2010-12-15, 18:16
#26
Den har kört 32 min. och hittad 15 infektioner tills vidare
2010-12-15, 18:46
#27
Citat:
Ursprungligen postat av MarabouLover
Den har kört 32 min. och hittad 15 infektioner tills vidare
Nu: 36 infekterade objekt and still counting...
2010-12-15, 19:04
#28
Hell mother fucking yeah! Det ser ut att det fungerade. Malware-dödaren säger att allt gick bra. Här är rapporten:
Igen, tack för hjälpen. Anade inte att Flashback hade ett hjärta!
Citat:
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org
Databasversion: 5320
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-12-15 19:00:39
mbam-log-2010-12-15 (19-00-39).txt
Skanningstyp: Fullständig skanning (C:\|)
Antal skannade objekt: 178543
Förfluten tid: 1 timme(ar), 13 minut(er), 57 sekund(er)
Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 12
Infekterade registervärden: 2
Infekterade registerdataposter: 0
Infekterade mappar: 2
Infekterade filer: 28
Infekterade minnesprocesser:
(Inga illasinnade poster hittades)
Infekterade minnesmoduler:
(Inga illasinnade poster hittades)
Infekterade registernycklar:
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_RESULTBAR_SERVICE (Adware.ResultBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\ResultBar Service (Adware.ResultBar) -> Quarantined and deleted successfully.
Infekterade registervärden:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\btpSTJvAQv.exe (Trojan.Agent) -> Value: btpSTJvAQv.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790477B77654513EA193 (Malware.Trace) -> Value: SRS_IT_E8790477B77654513EA193 -> Quarantined and deleted successfully.
Infekterade registerdataposter:
(Inga illasinnade poster hittades)
Infekterade mappar:
c:\documents and settings\all users\application data\resultbar (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\Program\resultbar (Adware.ResultBar) -> Quarantined and deleted successfully.
Infekterade filer:
c:\documents and settings\LG\lokala inställningar\Temp\btpstjvaqv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\LG\lokala inställningar\Temp\kdkqjfuccl.dll (Trojan.Crypt) -> Quarantined and deleted successfully.
c:\documents and settings\LG\lokala inställningar\Temp\SHO1C.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\LG\lokala inställningar\Temp\32190968.exe (Rogue.HDDScan) -> Quarantined and deleted successfully.
c:\documents and settings\LG\lokala inställningar\Temp\nsz24.tmp\uninstaller.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\LG\mina dokument\downloads\xvidsetup (1).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\LG\mina dokument\downloads\xvidsetup (2).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\LG\mina dokument\downloads\xvidsetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\Program\resultbar\resultbar.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
c:\Program\resultbar\resultbar.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP205\A0188278.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP205\A0188301.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP205\A0188302.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP205\A0188303.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189833.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189828.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189829.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189830.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189831.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189832.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190404.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190405.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190406.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190408.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190410.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190411.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190412.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190413.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
www.malwarebytes.org
Databasversion: 5320
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2010-12-15 19:00:39
mbam-log-2010-12-15 (19-00-39).txt
Skanningstyp: Fullständig skanning (C:\|)
Antal skannade objekt: 178543
Förfluten tid: 1 timme(ar), 13 minut(er), 57 sekund(er)
Infekterade minnesprocesser: 0
Infekterade minnesmoduler: 0
Infekterade registernycklar: 12
Infekterade registervärden: 2
Infekterade registerdataposter: 0
Infekterade mappar: 2
Infekterade filer: 28
Infekterade minnesprocesser:
(Inga illasinnade poster hittades)
Infekterade minnesmoduler:
(Inga illasinnade poster hittades)
Infekterade registernycklar:
HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE} (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\ResultBar (Adware.ResultBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_RESULTBAR_SERVICE (Adware.ResultBar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\ResultBar Service (Adware.ResultBar) -> Quarantined and deleted successfully.
Infekterade registervärden:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\btpSTJvAQv.exe (Trojan.Agent) -> Value: btpSTJvAQv.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E8790477B77654513EA193 (Malware.Trace) -> Value: SRS_IT_E8790477B77654513EA193 -> Quarantined and deleted successfully.
Infekterade registerdataposter:
(Inga illasinnade poster hittades)
Infekterade mappar:
c:\documents and settings\all users\application data\resultbar (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\Program\resultbar (Adware.ResultBar) -> Quarantined and deleted successfully.
Infekterade filer:
c:\documents and settings\LG\lokala inställningar\Temp\btpstjvaqv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\LG\lokala inställningar\Temp\kdkqjfuccl.dll (Trojan.Crypt) -> Quarantined and deleted successfully.
c:\documents and settings\LG\lokala inställningar\Temp\SHO1C.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\LG\lokala inställningar\Temp\32190968.exe (Rogue.HDDScan) -> Quarantined and deleted successfully.
c:\documents and settings\LG\lokala inställningar\Temp\nsz24.tmp\uninstaller.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\LG\mina dokument\downloads\xvidsetup (1).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\LG\mina dokument\downloads\xvidsetup (2).exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\LG\mina dokument\downloads\xvidsetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\Program\resultbar\resultbar.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
c:\Program\resultbar\resultbar.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP205\A0188278.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP205\A0188301.dll (Adware.Agent.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP205\A0188302.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP205\A0188303.exe (Adware.ResultBar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189833.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189828.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189829.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189830.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189831.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP215\A0189832.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190404.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190405.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190406.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190408.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190410.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190411.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190412.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{fc0248d1-cdca-45f9-a576-cff8d507d440}\RP217\A0190413.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
Igen, tack för hjälpen. Anade inte att Flashback hade ett hjärta!
2010-12-15, 19:37
#29
Citat:
Ursprungligen postat av MarabouLover
Hell mother fucking yeah! Det ser ut att det fungerade. Malware-dödaren säger att allt gick bra. Här är rapporten:
Igen, tack för hjälpen. Anade inte att Flashback hade ett hjärta!
Igen, tack för hjälpen. Anade inte att Flashback hade ett hjärta!
starta om, gör en snabb scan
2010-12-15, 21:39
#31
Damn (unauthorized use of account)
__________________
Senast redigerad av LucNN 2010-12-15 kl. 21:44.
Senast redigerad av LucNN 2010-12-15 kl. 21:44.
2010-12-15, 22:02
#32
Citat:
Vad menar du?
Ursprungligen postat av LucNN
Damn (unauthorized use of account)
2010-12-15, 23:18
#33
Citat:
Ursprungligen postat av cSx
Jo då. Här på "Datadelen" är vi trevliga.
Härligt!
Jag är verkligen jättetacksam för all hjälp. Så skönt att allt fungerar som det ska nu. Ett tag trodde jag att hoppet var ute, hehe. Men det var ju inte så svårt trots allt! Men tjejer och datorer ni vet... 
2010-12-16, 03:20
#34
Citat:
Jo, det brukar vara så.
Ursprungligen postat av MarabouLover
Härligt! Jag är verkligen jättetacksam för all hjälp. Så skönt att allt fungerar som det ska nu. Ett tag trodde jag att hoppet var ute, hehe. Men det var ju inte så svårt trots allt! Men tjejer och datorer ni vet...
Jag är verkligen jättetacksam för all hjälp. Så skönt att allt fungerar som det ska nu. Ett tag trodde jag att hoppet var ute, hehe. Men det var ju inte så svårt trots allt! Men tjejer och datorer ni vet... 
Skapa ett konto eller logga in för att kommentera
Du måste vara medlem för att kunna kommentera