gunleik1 Skrevet 30. august 2010 Del Skrevet 30. august 2010 Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversjon: 4503 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 29.08.2010 22:54:52 mbam-log-2010-08-29 (22-54-52).txt Skanntype: Hurtigsøk Objekter skannet: 144337 Tid tilbakelagt: 4 minutt(er), 56 sekund(er) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 2 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert 4 Minneprosesser infisert: (Ingen skadelige objekter funnet) Minnemoduler infisert: (Ingen skadelige objekter funnet) Registernøkler infisert: HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crusader (Rogue.Crusader) -> Quarantined and deleted successfully. Registerverdier infisert: (Ingen skadelige objekter funnet) Registerfiler infisert: (Ingen skadelige objekter funnet) Mapper infisert: (Ingen skadelige objekter funnet) Filer infisert C:\Users\gunleik\AppData\Local\Temp\nrcxsaemow.exe (Rootkit.Dropper) -> Quarantined and deleted successfully. C:\Users\gunleik\AppData\Local\Temp\nrjfgiq.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Users\gunleik\AppData\Local\Temp\ogjpeed.exe (Adware.AdRotator) -> Quarantined and deleted successfully. C:\Users\gunleik\AppData\Local\Temp\rtervrjv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. DDS (Ver_10-03-17.01) - NTFSX64 Run by gunleik at 18:02:23,93 on 30.08.2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.47.1044.18.4091.2469 [GMT 2:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\System32\alg.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe C:\Windows\PLFSetI.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe C:\Program Files (x86)\Video Web Camera\traybar.exe C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe C:\Program Files (x86)\LimeWire\LimeWire.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Apoint2K\HidFind.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe D:\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://nb-no.facebook.com/ uDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&m=easynote_tj66&r=2736051012b6l04d0z1m5f4421y21s mDefault_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&m=easynote_tj66&r=2736051012b6l04d0z1m5f4421y21s mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0414&m=easynote_tj66&r=2736051012b6l04d0z1m5f4421y21s mLocal Page = c:\windows\syswow64\blank.htm uInternet Settings,ProxyOverride = <local> uInternet Settings,ProxyServer = http=127.0.0.1:6522 uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files (x86)\ask.com\GenericAskToolbar.dll uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files (x86)\norton internet security\engine\17.5.0.127\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files (x86)\norton internet security\engine\17.5.0.127\IPSBHO.DLL BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.5126.1836\swg.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files (x86)\ask.com\GenericAskToolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files (x86)\avg\avg9\toolbar\IEToolbar.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files (x86)\norton internet security\engine\17.5.0.127\coIEPlg.dll uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [backupManagerTray] "c:\program files (x86)\newtech infosystems\packard bell mybackup\BackupManagerTray.exe" -h -k mRun: [NortonOnlineBackupReminder] "c:\program files (x86)\symantec\norton online backup\activation\NobuActivation.exe" UNATTENDED mRun: [Camera Assistant Software] "c:\program files (x86)\video web camera\traybar.exe" mRun: [LManager] c:\program files (x86)\launch manager\LManager.exe mRun: [RemoteControl8] "c:\program files (x86)\cyberlink\powerdvd8\PDVD8Serv.exe" mRun: [PDVD8LanguageShortcut] "c:\program files (x86)\cyberlink\powerdvd8\language\Language.exe" mRun: [sunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe" mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe" StartupFolder: c:\users\gunleik\appdata\roaming\micros~1\windows\startm~1\programs\startup\limewi~1.lnk - c:\program files (x86)\limewire\LimeWire.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} {AA58ED58-01DD-4d91-8333-CF10577473F7} {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} {2318C2B1-4965-11d4-9B18-009027A5CD4F} TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File mRun-x64: [iAAnotif] c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe mRun-x64: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun-x64: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent64.exe mRun-x64: [PLFSetI] c:\windows\PLFSetI.exe mRun-x64: [Apoint] c:\program files\apoint2k\Apoint.exe mRun-x64: [Acer ePower Management] c:\program files\packard bell\packard bell power management\ePowerTray.exe ============= SERVICES / DRIVERS =============== R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nisx64\1105000.07f\SymDS64.sys [2010-8-29 433200] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nisx64\1105000.07f\SymEFA64.sys [2010-8-29 221232] R1 BHDrvx64;BHDrvx64;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.5.0.127\definitions\bashdefs\20091205.001\BHDrvx64.sys [2010-8-29 668720] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nisx64\1105000.07f\cchpx64.sys [2010-8-29 615040] R1 IDSVia64;IDSVia64;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.5.0.127\definitions\ipsdefs\20091105.001\IDSVia64.sys [2010-8-29 466992] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nisx64\1105000.07f\Ironx64.sys [2010-8-29 148528] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nisx64\1105000.07f\symtdiv.sys [2010-8-29 451120] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904] R2 ePowerSvc;Acer ePower Service;c:\program files\packard bell\packard bell power management\ePowerSvc.exe [2010-3-8 844320] R2 Greg_Service;GRegService;c:\program files (x86)\packard bell\registration\GregHSRW.exe [2009-8-28 1150496] R2 NIS;Norton Internet Security;c:\program files (x86)\norton internet security\engine\17.5.0.127\ccSvcHst.exe [2010-8-29 126392] R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\newtech infosystems\packard bell mybackup\IScheduleSvc.exe [2009-8-21 62720] R2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\packard bell gamezone\gameconsole\OberonGameConsoleService.exe [2009-11-2 44312] R2 Updater Service;Updater Service;c:\program files\packard bell\packard bell updater\UpdaterService.exe [2009-10-30 240160] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-8-29 132656] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60a.sys [2010-3-8 317480] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-3-8 84512] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2010-4-19 50688] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 17920] S2 gupdate;Googles oppdateringstjeneste (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-5-11 135664] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\avg\avg9\toolbar\toolbarbroker.exe --> c:\program files (x86)\avg\avg9\toolbar\ToolbarBroker.exe [?] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\drivers\netw5v64.sys [2009-6-10 5434368] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-10-30 216064] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL6.SYS [2009-7-14 292864] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV6.SYS [2009-7-14 1485312] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT6.SYS [2009-7-14 740864] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-24 1255736] =============== Created Last 30 ================ 2010-08-29 20:39:52 0 d-----w- c:\users\gunleik\appdata\roaming\Malwarebytes 2010-08-29 20:39:40 24664 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-08-29 20:39:40 0 d-----w- c:\programdata\Malwarebytes 2010-08-29 20:39:40 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2010-08-29 15:04:30 854 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.INF 2010-08-29 15:04:30 7440 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.CAT 2010-08-29 15:04:30 173104 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS 2010-08-29 15:04:21 0 d-----w- c:\program files\Symantec 2010-08-29 15:04:21 0 d-----w- c:\program files\common files\Symantec Shared 2010-08-29 15:03:49 0 d-----w- c:\windows\system32\drivers\NISx64 2010-08-29 15:03:47 0 d-----w- c:\program files (x86)\Norton Internet Security 2010-08-29 15:03:44 0 d-----w- c:\programdata\Norton 2010-08-29 15:03:34 0 d-----w- c:\programdata\NortonInstaller 2010-08-29 15:03:34 0 d-----w- c:\program files (x86)\NortonInstaller 2010-08-25 14:31:48 861184 ----a-w- c:\windows\system32\oleaut32.dll 2010-08-25 14:31:48 571904 ----a-w- c:\windows\syswow64\oleaut32.dll 2010-08-13 11:52:59 1233920 ----a-w- c:\windows\syswow64\msxml3.dll 2010-08-12 10:58:19 83 ----a-w- c:\windows\wwp.INI 2010-08-12 10:44:00 0 d-----w- C:\Team17 2010-08-10 18:06:46 0 d-----w- c:\users\gunleik\appdata\roaming\11A9CF1FCA3BC69AB7B450D3C0F82DCD 2010-08-08 20:11:21 0 d-----w- c:\program files (x86)\bfgclient 2010-08-08 20:09:49 0 d-----w- C:\BigFishGamesCache 2010-08-06 16:46:12 0 d-----w- c:\programdata\AVG Security Toolbar 2010-08-06 16:43:27 0 d-----w- c:\program files (x86)\AVG 2010-08-06 10:49:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2010-08-06 10:49:17 126312 ----a-w- c:\windows\system32\GEARAspi64.dll 2010-08-06 10:49:17 107368 ----a-w- c:\windows\syswow64\GEARAspi.dll 2010-08-06 10:49:01 0 d-----w- c:\program files\iPod 2010-08-06 10:49:00 0 d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2010-08-06 10:49:00 0 d-----w- c:\program files\iTunes 2010-08-06 10:49:00 0 d-----w- c:\program files (x86)\iTunes 2010-08-06 10:47:58 0 d-----w- c:\programdata\Apple Computer 2010-08-06 10:47:11 0 d-----w- c:\program files\common files\Apple 2010-08-06 10:47:04 0 d-----w- c:\program files\Bonjour 2010-08-06 10:47:04 0 d-----w- c:\program files (x86)\Bonjour 2010-08-06 10:46:57 0 d-----w- c:\programdata\Apple 2010-08-05 19:58:17 12867584 ----a-w- c:\windows\syswow64\shell32.dll 2010-08-05 19:58:16 144384 ----a-w- c:\windows\system32\cdd.dll 2010-08-01 13:59:24 0 d-----w- c:\users\gunleik\appdata\roaming\ViquaSoft ==================== Find3M ==================== 2010-08-13 12:09:11 74124 ----a-w- c:\windows\system32\perfc014.dat 2010-08-13 12:09:11 448210 ----a-w- c:\windows\system32\perfh014.dat 2010-07-29 06:30:34 82944 ----a-w- c:\windows\syswow64\iccvid.dll 2010-07-20 15:24:55 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2010-07-12 13:47:30 0 ----a-w- c:\users\gunleik\appdata\roaming\wklnhst.dat 2010-06-30 10:05:46 99 ----a-w- c:\users\gunleik\jagex_runescape_preferences2.dat 2010-06-30 10:03:48 46 ----a-w- c:\users\gunleik\jagex_runescape_preferences.dat 2010-06-30 07:13:46 1192960 ----a-w- c:\windows\system32\wininet.dll 2010-06-30 06:25:31 978432 ----a-w- c:\windows\syswow64\wininet.dll 2010-06-30 06:25:18 1226240 ----a-w- c:\windows\syswow64\urlmon.dll 2010-06-30 06:22:45 606208 ----a-w- c:\windows\syswow64\mstime.dll 2010-06-30 06:22:34 5971456 ----a-w- c:\windows\syswow64\mshtml.dll 2010-06-30 06:22:33 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll 2010-06-30 06:21:57 48128 ----a-w- c:\windows\syswow64\jsproxy.dll 2010-06-30 06:21:47 185856 ----a-w- c:\windows\syswow64\iepeers.dll 2010-06-30 06:21:47 176640 ----a-w- c:\windows\syswow64\ieui.dll 2010-06-30 06:21:46 10985472 ----a-w- c:\windows\syswow64\ieframe.dll 2010-06-30 06:21:44 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll 2010-06-30 06:19:16 12800 ----a-w- c:\windows\syswow64\msfeedssync.exe 2010-06-19 07:05:01 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-06-19 06:53:18 52224 ----a-w- c:\windows\system32\rtutils.dll 2010-06-19 06:33:29 3955080 ----a-w- c:\windows\syswow64\ntkrnlpa.exe 2010-06-19 06:33:29 3899784 ----a-w- c:\windows\syswow64\ntoskrnl.exe 2010-06-19 06:23:50 37376 ----a-w- c:\windows\syswow64\rtutils.dll 2010-06-19 04:32:34 3122688 ----a-w- c:\windows\system32\win32k.sys 2010-06-16 06:11:10 340992 ----a-w- c:\windows\system32\schannel.dll 2010-06-16 05:48:35 224256 ----a-w- c:\windows\syswow64\schannel.dll 2010-06-08 05:36:31 1877504 ----a-w- c:\windows\system32\msxml3.dll 2010-06-07 16:38:00 0 ----a-w- c:\users\gunleik\jagex__preferences3.dat 2010-03-08 02:37:54 36156 ----a-w- c:\windows\inf\perflib\0414\perfd.dat 2010-03-08 02:37:54 36156 ----a-w- c:\windows\inf\perflib\0414\perfc.dat 2010-03-08 02:37:54 298300 ----a-w- c:\windows\inf\perflib\0414\perfi.dat 2010-03-08 02:37:54 298300 ----a-w- c:\windows\inf\perflib\0414\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2008-06-11 16:12:00 776614 ----a-w- c:\program files (x86)\common files\packardbell.ico 2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 18:03:37,32 =============== Lenke til kommentar
gunleik1 Skrevet 31. august 2010 Forfatter Del Skrevet 31. august 2010 her er MBAM og DDS loggene etter scanningen av pcen. er det noen som kan hjelpe? Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå