AimEffect Skrevet 26. november 2009 Del Skrevet 26. november 2009 (endret) Jeg har et problem, hver gang jeg starter datamaskinen er det en keygen som jeg har lastet ned for en stund siden som starter. Jeg har nesten prøvd alt, msconfig, windows defender, og slette den manuelt(på harddisken), da dukket den bare opp igjen. Jeg tror også at det er et virus som kommer over minnepenn siden en kompis av meg fikk det etter han lånte minnepennen min, som var tom. Jeg har også prøvd å søke på hele pcen etter filen, men finner den ikke. Er det noen som kan hjelpe meg? Edit: Malwarebytes' Anti-Malware 1.41 Databaseversjon: 3237 Windows 6.1.7600 27.11.2009 16:11:10 mbam-log-2009-11-27 (16-11-10).txt Skanntype: Rask Skann Objekter skannet: 93252 Tid tilbakelagt: 3 minute(s), 38 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 1 Registerverdier infisert: 4 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 3 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{08b0e5jf-4fcb-11cf-aaa5-00401c6xx500} (Generic.Bot.H) -> Quarantined and deleted successfully. Registerverdier infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\policies (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hklm (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hkcu (Trojan.Downloader) -> Quarantined and deleted successfully. Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: C:\Users\Lars Martin\AppData\Roaming\spynet\server.exe (Generic.Bot.H) -> Quarantined and deleted successfully. C:\Users\Lars Martin\AppData\Roaming\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully. C:\Users\Lars Martin\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Quarantined and deleted successfully. Endret 5. desember 2009 av Lasse001 Lenke til kommentar
norbat Skrevet 26. november 2009 Del Skrevet 26. november 2009 (endret) Kjør gjennom veiledningen. Loggene det spørres etter poster du her i din egen tråd. Edit: Om du mistenker minnepenn-infeksjon, så kan du benytte følgende program for å rense ut dette: http://download.bleepingcomputer.com/sUBs/...Disinfector.exe Endret 26. november 2009 av norbat Lenke til kommentar
AimEffect Skrevet 5. desember 2009 Forfatter Del Skrevet 5. desember 2009 Hei, jeg har enda det samme problemet! Er det ingen som kan hjelpe meg! Linken du sendte meg fungerer ikke, og jeg har lagt inn loggen... Dessverre får jeg ikke til å laste med det andre programmet. Jeg har rensket pcen hver gang, men det kommer bare tilbake!!!!! Elendige drittgreier..... HJELP!!!!!!!!!!!!!!!! Det har nå smittet til 3 pcer!§!!! Lenke til kommentar
norbat Skrevet 5. desember 2009 Del Skrevet 5. desember 2009 Jeg trenger en logg fra combofix. Får du kjørt programmet (i normal eller sikker modus) ? Lenke til kommentar
AimEffect Skrevet 6. desember 2009 Forfatter Del Skrevet 6. desember 2009 Jeg trenger en logg fra combofix. Får du kjørt programmet (i normal eller sikker modus) ? Jeg får ikke kjørt programmet, 64 bits os... Lenke til kommentar
snippsat Skrevet 6. desember 2009 Del Skrevet 6. desember 2009 Jeg får ikke kjørt programmet, 64 bits os Last ned RSIT (Random's System Information Tool) til skrivebordet Start programmet ved å dobbeltklikke på RSIT.exe Klikk Continue Etter få strakser vil det lages en logg (log.txt). Den poster du. Lenke til kommentar
AimEffect Skrevet 8. desember 2009 Forfatter Del Skrevet 8. desember 2009 Jeg får ikke kjørt programmet, 64 bits os Last ned RSIT (Random's System Information Tool) til skrivebordet Start programmet ved å dobbeltklikke på RSIT.exe Klikk Continue Etter få strakser vil det lages en logg (log.txt). Den poster du. Får bare opp : Line-1: Error: Variable used without being declared Lenke til kommentar
norbat Skrevet 8. desember 2009 Del Skrevet 8. desember 2009 Last ned og kjør DDS.scr. Post loggen den lager Lenke til kommentar
AimEffect Skrevet 10. desember 2009 Forfatter Del Skrevet 10. desember 2009 DDS (Ver_09-12-01.01) - NTFSX64 Run by Lars Martin at 17:41:09,73 on 10.12.2009 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.47.1044.18.4095.2626 [GMT 1:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\AEADISRV.EXE C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\AVG\AVG8\avgrsa.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\AVG\AVG8\avgemc.exe C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\ASUS\Six Engine\SixEngine.exe C:\Program Files (x86)\RocketDock\RocketDock.exe C:\Windows\SysWOW64\explorer.exe C:\Windows\SysWOW64\explorer.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\AVG\AVG8\avgnsa.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Opera\opera.exe C:\Windows\system32\wuauclt.exe C:\Users\Lars Martin\AppData\Local\Opera\Opera\temporary_downloads\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.startsiden.no/ mLocal Page = c:\windows\syswow64\blank.htm uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg8\toolbar\IEToolbar.dll uURLSearchHooks: H - No File uURLSearchHooks: H - No File BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files (x86)\techsmith\snagit 9\SnagitBHO.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg8\avgssie.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll BHO: Påloggingshjelp for Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg8\toolbar\IEToolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.4.4525.1752\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files (x86)\techsmith\snagit 9\SnagitIEAddin.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files (x86)\avg\avg8\toolbar\IEToolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File uRun: [HKCU] c:\users\lars martin\appdata\roaming\spynet\server.exe uRun: [RocketDock] "c:\program files (x86)\rocketdock\RocketDock.exe" mRun: [HKLM] c:\users\lars martin\appdata\roaming\spynet\server.exe uExplorerRun: [Policies] c:\users\lars martin\appdata\roaming\spynet\server.exe mExplorerRun: [Policies] c:\users\lars martin\appdata\roaming\spynet\server.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~2\micros~3\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~3\office12\ONBttnIE.dll IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files (x86)\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~3\office12\REFIEBAR.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg8\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll mASetup: {08B0E5JF-4FCB-11CF-AAA5-00401C6XX500} - c:\users\lars martin\appdata\roaming\spynet\server.exe {00C6482D-C502-44C8-8409-FCE54AD9C208} {9030D464-4C02-4ABF-8ECC-5164760863C6} {AA58ED58-01DD-4d91-8333-CF10577473F7} {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} {2318C2B1-4965-11d4-9B18-009027A5CD4F} TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Hosts: 127.0.0.1 www.spywareinfo.com ============= SERVICES / DRIVERS =============== R0 mv61xx;mv61xx;c:\windows\system32\drivers\mv61xx.sys [2008-6-23 173096] R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2009-9-22 427016] R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2009-9-22 33416] R1 AvgTdiA;AVG Free8 Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2009-9-22 133640] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-4 202752] R2 avg8emc;AVG Free8 E-mail Scanner;c:\program files (x86)\avg\avg8\avgemc.exe [2009-9-22 908056] R2 avg8wd;AVG Free8 WatchDog;c:\program files (x86)\avg\avg8\avgwdsvc.exe [2009-9-22 297752] R3 Lycosa;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [2009-10-5 20608] R3 salmosa;Razer Salmosa;c:\windows\system32\drivers\salmosa.sys [2009-10-5 11904] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2009-6-10 389120] S2 gupdate1ca3bba34dea771;Googles oppdateringstjeneste (gupdate1ca3bba34dea771);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-9-22 133104] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe [2009-11-16 25832] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\common files\macrovision shared\flexnet publisher\FNPLicensingService64.exe [2009-10-9 1038088] S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2009.sp4\RpcAgentSrv.exe [2009-11-24 99176] =============== Created Last 30 ================ 2009-12-07 17:23:25 0 d-----w- c:\programdata\Hewlett-Packard 2009-12-05 14:05:41 0 d-----w- c:\windows\pss 2009-12-05 13:41:06 0 d-----w- c:\program files (x86)\WinDirStat 2009-11-29 18:30:16 0 d-----w- c:\programdata\DAEMON Tools Lite 2009-11-27 17:12:32 0 d-----w- c:\users\larsma~1\appdata\roaming\Puresoto Group, INC 2009-11-27 17:12:24 0 d-----w- c:\program files (x86)\Puresoto Group 2009-11-27 15:30:44 0 d-----w- c:\program files (x86)\trend micro 2009-11-26 16:09:05 0 d-----w- c:\users\larsma~1\appdata\roaming\Malwarebytes 2009-11-26 16:08:57 22104 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-26 16:08:57 0 d-----w- c:\programdata\Malwarebytes 2009-11-26 16:08:57 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2009-11-26 14:58:45 2048 ----a-w- c:\windows\syswow64\tzres.dll 2009-11-26 14:58:45 2048 ----a-w- c:\windows\system32\tzres.dll 2009-11-24 12:21:13 0 d-----w- c:\program files\SiSoftware 2009-11-23 18:12:42 0 d-----w- c:\programdata\Spybot - Search & Destroy 2009-11-23 18:12:42 0 d-----w- c:\program files (x86)\Spybot - Search & Destroy 2009-11-23 14:37:10 0 d-----w- c:\program files (x86)\Seagate 2009-11-21 17:06:46 0 d-----w- c:\users\lars martin\Incomplete 2009-11-21 14:44:11 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2009-11-21 14:27:53 266293 ----a-w- c:\windows\syswow64\temp.002 2009-11-21 14:22:43 266293 ----a-w- c:\windows\syswow64\temp.001 2009-11-21 14:20:49 266293 ----a-w- c:\windows\syswow64\temp.000 2009-11-21 14:20:44 632 ----a-w- c:\windows\Sof2.INI 2009-11-20 17:48:23 6200 ----a-w- c:\windows\syswow64\INT13EXT.VXD 2009-11-20 17:48:23 0 d-----w- c:\program files (x86)\PC Inspector File Recovery 2009-11-20 17:20:30 0 d-----w- c:\users\larsma~1\appdata\roaming\Search Settings 2009-11-20 14:13:03 0 d-----w- c:\windows\syswow64\spynet 2009-11-20 13:59:33 311808 ----a-w- c:\windows\system32\msv1_0.dll 2009-11-20 13:59:33 257024 ----a-w- c:\windows\syswow64\msv1_0.dll 2009-11-20 13:59:26 453456 ----a-w- c:\windows\syswow64\d3dx10_42.dll 2009-11-20 13:59:26 1892184 ----a-w- c:\windows\syswow64\D3DX9_42.dll 2009-11-20 13:49:26 46592 ----a-w- c:\windows\system32\msasn1.dll 2009-11-20 13:49:26 34816 ----a-w- c:\windows\syswow64\msasn1.dll 2009-11-20 13:49:24 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll 2009-11-20 13:49:20 5958656 ----a-w- c:\windows\syswow64\mshtml.dll 2009-11-19 22:15:25 20 --sh--w- c:\users\lars martin\ntuser.ini 2009-11-19 22:15:13 0 d-sh--w- C:\Recovery 2009-11-19 22:15:12 0 d-sh--we c:\programdata\Start-meny 2009-11-19 22:15:12 0 d-sh--we c:\programdata\Skrivebord 2009-11-19 22:15:12 0 d-sh--we c:\programdata\Programdata 2009-11-19 22:15:12 0 d-sh--we c:\programdata\Maler 2009-11-19 22:15:12 0 d-sh--we c:\programdata\Favoritter 2009-11-19 22:15:12 0 d-sh--we c:\programdata\Dokumenter 2009-11-19 22:15:12 0 d-sh--we c:\program files\Fellesfiler 2009-11-19 22:03:26 22892 ----a-w- c:\windows\system32\emptyregdb.dat 2009-11-19 21:35:38 0 ----a-w- c:\windows\ativpsrm.bin 2009-11-19 21:35:16 0 d-----w- c:\programdata\SonicFocus 2009-11-19 21:35:15 0 d-----w- c:\program files (x86)\Analog Devices 2009-11-19 21:34:53 10896 ---ha-w- c:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2009-11-19 21:34:53 10896 ---ha-w- c:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2009-11-19 21:23:08 0 d-----w- c:\windows\Panther 2009-11-19 21:10:45 0 d--h--w- C:\$WINDOWS.~Q 2009-11-19 21:05:17 0 d--h--w- C:\$INPLACE.~TR 2009-11-19 20:28:05 2544 ----a-w- c:\windows\diagwrn.xml 2009-11-19 20:28:05 1890 ----a-w- c:\windows\diagerr.xml 2009-11-19 16:44:26 0 d-----w- c:\programdata\ATI 2009-11-19 16:35:54 0 d-----w- C:\ATI 2009-11-16 21:16:09 0 d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP 2009-11-16 20:57:21 0 d-----w- c:\program files (x86)\Dragon Age 2009-11-16 20:56:34 33929 ----a-w- c:\users\larsma~1\appdata\roaming\SQLite3.dll 2009-11-15 18:42:16 0 d-----w- c:\users\lars martin\Tracing 2009-11-14 21:55:04 0 d-----w- c:\program files (x86)\Call of duty 4 ==================== Find3M ==================== 2009-12-10 16:40:46 25164 ---ha-w- c:\users\larsma~1\appdata\roaming\logs.dat 2009-12-10 13:44:10 73918 ----a-w- c:\windows\system32\perfc014.dat 2009-12-10 13:44:10 447972 ----a-w- c:\windows\system32\perfh014.dat 2009-11-29 18:27:23 868848 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-11-14 21:50:05 103736 ----a-w- c:\windows\syswow64\PnkBstrB.exe 2009-11-14 21:49:55 66872 ----a-w- c:\windows\syswow64\PnkBstrA.exe 2009-11-06 09:59:54 15406728 ----a-w- c:\windows\syswow64\xlive.dll 2009-11-06 09:59:54 13642888 ----a-w- c:\windows\syswow64\xlivefnt.dll 2009-11-04 16:17:30 6088192 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2009-11-04 15:46:00 479232 ----a-w- c:\windows\system32\ATIDEMGX.dll 2009-11-04 15:45:48 436736 ----a-w- c:\windows\system32\atieclxx.exe 2009-11-04 15:45:14 202752 ----a-w- c:\windows\system32\atiesrxx.exe 2009-11-04 15:43:50 120320 ----a-w- c:\windows\system32\atitmm64.dll 2009-11-04 15:43:32 421376 ----a-w- c:\windows\system32\atipdl64.dll 2009-11-04 15:43:24 356352 ----a-w- c:\windows\syswow64\atipdlxx.dll 2009-11-04 15:43:10 274432 ----a-w- c:\windows\syswow64\Oemdspif.dll 2009-11-04 15:43:02 12288 ----a-w- c:\windows\system32\atimuixx.dll 2009-11-04 15:42:58 59392 ----a-w- c:\windows\system32\atiedu64.dll 2009-11-04 15:42:52 43520 ----a-w- c:\windows\syswow64\ati2edxx.dll 2009-11-04 15:39:24 3034624 ----a-w- c:\windows\syswow64\atidxx32.dll 2009-11-04 15:34:56 17199616 ----a-w- c:\windows\system32\atio6axx.dll 2009-11-04 15:31:40 3624448 ----a-w- c:\windows\system32\atidxx64.dll 2009-11-04 15:23:10 3602432 ----a-w- c:\windows\syswow64\atiumdag.dll 2009-11-04 15:17:30 4661760 ----a-w- c:\windows\system32\atiumd64.dll 2009-11-04 15:11:30 12964352 ----a-w- c:\windows\syswow64\atioglxx.dll 2009-11-04 15:11:16 2599424 ----a-w- c:\windows\system32\atiumd6a.dll 2009-11-04 15:05:20 2899456 ----a-w- c:\windows\syswow64\atiumdva.dll 2009-11-04 14:52:58 53248 ----a-w- c:\windows\system32\atimpc64.dll 2009-11-04 14:52:58 53248 ----a-w- c:\windows\system32\amdpcom64.dll 2009-11-04 14:52:52 52224 ----a-w- c:\windows\syswow64\atimpc32.dll 2009-11-04 14:52:52 52224 ----a-w- c:\windows\syswow64\amdpcom32.dll 2009-11-04 14:52:28 302592 ----a-w- c:\windows\system32\atiadlxx.dll 2009-11-04 14:52:22 208896 ----a-w- c:\windows\syswow64\atiadlxy.dll 2009-11-04 14:47:54 43008 ----a-w- c:\windows\system32\aticalrt64.dll 2009-11-04 14:47:52 53248 ----a-w- c:\windows\syswow64\aticalrt.dll 2009-11-04 14:47:42 39936 ----a-w- c:\windows\system32\aticalcl64.dll 2009-11-04 14:47:40 53248 ----a-w- c:\windows\syswow64\aticalcl.dll 2009-11-04 14:47:30 4634112 ----a-w- c:\windows\system32\aticaldd64.dll 2009-11-04 14:46:34 3547136 ----a-w- c:\windows\syswow64\aticaldd.dll 2009-11-04 14:37:24 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2009-11-02 19:42:06 226688 ------w- c:\windows\system32\MpSigStub.exe 2009-11-02 17:05:36 167064 ----a-w- c:\windows\syswow64\xliveinstall.dll 2009-11-02 17:05:34 71832 ----a-w- c:\windows\syswow64\xliveinstallhost.exe 2009-10-16 16:07:03 2250024 ----a-w- c:\windows\syswow64\pbsvc.exe 2009-10-04 11:02:23 178800 ----a-w- c:\windows\syswow64\CmdLineExt_x64.dll 2009-09-22 18:32:20 12464 ----a-w- c:\windows\system32\avgrssta.dll 2009-07-14 09:15:51 36156 ----a-w- c:\windows\inf\perflib414\perfd.dat 2009-07-14 09:15:51 36156 ----a-w- c:\windows\inf\perflib414\perfc.dat 2009-07-14 09:15:51 298300 ----a-w- c:\windows\inf\perflib414\perfi.dat 2009-07-14 09:15:51 298300 ----a-w- c:\windows\inf\perflib414\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib000\perfi.dat 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib000\perfh.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib000\perfd.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib000\perfc.dat 2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 17:41:33,56 =============== Lenke til kommentar
norbat Skrevet 16. desember 2009 Del Skrevet 16. desember 2009 Formater minnepennen din. Deretter: Oppdater Malwarebytes og kjør ny rask skann Post loggen sammen med en nøy DDS.scr-logg. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå