Cloud
-
Innlegg
1 132 -
Ble med
-
Besøkte siden sist
Innholdstype
Profiler
Forum
Hendelser
Blogger
Om forumet
Innlegg skrevet av Cloud
-
-
Etter å ha gått til innkjøp av en stasjonær skal jeg selge min Dell XPS 1710.
Kan se ut som at jeg har en kamerat som har lyst på den, og er ikke ute etter å tyne mest penger ut av han. Vil bare komme frem til en pris som kan være fornuftig for begge. Derfor trenger jeg litt tips av dere på hvor mye den kan være vært nå.
Er følgende i XPS'en:
Dual-core 2,16GHz CPU
4GB ram
250GB hdd
m7950 GTX skjermkort
Husker ikke hva skjermtypen het, men var den dyreste (1920x1080 oppløsning)
Det er vel det som er vært å nevne. Batteri og lader fungerer også perfekt.
Jeg har tenkt på noe sånt som 3500,- Kanskje 4000,- men får jo en splitter ny laptop til den prisen så er litt usikker.
Tar gjerne imot tips!
-
Ok, da er jeg ihvertfall klar over det.
Skjermkorter er betalt og på vei så vil nok beholde det.
Men vet du hvor disse adapterene selges Randyboy?
-
Shit, dette var jeg ikke klar over når jeg bestilte.
Men hvorfor trengs det en aktiv adapter? I mitt hode høres det greit ut med en dp-->dvi kabel bare.
-
Har et siste spørsmål her. Gjelder oppkobling av Eyefinity -->3skjermer, men bruker denne poster fremfor å lage en ny.
I videoen jeg linket i første post forklarer den hyggelige mannen at jeg trenger 1 stk "active miniport to DVI adapter".
Hvorfor kan jeg ikke bare kjøpe en tredje miniport-->dvi kabel som følger med?
Og hvis det viser seg at jeg MÅ ha denne adapteren, hvor får man kjøpt det?
På forhånd takk!
-
Har gått til innkjøp av et "eyefinity" kort og skal i den sammenheng bruke 3 skjermer til gaming.
Bestilt en SÅNN HER EN, men er redd kantene er alt for brede til at jeg blir fornøyd.
Siden jeg skal kjøpe 3 stykker spiller prisen en liten rolle, men er villig til å legge i litt mer hvis kantene blir mye smalere.
Har dere noen tips til en eventuelt bedre skjerm?
-
Bumpetibump.
Oppdatert første posten med det jeg har bestilt.
Fint hvis noen får tatt en titt på det det.
-
Takk skal du ha, skjønte litt mer nå.
Må altså ut med rundt 4000,- for å få et slikt oppsett.
Men siden jeg uansett må ut med 3200,- for 2x460 som jeg har planlagt så er det kanskje like greit å kjøpe et kort med eyefinity.
-
Har planer om å kjøpe 1 stk av nvidia sitt nye 460 kort. Dette tror jeg har 2xDVI utganger. Vil det fungere med 3 skjermer (kanskje 4) i et oppsett ala dette som vises i videoen når jeg en gang i fremtiden oppgraderer til 2x460 kort?? Eller er jeg nødt til å kjøpe de mye dyrere ATI kortene?
-
Takk så mye for svar.
Så veldig interessant ut det 3-skjer oppsettet som var vist i videoen.
Er dette kun mulig med et ATI skjermkort?
Etter å ha lest testet av MSI sitt GTX 460 kort på hw.no heller jeg mer og mer mot denne kjernen, så lenge det er mulig med flere skjermer og SLI.
Ang de oppsettene du satt opp tror jeg det blir litt i dyreste laget. Ender opp på ca 13.500,- med 2 skjermer på det første og 12.000,- med det andre.
En annen ting jeg lurer litt på; er det slik at HK bestemmer hvilket skjermkort som passer, eller er det som i gamle dager at så lenge det er pci-E så passer alt? Og støtter "alle" nye skjermkort SLI/CF?
-
Hei alle sammen!
5-6 år siden sist jeg bygget en pc så trenger nå litt hjelp for å sette sammen riktige komponeneter.
Maskinene skal i all hovedsak brukes til gaming, men litt videoredigering kan også forekomme.
Tenkte å kjøpe litt av delene nå og bygge ut etterhvert når det trengs med f.eks. SLI/CF og mer minne + hdd.
Mulighet for OC er ikke dumt, men vil ikke bruke noe penger på kjøling i første omgang.
Når det gjelder prisen er 10.000 absolutt maks ved første innkjøp hvis ingen kan argumentere for annet.
Her er følgende oppsett jeg har kommet frem til:
MPX.no:
1,00 STK 593086 HIS Radeon HD 5870 2GB EYEFINITY 6
PCI-Express 2.0, GDDR5, 6x mini-DisplayPort, 850MHz
1,00 STK 593865 ASUS Crosshair IV Formula, Socket-AM3
AMD 890FX+SB850, DDR3, Firewire, GbLAN, ATX, 3xPCI-Ex(2.0)x16
NETSHOP.no
Pakning, vibrasjonsdempende, PSU Stk 1
31,00
2 43016 OCZ 60 GB SSD 2,5" S-ATA II TRIM/GC
Vertex 2, Max Read/Write 285/275MB/sec Stk 1
1 116,00
3 38032 Samsung 23,6" LCD Syncmaster 2494LW
1920x1080, 50000:1, 2ms, VGA/DVI Stk 1
1 320,00
4 41821 AMD Phenom II X6 1055T
AM3 2,8/3,3GHz Turbo Core 9MB cache,125W Stk 1
1 276,00
5 32565 Netshop Miditower,"Telamon II", sort
med kortleser og LCD display Stk 1
396,00
6 15301 Arctic Silver 5 Termisk Pasta
3.5 gram Stk 1
52,00
7 40258 OCZ DDR3 4 GB Platinum AMD Edition
PC3-12800 2x2048MB 1600MHz. (7.7.7.24) Stk 1
Info 716,00
8 33364 OCZ StealthXStream strømforsyning 700W
20/24pin ATX/BTX/PCI Express/SATA Stk
556,00
Håper dette ikke ser alt for galt ut.
Noen vare er ikke på lager, så hvis dere ser noe som MÅ endre, skrik ut nå!
-
Ble vist HP maskinen fra komplett.
Midt i blinke for bruksområdet til mine foreldre.
Takker for svar!
-
Skal kjøpe en kontorpc til mor og far til jul, men såpass lenge siden jeg har drevet på med pc at jeg ikke veit hva som passer sammen lenger.
Skal være absolutt så billig som mulig, og trenger ikke skjerm, mus eller tastatur.
Bryr meg ikke om det er AMD eller Intel.
Trenger altså følgende:
- CPU
- HK (innebygd skjermkort)
- HDD
- RAM
- Kabinett
- CD-brenner
Hadde vært supert om alt var ifra samme nettbutikk også.
Sett på "anbefalinger" ifra hardware.no men får ikke helt handlekurven til å fungere som den skal.
- CPU
-
Da var det gjort.
Combofix:
Klikk for å se/fjerne innholdet nedenforComboFix 08-04-22.5 - administrator 2008-04-25 14:06:21.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.224 [GMT 2:00]
Running from: C:\Documents and Settings\Administrator.XXL\Skrivebord\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator.XXL\Skrivebord\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE ::
C:\epnhxax.exe
C:\WINDOWS\TEMP\ABB027.EXE
C:\WINDOWS\ydhqzop.sys
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\871140395\
C:\Documents and Settings\All Users\Programdata\ehkzovwl
C:\epnhxax.exe
C:\WINDOWS\ydhqzop.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_HZQBWMCX
-------\Service_HZQBWMCX
-------\Service_ydhqzop
((((((((((((((((((((((((( Files Created from 2008-03-25 to 2008-04-25 )))))))))))))))))))))))))))))))
.
2008-04-24 16:36 . 2008-04-24 16:36 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com
2008-04-24 16:34 . 2008-04-24 16:34 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware
2008-04-24 16:34 . 2008-04-24 16:34 <DIR> d-------- C:\Documents and Settings\Administrator.XXL\Programdata\SUPERAntiSpyware.com
2008-04-24 15:41 . 2008-04-24 15:41 <DIR> d-------- C:\Programfiler\CCleaner
2008-04-24 15:33 . 2008-04-24 15:33 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-04-24 15:32 . 2008-04-24 15:32 <DIR> d-------- C:\Programfiler\Opera
2008-04-24 15:23 . 2008-04-24 15:23 <DIR> d-------- C:\Documents and Settings\Administrator.XXL\Programdata\TmpRecentIcons
2008-04-23 22:18 . 2008-04-23 22:18 <DIR> d-------- C:\Documents and Settings\geni\Programdata\TmpRecentIcons
2008-04-23 20:46 . 2008-04-23 20:46 2 --a------ C:\871140395
2008-04-17 12:55 . 2008-04-17 12:55 <DIR> d-------- C:\Documents and Settings\geni\Programdata\DVMS
2008-04-17 12:53 . 2008-04-17 12:53 <DIR> d-------- C:\Programfiler\DVMS
2008-04-17 12:52 . 2008-04-17 12:52 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\DVMS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-24 13:39 --------- d-----w C:\Programfiler\Trend Micro
2008-04-24 08:27 --------- d-----w C:\Programfiler\Google
2008-04-14 09:13 --------- d-----w C:\Documents and Settings\geni\Programdata\ICAClient
.
((((((((((((((((((((((((((((( snapshot@2008-04-24_16.16.13.94 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-24 13:49:36 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-25 12:09:35 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-24 14:34:29 34,304 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF1.exe
+ 2005-03-15 15:52:48 172,099 ----a-w C:\WINDOWS\TEMP\TLB027.EXE
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:00 15360]
"SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-05-06 17:52 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-05-06 17:48 118784]
"Smapp"="C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 10:08 143360]
"SSC_UserPrompt"="C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-09-13 13:08 218240]
"SetRefresh"="C:\Programfiler\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 20:01 525824]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2004-08-04 10:00 143360]
"OfficeScanNT Monitor"="C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" [2005-04-19 00:52 335872]
"Windows Defender"="C:\Programfiler\Windows Defender\MSASCui.exe" [2006-04-03 18:12 777424]
"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43 83608]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 10:00 15360]
C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\
Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon]
C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programfiler\\Microsoft ActiveSync\\wcescomm.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
Contents of the 'Scheduled Tasks' folder
"2008-04-22 00:19:01 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Programfiler\Windows Defender\MpCmdRun.exe
"2008-04-23 18:56:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Programfiler\Symantec\LiveUpdate\NDetect.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-25 14:11:30
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\TEMP\TLB027.EXE
.
**************************************************************************
.
Completion time: 2008-04-25 14:16:21 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-25 12:16:16
ComboFix2.txt 2008-04-24 15:03:15
ComboFix3.txt 2008-04-24 14:19:05
ComboFix4.txt 2008-04-24 14:16:28
Pre-Run: 31,247,052,800 byte ledig
Post-Run: 31,250,022,400 byte ledig
126 --- E O F --- 2008-04-19 01:40:40
HiJack This:
Klikk for å se/fjerne innholdet nedenforLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:17, on 2008-04-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\TEMP\TLB027.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe
C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\notepad.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [smapp] C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [setRefresh] C:\Programfiler\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Opprett mobil favoritt - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programfiler\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programfiler\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programfiler\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.bravida.no
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = xxl.no
O17 - HKLM\Software\..\Telephony: DomainName = xxl.no
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = xxl.no
O20 - Winlogon Notify: !saswinlogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
--
End of file - 6232 bytes
SAS: (første scan)
Klikk for å se/fjerne innholdet nedenforSUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 04/24/2008 at 04:54 PM
Application Version : 4.0.1154
Core Rules Database Version : 3446
Trace Rules Database Version: 1438
Scan type : Complete Scan
Total Scan Time : 00:15:41
Memory items scanned : 340
Memory threats detected : 3
Registry items scanned : 4957
Registry threats detected : 47
File items scanned : 11451
File threats detected : 96
Trojan.Unclassified/Multi-Dropper (Packed)
C:\DOCUMENTS AND SETTINGS\ALL USERS\PROGRAMDATA\EHKZOVWL\CVSHIDCP.EXE
[saVTXtKNcI] C:\DOCUMENTS AND SETTINGS\ALL USERS\PROGRAMDATA\EHKZOVWL\CVSHIDCP.EXE
C:\DOCUMENTS AND SETTINGS\ALL USERS\PROGRAMDATA\EHKZOVWL\CVSHIDCP.EXE
C:\WINDOWS\Prefetch\CVSHIDCP.EXE-11BFA788.pf
Adware.Vundo-Variant/J
C:\WINDOWS\VADOKMXT.DLL
C:\WINDOWS\VADOKMXT.DLL
C:\WINDOWS\WDPOEFAN.DLL
C:\WINDOWS\WDPOEFAN.DLL
Trojan.Unclassified/Multi-Dropper
[bganywkl] C:\WINDOWS\SYSTEM32\DOFCXCJU.EXE
C:\WINDOWS\SYSTEM32\DOFCXCJU.EXE
C:\WINDOWS\SYSTEM32\TCNSJKZW.EXE
C:\WINDOWS\SYSTEM32\WLEDARGV.EXE
C:\WINDOWS\Prefetch\WLEDARGV.EXE-03C67F4A.pf
Unclassified.Unknown Origin
HKLM\Software\Classes\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}
HKCR\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}
HKCR\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}
HKCR\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}\Implemented Categories
HKCR\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}
HKCR\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}\InprocServer32
HKCR\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}\InprocServer32#ThreadingModel
HKCR\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}\ProgID
HKCR\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}\Programmable
HKCR\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}\TypeLib
HKCR\CLSID\{2513A321-CB50-4C5F-91C5-80342AFACFB1}\VERSION
C:\WINDOWS\SYSTEM32\ADOBEPNL.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2513A321-CB50-4C5F-91C5-80342AFACFB1}
Adware.SXGAdvisor-A
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}
HKCR\CLSID\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}
HKCR\CLSID\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}
HKCR\CLSID\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}\InprocServer32
HKCR\CLSID\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}\InprocServer32#ThreadingModel
HKCR\CLSID\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}\ProgID
HKCR\CLSID\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}\Programmable
HKCR\CLSID\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}\TypeLib
HKCR\CLSID\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}\VersionIndependentProgID
C:\WINDOWS\QNMARGOLEWK.DLL
Trojan.Unclassified/GTS
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{CE66268D-0208-4D9E-8BC7-12D91072A34D}
HKCR\CLSID\{CE66268D-0208-4D9E-8BC7-12D91072A34D}
HKCR\CLSID\{CE66268D-0208-4D9E-8BC7-12D91072A34D}
HKCR\CLSID\{CE66268D-0208-4D9E-8BC7-12D91072A34D}\InprocServer32
HKCR\CLSID\{CE66268D-0208-4D9E-8BC7-12D91072A34D}\InprocServer32#ThreadingModel
HKCR\CLSID\{CE66268D-0208-4D9E-8BC7-12D91072A34D}\ProgID
HKCR\CLSID\{CE66268D-0208-4D9E-8BC7-12D91072A34D}\Programmable
HKCR\CLSID\{CE66268D-0208-4D9E-8BC7-12D91072A34D}\TypeLib
HKCR\CLSID\{CE66268D-0208-4D9E-8BC7-12D91072A34D}\VersionIndependentProgID
HKCR\dpevflbg.1
HKCR\dpevflbg
HKCR\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}
HKCR\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}\1.0
HKCR\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}\1.0
HKCR\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}\1.0\win32
HKCR\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}\1.0\FLAGS
HKCR\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}\1.0\HELPDIR
C:\WINDOWS\DPEVFLBG.DLL
Adware.Tracking Cookie
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@1071761544[1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@tradedoubler[2].txt
C:\Documents and Settings\Administrator.XXL\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@57028022[1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@cgi-bin[1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@gomyhit[3].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@atwola[1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@doubleclick[1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@systemerrorfixer[1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@gomyhit[1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\[email protected][2].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@advertising[1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@hitbox[2].txt
C:\Documents and Settings\Administrator.XXL\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\[email protected][1].txt
C:\Documents and Settings\Administrator.XXL\Cookies\administrator@adnetserver[1].txt
C:\Documents and Settings\geni\Cookies\[email protected][1].txt
C:\Documents and Settings\geni\Cookies\[email protected][1].txt
C:\Documents and Settings\geni\Cookies\[email protected][2].txt
C:\Documents and Settings\oyha\Cookies\oyha@2o7[2].txt
C:\Documents and Settings\oyha\Cookies\[email protected][1].txt
C:\Documents and Settings\oyha\Cookies\oyha@doubleclick[2].txt
C:\Documents and Settings\oyha\Cookies\oyha@mediaplex[2].txt
C:\Documents and Settings\oyha\Cookies\[email protected][2].txt
C:\Documents and Settings\oyha\Cookies\oyha@tradedoubler[2].txt
Trojan.Painter
HKCR\winapi32.MyBHO
HKCR\winapi32.MyBHO\Clsid
Trojan.Malware
C:\WINDOWS\bg.gif
Trojan.Unknown Origin
C:\WINDOWS\system32\smp\msrc.exe
C:\WINDOWS\system32\smp
C:\WINDOWS\BG_BG.GIF
Adware.Admess
HKCR\AppId\{F6BDB4E5-D6AA-4D1F-8B67-BCB0F2246E21}
HKCR\AppId\WStart.DLL
HKCR\AppId\WStart.DLL#WStart
Browser Hijacker.Internet Explorer Settings Hijack
HKU\s-1-5-21-583907252-1614895754-682003330-500\Software\Microsoft\Internet Explorer\Main#Start Page [ http://softwarereferral.com/jump.php?wmid=...6Ojg5&lid=2 ]
Trojan.SUSP/Transponder
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#Transponder [ C:\WINDOWS\system32\susp.exe ]
Trojan.Unclassified/CFTMon-Fake
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR.XXL\CFTMON.EXE
C:\DOCUMENTS AND SETTINGS\GENI\CFTMON.EXE
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\CFTMON.EXE
C:\WINDOWS\Prefetch\CFTMON.EXE-28DDC928.pf
Trojan.Unclassified/Dropper-Packed
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B443AFD0-89DD-4B1D-95CE-6B4A81A892B7}\RP569\A0101667.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B443AFD0-89DD-4B1D-95CE-6B4A81A892B7}\RP570\A0101698.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B443AFD0-89DD-4B1D-95CE-6B4A81A892B7}\RP570\A0102695.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B443AFD0-89DD-4B1D-95CE-6B4A81A892B7}\RP572\A0102725.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{B443AFD0-89DD-4B1D-95CE-6B4A81A892B7}\RP572\A0102733.EXE
Trojan.Downloader-Gen/Win
C:\WINDOWS\OLGDQARF.EXE
C:\WINDOWS\WXVGSDBQ.EXE
Trojan.Laguna Media
C:\WINDOWS\SPACER.GIF'
Trojan.Fake-Drop/Gen
C:\WINDOWS\SYSTEM32\AKTTZN.EXE
C:\WINDOWS\SYSTEM32\ANTICIPATOR.DLL
C:\WINDOWS\SYSTEM32\AWTOOLB.DLL
C:\WINDOWS\SYSTEM32\BDN.COM
C:\WINDOWS\SYSTEM32\CWS_IESTART.EXE
C:\WINDOWS\SYSTEM32\H@TKEYSH@@K.DLL
C:\WINDOWS\SYSTEM32\HOPROXY.DLL
C:\WINDOWS\SYSTEM32\HXIWLGPM.DAT
C:\WINDOWS\SYSTEM32\HXIWLGPM.EXE
C:\WINDOWS\SYSTEM32\MEDUP012.DLL
C:\WINDOWS\SYSTEM32\MEDUP020.DLL
C:\WINDOWS\SYSTEM32\MSGP.EXE
C:\WINDOWS\SYSTEM32\MSNBHO.DLL
C:\WINDOWS\SYSTEM32\MSSECU.EXE
C:\WINDOWS\SYSTEM32\MSVCHOST.EXE
C:\WINDOWS\SYSTEM32\MTR2.EXE
C:\WINDOWS\SYSTEM32\MWIN32.EXE
C:\WINDOWS\SYSTEM32\NETODE.EXE
C:\WINDOWS\SYSTEM32\NEWSD32.EXE
C:\WINDOWS\SYSTEM32\PS1.EXE
C:\WINDOWS\SYSTEM32\REGC64.DLL
C:\WINDOWS\SYSTEM32\REGM64.DLL
C:\WINDOWS\SYSTEM32\RUNDL1.EXE
C:\WINDOWS\SYSTEM32\SSURF022.DLL
C:\WINDOWS\SYSTEM32\SSVCHOST.COM
C:\WINDOWS\SYSTEM32\SSVCHOST.EXE
C:\WINDOWS\SYSTEM32\SYSREQ.EXE
C:\WINDOWS\SYSTEM32\TAACK.DAT
C:\WINDOWS\SYSTEM32\TAACK.EXE
C:\WINDOWS\SYSTEM32\TEMP#01.EXE
C:\WINDOWS\SYSTEM32\THUN.DLL
C:\WINDOWS\SYSTEM32\THUN32.DLL
C:\WINDOWS\SYSTEM32\VBIEWER.OCX
C:\WINDOWS\SYSTEM32\VBSYS2.DLL
C:\WINDOWS\SYSTEM32\VCATCHPI.DLL
C:\WINDOWS\SYSTEM32\WINLOGONPC.EXE
C:\WINDOWS\SYSTEM32\WINSYSTEM.EXE
C:\WINDOWS\SYSTEM32\WINWGPX.EXE
Dpcproxy
C:\WINDOWS\SYSTEM32\DPCPROXY.EXE
Adware.Mirar/NetNucleus
C:\WINDOWS\SYSTEM32\MIRARSEARCH_TOOLBAR.EXE
Unclassified.Unknown Origin/System
C:\WINDOWS\SYSTEM32\PSOF1.EXE
Adware.Pacer D
C:\WINDOWS\SYSTEM32\PSOFT1.EXE
Trojan.Dluca-I
C:\WINDOWS\SYSTEM32\SNCNTR.EXE
-
HiJack this:
Klikk for å se/fjerne innholdet nedenforLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:59, on 2008-04-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\TEMP\ABB027.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe
C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\userinit.exe
C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=...6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: winapi32.MyBHO - {62E2E094-F989-48C6-B947-6E79DA2294F9} - C:\WINDOWS\system32\winapi32.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [smapp] C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [setRefresh] C:\Programfiler\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [wruwzyvo] C:\WINDOWS\system32\tcnsjkzw.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Opprett mobil favoritt - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programfiler\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programfiler\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programfiler\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.bravida.no
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = xxl.no
O17 - HKLM\Software\..\Telephony: DomainName = xxl.no
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = xxl.no
O20 - Winlogon Notify: !saswinlogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtutndu - awtuTNDU.dll (file missing)
O21 - SSODL: vadokmxt - {8D77CD95-EA5C-4791-B87E-48310EA70B85} - C:\WINDOWS\vadokmxt.dll (file missing)
O21 - SSODL: wdpoefan - {DA45875A-87F4-47A9-BB24-ABF3D98C68EE} - C:\WINDOWS\wdpoefan.dll (file missing)
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 6628 bytes
Combofix:
Klikk for å se/fjerne innholdet nedenforComboFix 08-04-22.5 - administrator 2008-04-24 17:00:22.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.204 [GMT 2:00]
Running from: C:\Documents and Settings\Administrator.XXL\Skrivebord\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\rs.txt
.
((((((((((((((((((((((((( Files Created from 2008-03-24 to 2008-04-24 )))))))))))))))))))))))))))))))
.
2008-04-24 16:36 . 2008-04-24 16:36 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com
2008-04-24 16:34 . 2008-04-24 16:34 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware
2008-04-24 16:34 . 2008-04-24 16:34 <DIR> d-------- C:\Documents and Settings\Administrator.XXL\Programdata\SUPERAntiSpyware.com
2008-04-24 15:41 . 2008-04-24 15:41 <DIR> d-------- C:\Programfiler\CCleaner
2008-04-24 15:33 . 2008-04-24 15:33 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-04-24 15:32 . 2008-04-24 15:32 <DIR> d-------- C:\Programfiler\Opera
2008-04-24 15:23 . 2008-04-24 15:23 <DIR> d-------- C:\Documents and Settings\Administrator.XXL\Programdata\TmpRecentIcons
2008-04-23 22:18 . 2008-04-23 22:18 <DIR> d-------- C:\Documents and Settings\geni\Programdata\TmpRecentIcons
2008-04-23 20:46 . 2008-04-24 16:56 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\ehkzovwl
2008-04-23 20:46 . 2008-04-23 20:46 65,536 --a------ C:\epnhxax.exe
2008-04-23 20:46 . 2008-04-23 20:46 61,874 --a------ C:\WINDOWS\ydhqzop.sys
2008-04-23 20:46 . 2008-04-23 20:46 2 --a------ C:\871140395
2008-04-17 12:55 . 2008-04-17 12:55 <DIR> d-------- C:\Documents and Settings\geni\Programdata\DVMS
2008-04-17 12:53 . 2008-04-17 12:53 <DIR> d-------- C:\Programfiler\DVMS
2008-04-17 12:52 . 2008-04-17 12:52 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\DVMS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-24 15:00 3,420 ----a-w C:\WINDOWS\system32\PerfStringBackup.TMP
2008-04-24 13:39 --------- d-----w C:\Programfiler\Trend Micro
2008-04-24 08:27 --------- d-----w C:\Programfiler\Google
2008-04-14 09:13 --------- d-----w C:\Documents and Settings\geni\Programdata\ICAClient
2008-03-20 08:11 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:11 1,845,248 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-01 16:35 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:58 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-29 08:58 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:52 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:39 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:39 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
.
((((((((((((((((((((((((((((( snapshot@2008-04-24_16.16.13.94 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-24 13:49:36 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-24 14:56:38 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-24 14:34:29 34,304 ----a-r C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF1.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{62E2E094-F989-48C6-B947-6E79DA2294F9}]
C:\WINDOWS\system32\winapi32.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:00 15360]
"SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]
"wruwzyvo"="C:\WINDOWS\system32\tcnsjkzw.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-05-06 17:52 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-05-06 17:48 118784]
"Smapp"="C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 10:08 143360]
"SSC_UserPrompt"="C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-09-13 13:08 218240]
"SetRefresh"="C:\Programfiler\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 20:01 525824]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2004-08-04 10:00 143360]
"OfficeScanNT Monitor"="C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" [2005-04-19 00:52 335872]
"Windows Defender"="C:\Programfiler\Windows Defender\MSASCui.exe" [2006-04-03 18:12 777424]
"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43 83608]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 10:00 15360]
C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\
Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= file:///C:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"vadokmxt"= {8D77CD95-EA5C-4791-B87E-48310EA70B85} - C:\WINDOWS\vadokmxt.dll [ ]
"wdpoefan"= {DA45875A-87F4-47A9-BB24-ABF3D98C68EE} - C:\WINDOWS\wdpoefan.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon]
C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtutndu]
awtuTNDU.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programfiler\\Microsoft ActiveSync\\wcescomm.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
S2 HZQBWMCX;HZQBWMCX;C:\WINDOWS\system32\hzqbwmcx.uvs []
*Newly Created Service* - catchme
.
Contents of the 'Scheduled Tasks' folder
"2008-04-22 00:19:01 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Programfiler\Windows Defender\MpCmdRun.exe
"2008-04-23 18:56:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Programfiler\Symantec\LiveUpdate\NDetect.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-24 17:01:37
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HZQBWMCX]
"ImagePath"="\??\C:\WINDOWS\system32\hzqbwmcx.uvs"
.
Completion time: 2008-04-24 17:03:14
ComboFix-quarantined-files.txt 2008-04-24 15:03:03
ComboFix2.txt 2008-04-24 14:19:05
ComboFix3.txt 2008-04-24 14:16:28
Pre-Run: 31,282,667,520 byte ledig
Post-Run: 31,277,428,736 byte ledig
129 --- E O F --- 2008-04-19 01:40:40
SAS fjernet ca 150 filer som ikke skulle være der..
-
Fått virus på en pc på jobben.
Får ikke kjørt SAS, men kjørt Comobix, CCleaner og HiJack This.
Combifix
Klikk for å se/fjerne innholdet nedenforComboFix 08-04-22.5 - Administrator 2008-04-24 16:17:08.2 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.227 [GMT 2:00]
Running from: C:\Documents and Settings\Administrator.XXL\Skrivebord\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Programfiler\akl
C:\Programfiler\akl\akl.dll
C:\Programfiler\akl\akl.exe
C:\Programfiler\akl\uninstall.exe
C:\Programfiler\akl\unsetup.exe
C:\Programfiler\Inet Delivery
C:\Programfiler\Inet Delivery\inetdl.exe
C:\Programfiler\Inet Delivery\intdel.exe
C:\WINDOWS\a.bat
C:\WINDOWS\base64.tmp
C:\WINDOWS\bdn.com
C:\WINDOWS\FVProtect.exe
C:\WINDOWS\iTunesMusic.exe
C:\WINDOWS\mslagent
C:\WINDOWS\mslagent\2_mslagent.dll
C:\WINDOWS\mslagent\mslagent.exe
C:\WINDOWS\mslagent\uninstall.exe
C:\WINDOWS\mssecu.exe
C:\WINDOWS\system32\bsva-egihsg52.exe
C:\WINDOWS\system32\emesx.dll
C:\WINDOWS\userconfig9x.dll
C:\WINDOWS\Web\def.htm
C:\WINDOWS\winsystem.exe
C:\WINDOWS\zip1.tmp
C:\WINDOWS\zip2.tmp
C:\WINDOWS\zip3.tmp
C:\WINDOWS\zipped.tmp
.
((((((((((((((((((((((((( Files Created from 2008-03-24 to 2008-04-24 )))))))))))))))))))))))))))))))
.
2008-04-24 16:15 . 2008-04-24 16:15 98,304 --a------ C:\WINDOWS\system32\dofcxcju.exe
2008-04-24 15:41 . 2008-04-24 15:41 <DIR> d-------- C:\Programfiler\CCleaner
2008-04-24 15:33 . 2008-04-24 15:33 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-04-24 15:32 . 2008-04-24 15:32 <DIR> d-------- C:\Programfiler\Opera
2008-04-24 15:23 . 2008-04-24 15:23 <DIR> d-------- C:\Documents and Settings\Administrator.XXL\Programdata\TmpRecentIcons
2008-04-24 15:10 . 2008-04-23 20:46 7,168 --a------ C:\Documents and Settings\Administrator.XXL\cftmon.exe
2008-04-23 22:18 . 2008-04-23 22:18 <DIR> d-------- C:\Documents and Settings\geni\Programdata\TmpRecentIcons
2008-04-23 20:57 . 2008-04-23 20:46 7,168 --a------ C:\Documents and Settings\LocalService\cftmon.exe
2008-04-23 20:46 . 2008-04-23 20:46 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\ehkzovwl
2008-04-23 20:46 . 2008-04-23 20:46 7,168 --a------ C:\Documents and Settings\geni\cftmon.exe
2008-04-17 12:55 . 2008-04-17 12:55 <DIR> d-------- C:\Documents and Settings\geni\Programdata\DVMS
2008-04-17 12:53 . 2008-04-17 12:53 <DIR> d-------- C:\Programfiler\DVMS
2008-04-17 12:52 . 2008-04-17 12:52 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\DVMS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-24 13:54 3,420 ----a-w C:\WINDOWS\system32\PerfStringBackup.TMP
2008-04-24 13:39 --------- d-----w C:\Programfiler\Trend Micro
2008-04-24 08:27 --------- d-----w C:\Programfiler\Google
2008-04-23 18:46 98,304 ----a-w C:\WINDOWS\system32\wledargv.exe
2008-04-23 18:46 65,536 ----a-w C:\epnhxax.exe
2008-04-23 18:46 61,874 ----a-w C:\WINDOWS\ydhqzop.sys
2008-04-23 12:19 94,208 ----a-w C:\WINDOWS\olgdqarf.exe
2008-04-23 12:19 81,920 ----a-w C:\WINDOWS\wxvgsdbq.exe
2008-04-23 12:19 217,088 ----a-w C:\WINDOWS\qnmargolewk.dll
2008-04-23 12:19 212,992 ----a-w C:\WINDOWS\wdpoefan.dll
2008-04-23 12:19 188,416 ----a-w C:\WINDOWS\vadokmxt.dll
2008-04-23 12:19 155,648 ----a-w C:\WINDOWS\dpevflbg.dll
2008-04-14 09:13 --------- d-----w C:\Documents and Settings\geni\Programdata\ICAClient
2008-03-20 08:11 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:11 1,845,248 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-01 16:35 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:58 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-29 08:58 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:52 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:39 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:39 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
.
((((((((((((((((((((((((((((( snapshot@2008-04-24_16.16.13.94 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-23 18:46:18 4,096 ----a-w C:\WINDOWS\system32\hoproxy.dll
+ 2008-04-24 14:15:37 4,096 ----a-w C:\WINDOWS\system32\hoproxy.dll
- 2008-04-23 18:46:18 4,096 ----a-w C:\WINDOWS\system32\hxiwlgpm.dat
+ 2008-04-24 14:15:36 4,096 ----a-w C:\WINDOWS\system32\hxiwlgpm.dat
- 2008-04-23 18:46:18 4,096 ----a-w C:\WINDOWS\system32\hxiwlgpm.exe
+ 2008-04-24 14:15:36 4,096 ----a-w C:\WINDOWS\system32\hxiwlgpm.exe
- 2008-04-23 18:46:18 4,096 ----a-w C:\WINDOWS\system32\mwin32.exe
+ 2008-04-24 14:15:37 4,096 ----a-w C:\WINDOWS\system32\mwin32.exe
- 2008-04-23 18:46:18 4,096 ----a-w C:\WINDOWS\system32\sncntr.exe
+ 2008-04-24 14:15:37 4,096 ----a-w C:\WINDOWS\system32\sncntr.exe
- 2008-04-23 18:46:18 4,096 ----a-w C:\WINDOWS\system32\taack.dat
+ 2008-04-24 14:15:36 4,096 ----a-w C:\WINDOWS\system32\taack.dat
- 2008-04-23 18:46:18 4,096 ----a-w C:\WINDOWS\system32\taack.exe
+ 2008-04-24 14:15:36 4,096 ----a-w C:\WINDOWS\system32\taack.exe
- 2008-04-23 18:46:18 4,096 ----a-w C:\WINDOWS\system32\winlogonpc.exe
+ 2008-04-24 14:15:38 4,096 ----a-w C:\WINDOWS\system32\winlogonpc.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2513A321-CB50-4C5F-91C5-80342AFACFB1}]
C:\WINDOWS\system32\adobepnl.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{62E2E094-F989-48C6-B947-6E79DA2294F9}]
C:\WINDOWS\system32\winapi32.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3}]
2008-04-23 14:19 217088 --a------ C:\WINDOWS\qnmargolewk.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CE66268D-0208-4D9E-8BC7-12D91072A34D}"= "C:\WINDOWS\dpevflbg.dll" [2008-04-23 14:19 155648]
[HKEY_CLASSES_ROOT\clsid\{ce66268d-0208-4d9e-8bc7-12d91072a34d}]
[HKEY_CLASSES_ROOT\dpevflbg.1]
[HKEY_CLASSES_ROOT\TypeLib\{D9C28083-E28D-4AB3-B109-82758B1B484C}]
[HKEY_CLASSES_ROOT\dpevflbg]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:00 15360]
"bganywkl"="C:\WINDOWS\system32\dofcxcju.exe" [2008-04-24 16:15 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-05-06 17:52 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-05-06 17:48 118784]
"Smapp"="C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 10:08 143360]
"SSC_UserPrompt"="C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe" [2004-09-13 13:08 218240]
"SetRefresh"="C:\Programfiler\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 20:01 525824]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2004-08-04 10:00 143360]
"OfficeScanNT Monitor"="C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" [2005-04-19 00:52 335872]
"Transponder"="C:\WINDOWS\system32\susp.exe" [ ]
"Windows Defender"="C:\Programfiler\Windows Defender\MSASCui.exe" [2006-04-03 18:12 777424]
"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43 83608]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 10:00 15360]
C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\
Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"SaVTXtKNcI"= C:\Documents and Settings\All Users\Programdata\ehkzovwl\cvshidcp.exe
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= file:///C:\WINDOWS\privacy_danger\index.htm
FriendlyName= Privacy Protection
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"vadokmxt"= {8D77CD95-EA5C-4791-B87E-48310EA70B85} - C:\WINDOWS\vadokmxt.dll [2008-04-23 14:19 188416]
"wdpoefan"= {DA45875A-87F4-47A9-BB24-ABF3D98C68EE} - C:\WINDOWS\wdpoefan.dll [2008-04-23 14:19 212992]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtutndu]
awtuTNDU.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programfiler\\Microsoft ActiveSync\\wcescomm.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
S2 HZQBWMCX;HZQBWMCX;C:\WINDOWS\system32\hzqbwmcx.uvs []
.
Contents of the 'Scheduled Tasks' folder
"2008-04-22 00:19:01 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Programfiler\Windows Defender\MpCmdRun.exe
"2008-04-23 18:56:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Programfiler\Symantec\LiveUpdate\NDetect.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-24 16:18:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\HZQBWMCX]
"ImagePath"="\??\C:\WINDOWS\system32\hzqbwmcx.uvs"
.
Completion time: 2008-04-24 16:19:04
ComboFix-quarantined-files.txt 2008-04-24 14:18:45
ComboFix2.txt 2008-04-24 14:16:28
Pre-Run: 31,359,721,472 byte ledig
Post-Run: 31,352,070,144 byte ledig
181 --- E O F --- 2008-04-19 01:40:40
HiJack This
Klikk for å se/fjerne innholdet nedenforLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:27, on 2008-04-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Programdata\ehkzovwl\cvshidcp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\system32\dofcxcju.exe
C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\explorer.exe
C:\Programfiler\Java\jre1.6.0_01\bin\jucheck.exe
C:\Programfiler\Opera\Opera.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=...6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: adobepnl.ADOBE_PANEL - {2513A321-CB50-4C5F-91C5-80342AFACFB1} - C:\WINDOWS\system32\adobepnl.dll (file missing)
O2 - BHO: winapi32.MyBHO - {62E2E094-F989-48C6-B947-6E79DA2294F9} - C:\WINDOWS\system32\winapi32.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: DVA Gate - {AEAFB69D-EDE2-47C8-BDBA-D8938DE059D3} - C:\WINDOWS\qnmargolewk.dll
O3 - Toolbar: dpevflbg - {CE66268D-0208-4D9E-8BC7-12D91072A34D} - C:\WINDOWS\dpevflbg.dll
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [smapp] C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [setRefresh] C:\Programfiler\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [Transponder] C:\WINDOWS\system32\susp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bganywkl] C:\WINDOWS\system32\dofcxcju.exe
O4 - HKLM\..\Policies\Explorer\Run: [saVTXtKNcI] C:\Documents and Settings\All Users\Programdata\ehkzovwl\cvshidcp.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Opprett mobil favoritt - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programfiler\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programfiler\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programfiler\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.bravida.no
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = xxl.no
O17 - HKLM\Software\..\Telephony: DomainName = xxl.no
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = xxl.no
O20 - Winlogon Notify: awtutndu - awtuTNDU.dll (file missing)
O21 - SSODL: vadokmxt - {8D77CD95-EA5C-4791-B87E-48310EA70B85} - C:\WINDOWS\vadokmxt.dll
O21 - SSODL: wdpoefan - {DA45875A-87F4-47A9-BB24-ABF3D98C68EE} - C:\WINDOWS\wdpoefan.dll
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm
--
End of file - 6815 bytes
EDIT: Fått instalert SAS etter at combofix hadde gjort sitt.
Kommer med update etter hvert.
-
CPU: T7400 Core 2 duo @ 2,16 GHz
GFX: 7950 GTX 512ram
RAM: 4 GB
OS: Win Viste 32-bit
3DMark 06=5897 points [2474/2509/1812]
-
Er på utkikk etter en pc til en jente.
Skal nok brukes til litt spilling, men den skal hovedsaklig være pen å se på.
Vil nok gjerne ha litt harddisk plass også.
Av spilling er det world of worcraft som er aktuelt i første del.
Har funnet en fra Acer, men vil helst ha delen rundt tastaturet+tastaturet i svart. ikke et must tho.
Sett på denne: http://www.elprice.no/Product/ProductInfo....51&cid=5546
men ikke helt sikker på ytelsen.
-
Dobbelpost
-
Da har jeg fått bestilt en ny pc.
Tusen takk for hjelpen, og spesielt til deg Phantom3D!
Specs ble som følger:
Dell XPS 1710
Artikkel
Beskrivelse
Base
Intel® Core 2 Duo-prosessor T7400 (2,16 GHz, 667 MHz FSB, 4 MB L2-buffer)
Minne
4096 MB 667 MHz Dual Channel DDR2 SDRAM [2 x 2048]
Tastatur
Innebygd tastatur med enkel styreenhet - norsk (QWERTY)
Grafikkort
512 MB DDR3 nVidia® GeForce Go 7950 GTX-grafikkort
Harddisk
250 GB (5400 rpm) SATA-harddisk
Operativsystem
Ekte Windows Vista Home Premium - engelsk
Modem
56.6k V.92-kompatibelt internt modem og adapter - Finland/Norge
Optisk stasjon
Fast, intern 8X DVD+/-RW-stasjon med programvare - Vista
Trådløs tilkobling
Intel® Pro Wireless 3945 802.11a/b/g Mini PCI-kort (for Core 2 Duo-prosessorer)
Leveringsdokumenter
Norsk dokumentasjon og europeisk strømledning
Gedis Bundle-referanse
N03X7102
Microsoft-programvare
Microsoft® Works 9.0 - engelsk
Standard Garanti
Standardgaranti - 1 års XPS Premium Hardware Support (inkl. spill- og på stedet-støtte)
Garantioppgraderinger
Standardgaranti - 1 års XPS Premium Hardware Support (inkl. spill- og på stedet-støtte)
Sikkerhetsprogramvare
Ingen sikkerhetsprogram/antivirusbeskyttelse - engelsk
Strømforsyning
130 watts AC-adapter
Bluetooth
Dell Wireless 355 Bluetooth 2.0-modul (opptil 3 Mbps) med Enhanced Data Rate for Vista
Bestillingsinformation
Bestilling av Inspiron - Norge
Primærbatteri
9-cellers litiumionbatteri (80 W/t)
Bærevesker
Ingen bæreveske
Systemmedia
Ressurs-DVD (feilsøkingsprogrammer og drivere)
Accidental Damage Support
Intet valgt
Dell Internet Order
Dells Internett-bestilling.
Skjermoppløsning
17,0-tommers UltraSharp widescreen WUXGA (1920 x 1200) TFT-skjerm med TrueLife
Totalt Totalt
ekskl. mva. mva-sats mva. inkl. mva.
Delsum: 10 015,20 kr 25,00% 2 503,80 kr 12 519,00 kr
Totalbeløp: 10 015,20 kr 2 503,80 kr 12 519,00 kr
Satser på at dette blir en grei upgrade ifra min socket A cpu og 9600XT skjermkort.
Blir bare et helvette å vente til 04-04-2008 når maskinen skal komme.
-
Dette har du helt rett i! Tusen takk for svar.
Så på dell maskinen vil egentlig det meste være like bra eller bedre en compal maskinen med untak av CPU. Vil dette ha stor invirking på spill? Har lest at med den nye teknologien så vil man minske strømbruken (?), men dette vil ikke ha mye å si for meg siden den blir en desktop erstatter.
-
Beklager, jeg som roter. Er 1710 jeg har sett på, ikke 1730.
Har satt opp 3 oppsett nå.
1 stk XPS 1530, 1 stk XPS 1710 og 1 stk Multicom Compal JFL92+.
XPS 1530
PROSESSOR Intel® Core™ 2 Duo-prosessor T7250 (2,00 GHz, 800 MHz FSB, 2 MB L2-buffer)
OPERATIVSYSTEM Ekte Windows Vista™ Home Premium - norsk redigere
LCD 15,4-tommers UltraSharp™ widescreen WSXGA+ (1680 x 1050) TFT-skjerm med TrueLife™
BIOMETRIC IDENTIFICATION Biometrisk fingeravtrykksleser med SVART preg
MINNE 4096 MB 667 MHz Dual Channel DDR2 SDRAM [2 x 2048]
HARDDISK 250 GB (5400 rpm) SATA-harddisk
GRAFIKKORT NVIDIA® GeForce™ Go 8600M GT med 256 MB dedikert grafikkminne
OPTISK(E) STASJON(ER) Fast 8x DVD+/-RW slank stasjon med innstikksplass, inkludert programvare
PRIMÆRBATTERI 9-cellers primært litiumionbatteri (85 W/t)
10190
XPS 1710
PROSESSOR Intel® Core™ 2 Duo-prosessor T7200 (2,00 GHz, 667 MHz, 4 MB FSB, L2-buffer)
OPERATIVSYSTEM Ekte Windows Vista™ Home Premium - engelsk
LCD 17,0-tommers UltraSharp™ widescreen WUXGA (1920 x 1200) TFT-skjerm med TrueLife™
MINNE 4096 MB 667 MHz Dual Channel DDR2 SDRAM [2 x 2048]
HARDDISK 160 GB (7200 rpm) SATA-harddisk
GRAFIKKORT 512 MB DDR3 nVidia® GeForce™ Go 7950 GTX-grafikkort
OPTISK(E) STASJON(ER) Fast, intern 8X DVD+/-RW-stasjon med programvare - Vista
PRIMÆRBATTERI 9-cellers litiumionbatteri (80 W/t)
12078
Multicom Compal JFL92+
WSXGA+ 1680x1050 skjerm
Intel Core2Duo T9300 2.5GHz 45nm 6MB cache
160GB SATA 7200RPM 2.5"
4GB SO-dimm 667MHz (2x2GB) dual channel ( (krever 64-bits Vista for optimal utnyttelse)
9-cellers batteri XL (ekstra kapasitet), 7200mAh
NVIDIA® GeForce® 8600M GT skjermkort 512MB
(Alt annet som står om maskinen for de som måtte lure på det:
Intel® Centrino® Duo/Pro Prosessor Teknologi (Santa Rosa Refresh)
Intel 802.11a/b/g/n trådløst nettverkskort (n-draft støtte)
10/100/1000 Mbps nettverkskort
Bluetooth 2.0 (tillegg)
NVIDIA® PureVideo™ videoavspilling i HD kvalitet
DVD±RW DL (double layer) brenner
Innebygd mikrofon
2.0MP webkamera med CMOS støtte
WoW Video/Audio hurtigtaster
Realtek ALC268 lydkort med 2 kanals HD Audio støtte
Mega Bass Reflex Speaker system gir meget bra lyd
Fingeravtrykkleser
3-i-1 kortleser (SD/MMC/MS)
12132
De 3 valget står mellom nå. Men XPS 1530 syntes jeg ble litt svak iforhold til de andre, så heller mer mot 1710/compal.
Med 1710 får jeg et mye bedre skjermkort antar jeg, men prossessoren er dårligere.
Står ikke noe om fsb på compal maskinen, men tipper på 800MHz mot dell sin 667MHz? Stor forskjeld?
For ikke å nevne at dell sin cpu er på 2GHz of 4MB cache mens Compal har 2,5GHz og 6 MB cache.
Trenger litt veiledning nå, for dette var ikke lett.
Edit: Har jo mulighet til å øke prosessorkraften på 1710, men 0,16GHz for 1500kr syntes jeg var litt dyrt. Eller er det noe annet som skiller 2.0GHz versonen fra 2.16GHz?
-
Hei.
Skal erstatte min stasjonære pc med en bærbar.
Brukes hovedsaklig til spilling og nedlasting.
Har sett litt rundt på Asus, Multicom og Dell men klarer ikke å få bestemt meg.
17" hadde vært supert siden den ikke vil bli flyttet så alt for mye rundt på, men 15" er billigere virker det som så det funker nok bra det også.
Sett spesielt mye på dell sine XPS 1530 og XPS 1730.
Hvor stor forskjeld er det egentlig på grafikkort løsningene her?
Er så mange navn på de forskjellige typene, og har ikke peiling på hvilke som er bedre eller dårligere en de andre.
Det jeg ikke trenger i PC-en er alt mulig dill-dall som flash kort lesere osv. Harddisken kan være så liten og billig som mulig, men helst 7200rpm. Har en server på 1TB stående og en portabel disk hvis jeg skal på lan.
Windows vil jeg også helts ikke ha med.
Siden dette vil bli en ny "stasjonær" pc med 17" skjerm og ekstern tastatur/mus er det kanskje like greit å spare inn på utgiftene med å oppgradere skjermen i den bærbare?
Min stasjonære er godt på vei til å ta kvelden, så håper på å få bestil iløpet av helgen. Så kom gjerne med masse tips og veiledning.
Edit: Ser at mange snakker om rabattkuponger når det gjelder Dell. Hvor får man tak i disse/hva må til?
-
Hijack log:
Klikk for å se/fjerne innholdet nedenforLogfile of Trend Micro HijackThis v2.0.2Scan saved at 14:59, on 2007-09-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\TEMP\UVB73D.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe
C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe
C:\Programfiler\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Programfiler\QuickTime\qttask.exe
C:\Programfiler\Trend Micro\OfficeScan Client\Pop3Trap.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programfiler\Trend Micro\OfficeScan Client\pccntupd.exe
C:\Programfiler\Opera\Opera.exe
C:\Programfiler\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe
C:\Programfiler\Messenger\msmsgs.exe
C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.no
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [smapp] C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [setRefresh] C:\Programfiler\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [HP Software Update] "C:\Programfiler\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DrAntispy.lnk = C:\Programfiler\DrAntispy\DrAntispy.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.xxl.no
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1189424003843
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = xxl.no
O17 - HKLM\Software\..\Telephony: DomainName = xxl.no
O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
--
End of file - 5733 bytes
-
Hijackthis log:
Klikk for å se/fjerne innholdet nedenforLogfile of Trend Micro HijackThis v2.0.2Scan saved at 14:19, on 2007-09-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\TEMP\VK5978.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe
C:\Programfiler\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe
C:\Programfiler\QuickTime\qttask.exe
C:\Programfiler\Trend Micro\OfficeScan Client\Pop3Trap.exe
C:\Programfiler\Trend Micro\OfficeScan Client\pccntupd.exe
C:\Programfiler\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe
C:\Programfiler\Messenger\msmsgs.exe
C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programfiler\Opera\Opera.exe
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.no
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D3E8260-DA6C-4406-A5D8-9BF65307AD84} - C:\WINDOWS\system32\pnbf.dll (file missing)
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [smapp] C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [setRefresh] C:\Programfiler\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [HP Software Update] "C:\Programfiler\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [security iGuard] C:\Programfiler\Security iGuard\Security iGuard.exe
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programfiler\GRISOFT\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DrAntispy.lnk = C:\Programfiler\DrAntispy\DrAntispy.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.xxl.no
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1189424003843
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = xxl.no
O17 - HKLM\Software\..\Telephony: DomainName = xxl.no
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c0043900.dat
O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programfiler\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe
O23 - Service: OfficeScanNT Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe
--
End of file - 6087 bytes
Bygger PC, hvilke SSD gir best ytelse?
i Hjelp til kjøp og salg av PC
Skrevet
Hei Bretleon.
Kan veldig lite om SSD disker men hvis du ser HER kan så teste 2 disker opp mot hverandre.
Håper det hjelper deg litt.