IcedInsanity Skrevet 28. november 2010 Rapporter Del Skrevet 28. november 2010 Mistenker både trojanere og malware her... MBAM logg: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversjon: 5177 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18975 28.11.2010 01:20:12 mbam-log-2010-11-28 (01-20-12).txt Skanntype: Hurtigsøk Objekter skannet: 142926 Tid tilbakelagt: 6 minutt(er), 19 sekund(er) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 1 Filer infisert 4 Minneprosesser infisert: (Ingen skadelige objekter funnet) Minnemoduler infisert: (Ingen skadelige objekter funnet) Registernøkler infisert: (Ingen skadelige objekter funnet) Registerverdier infisert: (Ingen skadelige objekter funnet) Registerfiler infisert: (Ingen skadelige objekter funnet) Mapper infisert: C:\Users\Acer\AppData\Roaming\SysWin (Trojan.Agent) -> Quarantined and deleted successfully. Filer infisert C:\Windows\System32\020000000ef4498f1076C.manifest (Malware.Trace) -> Quarantined and deleted successfully. C:\Windows\System32\020000000ef4498f1076O.manifest (Malware.Trace) -> Quarantined and deleted successfully. C:\Windows\System32\020000000ef4498f1076P.manifest (Malware.Trace) -> Quarantined and deleted successfully. C:\Windows\System32\020000000ef4498f1076S.manifest (Malware.Trace) -> Quarantined and deleted successfully. Combo logg ComboFix 10-11-27.01 - Acer 28.11.2010 1:34.4.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.47.1044.18.3036.1924 [GMT 1:00] Kjører fra: c:\users\Acer\Downloads\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-10-28 til 2010-11-28 ))))))))))))))))))))))))))))))))) . 2010-11-28 00:39 . 2010-11-28 00:39 -------- d-----w- c:\users\Acer\AppData\Local\temp 2010-11-28 00:39 . 2010-11-28 00:39 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-11-28 00:39 . 2010-11-28 00:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-11-27 16:17 . 2010-11-27 16:32 -------- d-----w- c:\users\Acer\AppData\Roaming\IObit 2010-11-27 16:17 . 2010-11-27 16:17 -------- d-----w- c:\program files\IObit 2010-11-27 11:03 . 2010-11-27 11:03 -------- d-----w- c:\program files\Automation Labs 2010-11-26 18:22 . 1999-05-29 08:08 45568 ----a-w- c:\windows\UniFish3.exe 2010-11-26 18:16 . 2010-11-26 18:16 219200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2010-11-26 18:16 . 2010-11-26 18:16 -------- d-----w- c:\program files\DAEMON Tools Pro 2010-11-26 18:16 . 2010-11-26 18:18 -------- d-----w- c:\users\Acer\AppData\Roaming\DAEMON Tools Pro 2010-11-26 18:16 . 2010-11-26 18:16 -------- d-----w- c:\programdata\DAEMON Tools Pro 2010-11-24 11:16 . 2010-11-27 15:24 -------- d-----w- c:\users\Acer\AppData\Roaming\Raptr 2010-11-24 11:16 . 2010-11-27 15:24 -------- d-----w- c:\program files\Raptr 2010-11-24 11:14 . 2010-11-24 11:20 -------- d-----w- c:\users\Acer\AppData\Roaming\Azureus 2010-11-23 18:21 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-23 18:21 . 2010-11-23 18:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-11-23 18:21 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-12 15:48 . 2010-10-18 08:41 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D3C5564-2B41-4D67-A7AB-90E2A9278D7B}\mpengine.dll 2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2010-10-31 20:25 . 2010-10-31 20:25 -------- d-----w- c:\users\Acer\AppData\Roaming\AVG10 2010-10-31 20:25 . 2010-10-31 20:25 -------- d--h--w- c:\programdata\Common Files 2010-10-31 20:23 . 2010-11-28 00:30 -------- d-----w- c:\programdata\AVG10 2010-10-31 20:13 . 2010-11-23 19:01 -------- d-----w- c:\programdata\MFAData . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-10-19 10:41 . 2009-10-02 23:51 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-09-15 03:50 . 2010-10-20 12:02 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-13 13:56 . 2010-10-13 05:18 8147456 ----a-w- c:\windows\system32\wmploc.DLL 2010-09-08 10:17 . 2010-09-08 10:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-09-08 10:17 . 2010-09-08 10:17 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-09-08 06:01 . 2010-10-13 05:18 916480 ----a-w- c:\windows\system32\wininet.dll 2010-09-08 05:57 . 2010-10-13 05:18 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-09-08 05:57 . 2010-10-13 05:18 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-09-08 05:56 . 2010-10-13 05:18 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-09-08 05:56 . 2010-10-13 05:18 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-09-08 05:04 . 2010-10-13 05:18 385024 ----a-w- c:\windows\system32\html.iec 2010-09-08 04:26 . 2010-10-13 05:18 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-09-08 04:25 . 2010-10-13 05:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-09-06 16:20 . 2010-10-13 05:18 125952 ----a-w- c:\windows\system32\srvsvc.dll 2010-09-06 16:19 . 2010-10-13 05:18 17920 ----a-w- c:\windows\system32\netevent.dll 2010-09-06 13:45 . 2010-10-13 05:18 304128 ----a-w- c:\windows\system32\drivers\srv.sys 2010-09-06 13:45 . 2010-10-13 05:18 145408 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-09-06 13:45 . 2010-10-13 05:18 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-08-31 15:46 . 2010-10-13 05:18 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-08-31 15:46 . 2010-10-13 05:18 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-08-31 15:44 . 2010-10-13 05:18 531968 ----a-w- c:\windows\system32\comctl32.dll 2010-08-31 13:27 . 2010-10-13 05:18 2038272 ----a-w- c:\windows\system32\win32k.sys . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Google Update"="c:\users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-11-08 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808] "RtHDVCpl"="RtHDVCpl.exe" [2008-09-18 6294048] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-11-28 417792] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 544768] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-28 13601312] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-28 92704] "PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-06-04 817672] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AutoStart IR.lnk - c:\program files\WinTV\Ir.exe [2010-7-14 116056] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux5"=wdmaud.drv [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] 2010-11-11 08:27 570688 ----a-w- c:\program files\DAEMON Tools Pro\DTAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech G930] 2010-07-15 12:56 1488216 ----a-w- c:\program files\Logitech\G930\G930.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] 2010-07-12 16:32 74752 ----a-w- c:\program files\Winamp\winampa.exe R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-07-03 13224] R3 hcwhdpvr;Hauppauge HD PVR Capture Device;c:\windows\system32\DRIVERS\hcwhdpvr.sys [2009-04-01 157184] R3 LADF_BakerCOnly;BakerC Filter Driver;c:\windows\system32\DRIVERS\ladfBakerCi386.sys [2010-07-08 331608] R3 LADF_BakerROnly;BakerR Filter Driver;c:\windows\system32\DRIVERS\ladfBakerRi386.sys [2010-07-08 310872] R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424] R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824] R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016] R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600] R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328] R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024] R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616] R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 XPADFL02;XPAD Filter Service 02;c:\windows\system32\DRIVERS\xpadfl02.sys [2006-12-24 27904] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-04-11 691696] S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2009-02-19 127744] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2010-11-26 219200] S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-11-28 24576] S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;c:\windows\system32\libusbd-nt.exe [2005-03-09 18944] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2005-03-09 33792] S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-06-26 66080] S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-07-03 27632] S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008] S4 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x] S4 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x] S4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x] S4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x] S4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x] S4 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x] --- Andre tjenester/drivere lastet i minnet --- *Deregistered* - Avgldx86 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache getPlusHelper REG_MULTI_SZ getPlusHelper . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2010-11-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-285491133-2256550346-2343838731-1000Core.job - c:\users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-08 18:03] 2010-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-285491133-2256550346-2343838731-1000UA.job - c:\users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-08 18:03] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.ba.no/ mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0414&s=2&o=vp32&d=0709&m=aspire_6930g IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xpi0y9gy.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/reqs.php#!/?ref=home FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll FF - plugin: c:\users\Acer\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xpi0y9gy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Extension: Aero Fox XL: {5c8bfb7c-9a54-11dc-8314-0800200c9a66} - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xpi0y9gy.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66} FF - Extension: Flashbug: [email protected] - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xpi0y9gy.default\extensions\[email protected] FF - Extension: Virtus Search Opt-in: [email protected] - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\xpi0y9gy.default\extensions\[email protected] . - - - - TOMME PEKERE FJERNET - - - - URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-11-28 01:39 Windows 6.0.6002 Service Pack 2 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'Explorer.exe'(5856) c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\windows\System32\SysHook.dll . Tidspunkt ferdig: 2010-11-28 01:40:57 ComboFix-quarantined-files.txt 2010-11-28 00:40 ComboFix2.txt 2010-11-23 18:47 ComboFix3.txt 2010-03-12 11:29 ComboFix4.txt 2009-08-13 21:36 Pre-Run: 155 127 463 936 byte ledig Post-Run: 155 102 003 200 byte ledig - - End Of File - - AA46DBAAC1E79433BD9CF097841358B0 Takk for hjelp Lenke til kommentar
snippsat Skrevet 28. november 2010 Rapporter Del Skrevet 28. november 2010 Combofix loggen er ren,ikke noe malware og se. Lenke til kommentar
IcedInsanity Skrevet 28. november 2010 Forfatter Rapporter Del Skrevet 28. november 2010 Så etter eg kjørte MBAM at den fant 1 trojaner og noe malware, men kan det ha vært så lite "alvorlig" at MBAM fjernet alt sammen da eg valgte "fjern merkede" ? Lenke til kommentar
snippsat Skrevet 28. november 2010 Rapporter Del Skrevet 28. november 2010 MBAM er veldig bra,så den har nok fjernet det du hadde. Det er en grunn til at den er valgt i veiledningen Lenke til kommentar
IcedInsanity Skrevet 28. november 2010 Forfatter Rapporter Del Skrevet 28. november 2010 Takk for hjelpen Tom Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå