Gå til innhold

Muligens fått no virus - AVG fant ikkeno

Tunky

Av Tunky
i IKT-drift og sikkerhet

Anbefalte innlegg

Tunky

Tunky

Skrevet
Skrevet

Heisann.

 

Jeg har muligens fått et virus som driver og sender ut noen mailer fra min adresse. Jeg søkte etter virus med AVG Free 9.0.851, som ikke fant noen ting. Vet ikke om dette er et kjent virus, men fant ingenting da jeg prøvde å søke. Har ikke merket noen andre ting med PCen.

 

Mailen lyder som følger:

"i introduced a good friend to you

they sell thousands of new original electrical products

new original

<dudu-co . com >

hope you like it , and make friends with them too

regards "

 

Hva nå?

Lenke til kommentar

Videoannonse

Videoannonse
Annonse
Tunky

Tunky

Skrevet
  • Forfatter
Skrevet

Here it comes:

MBAM:

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Databaseversjon: 4385

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

03.08.2010 16:15:22

mbam-log-2010-08-03 (16-15-22).txt

 

Skanntype: Hurtigsøk

Objekter skannet: 137443

Tid tilbakelagt: 6 minutt(er), 52 sekund(er)

 

Minneprosesser infisert: 0

Minnemoduler infisert: 0

Registernøkler infisert: 18

Registerverdier infisert: 0

Registerfiler infisert: 0

Mapper infisert: 6

Filer infisert 3

 

Minneprosesser infisert:

(Ingen skadelige objekter funnet)

 

Minnemoduler infisert:

(Ingen skadelige objekter funnet)

 

Registernøkler infisert:

HKEY_CLASSES_ROOT\cscrptxt.cscrptxt (Adware.EZlife) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\cscrptxt.cscrptxt.1.0 (Adware.EZlife) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{a9722a0d-365f-47d2-b70b-37d046316d99} (Adware.EZlife) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e0ec6fba-f009-3535-95d6-b6390db27da1} (Adware.EZlife) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bwfhmcadqli (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\adproclient.adhlpr (Adware.SmartAds) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\adproclient.adhlpr.1 (Adware.SmartAds) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\adshot.adshothlpr (Adware.AdRotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\adshot.adshothlpr.1 (Adware.AdRotator) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30b09997-fa20-4cb9-ba3e-82782ae4fb9c} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{30b09997-fa20-4cb9-ba3e-82782ae4fb9c} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47654a19-72bb-4261-9f24-d713ad5e9059} (Adware.AdRotator) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{47654a19-72bb-4261-9f24-d713ad5e9059} (Adware.AdRotator) -> Quarantined and deleted successfully.

 

Registerverdier infisert:

(Ingen skadelige objekter funnet)

 

Registerfiler infisert:

(Ingen skadelige objekter funnet)

 

Mapper infisert:

C:\Program Files (x86)\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ezLife\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ezLife\ezLife\1.1.2.0 (Adware.EzLife) -> Quarantined and deleted successfully.

C:\Program Files (x86)\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.

C:\Program Files (x86)\Smart-Ads-Solutions\SmartAds (Adware.SmartAds) -> Quarantined and deleted successfully.

C:\Program Files (x86)\Smart-Ads-Solutions\SmartAds\1.1.2.0 (Adware.SmartAds) -> Quarantined and deleted successfully.

 

Filer infisert

C:\Windows\System32\bwfhmcadqli.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ezLife\ezLife\1.1.2.0\uninstall.exe (Adware.EzLife) -> Quarantined and deleted successfully.

C:\Program Files (x86)\Smart-Ads-Solutions\SmartAds\1.1.2.0\uninstall.exe (Adware.SmartAds) -> Quarantined and deleted successfully.

 

 

 

DDS:

 

 

DDS (Ver_10-03-17.01) - NTFSX64

Run by Knut at 16:25:46,50 on 03.08.2010

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.47.1033.18.3070.1343 [GMT 2:00]

 

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Program Files (x86)\AVG\AVG9\avgchsva.exe

C:\Program Files (x86)\AVG\AVG9\avgrsa.exe

C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

C:\Program Files\Fingerprint Reader Suite\upeksvr.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files (x86)\AVG\AVG9\avgnsa.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Voddler\service\voddler.exe

C:\Program Files (x86)\AVG\AVG9\avgemc.exe

C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files\Fingerprint Reader Suite\psqltray.exe

C:\Users\Knut\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\AVG\AVG9\avgtray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Java\jre6\bin\jusched.exe

C:\Windows\OEM02Mon.exe

C:\Program Files (x86)\Voddler\service\VNetManager.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

\\?\C:\Windows\system32\wbem\WMIADAP.EXE

C:\Users\Knut\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Users\Knut\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Knut\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Knut\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Knut\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Knut\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Knut\Downloads\dds.scr

C:\Windows\system32\conhost.exe

 

============== Pseudo HJT Report ===============

 

mLocal Page = c:\windows\syswow64\blank.htm

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll

BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: GdfrDUEn Class: {a3cf7606-e683-4375-a372-96b75da0aef7} - c:\program files (x86)\get styles\enlbrdr.dll

BHO: ClueIEAddin: {c14aa221-bae1-45f6-b0b3-90c23f2daa7d} - c:\clue\adxloader.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll

uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background

uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe"

uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun

uRun: [Google Update] "c:\users\knut\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [steam] "c:\program files (x86)\steam\Steam.exe" -silent

mRun: [AVG9_TRAY] c:\progra~2\avg\avg9\avgtray.exe

mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files (x86)\java\jre6\bin\jusched.exe"

mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe

mRun: [VoddlerNet Manager] c:\program files (x86)\voddler\service\VNetManager.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\bttray.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: DisableCAD = 1 (0x1)

IE: E&xport to Microsoft Excel - c:\progra~2\micros~3\office12\EXCEL.EXE/3000

IE: Free YouTube to Mp3 Converter - c:\users\knut\appdata\roaming\dvdvideosoftiehelpers\youtubetomp3.htm

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files (x86)\get styles\ct.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49}

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

Filter: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} -

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg9\avgpp.dll

LSA: Notification Packages = scecli psqlpwd

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files (x86)\avg\avg9\avgssiea.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

mRun-x64: [Apoint] c:\program files\delltpad\Apoint.exe

mRun-x64: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray64.exe

mRun-x64: [PSQLLauncher] "c:\program files\fingerprint reader suite\launcher.exe" /startup

mRun-x64: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start

mRun-x64: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

AppInit_DLLs-X64: avgrssta.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\knut\appdata\roaming\mozilla\firefox\profiles\07kmo0ju.default\

FF - prefs.js: browser.search.selectedEngine - Search the Web

FF - prefs.js: browser.startup.homepage - hxxp://ahoolly.com

FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=61495&p=

FF - component: c:\program files (x86)\orbitdownloader\addons\oneclickyoutubedownloader\components\GrabXpcom.dll

FF - component: c:\users\knut\appdata\roaming\mozilla\firefox\profiles\07kmo0ju.default\extensions\{cc6a5222-162d-49b3-b2ca-28eade05a059}\components\Engine.dll

FF - plugin: c:\program files (x86)\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files (x86)\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files (x86)\google\update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: c:\program files (x86)\google\update\1.2.183.17\npGoogleOneClick8.dll

FF - plugin: c:\program files (x86)\google\update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files (x86)\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files (x86)\voddler\plugin\npvoddler.dll

FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\users\knut\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\users\knut\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\users\knut\appdata\roaming\facebook\npfbplugin_1_0_3.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

 

============= SERVICES / DRIVERS ===============

 

R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2009-11-4 269904]

R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2009-11-4 35536]

R1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2009-11-4 317520]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe [2009-11-4 86016]

R2 avg9emc;AVG Free E-mail Scanner;c:\program files (x86)\avg\avg9\avgemc.exe [2010-7-17 921952]

R2 avg9wd;AVG Free WatchDog;c:\program files (x86)\avg\avg9\avgwdsvc.exe [2010-7-17 308136]

R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x64.sys [2010-1-28 19432]

R2 VoddlerNet;VoddlerNet;c:\program files (x86)\voddler\service\voddler.exe [2010-3-25 1160912]

R3 NETw4v64;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\drivers\NETw4v64.sys [2007-8-8 3154944]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2009-6-10 389120]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-1-23 135664]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\drivers\netw5v64.sys [2009-6-10 5434368]

 

=============== Created Last 30 ================

 

2010-08-03 14:06:42 0 d-----w- c:\users\knut\appdata\roaming\Malwarebytes

2010-08-03 14:06:23 24664 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-08-03 14:06:23 0 d-----w- c:\programdata\Malwarebytes

2010-08-03 14:06:23 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2010-07-31 15:28:02 0 d-----w- c:\program files (x86)\CamStudio

2010-07-29 11:37:34 0 d-----w- c:\users\knut\Games

2010-07-28 23:55:48 71720 ----a-w- c:\users\knut\Welcome To The Family.gp5

2010-07-28 20:32:54 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

2010-07-28 12:05:24 0 d-----w- c:\users\knut\appdata\roaming\GrabPro

2010-07-25 01:13:40 0 d-----w- c:\users\knut\appdata\roaming\ProgSense

2010-07-25 01:13:40 0 d-----w- C:\Downloads

2010-07-22 23:08:09 0 d-----w- c:\program files (x86)\Free WMA to MP3 Converter

2010-07-22 13:42:07 765242 ----a-w- c:\windows\syswow64\PerfStringBackup.INI

2010-07-22 13:33:27 49472 ----a-w- c:\windows\syswow64\netfxperf.dll

2010-07-22 13:33:26 99176 ----a-w- c:\windows\syswow64\PresentationHostProxy.dll

2010-07-22 13:33:26 48960 ----a-w- c:\windows\system32\netfxperf.dll

2010-07-22 13:33:26 444752 ----a-w- c:\windows\system32\mscoree.dll

2010-07-22 13:33:26 320352 ----a-w- c:\windows\system32\PresentationHost.exe

2010-07-22 13:33:26 297808 ----a-w- c:\windows\syswow64\mscoree.dll

2010-07-22 13:33:26 295264 ----a-w- c:\windows\syswow64\PresentationHost.exe

2010-07-22 13:33:26 1942856 ----a-w- c:\windows\system32\dfshim.dll

2010-07-22 13:33:26 1130824 ----a-w- c:\windows\syswow64\dfshim.dll

2010-07-22 13:33:26 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-07-17 11:10:40 0 d-----w- c:\program files (x86)\Lock Folder XP

2010-07-17 07:38:14 13048 ----a-w- c:\windows\system32\avgrssta.dll

2010-07-12 12:22:28 0 d-----w- c:\users\knut\appdata\roaming\LimeWire

2010-07-12 12:22:02 0 d-----w- c:\program files (x86)\LimeWire

 

==================== Find3M ====================

 

2010-07-17 07:38:15 317520 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2010-07-17 07:37:43 269904 ----a-w- c:\windows\system32\drivers\avgldx64.sys

2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat

2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat

2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat

2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat

2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini

2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini

2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat

2010-01-23 07:53:18 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

2010-03-07 22:41:53 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat

2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe

2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

 

============= FINISH: 16:27:52,96 ===============

 

 

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste
×
×
  • Opprett ny...