll

2011-04-15 22:28 . 2011-03-10 16:12 1161728 ----a-w- c:\windows\system32\mfc42u.dll

2011-04-15 22:28 . 2011-02-18 13:31 304640 ----a-w- c:\windows\system32\drivers\srv.sys

2011-04-15 22:28 . 2011-02-18 13:31 146432 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-04-15 22:28 . 2011-02-18 13:31 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-04-15 22:28 . 2011-02-16 13:24 292864 ----a-w- c:\windows\system32\atmfd.dll

2011-04-15 22:28 . 2011-02-16 15:29 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-04-15 22:28 . 2011-03-03 15:00 738816 ----a-w- c:\windows\system32\inetcomm.dll

2011-04-15 22:28 . 2011-03-03 12:53 2040832 ----a-w- c:\windows\system32\win32k.sys

2011-04-15 22:27 . 2011-02-17 06:23 420864 ----a-w- c:\windows\system32\vbscript.dll

2011-04-15 21:12 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll

2011-04-15 21:12 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll

2011-04-15 21:11 . 2011-04-15 23:07 -------- d-----w- c:\program files\Winamp

2011-04-15 20:56 . 2011-04-15 20:56 -------- d-----w- c:\windows\system32\QuickTime

2011-04-15 20:52 . 2011-04-15 20:52 -------- d-----w- c:\program files\LightningWare

2011-04-15 20:49 . 2011-04-15 20:49 -------- d-----w- c:\users\Eivind\AppData\Roaming\DivX

2011-04-15 20:49 . 2011-04-15 21:11 -------- d-----w- c:\program files\Common Files\PX Storage Engine

2011-04-15 20:47 . 2011-04-15 23:10 -------- d-----w- c:\program files\DivX

2011-04-15 20:46 . 2011-04-15 23:10 -------- d-----w- c:\programdata\DivX

2011-04-15 20:07 . 2011-04-27 17:42 -------- d-----w- c:\users\Mcx1

2011-04-15 20:06 . 2011-04-15 20:06 614152 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-11 07:04 . 2011-04-04 05:38 7071056 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-04-08 05:14 . 2011-04-25 17:57 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd

2011-04-08 05:14 . 2009-01-24 11:13 2034280 ----a-w- c:\windows\system32\nvapi.dll

2011-04-08 05:14 . 2009-01-24 11:13 10071656 ----a-w- c:\windows\system32\nvd3dum.dll

2011-04-07 20:43 . 2011-04-07 20:43 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll

2011-04-07 20:43 . 2011-04-07 20:43 612456 ----a-w- c:\windows\system32\nvvsvc.exe

2011-04-07 20:43 . 2011-04-07 20:43 311912 ----a-w- c:\windows\system32\oemdspif.dll

2011-04-07 20:43 . 2011-04-07 20:43 2582120 ----a-w- c:\windows\system32\nvsvcr.dll

2011-04-07 20:43 . 2011-04-07 20:43 111208 ----a-w- c:\windows\system32\nvmctray.dll

2011-04-07 20:43 . 2011-04-07 20:43 3701352 ----a-w- c:\windows\system32\nvcpl.dll

2011-04-07 20:43 . 2011-04-07 20:43 2565224 ----a-w- c:\windows\system32\nvsvc.dll

2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll

2011-04-06 14:20 . 2011-04-06 14:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll

2011-04-06 14:20 . 2011-04-06 14:20 197920 ----a-w- c:\windows\system32\dnssdX.dll

2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe

2011-04-04 16:40 . 2011-04-04 16:40 234768 ----a-w- c:\windows\system32\PnkBstrB.xtr

2011-04-04 16:36 . 2011-04-04 16:36 138056 ----a-w- c:\users\Eivind\AppData\Roaming\PnkBstrK.sys

2011-04-03 18:45 . 2011-04-03 18:45 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-03-14 05:53 . 2011-04-10 20:48 350248 ----a-w- c:\windows\system32\drivers\b57nd60x.sys

2011-03-04 19:44 . 2009-01-24 11:30 133616 ------w- c:\windows\system32\pxafs.dll

2011-02-23 14:52 . 2011-04-03 18:33 16184 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys

2011-02-23 14:52 . 2011-04-03 18:33 29520 ----a-w- c:\windows\system32\SmartDefragBootTime.exe

2011-02-18 14:36 . 2011-02-18 14:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2011-02-18 14:36 . 2011-02-18 14:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll

2011-04-30 08:07 . 2011-04-03 15:53 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

"SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-07-21 198864]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PMHandler"="c:\progra~1\Lenovo\PMDRIV~1\PMHandler.exe" [2007-10-13 34352]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]

"TPWAUDAP"="c:\program files\Lenovo\HOTKEY\TpWAudAp.exe" [2008-03-11 54560]

"LPManager"="c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe" [2007-04-26 120368]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-14 421160]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

backup=c:\windows\pss\Bluetooth.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-11-15 19:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]

2011-03-23 10:21 9226664 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-04-14 09:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 15:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]

2008-07-21 03:19 2701880 ----a-w- c:\program files\CONEXANT\SmartAudio\SmAudio.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]

2008-05-25 00:49 487424 ----a-w- c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-376928280-1081398532-2344679971-1003]

"EnableNotificationsRef"=dword:00000001

.

R1 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-05-24 48192]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Googles oppdateringstjeneste (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-18 136176]

R2 TVT_UpdateMonitor;TVT Windows Update Monitor;c:\program files\Lenovo\Rescue and Recovery\UpdateMonitor.exe [2008-05-24 253952]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-31 29736]

R3 gupdatem;Google-oppdatering-tjenesten (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-04-18 136176]

R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]

R3 vm331avs;Lenovo EasyCamera;c:\windows\system32\Drivers\vm331avs.sys [x]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 16184]

S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]

S1 MpKsla9eb2247;MpKsla9eb2247;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1686C8F8-7B59-4656-AF99-C7D64C750753}\MpKsla9eb2247.sys [2011-05-11 28752]

S2 FNF5SVC;Fn+F5 Service;c:\program files\LENOVO\HOTKEY\FNF5SVC.exe [2008-03-14 54560]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]

S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2008-08-08 53325]

S2 TVT Backup Protection Service;TVT Backup Protection Service;c:\program files\Lenovo\Rescue and Recovery\rrpservice.exe [2008-05-25 520192]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2011-03-14 350248]

S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-12-13 144472]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]

S3 NETwNv32;___ Intel® Wireless WiFi Link 5000-serien kortdriver for Windows Vista 32-bit;c:\windows\system32\DRIVERS\NETwNv32.sys [2011-01-19 6923264]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-03-03 139368]

S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2008-02-22 37312]

.

.

--- Andre tjenester/drivere lastet i minnet ---

.

*NewlyCreated* - CPUZ135

*NewlyCreated* - MPKSL694EC49F

*NewlyCreated* - MPKSL93AD5ED3

*NewlyCreated* - MPKSLA9EB2247

*Deregistered* - cpuz135

*Deregistered* - MpKsl694ec49f

*Deregistered* - MpKsl93ad5ed3

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

.

2011-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-18 14:31]

.

2011-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-18 14:31]

.

.

------- Tilleggsskanning -------

.

uStart Page = hxxp://lenovo.live.com

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Send bilde til &Bluetooth-enhet... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send side til &Bluetooth-enhet... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm

FF - ProfilePath - c:\users\Eivind\AppData\Roaming\Mozilla\Firefox\Profiles\pw1wc402.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.startsiden.no/

.

- - - - TOMME PEKERE FJERNET - - - -

.

MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-05-12 08:18

Windows 6.0.6001 Service Pack 1 NTFS

.

skanner skjulte prosesser ...

.

skanner skjulte autostart-oppføringer ...

.

skanner skjulte filer ...

.

skanning vellykket

skjulte filer: 0

.

**************************************************************************

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Tidspunkt ferdig: 2011-05-12 08:20:53

ComboFix-quarantined-files.txt 2011-05-12 06:20

.

Pre-Run: 5 702 750 208 byte ledig

Post-Run: 5 642 002 432 byte ledig

.

- - End Of File - - FAAC0E3F4D1DDC03ACD2EBB8D1769E1B

EDIT: lagt til spoilers

Endret 12. mai 2011 av kendo

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå

Gå til emneliste

Hvem er aktive 0 medlemmer
- Ingen innloggede medlemmer aktive

×

×

Opprett ny...