Agrostar Skrevet 6. juli 2008 Del Skrevet 6. juli 2008 Er usikker på om eg har virus eller ikkje. Trur nok at eg har, så her er loggane. SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 07/06/2008 at 09:07 AM Application Version : 4.15.1000 Core Rules Database Version : 3497 Trace Rules Database Version: 1488 Scan type : Complete Scan Total Scan Time : 00:31:47 Memory items scanned : 539 Memory threats detected : 0 Registry items scanned : 4931 Registry threats detected : 0 File items scanned : 19768 File threats detected : 0 ComboFix 08-07-05.1 - Gisle 2008-07-06 10:51:45.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1174 [GMT 2:00] Running from: C:\Documents and Settings\Gisle\Desktop\Bugfix\ComboFix.exe * Created a new restore point * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-06-06 to 2008-07-06 ))))))))))))))))))))))))))))))) . 2008-06-20 17:54 . 2008-06-20 17:54 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-06-11 06:15 . 2008-06-13 15:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-07 16:13 . 2008-07-05 07:36 244 --ah----- C:\sqmnoopt19.sqm 2008-06-07 16:13 . 2008-07-05 07:36 232 --ah----- C:\sqmdata19.sqm 2008-06-07 16:00 . 2008-07-04 21:30 244 --ah----- C:\sqmnoopt18.sqm 2008-06-07 16:00 . 2008-07-04 21:30 232 --ah----- C:\sqmdata18.sqm 2008-06-07 15:07 . 2008-07-04 19:52 244 --ah----- C:\sqmnoopt17.sqm 2008-06-07 15:07 . 2008-07-04 19:52 232 --ah----- C:\sqmdata17.sqm 2008-06-07 14:45 . 2008-07-04 19:43 244 --ah----- C:\sqmnoopt16.sqm 2008-06-07 14:45 . 2008-07-04 19:43 232 --ah----- C:\sqmdata16.sqm 2008-06-07 13:59 . 2008-07-04 19:40 244 --ah----- C:\sqmnoopt15.sqm 2008-06-07 13:59 . 2008-07-04 19:40 232 --ah----- C:\sqmdata15.sqm 2008-06-07 13:19 . 2008-07-04 08:31 244 --ah----- C:\sqmnoopt14.sqm 2008-06-07 13:19 . 2008-07-04 08:31 232 --ah----- C:\sqmdata14.sqm 2008-06-07 08:17 . 2008-07-04 08:23 244 --ah----- C:\sqmnoopt13.sqm 2008-06-07 08:17 . 2008-07-04 08:23 232 --ah----- C:\sqmdata13.sqm 2008-06-07 08:16 . 2008-07-04 08:12 244 --ah----- C:\sqmnoopt12.sqm 2008-06-07 08:16 . 2008-07-04 08:12 232 --ah----- C:\sqmdata12.sqm 2008-06-06 23:41 . 2008-06-12 07:20 244 --ah----- C:\sqmnoopt11.sqm 2008-06-06 23:41 . 2008-06-12 07:20 232 --ah----- C:\sqmdata11.sqm 2008-06-06 23:32 . 2008-06-11 20:59 244 --ah----- C:\sqmnoopt10.sqm 2008-06-06 23:32 . 2008-06-11 20:59 232 --ah----- C:\sqmdata10.sqm 2008-06-06 17:52 . 2008-06-11 20:49 244 --ah----- C:\sqmnoopt09.sqm 2008-06-06 17:52 . 2008-06-11 20:49 232 --ah----- C:\sqmdata09.sqm 2008-06-06 15:22 . 2008-06-11 15:53 244 --ah----- C:\sqmnoopt08.sqm 2008-06-06 15:22 . 2008-06-11 15:53 232 --ah----- C:\sqmdata08.sqm 2008-06-06 05:57 . 2008-07-06 08:06 244 --ah----- C:\sqmnoopt07.sqm 2008-06-06 05:57 . 2008-07-06 08:06 232 --ah----- C:\sqmdata07.sqm . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-13 13:10 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-05-23 16:21 --------- d-----w C:\Program Files\iServer_Installer 2008-05-23 16:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\iProxyInstaller 2008-05-16 16:03 --------- d-----w C:\Documents and Settings\Gisle\Application Data\BullGuard 2008-05-16 15:30 --------- d-----w C:\Documents and Settings\Gisle\Application Data\vlc 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-07 15:26 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-04-16 19:07 14,152 ----a-w C:\WINDOWS\system32\client_cc.dll 2008-04-13 07:07 17,920 ----a-w C:\Documents and Settings\Gisle\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:56 15360] "BullGuard"="D:\Program\Bullguard\bullguard.exe" [2008-06-29 17:52 308552] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 12:28 139264] "SUPERAntiSpyware"="D:\Program\SAS\SUPERAntiSpyware.exe" [2008-06-12 16:20 1506544] "DAEMON Tools Lite"="D:\Program\Daemon\DAEMON Tools Lite\daemon.exe" [2008-02-14 01:09 486856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BullGuard"="D:\Program\Bullguard\bullguard.exe" [2008-06-29 17:52 308552] "Launch LGDCore"="C:\Program Files\Logitech\G-series Software\LGDCore.exe" [2006-03-06 17:31 1122304] "Launch LCDMon"="C:\Program Files\Logitech\G-series Software\LCDMon.exe" [2006-03-06 17:14 497152] "razer"="C:\Program Files\Razer\Copperhead\razerhid.exe" [2005-10-08 17:27 155648] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648] "LogonStudio"="D:\Program\Logonstudio\LogonStudio\logonstudio.exe" [2002-09-03 19:38 987187] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 02:41 8523776] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 02:41 81920] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "BigDog303"="C:\WINDOWS\VM303_STI.EXE" [2005-06-23 12:13 61440] "Adobe Reader Speed Launcher"="D:\Program\Reader\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "SoundMan"="SOUNDMAN.EXE" [2002-10-16 12:24 47104 C:\WINDOWS\SOUNDMAN.EXE] "nwiz"="nwiz.exe" [2007-12-05 02:41 1626112 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:56 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-02-22 20:27:50 113664] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04 83360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "D:\Program\SAS\SASSEH.DLL" [2008-05-22 20:28 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="C:\\WINDOWS\\system32\\logonuiX.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2007-04-19 14:41 294912 D:\Program\SAS\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.ffds"= ffdshow.ax "msacm.ac3filter"= ac3filter.acm [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BgMainSvc] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "E:\\S.T.A.L.K.E.R\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\XR_3DA.exe"= "E:\\S.T.A.L.K.E.R\\S.T.A.L.K.E.R. - Shadow of Chernobyl\\bin\\dedicated\\XR_3DA.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "E:\\Red Alert 2\\Ra2.exe"= "C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"= R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);C:\WINDOWS\system32\drivers\pe3ah4nc.sys [2007-05-18 21:53] R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);C:\WINDOWS\system32\drivers\ps6ah4nc.sys [2007-05-18 21:52] R2 BdFileSpy;BullGuard File Monitor Driver;C:\WINDOWS\System32\drivers\BdFileSpy.sys [2008-03-30 00:13] R2 BsFileScan;BullGuard File Scan Service;C:\WINDOWS\System32\svchost.exe [2004-08-04 09:56] R2 BsFire;BullGuard Firewall Service;C:\WINDOWS\System32\svchost.exe [2004-08-04 09:56] R3 afw;Agnitum firewall driver;C:\WINDOWS\system32\DRIVERS\afw.sys [2007-11-28 12:42] R3 EverestDriver;Lavalys EVEREST Kernel Driver;D:\Program\Everest\kerneld.wnt [2006-12-15 00:42] R3 Razerlow;Razer Copperhead Driver;C:\WINDOWS\system32\Drivers\Razerlow.sys [2005-08-12 11:11] R3 Reconn;BullGuard Email Monitor;D:\Program\Bullguard\Reconn.sys [2007-10-29 10:08] S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);C:\WINDOWS\system32\pr2ah4nc.exe svc [] S3 BGRaSvc;BGRaSvc;D:\Program\Bullguard\support\bgrasvc.exe [2007-12-20 11:48] S3 PciCon;PciCon;F:\PciCon.sys [] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] BullGuard REG_MULTI_SZ BgMainSvc BsFileScan BsMailProxy BsFire *Newly Created Service* - CATCHME *Newly Created Service* - EVERESTDRIVER . - - - - ORPHANS REMOVED - - - - HKLM-Run-CmPCIaudio - cmicnfg3.cpl ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-07-06 10:53:32 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run BigDog303 = C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)????????????????0?????????@?????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EverestDriver] "ImagePath"="\??\D:\Program\Everest\kerneld.wnt" . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\explorer.exe -> C:\WINDOWS\system32\nview.dll . Completion time: 2008-07-06 10:55:01 ComboFix-quarantined-files.txt 2008-07-06 08:54:51 Pre-Run: 38,301,351,936 bytes free Post-Run: 38,297,317,376 bytes free 148 --- E O F --- 2008-06-20 05:35:22 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:19:14, on 06.07.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe D:\Program\Bullguard\BullGuardUpdate.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Logitech\G-series Software\LGDCore.exe C:\Program Files\Logitech\G-series Software\LCDMon.exe C:\Program Files\Razer\Copperhead\razerhid.exe C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\VM303_STI.EXE C:\WINDOWS\system32\ctfmon.exe D:\Program\Bullguard\bullguard.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe D:\Program\SAS\SUPERAntiSpyware.exe D:\Program\Daemon\DAEMON Tools Lite\daemon.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Razer\Copperhead\razertra.exe C:\Program Files\Razer\Copperhead\razerofa.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\System32\svchost.exe D:\Program\Everest\everest.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe E:\Steam\Steam.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Gisle\Desktop\Bugfix\hjt\afk.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLive.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [bullGuard] "D:\Program\Bullguard\bullguard.exe" -boot O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe" O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [LogonStudio] "D:\Program\Logonstudio\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program\Reader\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bullGuard] "D:\Program\Bullguard\bullguard.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] D:\Program\SAS\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program\Daemon\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O20 - Winlogon Notify: !SASWinLogon - D:\Program\SAS\SASWINLO.dll O23 - Service: BullGuard LiveUpdate (BgLiveSvc) - BullGuard Ltd. - D:\Program\Bullguard\BullGuardUpdate.exe O23 - Service: BGRaSvc - BullGuard - D:\Program\Bullguard\support\bgrasvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe -- End of file - 6504 bytes Lenke til kommentar
r2d290 Skrevet 6. juli 2008 Del Skrevet 6. juli 2008 Jeg ser ikke noe galt. Kan du beskrive problemet litt nermere? Er maskinen treg? kommer det pop-ups osv. ? Lenke til kommentar
Agrostar Skrevet 6. juli 2008 Forfatter Del Skrevet 6. juli 2008 Nei steikje! Har eigentleg ikkje noko problem, men eg var på eit lan med 50 deltakarar og da hadde perioden min på antivirus gått ut, og naboen der fekk opp meldingar i norton heile tida om at det hadde blokka eit virus. Derfor eg antok at eg hadde fått. Men sidan du ikkje ser noko gale så :!: Lenke til kommentar
r2d290 Skrevet 6. juli 2008 Del Skrevet 6. juli 2008 Du får vente litt, og se om noen andre ønsker å si noe. Hvis ikke, kan du gjøre følgende: Combofix må avinstalleres. Gå til Start > Kjør Skriv følgende i boksen: combofix /u PS: legg merke til mellomrommet mellom X og /u Trykk Enter. Denne kommandoen vil: Fjerne følgende:ComboFix og dets tilhørende filer og mapper. VundoFix backups, hvis de eksisterer. The C:\Deckard mappe, hvis den eksisterer The C:_OtMoveIt mappe, hvis den eksisterer [*] Nullstille klokke-instillingene. [*] Skjule filetternavn hvis det er nødvendig. [*] Skjule System/Skjulte filer og mapper hvis det er nødvendig. [*] Nullstille systemgjennoprettingspunkter. Du kan avinstallere HijackThis: Start HijackThis, velg None of the above, just start the program. Så trykker du på Config>>Misc Tools>>Uninstall HijackThis & exit>>Ja/Yes. Programmet er nå avinstallert. Dersom du mener at problemet med maskinen din er løst, kan du endre emnetittelen din, ved å trykke på i førsteposten din, og velge full endring. Øverst der emnetittelen din er, skriver du: [LØST] foran emnetittelen din. Eks: [LØST] Har fått virus på maskinen Dette vil være med på å holde forumet mer oversiktlig for supporterne, samt at nye folk som får samme problemet lettere vil finne en passende tråd å se i. -Surf trygt- Lenke til kommentar
Agrostar Skrevet 6. juli 2008 Forfatter Del Skrevet 6. juli 2008 Eg må vel ikkje avinstallere programma? Kan vel ha dei liggandes til ein annan dag eg får bruk for dei. Lenke til kommentar
r2d290 Skrevet 6. juli 2008 Del Skrevet 6. juli 2008 (endret) SUPERAntiSpyware kan du gjerne beholde. HijackThis kan du til nød også beholde, men combofix får ofte oppdateringer, så viktig å alltid ha nyeste versjon når du går igang med et virus. Dessuten er disse to programmene veldig små, så det tar ikke noe lang tid å laste de ned igjen. edit: det er uansett ikke noen program du har bruk for til vanlig, da du bør ha hjelp fra en ekspert for å bruke disse prog. Endret 6. juli 2008 av r2d290 Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå