Malwarebytes' Anti-Malware 1.25 Database versjon: 1062 Windows 5.1.2600 Service Pack 3 13:46:50 01.09.2008 mbam-log-09-01-2008 (13-46-42).txt Skanntype: Rask Skann Objekter skannet: 39240 Tid tilbakelagt: 2 minute(s), 4 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 6 Registerverdier infisert: 0 Registerfiler infisert: 15 Mapper infisert: 0 Filer infisert: 16 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo (Trojan.FakeAlert) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Trojan.BHO) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{8ca5ed52-f3fb-4414-a105-2e3491156990} (Trojan.BHO) -> No action taken. Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55724-005-5437376-22687) -> No action taken. HKEY_CURRENT_USER\Control Panel\International\sTimeFormat (Trojan.FakeAlert) -> Bad: (HH:mm: VIRUS ALERT!) Good: (HH:mm:ss) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowControlPanel (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoStartMenuMorePrograms (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (12) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders (Hijack.Explorer) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\tdssl.dll (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\tdssmain.dll (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\tdsslog.dll (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> No action taken. C:\WINDOWS\system32\drivers\tdssserv.sys (Trojan.Agent) -> No action taken. C:\Documents and Settings\Administrator\Lokale innstillinger\Temp\lwpwer.exe (Trojan.FakeAlert) -> No action taken. C:\Documents and Settings\Administrator\Skrivebord\Spyware&Malware Protection.url (Rogue.Link) -> No action taken. C:\Documents and Settings\Administrator\Skrivebord\Privacy Protector.url (Rogue.Link) -> No action taken. C:\Documents and Settings\Administrator\Skrivebord\Error Cleaner.url (Rogue.Link) -> No action taken. C:\Documents and Settings\Administrator\Favoritter\Error Cleaner.url (Rogue.Link) -> No action taken. C:\Documents and Settings\Administrator\Favoritter\Privacy Protector.url (Rogue.Link) -> No action taken. C:\Documents and Settings\Administrator\Favoritter\Spyware&Malware Protection.url (Rogue.Link) -> No action taken. C:\Programfiler\iWin Games\iWinGamesHookIE.dll (Trojan.BHO) -> No action taken.