Just nu i M3-nätverket
Gå till innehåll

lallarn

Medlem
  • Antal inlägg

    424
  • Gick med

  • Senaste besök

Om lallarn

  • Medlemstitel
    Aktiv
  • Födelsedag 1991-02-22

Profil

  • Ort
    sala
  1. Har datorn en inbyggd grafik intregerat i moderkortet?? testa med att koppla in där . Då får du reda på om det är grafikkortet om du då inte kör med det redan. Juste med tanke om att det är hårddisk eller minne glöm det. Bild i bios ska komma ändå! Det de kan vara är skärmen, grafikkort eller moderkort . [inlägget ändrat 2009-12-23 23:16:25 av lallarn]
  2. [log]Malwarebytes' Anti-Malware 1.42 Databasversion: 3418 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 2009-12-23 22:53:01 mbam-log-2009-12-23 (22-53-01).txt Skanningstyp: Snabb skanning Antal skannade objekt: 98853 Förfluten tid: 8 minute(s), 12 second(s) Infekterade minnesprocesser: 0 Infekterade minnesmoduler: 0 Infekterade registernycklar: 0 Infekterade registervärden: 1 Infekterade registerdataposter: 0 Infekterade mappar: 0 Infekterade filer: 0 Infekterade minnesprocesser: (Inga illasinnade poster hittades) Infekterade minnesmoduler: (Inga illasinnade poster hittades) Infekterade registernycklar: (Inga illasinnade poster hittades) Infekterade registervärden: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c:\windows\system32\v0230cvw.dll (Trojan.Agent) -> Quarantined and deleted successfully. Infekterade registerdataposter: (Inga illasinnade poster hittades) Infekterade mappar: (Inga illasinnade poster hittades) Infekterade filer: (Inga illasinnade poster hittades) [/log] [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:01:41, on 2009-12-23 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18349) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Personal\bin\Personal.exe C:\Program Files\Caplio Software\RGateLXP.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Symantec\LiveUpdate\LUALL.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe C:\Users\Thomas\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=SV_SE&c=74&bd=smb&pf=laptop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=SV_SE&c=74&bd=smb&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=SV_SE&c=74&bd=smb&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST') O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program Files\Personal\bin\Personal.exe O4 - Global Startup: RICOH Gate La.lnk = ? O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - http://fika-web.ifolor.net/ORDERINGGENERAL/LowRes/app_support/_2_1_6/ActiveX/IfolorUploader_fika.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fujidirekt.se/aurigma/ImageUploader5.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9665 bytes [/log]
  3. det är ett spionprogram. program som gömmer sig i din dator och lagrar information. Sedan kan den som installerat spionprogrammet via en kombination på tangentbordet logga in på en särskild panel på datorn för att se vad programmet har sparat för information. Bland annat tangentbordstryckningar via en keylogger, dina privata email, chattkonversationer och mycket annat. Spector kan även skicka informationen till en annan dator. Det informationen fick jag Ladda ner: http://www.spywareremove.com/removeSpector.html Till för att ta bort de spionprogrammet.
  4. Hej kan ni kolla den här loggen. Datorn gick segt en dag helt plösligt. Mhv / en osäker person [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:57:18, on 2009-12-23 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18349) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Windows\V0230Mon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Personal\bin\Personal.exe C:\Program Files\Caplio Software\RGateLXP.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe C:\Users\Thomas\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=SV_SE&c=74&bd=smb&pf=laptop'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=SV_SE&c=74&bd=smb&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=SV_SE&c=74&bd=smb&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [C:\Windows\system32\V0230Cvw.dll] C:\Windows\system32\RegSvr32.exe /s C:\Windows\system32\V0230Cvw.dll O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\V0230Mon.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST') O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program Files\Personal\bin\Personal.exe O4 - Global Startup: RICOH Gate La.lnk = ? O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} (IfolorUploader Control) - http://fika-web.ifolor.net/ORDERINGGENERAL/LowRes/app_support/_2_1_6/ActiveX/IfolorUploader_fika.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.fujidirekt.se/aurigma/ImageUploader5.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9798 bytes [/log]
  5. lallarn

    Upplösning

    Hej jag har en 32LG2000, kopplad till datorn. Dvi -> hdmi. http://shop.audiovideo.se/product.aspx?catguid=2db770b5-9242-4f19-8bd1-fba84aded787&subcatguid=9199f2ec-f804-4543-afd6-d24312d21b3e&pdtguid=cbcf23e1-03a2-414f-b9c4-9aadbd751b04 Det står överallt att det går med upplösningen 1366x768. Men det täcks inte över hela skärmen då.. bilden blir konstig, det går bra med 1360x768. Finns det inte inställningar till 16:9 på grafikkortet hittar inga såna inställningar heller. har Nividia 7900gs 256mb. Tack för mig!
  6. juste en till fråga vad har jag PCMCIA card till ? kan jag spela in program och föra över till bärbara eller vad har man den till ?
  7. Hej jag har köpt en ny tv. Den har två schart av1 oc av2. En digital audio out. En audio in (rgb/dvi). En comboent in. En av in 3 med video, audio l,r. Min förstärkare har bara audio L och R. Hur ska jag koppla in en sådan kabel till tv så jag får ljud ifrån den ?
  8. Hej jag har windows 3.1 orginal diskett. Är den värd något tror ni? ska jag plasta in den?
  9. Hej tänkte köpa ett hedset så kallade hörlurar och mic. Men vilken ska man ha ? tänkte mig en högre peng max något upp till tusen lappen. Vad är det man ska kolla efter om man vill ha så bra ljud som möjligt? vill ju få ut mycket av tusenlappen. Den ska vara täckande runt öronen det är borde skönare och inte lika jobbigt att ha på sig och dessutom bättre ljud då. ska till stockholm i morgon så vill ha ett snabbt svar helst:)
  10. de ska nog inte va något problem
  11. Starta datorn med gammla hårddisken.. Damp tryck på F8 knappen när du tryckt igång datorn.. Där finns det ett alternativ att logga in som felsäkert läge välj det. När du har kommit in logga in på administrantör. Där kan du ta bort lösenordet till din användare.
  12. hur är det med xp skivan då ? kanske repor eller något sånt. Testa göra rent den [inlägget ändrat 2008-05-29 14:30:47 av lallarn]
  13. [log]ComboFix 08-05-25.5 - Administratör 2008-05-28 14:46:11.4 - NTFSx86 MINIMAL Microsoft Windows XP Professional 5.1.2600.2.1252.1.1053.18.835 [GMT 2:00] Running from: C:\Documents and Settings\PeterA\Skrivbord\ComboFix.exe Command switches used :: C:\Documents and Settings\PeterA\Skrivbord\CFScript.txt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-04-28 to 2008-05-28 ))))))))))))))))))))))))))))))) . 2008-05-28 14:41 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-05-28 14:40 . 2008-05-28 14:41 <KAT> d-------- C:\Program\Java 2008-05-28 14:40 . 2008-05-28 14:40 <KAT> d-------- C:\Program\Delade filer\Java 2008-05-28 14:36 . 2008-05-28 14:36 <KAT> d-------- C:\WINDOWS\LastGood 2008-05-28 14:35 . 2008-05-28 14:35 48 --a------ C:\WINDOWS\system32\drivers\wnmsav.dat 2008-05-27 21:22 . 2008-05-27 21:22 <KAT> d-------- C:\WINDOWS\ERUNT 2008-05-27 21:19 . 2008-05-27 21:28 <KAT> d-------- C:\SDFix 2008-05-25 14:46 . 2008-05-25 14:46 <KAT> d-------- C:\Documents and Settings\PeterA\Application Data\Talkback 2008-05-25 14:45 . 2008-05-25 14:45 <KAT> d-------- C:\Program\mozilla.org 2008-05-25 14:45 . 2008-05-25 14:45 <KAT> d-------- C:\Program\Delade filer\mozilla.org 2008-05-25 14:45 . 2008-05-25 14:45 99,024 --a------ C:\WINDOWS\mozillauninstall.exe 2008-05-25 14:45 . 2008-05-25 14:45 98,512 --a------ C:\WINDOWS\GREUninstall.exe 2008-05-25 01:37 . 2008-05-25 01:37 <KAT> d-------- C:\Program\CCleaner 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\WINDOWS\system32\config\systemprofile\Lokala instõllningar 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\Documents and Settings\PeterA\Lokala instõllningar 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\Documents and Settings\NetworkService\Lokala instõllningar 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\Documents and Settings\LocalService\Lokala instõllningar 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\Documents and Settings\Administrat÷r\Lokala instõllningar 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\Documents and Settings\Administrat÷r 2008-05-24 13:46 . 2008-05-24 13:46 <KAT> d-------- C:\WINDOWS\system32\xircom 2008-05-24 13:46 . 2008-05-24 13:46 <KAT> d-------- C:\Program\microsoft frontpage 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> dr------- C:\Documents and Settings\Administratör\Start-meny 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> dr------- C:\Documents and Settings\Administratör\Start-meny 2008-05-24 10:23 . 2008-05-28 14:46 <KAT> d-------- C:\Documents and Settings\Administratör\Skrivbord 2008-05-24 10:23 . 2008-05-28 14:46 <KAT> d-------- C:\Documents and Settings\Administratör\Skrivbord 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d--h----- C:\Documents and Settings\Administratör\Skrivare 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d--h----- C:\Documents and Settings\Administratör\Skrivare 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d--h----- C:\Documents and Settings\Administratör\Nätverket 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d--h----- C:\Documents and Settings\Administratör\Nätverket 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d-------- C:\Documents and Settings\Administratör\Mina dokument 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d-------- C:\Documents and Settings\Administratör\Mina dokument 2008-05-24 10:23 . 2008-05-16 17:52 <KAT> d--h----- C:\Documents and Settings\Administratör\Mallar 2008-05-24 10:23 . 2008-05-16 17:52 <KAT> d--h----- C:\Documents and Settings\Administratör\Mallar 2008-05-24 10:23 . 2008-05-28 14:46 <KAT> d--h----- C:\Documents and Settings\Administratör\Lokala inställningar 2008-05-24 10:23 . 2008-05-28 14:46 <KAT> d--h----- C:\Documents and Settings\Administratör\Lokala inställningar 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d-------- C:\Documents and Settings\Administratör\Favoriter 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d-------- C:\Documents and Settings\Administratör\Favoriter 2008-05-24 10:23 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\Administratör\7zS8C4.tmp 2008-05-24 10:23 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\Administratör\7zS8C4.tmp 2008-05-24 10:23 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\Administratör\7zS8C1.tmp 2008-05-24 10:23 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\Administratör\7zS8C1.tmp 2008-05-24 10:23 . 2008-05-24 10:23 <KAT> d-------- C:\Documents and Settings\Administratör 2008-05-24 00:12 . 2008-05-24 00:12 48 --a------ C:\WINDOWS\wininit.ini 2008-05-23 23:58 . 2008-05-28 14:39 232,380 --a------ C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck 2008-05-23 23:57 . 2008-05-28 14:33 1,204 --a------ C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck 2008-05-23 14:09 . 2008-05-23 14:09 <KAT> d-------- C:\Program\Trend Micro 2008-05-23 14:03 . 2008-05-27 20:52 8,627 --a------ C:\WINDOWS\system32\PAV_FOG.OPC 2008-05-23 14:00 . 2008-05-28 14:33 13,880 --a------ C:\WINDOWS\system32\drivers\COMFiltr.sys 2008-05-23 13:59 . 2008-05-23 13:59 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\sentinel 2008-05-23 13:58 . 2008-05-23 13:58 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Backup 2008-05-23 13:57 . 2008-05-23 13:57 <KAT> d-------- C:\WINDOWS\system32\PAV 2008-05-23 13:57 . 2008-05-25 01:00 <KAT> d-------- C:\Program\Panda Security 2008-05-23 13:57 . 2008-05-23 13:57 <KAT> d--h----- C:\Program\InstallShield Installation Information 2008-05-23 13:55 . 2008-05-23 13:55 <KAT> d-------- C:\Program\Delade filer\Panda Software 2008-05-23 13:55 . 2007-07-12 13:49 178,872 --a------ C:\WINDOWS\system32\drivers\PavProc.sys 2008-05-23 13:55 . 2007-05-23 15:40 38,968 --a------ C:\WINDOWS\system32\drivers\ShlDrv51.sys 2008-05-23 00:19 . 2008-05-23 00:19 <KAT> d-------- C:\Documents and Settings\PeterA\Application Data\vlc 2008-05-22 22:43 . 2008-05-22 22:43 <KAT> d-------- C:\Program\VideoLAN 2008-05-22 21:41 . 2008-05-25 14:45 8,536 --a------ C:\WINDOWS\mozver.dat 2008-05-22 15:43 . 2008-05-25 14:46 335 --a------ C:\WINDOWS\nsreg.dat 2008-05-20 22:51 . 2008-05-25 01:47 <KAT> d-------- C:\Program\Delade filer\Symantec Shared 2008-05-20 22:50 . 2008-05-20 22:50 16,896 --a------ C:\WINDOWS\system32\Norton Updater.exe 2008-05-20 17:10 . 2007-04-09 13:23 28,040 --a------ C:\WINDOWS\system32\mdimon.dll 2008-05-20 17:10 . 2008-05-20 17:10 383 --a------ C:\WINDOWS\ODBC.INI 2008-05-20 17:09 . 2008-05-20 17:09 <KAT> d-------- C:\WINDOWS\SHELLNEW 2008-05-20 17:09 . 2008-05-20 17:09 <KAT> d-------- C:\Program\Microsoft.NET 2008-05-20 16:32 . 2008-05-20 16:32 <KAT> d-------- C:\Program\D-Tools 2008-05-20 16:32 . 2004-08-22 16:31 155,136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys 2008-05-20 16:32 . 2004-08-22 16:31 5,248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys 2008-05-20 16:31 . 2008-05-20 16:31 <KAT> d-------- C:\WINDOWS\Downloaded Installations 2008-05-18 17:13 . 2001-09-06 19:55 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-05-18 17:13 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2008-05-17 20:17 . 2008-05-17 20:17 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-05-17 20:16 . 2008-05-17 20:16 <KAT> d-------- C:\Program\Messenger Plus! Live 2008-05-17 15:34 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-05-17 15:34 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-05-17 14:56 . 2008-05-17 14:56 <KAT> d-------- C:\WINDOWS\Sun 2008-05-17 14:40 . 2008-05-25 00:52 <KAT> d-------- C:\Program\Delade filer\muvee Technologies 2008-05-17 14:40 . 2007-02-08 21:30 1,079,808 -ra------ C:\WINDOWS\system32\mfc80u.dll 2008-05-17 14:40 . 2007-02-08 21:30 626,688 -ra------ C:\WINDOWS\system32\msvcr80.dll 2008-05-17 14:40 . 2007-02-08 21:30 548,864 -ra------ C:\WINDOWS\system32\msvcp80.dll 2008-05-17 14:40 . 2007-02-08 21:30 95,744 -ra------ C:\WINDOWS\system32\atl80.dll 2008-05-17 14:39 . 2008-05-25 00:52 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-05-17 14:38 . 2008-05-17 14:38 <KAT> d-------- C:\Program\OLYMPUS 2008-05-16 23:21 . 2008-05-16 23:21 <KAT> d-------- C:\Program\Synaptics 2008-05-16 23:21 . 2008-05-20 07:26 <KAT> d-------- C:\Program\Microsoft Silverlight 2008-05-16 23:20 . 2008-05-16 23:20 <KAT> d-------- C:\Program\MSBuild 2008-05-16 23:17 . 2008-05-16 23:46 <KAT> d-------- C:\WINDOWS\system32\XPSViewer 2008-05-16 23:16 . 2008-05-16 23:16 <KAT> d-------- C:\Program\Reference Assemblies 2008-05-16 23:16 . 2008-05-16 23:16 <KAT> d-------- C:\Program\CONEXANT 2008-05-16 23:13 . 2008-05-16 23:13 <KAT> d-------- C:\WINDOWS\system32\URTTemp 2008-05-16 20:42 . 2008-05-16 20:42 <KAT> d-------- C:\Program\BitLord 2008-05-16 18:53 . 2008-02-15 10:19 172,032 --a------ C:\WINDOWS\system32\igfxres.dll 2008-05-16 18:50 . 2008-05-16 18:50 <KAT> d-------- C:\Program\MSXML 6.0 2008-05-16 18:47 . 2008-05-16 18:47 <KAT> d-------- C:\Documents and Settings\PeterA\Contacts 2008-05-16 18:45 . 2008-05-23 13:55 <KAT> d-------- C:\Program\Delade filer\InstallShield 2008-05-16 18:45 . 2008-05-16 18:45 <KAT> d-------- C:\Program\Broadcom 2008-05-16 18:45 . 2006-01-19 06:49 667,648 --a------ C:\WINDOWS\system32\BCMLogon.dll 2008-05-16 18:40 . 2008-05-16 18:46 <KAT> d--hsc--- C:\Program\Delade filer\WindowsLiveInstaller 2008-05-16 18:39 . 2008-05-24 23:08 <KAT> d-------- C:\Program\Windows Live 2008-05-16 18:39 . 2008-05-16 18:39 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-05-16 18:25 . 2008-05-16 18:27 <KAT> d-------- C:\WINDOWS\system32\CatRoot_bak 2008-05-16 18:11 . 2008-05-16 18:11 <KAT> d-------- C:\WINDOWS\system32\Lang 2008-05-16 18:10 . 2008-05-16 18:10 <KAT> d-------- C:\Program\Intel 2008-05-16 18:10 . 2008-05-16 18:10 <KAT> d-------- C:\Intel 2008-05-16 18:10 . 2007-07-26 13:45 53,248 --a------ C:\WINDOWS\system32\CSVer.dll 2008-05-16 18:03 . 2008-05-16 18:03 <KAT> d-------- C:\Program\Windows Media Connect 2 2008-05-16 18:02 . 2008-05-16 18:02 <KAT> d-------- C:\WINDOWS\system32\LogFiles 2008-05-16 18:02 . 2008-05-16 18:02 <KAT> d-------- C:\WINDOWS\system32\drivers\UMDF 2008-05-16 18:02 . 2007-10-05 15:42 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-05-16 18:01 . 2004-08-04 09:34 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-05-16 18:00 . 2008-05-16 19:39 <KAT> dr------- C:\Documents and Settings\PeterA\Start-meny 2008-05-16 18:00 . 2008-05-28 14:46 <KAT> d-------- C:\Documents and Settings\PeterA\Skrivbord 2008-05-16 18:00 . 2008-05-16 19:39 <KAT> d--h----- C:\Documents and Settings\PeterA\Skrivare 2008-05-16 18:00 . 2008-05-21 18:27 <KAT> d--h----- C:\Documents and Settings\PeterA\Nätverket 2008-05-16 18:00 . 2008-05-21 17:49 <KAT> dr------- C:\Documents and Settings\PeterA\Mina dokument 2008-05-16 18:00 . 2008-05-16 17:52 <KAT> d--h----- C:\Documents and Settings\PeterA\Mallar 2008-05-16 18:00 . 2008-05-28 14:46 <KAT> d--h----- C:\Documents and Settings\PeterA\Lokala inställningar 2008-05-16 18:00 . 2008-05-16 18:02 <KAT> dr------- C:\Documents and Settings\PeterA\Favoriter 2008-05-16 18:00 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\PeterA\7zS8C4.tmp 2008-05-16 18:00 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\PeterA\7zS8C1.tmp 2008-05-16 18:00 . 2008-05-26 16:55 <KAT> d-------- C:\Documents and Settings\PeterA 2008-05-16 18:00 . 2003-02-26 22:27 36,864 --------- C:\WINDOWS\system32\wbsys.dll 2008-05-16 18:00 . 2005-01-22 20:05 20,480 --a------ C:\WINDOWS\system32\wbload.dll 2008-05-16 18:00 . 2007-02-14 00:34 1,754 --a------ C:\WINDOWS\system32\CHOICE.COM . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-28 12:39 232,380 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT 2008-05-28 12:33 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG 2008-05-22 22:19 --------- d-----w C:\Documents and Settings\PeterA\Application Data\vlc 2008-05-20 20:50 117,248 ----a-w C:\WINDOWS\system32\mqtgsvc.exe 2008-05-16 15:58 --------- d-----w C:\Program\MSXML 4.0 2008-05-16 15:55 --------- d-----w C:\Program\Onlinetjänster 2008-03-25 04:52 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:52 621,344 ------w C:\WINDOWS\system32\dllcache\mswstr10.dll 2008-03-25 04:52 162,592 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-25 04:52 162,592 ------w C:\WINDOWS\system32\dllcache\msjint40.dll 2008-03-20 08:01 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-20 08:01 1,845,888 ------w C:\WINDOWS\system32\dllcache\win32k.sys 2008-03-12 11:10 633,344 ------w C:\WINDOWS\system32\gpprefcl.dll 2008-03-07 08:26 920,088 ----a-w C:\WINDOWS\system32\igxpun.exe 2008-03-01 14:02 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll 2008-02-29 09:00 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2008-02-29 09:00 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe . ------- Sigcheck ------- 2008-01-19 08:31 360832 ddd3d4ae703c7ceee45041b58ae243ff C:\WINDOWS\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((( snapshot_2008-05-26_23.44.53,51 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-26 21:42:30 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-28 12:45:09 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-27 01:11:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-05-27 19:22:37 487,424 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-05-27 19:22:37 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-05-27 01:11:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-05-27 19:22:36 487,424 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT + 2008-05-27 19:22:36 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat - 2007-12-13 20:27:22 135,168 ----a-w C:\WINDOWS\system32\java.exe + 2008-03-24 23:28:39 135,168 ----a-w C:\WINDOWS\system32\java.exe - 2007-12-13 20:27:24 135,168 ----a-w C:\WINDOWS\system32\javaw.exe + 2008-03-24 23:28:43 135,168 ----a-w C:\WINDOWS\system32\javaw.exe - 2007-12-13 21:29:16 139,264 ----a-w C:\WINDOWS\system32\javaws.exe + 2008-03-25 00:37:01 139,264 ----a-w C:\WINDOWS\system32\javaws.exe - 2008-05-26 20:47:05 71,642 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-05-28 12:37:01 71,642 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-05-26 20:47:05 83,496 ----a-w C:\WINDOWS\system32\perfc01D.dat + 2008-05-28 12:37:01 83,496 ----a-w C:\WINDOWS\system32\perfc01D.dat - 2008-05-26 20:47:05 441,958 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-05-28 12:37:01 441,958 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-05-26 20:47:05 444,034 ----a-w C:\WINDOWS\system32\perfh01D.dat + 2008-05-28 12:37:01 444,034 ----a-w C:\WINDOWS\system32\perfh01D.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:34 15360] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" [] "nltide_3"="advpack.dll" [2008-03-01 15:02 124928 C:\WINDOWS\system32\advpack.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-02-15 10:16 135168] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-02-15 10:16 159744] "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2008-02-15 10:16 131072] "Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2006-01-19 06:49 1236992] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-26 22:44 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe] "SynTPEnh"="C:\Program\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 19:04 1028096] "DAEMON Tools-1033"="C:\Program\D-Tools\daemon.exe" [2004-08-22 17:05 81920] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:34 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" [] "nltide_3"="advpack.dll" [2008-03-01 15:02 124928 C:\WINDOWS\system32\advpack.dll] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program\\BitLord\\BitLord.exe"= S1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-09-28 13:05] S1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 08:33] S1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-11-14 17:48] S1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 10:39] S1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-10-25 08:50] S1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-05-23 15:40] S1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 08:33] S1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 08:33] S2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2007-06-08 07:44] S2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 13:49] S3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys [] S3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\system32\DRIVERS\COMFiltr.sys [2008-05-28 14:33] S3 NETIMFLT01050097;PANDA NDIS IM Filter Miniport v1.5.0.97;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-11-19 13:01] S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys [] S3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys [] *Newly Created Service* - MDMXSDK . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-28 14:46:58 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-05-28 14:47:22 ComboFix-quarantined-files.txt 2008-05-28 12:47:20 ComboFix2.txt 2008-05-28 06:32:54 ComboFix3.txt 2008-05-26 21:45:00 ComboFix4.txt 2008-05-24 11:48:58 Pre-Run: 43,429,498,880 byte ledigt Post-Run: 43,421,585,408 byte ledigt 257 --- E O F --- 2008-05-24 11:52:02 [/log] Ja det värkar vara borta.
  14. [log]ComboFix 08-05-25.5 - Administratör 2008-05-28 8:31:43.3 - NTFSx86 MINIMAL Microsoft Windows XP Professional 5.1.2600.2.1252.1.1053.18.834 [GMT 2:00] Running from: C:\Documents and Settings\PeterA\Skrivbord\ComboFix.exe Command switches used :: C:\Documents and Settings\PeterA\Skrivbord\CFScript.txt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\BM7f7a2a3f.xml C:\WINDOWS\langorig.ini C:\WINDOWS\system32\dnmykbbl.ini C:\WINDOWS\system32\drivers\wnmsav.dat C:\WINDOWS\system32\fwownuve.dll C:\WINDOWS\system32\gpbrlxnj.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\BM7f7a2a3f.xml C:\WINDOWS\langorig.ini C:\WINDOWS\system32\dnmykbbl.ini C:\WINDOWS\system32\drivers\wnmsav.dat C:\WINDOWS\system32\fwownuve.dll C:\WINDOWS\system32\gpbrlxnj.dll . ((((((((((((((((((((((((( Files Created from 2008-04-28 to 2008-05-28 ))))))))))))))))))))))))))))))) . 2008-05-27 21:22 . 2008-05-27 21:22 <KAT> d-------- C:\WINDOWS\ERUNT 2008-05-27 21:19 . 2008-05-27 21:28 <KAT> d-------- C:\SDFix 2008-05-25 14:46 . 2008-05-25 14:46 <KAT> d-------- C:\Documents and Settings\PeterA\Application Data\Talkback 2008-05-25 14:45 . 2008-05-25 14:45 <KAT> d-------- C:\Program\mozilla.org 2008-05-25 14:45 . 2008-05-25 14:45 <KAT> d-------- C:\Program\Delade filer\mozilla.org 2008-05-25 14:45 . 2008-05-25 14:45 99,024 --a------ C:\WINDOWS\mozillauninstall.exe 2008-05-25 14:45 . 2008-05-25 14:45 98,512 --a------ C:\WINDOWS\GREUninstall.exe 2008-05-25 01:37 . 2008-05-25 01:37 <KAT> d-------- C:\Program\CCleaner 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\WINDOWS\system32\config\systemprofile\Lokala instõllningar 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\Documents and Settings\PeterA\Lokala instõllningar 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\Documents and Settings\NetworkService\Lokala instõllningar 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\Documents and Settings\LocalService\Lokala instõllningar 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\Documents and Settings\Administrat÷r\Lokala instõllningar 2008-05-24 13:49 . 2008-05-24 13:49 <KAT> d-------- C:\Documents and Settings\Administrat÷r 2008-05-24 13:46 . 2008-05-24 13:46 <KAT> d-------- C:\WINDOWS\system32\xircom 2008-05-24 13:46 . 2008-05-24 13:46 <KAT> d-------- C:\Program\microsoft frontpage 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> dr------- C:\Documents and Settings\Administratör\Start-meny 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> dr------- C:\Documents and Settings\Administratör\Start-meny 2008-05-24 10:23 . 2008-05-28 08:31 <KAT> d-------- C:\Documents and Settings\Administratör\Skrivbord 2008-05-24 10:23 . 2008-05-28 08:31 <KAT> d-------- C:\Documents and Settings\Administratör\Skrivbord 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d--h----- C:\Documents and Settings\Administratör\Skrivare 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d--h----- C:\Documents and Settings\Administratör\Skrivare 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d--h----- C:\Documents and Settings\Administratör\Nätverket 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d--h----- C:\Documents and Settings\Administratör\Nätverket 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d-------- C:\Documents and Settings\Administratör\Mina dokument 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d-------- C:\Documents and Settings\Administratör\Mina dokument 2008-05-24 10:23 . 2008-05-16 17:52 <KAT> d--h----- C:\Documents and Settings\Administratör\Mallar 2008-05-24 10:23 . 2008-05-16 17:52 <KAT> d--h----- C:\Documents and Settings\Administratör\Mallar 2008-05-24 10:23 . 2008-05-28 08:32 <KAT> d--h----- C:\Documents and Settings\Administratör\Lokala inställningar 2008-05-24 10:23 . 2008-05-28 08:32 <KAT> d--h----- C:\Documents and Settings\Administratör\Lokala inställningar 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d-------- C:\Documents and Settings\Administratör\Favoriter 2008-05-24 10:23 . 2008-05-16 19:39 <KAT> d-------- C:\Documents and Settings\Administratör\Favoriter 2008-05-24 10:23 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\Administratör\7zS8C4.tmp 2008-05-24 10:23 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\Administratör\7zS8C4.tmp 2008-05-24 10:23 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\Administratör\7zS8C1.tmp 2008-05-24 10:23 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\Administratör\7zS8C1.tmp 2008-05-24 10:23 . 2008-05-24 10:23 <KAT> d-------- C:\Documents and Settings\Administratör 2008-05-24 00:12 . 2008-05-24 00:12 48 --a------ C:\WINDOWS\wininit.ini 2008-05-23 23:58 . 2008-05-27 21:55 228,036 --a------ C:\WINDOWS\system32\drivers\APPFCONT.DAT.bck 2008-05-23 23:57 . 2008-05-28 08:10 1,204 --a------ C:\WINDOWS\system32\drivers\APPFLTR.CFG.bck 2008-05-23 14:09 . 2008-05-23 14:09 <KAT> d-------- C:\Program\Trend Micro 2008-05-23 14:03 . 2008-05-27 20:52 8,627 --a------ C:\WINDOWS\system32\PAV_FOG.OPC 2008-05-23 14:00 . 2008-05-27 21:26 13,880 --a------ C:\WINDOWS\system32\drivers\COMFiltr.sys 2008-05-23 13:59 . 2008-05-23 13:59 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\sentinel 2008-05-23 13:58 . 2008-05-23 13:58 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Backup 2008-05-23 13:57 . 2008-05-23 13:57 <KAT> d-------- C:\WINDOWS\system32\PAV 2008-05-23 13:57 . 2008-05-25 01:00 <KAT> d-------- C:\Program\Panda Security 2008-05-23 13:57 . 2008-05-23 13:57 <KAT> d--h----- C:\Program\InstallShield Installation Information 2008-05-23 13:55 . 2008-05-23 13:55 <KAT> d-------- C:\Program\Delade filer\Panda Software 2008-05-23 13:55 . 2007-07-12 13:49 178,872 --a------ C:\WINDOWS\system32\drivers\PavProc.sys 2008-05-23 13:55 . 2007-05-23 15:40 38,968 --a------ C:\WINDOWS\system32\drivers\ShlDrv51.sys 2008-05-23 00:19 . 2008-05-23 00:19 <KAT> d-------- C:\Documents and Settings\PeterA\Application Data\vlc 2008-05-22 22:43 . 2008-05-22 22:43 <KAT> d-------- C:\Program\VideoLAN 2008-05-22 21:41 . 2008-05-25 14:45 8,536 --a------ C:\WINDOWS\mozver.dat 2008-05-22 15:43 . 2008-05-25 14:46 335 --a------ C:\WINDOWS\nsreg.dat 2008-05-20 22:51 . 2008-05-25 01:47 <KAT> d-------- C:\Program\Delade filer\Symantec Shared 2008-05-20 22:50 . 2008-05-20 22:50 16,896 --a------ C:\WINDOWS\system32\Norton Updater.exe 2008-05-20 17:10 . 2007-04-09 13:23 28,040 --a------ C:\WINDOWS\system32\mdimon.dll 2008-05-20 17:10 . 2008-05-20 17:10 383 --a------ C:\WINDOWS\ODBC.INI 2008-05-20 17:09 . 2008-05-20 17:09 <KAT> d-------- C:\WINDOWS\SHELLNEW 2008-05-20 17:09 . 2008-05-20 17:09 <KAT> d-------- C:\Program\Microsoft.NET 2008-05-20 16:32 . 2008-05-20 16:32 <KAT> d-------- C:\Program\D-Tools 2008-05-20 16:32 . 2004-08-22 16:31 155,136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys 2008-05-20 16:32 . 2004-08-22 16:31 5,248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys 2008-05-20 16:31 . 2008-05-20 16:31 <KAT> d-------- C:\WINDOWS\Downloaded Installations 2008-05-18 17:13 . 2001-09-06 19:55 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-05-18 17:13 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2008-05-17 20:17 . 2008-05-17 20:17 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-05-17 20:16 . 2008-05-17 20:16 <KAT> d-------- C:\Program\Messenger Plus! Live 2008-05-17 15:34 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-05-17 15:34 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-05-17 14:56 . 2008-05-17 14:56 <KAT> d-------- C:\WINDOWS\Sun 2008-05-17 14:40 . 2008-05-25 00:52 <KAT> d-------- C:\Program\Delade filer\muvee Technologies 2008-05-17 14:40 . 2007-02-08 21:30 1,079,808 -ra------ C:\WINDOWS\system32\mfc80u.dll 2008-05-17 14:40 . 2007-02-08 21:30 626,688 -ra------ C:\WINDOWS\system32\msvcr80.dll 2008-05-17 14:40 . 2007-02-08 21:30 548,864 -ra------ C:\WINDOWS\system32\msvcp80.dll 2008-05-17 14:40 . 2007-02-08 21:30 95,744 -ra------ C:\WINDOWS\system32\atl80.dll 2008-05-17 14:39 . 2008-05-25 00:52 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-05-17 14:38 . 2008-05-17 14:38 <KAT> d-------- C:\Program\OLYMPUS 2008-05-16 23:21 . 2008-05-16 23:21 <KAT> d-------- C:\Program\Synaptics 2008-05-16 23:21 . 2008-05-20 07:26 <KAT> d-------- C:\Program\Microsoft Silverlight 2008-05-16 23:20 . 2008-05-16 23:20 <KAT> d-------- C:\Program\MSBuild 2008-05-16 23:17 . 2008-05-16 23:46 <KAT> d-------- C:\WINDOWS\system32\XPSViewer 2008-05-16 23:16 . 2008-05-16 23:16 <KAT> d-------- C:\Program\Reference Assemblies 2008-05-16 23:16 . 2008-05-16 23:16 <KAT> d-------- C:\Program\CONEXANT 2008-05-16 23:13 . 2008-05-16 23:13 <KAT> d-------- C:\WINDOWS\system32\URTTemp 2008-05-16 20:42 . 2008-05-16 20:42 <KAT> d-------- C:\Program\BitLord 2008-05-16 18:53 . 2008-02-15 10:19 172,032 --a------ C:\WINDOWS\system32\igfxres.dll 2008-05-16 18:50 . 2008-05-16 18:50 <KAT> d-------- C:\Program\MSXML 6.0 2008-05-16 18:47 . 2008-05-16 18:47 <KAT> d-------- C:\Documents and Settings\PeterA\Contacts 2008-05-16 18:45 . 2008-05-23 13:55 <KAT> d-------- C:\Program\Delade filer\InstallShield 2008-05-16 18:45 . 2008-05-16 18:45 <KAT> d-------- C:\Program\Broadcom 2008-05-16 18:45 . 2006-01-19 06:49 667,648 --a------ C:\WINDOWS\system32\BCMLogon.dll 2008-05-16 18:40 . 2008-05-16 18:46 <KAT> d--hsc--- C:\Program\Delade filer\WindowsLiveInstaller 2008-05-16 18:39 . 2008-05-24 23:08 <KAT> d-------- C:\Program\Windows Live 2008-05-16 18:39 . 2008-05-16 18:39 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-05-16 18:25 . 2008-05-16 18:27 <KAT> d-------- C:\WINDOWS\system32\CatRoot_bak 2008-05-16 18:11 . 2008-05-16 18:11 <KAT> d-------- C:\WINDOWS\system32\Lang 2008-05-16 18:10 . 2008-05-16 18:10 <KAT> d-------- C:\Program\Intel 2008-05-16 18:10 . 2008-05-16 18:10 <KAT> d-------- C:\Intel 2008-05-16 18:10 . 2007-07-26 13:45 53,248 --a------ C:\WINDOWS\system32\CSVer.dll 2008-05-16 18:03 . 2008-05-16 18:03 <KAT> d-------- C:\Program\Windows Media Connect 2 2008-05-16 18:02 . 2008-05-16 18:02 <KAT> d-------- C:\WINDOWS\system32\LogFiles 2008-05-16 18:02 . 2008-05-16 18:02 <KAT> d-------- C:\WINDOWS\system32\drivers\UMDF 2008-05-16 18:02 . 2007-10-05 15:42 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-05-16 18:01 . 2008-05-16 18:01 <KAT> d-------- C:\Program\Java 2008-05-16 18:01 . 2008-05-16 18:01 <KAT> d-------- C:\Program\Delade filer\Java 2008-05-16 18:01 . 2004-08-04 09:34 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-05-16 18:01 . 2007-12-13 23:29 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-05-16 18:00 . 2008-05-16 19:39 <KAT> dr------- C:\Documents and Settings\PeterA\Start-meny 2008-05-16 18:00 . 2008-05-28 08:32 <KAT> d-------- C:\Documents and Settings\PeterA\Skrivbord 2008-05-16 18:00 . 2008-05-16 19:39 <KAT> d--h----- C:\Documents and Settings\PeterA\Skrivare 2008-05-16 18:00 . 2008-05-21 18:27 <KAT> d--h----- C:\Documents and Settings\PeterA\Nätverket 2008-05-16 18:00 . 2008-05-21 17:49 <KAT> dr------- C:\Documents and Settings\PeterA\Mina dokument 2008-05-16 18:00 . 2008-05-16 17:52 <KAT> d--h----- C:\Documents and Settings\PeterA\Mallar 2008-05-16 18:00 . 2008-05-28 08:32 <KAT> d--h----- C:\Documents and Settings\PeterA\Lokala inställningar 2008-05-16 18:00 . 2008-05-16 18:02 <KAT> dr------- C:\Documents and Settings\PeterA\Favoriter 2008-05-16 18:00 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\PeterA\7zS8C4.tmp 2008-05-16 18:00 . 2008-05-16 17:56 <KAT> d-------- C:\Documents and Settings\PeterA\7zS8C1.tmp 2008-05-16 18:00 . 2008-05-26 16:55 <KAT> d-------- C:\Documents and Settings\PeterA 2008-05-16 18:00 . 2003-02-26 22:27 36,864 --------- C:\WINDOWS\system32\wbsys.dll 2008-05-16 18:00 . 2005-01-22 20:05 20,480 --a------ C:\WINDOWS\system32\wbload.dll 2008-05-16 18:00 . 2007-02-14 00:34 1,754 --a------ C:\WINDOWS\system32\CHOICE.COM . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-28 06:10 1,204 ----a-w C:\WINDOWS\system32\drivers\APPFLTR.CFG 2008-05-27 19:55 228,036 ----a-w C:\WINDOWS\system32\drivers\APPFCONT.DAT 2008-05-22 22:19 --------- d-----w C:\Documents and Settings\PeterA\Application Data\vlc 2008-05-20 20:50 117,248 ----a-w C:\WINDOWS\system32\mqtgsvc.exe 2008-05-16 15:58 --------- d-----w C:\Program\MSXML 4.0 2008-05-16 15:55 --------- d-----w C:\Program\Onlinetjänster 2008-03-25 04:52 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:52 621,344 ------w C:\WINDOWS\system32\dllcache\mswstr10.dll 2008-03-25 04:52 162,592 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-25 04:52 162,592 ------w C:\WINDOWS\system32\dllcache\msjint40.dll 2008-03-20 08:01 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-20 08:01 1,845,888 ------w C:\WINDOWS\system32\dllcache\win32k.sys 2008-03-12 11:10 633,344 ------w C:\WINDOWS\system32\gpprefcl.dll 2008-03-07 08:26 920,088 ----a-w C:\WINDOWS\system32\igxpun.exe 2008-03-01 14:02 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll 2008-02-29 09:00 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe 2008-02-29 09:00 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe . ------- Sigcheck ------- 2008-01-19 08:31 360832 ddd3d4ae703c7ceee45041b58ae243ff C:\WINDOWS\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((( snapshot_2008-05-26_23.44.53,51 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-26 21:42:30 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-28 06:29:17 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-27 01:11:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-05-27 19:22:37 487,424 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-05-27 19:22:37 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-05-27 01:11:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-05-27 19:22:36 487,424 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT + 2008-05-27 19:22:36 8,192 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat - 2008-05-26 20:47:05 71,642 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-05-28 06:14:24 71,642 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-05-26 20:47:05 83,496 ----a-w C:\WINDOWS\system32\perfc01D.dat + 2008-05-28 06:14:24 83,496 ----a-w C:\WINDOWS\system32\perfc01D.dat - 2008-05-26 20:47:05 441,958 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-05-28 06:14:24 441,958 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-05-26 20:47:05 444,034 ----a-w C:\WINDOWS\system32\perfh01D.dat + 2008-05-28 06:14:24 444,034 ----a-w C:\WINDOWS\system32\perfh01D.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:34 15360] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" [] "nltide_3"="advpack.dll" [2008-03-01 15:02 124928 C:\WINDOWS\system32\advpack.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 01:12 144784] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-02-15 10:16 135168] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-02-15 10:16 159744] "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2008-02-15 10:16 131072] "Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2006-01-19 06:49 1236992] "High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-07-26 22:44 61952 C:\WINDOWS\system32\CHDAudPropShortcut.exe] "SynTPEnh"="C:\Program\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 19:04 1028096] "DAEMON Tools-1033"="C:\Program\D-Tools\daemon.exe" [2004-08-22 17:05 81920] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:34 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" [] "nltide_3"="advpack.dll" [2008-03-01 15:02 124928 C:\WINDOWS\system32\advpack.dll] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] avldr.dll 2007-02-15 19:02 50736 C:\WINDOWS\system32\avldr.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program\\BitLord\\BitLord.exe"= S1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2007-09-28 13:05] S1 DSAFLT;DSA Filter Plugin;C:\WINDOWS\system32\Drivers\DSAFLT.SYS [2007-05-11 08:33] S1 FNETMON;NetMon Filter Plugin;C:\WINDOWS\system32\Drivers\fnetmon.SYS [2007-11-14 17:48] S1 IDSFLT;Ids Filter Plugin;C:\WINDOWS\system32\Drivers\IDSFLT.SYS [2007-07-11 10:39] S1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2007-10-25 08:50] S1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2007-05-23 15:40] S1 SMSFLT;SMS Filter Plugin;C:\WINDOWS\system32\Drivers\SMSFLT.SYS [2007-05-11 08:33] S1 WNMFLT;Wifi Monitor Filter Plugin;C:\WINDOWS\system32\Drivers\WNMFLT.SYS [2007-05-11 08:33] S2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2007-06-08 07:44] S2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2007-07-12 13:49] S3 AvFlt;Antivirus Filter Driver;C:\WINDOWS\system32\drivers\av5flt.sys [] S3 ComFiltr;Panda Anti-Dialer;C:\WINDOWS\system32\DRIVERS\COMFiltr.sys [2008-05-27 21:26] S3 NETIMFLT01050097;PANDA NDIS IM Filter Miniport v1.5.0.97;C:\WINDOWS\system32\DRIVERS\netimflt.sys [2007-11-19 13:01] S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\system32\PavSRK.sys [] S3 PavTPK.sys;PavTPK.sys;C:\WINDOWS\system32\PavTPK.sys [] *Newly Created Service* - MDMXSDK [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E93F94EE-7680-6CCD-AFB3-AE7CEC620937}] C:\WINDOWS\system32:winregpi.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-28 08:32:30 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-05-28 8:32:53 ComboFix-quarantined-files.txt 2008-05-28 06:32:51 ComboFix2.txt 2008-05-26 21:45:00 ComboFix3.txt 2008-05-24 11:48:58 Pre-Run: 43,499,532,288 byte ledigt Post-Run: 43,492,405,248 byte ledigt 266 --- E O F --- 2008-05-24 11:52:02 [/log] [log]Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:39, on 2008-05-28 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program\Panda Security\Panda Internet Security 2008\TPSrv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Panda Security\Panda Internet Security 2008\PsCtrls.exe C:\Program\Panda Security\Panda Internet Security 2008\PavFnSvr.exe C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe C:\Program\Panda Security\Panda Internet Security 2008\pavsrv51.exe C:\Program\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe C:\Program\Panda Security\Panda Internet Security 2008\AVENGINE.EXE c:\program\panda security\panda internet security 2008\firewall\PSHOST.EXE C:\Program\Panda Security\Panda Internet Security 2008\PsImSvc.exe C:\WINDOWS\Explorer.EXE C:\Program\Panda Security\Panda Internet Security 2008\ApvxdWin.exe C:\Program\Java\jre1.6.0_04\bin\jusched.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE C:\Program\Panda Security\Panda Internet Security 2008\WebProxy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program\Panda Security\Panda Internet Security 2008\psimreal.exe C:\Program\Panda Security\Panda Internet Security 2008\PavBckPT.exe C:\Program\mozilla.org\Mozilla\mozilla.exe C:\Program\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1210972071953 O23 - Service: Panda Software Controller - Panda Software International - C:\Program\Panda Security\Panda Internet Security 2008\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program\Panda Security\Panda Internet Security 2008\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program\Panda Security\Panda Internet Security 2008\pavsrv51.exe O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program\panda security\panda internet security 2008\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program\Panda Security\Panda Internet Security 2008\PsImSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program\Panda Security\Panda Internet Security 2008\TPSrv.exe O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 6521 bytes [/log]
×
×
  • Skapa nytt...