Galexon Skrevet 15. juli 2009 Del Skrevet 15. juli 2009 Hei Kom til å tenke på en ting (Jeg er muligens en smule paranoid, men...)... Jeg kom til å tenke på dette med kapring av webkamera, enten gjennom trojanere, eller gjennom skript-basert kapring, også kalt "clickjacking". Jeg ble rett og slett kvalm. Jeg har brukt laptopen min med webkamera integrert i skjermen til musikkspiller på badet mens jeg har dusjet, og blir rett og slett kvalm og mister nattesøvnen når jeg tenker på at dette kanskje (hvis jeg har blitt overvåket) kan være lastet opp et eller annet sted på internett. Hvor stor er sjansen for å bli utsatt for dette? Hvordan kan en vite om en er utsatt? Hvordan kan en finne ut om en har blitt utsatt for dette i fortiden? Mine forhåndsregler nå er svart elektroteip over linsa, og at jeg har deaktivert enhetsdriveren til webkameraet. Jeg er mer bekymret for om noen kan ha overvåket meg før. Av sikkerhetsprogrammer har jeg: - Windows Defender - Avira AntiVirus - Malwarebyte - MacAfee brannmur - Windows brannmur Alt er skrudd på og overvåker PC'en for trusler Lenke til kommentar
kjeLL// Skrevet 15. juli 2009 Del Skrevet 15. juli 2009 (endret) uten at jeg har peil på webcam kapring. så kan jeg fort si at MANGE sikkerhets programmer ikke er bra.. de fleste programmer har en eller annen sikkerhetsfeil.. og mange sikkerhets programmer sikrer på mange måter at det finnes minst 1 opning for å kapre maskinen din. samt at det bruker mye ressusjer. max beskyttelse bør bestå av én *virus *branmur *spyware(jeg er veldig skeptisk til denne..) *en internett browser som støtter en eller annen form for no script. mange virus sprees via pluggins på internett. selv bruker jeg kun branmur. sundt fokevett på nett er ofte nok til at du slepper det meste av crap Endret 15. juli 2009 av kjeLL// Lenke til kommentar
snippsat Skrevet 15. juli 2009 Del Skrevet 15. juli 2009 (endret) Hvordan kan en vite om en er utsatt? Er du tvil kjører du igjennom Veiledningen og poster logger. Det er mange med dårilg kunnskap som prøver dette med webkamera hack. Programmer som ofte er brukt. Turkojan 4.0 Prorat Spy-Net [RAT] nå (Cerberus Rat) Samme fremgangs måte,si at du får en link på msn. Du åpner den og en program legger seg inn(dette tar oppdaterte sikkerhetprodukter i de fleste tilfeller) Ikke kan det lykkes og få kontrol over webkamera. Endret 15. juli 2009 av SNIPPSAT Lenke til kommentar
Galexon Skrevet 15. juli 2009 Forfatter Del Skrevet 15. juli 2009 Hvordan kan en vite om en er utsatt? Er du tvil kjører du igjennom Veiledningen og poster logger. Det er mange med dårilg kunnskap som prøver dette med webkamera hack. Programmer som ofte er brukt. Turkojan 4.0 Prorat Spy-Net [RAT] nå (Cerberus Rat) Samme fremgangs måte,si at du får en link på msn. Du åpner den og en program legger seg inn(dette tar oppdaterte sikkerhetprodukter i de fleste tilfeller) Ikke kan det lykkes og få kontrol over webkamera. Spywarebot - Search and destroy, malwarebyte og Avira gir rapport om ingen trusler. Men jeg legger med loggen fra Avira-søket hvor jeg fant denne trojaneren. Avira AntiVir Personal Report file date: 1. juli 2009 11:51 Scanning for 1440683 virus strains and unwanted programs. Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows Vista Windows version : (Service Pack 1) [6.0.6001] Boot mode : Normally booted Username : SYSTEM Computer name : GALEXON Version information: BUILD.DAT : 9.0.0.403 17961 Bytes 03.06.2009 17:05:00 AVSCAN.EXE : 9.0.3.6 466689 Bytes 11.05.2009 08:14:47 AVSCAN.DLL : 9.0.3.0 40705 Bytes 27.02.2009 09:58:24 LUKE.DLL : 9.0.3.2 209665 Bytes 20.02.2009 10:35:49 LUKERES.DLL : 9.0.2.0 12033 Bytes 27.02.2009 09:58:52 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27.10.2008 11:30:36 ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24.06.2009 23:19:38 ANTIVIR2.VDF : 7.1.4.133 2048 Bytes 24.06.2009 23:19:38 ANTIVIR3.VDF : 7.1.4.159 245248 Bytes 30.06.2009 23:19:38 Engineversion : 8.2.0.199 AEVDF.DLL : 8.1.1.1 106868 Bytes 30.04.2009 10:52:04 AESCRIPT.DLL : 8.1.2.10 418171 Bytes 30.06.2009 23:19:40 AESCN.DLL : 8.1.2.3 127347 Bytes 14.05.2009 10:02:01 AERDL.DLL : 8.1.1.3 438645 Bytes 29.10.2008 17:24:41 AEPACK.DLL : 8.1.3.18 401783 Bytes 27.05.2009 15:07:20 AEOFFICE.DLL : 8.1.0.38 196987 Bytes 30.06.2009 23:19:40 AEHEUR.DLL : 8.1.0.137 1823095 Bytes 30.06.2009 23:19:40 AEHELP.DLL : 8.1.3.6 205174 Bytes 30.06.2009 23:19:39 AEGEN.DLL : 8.1.1.46 348533 Bytes 30.06.2009 23:19:39 AEEMU.DLL : 8.1.0.9 393588 Bytes 09.10.2008 13:32:40 AECORE.DLL : 8.1.6.12 180599 Bytes 27.05.2009 15:07:20 AEBB.DLL : 8.1.0.3 53618 Bytes 09.10.2008 13:32:40 AVWINLL.DLL : 9.0.0.3 18177 Bytes 12.12.2008 07:47:59 AVPREF.DLL : 9.0.0.1 43777 Bytes 05.12.2008 09:32:15 AVREP.DLL : 8.0.0.3 155905 Bytes 20.01.2009 13:34:28 AVREG.DLL : 9.0.0.0 36609 Bytes 05.12.2008 09:32:09 AVARKT.DLL : 9.0.0.3 292609 Bytes 24.03.2009 14:05:41 AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30.01.2009 09:37:08 SQLITE3.DLL : 3.6.1.0 326401 Bytes 28.01.2009 14:03:49 SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02.02.2009 07:21:33 NETNT.DLL : 9.0.0.0 11521 Bytes 05.12.2008 09:32:10 RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15.05.2009 14:39:58 RCTEXT.DLL : 9.0.37.0 86785 Bytes 17.04.2009 09:19:48 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, D:, F:, Process scan........................: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Deviating risk categories...........: +APPL,+PCK,+SPR, Start of the scan: 1. juli 2009 11:51 Starting search for hidden objects. '70547' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'msiexec.exe' - '1' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned Scan process 'mbam.exe' - '1' Module(s) have been scanned Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'wuauclt.exe' - '1' Module(s) have been scanned Scan process 'msiexec.exe' - '1' Module(s) have been scanned Scan process 'TrustedInstaller.exe' - '1' Module(s) have been scanned Scan process 'McNASvc.exe' - '1' Module(s) have been scanned Scan process 'mcsysmon.exe' - '1' Module(s) have been scanned Scan process 'SteamService.exe' - '1' Module(s) have been scanned Scan process 'acp2HID.exe' - '1' Module(s) have been scanned Scan process 'SynTPHelper.exe' - '1' Module(s) have been scanned Scan process 'unsecapp.exe' - '1' Module(s) have been scanned Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned Scan process 'BTTray.exe' - '1' Module(s) have been scanned Scan process 'AcerVCM.exe' - '1' Module(s) have been scanned Scan process 'daemon.exe' - '1' Module(s) have been scanned Scan process 'Steam.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'PMVService.exe' - '1' Module(s) have been scanned Scan process 'CLMLSvc.exe' - '1' Module(s) have been scanned Scan process 'ArcadeDeluxeAgent.exe' - '1' Module(s) have been scanned Scan process 'ePower_DMC.exe' - '1' Module(s) have been scanned Scan process 'eDSLoader.exe' - '1' Module(s) have been scanned Scan process 'eAudio.exe' - '1' Module(s) have been scanned Scan process 'LManager.exe' - '1' Module(s) have been scanned Scan process 'RtkBtMnt.exe' - '1' Module(s) have been scanned Scan process 'PLFSetI.exe' - '1' Module(s) have been scanned Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned Scan process 'BkupTray.exe' - '1' Module(s) have been scanned Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned Scan process 'mcagent.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'unsecapp.exe' - '1' Module(s) have been scanned Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned Scan process 'dwm.exe' - '1' Module(s) have been scanned Scan process 'mcmscsvc.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'RS_Service.exe' - '1' Module(s) have been scanned Scan process 'RichVideo.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SchedulerSvc.exe' - '1' Module(s) have been scanned Scan process 'BackupSvc.exe' - '1' Module(s) have been scanned Scan process 'msksrver.exe' - '1' Module(s) have been scanned Scan process 'MpfSrv.exe' - '1' Module(s) have been scanned Scan process 'MobilityService.exe' - '1' Module(s) have been scanned Scan process 'Mcshield.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'McProxy.exe' - '1' Module(s) have been scanned Scan process 'McSACore.exe' - '1' Module(s) have been scanned Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned Scan process 'ETService.exe' - '1' Module(s) have been scanned Scan process 'eDSService.exe' - '1' Module(s) have been scanned Scan process 'CLHNService.exe' - '1' Module(s) have been scanned Scan process 'Agentsvc.exe' - '1' Module(s) have been scanned Scan process 'btwdins.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'agrsmsvc.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SLsvc.exe' - '1' Module(s) have been scanned Scan process 'audiodg.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsm.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'wininit.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 86 processes with 86 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Master boot sector HD2 [iNFO] No virus was found! Master boot sector HD3 [iNFO] No virus was found! [iNFO] Please restart the search with Administrator rights Master boot sector HD4 [iNFO] No virus was found! [iNFO] Please restart the search with Administrator rights Master boot sector HD5 [iNFO] No virus was found! [iNFO] Please restart the search with Administrator rights Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Boot sector 'F:\' [iNFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '54' files ). Starting the file scan: Begin scan in 'C:\' <ACER> C:\hiberfil.sys [WARNING] The file could not be opened! [NOTE] This file is a Windows system file. [NOTE] This file cannot be opened for scanning. C:\pagefile.sys [WARNING] The file could not be opened! [NOTE] This file is a Windows system file. [NOTE] This file cannot be opened for scanning. C:\Windows\System32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <DATA> Begin scan in 'F:\' <EKSTERN HD> F:\Spill\FPS\Star Wars Republic commando\Keygen\rld-srck.rar [0] Archive type: RAR --> rld-srck.exe [DETECTION] Is the TR/Packed.8251 Trojan F:\Spill\FPS\System Shock 2\Sshock2.exe [0] Archive type: ACE SFX (self extracting) --> patchlog [WARNING] Out of memory! The virus or unwanted program was not deleted! --> 00000409.016 [WARNING] No further files can be extracted from this archive. The archive will be closed [WARNING] No further files can be extracted from this archive. The archive will be closed F:\Spill\FPS\System Shock 2\sysshock2.zip [0] Archive type: ZIP --> Sshock2.exe [1] Archive type: ACE SFX (self extracting) --> patchlog [WARNING] Out of memory! The virus or unwanted program was not deleted! --> 00000409.016 [WARNING] No further files can be extracted from this archive. The archive will be closed [WARNING] No further files can be extracted from this archive. The archive will be closed Beginning disinfection: F:\Spill\FPS\Star Wars Republic commando\Keygen\rld-srck.rar [NOTE] The file was moved to '4aaf40c3.qua'! End of the scan: 1. juli 2009 12:54 Used time: 1:02:35 Hour(s) The scan has been done completely. 14943 Scanned directories 313991 Files were scanned 1 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 1 Files were moved to quarantine 0 Files were renamed 3 Files cannot be scanned 313987 Files not concerned 2523 Archives were scanned 9 Warnings 3 Notes 70547 Objects were scanned with rootkit scan 0 Hidden objects were found Lenke til kommentar
Galexon Skrevet 15. juli 2009 Forfatter Del Skrevet 15. juli 2009 Hvordan vet man forresten om man er blitt utsatt for clickjacking? De som utnytter sikkerhetshull i flash, installerer vel ingenting på maskinen min som jeg kan oppdage? En slags usynlig inntrengning? Lenke til kommentar
snippsat Skrevet 15. juli 2009 Del Skrevet 15. juli 2009 Hvordan vet man forresten om man er blitt utsatt for clickjacking? For og være helt sikker,så kjører du combofix og poster loggen. Spywarebot er vi ikke interessert og få noe logg fra. De som utnytter sikkerhetshull i flash Ha oppdater software er alltid smart. Du kan scanne her Secunia Lenke til kommentar
Galexon Skrevet 15. juli 2009 Forfatter Del Skrevet 15. juli 2009 ComboFix 09-07-14.08 - Geir Arne 15.07.2009 15:42.1.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1044.18.3066.1083 [GMT 2:00] Kjører fra: c:\users\Geir Arne\Downloads\ComboFix.exe SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Anti-virus er aktiv . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Installer\1857f8.msi c:\windows\Installer\6d89a.msi c:\windows\Temp\log.txt . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-06-15 til 2009-07-15 ))))))))))))))))))))))))))))))))) . 2009-07-15 11:40 . 2009-07-15 12:12 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2009-07-15 11:40 . 2009-07-15 11:40 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-07-15 11:09 . 2009-07-15 11:09 -------- d-----w- c:\programdata\Office Genuine Advantage 2009-07-15 02:40 . 2009-07-15 02:40 -------- d-----w- c:\users\Geir Arne\AppData\Roaming\Intel 2009-07-15 02:40 . 2009-07-15 02:40 -------- d-----w- c:\users\Public\Roaming 2009-07-15 02:40 . 2009-07-15 02:40 -------- d-----w- c:\users\Geir Arne\Roaming 2009-07-15 02:40 . 2009-07-15 02:40 -------- d-----w- c:\users\Default\Roaming 2009-07-15 02:40 . 2009-07-15 02:40 -------- d-----w- c:\programdata\Roaming 2009-07-15 02:39 . 2009-07-15 02:39 -------- d-----w- c:\program files\Cisco 2009-07-15 02:39 . 2009-07-15 02:39 -------- d-----w- c:\program files\Common Files\Intel 2009-07-15 02:39 . 2009-07-15 02:39 -------- d-----w- c:\programdata\Intel 2009-07-15 02:36 . 2009-07-15 02:36 -------- d-----w- c:\users\Geir Arne\AppData\Local\Microsoft Help 2009-07-15 02:21 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll 2009-07-15 02:21 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2009-07-15 02:21 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2009-07-15 02:21 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll 2009-07-15 02:21 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe 2009-07-15 02:21 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll 2009-07-15 02:21 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe 2009-07-15 02:21 . 2009-07-15 02:21 -------- d-----w- c:\program files\SiteAdvisor 2009-07-15 02:12 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll 2009-07-15 02:12 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll 2009-07-15 02:12 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll 2009-07-15 02:12 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll 2009-07-15 02:12 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll 2009-07-12 20:59 . 2009-07-12 20:59 -------- d-----w- c:\users\Geir Arne\AppData\Roaming\Atari 2009-07-12 20:58 . 2009-07-12 20:58 -------- d-----w- c:\program files\Atari 2009-07-07 01:12 . 2009-07-07 01:12 -------- d-----w- c:\users\Geir Arne\AppData\Roaming\Template 2009-07-06 22:38 . 2009-07-06 22:38 -------- d-----w- c:\users\Geir Arne\AppData\Local\CyberLink 2009-07-06 22:38 . 2009-07-06 22:38 -------- d-----w- c:\users\Geir Arne\AppData\Local\SoftDMA 2009-07-06 22:38 . 2009-07-06 22:38 -------- d-----w- c:\users\Geir Arne\AppData\Local\Acer Arcade Deluxe 2009-07-06 22:36 . 2009-07-06 22:36 613208 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-07-06 21:57 . 2009-07-06 21:57 -------- d-----w- c:\users\Geir Arne\Bluetooth Software 2009-07-04 01:10 . 2009-07-04 14:34 -------- d-----w- c:\program files\Saints Row 2 2009-07-02 21:32 . 2009-07-02 21:49 -------- d-----w- c:\program files\Blitzkrieg 2 2009-07-02 13:46 . 2009-07-02 13:46 -------- d-----w- c:\program files\Activision 2009-07-01 22:52 . 2009-07-01 22:52 -------- d-----w- c:\users\Geir Arne\AppData\Roaming\Thinstall 2009-07-01 22:52 . 2009-07-01 22:52 -------- d-----w- c:\users\Geir Arne\AppData\Local\Thinstall 2009-07-01 19:48 . 2009-07-01 19:48 -------- d-----w- c:\users\Geir Arne\AppData\Roaming\Leadertech 2009-07-01 19:46 . 2009-07-01 19:46 -------- d-----w- c:\program files\NovaLogic 2009-07-01 16:50 . 2009-07-01 16:50 -------- d-----w- c:\program files\Plasma Pong 2009-07-01 11:59 . 2009-07-01 11:59 -------- d-----w- c:\users\Geir Arne\AppData\Local\World in Conflict 2009-07-01 11:52 . 2009-07-01 11:52 -------- d-----w- c:\program files\Sierra Entertainment 2009-07-01 10:00 . 2008-10-22 01:22 2048 ----a-w- c:\windows\system32\tzres.dll 2009-07-01 09:47 . 2009-07-01 09:47 -------- d-----w- c:\program files\MSXML 4.0 2009-07-01 09:46 . 2009-07-01 09:46 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-07-01 09:46 . 2009-07-01 09:46 -------- d-----w- c:\program files\Java 2009-06-30 23:20 . 2009-06-30 23:20 -------- d-----w- c:\users\Geir Arne\AppData\Roaming\Malwarebytes 2009-06-30 23:20 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-30 23:20 . 2009-06-30 23:20 -------- d-----w- c:\programdata\Malwarebytes 2009-06-30 23:20 . 2009-06-30 23:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-30 23:20 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-30 23:16 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-06-30 23:16 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-06-30 23:16 . 2009-06-30 23:16 -------- d-----w- c:\programdata\Avira 2009-06-30 23:16 . 2009-06-30 23:16 -------- d-----w- c:\program files\Avira 2009-06-30 22:59 . 2009-06-30 23:07 -------- d-----w- c:\program files\GTA Vice City 2009-06-30 22:57 . 2007-09-04 16:56 164352 ----a-w- c:\windows\system32\unrar.dll 2009-06-30 22:57 . 2008-01-10 12:15 755027 ----a-w- c:\windows\system32\xvidcore.dll 2009-06-30 22:57 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll 2009-06-30 22:57 . 2008-03-21 20:30 3596288 ----a-w- c:\windows\system32\qt-dx331.dll 2009-06-30 22:57 . 2008-03-21 20:28 81920 ----a-w- c:\windows\system32\dpl100.dll 2009-06-30 22:57 . 2008-01-10 12:16 159839 ----a-w- c:\windows\system32\xvidvfw.dll 2009-06-30 22:57 . 2008-03-31 21:25 682496 ----a-w- c:\windows\system32\divx.dll 2009-06-30 22:57 . 2008-03-28 17:41 7680 ----a-w- c:\windows\system32\ff_vfw.dll 2009-06-30 22:57 . 2009-06-30 22:57 -------- d-----w- c:\program files\K-Lite Codec Pack 2009-06-30 22:36 . 2009-07-12 20:14 -------- d-----w- c:\programdata\Media Center Programs 2009-06-30 22:10 . 2009-06-30 22:10 -------- d-----w- c:\program files\THQ 2009-06-30 18:19 . 2009-06-30 18:19 -------- d-----w- c:\users\Geir Arne\AppData\Roaming\The Creative Assembly 2009-06-30 17:53 . 2009-06-30 18:15 -------- d-----w- c:\program files\Empire Total War 2009-06-30 17:52 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll 2009-06-30 17:52 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll 2009-06-30 17:39 . 2008-06-23 01:59 2868736 ----a-w- c:\windows\system32\mf.dll 2009-06-30 17:39 . 2008-06-23 01:59 996352 ----a-w- c:\windows\system32\WMNetMgr.dll 2009-06-30 17:39 . 2008-06-23 01:58 94720 ----a-w- c:\windows\system32\logagent.exe 2009-06-30 17:30 . 2008-12-16 05:31 7680 ----a-w- c:\windows\system32\spwmp.dll 2009-06-30 17:30 . 2008-12-16 05:31 4096 ----a-w- c:\windows\system32\dxmasf.dll 2009-06-30 17:30 . 2008-12-16 03:29 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2009-06-30 17:29 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll 2009-06-30 17:23 . 2009-02-13 08:49 1255936 ----a-w- c:\windows\system32\lsasrv.dll 2009-06-30 17:23 . 2009-03-17 03:38 13824 ----a-w- c:\windows\system32\apilogen.dll 2009-06-30 17:23 . 2009-03-17 03:38 24064 ----a-w- c:\windows\system32\amxread.dll 2009-06-30 17:23 . 2009-02-13 08:49 72704 ----a-w- c:\windows\system32\secur32.dll 2009-06-30 17:19 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll 2009-06-30 17:19 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll 2009-06-30 17:10 . 2008-06-19 03:31 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL 2009-06-30 17:10 . 2008-10-22 03:57 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll 2009-06-30 17:10 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys 2009-06-30 17:10 . 2008-12-06 04:42 376832 ----a-w- c:\windows\system32\winhttp.dll 2009-06-30 17:09 . 2008-10-21 05:25 296960 ----a-w- c:\windows\system32\gdi32.dll 2009-06-30 17:02 . 2008-08-27 01:05 212480 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2009-06-30 17:02 . 2008-06-06 03:27 38912 ----a-w- c:\windows\system32\xolehlp.dll 2009-06-30 17:02 . 2008-06-06 03:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll 2009-06-30 17:02 . 2008-04-18 05:48 269312 ----a-w- c:\windows\system32\es.dll 2009-06-30 17:02 . 2008-11-01 03:44 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2009-06-30 17:02 . 2008-11-01 01:21 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2009-06-30 16:59 . 2008-06-26 03:29 303616 ----a-w- c:\windows\system32\wmpeffects.dll 2009-06-30 16:59 . 2008-09-05 05:14 1191936 ----a-w- c:\windows\system32\msxml3.dll 2009-06-30 16:23 . 2008-10-29 06:29 2927104 ----a-w- c:\windows\explorer.exe 2009-06-30 16:04 . 2008-08-28 03:40 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll 2009-06-30 16:04 . 2008-08-28 03:40 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll 2009-06-30 16:04 . 2008-08-28 03:40 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll 2009-06-30 16:00 . 2008-08-12 03:39 443392 ----a-w- c:\windows\system32\win32spl.dll 2009-06-30 15:58 . 2008-06-26 03:29 565248 ----a-w- c:\windows\system32\emdmgmt.dll 2009-06-30 15:58 . 2008-08-02 01:01 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2009-06-30 15:58 . 2008-06-26 03:29 45056 ----a-w- c:\windows\system32\dataclen.dll 2009-06-30 15:58 . 2008-05-20 02:07 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys 2009-06-30 15:58 . 2008-08-02 03:26 36864 ----a-w- c:\windows\system32\cdd.dll 2009-06-30 15:58 . 2008-12-16 02:42 288768 ----a-w- c:\windows\system32\drivers\srv.sys 2009-06-30 15:57 . 2008-11-27 04:43 268288 ----a-w- c:\windows\system32\schannel.dll 2009-06-30 15:51 . 2008-04-10 05:12 738304 ----a-w- c:\windows\system32\inetcomm.dll 2009-06-30 15:50 . 2008-10-21 05:25 1645568 ----a-w- c:\windows\system32\connect.dll 2009-06-30 15:40 . 2008-09-10 03:40 1334272 ----a-w- c:\windows\system32\msxml6.dll 2009-06-30 14:38 . 2009-06-30 14:38 -------- d-----w- c:\programdata\DAEMON Tools Lite 2009-06-30 14:37 . 2009-06-30 14:37 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-06-30 14:37 . 2009-06-30 14:37 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-06-30 14:36 . 2009-07-09 22:27 680 ----a-w- c:\users\Geir Arne\AppData\Local\d3d9caps.dat 2009-06-30 14:26 . 2009-06-30 14:26 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-06-30 14:25 . 2009-06-30 17:53 -------- d-----w- c:\users\Geir Arne\AppData\Roaming\DAEMON Tools Lite 2009-06-30 14:21 . 2009-07-15 11:10 -------- d-----w- c:\users\Geir Arne\Tracing 2009-06-30 14:12 . 2009-06-30 14:12 -------- d-----w- c:\program files\Microsoft 2009-06-30 14:12 . 2009-06-30 14:12 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-06-30 14:12 . 2009-06-30 14:13 -------- d-----w- c:\program files\Windows Live 2009-06-30 14:10 . 2009-06-30 14:10 -------- d-----w- c:\program files\Common Files\Windows Live 2009-06-30 12:57 . 2009-06-30 12:57 -------- d-sh--w- c:\windows\ftpcache . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-15 11:13 . 2008-05-13 05:59 76478 ----a-w- c:\windows\system32\perfc014.dat 2009-07-15 11:13 . 2008-05-13 05:59 452326 ----a-w- c:\windows\system32\perfh014.dat 2009-07-15 11:09 . 2009-06-29 23:48 71280 ----a-w- c:\users\Geir Arne\AppData\Local\GDIPFONTCACHEV1.DAT 2009-07-15 11:09 . 2009-06-30 12:24 73427 ----a-w- c:\programdata\nvModes.dat 2009-07-15 02:47 . 2008-05-12 20:11 -------- d-----w- c:\program files\McAfee 2009-07-15 02:39 . 2008-04-30 07:21 -------- d-----w- c:\program files\Intel 2009-07-15 02:37 . 2008-05-12 20:14 -------- d-----w- c:\programdata\Microsoft Help 2009-07-15 02:35 . 2008-05-12 20:16 -------- d-----w- c:\program files\Microsoft Works 2009-07-12 20:58 . 2008-05-12 20:05 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-09 21:48 . 2008-05-12 20:37 -------- d-----w- c:\programdata\CyberLink 2009-07-07 01:12 . 2009-07-07 01:12 0 ----a-w- c:\users\Geir Arne\AppData\Roaming\wklnhst.dat 2009-07-01 12:33 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-06-30 23:50 . 2008-05-12 20:12 -------- d-----w- c:\programdata\SiteAdvisor 2009-06-30 23:50 . 2008-05-12 20:11 -------- d-----w- c:\programdata\McAfee 2009-06-30 12:42 . 2009-06-29 23:48 -------- d-----w- c:\programdata\NVIDIA 2009-06-30 12:02 . 2009-06-30 12:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2009-06-30 11:23 . 2008-05-12 20:19 -------- d-----w- c:\program files\Acer GameZone 2009-06-30 09:26 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-06-30 09:21 . 2008-01-21 02:23 21560 ----a-w- c:\windows\system32\drivers\atapi.sys 2009-06-30 09:21 . 2006-11-02 08:51 28728 ----a-w- c:\windows\system32\drivers\msahci.sys 2009-06-30 00:31 . 2008-05-12 20:36 -------- d-----w- c:\program files\Acer 2009-06-29 23:48 . 2009-06-29 23:48 319456 ----a-w- c:\windows\DIFxAPI.dll 2009-06-29 23:48 . 2009-06-29 23:48 -------- d-----w- c:\program files\Realtek 2009-06-29 23:48 . 2009-06-29 23:48 315392 ----a-w- c:\windows\HideWin.exe 2009-06-29 23:43 . 2009-06-29 23:43 -------- d-sh--we c:\programdata\Start-meny 2009-06-29 23:43 . 2009-06-29 23:43 -------- d-sh--we c:\programdata\Skrivebord 2009-06-29 23:43 . 2009-06-29 23:43 -------- d-sh--we c:\programdata\Programdata 2009-06-29 23:43 . 2009-06-29 23:43 -------- d-sh--we c:\programdata\Maler 2009-06-29 23:43 . 2009-06-29 23:43 -------- d-sh--we c:\programdata\Favoritter 2009-06-29 23:43 . 2009-06-29 23:43 -------- d-sh--we c:\programdata\Dokumenter 2009-06-29 23:43 . 2009-06-29 23:43 -------- d-sh--we c:\program files\Fellesfiler 2009-05-27 14:04 . 2009-06-30 09:20 7593472 ----a-w- c:\windows\system32\nvd3dum.dll 2009-05-27 14:04 . 2009-06-30 09:20 983552 ----a-w- c:\windows\system32\nvapi.dll 2009-05-27 14:04 . 2009-05-27 14:04 9850240 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2009-05-27 14:04 . 2009-05-27 14:04 663552 ----a-w- c:\windows\system32\nvcuvid.dll 2009-05-27 14:04 . 2009-05-27 14:04 457248 ----a-w- c:\windows\system32\nvudisp.exe 2009-05-27 14:04 . 2009-05-27 14:04 4224 ----a-w- c:\windows\system32\drivers\nvBridge.kmd 2009-05-27 14:04 . 2009-05-27 14:04 3128320 ----a-w- c:\windows\system32\nvwgf2um.dll 2009-05-27 14:04 . 2009-05-27 14:04 1704960 ----a-w- c:\windows\system32\nvcuda.dll 2009-05-27 14:04 . 2009-05-27 14:04 143360 ----a-w- c:\windows\system32\nvcod151.dll 2009-05-27 14:04 . 2009-05-27 14:04 143360 ----a-w- c:\windows\system32\nvcod.dll 2009-05-27 14:04 . 2009-05-27 14:04 1314816 ----a-w- c:\windows\system32\nvcuvenc.dll 2009-05-27 14:04 . 2009-05-27 14:04 10366976 ----a-w- c:\windows\system32\nvoglv32.dll 2009-04-30 19:43 . 2009-04-30 19:43 64032 ----a-w- c:\windows\system32\drivers\nvhda32v.sys 2009-04-30 19:43 . 2009-04-30 19:43 57344 ----a-w- c:\windows\system32\nvapo32v.dll 2009-04-30 19:43 . 2009-04-30 19:43 19456 ----a-w- c:\windows\system32\nvhdap32.dll 2009-04-26 07:32 . 2009-06-30 09:20 143360 ----a-w- c:\windows\system32\nvcohda.dll 2009-04-26 07:32 . 2009-04-26 07:32 457248 ----a-w- c:\windows\system32\nvuhda.exe 2009-04-24 16:05 . 2009-06-30 17:11 827904 ----a-w- c:\windows\system32\wininet.dll 2009-04-24 16:02 . 2009-06-30 17:11 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-24 13:44 . 2009-06-30 17:11 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-04-23 12:43 . 2009-06-30 17:11 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-06-03 07:43 . 2009-06-30 12:05 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\steam\steam.exe" [2009-07-06 1217784] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885400] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040] "PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 809480] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-30 397312] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-04-10 147456] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-04-10 167936] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-04-18 167936] "WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-27 13781536] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-01 148888] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-25 6111232] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-21 1826816] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-6-30 1216512] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer1"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "TCP Query User{E7708779-697A-44AC-B36F-6324FEEB9D30}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= UDP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger "UDP Query User{59255C57-E18B-4A06-9B87-3B35C9CA765B}c:\\program files\\windows live\\messenger\\msnmsgr.exe"= TCP:c:\program files\windows live\messenger\msnmsgr.exe:Windows Live Messenger "TCP Query User{F9FC8810-7E1C-4822-822E-FD952A5A7A97}c:\\program files\\spotify\\spotify.exe"= UDP:c:\program files\spotify\spotify.exe:Spotify "UDP Query User{50D17269-6A47-434E-989F-05ED886A6231}c:\\program files\\spotify\\spotify.exe"= TCP:c:\program files\spotify\spotify.exe:Spotify R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie00.fcl [30.06.2009 02:07 61424] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [01.07.2009 01:16 108289] R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [03.03.2008 13:11 16384] R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [30.06.2009 02:07 81504] R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [12.05.2008 22:36 24576] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [01.07.2009 01:50 210216] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [06.04.2008 22:42 50424] R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [30.06.2009 02:07 122368] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [04.04.2008 03:03 131072] R2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [30.06.2009 01:55 233472] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17.11.2008 07:40 3668480] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [30.04.2009 21:43 64032] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [15.07.2009 13:40 1153368] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [21.01.2008 04:23 179712] --- Andre tjenester/drivere lastet i minnet --- *Deregistered* - MBAMSwissArmy [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-07-14 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-30 11:32] 2009-06-30 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-30 11:32] . - - - - TOMME PEKERE FJERNET - - - - HKLM-Run-eRecoveryService - (no file) . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.daemon-search.com/startpage mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0414&s=2&o=vp32&d=0609&m=aspire_5930 IE: Send bilde til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send side til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm FF - ProfilePath - c:\users\Geir Arne\AppData\Roaming\Mozilla\Firefox\Profiles\icdp82ri.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.rogalandairsoft.com/forum/ FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . ************************************************************************** skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie00.fcl" . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Tidspunkt ferdig: 2009-07-15 16:02 ComboFix-quarantined-files.txt 2009-07-15 14:02 Pre-Run: 33 417 445 376 byte ledig Post-Run: 30 512 623 616 byte ledig 315 --- E O F --- 2009-07-15 02:41 Lenke til kommentar
snippsat Skrevet 15. juli 2009 Del Skrevet 15. juli 2009 3 filer med grums ble slettet. Loggen er ren for maleware. Du kan fjerne combofix ved å skrive combofix /u fra kjør-vinduet. Denne kommandoen gjør at filer i karantene og backups blir slette. Systemgjenopprettingsmappa nullstilt etc. Surf trygt. Lenke til kommentar
Bruker-158599 Skrevet 16. juli 2009 Del Skrevet 16. juli 2009 (endret) .. Endret 31. juli 2010 av riskake90 Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå