raWrz Skrevet 13. november 2008 Forfatter Del Skrevet 13. november 2008 (endret) kunne ikke slette Users mappa så fant My Documents og sletta men alle mappene kom bare tilbake igjen edit: Mbam finner flere virus nå :s skal reboote etter denne skannen og legge med ny combofix fordi jeg sier det er fordi de kommer tilbake selv om det står ar dde blir sletta Endret 13. november 2008 av Submit Lenke til kommentar
norbat Skrevet 13. november 2008 Del Skrevet 13. november 2008 Kunne du ha postet en hjt-logg? Lenke til kommentar
raWrz Skrevet 13. november 2008 Forfatter Del Skrevet 13. november 2008 Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2Scan saved at 19:37:34, on 13.11.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE D:\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe D:\comodo\Firewall\cfp.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Users\DAHL33~1\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\wbem\unsecapp.exe D:\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe D:\firefox\firefox.exe D:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.intl.acer.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [avgnt] "D:\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [COMODO Firewall Pro] "D:\comodo\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [COMODO Internet Security] "D:\comodo\Firewall\cfp.exe" -h O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DriverMax] "D:\DriverMax\devices.exe" -agent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE') O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send bilde til &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send side til &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - D:\comodo\Firewall\cmdagent.exe O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing) -- End of file - 6875 bytes Lenke til kommentar
raWrz Skrevet 13. november 2008 Forfatter Del Skrevet 13. november 2008 combofix: Klikk for å se/fjerne innholdet nedenfor ComboFix 08-11-05.02 - Dah L33T LapTop 2008-11-13 19:40:25.5 - NTFSx86Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1044.18.2061 [GMT 1:00] Running from: c:\users\Dah L33T LapTop\Desktop\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2008-10-13 to 2008-11-13 ))))))))))))))))))))))))))))))) . 2008-11-13 19:39 . 2008-11-13 19:39 <DIR> d-------- C:\32788R22FWJFW 2008-11-13 19:39 . 2008-11-13 19:39 61,440 --a------ c:\windows\System32\drivers\iwrijzk.sys 2008-11-12 17:15 . 2008-09-10 04:40 1,334,272 --a------ c:\windows\System32\msxml6.dll 2008-11-12 17:15 . 2008-09-05 06:14 1,191,936 --a------ c:\windows\System32\msxml3.dll 2008-11-12 17:15 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys 2008-11-11 18:58 . 2008-11-11 18:58 <DIR> d-------- c:\program files\Marvell 2008-11-11 18:51 . 2008-11-11 18:51 <DIR> d-------- c:\program files\Intel Corporation 2008-11-11 13:42 . 2008-11-11 13:42 <DIR> d-------- c:\program files\Enigma Software Group 2008-11-09 16:34 . 2008-11-09 16:43 <DIR> d-------- c:\users\Dah L33T LapTop\AppData\Roaming\Hamachi 2008-11-09 16:34 . 2008-11-09 16:34 25,280 --a------ c:\windows\System32\drivers\hamachi.sys 2008-11-08 21:33 . 2008-11-08 21:33 <DIR> d-------- c:\users\Dah L33T LapTop\AppData\Roaming\dvdcss 2008-11-08 18:25 . 2008-11-08 18:29 <DIR> d-------- c:\users\Dah L33T LapTop\AppData\Roaming\Ashampoo 2008-11-08 18:25 . 2008-11-08 18:25 <DIR> d-------- c:\users\All Users\ashampoo 2008-11-08 18:25 . 2008-11-08 18:25 <DIR> d-------- c:\programdata\ashampoo 2008-11-05 16:19 . 2008-11-05 16:19 <DIR> d-------- c:\users\All Users\NOS 2008-11-05 16:19 . 2008-11-05 16:19 <DIR> d-------- c:\programdata\NOS 2008-11-05 16:19 . 2008-11-05 16:19 <DIR> d-------- c:\program files\NOS 2008-11-02 16:17 . 2008-08-06 14:26 13,576,736 --a------ c:\windows\System32\nvcpl.dll 2008-11-02 16:17 . 2008-07-15 05:27 118,784 --a------ c:\windows\System32\nvcod131.dll 2008-11-02 16:17 . 2008-07-15 05:27 8,664 --a------ c:\windows\System32\nvdisp.nvu 2008-10-29 19:40 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\System32\d3dx9_34.dll 2008-10-28 19:37 . 2008-10-28 19:37 <DIR> d--h----- c:\program files\Temp 2008-10-28 19:37 . 2008-10-28 19:39 <DIR> d-------- c:\program files\Realtek 2008-10-28 19:37 . 2008-10-28 19:37 2,346,016 --a------ c:\windows\System32\RtkAPO.dll 2008-10-28 18:18 . 2008-08-12 04:39 443,392 --a------ c:\windows\System32\win32spl.dll 2008-10-28 18:18 . 2008-09-18 05:56 147,456 --a------ c:\windows\System32\Faultrep.dll 2008-10-28 18:18 . 2008-09-18 05:56 125,952 --a------ c:\windows\System32\wersvc.dll 2008-10-26 08:54 . 2008-10-22 19:42 958,464 --a------ c:\windows\System32\nvsvcr.dll 2008-10-26 08:54 . 2008-10-22 19:42 122,880 --a------ c:\windows\System32\nvcod135.dll 2008-10-26 08:54 . 2008-08-06 14:26 92,704 --a------ c:\windows\System32\nvmctray.dll 2008-10-26 08:54 . 2008-10-22 19:42 4,160 --a------ c:\windows\System32\drivers\nvBridge.kmd 2008-10-25 00:24 . 2008-10-25 00:24 <DIR> d-------- c:\program files\LITEON 2008-10-25 00:23 . 2008-10-25 00:23 <DIR> d-------- c:\windows\Downloaded Installations 2008-10-25 00:16 . 2008-02-25 15:28 238,080 --a------ c:\windows\System32\ITEIO_64.dll 2008-10-25 00:16 . 2008-02-25 15:29 14,544 --a------ c:\windows\System32\drivers\TVicPort.sys 2008-10-25 00:16 . 2008-02-25 15:29 6,080 --a------ c:\windows\System32\drivers\zntport.sys 2008-10-24 19:47 . 2008-10-24 19:47 <DIR> d-------- c:\windows\Sun 2008-10-23 20:39 . 2008-10-23 20:39 <DIR> d-------- C:\directx 2008-10-23 19:54 . 2008-10-23 19:54 277 --a------ c:\windows\game.ini 2008-10-21 14:52 . 2008-10-21 14:52 268 --ah----- C:\sqmdata02.sqm 2008-10-21 14:52 . 2008-10-21 14:52 244 --ah----- C:\sqmnoopt02.sqm 2008-10-20 16:59 . 2008-11-13 19:24 <DIR> dr------- c:\users\Dah L33T LapTop\Downloads 2008-10-19 18:50 . 2008-10-19 18:50 268 --ah----- C:\sqmdata01.sqm 2008-10-19 18:50 . 2008-10-19 18:50 244 --ah----- C:\sqmnoopt01.sqm 2008-10-18 00:58 . 2008-10-18 00:58 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-10-15 19:15 . 2008-08-27 02:06 288,768 --a------ c:\windows\System32\drivers\srv.sys 2008-10-15 18:18 . 2008-10-15 18:18 <DIR> d-------- c:\users\Dah L33T LapTop\AppData\Roaming\Acreon 2008-10-15 10:52 . 2008-10-15 10:52 <DIR> d-------- c:\users\All Users\Blizzard 2008-10-15 10:52 . 2008-10-15 10:52 <DIR> d-------- c:\programdata\Blizzard 2008-10-13 16:14 . 2008-09-12 02:05 122,880 --a------ c:\windows\System32\nvcod134.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-12 20:42 794 ----a-w c:\program files\cwwvwplu.txt 2008-11-12 19:39 202,320 ----a-w c:\windows\System32\PnkBstrB.exe 2008-11-12 19:39 138,408 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2008-11-12 17:07 --------- d-----w c:\programdata\Microsoft Help 2008-11-12 07:22 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\uTorrent 2008-11-12 07:10 --------- d-----w c:\programdata\NVIDIA 2008-11-11 17:49 663,552 ----a-w c:\windows\System32\NETw5c32.dll 2008-11-11 17:49 3,664,384 ----a-w c:\windows\system32\drivers\NETw5v32.sys 2008-11-11 17:49 2,756,608 ----a-w c:\windows\System32\NETw5r32.dll 2008-11-11 12:39 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\LimeWire 2008-11-07 15:24 32,821 ----a-w c:\users\All Users\nvModes.dat 2008-11-07 15:24 32,821 ----a-w c:\programdata\nvModes.dat 2008-11-07 15:23 --------- d-----w c:\program files\Common Files\Steam 2008-11-06 19:53 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\Winamp 2008-11-06 18:23 794 ----a-w c:\program files\houvggv.txt 2008-11-06 14:02 --------- d-----w c:\program files\Common Files\Adobe 2008-11-05 20:15 --------- d-----w c:\program files\Common Files\Blizzard Entertainment 2008-11-05 15:27 98,320 ----a-w c:\windows\system32\drivers\cmdguard.sys 2008-11-05 15:27 25,104 ----a-w c:\windows\system32\drivers\cmdhlp.sys 2008-11-05 15:27 143,096 ----a-w c:\windows\System32\guard32.dll 2008-10-29 18:34 682,280 ----a-w c:\windows\System32\pbsvc.exe 2008-10-29 18:34 66,872 ----a-w c:\windows\System32\PnkBstrA.exe 2008-10-29 18:34 22,328 ----a-w c:\users\Dah L33T LapTop\AppData\Roaming\PnkBstrK.sys 2008-10-29 18:34 --------- d--h--w c:\program files\InstallShield Installation Information 2008-10-24 23:01 53,248 ----a-w c:\windows\System32\CSVer.dll 2008-10-22 18:42 801,312 ----a-w c:\windows\System32\nvcplui.exe 2008-10-22 18:42 1,108,512 ----a-w c:\windows\System32\nvcpluir.dll 2008-10-22 15:55 453,152 ----a-w c:\windows\System32\nvuninst.exe 2008-10-22 15:10 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys 2008-10-22 15:10 15,504 ----a-w c:\windows\system32\drivers\mbam.sys 2008-10-21 06:20 --------- d-----w c:\program files\Microsoft Silverlight 2008-10-15 18:57 --------- d-----w c:\program files\Windows Mail 2008-10-07 10:05 --------- d-----w c:\program files\Acer GameZone 2008-10-07 10:01 --------- d-----w c:\program files\Windows Live 2008-10-06 12:34 --------- d-----w c:\program files\Trend Micro 2008-10-06 12:17 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\PCF-VLC 2008-10-06 12:15 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\JLC's Software 2008-10-06 12:14 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\Participatory Culture Foundation 2008-10-05 18:34 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\vlc 2008-10-05 11:20 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\AusLogics 2008-10-04 17:01 --------- d-----w c:\programdata\CyberLink 2008-10-04 16:52 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\CyberLink 2008-10-04 15:33 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\InstallShield Installation Information 2008-10-02 03:49 827,392 ----a-w c:\windows\System32\wininet.dll 2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll 2008-09-30 04:47 --------- d-----w c:\program files\Xvid 2008-09-27 19:36 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\Ventrilo 2008-09-27 13:46 --------- d-----w c:\program files\Common Files\InstallShield 2008-09-27 10:50 --------- d-----w c:\program files\ElcomSoft 2008-09-26 13:39 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\IObit 2008-09-23 17:51 --------- d-----w c:\programdata\Avira 2008-09-22 13:00 --------- d-----w c:\program files\Java 2008-09-22 12:59 --------- d-----w c:\program files\Common Files\Java 2008-09-22 12:57 --------- d-----w c:\program files\UltraMon 2008-09-21 18:37 28,728 ----a-w c:\windows\system32\drivers\msahci.sys 2008-09-21 18:37 21,560 ----a-w c:\windows\system32\drivers\atapi.sys 2008-09-21 18:01 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\Realtime Soft 2008-09-21 18:01 --------- d-----w c:\programdata\Realtime Soft 2008-09-21 12:40 --------- d-----w c:\program files\Cyberlink 2008-09-21 12:27 --------- d-----w c:\program files\eSobi 2008-09-21 12:03 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller 2008-09-21 12:03 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\Malwarebytes 2008-09-21 12:03 --------- d-----w c:\programdata\Malwarebytes 2008-09-21 12:02 --------- d-----w c:\programdata\WLInstaller 2008-09-21 11:35 92,704 ----a-w c:\windows\System32\nvhotkey.dll 2008-09-21 11:35 313,888 ----a-w c:\windows\System32\nvexpbar.dll 2008-09-21 11:35 217,088 ----a-w c:\windows\System32\oemdspif.dll 2008-09-21 10:44 --------- d-----w c:\programdata\SiteAdvisor 2008-09-21 10:23 --------- d-----w c:\program files\MSXML 4.0 2008-09-21 10:18 --------- d-----w c:\programdata\Comodo 2008-09-21 10:17 --------- d-----w c:\program files\Acer 2008-09-21 09:50 --------- d-----w c:\program files\Acer Inc 2008-09-21 09:50 --------- d-----w c:\program files\Acer Arcade Deluxe 2008-09-21 09:40 --------- d-----w c:\programdata\eSobi 2008-09-21 09:31 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\Yahoo! 2008-09-21 09:30 --------- d-----w c:\program files\Launch Manager 2008-09-21 09:29 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\Acer 2008-09-21 09:27 --------- d-----w c:\program files\SuYin 2008-09-21 09:26 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\InstallShield 2008-09-21 09:24 --------- d-----w c:\program files\WIDCOMM 2008-09-21 09:22 --------- d-----w c:\users\Dah L33T LapTop\AppData\Roaming\Comodo 2008-09-21 09:07 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-09-21 08:56 --------- d-sh--w c:\programdata\Start-meny 2008-09-21 08:56 --------- d-sh--w c:\programdata\Skrivebord 2008-09-21 08:56 --------- d-sh--w c:\programdata\Programdata 2008-09-21 08:56 --------- d-sh--w c:\programdata\Maler 2008-09-21 08:56 --------- d-sh--w c:\programdata\Favoritter 2008-09-21 08:56 --------- d-sh--w c:\programdata\Dokumenter 2008-09-21 08:56 --------- d-sh--w c:\program files\Fellesfiler 2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe 2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe 2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys 2008-09-03 03:59 468,992 ----a-w c:\windows\System32\newdev.dll 2008-09-03 03:58 74,752 ----a-w c:\windows\System32\newdev.exe 2008-08-18 09:04 270,336 ----a-w c:\windows\System32\ykx32mpcoinst.dll 2008-08-15 09:10 638,976 ----a-w c:\windows\System32\ykx32ncu.dll 2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((( snapshot_2008-11-06_20.23.32,83 ))))))))))))))))))))))))))))))))))))))))) . - 2008-11-05 14:26:05 51,200 ----a-w c:\windows\inf\infpub.dat + 2008-11-11 18:03:09 51,200 ----a-w c:\windows\inf\infpub.dat - 2008-11-05 14:26:05 86,016 ----a-w c:\windows\inf\infstor.dat + 2008-11-11 18:03:08 86,016 ----a-w c:\windows\inf\infstor.dat - 2008-11-05 14:26:05 143,360 ----a-w c:\windows\inf\infstrng.dat + 2008-11-11 18:03:09 143,360 ----a-w c:\windows\inf\infstrng.dat - 2008-10-17 23:59:12 5,120 ----a-r c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe + 2008-11-08 10:37:01 5,120 ----a-r c:\windows\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe + 2008-11-12 17:06:47 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe - 2008-10-15 18:18:18 20,240 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe + 2008-11-12 17:07:18 20,240 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe - 2008-10-15 18:18:18 184,080 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe + 2008-11-12 17:07:18 184,080 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe - 2008-10-15 18:18:18 217,864 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe + 2008-11-12 17:07:18 217,864 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe - 2008-10-15 18:18:18 18,704 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe + 2008-11-12 17:07:18 18,704 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe - 2008-10-15 18:18:18 35,088 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe + 2008-11-12 17:07:19 35,088 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe - 2008-10-15 18:18:18 922,384 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe + 2008-11-12 17:07:18 922,384 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe - 2008-10-15 18:18:18 888,080 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe + 2008-11-12 17:07:19 888,080 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe - 2008-10-15 18:18:18 1,172,240 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe + 2008-11-12 17:07:18 1,172,240 ----a-r c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe - 2008-11-06 18:17:34 262,144 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-11-13 18:33:57 262,144 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-11-13 18:33:57 262,144 ---ha-w c:\windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-11-06 18:17:39 262,144 ----a-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-11-13 18:33:52 262,144 ----a-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-11-13 18:33:52 262,144 ---ha-w c:\windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2008-11-06 14:32:37 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-11-13 14:32:40 16,384 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-11-06 14:32:37 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-11-13 14:32:40 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-11-06 14:32:37 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-11-13 14:32:40 32,768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-11-06 19:18:21 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat + 2008-11-13 18:40:19 262,144 ----a-w c:\windows\System32\config\systemprofile\ntuser.dat + 2008-11-13 18:40:19 262,144 ---ha-w c:\windows\System32\config\systemprofile\ntuser.dat.LOG1 - 2008-06-27 13:03:55 75,072 ----a-w c:\windows\System32\drivers\avipbb.sys + 2008-11-11 14:34:51 75,072 ----a-w c:\windows\System32\drivers\avipbb.sys - 2008-07-15 04:27:00 7,273,984 ----a-w c:\windows\System32\drivers\nvlddmkm.sys + 2008-08-06 13:26:00 7,317,536 ----a-w c:\windows\System32\drivers\nvlddmkm.sys + 2008-07-16 09:11:00 58,880 ----a-w c:\windows\System32\drivers\yk60x32l.sys + 2008-07-10 09:11:00 20,480 ----a-w c:\windows\System32\drivers\yk60x32v.sys - 2008-02-21 09:55:00 299,008 ----a-w c:\windows\System32\drivers\yk60x86.sys + 2008-08-18 09:04:00 304,640 ----a-w c:\windows\System32\drivers\yk60x86.sys + 2008-11-11 17:49:40 663,552 ----a-w c:\windows\System32\DriverStore\FileRepository\netw5v32.inf_3c71595c\NETw5c32.dll + 2008-11-11 17:49:40 2,756,608 ----a-w c:\windows\System32\DriverStore\FileRepository\netw5v32.inf_3c71595c\NETw5r32.dll + 2008-11-11 17:49:41 3,664,384 ----a-w c:\windows\System32\DriverStore\FileRepository\netw5v32.inf_3c71595c\NETw5v32.sys + 2008-08-06 13:26:00 795,104 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\dpinst.exe + 2008-08-06 13:26:00 483,328 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvapi.dll + 2008-08-06 13:26:00 122,880 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvcod.dll + 2008-08-06 13:26:00 143,360 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvcolor.exe + 2008-08-06 13:26:00 13,576,736 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvcpl.dll + 2008-08-06 13:26:00 797,216 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvcplui.exe + 2008-08-06 13:26:00 1,108,512 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvcpluir.dll + 2008-08-06 13:26:00 1,482,752 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvcuda.dll + 2008-08-06 13:26:00 5,959,680 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvd3dum.dll + 2008-08-06 13:26:00 3,996,192 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvdisps.dll + 2008-08-06 13:26:00 5,806,624 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvdispsr.dll + 2008-08-06 13:26:00 3,447,328 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvgames.dll + 2008-08-06 13:26:00 3,463,712 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvgamesr.dll + 2008-08-06 13:26:00 7,317,536 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvlddmkm.sys + 2008-08-06 13:26:00 236,064 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvmccs.dll + 2008-08-06 13:26:00 45,056 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvmccsrs.dll + 2008-08-06 13:26:00 195,104 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvmccss.dll + 2008-08-06 13:26:00 465,440 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvmccssr.dll + 2008-08-06 13:26:00 92,704 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvmctray.dll + 2008-08-06 13:26:00 1,264,160 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvmobls.dll + 2008-08-06 13:26:00 2,861,600 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvmoblsr.dll + 2008-08-06 13:26:00 9,011,200 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvoglv32.dll + 2008-08-06 13:26:00 612,896 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvsvc.dll + 2008-08-06 13:26:00 1,272,352 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvsvs.dll + 2008-08-06 13:26:00 711,200 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvsvsr.dll + 2008-08-06 13:26:00 453,152 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvudisp.exe + 2008-08-06 13:26:00 3,770,912 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvvitvs.dll + 2008-08-06 13:26:00 4,155,936 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvvitvsr.dll + 2008-08-06 13:26:00 196,608 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvvsvc.exe + 2008-08-06 13:26:00 2,501,632 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvwgf2um.dll + 2008-08-06 13:26:00 2,693,664 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvwss.dll + 2008-08-06 13:26:00 2,988,576 ----a-w c:\windows\System32\DriverStore\FileRepository\nv_disp.inf_5f864a64\nvwssr.dll + 2008-07-16 09:11:00 58,880 ----a-w c:\windows\System32\DriverStore\FileRepository\yk60x32lm.inf_501c3f2e\yk60x32l.sys + 2008-07-10 09:11:00 11,264 ----a-w c:\windows\System32\DriverStore\FileRepository\yk60x32lm.inf_501c3f2e\ykx32coinst.dll + 2008-07-16 09:11:00 44,032 ----a-w c:\windows\System32\DriverStore\FileRepository\yk60x32lp.inf_c9697931\yk60x32l.dll + 2008-07-16 09:11:00 58,880 ----a-w c:\windows\System32\DriverStore\FileRepository\yk60x32lp.inf_c9697931\yk60x32l.sys + 2008-07-10 09:11:00 20,480 ----a-w c:\windows\System32\DriverStore\FileRepository\yk60x32vm.inf_9e8cbf72\yk60x32v.sys + 2008-07-10 09:11:00 11,264 ----a-w c:\windows\System32\DriverStore\FileRepository\yk60x32vm.inf_9e8cbf72\ykx32coinst.dll + 2008-07-10 09:11:00 60,416 ----a-w c:\windows\System32\DriverStore\FileRepository\yk60x32vp.inf_17d9f975\yk60x32v.dll + 2008-07-10 09:11:00 20,480 ----a-w c:\windows\System32\DriverStore\FileRepository\yk60x32vp.inf_17d9f975\yk60x32v.sys + 2008-08-18 09:04:00 304,640 ----a-w c:\windows\System32\DriverStore\FileRepository\yk60x86.inf_489efd72\yk60x86.sys + 2008-08-18 09:04:00 270,336 ----a-w c:\windows\System32\DriverStore\FileRepository\yk60x86.inf_489efd72\ykx32mpcoinst.dll - 2008-10-07 19:19:40 16,721,856 ----a-w c:\windows\System32\mrt.exe + 2008-11-04 00:10:25 17,318,336 ----a-w c:\windows\System32\mrt.exe - 2008-07-15 04:27:00 483,328 ----a-w c:\windows\System32\nvapi.dll + 2008-08-06 13:26:00 483,328 ----a-w c:\windows\System32\nvapi.dll - 2008-07-15 04:27:00 118,784 ----a-w c:\windows\System32\nvcod.dll + 2008-08-06 13:26:00 122,880 ----a-w c:\windows\System32\nvcod.dll + 2008-08-06 13:26:00 122,880 ----a-w c:\windows\System32\nvcod133.dll - 2008-07-15 04:27:00 118,784 ----a-w c:\windows\System32\nvcodh.dll + 2008-08-06 13:26:00 122,880 ----a-w c:\windows\System32\nvcodh.dll - 2008-07-15 04:27:00 118,784 ----a-w c:\windows\System32\nvcodhins.dll + 2008-08-06 13:26:00 122,880 ----a-w c:\windows\System32\nvcodhins.dll - 2008-07-15 04:27:00 150,048 ----a-w c:\windows\System32\nvcolor.exe + 2008-08-06 13:26:00 143,360 ----a-w c:\windows\System32\nvcolor.exe - 2008-07-15 04:27:00 1,482,752 ----a-w c:\windows\System32\nvcuda.dll + 2008-08-06 13:26:00 1,482,752 ----a-w c:\windows\System32\nvcuda.dll - 2008-07-15 04:27:00 5,951,488 ----a-w c:\windows\System32\nvd3dum.dll + 2008-08-06 13:26:00 5,959,680 ----a-w c:\windows\System32\nvd3dum.dll - 2008-07-15 04:27:00 3,996,192 ----a-w c:\windows\System32\nvdisps.dll + 2008-08-06 13:26:00 3,996,192 ----a-w c:\windows\System32\nvdisps.dll - 2008-07-15 04:27:00 5,806,624 ----a-w c:\windows\System32\nvdispsr.dll + 2008-08-06 13:26:00 5,806,624 ----a-w c:\windows\System32\nvdispsr.dll - 2008-07-15 04:27:00 3,447,328 ----a-w c:\windows\System32\nvgames.dll + 2008-08-06 13:26:00 3,447,328 ----a-w c:\windows\System32\nvgames.dll - 2008-07-15 04:27:00 3,463,712 ----a-w c:\windows\System32\nvgamesr.dll + 2008-08-06 13:26:00 3,463,712 ----a-w c:\windows\System32\nvgamesr.dll - 2008-07-15 04:27:00 236,064 ----a-w c:\windows\System32\nvmccs.dll + 2008-08-06 13:26:00 236,064 ----a-w c:\windows\System32\nvmccs.dll - 2008-07-15 04:27:00 45,056 ----a-w c:\windows\System32\nvmccsrs.dll + 2008-08-06 13:26:00 45,056 ----a-w c:\windows\System32\nvmccsrs.dll - 2008-07-15 04:27:00 195,104 ----a-w c:\windows\System32\nvmccss.dll + 2008-08-06 13:26:00 195,104 ----a-w c:\windows\System32\nvmccss.dll - 2008-07-15 04:27:00 465,440 ----a-w c:\windows\System32\nvmccssr.dll + 2008-08-06 13:26:00 465,440 ----a-w c:\windows\System32\nvmccssr.dll - 2008-07-15 04:27:00 1,264,160 ----a-w c:\windows\System32\nvmobls.dll + 2008-08-06 13:26:00 1,264,160 ----a-w c:\windows\System32\nvmobls.dll - 2008-07-15 04:27:00 2,861,600 ----a-w c:\windows\System32\nvmoblsr.dll + 2008-08-06 13:26:00 2,861,600 ----a-w c:\windows\System32\nvmoblsr.dll - 2008-07-15 04:27:00 9,003,008 ----a-w c:\windows\System32\nvoglv32.dll + 2008-08-06 13:26:00 9,011,200 ----a-w c:\windows\System32\nvoglv32.dll - 2008-07-15 04:27:00 608,800 ----a-w c:\windows\System32\nvsvc.dll + 2008-08-06 13:26:00 612,896 ----a-w c:\windows\System32\nvsvc.dll - 2008-07-15 04:27:00 1,272,352 ----a-w c:\windows\System32\nvsvs.dll + 2008-08-06 13:26:00 1,272,352 ----a-w c:\windows\System32\nvsvs.dll - 2008-07-15 04:27:00 137,760 ----a-w c:\windows\System32\nvsvsr.dll + 2008-08-06 13:26:00 711,200 ----a-w c:\windows\System32\nvsvsr.dll - 2008-07-15 04:27:00 446,464 ----a-w c:\windows\System32\nvudisp.exe + 2008-08-06 13:26:00 453,152 ----a-w c:\windows\System32\nvudisp.exe - 2008-07-15 04:27:00 3,766,816 ----a-w c:\windows\System32\nvvitvs.dll + 2008-08-06 13:26:00 3,770,912 ----a-w c:\windows\System32\nvvitvs.dll - 2008-07-15 04:27:00 4,155,936 ----a-w c:\windows\System32\nvvitvsr.dll + 2008-08-06 13:26:00 4,155,936 ----a-w c:\windows\System32\nvvitvsr.dll - 2008-07-15 04:27:00 196,608 ----a-w c:\windows\System32\nvvsvc.exe + 2008-08-06 13:26:00 196,608 ----a-w c:\windows\System32\nvvsvc.exe - 2008-07-15 04:27:00 2,496,512 ----a-w c:\windows\System32\nvwgf2um.dll + 2008-08-06 13:26:00 2,501,632 ----a-w c:\windows\System32\nvwgf2um.dll - 2008-07-15 04:27:00 2,693,664 ----a-w c:\windows\System32\nvwss.dll + 2008-08-06 13:26:00 2,693,664 ----a-w c:\windows\System32\nvwss.dll - 2008-07-15 04:27:00 2,988,576 ----a-w c:\windows\System32\nvwssr.dll + 2008-08-06 13:26:00 2,988,576 ----a-w c:\windows\System32\nvwssr.dll - 2008-11-06 18:22:44 101,250 ----a-w c:\windows\System32\perfc009.dat + 2008-11-13 18:39:38 101,250 ----a-w c:\windows\System32\perfc009.dat - 2008-11-06 18:22:44 76,478 ----a-w c:\windows\System32\perfc014.dat + 2008-11-13 18:39:38 76,478 ----a-w c:\windows\System32\perfc014.dat - 2008-11-06 18:22:44 587,178 ----a-w c:\windows\System32\perfh009.dat + 2008-11-13 18:39:38 587,178 ----a-w c:\windows\System32\perfh009.dat - 2008-11-06 18:22:44 452,326 ----a-w c:\windows\System32\perfh014.dat + 2008-11-13 18:39:38 452,326 ----a-w c:\windows\System32\perfh014.dat - 2008-10-31 23:04:32 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2008-11-13 18:31:58 6,291,456 ----a-w c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT - 2008-11-06 18:18:01 8,642 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-283551383-3393271654-1372367075-1000_UserData.bin + 2008-11-13 18:35:01 8,978 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-283551383-3393271654-1372367075-1000_UserData.bin - 2008-11-06 18:18:00 83,046 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-11-13 18:35:01 83,270 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-11-06 18:18:00 51,134 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-11-13 18:35:01 52,490 ----a-w c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin - 2008-10-24 23:40:46 97,946 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2008-11-10 21:35:59 122,180 ----a-w c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2008-07-16 09:11:00 44,032 ----a-w c:\windows\System32\yk60x32l.dll + 2008-07-10 09:11:00 60,416 ----a-w c:\windows\System32\yk60x32v.dll + 2008-11-12 20:42:13 1,729,859 ----a-w c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin + 2008-09-05 04:48:28 1,194,496 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16745_none_8661c59c99cb7ce9\msxml3.dll + 2008-09-05 04:45:14 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16745_none_8661c59c99cb7ce9\msxml3r.dll + 2008-09-05 04:47:44 1,194,496 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.20910_none_8706d29fb2d54754\msxml3.dll + 2008-09-05 04:47:44 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.20910_none_8706d29fb2d54754\msxml3r.dll + 2008-09-05 05:14:05 1,191,936 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.18136_none_8853d47896e90b40\msxml3.dll + 2006-11-02 09:41:09 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.18136_none_8853d47896e90b40\msxml3r.dll + 2008-09-05 05:08:23 1,191,936 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.22258_none_88c9d1ffb015159a\msxml3.dll + 2008-09-05 05:04:53 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6001.22258_none_88c9d1ffb015159a\msxml3r.dll + 2008-09-10 03:25:00 1,341,440 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16747_none_866381d899c9fc7a\msxml6.dll + 2008-09-10 03:21:24 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16747_none_866381d899c9fc7a\msxml6r.dll + 2008-09-10 03:26:42 1,341,440 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.20913_none_87098f25b2d2e03c\msxml6.dll + 2008-09-10 03:26:42 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.20913_none_87098f25b2d2e03c\msxml6r.dll + 2008-09-10 03:40:14 1,334,272 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.18138_none_885590b496e78ad1\msxml6.dll + 2006-11-02 09:41:09 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.18138_none_885590b496e78ad1\msxml6r.dll + 2008-09-10 03:27:55 1,334,272 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.22261_none_88b7bbb5b023cd0d\msxml6.dll + 2008-09-10 03:23:55 2,048 ----a-w c:\windows\winsxs\x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6001.22261_none_88b7bbb5b023cd0d\msxml6r.dll + 2008-09-15 22:29:55 2,413,072 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16764_none_f064ff046e80cc5f\OESpamFilter.dat + 2008-09-15 22:29:55 2,413,072 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.20937_none_f1120e5787836182\OESpamFilter.dat + 2008-09-15 22:29:55 2,413,072 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18157_none_f2590e746b9c8d64\OESpamFilter.dat + 2008-09-15 22:29:55 2,413,072 ----a-w c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22288_none_f2c33bc584d19a58\OESpamFilter.dat + 2008-08-26 01:11:59 211,456 ----a-w c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.16738_none_86a5e1554e593846\mrxsmb10.sys + 2008-08-27 00:48:36 211,968 ----a-w c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6000.20904_none_874beea267621c08\mrxsmb10.sys + 2008-08-27 01:05:41 212,480 ----a-w c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18130_none_88841dab4b86fe7f\mrxsmb10.sys + 2008-08-27 00:52:38 212,480 ----a-w c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22252_none_88fa1b3264b308d9\mrxsmb10.sys + 2008-11-12 17:06:47 1,286,152 ----a-w c:\windows\winsxs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b\msxml4.dll + 2008-11-12 17:06:50 91,656 ----a-w c:\windows\winsxs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d\msxml4r.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 22:38 121392 --a------ c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] "DriverMax"="d:\drivermax\devices.exe" [2008-11-10 5347672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="d:\avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-30 397312] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-10-28 6335008] "COMODO Firewall Pro"="d:\comodo\Firewall\cfp.exe" [2008-11-05 1797880] "COMODO Internet Security"="d:\comodo\Firewall\cfp.exe" [2008-11-05 1797880] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-06 13576736] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-06 92704] "Malwarebytes Anti-Malware (reboot)"="d:\malwarebytes' anti-malware\mbam.exe" [2008-10-22 1261200] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) "DisableStatusMessages"= 1 (0x1) "DisableStartupSound"= 1 (0x1) "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"= c:\windows\system32\guard32.dll [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk] backup=c:\windows\pss\Acer VCM.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] backup=c:\windows\pss\BTTray.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-10-15 01:04 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater] -ra------ 2008-09-26 11:02 2356088 c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent] --------- 2008-04-10 15:30 147456 c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray] --a------ 2008-04-06 21:42 34040 c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer] --------- 2008-04-10 15:30 167936 c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio] --------- 2008-03-07 02:36 544768 c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader] --a------ 2008-03-04 22:38 526896 c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC] --a------ 2008-04-30 18:02 397312 c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager] --a------ 2008-04-01 02:01 793096 c:\progra~1\LAUNCH~1\LManager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2007-10-18 10:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie] --------- 2008-04-18 14:18 167936 c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] --a------ 2008-02-22 20:50 1037608 c:\program files\Synaptics\SynTP\SynTPEnh.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp] --a------ 2008-01-29 08:03 303104 c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2008-08-04 00:02 36352 d:\winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] --a------ 2008-01-21 03:23 1008184 c:\program files\Windows Defender\MSASCui.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-283551383-3393271654-1372367075-1000] "EnableNotifications"=dword:00000001 "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{C2484D3D-1116-48C4-BFB8-B91B14183680}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent "{360331AF-0526-4036-8C9C-082A9741303E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{A60AD18A-2C14-44CC-BD60-C6C11FC66FEC}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{F0ED5C80-031A-42D7-AC02-276BBDB43C1E}"= c:\program files\Acer\Acer VCM\VC.exe:Acer VCM "{825E1D77-3D30-470B-A386-04056CDD27BE}"= UDP:d:\utorrent\uTorrent.exe:µTorrent (TCP-In) "{5FC90F3E-F89B-48C6-BC14-7A076996F39C}"= TCP:d:\utorrent\uTorrent.exe:µTorrent (UDP-In) "{E0D7E821-B200-408B-9A95-FAB595A18E8F}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{5A91D12D-2525-4F45-955A-B58B6F59F9D8}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie "{3C51D6BC-65D2-4F47-B1F1-DCA2CE4444F3}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program "{306C9E70-1147-4C33-BED8-40599F5AE5A3}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia "{2207945A-421A-49DD-9DEA-C6A0E1EB0F17}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-11-05 98320] R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-11-05 25104] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-04-18 14:01 61424] R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504] R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576] R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368] R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-11 3664384] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-22 43040] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x86.sys [2008-08-18 304640] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712] S3 btwaudio;Bluetooth-lydenhet;c:\windows\system32\drivers\btwaudio.sys [2008-02-14 80424] S3 btwavdt;Bluetooth AVDT;c:\windows\system32\drivers\btwavdt.sys [2007-07-16 80936] S3 btwrchid;btwrchid;c:\windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2008-10-06 33752] S3 SkLaggProtocol;Marvell Link Aggregation Protocol;c:\windows\system32\DRIVERS\yk60x32l.sys [2008-07-16 58880] S3 SkVlanProtocol;Marvell VLAN Protocol;c:\windows\system32\DRIVERS\yk60x32v.sys [2008-07-10 20480] S3 Steam Client Service;Steam Client Service;c:\program files\Common Files\Steam\SteamService.exe [2008-11-07 99576] S4 ErrDev;Microsoft Hardware Error Device Driver;c:\windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR;c:\windows\system32\drivers\megasr.sys [2008-01-21 386616] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ . Contents of the 'Scheduled Tasks' folder 2008-11-13 c:\windows\Tasks\AWC Startup.job - d:\advanced systemcare 3\AWC.exe [2008-11-06 11:12] . . ------- Supplementary Scan ------- . FireFox -: Profile - c:\users\Dah L33T LapTop\AppData\Roaming\Mozilla\Firefox\Profiles\mp2hby2n.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://go.microsoft.com/fwlink/?LinkId=69157 FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll FF -: plugin - c:\users\Dah L33T LapTop\AppData\Roaming\Mozilla\Firefox\Profiles\mp2hby2n.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}\plugins\np_gp.dll FF -: plugin - d:\firefox\plugins\np-mswmp.dll FF -: plugin - d:\firefox\plugins\np_gp.dll FF -: plugin - d:\firefox\plugins\np32dsw.dll FF -: plugin - d:\firefox\plugins\npbittorrent.dll FF -: plugin - d:\firefox\plugins\npLegitCheckPlugin.dll FF -: plugin - d:\firefox\plugins\npnul32.dll FF -: plugin - d:\firefox\plugins\nppdf32.dll FF -: plugin - d:\vlc\npvlc.dll . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-13 19:45:26 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-11-13 19:47:26 ComboFix-quarantined-files.txt 2008-11-13 18:47:15 ComboFix2.txt 2008-11-06 19:24:36 ComboFix3.txt 2008-11-06 18:32:33 ComboFix4.txt 2008-11-06 17:27:13 ComboFix5.txt 2008-11-13 18:40:09 Pre-Run: 107 362 181 120 byte ledig Post-Run: 107,455,705,088 byte ledig 511 --- E O F --- 2008-11-12 17:08:54 Klikk for å se/fjerne innholdet nedenfor en ting som plager meg er hvorfor combofix er bruker så lang tid etter "completed stage 32" Lenke til kommentar
norbat Skrevet 13. november 2008 Del Skrevet 13. november 2008 Se om rootkit-scanneren Blacklight kjører på Vista Lenke til kommentar
raWrz Skrevet 13. november 2008 Forfatter Del Skrevet 13. november 2008 Se om rootkit-scanneren Blacklight kjører på Vista funker den Lenke til kommentar
raWrz Skrevet 13. november 2008 Forfatter Del Skrevet 13. november 2008 ser ut som om den ikke fant noe... Lenke til kommentar
norbat Skrevet 13. november 2008 Del Skrevet 13. november 2008 Kunne du ha postet den siste mbam-loggen også Lenke til kommentar
raWrz Skrevet 13. november 2008 Forfatter Del Skrevet 13. november 2008 Klikk for å se/fjerne innholdet nedenfor Malwarebytes' Anti-Malware 1.30Database versjon: 1395 Windows 6.0.6001 Service Pack 1 13.11.2008 19:39:03 mbam-log-2008-11-13 (19-39-03).txt Skanntype: Rask Skann Objekter skannet: 42471 Tid tilbakelagt: 4 minute(s), 28 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 7 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: C:\Users\Default\My Documents\My Music\New Song.lagu (Backdoor.Bot) -> Delete on reboot. C:\Users\Default\My Documents\My Music\Video.vidz (Backdoor.Bot) -> Delete on reboot. C:\Users\Default\My Documents\My Pictures\aweks.pikz (Backdoor.Bot) -> Delete on reboot. C:\Users\Default\My Documents\My Pictures\seram.pikz (Backdoor.Bot) -> Delete on reboot. C:\Users\Default\My Documents\My Music\My Music.url (Trojan.Zlob) -> Delete on reboot. C:\Users\Default\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Delete on reboot. C:\Users\Default\My Documents\My Videos\My Video.url (Trojan.Zlob) -> Delete on reboot. de filene jeg prata på ble borte etter reboot :s men disse blir alrdi borte :hmmm: Lenke til kommentar
norbat Skrevet 13. november 2008 Del Skrevet 13. november 2008 (endret) Er det slik at mbam finner filene i sikker modus også? Jeg tror at det beste nå er å opprette en tråd hos Malwarebytes. Prøv først i 'False Positives'-kategorien. Legg med en HJT-logg og en MBAM-logg (nye). Endret 13. november 2008 av norbat Lenke til kommentar
raWrz Skrevet 13. november 2008 Forfatter Del Skrevet 13. november 2008 (endret) ok mbam finner de ikke i sikkerhets modus :s Endret 13. november 2008 av Submit Lenke til kommentar
norbat Skrevet 13. november 2008 Del Skrevet 13. november 2008 En liten test: Hvis du restarter pc'n og kjører MBAM før du starter noen andre programmer, finner MBAM fortsatt disse filene? Lenke til kommentar
raWrz Skrevet 13. november 2008 Forfatter Del Skrevet 13. november 2008 mener det kan sjekke etter litt woW gaming >.< Lenke til kommentar
raWrz Skrevet 14. november 2008 Forfatter Del Skrevet 14. november 2008 har nå oppdatert mbam til database verson: 1397 og definisjon: 56599 og da finner ikke Mbam de lenger? så kansje det var false positiv? Lenke til kommentar
snippsat Skrevet 14. november 2008 Del Skrevet 14. november 2008 Mbam de lenger? så kansje det var false positiv? Ser ut som en liten feil eller falsk posetiv fra MBAM sin side,som spillte oss et litt ut over sidelinjen. Da skulle det vel være greit. Lenke til kommentar
norbat Skrevet 14. november 2008 Del Skrevet 14. november 2008 har nå oppdatert mbam til database verson: 1397 og definisjon: 56599 og da finner ikke Mbam de lenger? så kansje det var false positiv? Ja, hvis du ikke har fjernet noe? i mellomtiden, så ser jeg ingen annen forklaring på at i dette tilfellet var det falsk alarm (eller rett og slett en bug i programmet) Lenke til kommentar
raWrz Skrevet 14. november 2008 Forfatter Del Skrevet 14. november 2008 har laga en tråd i false positive tråden dems: http://www.malwarebytes.org/forums/index.php?showtopic=7483 bare vente og se Lenke til kommentar
raWrz Skrevet 14. november 2008 Forfatter Del Skrevet 14. november 2008 også kom de tilbake igjen? Lenke til kommentar
raWrz Skrevet 14. november 2008 Forfatter Del Skrevet 14. november 2008 har prøvd og sletta filene med avenger men det kommer bare error på alle de så tror ikke på false positiv fra Mbam :s skal poste avenger logg når jeg finer den :s Lenke til kommentar
norbat Skrevet 14. november 2008 Del Skrevet 14. november 2008 Hvis du har lagt inn en tråd på malwarebytes, så avventer du hva de kommer fram til. Hvis dette er malware, så blir de opprettet av noe annet som ligger på pc'n din, så det er liten vits i å slette dem (noe som tydeligvis ikke går - ennå) Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå