fsx Skrevet 16. september 2009 Skrevet 16. september 2009 ComboFix 09-09-14.02 - younas 16.09.2009 20:35.1.3 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1044.18.3326.1563 [GMT 2:00] Kjører fra: c:\users\younas\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Anti-virus er aktiv . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-4288147535-3973791172-4071292720-500 . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-08-16 til 2009-09-16 ))))))))))))))))))))))))))))))))) . 2009-09-16 18:49 . 2009-09-16 18:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-09-10 11:11 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-09-10 11:11 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll 2009-09-10 11:11 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE 2009-09-10 11:11 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE 2009-09-10 11:11 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE 2009-09-10 11:11 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE 2009-09-10 11:11 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE 2009-09-10 11:11 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe 2009-09-10 11:11 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE 2009-09-10 11:11 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll 2009-09-10 11:10 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll 2009-09-10 11:10 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll 2009-09-10 11:10 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll 2009-09-10 11:10 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll 2009-09-10 11:10 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll 2009-09-08 12:53 . 2009-09-08 12:53 -------- d-----w- c:\programdata\SiteAdvisor 2009-09-08 12:53 . 2009-09-08 12:53 -------- d-----w- c:\program files\SiteAdvisor 2009-09-08 12:50 . 2009-07-08 11:44 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2009-09-08 12:50 . 2009-07-08 11:44 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys 2009-09-08 12:50 . 2009-07-08 11:44 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2009-09-08 12:50 . 2009-07-16 10:32 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys 2009-09-08 12:50 . 2009-09-08 12:50 -------- d-----w- c:\program files\Common Files\McAfee 2009-09-08 12:50 . 2009-09-14 17:15 -------- d-----w- c:\program files\McAfee 2009-09-08 12:48 . 2009-07-08 11:43 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys 2009-09-08 12:37 . 2009-09-08 16:19 -------- d-----w- c:\programdata\McAfee 2009-09-08 12:12 . 2004-09-07 04:14 279624 ----a-w- c:\windows\system32\mcgdmgr.dll 2009-09-08 12:12 . 2009-09-08 12:50 -------- d-----w- c:\program files\McAfee.com 2009-09-08 12:12 . 2004-10-04 10:29 341064 ----a-w- c:\windows\system32\mcinsctl.dll 2009-09-07 13:37 . 2009-09-07 13:37 -------- d-----w- c:\users\younas\AppData\Roaming\Creative 2009-09-07 13:35 . 2009-09-08 08:01 -------- d-----w- c:\programdata\Creative 2009-09-07 13:28 . 2006-10-06 06:17 53248 ------w- c:\windows\Ctregrun.exe 2009-09-07 13:26 . 2006-11-10 01:00 126976 ----a-w- c:\windows\system32\V0330Vfw.dll 2009-09-07 13:26 . 2007-08-08 05:48 157696 ----a-w- c:\windows\system32\drivers\V0330Vid.sys 2009-09-07 13:26 . 2007-06-14 01:52 90112 ----a-w- c:\windows\CtDrvIns.exe 2009-09-07 13:26 . 2007-04-30 01:10 266240 ----a-w- c:\windows\system32\V0330Cvw.dll 2009-09-07 13:26 . 2007-04-30 01:03 32768 ----a-w- c:\windows\V0330Mon.exe 2009-09-07 13:26 . 2007-04-26 01:10 32768 ----a-w- c:\windows\system32\V0330Hwx.dll 2009-09-07 13:26 . 2007-04-25 01:10 20480 ----a-w- c:\windows\system32\V0330Srv.exe 2009-09-07 13:26 . 2007-04-24 01:10 36864 ----a-w- c:\windows\system32\V0330Pin.dll 2009-09-07 13:26 . 2007-04-24 01:10 20480 ----a-w- c:\windows\V0330Cfg.exe 2009-09-07 13:26 . 2006-12-13 02:35 4516 ----a-w- c:\windows\system32\drivers\V0330STB.SYS 2009-09-07 13:26 . 2005-07-07 01:07 36864 ----a-w- c:\windows\system32\CtCamMgr.dll 2009-09-07 12:55 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe 2009-09-07 12:54 . 2009-09-07 13:28 -------- d-----w- c:\program files\Creative 2009-09-05 16:18 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll 2009-09-05 16:18 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll 2009-09-05 16:18 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\MSVCR71.dll 2009-09-05 16:18 . 2009-09-05 16:18 -------- d-----w- c:\program files\Alwil Software 2009-09-05 15:39 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-09-05 14:26 . 2009-09-05 14:26 0 ----a-w- c:\windows\nsreg.dat 2009-09-05 14:26 . 2009-09-05 14:26 -------- d-----w- c:\users\younas\AppData\Local\Mozilla 2009-09-03 18:38 . 2009-09-03 18:38 -------- d-----w- c:\programdata\Trymedia 2009-09-03 15:23 . 2009-08-28 12:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-09-03 15:23 . 2009-08-28 10:15 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-09-01 19:01 . 2009-09-01 19:01 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-09-01 16:51 . 2009-09-01 16:51 -------- d-----w- c:\users\younas\AppData\Roaming\Template 2009-09-01 12:50 . 2009-03-08 11:33 18944 ----a-w- c:\windows\system32\corpol.dll 2009-09-01 12:49 . 2009-09-01 12:49 -------- d-----w- c:\users\younas\AppData\Local\Microsoft Help 2009-09-01 12:24 . 2009-09-01 12:24 680 ----a-w- c:\users\younas\AppData\Local\d3d9caps.dat 2009-08-31 19:07 . 2009-08-31 19:07 -------- d-----w- c:\users\younas\AppData\Roaming\PeerNetworking 2009-08-30 08:30 . 2009-08-30 08:30 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help 2009-08-29 20:20 . 2008-04-16 10:57 42552 ----a-w- c:\windows\system32\drivers\ale_nf.sys 2009-08-29 11:50 . 2009-08-29 11:50 -------- d-----w- c:\program files\MSXML 4.0 2009-08-29 11:50 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll 2009-08-29 11:25 . 2009-08-29 11:25 -------- d-----w- c:\users\younas\AppData\Roaming\Nero 2009-08-28 22:09 . 2008-01-21 02:24 638976 ----a-w- c:\windows\system32\win_utilman.exe 2009-08-28 22:08 . 2009-08-28 22:08 -------- d-----w- c:\users\younas\AppData\Local\Apps 2009-08-28 19:46 . 2009-08-28 19:46 -------- d-----w- c:\users\younas\AppData\Roaming\Packard Bell 2009-08-28 18:24 . 2009-09-01 15:05 -------- d-----w- C:\FSXTMP 2009-08-28 18:06 . 2009-09-05 20:15 -------- d-----w- c:\users\younas\AppData\Local\Adobe 2009-08-28 18:06 . 2009-08-28 18:06 -------- d-----w- c:\programdata\FLEXnet 2009-08-28 17:41 . 2009-09-16 14:32 -------- d-----w- c:\users\younas\Tracing 2009-08-28 17:35 . 2009-09-07 20:58 -------- d-----w- c:\users\younas\AppData\Local\Microsoft Games 2009-08-28 17:27 . 2009-08-28 17:27 -------- d-----w- c:\users\younas\AppData\Local\Ahead 2009-08-28 17:25 . 2009-08-28 17:25 -------- d-----w- c:\programdata\Nero 2009-08-28 17:25 . 2009-08-28 17:25 -------- d-----w- c:\program files\Nero 2009-08-28 17:25 . 2009-08-28 17:26 -------- d-----w- c:\program files\Common Files\Nero 2009-08-28 17:19 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll 2009-08-28 17:05 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll 2009-08-28 17:05 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2009-08-28 17:05 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2009-08-28 17:05 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll 2009-08-28 17:05 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe 2009-08-28 17:05 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll 2009-08-28 17:05 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe 2009-08-28 17:00 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll 2009-08-28 17:00 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll 2009-08-28 17:00 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll 2009-08-28 17:00 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll 2009-08-28 17:00 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll 2009-08-28 16:58 . 2008-06-06 03:27 38912 ----a-w- c:\windows\system32\xolehlp.dll 2009-08-28 16:58 . 2008-06-06 03:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll 2009-08-28 16:58 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll 2009-08-28 16:58 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll 2009-08-28 16:58 . 2009-08-28 16:58 -------- d-----w- c:\users\younas\AppData\Local\Symantec 2009-08-28 16:57 . 2008-07-16 12:00 487424 ----a-w- c:\windows\system32\INT15.dll 2009-08-28 16:57 . 2008-07-16 11:56 17952 ----a-w- c:\windows\system32\drivers\int15_64.sys 2009-08-28 16:57 . 2008-07-16 11:56 15392 ----a-w- c:\windows\system32\drivers\int15.sys 2009-08-28 16:56 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll 2009-08-28 16:56 . 2008-12-16 02:42 288768 ----a-w- c:\windows\system32\drivers\srv.sys 2009-08-28 16:54 . 2009-08-28 16:54 -------- d-----w- c:\program files\DIFX 2009-08-28 16:54 . 2009-08-28 16:54 -------- d-----w- c:\program files\YUAN 2009-08-28 16:54 . 2009-09-07 20:28 71648 ----a-w- c:\users\younas\AppData\Local\GDIPFONTCACHEV1.DAT 2009-08-28 16:54 . 2009-09-05 15:36 -------- d-----w- c:\users\younas\AppData\Local\Packard Bell 2009-08-28 16:54 . 2009-08-28 16:54 -------- d-----w- c:\programdata\NVIDIA 2009-08-28 16:52 . 2008-10-29 06:29 2927104 ----a-w- c:\windows\explorer.exe 2009-08-28 16:48 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-08-28 16:47 . 2009-08-28 16:47 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-08-28 16:47 . 2008-02-03 10:00 290248 ----a-w- c:\windows\system32\ezsvc7x.dll 2009-08-28 16:47 . 2008-02-03 10:00 129992 ----a-w- c:\windows\system32\ezsvc7.dll 2009-08-28 16:47 . 2009-08-28 16:47 8172 ----a-w- c:\windows\system32\ezdigsgn.dat 2009-08-28 16:47 . 2009-08-28 16:47 91136 ----a-w- c:\windows\system32\ezUninst.exe 2009-08-28 16:47 . 2009-08-28 16:47 49152 ----a-w- c:\windows\system32\ezUPBHook.dll 2009-08-28 16:47 . 2009-08-28 16:47 268288 ----a-w- c:\windows\system32\ezSetup.exe 2009-08-28 16:47 . 2009-08-28 16:47 15872 ----a-w- c:\windows\system32\ezMAPIHelper.exe 2009-08-28 16:47 . 2009-08-28 16:47 111104 ----a-w- c:\windows\system32\ezShellStart.exe 2009-08-28 16:44 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll 2009-08-28 16:44 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe 2009-08-28 16:44 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll 2009-08-28 16:44 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll 2009-08-28 16:44 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll 2009-08-28 16:44 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll 2009-08-28 16:44 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll 2009-08-28 16:44 . 2008-10-16 12:08 162064 ----a-w- c:\windows\system32\wuwebv.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-16 17:19 . 2009-02-20 06:56 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-16 17:04 . 2009-09-16 15:25 -------- d-----w- c:\program files\Pando Networks 2009-09-16 16:13 . 2009-09-16 16:13 -------- d-----w- c:\program files\GamersFirst 2009-09-16 16:12 . 2009-09-16 15:27 608744450 ----a-w- c:\program files\WarRock20081102.exe 2009-09-16 12:37 . 2008-01-21 06:14 76272 ----a-w- c:\windows\system32\perfc014.dat 2009-09-16 12:37 . 2008-01-21 06:14 452088 ----a-w- c:\windows\system32\perfh014.dat 2009-09-14 19:39 . 2009-09-14 19:39 -------- d-----w- c:\users\younas\AppData\Roaming\Malwarebytes 2009-09-14 19:39 . 2009-09-14 19:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-14 19:39 . 2009-09-14 19:39 -------- d-----w- c:\programdata\Malwarebytes 2009-09-14 07:21 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-09-10 12:54 . 2009-09-14 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 12:53 . 2009-09-14 19:39 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-07 13:25 . 2009-02-20 06:56 -------- d-----w- c:\program files\Common Files\InstallShield 2009-09-03 19:45 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games 2009-09-01 12:49 . 2009-02-20 07:06 -------- d-----w- c:\programdata\Microsoft Help 2009-09-01 12:22 . 2009-02-20 07:26 -------- d-----w- c:\programdata\Norton 2009-08-30 08:33 . 2009-02-20 07:09 -------- d-----w- c:\program files\Microsoft Works 2009-08-29 17:54 . 2009-02-20 07:18 -------- d-----w- c:\program files\Google 2009-08-29 11:27 . 2009-08-29 11:27 0 ----a-w- c:\users\younas\AppData\Roaming\wklnhst.dat 2009-08-28 22:18 . 2009-02-20 14:36 -------- d-----w- c:\program files\PACKARD BELL 2009-08-28 17:30 . 2009-02-20 07:26 -------- d-----w- c:\programdata\Symantec 2009-08-28 16:59 . 2009-08-28 16:59 0 ----a-w- c:\windows\system32\drivers\PACKARDBELLBV_IMEDIAA5520NCD_1.0_PTU090X0199220AE662700.MRK 2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Start-meny 2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Skrivebord 2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Programdata 2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Maler 2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Favoritter 2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\programdata\Dokumenter 2009-08-28 16:43 . 2009-08-28 16:43 -------- d-sh--we c:\program files\Fellesfiler 2009-08-28 16:37 . 2009-08-28 16:37 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-08-03 13:07 . 2009-08-03 13:07 403816 ----a-w- c:\windows\system32\OGACheckControl.dll 2009-08-03 13:07 . 2009-08-03 13:07 322928 ----a-w- c:\windows\system32\OGAAddin.dll 2009-08-03 13:07 . 2009-08-03 13:07 230768 ----a-w- c:\windows\system32\OGAEXEC.exe 2009-07-21 21:52 . 2009-09-01 12:51 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-09-01 12:51 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-09-01 12:51 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:13 . 2009-09-01 12:51 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-14 13:00 . 2009-08-28 16:55 313344 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-14 12:59 . 2009-08-28 16:55 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-07-14 12:58 . 2009-08-28 16:55 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-07-14 10:59 . 2009-08-28 16:55 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-07-08 11:44 . 2009-07-08 11:44 214024 ----a-w- c:\windows\system32\drivers\mfehidk.sys . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-04-28 1828136] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-28 68856] "CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-21 192000] "CTRegRun"="c:\windows\CTRegRun.EXE" [2006-10-06 53248] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-21 2153472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "FujiKeyboard"="c:\acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe" [2008-09-18 79416] "SmpcSys"="c:\program files\Packard Bell\SetupMyPC\SmpSys.exe" [2008-07-07 1038136] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-11-12 13584928] "V0330Mon.exe"="c:\windows\V0330Mon.exe" [2007-04-30 32768] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-07-09 645328] "McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-07 1176808] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-09-10 420176] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-03-26 5369856] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-20 1826816] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "HideFastUserSwitching"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] SetupExecute REG_MULTI_SZ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{064FC79D-7C6E-4B0C-934C-C40CA33A132C}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server "{0C1CC5C5-06EE-4469-BD63-61D2474088D6}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server "{BE48E75D-A499-420A-8BC2-456B520E0CEE}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{AE26182E-CE6E-4F7D-B339-14E98A7F36A7}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{0C9B59A7-CAE6-4AEA-9751-3E3A46A79076}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync "{63C63D0B-2C30-41E9-88DD-54005F239712}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent R2 ETService;Empowering Technology Service;c:\program files\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe [28.08.2009 18:57 24576] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21.01.2008 04:23 21504] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [14.09.2009 21:39 269648] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [08.09.2009 14:52 203280] R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [14.09.2009 21:39 19160] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [14.09.2009 21:39 38224] R3 V0330VID;WebCam Vista/Live! Cam Chat;c:\windows\System32\drivers\V0330Vid.sys [07.09.2009 15:26 157696] S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [11.09.2007 01:45 124832] --- Andre tjenester/drivere lastet i minnet --- *NewlyCreated* - MBAMPROTECTOR *NewlyCreated* - MBAMSWISSARMY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-09-16 c:\windows\Tasks\Malwarebytes' Scheduled Scan for younas.job - c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-14 12:53] 2009-09-16 c:\windows\Tasks\Malwarebytes' Scheduled Update for younas.job - c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-14 12:53] 2009-09-08 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-08 19:26] 2009-09-08 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-09-08 19:26] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&s=1&o=vp32&d=0809&m=imedia_a5520_ncd mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&s=1&o=vp32&d=0809&m=imedia_a5520_ncd FF - ProfilePath - c:\users\younas\AppData\Roaming\Mozilla\Firefox\Profiles\mjk4uvlu.default\ FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . - - - - TOMME PEKERE FJERNET - - - - HKLM-Run-NPCTray - c:\program files\Norman\npc\bin\npc_tray.exe HKLM-Run-eRecoveryService - (no file) AddRemove-Creative VF0330 - c:\windows\CtDrvIns.exe -uninstall -script VF0330.uns -unsext NT -plugin V0330Pin.dll ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-16 20:49 Windows 6.0.6001 Service Pack 1 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . Tidspunkt ferdig: 2009-09-16 20:53 ComboFix-quarantined-files.txt 2009-09-16 18:53 Pre-Run: 520 819 191 808 byte ledig Post-Run: 520 428 322 816 byte ledig 288 --- E O F --- 2009-09-15 12:43 ogs når jeg sletta det så kunne jeg ikke åpne noe men det viser seg at det ikke hvar sletta
jblas44 Skrevet 16. september 2009 Skrevet 16. september 2009 Dette er vel ikke det rette stedet å poste om virus, prøv heller her.
fsx Skrevet 16. september 2009 Forfatter Skrevet 16. september 2009 (endret) hei moderator kan du flytte dene. posta feil Endret 17. september 2009 av fsx
Hrodebert Skrevet 16. september 2009 Skrevet 16. september 2009 Husk å være nøye med å plassere innlegg og tråder i korrekt kategori. Spør en moderator om du er i tvil. Denne tråden var plassert i feil kategori og er blitt flyttet til korrekt eller mer passende kategori. Reaksjoner på moderering går som alltid via "Personlig Melding".
fsx Skrevet 17. september 2009 Forfatter Skrevet 17. september 2009 hei jeg tenkte og kjøre ComboFix men sletter den viktige dataer
Bruker-158599 Skrevet 17. september 2009 Skrevet 17. september 2009 hei jeg tenkte og kjøre ComboFix men sletter den viktige dataer Nei, da hadde vi ikke brukt den.
Swafty Skrevet 17. september 2009 Skrevet 17. september 2009 hei jeg tenkte og kjøre ComboFix men sletter den viktige dataer Gjør den det? Shit.. jeg har brukt den IM DOOMED!!
Bruker-158599 Skrevet 17. september 2009 Skrevet 17. september 2009 hei jeg tenkte og kjøre ComboFix men sletter den viktige dataer Gjør den det? Shit.. jeg har brukt den IM DOOMED!! Nei, den gjør ikke det.
norbat Skrevet 17. september 2009 Skrevet 17. september 2009 https://www.diskusjon.no/index.php?session=...&p=14371430
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå