pettesen Skrevet 7. januar 2010 Del Skrevet 7. januar 2010 Hei! Har kjørt MBAM og Combofix. Men det ser ut til at Antivirus Live fortsatt plager meg. I hvert fall med Internett Explorer... Noen som kan hjelpe med denne? MBAM-logg: Malwarebytes' Anti-Malware 1.42 Databaseversjon: 3289 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 28.12.2009 18:02:34 mbam-log-2009-12-28 (18-02-34).txt Skanntype: Rask Skann Objekter skannet: 110907 Tid tilbakelagt: 8 minute(s), 10 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 4 Registerverdier infisert: 2 Registerfiler infisert: 0 Mapper infisert: 7 Filer infisert: 177 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe (Adware.Casino) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gold VIP Club Casino (Adware.Casino) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\RealTime Gaming Software\Gold VIP Club Casino (Adware.Casino) -> Quarantined and deleted successfully. Registerverdier infisert: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nqgqlink (Trojan.FakeAlert.N) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nqgqlink (Trojan.FakeAlert.N) -> Quarantined and deleted successfully. Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: C:\Programfiler\Gold VIP Club Casino (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\_patch (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\fonts (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\temp (Adware.Casino) -> Quarantined and deleted successfully. Filer infisert: C:\Programfiler\Gold VIP Club Casino\bj.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\Gold VIP Club Casino.ico (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\Install.exe (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\menu.txt (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\vpoker.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\casino.exe (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\casino.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\casino.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\lobby.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\casino.ico (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\lbyinst.exe (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\lobby.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\msvcrt.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\msvcp60.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\plibc32.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\zlib.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\directsound.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\winsound.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\miniprocess.exe (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\unicows.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\Microsoft.VC80.CRT.manifest (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\msvcm80.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\msvcp80.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\msvcr80.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\extgame.dll (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\_patch\package_list.ini.crc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\_patch\package_list.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\packages (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\SmartDownload.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Blackjack - Standard.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Blackjack - Common.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\SmartDownload (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Blackjack - Standard (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Blackjack - Common (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Video Poker - Common.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Video Poker - Joker Poker.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Video Poker - Common (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Video Poker - Joker Poker (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Lobby.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Fonts - Latin.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Fonts - Latin (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Lobby (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Extgame.ini (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\installed\Extgame (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\fonts\albw.ttf (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\bj.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\blackjack32.en.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.usd.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.eur.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.gbp.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.zar.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.php.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.bd1.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.pen.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.chf.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.myr.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.cny.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.rub.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.en.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpoker.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\vpjp.en.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\action_button.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.usd.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.eur.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.gbp.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.zar.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.php.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.bd1.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.pen.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.chf.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.myr.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.cny.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.rub.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.pln.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.en.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino32.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\casino32.en.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.usd.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.eur.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.gbp.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.zar.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.php.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.bd1.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.pen.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.chf.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.myr.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.cny.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.rub.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips.pln.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips32.usd.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips32.eur.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips32.zar.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips32.php.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips32.pen.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips32.chf.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips32.myr.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips32.cny.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips32.rub.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\chips32.pln.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\card.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\cards32.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\lobby.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\lobby.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\table.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\table.en.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\tables32.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\rings.en.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\tbslot.en.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\options_new.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\logos.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\history.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\exit.en.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\downloaddlg.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\rsc\extgame.en.st.rsc (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\Blackjack.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\ShoeCardSound.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\Bust.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_00.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_01.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_02.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_03.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_04.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_05.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_06.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_07.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_08.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_09.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_10.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_11.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_12.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_13.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_14.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_15.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_16.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_17.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_18.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_19.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_20.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_21.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_22.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_23.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_24.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_25.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_26.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_27.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_28.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_29.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_30.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_31.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_32.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_33.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_34.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_35.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\HandScore_36.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\Insurance.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\PlayerWins.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\Push.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\Win.ogg (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\vp000.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\vp001.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\vp002.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\vp003.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\vp004.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\vp006.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\vp007.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\vp008.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\vp009.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\cmn000.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\cmn001.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\cmn002.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\cmn003.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\cmn004.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\cmn005.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\sounds\cmn007.wav (Adware.Casino) -> Quarantined and deleted successfully. C:\Programfiler\Gold VIP Club Casino\temp\loading.html (Adware.Casino) -> Quarantined and deleted successfully. Combofix-logg: ComboFix 09-12-27.04 - Sonja 28.12.2009 18:15:27.1.1 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.1527.930 [GMT 1:00] Kjører fra: c:\documents and settings\Sonja\Skrivebord\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Uninstall.ini . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-11-28 til 2009-12-28 ))))))))))))))))))))))))))))))))) . 2009-12-28 16:51 . 2009-12-28 16:51 -------- d-----w- c:\documents and settings\Sonja\Programdata\Malwarebytes 2009-12-28 16:51 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-28 16:51 . 2009-12-28 16:51 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware 2009-12-28 16:51 . 2009-12-28 16:51 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes 2009-12-28 16:51 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-25 00:34 . 2009-12-02 13:19 15880 ----a-w- c:\windows\system32\lsdelete.exe 2009-12-24 22:54 . 2009-12-24 22:54 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2009-12-24 22:52 . 2009-12-24 22:52 -------- d--h--w- c:\documents and settings\All Users\Programdata\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9} 2009-12-24 22:52 . 2009-12-07 14:10 2953352 ----a-w- c:\documents and settings\All Users\Programdata\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe 2009-12-24 22:52 . 2009-12-24 22:52 -------- d-----w- c:\programfiler\Lavasoft 2009-12-24 22:52 . 2009-12-24 22:52 -------- d-----w- c:\documents and settings\All Users\Programdata\Lavasoft 2009-12-24 22:37 . 2009-12-24 22:37 446176 ----a-w- c:\windows\system32\prfh0414.dat 2009-12-24 22:37 . 2009-12-24 22:37 81216 ----a-w- c:\windows\system32\prfc0414.dat 2009-12-16 09:29 . 2009-12-16 09:29 -------- d-----w- C:\FOUND.011 2009-12-12 10:36 . 2009-12-12 10:35 2065688 ----a-w- c:\documents and settings\All Users\Programdata\avg8\update\backup\avgcorex.dll 2009-12-11 14:42 . 2009-12-11 14:51 69 ----a-w- c:\documents and settings\Sonja\jagex_runescape_preferences2.dat 2009-12-11 14:41 . 2009-12-11 15:08 39 ----a-w- c:\documents and settings\Sonja\jagex_runescape_preferences.dat 2009-12-11 14:41 . 2009-12-11 14:41 -------- d-----w- c:\windows\.jagex_cache_32 2009-12-06 04:56 . 2009-12-06 04:56 79488 ----a-w- c:\documents and settings\Sonja\Programdata\Sun\Java\jre1.6.0_17\gtapi.dll 2009-11-30 12:28 . 2009-11-30 12:28 -------- d-----w- C:\$AVG8.VAULT$ . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-13 19:03 . 2005-03-23 23:52 81216 ----a-w- c:\windows\system32\perfc014.dat 2009-12-13 19:03 . 2005-03-23 23:52 446176 ----a-w- c:\windows\system32\perfh014.dat 2009-12-02 13:19 . 2009-12-24 22:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2009-10-29 07:45 . 2004-08-04 19:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-10-21 05:41 . 2004-08-04 19:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:41 . 2004-08-04 19:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 23:00 . 2009-10-20 23:00 417792 ----a-w- c:\documents and settings\All Users\Programdata\MGS\cache\m\menucore.e2df50a5930ba5d46a68f5564d204ba0.dll 2009-10-20 16:20 . 2004-08-04 19:00 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:38 . 2004-08-04 19:00 270848 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:40 . 2004-08-04 19:00 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:40 . 2004-08-04 19:00 149504 ----a-w- c:\windows\system32\rastls.dll 2009-10-02 20:27 . 2008-06-17 16:50 39544 ----a-w- c:\documents and settings\Sonja\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\programfiler\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-27 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LaunchApp"="Alaunch" [X] "SynTPLpr"="c:\programfiler\Synaptics\SynTP\SynTPLpr.exe" [2005-01-07 102491] "SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2005-01-07 692315] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-03-21 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-03-21 126976] "RemoteControl"="c:\programfiler\filer\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-15 32768] "SoundMan"="SOUNDMAN.EXE" [2004-12-01 77824] "AGRSMMSG"="AGRSMMSG.exe" [2005-04-15 88202] "EPM-DM"="c:\acer\epm\epm-dm.exe" [2005-04-21 188416] "ePowerManagement"="c:\acer\ePM\ePM.exe" [2005-03-15 2893824] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2005-10-14 487424] "eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2005-11-16 385024] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-12 2043160] "QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2009-05-26 413696] "SSBkgdUpdate"="c:\programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "PaperPort PTD"="c:\programfiler\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248] "IndexSearch"="c:\programfiler\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632] "PPort11reminder"="c:\programfiler\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528] "BrMfcWnd"="c:\programfiler\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 663552] "ControlCenter3"="c:\programfiler\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-08-15 12:50 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgupd.exe"= "c:\\Programfiler\\AVG\\AVG8\\avgemc.exe"= "c:\\Programfiler\\Messenger\\msmsgs.exe"= "c:\\Programfiler\\Spotify\\spotify.exe"= "c:\\Programfiler\\Mozilla Firefox\\firefox.exe"= "c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [24.12.2009 23:53 64288] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [15.06.2008 20:32 335240] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [15.06.2008 20:33 108552] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [03.07.2008 19:12 908056] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [03.07.2008 19:12 297752] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [18.02.2009 18:31 54752] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programfiler\Lavasoft\Ad-Aware\AAWService.exe [02.12.2009 14:19 1181328] S3 cxbu0wdm;CardMan 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [15.01.2008 12:39 97792] S3 fsssvc;Windows Live Tryggere for familien-tjenesten;c:\programfiler\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 704864] . ------- Tilleggsskanning ------- . uStart Page = hxxp://startsiden.no/ uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab FF - ProfilePath - c:\documents and settings\Sonja\Programdata\Mozilla\Firefox\Profiles\7k4gtfrl.default\ FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\programfiler\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll FF - plugin: c:\programfiler\Windows Live\Photo Gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url="http://www.gmer.net"]http://www.gmer.net[/url] Rootkit scan 2009-12-28 18:22 Windows 5.1.2600 Service Pack 3 FAT NTAPI skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . Tidspunkt ferdig: 2009-12-28 18:24:25 ComboFix-quarantined-files.txt 2009-12-28 17:24 Pre-Run: 5 135 515 648 byte ledig Post-Run: 5 816 991 744 byte ledig WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - A75E72911745B0C1E4651C51942242B3 Lenke til kommentar
norbat Skrevet 8. januar 2010 Del Skrevet 8. januar 2010 Oppdater mbam og kjør en ny rask skann. Post loggen sammen med en ny combofix-logg. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå