Milapse Skrevet 3. januar 2010 Del Skrevet 3. januar 2010 (endret) Hei, trenger noen til å se på disse loggene da maskinen min har vært infisert av trojaner. MBAM: Malwarebytes' Anti-Malware 1.43 Databaseversjon: 3458 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 03.01.2010 17:35:35 mbam-log-2010-01-03 (17-35-35).txt Skanntype: Rask Skann Objekter skannet: 97857 Tid tilbakelagt: 9 minute(s), 29 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 2 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: C:\Users\Erik\AppData\Local\Temp\1157319.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Erik\AppData\Local\Temp\330434.exe (Trojan.Downloader) -> Quarantined and deleted successfully. ComboFix: ComboFix 10-01-02.05 - Erik 03.01.2010 18:03:49.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1044.18.3070.2222 [GMT 1:00] Kjører fra: c:\users\Erik\Downloads\ComboFix.exe SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk c:\users\Erik\Documents\Registry_Backup_021009.reg Infisert kopi av c:\windows\system32\DRIVERS\iaStor.sys ble funnet og desinfisert Gjenopprettet kopi fra - Kitty ate it . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-12-03 til 2010-01-03 ))))))))))))))))))))))))))))))))) . 2010-01-03 17:17 . 2010-01-03 17:20 -------- d-----w- c:\users\Erik\AppData\Local\temp 2010-01-03 17:17 . 2010-01-03 17:17 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-01-03 16:21 . 2010-01-03 16:21 -------- d-----w- c:\users\Erik\AppData\Roaming\Malwarebytes 2010-01-03 16:21 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-03 16:21 . 2010-01-03 16:21 -------- d-----w- c:\programdata\Malwarebytes 2010-01-03 16:21 . 2010-01-03 16:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-03 16:21 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-31 16:14 . 2010-01-03 16:40 -------- d-----w- c:\users\Erik\Tracing 2009-12-29 14:13 . 2009-12-29 19:41 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2009-12-29 14:13 . 2009-12-29 14:14 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-12-24 13:06 . 2009-12-24 13:06 -------- d-----w- c:\windows\Applian Director 2009-12-24 13:06 . 2009-12-24 13:06 -------- d-----w- c:\users\Erik\AppData\Local\FLVService 2009-12-24 13:06 . 2009-12-24 13:06 -------- d-----w- c:\windows\Replay Media Catcher 2009-12-17 18:02 . 2009-12-17 18:02 -------- d-----w- c:\program files\Wimp 2009-12-17 00:28 . 2009-12-17 00:28 -------- d-----w- c:\users\Erik\AppData\Local\stellarium 2009-12-17 00:28 . 2009-12-17 00:41 -------- d-----w- c:\users\Erik\AppData\Roaming\Stellarium 2009-12-17 00:27 . 2009-12-17 00:27 -------- d-----w- c:\program files\Stellarium 2009-12-12 11:38 . 2009-11-09 13:22 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-12-12 11:38 . 2009-11-09 13:20 31232 ----a-w- c:\windows\system32\httpapi.dll 2009-12-12 11:38 . 2009-11-09 11:04 411136 ----a-w- c:\windows\system32\drivers\http.sys 2009-12-09 09:34 . 2009-08-24 12:16 378368 ----a-w- c:\windows\system32\winhttp.dll 2009-12-09 09:23 . 2009-10-07 12:41 244224 ----a-w- c:\windows\system32\rastls.dll 2009-12-09 09:23 . 2009-10-07 12:41 281600 ----a-w- c:\windows\system32\raschap.dll 2009-12-08 15:37 . 2009-12-08 15:37 -------- d-----w- c:\program files\CCleaner 2009-12-05 00:00 . 2009-12-05 00:00 -------- d-----w- c:\program files\PosteRazor 2009-12-05 00:00 . 2009-12-05 00:00 -------- d-----w- c:\users\Erik\AppData\Roaming\CasaPortale.de . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-03 17:18 . 2009-06-28 19:11 45056 ----a-w- c:\windows\system32\acovcnt.exe 2010-01-03 17:17 . 2008-04-29 05:18 12 ----a-w- c:\windows\bthservsdp.dat 2010-01-03 17:09 . 2008-04-29 06:01 76478 ----a-w- c:\windows\system32\perfc014.dat 2010-01-03 17:09 . 2008-04-29 06:01 452326 ----a-w- c:\windows\system32\perfh014.dat 2010-01-03 13:07 . 2009-07-08 19:24 -------- d-----w- c:\users\Erik\AppData\Roaming\Spotify 2009-12-27 02:16 . 2009-08-27 19:13 -------- d-----w- c:\users\Erik\AppData\Roaming\vlc 2009-12-24 13:13 . 2009-06-29 20:24 -------- d-----w- c:\users\Erik\AppData\Roaming\uTorrent 2009-12-17 11:34 . 2009-11-02 20:51 1 ----a-w- c:\users\Erik\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-12-12 15:59 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-12-12 11:40 . 2009-02-10 23:20 -------- d-----w- c:\programdata\Microsoft Help 2009-12-09 19:09 . 2009-12-09 19:09 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb2EE3.tmp.exe 2009-12-08 16:03 . 2009-07-05 20:45 31776 ----a-w- c:\programdata\nvModes.dat 2009-12-07 17:21 . 2009-10-24 12:47 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-11-26 02:00 . 2009-11-26 02:00 -------- d-----w- c:\program files\MSXML 4.0 2009-11-23 11:26 . 2009-11-21 12:53 -------- d-----w- c:\program files\Replay Music 3 2009-11-15 22:54 . 2009-06-28 19:13 -------- d-----w- c:\program files\Common Files\Adobe 2009-11-14 19:10 . 2009-11-08 20:49 -------- d-----w- c:\users\Erik\AppData\Roaming\Audacity 2009-11-08 21:51 . 2009-11-08 21:51 -------- d-----w- c:\program files\Lame for Audacity 2009-11-08 20:49 . 2009-11-08 20:49 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode) 2009-11-04 22:04 . 2009-06-28 19:11 104040 ----a-w- c:\users\Erik\AppData\Local\GDIPFONTCACHEV1.DAT 2009-11-02 19:42 . 2009-10-25 09:47 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-29 09:41 . 2009-11-26 02:00 2048 ----a-w- c:\windows\system32\tzres.dll 2009-10-27 13:20 . 2009-12-09 09:33 833024 ----a-w- c:\windows\system32\wininet.dll 2009-10-27 13:16 . 2009-12-09 09:33 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-27 10:55 . 2009-12-09 09:33 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-10-24 14:02 . 2009-06-30 19:59 411368 ----a-w- c:\windows\system32\deploytk.dll 2008-07-02 03:28 . 2008-07-02 03:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll 2008-05-22 17:35 . 2008-05-22 17:35 51962 ----a-w- c:\program files\Common Files\banner.jpg 2007-06-12 18:34 . 2007-06-12 18:34 35822 ----a-w- c:\program files\Common Files\ASPG_icon.ico . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay] @="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}" [HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}] 2008-07-31 22:12 4233480 ----a-w- c:\program files\Protector Suite QL\farchns.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen] @="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}" [HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}] 2008-07-31 22:12 4233480 ----a-w- c:\program files\Protector Suite QL\farchns.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-11 39408] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936] "P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216] "HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-12 98304] "ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-07-15 7651328] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-19 13593120] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-19 92704] "RtHDVCpl"="RtHDVCpl.exe" [2008-07-24 6265376] "PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2008-07-31 49928] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416] "ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-25 159744] "ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-02-11 3054136] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-24 149280] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-12-30 1389904] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus] 2008-07-31 22:00 96520 ----a-w- c:\windows\System32\psqlpwd.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer4"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli psqlpwd [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Users^Erik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk] path=c:\users\Erik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk backup=c:\windows\pss\OpenOffice.org 3.1.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] 2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] 2007-04-04 01:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] 2009-02-11 00:44 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2009-06-05 11:39 292136 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2009-02-06 16:52 3885400 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-10-24 14:02 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2009-09-04 12:49 1994480 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-02-11 00:44 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [11.02.2009 02:50 15416] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [04.09.2009 13:50 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [04.09.2009 13:49 74480] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [24.10.2009 13:47 108289] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [11.02.2009 02:33 29736] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [28.08.2008 16:48 3664384] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [05.09.2008 21:20 45600] S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [11.02.2009 01:44 30192] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [04.09.2009 13:50 7408] S4 sptd;sptd;c:\windows\System32\drivers\sptd.sys [17.07.2009 23:55 722416] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-06-09 18:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - c:\users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\lhvdtntt.default\ FF - plugin: c:\program files\Picasa2\npPicasa2.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\lhvdtntt.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npmnqmp071303000006.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . - - - - TOMME PEKERE FJERNET - - - - HKCU-Run-AdobeBridge - (no file) MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url] Rootkit scan 2010-01-03 18:20 Windows 6.0.6001 Service Pack 1 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'winlogon.exe'(1144) c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll - - - - - - - > 'lsass.exe'(676) c:\windows\system32\psqlpwd.dll c:\program files\Protector Suite QL\homefus2.dll c:\program files\Protector Suite QL\infql2.dll - - - - - - - > 'Explorer.exe'(3240) c:\program files\Protector Suite QL\farchns.dll c:\program files\Protector Suite QL\infql2.dll c:\program files\Protector Suite QL\qlbase.dll c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\rundll32.exe c:\program files\Protector Suite QL\upeksvr.exe c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe c:\program files\ATKGFNEX\GFNEXSrv.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\ASUS\NB Probe\SPM\spmgr.exe c:\program files\ASUS\SmartLogon\sensorsrv.exe c:\program files\P4G\BatteryLife.exe c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe c:\program files\ASUS\ATK Hotkey\HControl.exe c:\program files\Wireless Console 2\wcourier.exe c:\program files\ASUS\ASUS CopyProtect\aspg.exe c:\program files\ASUS\Splendid\ACMON.exe c:\windows\System32\ACEngSvr.exe c:\program files\ASUS\ATK Hotkey\ATKOSD.exe c:\program files\ASUS\ATK Hotkey\KBFiltr.exe c:\program files\ASUS\ATK Hotkey\WDC.exe c:\windows\system32\conime.exe c:\windows\System32\wsqmcons.exe . ************************************************************************** . Tidspunkt ferdig: 2010-01-03 18:28:43 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2010-01-03 17:28 Pre-Run: 118 618 226 688 byte ledig Post-Run: 118 630 338 560 byte ledig - - End Of File - - Hva bør gjøres videre? På forhånd takk Endret 3. januar 2010 av Milapse Lenke til kommentar https://www.diskusjon.no/topic/1188805-l%C3%B8stsjekke-mbam-og-combofix-logger/
snippsat Skrevet 4. januar 2010 Del Skrevet 4. januar 2010 c:\windows\system32\acovcnt.exe Scann denne filen virustotal Lenke til kommentar https://www.diskusjon.no/topic/1188805-l%C3%B8stsjekke-mbam-og-combofix-logger/#findComment-14954083
Milapse Skrevet 5. januar 2010 Forfatter Del Skrevet 5. januar 2010 c:\windows\system32\acovcnt.exeScann denne filen virustotal Har gjort det nå og får resultatet 0/41 dvs 0% maskinen ser ut til å fungere som normalt. Lenke til kommentar https://www.diskusjon.no/topic/1188805-l%C3%B8stsjekke-mbam-og-combofix-logger/#findComment-14962159
snippsat Skrevet 5. januar 2010 Del Skrevet 5. januar 2010 Du kan fjerne combofix ved å skrive combofix /u fra kjør-vinduet. Denne kommandoen gjør at filer i karantene og backups blir slette. Systemgjenopprettingsmappa nullstilt etc. Sjekk om software er oppdatert Secunia Lenke til kommentar https://www.diskusjon.no/topic/1188805-l%C3%B8stsjekke-mbam-og-combofix-logger/#findComment-14965046
Milapse Skrevet 7. januar 2010 Forfatter Del Skrevet 7. januar 2010 Du kan fjerne combofix ved å skrive combofix /u fra kjør-vinduet. Denne kommandoen gjør at filer i karantene og backups blir slette. Systemgjenopprettingsmappa nullstilt etc. Sjekk om software er oppdatert Secunia fant at noen programmer bør oppdateres, men ingen alvorlige feil. Holder på å oppdatere programmene nå. Lenke til kommentar https://www.diskusjon.no/topic/1188805-l%C3%B8stsjekke-mbam-og-combofix-logger/#findComment-14977153
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå