![](https://www.diskusjon.no/uploads/set_resources_15/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
Druingz
-
Innlegg
41 -
Ble med
-
Besøkte siden sist
Innholdstype
Profiler
Forum
Hendelser
Blogger
Om forumet
Innlegg skrevet av Druingz
-
-
Okei. Takker så mye for hjelpen. Satser på at eg ikke blir hacka i løpet av natten da =)
-
Her er fra Virus total
File flashax.exe received on 04.04.2008 23:22:29 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 1/32 (3.13%)
Loading server information...
Your file is queued in position: 15.
Estimated start time is between 83 and 119 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.
You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:
Antivirus Version Last Update Result
AhnLab-V3 2008.4.4.1 2008.04.04 -
AntiVir 7.6.0.81 2008.04.04 -
Authentium 4.93.8 2008.04.04 -
Avast 4.7.1098.0 2008.04.04 -
AVG 7.5.0.516 2008.04.04 -
BitDefender 7.2 2008.04.04 -
CAT-QuickHeal 9.50 2008.04.04 -
ClamAV 0.92.1 2008.04.04 -
DrWeb 4.44.0.09170 2008.04.04 -
eSafe 7.0.15.0 2008.04.01 -
eTrust-Vet 31.3.5670 2008.04.04 -
Ewido 4.0 2008.04.04 -
F-Prot 4.4.2.54 2008.04.04 -
F-Secure 6.70.13260.0 2008.04.04 -
FileAdvisor 1 2008.04.04 No threat detected, but known vulnerabilities exist
Fortinet 3.14.0.0 2008.04.04 -
Ikarus T3.1.1.20 2008.04.04 -
Kaspersky 7.0.0.125 2008.04.04 -
McAfee 5267 2008.04.04 -
Microsoft 1.3408 2008.04.03 -
NOD32v2 3003 2008.04.04 -
Norman 5.80.02 2008.04.04 -
Panda 9.0.0.4 2008.04.04 -
Prevx1 V2 2008.04.04 -
Rising 20.38.60.00 2008.04.03 -
Sophos 4.28.0 2008.04.04 -
Sunbelt 3.0.978.0 2008.03.18 -
Symantec 10 2008.04.04 -
TheHacker 6.2.92.265 2008.04.04 -
VBA32 3.12.6.3 2008.03.25 -
VirusBuster 4.3.26:9 2008.04.04 -
Webwasher-Gateway 6.6.2 2008.04.04 -
Additional information
File size: 606848 bytes
MD5...: a16126510106990df3e4445191adead8
SHA1..: 444b40b55c52b57472a6011ea7bdc5e2566e0242
SHA256: d3eb813e23cbbdc7c2b289e849064b1505f1d906b9c1d244d73a6f0702579598
SHA512: 7c5de3d51c9c3845237daf832cbff39b0d588826c1315ee944b528402c156a4e
945eb9f936fe0c9dcf455506a6c7b65bfe5aef39f02e91dbb4bbc3ffe9163df8
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10065c0
timedatestamp.....: 0x32d64001 (Fri Jan 10 13:11:29 1997)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xf78c 0xf800 6.50 76d3a10694feea19b07d36ef95096717
.data 0x11000 0x941c 0x3400 1.90 14ad842169a441882dfc3613c64c88d0
.rsrc 0x1b000 0x7e000 0x7dc00 7.95 29661ae0cb7392a9d3a623bd184011b6
.reloc 0x99000 0x1848 0x1a00 5.58 531fb64130d5b5539ef767bd8109c292
( 6 imports )
> ADVAPI32.dll: RegDeleteValueA, EqualSid, AllocateAndInitializeSid, GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCloseKey, FreeSid, RegOpenKeyExA, RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegOpenKeyA, RegQueryInfoKeyA
> KERNEL32.dll: lstrcatA, GetFileAttributesA, lstrlenA, lstrcmpiA, GetPrivateProfileStringA, GetCurrentProcess, GetPrivateProfileIntA, lstrcpyA, GetModuleFileNameA, RemoveDirectoryA, FindClose, FindNextFileA, DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, _lclose, _llseek, _lopen, GetWindowsDirectoryA, CreateDirectoryA, GetSystemDirectoryA, GlobalUnlock, GlobalFree, GlobalLock, GlobalAlloc, LoadResource, CreateMutexA, GetLastError, SetEvent, CreateEventA, SetCurrentDirectoryA, TerminateThread, ResetEvent, CreateThread, GetVersionExA, FormatMessageA, FreeLibrary, GetProcAddress, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, GetTempPathA, LoadLibraryA, FreeResource, LockResource, SizeofResource, CreateFileA, ReadFile, WriteFile, LocalAlloc, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime, GetTempFileNameA, GetSystemInfo, GetDiskFreeSpaceA, FindResourceA, GetDriveTypeA, GetVolumeInformationA, GetCurrentDirectoryA, LoadLibraryExA, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersion, ExitProcess, TerminateProcess, LocalFree, UnhandledExceptionFilter, FreeEnvironmentStringsA, MultiByteToWideChar, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, WideCharToMultiByte, GetCPInfo, GetACP, GetOEMCP, SetHandleCount, GetFileType, GetStdHandle, DeleteCriticalSection, GetCurrentThreadId, TlsSetValue, TlsAlloc, SetLastError, TlsGetValue, HeapDestroy, HeapCreate, VirtualFree, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, HeapFree, HeapAlloc, VirtualAlloc, GetLocaleInfoA, GetLocaleInfoW, FlushFileBuffers, SetStdHandle, CloseHandle, lstrcpynA, SetFilePointer, RtlUnwind
> GDI32.dll: GetDeviceCaps
> USER32.dll: PeekMessageA, LoadStringA, GetDesktopWindow, wsprintfA, ExitWindowsEx, CharPrevA, CharNextA, SetWindowLongA, GetWindowLongA, CallWindowProcA, GetDlgItem, SetForegroundWindow, SetWindowTextA, SendDlgItemMessageA, GetDlgItemTextA, EnableWindow, SendMessageA, SetDlgItemTextA, DispatchMessageA, MsgWaitForMultipleObjects, MessageBoxA, SetWindowPos, ReleaseDC, GetDC, GetWindowRect, ShowWindow, DialogBoxIndirectParamA, MessageBeep, EndDialog
> COMCTL32.dll: -
> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
( 0 exports )
Bit9 info: http://fileadvisor.bit9.com/services/extin...3e4445191adead8
-
Eg gikk inn på en link som eg ikke burde gå inn på på wow forumet. Såg deretter at folk advarte mot at det var en keylogger. Kan gi en link om du vil det.
Avast fant heller ingenting.
Her er loggen fra combofix:
ComboFix 08-04-03.5 - André 2008-04-04 22:39:55.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1044.18.1008 [GMT 2:00]
Running from: C:\Users\André\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2008-03-04 to 2008-04-04 )))))))))))))))))))))))))))))))
.
2008-04-04 21:49 . 2008-03-29 19:31 75,856 --a------ C:\Windows\System32\drivers\aswSP.sys
2008-04-04 21:49 . 2008-03-29 19:35 20,560 --a------ C:\Windows\System32\drivers\aswFsBlk.sys
2008-03-19 12:31 . 2008-03-19 12:31 288,582,209 --a------ C:\Windows\MEMORY.DMP
2008-03-15 21:56 . 2008-03-15 22:08 146,927,720 --a------ C:\Users\André\WoW-2.3.3.7799-to-0.4.0.7897-enGB-patch.exe
2008-03-15 21:56 . 2008-03-15 22:08 146,927,720 --a------ C:\Users\André\WoW-2.3.3.7799-to-0.4.0.7897-enGB-patch.exe
2008-03-12 05:49 . 2007-12-17 00:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-03-12 05:49 . 2007-12-16 11:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
2008-03-11 19:58 . 2008-03-11 19:58 <DIR> d-------- C:\Users\André\AppData\Roaming\Creative
2008-03-10 15:48 . 2008-03-10 15:48 <DIR> d-------- C:\Windows\xrayScreensaver2 dir
2008-03-10 15:48 . 2008-03-10 15:48 606,848 --a------ C:\Windows\flashax.exe
2008-03-10 15:48 . 2008-03-10 15:48 194,560 --a------ C:\Windows\xrayScreensaver2.scr
2008-03-10 15:48 . 2008-03-10 15:48 12,288 --a------ C:\Windows\impborl.dll
2008-03-09 20:44 . 2008-03-09 20:44 <DIR> d-------- C:\Program Files\Ventrilo
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-04 20:40 3,407,872 --sha-w C:\Users\André\ntuser.dat
2008-04-04 20:40 3,407,872 --sha-w C:\Users\André\ntuser.dat
2008-04-04 20:04 --------- d-----w C:\Users\André\AppData\Roaming\OpenOffice.org2
2008-04-04 19:55 159,147 ----a-w C:\Users\André\AppData\Roaming\nvModes.dat
2008-04-04 12:44 --------- d-----w C:\Users\André\AppData\Roaming\LimeWire
2008-04-04 12:31 --------- d-----w C:\Users\André\AppData\Roaming\Azureus
2008-04-02 09:40 --------- d-----w C:\Program Files\World of Warcraft
2008-03-29 17:45 1,146,232 ----a-w C:\Windows\System32\aswBoot.exe
2008-03-29 17:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-03-29 17:29 23,152 ----a-w C:\Windows\system32\drivers\aswRdr.sys
2008-03-29 17:27 42,912 ----a-w C:\Windows\system32\drivers\aswTdi.sys
2008-03-29 17:23 95,608 ----a-w C:\Windows\System32\AvastSS.scr
2008-03-23 16:45 --------- d-----w C:\Users\André\AppData\Roaming\Real
2008-03-15 20:08 146,927,720 ----a-w C:\Users\André\WoW-2.3.3.7799-to-0.4.0.7897-enGB-patch.exe
2008-03-15 20:08 146,927,720 ----a-w C:\Users\André\WoW-2.3.3.7799-to-0.4.0.7897-enGB-patch.exe
2008-03-13 02:11 --------- d-----w C:\Program Files\Windows Mail
2008-03-13 02:05 --------- d-----w C:\ProgramData\Microsoft Help
2008-03-11 17:58 --------- d-----w C:\Users\André\AppData\Roaming\Creative
2008-03-10 20:57 --------- d-----w C:\Program Files\Azureus
2008-03-09 18:43 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-08 17:56 --------- d-----w C:\Program Files\Notebook Hardware Control
2008-03-08 17:49 103,736 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-03-06 16:13 --------- d---a-w C:\ProgramData\TEMP
2008-03-01 23:46 --------- d-----w C:\Users\André\AppData\Roaming\Winamp
2008-03-01 23:19 --------- d-----w C:\Program Files\Winamp
2008-03-01 20:44 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-02-23 11:46 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-23 11:46 --------- d-----w C:\Program Files\Creative
2008-02-13 10:39 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 10:39 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 10:36 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 10:36 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 10:36 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 10:36 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 10:36 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-13 10:36 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 10:36 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 10:35 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 10:35 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 10:35 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 10:35 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 10:35 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 10:35 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 10:35 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 10:35 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 10:35 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 10:35 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 10:35 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-13 10:33 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 10:33 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 10:33 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 10:33 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-07 18:24 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe
2008-02-07 16:21 22,328 ----a-w C:\Users\André\AppData\Roaming\PnkBstrK.sys
2008-02-07 16:03 --------- d-----w C:\Program Files\Activision
2008-02-05 20:46 --------- d--h--w C:\Program Files\Creative Installation Information
2008-02-05 20:45 --------- d-----w C:\Program Files\Common Files\Creative
2008-02-04 16:17 --------- d-----w C:\ProgramData\Azureus
2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-01-10 02:01 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-04 21:59 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-01-04 21:58 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-01-04 21:58 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-01-04 21:58 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-01-04 21:57 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-01-04 21:57 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-01-04 21:57 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-01-04 21:57 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-01-04 21:57 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-01-04 21:57 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-01-04 21:57 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-01-04 21:57 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-01-04 21:56 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-01-04 21:56 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2007-12-24 21:07 174 --sha-w C:\Program Files\desktop.ini
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 04:01 1232896]
"Acer Tour Reminder"="" []
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440]
"Generic Host Process for Win32 Services"="svchosts.exe" []
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 17:46 1460560]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-03-07 18:47 843776]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36 201728]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Generic Host Process for Win32 Services"="svchosts.exe" []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-08-16 06:05 1006264]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-09 07:09 865840]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 04:38 40048]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 16:33 457216]
"eAudio"="C:\Acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 14:54 1286144]
"Acer Tour"="" []
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-06-26 09:33 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-06-26 09:32 8433664]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-06-26 09:33 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-04 12:39 4702208 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [2007-09-04 12:39 1826816 C:\Windows\SkyTel.exe]
"PLFSet"="C:\Windows\PLFSet.dll" [2007-04-25 14:47 45056]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 15:37 174872]
"SetPanel"="C:\Acer\APanel\APanel.cmd" [ ]
"LManager"="C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE" [2007-07-31 03:36 707080]
"PlayMovie"="C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-24 14:38 206952]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 22:48 57344]
"eRecoveryService"="" []
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-08-01 18:30 151552]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"Updater"="C:\Windows\system32\updater\explorer.exe" [2007-11-15 16:59 1476987]
"Generic Host Process for Win32 Services"="svchosts.exe" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-11 16:53 185896]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 16:27 385024]
"CreativeMS2020"="C:\Program Files\Creative\Fatal1ty Professional Laser Mouse\ctusbms.exe" [2006-05-09 14:58 143360]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54 37376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Generic Host Process for Win32 Services"="svchosts.exe" []
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-08-01 18:30 151552]
C:\Users\Andr‚\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-09-11 06:43:54 393216]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe [2007-12-24 22:42:26 1208320]
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-03-29 14:11:50 719664]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-08-16 06:52:34 535336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM
"MSVideo8"= VfWWDM32.dll
"VIDC.FPS1"= frapsvid.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{AE2BF644-D639-445C-84C4-ED01488B8E04}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{C838F199-B1ED-4E88-AEBF-E9A4D29805AC}"= C:\Program Files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
"{AEFAA8AC-EDC0-4749-A353-C462F267EB99}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
"{4660D352-2FAC-4636-AB0B-D8372BE3D089}"= C:\Program Files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard
"{069A8F76-CA27-471B-B85B-BB1463800054}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DA2ADCFE-F75E-4C7B-BC68-8D688E3BC345}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{A68FF2E9-962D-46CD-BEA9-C4DA6E0BB2E8}"= C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
"{883A8489-3088-4340-8A44-E0260072428F}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie
"{599700F8-F2A9-42F0-9468-49F9C934A1F1}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program
"{754AA326-74FF-46A6-BD52-856BFF1AD4D4}"= C:\Program Files\Acer\Acer VCM\VC.exe:Acer VCM
"{890DD9B5-4EE6-406A-90BC-0DC1DB0A9F5A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6B4E9696-F9CD-472D-81B7-B352C72677CC}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{F50DEECA-EF7C-463E-91B3-5B2DB98AD30A}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{CBFDCC41-6521-4C78-A1F7-C2A98A4C4960}C:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-engb-patch-downloader.exe"= UDP:C:\program files\world of warcraft\wow-1.12.x-to-2.0.1-engb-patch-downloader.exe:Blizzard Downloader
"UDP Query User{D7AFD52E-3A10-4F78-9E92-A586561EF71A}C:\\program files\\world of warcraft\\wow-1.12.x-to-2.0.1-engb-patch-downloader.exe"= TCP:C:\program files\world of warcraft\wow-1.12.x-to-2.0.1-engb-patch-downloader.exe:Blizzard Downloader
"TCP Query User{B05F4EC9-62F0-42B2-A818-0237161F24A8}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{CBDE62CE-0358-4B94-903C-5F2588F2C456}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{FE3D4FDC-A1B8-400E-BA05-3B97880B2D68}C:\\program files\\world of warcraft\\wow-2.3.0-engb-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.3.0-engb-downloader.exe:Blizzard Downloader
"UDP Query User{1811586E-A84A-4C98-A009-E58163A00AD9}C:\\program files\\world of warcraft\\wow-2.3.0-engb-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.3.0-engb-downloader.exe:Blizzard Downloader
"TCP Query User{53800CFD-8C2E-4E6A-B12D-7A3281410BAA}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{C5ED8FC8-2B92-4187-A6C4-27C44DF1D2CC}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{28AA94D8-5117-4662-B72A-7AEABC98A9E9}C:\\program files\\world of warcraft\\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe:Blizzard Downloader
"UDP Query User{78ACABDA-D08E-4922-871C-71571552C79A}C:\\program files\\world of warcraft\\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe:Blizzard Downloader
"{2B428DB7-1C0E-47D5-A20E-A9B0C505E92D}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{F32E7A2F-33C4-4DD8-9DEF-E015D0F5B1F5}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"TCP Query User{FE1EC01D-5A00-4BC1-A116-924F615A8D9E}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{9DD7538D-C560-42CC-82AF-B4EA79294300}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{F9336076-CB0D-47A1-9D64-329D566C63B8}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{E6AA25B3-4AC6-4BB5-BE36-3504AA226987}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"TCP Query User{E13D7A32-9CFF-449D-ACF6-E1A6CE5BB24F}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{F0F867E9-C62B-47C9-88AC-92168E295EB3}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"{0407BA78-E312-4859-89AD-13F9F55F6E11}"= UDP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{FAD6EC0C-D871-4D66-971A-DF3F3DBA1A1C}"= TCP:C:\Windows\System32\PnkBstrA.exe:PnkBstrA
"{C0B234F7-6DA2-404A-906E-3833E64492B7}"= UDP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"{8CD1F7FC-24D4-46A3-B5C1-D22203AFD3F5}"= TCP:C:\Windows\System32\PnkBstrB.exe:PnkBstrB
"TCP Query User{C9E3CA40-0951-49C9-97B7-6C5047FF397D}C:\\program files\\activision\\call of duty 4 - modern warfare\\iw3mp.exe"= UDP:C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe:iw3mp
"UDP Query User{4A0B0D4B-F8FA-4093-81F4-9C0F43F43DB4}C:\\program files\\activision\\call of duty 4 - modern warfare\\iw3mp.exe"= TCP:C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe:iw3mp
"{BFAD86F1-327A-4619-86AC-CF286E58E635}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare
"{DAB8E03E-0FAB-48D0-8FA3-5D916F73221B}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare
"{F2B60A0F-0444-43AD-9A7A-9561E3260C38}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{A548A92D-C153-4A44-ACBA-297CE5C85001}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{54C74A2B-9F38-444A-9801-6A0923112ACA}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{A055D4EE-082E-42A7-84BC-9051E5B7A278}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{E5436ED5-7810-4F52-88DD-1AC9769AB5AD}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{3AB868CB-5551-4967-9B20-06A14F38A6E6}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{86CBC6B0-3199-4069-8439-089D138FC14A}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{15055087-142F-4215-AA4B-3911AA4755EB}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"TCP Query User{BFF67AC6-95DF-4C33-A559-166C9C2D2E73}C:\\windows\\winsxs\\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16609_none_2d84c3fd1ccfd3e7\\iexplore.exe"= UDP:C:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16609_none_2d84c3fd1ccfd3e7\iexplore.exe:Internet Explorer
"UDP Query User{1BD9F6EE-1D6C-4D07-AAFA-AB9D02768DED}C:\\windows\\winsxs\\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16609_none_2d84c3fd1ccfd3e7\\iexplore.exe"= TCP:C:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16609_none_2d84c3fd1ccfd3e7\iexplore.exe:Internet Explorer
"TCP Query User{D5B88F53-8FB1-4FA6-83AB-031E7185A7EC}C:\\users\\andré\\downloads\\wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe"= UDP:C:\users\andré\downloads\wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe:wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe
"UDP Query User{AFEE4956-1EE9-4C23-9DD7-07702937255A}C:\\users\\andré\\downloads\\wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe"= TCP:C:\users\andré\downloads\wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe:wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe
"TCP Query User{833A07FF-C727-4A4A-AB26-AFDD50C8E385}C:\\users\\andré\\desktop\\wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe"= UDP:C:\users\andré\desktop\wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe:wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe
"UDP Query User{22E5B5AB-40E5-4410-91D0-8897EEA9E37E}C:\\users\\andré\\desktop\\wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe"= TCP:C:\users\andré\desktop\wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe:wow-2.3.3.7799-to-0.4.0.7897-engb-downloader.exe
"TCP Query User{DFDC80E1-7961-481F-96CE-0C56A5B052CA}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= UDP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{46A0EF13-99B0-4CE1-86B2-0474CEC563BD}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= TCP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption
R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 16:34]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16:34]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 16:34]
R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2006-11-02 17:51]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-04-25 16:34]
R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-06-13 16:54]
R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-06-28 18:50]
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 12:57]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 17:46]
R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-06-13 12:23]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-06-26 09:33]
R3 winbondcir;Winbond IR Transceiver;C:\Windows\system32\DRIVERS\winbondcir.sys [2007-04-19 09:09]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 09:03]
S3 btwaudio;Bluetooth-lydenhet;C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 21:46]
S3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 08:20]
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 08:20]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{04262e44-b28d-11dc-8157-806e6f6e6963}]
\shell\AutoRun\command - F:\Setup.exe
*Newly Created Service* - ASWFSBLK
*Newly Created Service* - ASWSP
.
Contents of the 'Scheduled Tasks' folder
"2008-01-02 13:54:39 C:\Windows\Tasks\Uniblue SpyEraser.job"
- C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-04 22:42:13
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-04-04 22:42:58
ComboFix-quarantined-files.txt 2008-04-04 20:42:53
ComboFix2.txt 2008-01-24 08:45:07
Pre-Run: 11,690,688,512 byte ledig
Post-Run: 11,674,136,576 byte ledig
.
2008-04-04 16:28:09 --- E O F ---
-
Ey
Eg tror eg har fåt en keylogger installert på pcen(som stjeler, for det eg veit, wow passordet og brukernavnet ditt). SpyBot fant ingenting. Holder på å scanne med avast. Vist den heller ikke finner noe, er det noen grunn til bekymring.
-
jaja. Men det er det samme greiene heile tida ;[
-
Hei. Når jeg prøver å lage en ny snarvei på skrivebordet, venstreklikk > ny > snarvei, Skjer det ingenting. Noen som vet hva det kan vere?
-
hvor mange sesonger er det av scrubs?
-
når eg fikk min aspire 5920 så ville den ikke starte når eg hadde hatt den noen dager. ser ut som at det har gitt seg no. vetjse ka det er.
-
takker for svar
Skal prøve å heve maskinen med ett eller annet og se om det blir nokke bedre =)
-
Hei. Eg har en Acer aspire 5920g, som blir veldig varm når eg spiller, som f.eks wow. Når den blir varm begynner alt å hakke og musa går tregt og hakkete over skjermen. Pcen står kun på hard underlag men virka ikke som at vifta klara å kjøle ned maskina godt nokk.
Noen forslag til hva eg kan gjøre?
-
et klistermerke som eg kan feste på ting(før eg mister de), som kan man kan spore med et instrument som piper jo nærmere man kommer det. som f.eks er mobilen min (og laderen -.-) vekke, og har vert det i et halvt år no.
-
Det står at man trenger minst -0,5 syn styrke på begge øynene, ukorigert. Er det uten briller og linser, eller kommer man ikke inn med laseropperert syn?
-
Ser ut som at eg har fikset det nå. Takker så mye
Men med hver gang eg opner Internett Explorer kommer det en boks opp som sier:
Finner ikke ::{2559A1F4-21D7-11D4-BDAF-00C04F60B9F0}. Kontroller at banen eller internett adressen er riktig.
Og når eg trykker OK, forsvinner den og eg kommer inn på Internett Explorer. Hva i all verden er det for noe?
-
Heisann.
Når eg skanner pcen min med SpyBot, får eg vite at eg har ett problem på pcen: Smitfraud-C.generic.
Når eg prøver å fjerne denne får eg medling om at eg ikke er administrator, men eg fortsetter, og får meldingen:
Unexpected error in fixing problems
(Cannot create file "C:\\Windows\wininit.ini". Ingen tilgang)
Smitfraud-C.generic er ikke blit fjernet.
Eg har også opplevd at pcen ikke starter ordentlig, skjermen og viftene skrur seg av men pcen går fortsatt, kanskje det har noe med Smitfraud å gjøre?
Kan noen hjelpe ?
-
Hei, stefaren min har fått seg en iPod Touch. Men han får ikke til å koble den til tv'en. Han har koblet i den medfølgende ledningen, vet ikke hva den heter
, som kobles til en av kontakt. Men den viser ingenting på tv'en.
Noen som kan hjelpe med hva som eg galt ? kansje det er noen ville innstillinger han må stille på?
-
absolutt et flott bilde.
-
Hei igjen.
Eg har scannet maskinen med Ad-Aware 2007. Fant 41 infiserte filer og eg fikk sletta de. Holder på å scanne nå med Avast antivirus. Internetten på maskinen ser ut til å funke veldig bra, i alle fall så langt.
Får se kordan det går.
Eg bruker vanligvist Avast, og ad-aware. Eg har Vista home premium.
Takker for tilbakemeldinger =)
-
Heisann.
Eg har en helt ny bærbar pc, Acer aspire 5920g. Etter å ha brukt den noen dager, kom det opp at svchosts.exe trengte godkjenning for å koble til. Eg var ikke sikker på hva det var, så eg krysset det bare bort. Men etter at eg gjorde det har internettet på pcen slutta nesten helt å funke etter at pcen har stått på i ca 1 min. Med en gang eg har slått på pcen så funka internettet som det skal, men etter et minutt funker den nesten ikke eller ikke i det hele tatt, selv om pcen gir beskjed om at nettet er kobla til og funker som bare det.
Andre pcer som eg har, har ingen problem når de er kobla til nettet mitt.
Noen som har en idé om hva som kan vere galt og hva eg må gjøre for å fikse dette?
Lag dine egne titler for spill! Navnegenerator...
i Humor
Skrevet
Erotic Dwarf Crime Scene Investigation
heh..