Gertab Skrevet 21. januar 2008 Del Skrevet 21. januar 2008 Heisann! Min bedre halvdel fikk trykket på denne linken i msn og den har nå lagt seg som en com fil på skrivebordet. Har prøvd og slette/flytte/rename den men får beskjed om jeg må ha tillatelse for og gjøre dette. Tror ikke maskinen har fått noe virus men skulle gjerne blitt kvitt denne fra skrivebordet. Noen som kan hjelpe? Takker og bukker Lenke til kommentar
norbat Skrevet 21. januar 2008 Del Skrevet 21. januar 2008 Last ned Hijackthis. Legg det i en egen mappe på skrivebordet. Start programmet, velg "Do a system scan and save a logfile". Loggfilen kopierer du og poster. Lenke til kommentar
Gertab Skrevet 21. januar 2008 Forfatter Del Skrevet 21. januar 2008 (endret) Her er loggfilen....Prøvde Combofix men det hjalp ikke, den slettet noe i forbindelse med windows mediaplayer. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:15:06, on 21.01.2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Canal Digital Sikkerhetspakken\Common\FSM32.EXE C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Canal Digital Sikkerhetspakken\FSGUI\fsguidll.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\conime.exe C:\Windows\explorer.exe C:\Windows\system32\cmd.exe C:\Users\Gert\Desktop\MSNFix\MSNFix\incl\swreg.exe C:\Users\Gert\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tb.no R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Canal Digital Sikkerhetspakken\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Canal Digital Sikkerhetspakken\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: HP Smart valgmetode - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O13 - Gopher Prefix: O23 - Service: AddFiltr - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Canal Digital Sikkerhetspakken\Anti-Virus\fsgk32st.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Canal Digital Sikkerhetspakken\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Canal Digital Sikkerhetspakken\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Canal Digital Sikkerhetspakken\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 5652 bytes Endret 21. januar 2008 av Gertab Lenke til kommentar
norbat Skrevet 21. januar 2008 Del Skrevet 21. januar 2008 (endret) Kunne du ha postet combofix-loggen? Ang. fila: Du kan muligens forsøke Unlocker: http://ccollomb.free.fr/unlocker/ Endret 21. januar 2008 av norbat Lenke til kommentar
Gertab Skrevet 21. januar 2008 Forfatter Del Skrevet 21. januar 2008 (endret) Her er loggen fra combofix, takk for at du tar deg tid til dette Edit: Kjørte også MSNfix, men dette fant ikke unormalt Edit2: Unlocker fjernet fila, takk for tipset! ComboFix 08-01-20.1 - Gert 2008-01-21 13:54:14.1 - NTFSx86 Running from: C:\Users\Gert\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Users\Gert\AppData\Roaming\macromedia\Flash Player\#SharedObjects\H4YJJXAT\www.broadcaster.com C:\Users\Gert\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com C:\Users\Gert\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol C:\Windows\system32\x64 . ((((((((((((((((((((((((( Files Created from 2007-12-21 to 2008-01-21 ))))))))))))))))))))))))))))))) . 2008-01-21 13:51 . 2000-08-31 08:00 51,200 --a------ C:\Windows\NirCmd.exe 2008-01-17 02:19 . 2008-01-17 02:19 <DIR> d-------- C:\Program Files\Windows Installer Clean Up 2008-01-17 02:18 . 2008-01-17 02:18 <DIR> d-------- C:\Program Files\MSECACHE 2008-01-17 02:00 . 2008-01-17 02:26 <DIR> d-------- C:\Users\Gert\AppData\Roaming\Wyzo 2008-01-17 01:56 . 2008-01-17 01:56 <DIR> d-------- C:\Program Files\Bonjour 2008-01-17 01:42 . 2008-01-17 01:42 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared 2008-01-17 00:52 . 2008-01-17 00:52 <DIR> d--h----- C:\Windows\PIF 2008-01-15 11:00 . 2008-01-15 11:00 54,156 --ah----- C:\Windows\QTFont.qfn 2008-01-15 11:00 . 2008-01-15 11:00 1,409 --a------ C:\Windows\QTFont.for 2008-01-09 00:48 . 2008-01-09 00:50 <DIR> d-------- C:\Users\All Users\Minefoto.no 2008-01-09 00:48 . 2008-01-09 00:50 <DIR> d-------- C:\ProgramData\Minefoto.no 2008-01-09 00:47 . 2008-01-09 00:48 <DIR> d-------- C:\Program Files\Minefoto.no 2008-01-09 00:44 . 2008-01-09 00:44 <DIR> d-------- C:\Windows\System32\URTTEMP 2007-12-27 13:43 . 2007-12-27 13:43 <DIR> d--hs---- C:\Windows\ftpcache 2007-12-27 13:43 . 2007-12-27 13:43 <DIR> d-------- C:\Windows\Downloaded Installations 2007-12-23 01:38 . 2006-09-05 20:28 38,480 --------- C:\Windows\System32\IJRMF.exe 2007-12-23 01:36 . 2007-12-24 01:57 <DIR> d-------- C:\Windows\System32\XPSViewer 2007-12-23 01:36 . 2007-12-23 01:36 <DIR> d-------- C:\Program Files\Reference Assemblies 2007-12-23 01:36 . 2007-12-23 01:36 <DIR> d-------- C:\Program Files\MSBuild 2007-12-22 23:48 . 2007-12-22 22:51 152,576 --a------ C:\Windows\System32\SPWizUI.dll 2007-12-22 23:48 . 2007-12-22 22:51 36,864 --a------ C:\Windows\System32\SPReview.exe 2007-12-22 22:54 . 2007-11-30 04:07 44,032 --a------ C:\Windows\System32\cbsra.exe 2007-12-22 22:51 . 2007-12-22 23:50 65,536 --a------ C:\Windows\SPInstall.etl 2007-12-22 22:07 . 2007-12-22 22:07 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-12-22 21:23 . 2007-10-18 08:55 176,128 --a------ C:\Windows\System32\igfxres.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-17 01:59 --------- d-----w C:\Program Files\Common Files\Adobe 2007-12-27 13:25 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-23 00:40 --------- d-----w C:\Program Files\Canon 2007-12-22 21:12 3,616 ----a-w C:\Users\Gert\AppData\Roaming\wklnhst.dat 2007-12-12 21:11 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL 2007-12-12 21:11 223,232 ----a-w C:\Windows\System32\WMASF.DLL 2007-12-12 21:11 1,327,104 ----a-w C:\Windows\System32\quartz.dll 2007-12-12 21:09 824,832 ----a-w C:\Windows\System32\wininet.dll 2007-12-12 21:09 56,320 ----a-w C:\Windows\System32\iesetup.dll 2007-12-12 21:09 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2007-12-12 21:09 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2007-12-12 21:08 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys 2007-12-12 21:08 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys 2007-12-12 21:08 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys 2007-12-12 21:08 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys 2007-12-12 21:06 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe 2007-12-12 21:06 3,470,520 ----a-w C:\Windows\System32\ntoskrnl.exe 2007-11-28 09:36 --------- d-----w C:\ProgramData\HP 2007-11-28 09:36 --------- d-----w C:\Program Files\HP 2007-11-22 21:40 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr 2007-11-22 21:40 67,584 ----a-w C:\Windows\System32\wlanhlp.dll 2007-11-22 21:40 542,720 ----a-w C:\Windows\System32\sysmain.dll 2007-11-22 21:40 502,784 ----a-w C:\Windows\System32\wlansvc.dll 2007-11-22 21:40 47,104 ----a-w C:\Windows\System32\wlanapi.dll 2007-11-22 21:40 297,984 ----a-w C:\Windows\System32\wlansec.dll 2007-11-22 21:40 290,816 ----a-w C:\Windows\System32\wlanmsm.dll 2007-11-22 21:40 28,344 ----a-w C:\Windows\system32\drivers\battc.sys 2007-11-22 21:40 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys 2007-11-22 21:40 24,064 ----a-w C:\Windows\System32\wtsapi32.dll 2007-11-22 21:40 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys 2007-11-22 21:40 2,923,520 ----a-w C:\Windows\explorer.exe 2007-11-22 21:40 2,027,008 ----a-w C:\Windows\System32\win32k.sys 2007-11-22 21:40 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys 2007-11-22 21:40 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys 2007-11-22 21:39 8,704 ----a-w C:\Windows\System32\hcrstco.dll 2007-11-22 21:39 8,704 ----a-w C:\Windows\System32\hccoin.dll 2007-11-22 21:39 73,216 ----a-w C:\Windows\system32\drivers\usbccgp.sys 2007-11-22 21:39 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys 2007-11-22 21:39 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys 2007-11-22 21:39 23,040 ----a-w C:\Windows\system32\drivers\usbuhci.sys 2007-11-22 21:39 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys 2007-11-22 21:39 192,000 ----a-w C:\Windows\system32\drivers\usbhub.sys 2007-11-22 21:39 --------- d-----w C:\Program Files\Windows Mail 2007-08-30 15:09 174 --sha-w C:\Program Files\desktop.ini 2007-03-25 14:56 22 --sha-w C:\Windows\SMINST\HPCD.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] 2007-11-06 01:50 542016 --a------ C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-03-24 02:27 5674352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-04-11 22:10 1006264] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 02:50 1021224] "hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2006-10-18 09:32 472800] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 56080 C:\Windows\KHALMNPR.Exe] "F-Secure Manager"="C:\Program Files\Canal Digital Sikkerhetspakken\Common\FSM32.exe" [2007-04-26 18:12 183208] "F-Secure TNB"="C:\Program Files\Canal Digital Sikkerhetspakken\FSGUI\TNBUtil.exe" [2007-04-26 18:10 740208] "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-10-18 09:19 141848] "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-10-18 09:18 166424] "Persistence"="C:\Windows\system32\igfxpers.exe" [2007-10-18 09:18 133656] "SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 02:29 102400] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-28 13:17:56 692224] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe "IgfxTray"=C:\Windows\system32\igfxtray.exe "Persistence"=C:\Windows\system32\igfxpers.exe "WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe "Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon R1 F-Secure HIPS;F-Secure HIPS;C:\Program Files\Canal Digital Sikkerhetspakken\HIPS\fshs.sys [2007-04-26 18:11] R1 FSES;F-Secure Email Scanning Driver;C:\Windows\system32\drivers\fses.sys [2007-04-26 18:08] R1 FSFW;F-Secure Firewall Driver;C:\Windows\system32\drivers\fsdfw.sys [2006-12-19 09:33] R1 fsvista;F-Secure Vista Support Driver;C:\Program Files\Canal Digital Sikkerhetspakken\Anti-Virus\minifilter\fsvista.sys [2007-04-26 18:07] R2 NetPipeActivator;Net.Pipe-lytteadapter;"C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [2006-11-02 13:34] R2 NetTcpActivator;Net.Tcp-lytteadapter;"C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [2006-11-02 13:34] R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2006-11-02 10:45] R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-07-10 05:27] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\Canal Digital Sikkerhetspakken\Anti-Virus\minifilter\fsgk.sys [2007-04-26 18:07] R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-10-18 09:05] R3 WAS;Windows Process Activation Service;C:\Windows\system32\svchost.exe [2006-11-02 10:45] S2 NetMsmqActivator;Net.Msmq-lytteadapter;"C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [2006-11-02 13:34] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver;C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 14:43] S3 NETw3v32;Intel® PRO/Wireless 3945ABG kortdriver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-09 10:02] S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files\Canal Digital Sikkerhetspakken\Anti-Virus\Win2K\FSfilter.sys [2007-04-26 18:08] S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\Canal Digital Sikkerhetspakken\Anti-Virus\Win2K\FSrec.sys [2007-04-26 18:08] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalService REG_MULTI_SZ nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient LocalSystemNetworkRestricted REG_MULTI_SZ hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc iissvcs REG_MULTI_SZ w3svc was HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp *Newly Created Service* - PROCEXP90 . Contents of the 'Scheduled Tasks' folder "2007-03-24 02:29:32 C:\Windows\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-21 14:03:04 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-01-21 14:04:24 ComboFix-quarantined-files.txt 2008-01-21 13:04:20 . 2008-01-04 13:33:34 --- E O F --- Endret 21. januar 2008 av Gertab Lenke til kommentar
norbat Skrevet 21. januar 2008 Del Skrevet 21. januar 2008 (endret) Loggen ser fin ut. Ingen ting der som tilsier at du er infisert med noe. Prøv Unlocker og se om du får has på den filen på skrivebordet. Endret 21. januar 2008 av norbat Lenke til kommentar
Gertab Skrevet 21. januar 2008 Forfatter Del Skrevet 21. januar 2008 Kjempebra, tusen takk for hjelp! Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå