![](https://www.diskusjon.no/uploads/set_resources_15/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
emva
-
Innlegg
318 -
Ble med
-
Besøkte siden sist
Innholdstype
Profiler
Forum
Hendelser
Blogger
Om forumet
Innlegg skrevet av emva
-
-
Ha systemdisken i hovedkortet mens du samtidig har kontrollerkortet i maskinen.
det burde da komme opp en melding som sier noe sånt: "du har ny hardware", derfra er det å finne driverene.
hvis ikke dette skjer så går du til enhetsbehandling, å finner forhåpentligvis et lite utspring med gult på.
-
Man finner noe som er nermere også, bare å trykke HER.
-
-
Er litt feilpostet...
Men uansett er GetDataBack det programmet jeg har best erfaring med, dette koster litt men redder det meste.
Et gratis alternativ er Recuva, dette er fint og enkelt å bruke og bruker ikke så lang tid som førstnevnte.
-
Og plutselig var Opera oppe i så å si 2%, uten at Chrome hadde rørt seg.......
-
Se i Kontrollpanel -> legg til og fjern programmer. burde finnes det
-
noen viktige filer som var infisert også ja...
explorer.exe;c:\windows;Trojan.Starter.384;Renset.;
psexesvc.exe;c:\windows;Program.PsExec.170;Urensbar.Slettet.;
fhfx.dll;c:\windows\system32;Trojan.Proxy.3350;Slettet.;
lsass.exe;c:\windows\system32;Trojan.Starter.384;Renset.;
services.exe;c:\windows\system32;Trojan.Starter.384;Renset.;
spoolsv.exe;c:\windows\system32;Trojan.Starter.384;Renset.;
svchost.exe;c:\windows\system32;Trojan.Starter.384;Renset.;
winlogon.exe;c:\windows\system32;Trojan.Starter.384;Renset.;
psexec.cfexe;C:\ComboFix;Program.PsExec.171;Renamed.;
vacation simple plane.mp3;C:\Documents and Settings\navn\Mine dokumenter;Trojan.Click.18899;Incurable.Moved.;
ComboFix.exe\327882R2FWJFW\psexec.cfexe;C:\Documents and Settings\navn\Skrivebord\ComboFix.exe;Program.PsExec.171;;
ComboFix.exe;C:\Documents and Settings\navn\Skrivebord;Archive contains infected objects;Moved.;
BookMark Us.reg;C:\Documents and Settings\navn\Skrivebord\Musikk\Andreas musikk\MP3\My Music;Trojan.StartPage.1505;Deleted.;
data045\data006;C:\programmer\BearShareV6.exe\data045;Adware.Softomate;;
data045;C:\programmer\BearShareV6.exe;Archive contains infected objects;;
BearShareV6.exe;C:\programmer;Archive contains infected objects;Moved.;
data045\data006;C:\programmer\BearShareV6int.exe\data045;Adware.Softomate;;
data045;C:\programmer\BearShareV6int.exe;Archive contains infected objects;;
BearShareV6int.exe;C:\programmer;Archive contains infected objects;Moved.;
BSINSTALL.exe\data021;C:\programmer\BSINSTALL.exe;Adware.SearchAid.40;;
data027\clientax.dll;C:\programmer\BSINSTALL.exe\data027;Adware.Zango;;
data027;C:\programmer\BSINSTALL.exe;Archive contains infected objects;;
data030\data005;C:\programmer\BSINSTALL.exe\data030;Adware.Msearch;;
data030;C:\programmer\BSINSTALL.exe;Archive contains infected objects;;
BSINSTALL.exe;C:\programmer;Archive contains infected objects;Moved.;
cyfhqtml.exe.vir;C:\QooBox\Quarantine\C\WINDOWS\system32;Trojan.Starter.561;Deleted.;
lphc1s1j0endv.exe.vir;C:\QooBox\Quarantine\C\WINDOWS\system32;Trojan.Packed.566;Deleted.;
qavvgjsw.exe.vir;C:\QooBox\Quarantine\C\WINDOWS\system32;Trojan.Starter.561;Deleted.;
sysrest32.exe.vir;C:\QooBox\Quarantine\C\WINDOWS\system32;Trojan.Packed.557;Deleted.;
vaordunh.exe.vir;C:\QooBox\Quarantine\C\WINDOWS\system32;Trojan.Starter.561;Deleted.;
A0000005.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP2;Trojan.Packed.557;Deleted.;
A0002044.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP2;Trojan.Packed.566;Deleted.;
A0002049.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP2;Trojan.Starter.561;Deleted.;
A0002071.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP2;Trojan.Starter.561;Deleted.;
A0002074.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP2;Trojan.Starter.561;Deleted.;
A0006205.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP6;Trojan.Starter.384;Cured.;
A0006206.dll;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP6;Trojan.Proxy.3350;Deleted.;
A0006207.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP6;Trojan.Starter.384;Cured.;
A0006208.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP6;Trojan.Starter.384;Cured.;
A0006209.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP6;Trojan.Starter.384;Cured.;
A0006210.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP6;Trojan.Starter.384;Cured.;
A0006211.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP6;Trojan.Starter.384;Cured.;
A0006212.EXE;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP6;Program.PsExec.170;Renamed.;
A0006213.exe\327882R2FWJFW\psexec.cfexe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7\A0006213.exe;Program.PsExec.171;;
A0006213.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7;Archive contains infected objects;Moved.;
A0006214.reg;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7;Trojan.StartPage.1505;Deleted.;
data045\data006;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7\A0006215.exe\data045;Adware.Softomate;;
data045;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7\A0006215.exe;Archive contains infected objects;;
A0006215.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7;Archive contains infected objects;Moved.;
data045\data006;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7\A0006216.exe\data045;Adware.Softomate;;
data045;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7\A0006216.exe;Archive contains infected objects;;
A0006216.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7;Archive contains infected objects;Moved.;
A0006217.exe\data021;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7\A0006217.exe;Adware.SearchAid.40;;
data027\clientax.dll;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7\A0006217.exe\data027;Adware.Zango;;
data027;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7\A0006217.exe;Archive contains infected objects;;
data030\data005;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7\A0006217.exe\data030;Adware.Msearch;;
data030;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7\A0006217.exe;Archive contains infected objects;;
A0006217.exe;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP7;Archive contains infected objects;Moved.;
psexec.#fexe;C:\ComboFix;Program.PsExec.171;;
A0006206.dll;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP6;Trojan.Proxy.3350;Slettet.;
A0006212.#XE;C:\System Volume Information\_restore{4F3B614A-E164-4A3C-9497-97A7602927CA}\RP6;Program.PsExec.170;;
-
-
ups, de ble gjenntatt 2 ganger ja... Er ikke sikker på hastighetene, men du får jo mer funksjonalitet jo dyrere det er. (selvfølgelig)
Her er et annet som er litt dyrere, men som har 4 kanaler, litt mer fancy RAID.
-
Gjetter på at du har windows XP, "Thumbs.db" filene er små databaser som tar vare på et lite mini bilde av de bildene som finnes i en spesiell mappe. De er helt harmløse og kan trygt slettes. (men de vil som regel komme tilbake)
grunnen til at du kan se disse filene er at du eller noen andre har gått inn på tools/verktøy -> Folder Options -> View (husker ikke den norske versjonen)
der kan du finne noen valg, du kan også klikke på "Do not cache thumbnails" for at for at de ikke skal komme igjen.
-
-
har fjernet de 3 med hijackthis, sc stop iPod Service nektet den å ta i mot men den er i listen over Tjenester enda, oppdaget at filen som den pekte til ikke eksisterte. Det er ikke noe spor av md5deep på datamaskinen, så vidt jeg kan se.
-
ok, den er på vei... (logge på som admin eller en bruker?)
-
Får ikke installert SP3 pga services.exe er i bruk
Hei.
SP3 vil ikke installeres på en XP Home maskin.
Feil meldingen den gir er:
"The file C:windowssystem32services.exe is open or in use by another application.
Close all other applications and then click retry"
Har kjørt SAS, SpyBot S&D en del ganger (normal og sikkerhetsmodus)
AVG vil heller ikke inn. det ligger der, men servicen starer ikke
Combofix
ComboFix 08-08-14.03 - navn 2008-08-21 12:44:36.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.250 [GMT 2:00]
Running from: C:\Documents and Settings\navn\Skrivebord\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-07-21 to 2008-08-21 )))))))))))))))))))))))))))))))
.
2008-08-21 00:17 . 2008-08-21 00:17 d-------- C:\Documents and Settings\Administrator
2008-08-20 15:10 . 2008-08-21 00:34 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-19 00:42 . 2008-08-21 12:42 dr-h----- C:\Documents and Settings\navn\Siste
2008-08-19 00:32 . 2008-08-19 00:32 d-------- C:\Programfiler\CCleaner
2008-08-18 21:22 . 2008-08-18 21:22 d-------- C:\WINDOWS\system32\drivers\Avg
2008-08-18 21:22 . 2008-08-18 21:22 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-08-18 21:22 . 2008-08-18 21:22 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-08-18 21:21 . 2008-08-18 21:21 d-------- C:\Programfiler\AVG
2008-08-18 21:21 . 2008-08-18 22:12 d-------- C:\Documents and Settings\All Users\Programdata\avg8
2008-08-18 18:22 . 2008-08-18 20:55 363 --a------ C:\WINDOWS\wininit.ini
2008-08-18 17:44 . 2008-08-18 18:29 d-------- C:\Programfiler\SUPERAntiSpyware
2008-08-18 17:44 . 2008-08-18 17:44 d-------- C:\Documents and Settings\navn\Programdata\SUPERAntiSpyware.com
2008-08-18 17:44 . 2008-08-18 17:44 d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com
2008-08-18 17:43 . 2008-08-18 17:43 d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-08-18 17:37 . 2008-08-18 17:37 d-------- C:\Programfiler\Spybot - Search & Destroy
2008-08-18 17:37 . 2008-08-19 16:44 d-------- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-21 10:41 --------- d-----w C:\Documents and Settings\navn\Programdata\OpenOffice.org2
2008-06-14 18:00 272,256 ------w C:\WINDOWS\system32\dllcache\bthport.sys
.
------- Sigcheck -------
md5deep: C:\WINDOWS\system32\svchost.exe: error at offset 0: Permission denied
2004-08-04 14:00 502272 1640872f408745717b054512a7e44b87 C:\WINDOWS\system32\winlogon.exe
md5deep: C:\WINDOWS\explorer.exe: error at offset 0: Permission denied
md5deep: C:\WINDOWS\system32\services.exe: error at offset 0: Permission denied
md5deep: C:\WINDOWS\system32\lsass.exe: error at offset 0: Permission denied
2005-06-11 02:17 57856 ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
md5deep: C:\WINDOWS\system32\spoolsv.exe: error at offset 0: Permission denied
.
((((((((((((((((((((((((((((( snapshot@2008-08-19_15.27.26.89 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-08-19 00:59:10 16,384 -c--a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-08-20 22:39:50 16,384 -c--a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-08-19 00:59:10 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Lokale innstillinger\Logg\History.IE5\index.dat
+ 2008-08-20 22:39:50 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Lokale innstillinger\Logg\History.IE5\index.dat
- 2008-08-19 00:59:10 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Lokale innstillinger\Temporary Internet Files\Content.IE5\index.dat
+ 2008-08-20 22:39:50 32,768 -c--a-w C:\WINDOWS\system32\config\systemprofile\Lokale innstillinger\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"MsnMsgr"="C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programfiler\Fellesfiler\Ahead\lib\NMBgMonitor.exe" [2006-03-01 19:43 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"LogitechCommunicationsManager"="C:\Programfiler\Fellesfiler\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02 563984]
"LogitechQuickCamRibbon"="C:\Programfiler\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06 2027792]
"SoundMan"="SOUNDMAN.EXE" [2006-06-21 06:42 577536 C:\WINDOWS\SOUNDMAN.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="C:\Programfiler\Fellesfiler\logishrd\WUApp32.exe" [2007-07-19 02:45 439568]
C:\Documents and Settings\navn\Start-meny\Programmer\Oppstart\
OpenOffice.org 2.1.lnk - C:\Programfiler\OpenOffice.org 2.1\program\quickstart.exe [2006-12-02 00:32:46 393216]
C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\
Hurtigstart for Adobe Reader.lnk - C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2000-03-05 16:57:42 29696]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"NqNLSHNsWkfx"= {3CDB81B2-9671-2B18-635F-C8046803C3AB} - C:\WINDOWS\system32\fhfx.dll [2007-04-16 17:54 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programfiler\\Messenger\\Msmsgs.exe"=
"C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-18 21:22]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-18 21:21]
R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-08-18 21:22]
R2 EAPPkt;Realtek EAPPkt Protocol;C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2005-04-01 10:42]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys []
S3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys []
.
.
------- Supplementary Scan -------
.
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
O8 -: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN
O9 -: {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\navn\Start-meny\Programmer\IMVU\Run IMVU.lnk
O16 -: {745395C8-D0E1-4227-8586-624CA9A10A8D} - hxxp://159.171.96.58/activex/AMC.cab
C:\WINDOWS\Downloaded Program Files\setup.inf
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-21 12:47:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-08-21 12:48:30
ComboFix-quarantined-files.txt 2008-08-21 10:48:27
Pre-Run: 13,679,603,712 byte ledig
Post-Run: 13,669,924,864 byte ledig
110 --- E O F --- 2008-08-18 15:26:57
høytadette
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:50:28, on 21.08.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\programfiler\fellesfiler\logishrd\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe
C:\Programfiler\Fellesfiler\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programfiler\Fellesfiler\LogiShrd\LComMgr\Communications_Helper.exe
C:\Programfiler\Logitech\QuickCam\Quickcam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe
C:\Programfiler\Fellesfiler\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programfiler\OpenOffice.org 2.1\program\soffice.exe
C:\Programfiler\OpenOffice.org 2.1\program\soffice.BIN
C:\Programfiler\Fellesfiler\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\navn\Skrivebord\HiJackThis.exe
C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programfiler\Fellesfiler\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programfiler\Fellesfiler\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programfiler\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Programfiler\Fellesfiler\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 11.1.0.2016 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Programfiler\Fellesfiler\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 11.1.0.2016 (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Programfiler\OpenOffice.org 2.1\program\quickstart.exe
O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\navn\Start-meny\Programmer\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: @c:\Programfiler\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Programfiler\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Programfiler\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab56986.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - http://159.171.96.58/activex/AMC.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
O21 - SSODL: NqNLSHNsWkfx - {3CDB81B2-9671-2B18-635F-C8046803C3AB} - C:\WINDOWS\system32\fhfx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: iPod-tjeneste (iPod Service) - Unknown owner - C:\Programfiler\iPod\bin\iPodService.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programfiler\Fellesfiler\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programfiler\Fellesfiler\LogiShrd\SrvLnch\SrvLnch.exe
--
End of file - 7256 bytes
og 2 SAS logger for å vise hva som var på maskinen
første:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 08/18/2008 at 07:40 PM
Application Version : 4.15.1000
Core Rules Database Version : 3469
Trace Rules Database Version: 1460
Scan type : Complete Scan
Total Scan Time : 00:58:44
Memory items scanned : 171
Memory threats detected : 1
Registry items scanned : 4512
Registry threats detected : 13
File items scanned : 22253
File threats detected : 146
Trojan.Vundo-Variant/Small-GEN
C:\WINDOWS\SYSTEM32\MLJCSLIA.DLL
C:\WINDOWS\SYSTEM32\MLJCSLIA.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{455ECFBC-91CB-4689-A6AF-4C78031FAA72}
HKCR\CLSID\{455ECFBC-91CB-4689-A6AF-4C78031FAA72}
HKCR\CLSID\{455ECFBC-91CB-4689-A6AF-4C78031FAA72}\InprocServer32
HKCR\CLSID\{455ECFBC-91CB-4689-A6AF-4C78031FAA72}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{455ECFBC-91CB-4689-A6AF-4C78031FAA72}
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\mlJCSlIA
Rootkit.SysRest-A
HKLM\System\ControlSet001\Services\sysrest.sys
C:\WINDOWS\SYSTEM32\SYSREST.SYS
HKLM\System\ControlSet001\Enum\Root\LEGACY_sysrest.sys
HKLM\System\ControlSet003\Services\sysrest.sys
HKLM\System\ControlSet003\Enum\Root\LEGACY_sysrest.sys
HKLM\System\CurrentControlSet\Services\sysrest.sys
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_sysrest.sys
Adware.Tracking Cookie
C:\Documents and Settings\navn\Cookies\navn@questionmarket[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@pro-market[2].txt
C:\Documents and Settings\navn\Cookies\navn@advertising[3].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@findwhat[1].txt
C:\Documents and Settings\navn\Cookies\navn@insightexpressai[2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@rambler[1].txt
C:\Documents and Settings\navn\Cookies\navn@revsci[1].txt
C:\Documents and Settings\navn\Cookies\navn@jh[2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@cassava[1].txt
C:\Documents and Settings\navn\Cookies\navn@adultfriendfinder[1].txt
C:\Documents and Settings\navn\Cookies\navn@loadsex[1].txt
C:\Documents and Settings\navn\Cookies\navn@tacoda[1].txt
C:\Documents and Settings\navn\Cookies\navn@crackle[1].txt
C:\Documents and Settings\navn\Cookies\navn@1072471539[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@adbrite[2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@list[2].txt
C:\Documents and Settings\navn\Cookies\navn@realmedia[2].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@atwola[2].txt
C:\Documents and Settings\navn\Cookies\navn@adtech[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@2o7[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@myroitracking[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@sexsearchcom[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@partypoker[2].txt
C:\Documents and Settings\navn\Cookies\navn@sexynatalie[1].txt
C:\Documents and Settings\navn\Cookies\navn@cgi-bin[2].txt
C:\Documents and Settings\navn\Cookies\navn@interclick[2].txt
C:\Documents and Settings\navn\Cookies\navn@spylog[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@toplist[1].txt
C:\Documents and Settings\navn\Cookies\navn@need2find[2].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@specificclick[2].txt
C:\Documents and Settings\navn\Cookies\navn@azjmp[2].txt
C:\Documents and Settings\navn\Cookies\navn@adrevolver[4].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@yadro[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@247realmedia[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@adecn[1].txt
C:\Documents and Settings\navn\Cookies\navn@cgi-bin[4].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@serving-sys[4].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@countomat[1].txt
C:\Documents and Settings\navn\Cookies\navn@votasexyono[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@youporn[2].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@xiti[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@atdmt[2].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@indextools[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@cgi-bin[1].txt
C:\Documents and Settings\navn\Cookies\navn@tribalfusion[2].txt
C:\Documents and Settings\navn\Cookies\navn@ad[2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@winanonymous[1].txt
C:\Documents and Settings\navn\Cookies\navn@hornyoyster[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@1055731211[1].txt
C:\Documents and Settings\navn\Cookies\navn@trafficmp[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@kontera[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@optimost[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@systemerrorfixer[1].txt
C:\Documents and Settings\navn\Cookies\navn@1040057370[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@searchfeed[1].txt
C:\Documents and Settings\navn\Cookies\navn@sexysms[1].txt
C:\Documents and Settings\navn\Cookies\navn@adnetserver[2].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@overture[2].txt
C:\Documents and Settings\navn\Cookies\navn@888[1].txt
C:\Documents and Settings\navn\Cookies\navn@tns-counter[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\navn@1071789980[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@adserver[1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\[email protected][2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
C:\Documents and Settings\navn\Cookies\navn@gadget[2].txt
C:\Documents and Settings\navn\Cookies\navn@advertising[1].txt
C:\Documents and Settings\navn\Cookies\navn@advertising[2].txt
C:\Documents and Settings\navn\Cookies\navn@adnetserver[1].txt
C:\Documents and Settings\navn\Cookies\navn@serving-sys[1].txt
C:\Documents and Settings\navn\Cookies\navn@serving-sys[2].txt
C:\Documents and Settings\navn\Cookies\[email protected][1].txt
Adware.Vundo Variant/Rel
HKLM\SOFTWARE\Microsoft\RemoveRP
Rogue.SpyShredder-Installer
C:\A
Trojan.Dropper/SVCHost-Fake
C:\WINDOWS\SVCHOST.EXE
Trojan.XpUpdate/Fake Alert
C:\WINDOWS\XPUPDATE.EXE
siste:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 08/21/2008 at 11:03 AM
Application Version : 4.15.1000
Core Rules Database Version : 3469
Trace Rules Database Version: 1460
Scan type : Quick Scan
Total Scan Time : 00:51:00
Memory items scanned : 404
Memory threats detected : 0
Registry items scanned : 348
Registry threats detected : 0
File items scanned : 48653
File threats detected : 0
-
Tenkte denne linken kunne være morsom å se på angående GPU temaet.
En GPU er ikke så generell som en CPU nei, men etter hvert som GPGPU`ene blir mer kraftige (nyeste fra ATI og nvidia) og programvaren gir støtte for crossfire/sli, flere GPU`er på samme kort. kommer regnekraften til å gå til himmels.
Eller man kan sitte seg ned å vente på kvantemaskiner.
-
hvis den var på, så var den på. desverre. Prøv å gjøre som donnieakalefty sa. hvis den fungerer i en annen datamaskin og alt er tipp topp så er du heldig.
Hvis Maxtor`en ikke dukker opp i BIOS er det nytteløst for den "vanlige mann i gata". Du kan ta å legge disken i fryseren over natta, men det er en siste utvei og vil ikke holde mer enn i noen timer.
Bare spør om det er noe mer.
-
Tror (vet egentlig) at dette er ikke lov til å spørre om.
-
-
ah, trodde at DX9 var noe du måtte installiere utenom på Vista.
(lenge leve forum og folk som kan andre ting enn meg
)
Jaja, uansett er det vel greit å oppdatere 9.0c versjonen
-
Meg bekjent skal man "ikke" installere DX90b på Vista.
Vista's native DX10 har bakoverkompabilitet til å kjøre DX9 - DX8 osv.
Hmm, var det ikke slik at DX10 IKKE var bakoverkompatibel med DX9 og nedover...
Høres ut som du har en gammel versjon at nieren, har du prøvd å laste ned de siste driverene
-
Prøvd med en diskett? Lag en oppstarts diskett, da kommer du forhåpentlig vis inn i DOS, fra der -tror- jeg du kan kopiere filer ifra en USB-minnebrikke.
Prøv å flash BIOS, enten med en nyere eller en eldre version.
NØDLØSNING: du kan at og koble lapptoppens HDD til en annen maskin og derfra installiere Win2000, MEN for at dette skal gå smertefritt må du ha en likt hovedkort på den andre maskinen. Ellers vil maskinen være ustabil eller i verste tillfelle ikke starte.
Hvis du er så heldig at du har en lik maskin er du "home free" som de sier over dammen, hvis ikke prøv alikevell.
Hvis du er så heldig at den starter opp i Windows, må du ta en eller tre restart for at maskinen skal finne ut at den har fått en ny maskin "å bo i". å finne drivere til hele PC`en er et must...
-
med "nettet", mener du dele som i over LAN, eller som i internett?
Windows fungerer fint i første tillfellet.
En FTP server fungerer best i det begge.
-
som sagt det står hva du må gjøre, bare gjør det samme som sist gang, dvs: start -> kjør -> cmd.
chkdsk G: /F /X
så skriv inn dette:
convert G: /FS:NTFS -X
-
Det som jeg skrev over, da mister du ikke noe data
Hvor stor plass trengs for partisjon med windows filer? (LØST)
i Operativsystemer
Skrevet
Jeg har en partisjon på ca. 20GB på min lappetopp, av det har jeg 3 GB ledig.
Jeg vil ambefale en 30-50GB pga bedre plass pluss at da for windows ta flere system restore punker