Treg pc - virus/Spyware/malware?

el_cash · 23. mars 2009

Driver og går gjennom en pc som er himla treg, men finner i utgangspunktet ikke noe galt. Har kjørt Combofix og tatt ut logg, kan noen hjelpe meg med å gå igjennom den, værsåsnill?

ComboFix 09-03-22.01 - Apekatt 2009-03-23 14:18:52.5 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.2038.1424 [GMT 1:00]

Kjører fra: c:\documents and settings\Apekatt\Skrivebord\ComboFix.exe

AV: Panda Antivirus 2008 *On-access scanning enabled* (Updated)

* Opprettet nytt gjenopprettingspunkt

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

---- Forrige skanning -------

.

c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr0.dat

c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr1.dat

c:\documents and settings\Apekatt\Programdata\020000003a948f2a553C.manifest

c:\documents and settings\Apekatt\Programdata\020000003a948f2a553O.manifest

c:\documents and settings\Apekatt\Programdata\020000003a948f2a553P.manifest

c:\documents and settings\Apekatt\Programdata\020000003a948f2a553S.manifest

c:\windows\system32\1.tmp

c:\windows\system32\GroupPolicy000.dat

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2009-02-23 til 2009-03-23 )))))))))))))))))))))))))))))))))

.

2009-03-16 07:06 . 2009-03-16 07:06 d--hs---- c:\windows\system32\NetworkService32

2009-03-13 13:37 . 2009-03-13 13:37 d-------- c:\documents and settings\Apekatt\Programdata\AntiSpyware Pro

2009-03-12 13:27 . 2009-03-12 13:27 374,272 --ahs---- c:\windows\system32\17F.tmp

2009-03-05 08:14 . 2009-03-05 08:14 d-------- c:\programfiler\Fellesfiler\Wise Installation Wizard

2009-03-03 11:31 . 2009-03-03 11:31 85,669 --a------ c:\windows\system32\8bba63ff-4d69-d44a-1196-c04cac95f5e9.exe

2009-03-03 11:31 . 2009-03-03 11:31 69,158 --a------ c:\windows\system32\rcdkbxyvwotobsvv.dll-uninst.exe

2009-03-03 11:31 . 2009-03-12 10:24 48,253 --a------ c:\windows\system32\smytgiayljdqzjfm.exe

2009-03-02 08:49 . 2008-04-13 20:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys

2009-03-02 08:49 . 2008-04-13 20:45 26,112 --a------ c:\windows\system32\dllcache\usbser.sys

2009-03-02 08:46 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll

2009-03-02 08:46 . 2009-03-02 08:46 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

2009-03-02 08:46 . 2009-03-02 08:46 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf

2009-03-02 08:44 . 2009-03-02 08:44 d-------- c:\documents and settings\All Users\Programdata\Nokia

2009-03-02 08:42 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll

2009-03-02 08:42 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll

2009-03-02 08:42 . 2008-02-01 15:17 138,112 --a------ c:\windows\system32\drivers\nmwcdnsu.sys

2009-03-02 08:42 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys

2009-03-02 08:42 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys

2009-03-02 08:42 . 2008-02-01 15:17 8,320 --a------ c:\windows\system32\drivers\nmwcdnsuc.sys

2009-03-02 08:42 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys

2009-03-02 08:42 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys

2009-03-02 08:40 . 2009-03-02 08:40 24,350,488 --a------ c:\programfiler\NokiaSoftwareUpdaterSetup_en.exe

2009-02-26 12:06 . 2009-02-26 12:06 625,152 --a------ c:\windows\system32\nsf8E.dll

2009-02-26 09:54 . 2009-02-26 09:54 d-------- c:\programfiler\Citrix

2009-02-26 09:54 . 2009-02-26 12:27 98,656 --a------ c:\programfiler\g2m_download.exe

2009-02-23 08:33 . 2009-02-23 08:33 d-------- c:\programfiler\Windows Media Connect 2

2009-02-23 08:31 . 2009-02-23 08:31 d-------- c:\windows\system32\LogFiles

2009-02-23 08:31 . 2009-03-02 08:37 d-------- c:\windows\system32\drivers\UMDF

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-20 06:38 --------- d-----w c:\documents and settings\Apekatt\Programdata\Image Zone Express

2009-03-18 06:58 --------- d-----w c:\documents and settings\Apekatt\Programdata\Nokia Multimedia Player

2009-03-18 06:15 --------- d-----w c:\programfiler\Spybot - Search & Destroy

2009-03-17 06:22 --------- d-----w c:\documents and settings\All Users\Programdata\Spybot - Search & Destroy

2009-03-16 06:20 --------- d-----w c:\programfiler\P2P_Energy

2009-03-13 13:34 --------- d-----w c:\programfiler\SUPERAntiSpyware

2009-03-13 13:34 --------- d-----w c:\documents and settings\Apekatt\Programdata\SUPERAntiSpyware.com

2009-03-12 05:58 --------- d-----w c:\documents and settings\All Users\Programdata\Microsoft Help

2009-03-05 05:57 --------- d-----w c:\programfiler\Google

2009-03-05 05:57 --------- d-----w c:\documents and settings\All Users\Programdata\Bluetooth

2009-03-05 05:56 --------- d-----w c:\programfiler\AutoCAD R14

2009-03-04 07:41 --------- d-----w c:\programfiler\Panda Security

2009-03-02 07:42 --------- d-----w c:\programfiler\Nokia

2009-03-02 07:41 --------- d-----w c:\programfiler\Fellesfiler\Nokia

2009-03-02 07:40 --------- d-----w c:\documents and settings\All Users\Programdata\Installations

2009-03-02 07:36 --------- d-----w c:\documents and settings\All Users\Programdata\PC Suite

2009-02-22 19:31 --------- d-----w c:\documents and settings\Apekatt\Programdata\LimeWire Music

2009-02-22 18:45 --------- d-----w c:\programfiler\Conduit

2009-02-19 13:38 --------- d-----w c:\programfiler\Java

2009-02-19 08:11 --------- d-----w c:\programfiler\Gigaset DECT

2009-02-19 07:48 --------- d-----w c:\programfiler\Fellesfiler\InstallShield

2009-02-16 09:20 --------- d-----w c:\documents and settings\All Users\Programdata\Office Genuine Advantage

2008-11-30 20:27 181,727 ----a-w c:\programfiler\WindowsSearch-KB940157-XP-x86-nor.exe

.

((((((((((((((((((((((((((((( SnapShot_2009-03-13_14.06.47.17 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-03-13 13:34:12 18,944 ----a-r c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe

+ 2009-03-13 13:34:12 65,024 ----a-r c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe

- 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\system32\MRT.exe

+ 2009-02-25 11:55:00 24,768,960 ----a-w c:\windows\system32\MRT.exe

+ 2009-03-23 13:21:55 16,384 ----atw c:\windows\temp\Perflib_Perfdata_7f4.dat

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\programfiler\P2P_Energy\tbP2P0.dll" [2009-03-16 1883672]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

2009-03-16 07:20 1883672 --a------ c:\programfiler\P2P_Energy\tbP2P0.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{aba45793-bd47-d1cb-041c-d7941d56a241}]

2009-02-26 12:06 625152 --a------ c:\windows\system32\nsf8E.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\programfiler\P2P_Energy\tbP2P0.dll" [2009-03-16 1883672]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{2BAE58C2-79F9-45D1-A286-81F911301C3A}"= "c:\programfiler\P2P_Energy\tbP2P0.dll" [2009-03-16 1883672]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"SpybotSD TeaTimer"="c:\programfiler\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-27 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-27 162328]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-27 137752]

"LaunchAp"="c:\programfiler\Launch Manager\LaunchAp.exe" [2005-07-25 32768]

"HotkeyApp"="c:\programfiler\Launch Manager\HotkeyApp.exe" [2006-04-19 65536]

"Wbutton"="c:\programfiler\Launch Manager\Wbutton.exe" [2006-05-04 86016]

"SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2008-06-02 761946]

"HP Software Update"="c:\programfiler\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]

"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-02-19 136600]

"PCSuiteTrayApplication"="c:\programfiler\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]

"CtrlVol"="c:\programfiler\Launch Manager\CtrlVol.exe" [bU]

"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 c:\windows\RTHDCPL.EXE]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]

"SMSERIAL"="sm56hlpr.exe" [2008-06-02 c:\windows\sm56hlpr.exe]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe]

"SerExt"="SerExt.exe" [2005-03-01 c:\windows\system32\SerExt.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"Nokia.PCSync"="c:\programfiler\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

Bluetooth Manager.lnk - c:\programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-08-02 2760704]

HP Digital Imaging Monitor.lnk - c:\programfiler\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

Logitech Desktop Messenger.lnk - c:\programfiler\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-06-04 67128]

Logitech SetPoint.lnk - c:\programfiler\Logitech\SetPoint\SetPoint.exe [2008-06-04 805392]

talk&surf 6.0 - Monitor.lnk - c:\programfiler\Gigaset DECT\talk&surf_6_0\semon21.exe [2007-02-27 172032]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2007-04-19 13:41 294912 c:\programfiler\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2008-05-02 02:42 72208 c:\programfiler\Fellesfiler\Logitech\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

2007-02-15 19:02 50736 c:\windows\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\System32\crtdll32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programfiler\\Office\\Office12\\OUTLOOK.EXE"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programfiler\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Programfiler\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"c:\\Programfiler\\Java\\jre6\\bin\\javaw.exe"=

"c:\\Programfiler\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Programfiler\\Fellesfiler\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2008-08-13 28544]

R1 Hotkey;Hotkey;c:\windows\system32\drivers\HOTKEY.sys [2008-06-02 9867]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2008-06-03 38968]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2008-06-03 178872]

R3 DectEnum;DectEnum;c:\windows\system32\drivers\DectEnum.sys [2005-03-01 8448]

R3 Gigusb;Dect USB Driver;c:\windows\system32\drivers\Gigusb.sys [2005-03-01 53632]

R3 HRCMPA;ISDN Wan driver (Ver. 1.20.0032);c:\windows\system32\drivers\hrcmpa.sys [2004-09-08 263751]

R3 IUAPIWDM;ISDN USB Interface (Ver. 1.20.0032);c:\windows\system32\drivers\IUAPIWDM.sys [2004-09-08 50759]

R3 siellif;siellif;c:\windows\system32\drivers\siellif.sys [2005-03-01 113408]

R3 xControlCOM;xControlCOM;c:\programfiler\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe [2005-03-01 327680]

S1 mailKmd;mailKmd; [x]

S1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys --> c:\windows\system32\drivers\Wbutton.sys [?]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2009-03-02 138112]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2009-03-02 8320]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d02bf7e0-fe89-11dd-b8a4-001a6b191f80}]

\Shell\AutoRun\command - e:\wd_windows_tools\WDSetup.exe

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

2009-03-23 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]

2009-03-23 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]

.

- - - - TOMME PEKERE FJERNET - - - -

Notify-ac3f3e9d553 - c:\windows\System32\crtdll32.dll

.

------- Tilleggsskanning -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uStart Page = hxxp://www.sol.no/

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

LSP: c:\programfiler\Panda Security\Panda Antivirus 2008\pavlsp.dll

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\programfiler\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-23 14:22:11

Windows 5.1.2600 Service Pack 3 NTFS

skanner skjulte prosesser ...

c:\windows\explorer.exe [1832] 0x88BEC3B0

skanner skjulte autostart-oppføringer ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CtrlVol = c:\programfiler\Launch Manager\CtrlVol.exe??(???\??????|H??|????A??|>j?wwj?w????????0??? ???????????????d???y??|????????p?????@?????????X{?wX??????????????sx??s@???????????v??|h??st??????????s?????????????????C?sc"?sx??s??????B~??@?N'?s?@:? :@??@:????????

skanner skjulte filer ...

skanning vellykket

skjulte filer: 0

**************************************************************************

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

- - - - - - - > 'winlogon.exe'(928)

c:\programfiler\SUPERAntiSpyware\SASWINLO.dll

c:\windows\system32\avldr.dll

c:\programfiler\fellesfiler\logitech\bluetooth\LBTWlgn.dll

c:\programfiler\fellesfiler\logitech\bluetooth\LBTServ.dll

.

------------------------ Andre Kjørende Prosesser ------------------------

.

c:\programfiler\Panda Security\Panda Antivirus 2008\PAVSRV51.EXE

c:\programfiler\Panda Security\Panda Antivirus 2008\AVENGINE.EXE

c:\programfiler\Java\jre6\bin\jqs.exe

c:\programfiler\Panda Security\Panda Antivirus 2008\PsCtrlS.exe

c:\programfiler\Fellesfiler\Panda Software\PavShld\PavPrSrv.exe

c:\windows\system32\HPZipm12.exe

c:\windows\system32\igfxsrvc.exe

c:\windows\system32\rundll32.exe

c:\programfiler\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

c:\programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

c:\programfiler\Fellesfiler\Logishrd\KHAL2\KHALMNPR.exe

c:\programfiler\Panda Security\Panda Antivirus 2008\PsImSvc.exe

c:\programfiler\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

c:\programfiler\PC Connectivity Solution\ServiceLayer.exe

c:\programfiler\Panda Security\Panda Antivirus 2008\ApVxdWin.exe

c:\programfiler\Launch Manager\WLBTTray.exe

c:\windows\system32\wbem\wmiapsrv.exe

c:\progra~1\FELLES~1\PCSuite\DATALA~1\DATALA~1.EXE

c:\programfiler\Panda Security\Panda Antivirus 2008\WebProxy.exe

.

**************************************************************************

.

Tidspunkt ferdig: 2009-03-23 14:24:41 - maskinen ble startet på nytt [Apekatt]

ComboFix-quarantined-files.txt 2009-03-23 13:24:38

ComboFix2.txt 2009-03-13 13:07:30

ComboFix3.txt 2008-08-22 10:18:58

ComboFix4.txt 2008-08-22 10:05:54

Pre-Run: 105,961,299,968 byte ledig

Post-Run: 105,999,007,744 byte ledig

257 --- E O F --- 2009-03-13 13:55:12

Noen som klarer å finne noe som "ikke rimer" her? :ermm:

Boneraw · 23. mars 2009

"litt offtopic" men,

har du kjørt programmer som "spybotSD", Ccleaner, SUPERantispyware, Ad-Aware Se e.l?

Pizzaen · 23. mars 2009

"litt offtopic" men,
har du kjørt programmer som "spybotSD", Ccleaner, SUPERantispyware, Ad-Aware Se e.l?

Her er en test av alle de nevnte programene bortsett fra Ccleaner, som er testet av norbat, en utrolig flink og aktiv fyr her i denne delen av forumet, der ser du hvor sinsykt oppskrytt Spybot-S&D og Ad-Aware er.

Kjør gjennom denne veiledningen, altså kjør en runde med mbam også kjører du en ny runde med Combofix.

Endret 23. mars 2009 av Pizzaen

Boneraw · 23. mars 2009

Det var eksempler, og i tillegg kom SUPERantispyware som jeg linket til veldig godt ut.

snippsat · 23. mars 2009

Kopiere fet tekst under bildet->åpne notisblokk og lim inn.

Lagre på skrivebordet som CFScript.txt

Gjør som på bildet combofix vil starte,Post logg c:\combofix.txt

Folder::

c:\documents and settings\Apekatt\Programdata\AntiSpyware Pro

File::

c:\windows\system32\17F.tmp

c:\windows\system32\8bba63ff-4d69-d44a-1196-c04cac95f5e9.exe

c:\windows\system32\rcdkbxyvwotobsvv.dll-uninst.exe

c:\windows\system32\smytgiayljdqzjfm.exe

c:\windows\system32\nsf8E.dll

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{aba45793-bd47-d1cb-041c-d7941d56a241}]

Det var eksempler, og i tillegg kom SUPERantispyware som jeg linket til veldig godt ut.

Ja hadde du sett i loggen som er postet ser du SUPERantispyware er innstalert oss trådstarter.

Endret 23. mars 2009 av SNIPPSAT

el_cash · 24. mars 2009

SNIPPSAT: Tusen takk - skal slette moroa så snart som mulig, takk for hjelpen!

Logg inn

Treg pc - virus/Spyware/malware?

Anbefalte innlegg

el_cash

Videoannonse

Boneraw

Pizzaen

Boneraw

snippsat

el_cash

Opprett en konto eller logg inn for å kommentere

Opprett konto

Logg inn

Hvem er aktive 0 medlemmer