Khalifen Skrevet 6. juni 2008 Del Skrevet 6. juni 2008 Heisann. Åpnet en slik lenke fra "youtube" slik mange gjør, og jeg frykter at PC-en kan ha blitt infisert. Det er også greit å få noen til å ta en rutinesjekk. På forhånd takk. ComboFix-logg Klikk for å se/fjerne innholdet nedenfor ComboFix 08-06-05.3 - Mads 2008-06-06 17:55:45.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.1034 [GMT 2:00] Running from: F:\Documents and Settings\Mads\Skrivebord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-05-06 to 2008-06-06 ))))))))))))))))))))))))))))))) . 2008-06-06 16:37 . 2008-06-06 16:37 <DIR> d-------- F:\Programfiler\Malwarebytes' Anti-Malware 2008-06-06 16:37 . 2008-06-06 16:37 <DIR> d-------- F:\Documents and Settings\Mads\Programdata\Malwarebytes 2008-06-06 16:37 . 2008-06-06 16:37 <DIR> d-------- F:\Documents and Settings\All Users\Programdata\Malwarebytes 2008-06-06 16:37 . 2008-06-05 16:04 34,296 --a------ F:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-06-06 16:37 . 2008-06-05 16:04 15,864 --a------ F:\WINDOWS\system32\drivers\mbam.sys 2008-06-05 23:49 . 2008-06-05 23:49 <DIR> d-------- F:\Programfiler\Spybot - Search & Destroy 2008-06-05 23:49 . 2008-06-06 00:27 <DIR> d-------- F:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy 2008-06-05 23:42 . 2008-06-06 17:54 <DIR> dr-h----- F:\Documents and Settings\Mads\Siste 2008-06-05 23:31 . 2008-06-05 23:31 <DIR> d-------- F:\Programfiler\CCleaner 2008-05-28 23:52 . 2008-05-28 23:52 <DIR> d-------- F:\Programfiler\directx 2008-05-27 11:37 . 2008-05-28 23:52 <DIR> d-------- F:\Programfiler\Rockstar Games 2008-05-27 11:37 . 2008-05-27 11:37 <DIR> d-------- F:\Documents and Settings\Mads\WINDOWS 2008-05-27 11:37 . 1997-11-19 14:49 303,616 --a------ F:\WINDOWS\IsUninst.exe 2008-05-26 22:29 . 2008-05-26 22:29 <DIR> d-------- F:\Documents and Settings\All Users\Programdata\TEMP 2008-05-26 22:29 . 2008-05-26 22:29 356,352 --a------ F:\WINDOWS\eSellerateEngine.dll 2008-05-26 22:29 . 2004-12-07 10:11 258,352 --a------ F:\WINDOWS\system32\Unicows.dll 2008-05-26 21:32 . 2008-05-26 22:21 <DIR> d-------- F:\Programfiler\Avidemux 2.4 2008-05-26 21:32 . 2008-05-26 22:23 <DIR> d-------- F:\Documents and Settings\Mads\Programdata\gtk-2.0 2008-05-26 21:32 . 2008-05-26 21:32 <DIR> d-------- F:\Documents and Settings\Mads\avidemux 2008-05-26 21:03 . 2008-02-28 13:26 1,414,440 --a------ F:\WINDOWS\system32\ShellManager310E2D762.dll 2008-05-26 21:03 . 2008-02-28 13:01 774,144 --a------ F:\WINDOWS\system32\NEROINSTAEC43759.DB 2008-05-26 21:02 . 2008-05-26 21:02 0 --a------ F:\WINDOWS\Irremote.ini 2008-05-26 18:42 . 2008-05-26 22:23 69 --a------ F:\WINDOWS\NeroDigital.ini 2008-05-26 18:15 . 2008-05-26 18:15 <DIR> d-------- F:\Programfiler\NeroInstall.bak 2008-05-26 17:58 . 2008-05-26 17:58 <DIR> d-------- F:\Documents and Settings\Mads\Programdata\Nero 2008-05-26 17:53 . 2008-05-26 17:53 <DIR> d-------- F:\Programfiler\Nero 2008-05-26 17:53 . 2008-05-26 22:00 <DIR> d-------- F:\Programfiler\Fellesfiler\Nero 2008-05-26 17:53 . 2008-05-26 21:58 <DIR> d-------- F:\Documents and Settings\All Users\Programdata\Nero 2008-05-21 21:23 . 2004-08-04 01:03 159,232 --a------ F:\WINDOWS\system32\ptpusd.dll 2008-05-21 21:23 . 2001-10-06 14:02 5,632 --a------ F:\WINDOWS\system32\ptpusb.dll 2008-05-12 01:50 . 2008-05-12 01:50 <DIR> d-------- F:\Programfiler\AndreaMosaic 2008-05-12 01:50 . 2008-05-12 01:50 737,280 --a------ F:\WINDOWS\iun6002.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-06 11:41 --------- d-----w F:\Documents and Settings\Mads\Programdata\OpenOffice.org2 2008-06-02 19:17 --------- d-----w F:\Documents and Settings\Mads\Programdata\dvdcss 2008-06-02 15:15 --------- d-----w F:\Programfiler\Yahoo! 2008-05-28 21:52 --------- d--h--w F:\Programfiler\InstallShield Installation Information 2008-05-28 15:56 --------- d-----w F:\Documents and Settings\Mads\Programdata\Apple Computer 2008-05-26 20:32 --------- d-----w F:\Programfiler\ABC Amber SVG Converter 2008-04-29 20:30 --------- d-----w F:\Programfiler\Fellesfiler\Adobe 2008-04-20 10:37 --------- d-----w F:\Programfiler\DVD Shrink 2008-04-20 10:37 --------- d-----w F:\Documents and Settings\All Users\Programdata\DVD Shrink 2008-04-16 22:17 --------- d-----w F:\Programfiler\Celtx 2008-04-06 20:13 --------- d-----w F:\Programfiler\Opera . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="F:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OfficeScanNT Monitor"="F:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" [2007-09-06 21:45 710000] "StartCCC"="F:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112] "RTHDCPL"="RTHDCPL.EXE" [2006-10-30 20:49 16269312 F:\WINDOWS\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2006-05-16 19:04 2879488 F:\WINDOWS\SkyTel.exe] "SunJavaUpdateSched"="F:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "Acrobat Assistant 8.0"="F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 23:46 624248] "Adobe_ID0EYTHM"="F:\PROGRA~1\FELLES~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 17:40 1884160] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="F:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:03 15360] F:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\ Adobe Reader Speed Launch.lnk - F:\Programfiler\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 02:48:20 40048] Clean Access Agent.lnk - F:\Programfiler\Cisco Systems\Clean Access Agent\CCAAgent.exe [2007-04-26 13:35:24 2048074] [HKLM\~\startupfolder\F:^Documents and Settings^All Users^Start-meny^Programmer^Oppstart^iFinger 2.1.lnk] path=F:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\iFinger 2.1.lnk backup=F:\WINDOWS\pss\iFinger 2.1.lnkCommon Startup [HKLM\~\startupfolder\F:^Documents and Settings^Mads^Start-meny^Programmer^Oppstart^OpenOffice.org 2.3.lnk] path=F:\Documents and Settings\Mads\Start-meny\Programmer\Oppstart\OpenOffice.org 2.3.lnk backup=F:\WINDOWS\pss\OpenOffice.org 2.3.lnkStartup [HKLM\~\startupfolder\F:^Documents and Settings^Mads^Start-meny^Programmer^Oppstart^Yahoo! Widgets.lnk] path=F:\Documents and Settings\Mads\Start-meny\Programmer\Oppstart\Yahoo! Widgets.lnk backup=F:\WINDOWS\pss\Yahoo! Widgets.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] --a------ 2008-02-28 17:07 1828136 F:\Programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2007-12-11 13:10 267048 F:\Programfiler\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] --a------ 2008-02-18 16:29 2221352 F:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2008-02-28 09:59 570664 F:\Programfiler\Fellesfiler\Nero\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2] --a------ 2003-05-08 13:00 49152 F:\Programfiler\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power_Gear] F:\Programfiler\ASUS\Power4 Gear\BatteryLife.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2007-12-11 11:56 286720 F:\Programfiler\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "F:\\Programfiler\\iTunes\\iTunes.exe"= "F:\\Programfiler\\Bonjour\\mDNSResponder.exe"= "F:\\Programfiler\\Fellesfiler\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"= "F:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"= "F:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "12345:TCP"= 12345:TCP:Trend Micro OfficeScan Listener "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server R2 TabletServicePen;TabletServicePen;F:\WINDOWS\system32\Pen_Tablet.exe [2007-09-07 12:16] R3 wacommousefilter;Wacom Mouse Filter Driver;F:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12:12] R3 wacomvhid;Wacom Virtual Hid Driver;F:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 11:30] R3 WacomVKHid;Virtual Keyboard Driver;F:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 17:11] *Newly Created Service* - CATCHME . Contents of the 'Scheduled Tasks' folder "2008-05-23 08:10:03 F:\WINDOWS\Tasks\Oppdater Ordnett Pluss.job" - F:\Programfiler\Kunnskapsforlaget\Ordnett Pluss\updater.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-06 17:59:15 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-06-06 18:00:40 ComboFix-quarantined-files.txt 2008-06-06 16:00:11 Pre-Run: 11,557,093,376 byte ledig Post-Run: 12,378,001,408 byte ledig 145 Hijackthis-logg: Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:02:39, on 06.06.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\system32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\system32\Ati2evxx.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\system32\Ati2evxx.exe F:\WINDOWS\system32\spoolsv.exe F:\WINDOWS\RTHDCPL.EXE F:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE F:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe F:\WINDOWS\system32\ctfmon.exe F:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\ccc.exe F:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe F:\Programfiler\Bonjour\mDNSResponder.exe F:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe F:\WINDOWS\system32\IoctlSvc.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\system32\Pen_Tablet.exe F:\WINDOWS\system32\Pen_Tablet.exe F:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe F:\Programfiler\Windows Live\Messenger\usnsvc.exe F:\Programfiler\Opera\Opera.exe F:\Programfiler\Trend Micro\OfficeScan Client\PccNTMon.exe F:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe F:\Programfiler\Trend Micro\OfficeScan Client\TmPfw.exe F:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe F:\Programfiler\Trend Micro\OfficeScan Client\TmProxy.exe F:\Programfiler\Trend Micro\OfficeScan Client\CNTAoSMgr.exe F:\WINDOWS\explorer.exe F:\WINDOWS\system32\notepad.exe F:\Programfiler\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - F:\Programfiler\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: iFinger plugin / Browser helper object - {A114D52B-870C-4F15-8021-B6D7F91A054B} - F:\Programfiler\iFinger\plugins\IE.ifp O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - F:\Programfiler\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O4 - HKLM\..\Run: [OfficeScanNT Monitor] "F:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [startCCC] F:\Programfiler\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "F:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0EYTHM] F:\PROGRA~1\FELLES~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = F:\Programfiler\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Clean Access Agent.lnk = F:\Programfiler\Cisco Systems\Clean Access Agent\CCAAgent.exe O8 - Extra context menu item: Append to existing PDF - res://F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://F:\Programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: iFinger - {936E5D60-596C-11D3-BB96-00600816DF55} - F:\WINDOWS\system32\SHDOCVW.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programfiler\Messenger\msmsgs.exe O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - F:\Programfiler\Fellesfiler\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Apple Mobile Device - Apple, Inc. - F:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - F:\Programfiler\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - F:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - F:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Programfiler\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - F:\Programfiler\Fellesfiler\Nero\Lib\NMIndexingService.exe O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - F:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - F:\WINDOWS\system32\IoctlSvc.exe O23 - Service: TabletServicePen - Wacom Technology, Corp. - F:\WINDOWS\system32\Pen_Tablet.exe O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - F:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe O23 - Service: OfficeScan NT Firewall (TmPfw) - Trend Micro Inc. - F:\Programfiler\Trend Micro\OfficeScan Client\TmPfw.exe O23 - Service: OfficeScan NT Proxy Service (TmProxy) - Trend Micro Inc. - F:\Programfiler\Trend Micro\OfficeScan Client\TmProxy.exe -- End of file - 8092 bytes Malwarebytes' Anti-Malware-logg: Klikk for å se/fjerne innholdet nedenfor Malwarebytes' Anti-Malware 1.15 Database versjon: 834 17:54:36 06.06.2008 mbam-log-6-6-2008 (17-54-36).txt Skann type: Full Skann (C:\|F:\|) Objekter skannet: 183591 Tid tilbakelagt: 1 hour(s), 16 minute(s), 33 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) Maskina ser nokså frisk ut, og oppfører seg slik også, men bedre å være helt sikker. Bruker Trend Micro Officescan. Lenke til kommentar
norbat Skrevet 6. juni 2008 Del Skrevet 6. juni 2008 Loggene dine ser rene ut Surf trygt. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå