ekallevik Skrevet 31. desember 2009 Del Skrevet 31. desember 2009 MBAM: Malwarebytes' Anti-Malware 1.43 Databaseversjon: 3460 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 31.12.2009 02:00:50 mbam-log-2009-12-31 (02-00-50).txt Skanntype: Rask Skann Objekter skannet: 99118 Tid tilbakelagt: 6 minute(s), 34 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 4 Registerverdier infisert: 1 Registerfiler infisert: 0 Mapper infisert: 2 Filer infisert: 10 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\malware defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\H8SRT (Rootkit.TDSS) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\h8srtd.sys (Rootkit.TDSS) -> Quarantined and deleted successfully. Registerverdier infisert: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\richtx64.exe (Trojan.Agent) -> Quarantined and deleted successfully. Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: C:\Program Files\malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Users\tomin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. Filer infisert: C:\Windows\system32\H8SRTjrwcvmkcur.dll (Trojan.TDSS) -> Quarantined and deleted successfully. C:\Windows\system32\H8SRTstibtwdqpf.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Program Files\malware Defense\help.ico (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Program Files\malware Defense\md.db (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Program Files\malware Defense\mdext.dll (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Program Files\malware Defense\uninstall.exe (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Windows\System32\krl32mainweq.dll (Trojan.DNSChanger) -> Quarantined and deleted successfully. C:\Users\tomin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully. C:\Windows\System32\H8SRTifuvpmqcqs.dat (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Users\tomin\AppData\Local\Temp\H8SRT1b64.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. ComboFix ComboFix 09-12-29.06 - tomin 31.12.2009 2:27.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1044.18.3002.1888 [GMT 1:00] Kjører fra: c:\users\tomin\Downloads\ComboFix.exe AV: Norton 360 *On-access scanning disabled* (Outdated) {A5F1BC7C-EA33-4247-961C-0217208396C4} FW: Norton 360 *enabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3} SP: Norton 360 *disabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-1284223908-2896898762-124069702-500 c:\$recycle.bin\S-1-5-21-1313900059-1224448933-2279542634-500 c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe c:\windows\system32\srcr.dat . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-11-28 til 2009-12-31 ))))))))))))))))))))))))))))))))) . 2009-12-31 01:35 . 2009-12-31 01:35 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-12-31 00:48 . 2009-12-31 00:48 -------- d-----w- c:\users\tomin\AppData\Roaming\Malwarebytes 2009-12-31 00:48 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-31 00:48 . 2009-12-31 00:48 -------- d-----w- c:\programdata\Malwarebytes 2009-12-31 00:48 . 2009-12-31 00:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-31 00:48 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-30 18:46 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-12-30 18:46 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-12-30 18:46 . 2009-12-30 18:46 -------- d-----w- c:\programdata\Avira 2009-12-30 18:46 . 2009-12-30 18:46 -------- d-----w- c:\program files\Avira 2009-12-19 23:04 . 2009-12-19 23:04 614136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-12-11 23:50 . 2009-12-11 23:50 -------- d-----w- c:\users\tomin\AppData\Local\Windows Collaboration 2009-12-11 23:49 . 2009-12-11 23:50 -------- d-----w- c:\users\tomin\AppData\Roaming\PeerNetworking 2009-12-10 15:35 . 2009-11-09 13:22 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-12-10 15:35 . 2009-11-09 13:20 31232 ----a-w- c:\windows\system32\httpapi.dll 2009-12-10 15:35 . 2009-11-09 11:04 411136 ----a-w- c:\windows\system32\drivers\http.sys 2009-12-09 13:15 . 2009-10-07 12:41 244224 ----a-w- c:\windows\system32\rastls.dll 2009-12-09 13:15 . 2009-10-07 12:41 281600 ----a-w- c:\windows\system32\raschap.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-31 01:05 . 2009-07-22 20:37 -------- d-----w- c:\program files\Steam 2009-12-31 00:36 . 2009-03-17 15:52 -------- d-----w- c:\users\tomin\AppData\Roaming\Spotify 2009-12-30 19:35 . 2008-11-20 10:27 -------- d-----w- c:\users\tomin\AppData\Roaming\LimeWire 2009-12-30 18:35 . 2009-03-27 19:20 -------- d-----w- c:\programdata\Google Updater 2009-12-25 10:48 . 2008-11-20 10:38 -------- d-----w- c:\users\tomin\AppData\Roaming\Apple Computer 2009-12-25 10:47 . 2008-11-20 10:36 -------- d-----w- c:\programdata\Apple 2009-12-24 00:57 . 2008-08-03 14:33 589296 ----a-w- c:\windows\system32\perfh01D.dat 2009-12-24 00:57 . 2008-08-03 14:33 117296 ----a-w- c:\windows\system32\perfc01D.dat 2009-12-24 00:57 . 2008-08-03 14:27 76478 ----a-w- c:\windows\system32\perfc014.dat 2009-12-24 00:57 . 2008-08-03 14:27 452326 ----a-w- c:\windows\system32\perfh014.dat 2009-12-24 00:57 . 2008-08-03 14:22 80612 ----a-w- c:\windows\system32\perfc00B.dat 2009-12-24 00:57 . 2008-08-03 14:22 427118 ----a-w- c:\windows\system32\perfh00B.dat 2009-12-24 00:57 . 2008-08-03 14:16 77100 ----a-w- c:\windows\system32\perfc006.dat 2009-12-24 00:57 . 2008-08-03 14:16 454842 ----a-w- c:\windows\system32\perfh006.dat 2009-12-21 19:40 . 2008-11-20 16:06 -------- d-----w- c:\program files\Google 2009-12-10 22:18 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-11-27 12:22 . 2009-10-03 19:47 -------- d-----w- c:\program files\ooVoo 2009-11-26 19:54 . 2009-11-26 19:53 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-11-26 19:54 . 2009-08-21 14:13 -------- d-----w- c:\program files\iTunes 2009-11-26 19:53 . 2009-11-26 19:53 -------- d-----w- c:\program files\iPod 2009-11-26 19:53 . 2008-11-20 10:36 -------- d-----w- c:\program files\Common Files\Apple 2009-11-26 19:51 . 2009-06-05 10:28 -------- d-----w- c:\program files\QuickTime 2009-11-26 19:43 . 2009-11-26 19:43 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-11-25 17:42 . 2009-01-01 20:05 -------- d-----w- c:\program files\Windows Live Safety Center 2009-11-20 09:13 . 2008-08-03 16:07 -------- d-----w- c:\programdata\Symantec 2009-11-17 15:29 . 2008-11-20 16:00 1 ----a-w- c:\users\tomin\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-11-02 19:42 . 2009-10-03 08:54 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-29 09:41 . 2009-11-26 15:56 2048 ----a-w- c:\windows\system32\tzres.dll 2009-10-27 13:20 . 2009-12-09 13:17 833024 ----a-w- c:\windows\system32\wininet.dll 2009-10-27 13:16 . 2009-12-09 13:17 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-27 10:55 . 2009-12-09 13:17 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2008-11-22 11:14 . 2008-11-22 11:14 22 --sha-w- c:\windows\SMINST\HPCD.sys 2008-08-03 14:36 . 2008-08-03 14:36 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTorr.dll" [2008-05-20 1526296] [HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}] 2008-05-20 22:43 1526296 ----a-w- c:\program files\TorrentMan\tbTorr.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A1FB2F9A-D35E-11DD-8935-E46A56D89593}] 2009-05-08 19:00 86016 ----a-w- c:\program files\oovootb\oovoodx.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTorr.dll" [2008-05-20 1526296] "{A1FB2F9A-D35E-11DD-8935-E46A56D89593}"= "c:\program files\oovootb\oovoodx.dll" [2009-05-08 86016] [HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}] [HKEY_CLASSES_ROOT\clsid\{a1fb2f9a-d35e-11dd-8935-e46a56d89593}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "c:\program files\TorrentMan\tbTorr.dll" [2008-05-20 1526296] [HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-02-26 2289664] "Telenor Online Start"="c:\program files\Telenor\Online Start\Telenor.exe" [2006-11-30 178312] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-23 39408] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Shockwave Updater"="c:\windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe" [2009-07-31 468408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-17 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-17 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-17 145944] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-06-12 468264] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-12 202032] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-18 136600] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Telenor Online Start"="c:\program files\Telenor\Online Start\Telenor.exe" [2006-11-30 178312] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20091110.002\IDSvix86.sys [12.11.2009 22:11 272432] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [30.12.2009 19:46 108289] R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [21.01.2008 03:23 21504] R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [03.08.2008 18:15 361808] R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [03.08.2008 17:33 193840] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [27.08.2009 22:04 102448] R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\System32\drivers\IntcHdmi.sys [04.06.2008 18:54 113664] R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [09.01.2007 23:32 38200] S2 gupdate1c9af112947dc90;Googles oppdateringstjeneste (gupdate1c9af112947dc90);c:\program files\Google\Update\GoogleUpdate.exe [27.03.2009 20:20 133104] S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [15.09.2009 21:52 54632] S3 fsssvc;Windows Live Tryggere for familien-tjenesten;c:\program files\Windows Live\Family Safety\fsssvc.exe [05.08.2009 21:48 704864] --- Andre tjenester/drivere lastet i minnet --- *NewlyCreated* - COMHOST HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs ezSharedSvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-02-26 21:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-27 19:20] 2009-12-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-27 19:20] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.mystart.com?pr=oovoo2_0 mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nb_no&c=83&bd=Presario&pf=cnnb uInternet Settings,ProxyOverride = *.local IE: &Søkefunksjon i AOL-verktrylinjen - c:\programdata\AOL\ieToolbar\resources\nb-NO\local\search.html IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-31 02:36 Windows 6.0.6001 Service Pack 1 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Tidspunkt ferdig: 2009-12-31 02:40:18 ComboFix-quarantined-files.txt 2009-12-31 01:40 Pre-Run: 203 537 661 952 byte ledig Post-Run: 205 355 196 416 byte ledig - - End Of File - - 66F46D58199E2905B2EC8E46D6C9765B Lenke til kommentar
glenmb94 Skrevet 31. desember 2009 Del Skrevet 31. desember 2009 Fjern dette, du gir ut informasjon. du blir et lett bytte for hackere Lenke til kommentar
Gjest Slettet+3124 Skrevet 31. desember 2009 Del Skrevet 31. desember 2009 Fjern dette, du gir ut informasjon. du blir et lett bytte for hackere Du verden for en kommentar. Gjerne utdyp litt utsagnet ditt!! Hvorfor blir han utsatt for "hackere" ved å poste dette? Lenke til kommentar
norbat Skrevet 31. desember 2009 Del Skrevet 31. desember 2009 Så langt jeg kan se, så klarte du dette utmerket selv Malwarebytes tok det som var av badis. ooVoo Toolbar er av noen klassifisert som Adware. Jeg anbefaler å avinstallere den. Du har en tjeneste (og noen rester) fra antivirusprogrammet Avira. AntiVirSchedulerService kan du 'slå av'. Det gjør du ved å skrive services.msc i kjør/søk-feltet. Finn nevnte tjeneste, høyreklikk på tjenesten og velg Egenskaper. Under 'Oppstartstype' velger du 'Deaktivert'. Du kan også stoppe tjenesten øyeblikkelig ved å velge Stopp. Lenke til kommentar
glenmb94 Skrevet 31. desember 2009 Del Skrevet 31. desember 2009 Fjern dette, du gir ut informasjon. du blir et lett bytte for hackere Du verden for en kommentar. Gjerne utdyp litt utsagnet ditt!! Hvorfor blir han utsatt for "hackere" ved å poste dette? joda, her står det litt av hvert om innhold og "informasjon" om datamaskinen hans. Då et program på Discovery som heter Svindlerskolen. der viste de at man ikke måtte legge ut alle slags skanninger av virus og printscreens av maskinvare. dette viste de hvordan de gjorde det. bare advarer Lenke til kommentar
raWrz Skrevet 31. desember 2009 Del Skrevet 31. desember 2009 (endret) Han her vil ALDRI bli utsatt for hacking ved mindre en hacker kjeder seg og kommer over denne tråden ved en tildfeldig het ;-) Dessuten hacker ikke folk dataer som regel uten en grunn... hvorfor hacke flere maskiner når du ikke trenger noe derfra og som bare kan øke sjangsen de blir tatt ? gjærne send meg link / episode av den Svindlerskole episoden takk Edit: Mange folk som interiserer seg for Virus,malware etc har også en liten interesse for hacking og de programmene som blir brukt her blir brukt over alt der folk skal hjelpe andre med virus/data poblemer så er det en stor sjangs for at noen blir utsatt for hacking så hvorfor skulle vi ønske slike logger/hvorfor skulle selskap lage slike programmer som egentlig har hensikt av og stoppe det? Edit2: Det står heller INGEN IP adresse, Email adresse så mulighetene er litt tynne for og hacke noen er veldig tynne ut ifra Combofix loggen. Så skriv gjerne hvordan du kommer fram til påstanden at han har en mulighet for og bli hacket ut ifra og lese loggene her :-) Svarer du av erfaring eller av bare og ha sett en svindlerskole episode der de kansje gjorde mange ting en bare og se på en logg på et random forum? Endret 31. desember 2009 av Submit Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå