Just nu i M3-nätverket
Gå till innehåll

Patrik9999

Medlem
  • Antal inlägg

    5
  • Gick med

  • Senaste besök

Foruminlägg postade av Patrik9999


  1. Jaha, nu var det äntligen dags att köpa en ny dator då min gamla är gott som död. Har en budget på 5-5,6k och varit tvungen att snåla lite med komponenterna men jag hoppas det ser bra ut.

     

    Chassi:

    Antec Sonata III 500 W - 995 SEK

     

    Processor:

    Intel Core 2 Duo E7200 2,53GHz Box - 1059 SEK

     

    Grafikkort:

    Sapphire Radeon HD4850 Dual-DVI 512MB - 1463 SEK

     

    Hårddisk:

    250GB Samsung SpinPoint HD250HJ - 425 SEK

     

    DVD/CD-brännare/läsare:

    Samsung SH-S223F 22X DVD±RW DL SATA Svart - 204 SEK

     

    Minne:

    Kingston ValueRAM DDR2 PC6400/800MHz CL5 2x2GB - 574 SEK

     

    Moderkort:

    Gigabyte GA-EP35-DS3 P35, s775 - 958 SEK

     

    eller

     

    Gigabyte GA-73PVM-S2H s775 mATX HDMI, s775 - 644 SEK ??

     

    TOTALT: runt 5600 kr

     

    Så, vad tycks? Passar komponenterna bra ihop och skulle den här datorn kunna klara av tunga spel, såsom Crysis och CoD4? Hade tänkt överklocka lite också.

     

     

     


  2. [log]SmitFraudFix v2.202

     

    Scan done at 9:06:21,46, 2007-07-11

    Run from C:\Documents and Settings\Žgaren\Skrivbord\SmitfraudFix

    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT

    The filesystem type is NTFS

    Fix run in safe mode

     

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix

    !!!Attention, following keys are not inevitably infected!!!

     

    SrchSTS.exe by S!Ri

    Search SharedTaskScheduler's .dll

     

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]

    "{98ca7898-6029-41ab-8f67-ea4f5e1afc22}"="biocomputing"

     

    [HKEY_CLASSES_ROOT\CLSID\{98ca7898-6029-41ab-8f67-ea4f5e1afc22}\InProcServer32]

    @="C:\WINDOWS\system32\myqlejy.dll"

     

    [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{98ca7898-6029-41ab-8f67-ea4f5e1afc22}\InProcServer32]

    @="C:\WINDOWS\system32\myqlejy.dll"

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Killing process

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

     

     

    127.0.0.1 localhost

     

    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

     

    GenericRenosFix by S!Ri

     

    C:\WINDOWS\system32\myqlejy.dll -> Hoax.Win32.Renos.gen.o

    C:\WINDOWS\system32\myqlejy.dll -> Deleted

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

     

    C:\DOCUME~1\ALLUSE~1\START-~1\Online Security Guide.url Deleted

    C:\DOCUME~1\ALLUSE~1\START-~1\Security Troubleshooting.url Deleted

    C:\DOCUME~1\GAREN~1\FAVORI~1\Online Security Test.url Deleted

    C:\Program\Video ActiveX Access\ Deleted

     

    »»»»»»»»»»»»»»»»»»»»»»»» DNS

     

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{B1CE5B86-BC22-4F1B-9718-E635DFC658FB}: DhcpNameServer=195.67.199.18 195.67.199.19

    HKLM\SYSTEM\CS1\Services\Tcpip\..\{B1CE5B86-BC22-4F1B-9718-E635DFC658FB}: DhcpNameServer=195.67.199.18 195.67.199.19

    HKLM\SYSTEM\CS2\Services\Tcpip\..\{B1CE5B86-BC22-4F1B-9718-E635DFC658FB}: DhcpNameServer=195.67.199.18 195.67.199.19

    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=195.67.199.18 195.67.199.19

    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=195.67.199.18 195.67.199.19

    HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=195.67.199.18 195.67.199.19

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

    !!!Attention, following keys are not inevitably infected!!!

     

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

    "System"=""

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

     

    Registry Cleaning done.

     

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix

    !!!Attention, following keys are not inevitably infected!!!

     

    SrchSTS.exe by S!Ri

    Search SharedTaskScheduler's .dll

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» End

     

    [/log]

     

     

    [log]Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 09:26:59, on 2007-07-11

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Boot mode: Normal

     

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\Explorer.EXE

    C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

    C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    C:\Program\Norton Save and Restore\Agent\VProSvc.exe

    C:\WINDOWS\System32\nvsvc32.exe

    C:\WINDOWS\system32\HPZipm12.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program\Java\jre1.6.0_01\bin\jusched.exe

    C:\windows\system\hpsysdrv.exe

    C:\WINDOWS\System32\hphmon05.exe

    C:\HP\KBD\KBD.EXE

    C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe

    C:\Program\InterVideo\Common\bin\WinCinemaMgr.exe

    C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\ALCXMNTR.EXE

    C:\WINDOWS\system32\rundll32.exe

    C:\Program\QuickTime\qttask.exe

    C:\Program\Delade filer\Symantec Shared\ccApp.exe

    C:\Program\Norton Save and Restore\Agent\NSRTray.exe

    C:\Program\MSN Messenger\MsnMsgr.Exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Program\Yahoo!\Messenger\ymsgr_tray.exe

    C:\Program\HP\Digital Imaging\bin\hpqimzone.exe

    C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\WINDOWS\system32\wuauclt.exe

    C:\Program\HP\Digital Imaging\Product Assistant\bin\hprblog.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program\Microsoft Office\Office10\WINWORD.EXE

    C:\Program\Microsoft Works\WkDStore.exe

    C:\WINDOWS\msagent\AgentSvr.exe

    C:\Program\Internet Explorer\iexplore.exe

    C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe

    C:\Program\Trend Micro\HijackThis\HijackThis.exe

     

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\1.0\NppBho.dll

    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program\Yahoo!\Common\yiesrvc.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll

    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: (no name) - {E26CEADA-67B0-4543-BE8B-307F00265118} - C:\Program\Video ActiveX Access\iesplg.dll (file missing)

    O3 - Toolbar: Visa Norton-verktygsfältet - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe"

    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

    O4 - HKLM\..\Run: [HPHUPD05] c:\Program\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

    O4 - HKLM\..\Run: [updateManager] "C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe" /r

    O4 - HKLM\..\Run: [WinCinemaMgr] C:\Program\InterVideo\Common\bin\WinCinemaMgr.exe

    O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe"

    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"

    O4 - HKLM\..\Run: [AutoTBar] c:\Program\HP\Digital Imaging\bin\AUTOTBAR.EXE

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

    O4 - HKLM\..\Run: [osCheck] "C:\Program\Norton Internet Security\osCheck.exe"

    O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

    O4 - HKLM\..\Run: [Norton Save and Restore] "C:\Program\Norton Save and Restore\Agent\NSRTray.exe"

    O4 - HKCU\..\Run: [steam] "c:\program\valve\steam\steam.exe" -silent

    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program\Yahoo!\Messenger\YahooMessenger.exe" -quiet

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe"

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')

    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

    O4 - Global Startup: HP Image Zone Snabbstarta.lnk = C:\Program\HP\Digital Imaging\bin\hpqthb08.exe

    O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program\Yahoo!\Common/ycsrch.htm

    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program\Yahoo!\Common/ycdict.htm

    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program\Yahoo!\Common/ycmap.htm

    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program\Yahoo!\Common/ycsms.htm

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll

    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program\Yahoo!\Common\yiesrvc.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab

    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab

    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program\Yahoo!\Common\yinsthelper.dll

    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab

    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1163231400500

    O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab

    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

    O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab

    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {DA80E089-4648-43D5-93B4-7F37917084E6} (CacheManager.CacheManagerCtrl) - http://www.candystand.com/assets/activex/virtools/CacheManager.CAB

    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

    O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\VAScanner\comHost.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

    O23 - Service: Symantec IS Verifiering av lösenord (ISPwdSvc) - Symantec Corporation - C:\Program\Norton Internet Security\isPwdSvc.exe

    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LIVEUP~1\LUCOMS~1.EXE

    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

    O23 - Service: Norton Save and Restore - Symantec Corporation - C:\Program\Norton Save and Restore\Agent\VProSvc.exe

    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

     

    --

    End of file - 10793 bytes

    [/log]

     


  3. [log]Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 00:34:33, on 2007-07-11

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Boot mode: Normal

     

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\Explorer.EXE

    C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

    C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    C:\Program\Norton Save and Restore\Agent\VProSvc.exe

    C:\WINDOWS\System32\nvsvc32.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program\Video ActiveX Access\imsmain.exe

    C:\Program\Video ActiveX Access\iesmn.exe

    C:\Program\Java\jre1.6.0_01\bin\jusched.exe

    C:\windows\system\hpsysdrv.exe

    C:\Program\Video ActiveX Access\imsmn.exe

    C:\WINDOWS\System32\hphmon05.exe

    C:\HP\KBD\KBD.EXE

    C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe

    C:\Program\InterVideo\Common\bin\WinCinemaMgr.exe

    C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe

    C:\Program\Video ActiveX Access\iesmin.exe

    C:\WINDOWS\system32\rundll32.exe

    C:\WINDOWS\ALCXMNTR.EXE

    C:\WINDOWS\System32\svchost.exe

    C:\Program\QuickTime\qttask.exe

    C:\Program\Delade filer\Symantec Shared\ccApp.exe

    C:\Program\Norton Save and Restore\Agent\NSRTray.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Program\HP\Digital Imaging\bin\hpqimzone.exe

    C:\WINDOWS\system32\wuauclt.exe

    C:\Program\Internet Explorer\iexplore.exe

    C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program\HP\Digital Imaging\Product Assistant\bin\hprblog.exe

    C:\Program\Trend Micro\HijackThis\HijackThis.exe

     

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

    O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\1.0\NppBho.dll

    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program\Yahoo!\Common\yiesrvc.dll

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll

    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: (no name) - {E26CEADA-67B0-4543-BE8B-307F00265118} - C:\Program\Video ActiveX Access\iesplg.dll

    O3 - Toolbar: Visa Norton-verktygsfältet - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program\Delade filer\Symantec Shared\coShared\Browser\1.0\UIBHO.dll

    O3 - Toolbar: Protection Bar - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - C:\Program\Video ActiveX Access\iesbpl.dll

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe"

    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe

    O4 - HKLM\..\Run: [HPHUPD05] c:\Program\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe

    O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe

    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

    O4 - HKLM\..\Run: [updateManager] "C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe" /r

    O4 - HKLM\..\Run: [WinCinemaMgr] C:\Program\InterVideo\Common\bin\WinCinemaMgr.exe

    O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe"

    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE

    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect

    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"

    O4 - HKLM\..\Run: [AutoTBar] c:\Program\HP\Digital Imaging\bin\AUTOTBAR.EXE

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

    O4 - HKLM\..\Run: [osCheck] "C:\Program\Norton Internet Security\osCheck.exe"

    O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

    O4 - HKLM\..\Run: [Norton Save and Restore] "C:\Program\Norton Save and Restore\Agent\NSRTray.exe"

    O4 - HKCU\..\Run: [steam] "c:\program\valve\steam\steam.exe" -silent

    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program\Yahoo!\Messenger\YahooMessenger.exe" -quiet

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program\Delade filer\Ahead\Lib\NMBgMonitor.exe"

    O4 - HKLM\..\Policies\Explorer\Run: [rare] C:\Program\Video ActiveX Access\imsmain.exe

    O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program\Video ActiveX Access\iesmn.exe

    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')

    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

    O4 - Global Startup: HP Image Zone Snabbstarta.lnk = C:\Program\HP\Digital Imaging\bin\hpqthb08.exe

    O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program\Yahoo!\Common/ycsrch.htm

    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program\Yahoo!\Common/ycdict.htm

    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program\Yahoo!\Common/ycmap.htm

    O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program\Yahoo!\Common/ycsms.htm

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll

    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program\Yahoo!\Common\yiesrvc.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab

    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab

    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program\Yahoo!\Common\yinsthelper.dll

    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab

    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab

    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1163231400500

    O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab

    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

    O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab

    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {DA80E089-4648-43D5-93B4-7F37917084E6} (CacheManager.CacheManagerCtrl) - http://www.candystand.com/assets/activex/virtools/CacheManager.CAB

    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

    O22 - SharedTaskScheduler: biocomputing - {98ca7898-6029-41ab-8f67-ea4f5e1afc22} - C:\WINDOWS\system32\myqlejy.dll

    O23 - Service: Automatisk LiveUpdate-schemaläggare - Symantec Corporation - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\VAScanner\comHost.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

    O23 - Service: Symantec IS Verifiering av lösenord (ISPwdSvc) - Symantec Corporation - C:\Program\Norton Internet Security\isPwdSvc.exe

    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LIVEUP~1\LUCOMS~1.EXE

    O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

    O23 - Service: Norton Save and Restore - Symantec Corporation - C:\Program\Norton Save and Restore\Agent\VProSvc.exe

    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

    O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

     

    --

    End of file - 11662 bytes[/log]

     

     

     

    [log]SmitFraudFix v2.202

     

    Scan done at 0:41:28,68, 2007-07-11

    Run from C:\Documents and Settings\Žgaren\Skrivbord\SmitfraudFix

    OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT

    The filesystem type is NTFS

    Fix run in normal mode

     

    »»»»»»»»»»»»»»»»»»»»»»»» Process

     

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\Explorer.EXE

    C:\Program\Delade filer\Symantec Shared\ccSvcHst.exe

    C:\Program\Delade filer\Symantec Shared\AppCore\AppSvc32.exe

    C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

    C:\Program\Norton Save and Restore\Agent\VProSvc.exe

    C:\WINDOWS\System32\nvsvc32.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program\Video ActiveX Access\imsmain.exe

    C:\Program\Video ActiveX Access\iesmn.exe

    C:\Program\Java\jre1.6.0_01\bin\jusched.exe

    C:\windows\system\hpsysdrv.exe

    C:\Program\Video ActiveX Access\imsmn.exe

    C:\WINDOWS\System32\hphmon05.exe

    C:\HP\KBD\KBD.EXE

    C:\Program\InterVideo\Common\bin\WinCinemaMgr.exe

    C:\Program\Delade filer\InterVideo\SchSvr\SchSvr.exe

    C:\Program\Video ActiveX Access\iesmin.exe

    C:\WINDOWS\system32\rundll32.exe

    C:\WINDOWS\ALCXMNTR.EXE

    C:\WINDOWS\System32\svchost.exe

    C:\Program\QuickTime\qttask.exe

    C:\Program\Delade filer\Symantec Shared\ccApp.exe

    C:\Program\Norton Save and Restore\Agent\NSRTray.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Program\HP\Digital Imaging\bin\hpqimzone.exe

    C:\Program\Internet Explorer\iexplore.exe

    C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Program\Delade filer\Microsoft Shared\Windows Live\WLLoginProxy.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Program\HP\Digital Imaging\Product Assistant\bin\hprblog.exe

    C:\Program\Trend Micro\HijackThis\HijackThis.exe

    C:\WINDOWS\system32\NOTEPAD.EXE

    C:\Program\Symantec\LIVEUP~1\LUCOMS~1.EXE

    C:\WINDOWS\system32\cmd.exe

     

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» C:

     

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

     

    C:\WINDOWS\system32\myqlejy.dll FOUND !

     

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Žgaren

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Žgaren\Application Data

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Start Menu

     

    C:\DOCUME~1\ALLUSE~1\START-~1\Online Security Guide.url FOUND !

    C:\DOCUME~1\ALLUSE~1\START-~1\Security Troubleshooting.url FOUND !

     

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\GAREN~1\FAVORI~1

     

    C:\DOCUME~1\GAREN~1\FAVORI~1\Online Security Test.url FOUND !

     

    »»»»»»»»»»»»»»»»»»»»»»»» Desktop

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program

     

    C:\Program\Video ActiveX Access\ FOUND !

     

    »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

     

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]

    "Source"="About:Home"

    "SubscribedURL"="About:Home"

    "FriendlyName"="Min aktuella startsida"

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler

    !!!Attention, following keys are not inevitably infected!!!

     

    SrchSTS.exe by S!Ri

    Search SharedTaskScheduler's .dll

     

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]

    "{98ca7898-6029-41ab-8f67-ea4f5e1afc22}"="biocomputing"

     

    [HKEY_CLASSES_ROOT\CLSID\{98ca7898-6029-41ab-8f67-ea4f5e1afc22}\InProcServer32]

    @="C:\WINDOWS\system32\myqlejy.dll"

     

    [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{98ca7898-6029-41ab-8f67-ea4f5e1afc22}\InProcServer32]

    @="C:\WINDOWS\system32\myqlejy.dll"

     

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs

    !!!Attention, following keys are not inevitably infected!!!

     

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    "AppInit_DLLs"=""

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

    !!!Attention, following keys are not inevitably infected!!!

     

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

    "System"=""

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Rustock

     

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» DNS

     

    Description: VIA Rhine II Fast Ethernet Adapter - Miniport för paketschemaläggning

    DNS Server Search Order: 195.67.199.18

    DNS Server Search Order: 195.67.199.19

     

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{B1CE5B86-BC22-4F1B-9718-E635DFC658FB}: DhcpNameServer=195.67.199.18 195.67.199.19

    HKLM\SYSTEM\CS1\Services\Tcpip\..\{B1CE5B86-BC22-4F1B-9718-E635DFC658FB}: DhcpNameServer=195.67.199.18 195.67.199.19

    HKLM\SYSTEM\CS2\Services\Tcpip\..\{B1CE5B86-BC22-4F1B-9718-E635DFC658FB}: DhcpNameServer=195.67.199.18 195.67.199.19

    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=195.67.199.18 195.67.199.19

    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=195.67.199.18 195.67.199.19

    HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=195.67.199.18 195.67.199.19

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection

     

     

    »»»»»»»»»»»»»»»»»»»»»»»» End

     

    [/log]

     

×
×
  • Skapa nytt...