Brugi
-
Innlegg
12 -
Ble med
-
Besøkte siden sist
Innholdstype
Profiler
Forum
Hendelser
Blogger
Om forumet
Innlegg skrevet av Brugi
-
-
Hei, jeg er har akkurat begynt å se på å overklokke cpu da jeg nylig har fattet interesse for slikt. Jeg har en Intel I7 4770k(Haswell) med en corsair H60 vannkjøler. Begynte å stressteste på standard innstillinger 3900Mhz med auto volt. Da var temperaturen oppe i rundt 45c idle og 90c på full load, og Core Voltage gikk opp til ca 1.250v. Jeg kjøpte ny kjølepasta, med den gikk temperaturen ned til 35c idle men max temp ble fortsatt 90c på full load. Til slutt satt jeg voltage manuelt til 1.1 og kjørte testen på nytt. Jeg kjørte p95 en time og ligger for det meste rundt 60c, og max temp er 79c.
Det jeg lurer på er om jeg har rom for å overklokke noe i det hele tatt? Trenger jeg bedre vannkjøler, eller har jeg bare vært uheldig med prosessoren?
Googlet litt rundt å det virker å være mye uenighet om hva som er greie temperaturer.
Utstyret er ca 1.5 år gammelt
-
D2D, brukte alltså partisjonen ved trykke alt+F10. skjønner hva problemet er, men ikke hvorfor det skjer :/
-
Jeg har en bærbar pc, type acer aspire 8935g. Den ble levert med windows vista home premium 32-bit. Jeg brukte acers upgrade offer til å sakffe meg tilsvarende versjon av windows 7. Jeg fikk et problem med skrivebordet, alle oppgaver og programmer på skrivebordet kjørte ekstremt sakte. Så bestemte jeg meg for å kjøre acer eRecovery, og reinnstalere alt til fabrikkstandar (vista). Et stykke ut i reinnstalasjonen fikk jeg en feilmelding, feilkode 1117 - "The request could not be performed because of an I/O device error". Jeg lurer på hvorfor dette skjer, takker for alle svar.
-
Har også kjørt CCleaner en rekke ganger, problemet er der fortsatt.
-
Ja håper det gir resultater, for det er irriterende uten lyd på datan :/
ComboFix 09-05-16.03 - Bruginator 16.05.2009 22:08.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.2046.1473 [GMT 2:00]
Kjører fra: c:\documents and settings\Bruginator\Skrivebord\ComboFix.exe
Command switches brukt :: c:\documents and settings\Bruginator\Skrivebord\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090515-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!
FILE ::
c:\docume~1\BRUGIN~1\LOKALE~1\Temp\lac97inf.sys
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2009-04-16 til 2009-05-16 )))))))))))))))))))))))))))))))))
.
2009-05-16 14:44 . 2009-05-16 14:44 -------- d-----w c:\programfiler\JRE
2009-05-16 14:31 . 2009-05-16 14:31 -------- d-----w c:\documents and settings\Bruginator\Programdata\OpenOffice.org
2009-05-16 14:30 . 2009-05-16 14:44 -------- d-----w c:\programfiler\OpenOffice.org 3
2009-05-16 13:45 . 2009-05-16 13:45 -------- d-----w c:\documents and settings\Bruginator\Programdata\Malwarebytes
2009-05-16 13:45 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-16 13:45 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-16 13:45 . 2009-05-16 13:45 -------- d-----w c:\documents and settings\All Users.WINDOWS\Programdata\Malwarebytes
2009-05-16 13:45 . 2009-05-16 13:45 -------- d-----w c:\programfiler\Malwarebytes' Anti-Malware
2009-05-16 12:18 . 2009-05-16 12:25 -------- d-----w c:\programfiler\Google
2009-05-16 12:18 . 2009-05-16 12:22 -------- d-----w c:\windows\LastGood
2009-05-16 12:16 . 2009-05-16 12:16 -------- d-sh--w c:\documents and settings\Bruginator\IECompatCache
2009-05-16 12:15 . 2009-05-16 12:15 -------- d-sh--w c:\documents and settings\Bruginator\PrivacIE
2009-05-11 17:08 . 2009-05-11 17:08 -------- d-sh--w c:\documents and settings\NetworkService.NT-MYNDIGHET\IETldCache
2009-05-11 17:05 . 2009-05-11 17:05 -------- d-sh--w c:\documents and settings\Bruginator\IETldCache
2009-05-10 23:20 . 2009-05-10 23:20 -------- d-----w c:\windows\ie8updates
2009-05-10 23:20 . 2009-04-25 05:30 102400 -c----w c:\windows\system32\dllcache\iecompat.dll
2009-05-10 23:19 . 2009-05-10 23:20 -------- dc-h--w c:\windows\ie8
2009-05-10 22:57 . 2009-05-10 22:58 -------- d-----w C:\e9cbded051f93498780f
2009-04-25 14:47 . 2009-04-25 14:47 -------- d-----w c:\programfiler\iPod
2009-04-25 14:47 . 2009-04-25 14:47 -------- d-----w c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-25 14:47 . 2009-04-25 14:47 -------- d-----w c:\programfiler\iTunes
2009-04-25 14:41 . 2009-04-25 14:43 -------- d-----w c:\programfiler\QuickTime
2009-04-25 14:37 . 2009-03-26 13:23 1900544 ----a-w c:\windows\system32\usbaaplrc.dll
2009-04-25 14:33 . 2009-04-25 14:33 -------- d-----w c:\programfiler\Bonjour
2009-04-25 11:53 . 2009-04-26 08:29 -------- d-----w c:\programfiler\DAEMON Tools Lite
2009-04-25 11:46 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-25 11:46 . 2009-03-06 14:24 284160 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-25 11:46 . 2009-02-09 11:27 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-25 11:46 . 2009-02-09 10:56 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-25 11:46 . 2009-02-09 10:56 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-25 11:46 . 2009-02-09 10:56 680448 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-25 11:46 . 2009-02-09 10:56 729088 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-25 11:46 . 2009-02-09 10:56 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-25 11:46 . 2009-02-09 10:56 710656 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-25 11:46 . 2008-04-21 21:16 217088 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-21 22:20 . 2009-04-21 22:20 14311680 ----a-w c:\windows\system32\xlive.dll
2009-04-21 22:20 . 2009-04-21 22:20 13642496 ----a-w c:\windows\system32\xlivefnt.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-16 19:54 . 2008-05-31 14:52 17672 ----a-w c:\documents and settings\Bruginator\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT
2009-05-16 16:29 . 2008-07-28 17:54 -------- d-----w c:\programfiler\World of Warcraft
2009-05-16 14:29 . 2008-05-31 15:05 -------- d-----w c:\programfiler\OpenOffice.org 2.4
2009-05-10 23:02 . 2004-08-04 12:00 79838 ----a-w c:\windows\system32\perfc014.dat
2009-05-10 23:02 . 2004-08-04 12:00 444344 ----a-w c:\windows\system32\perfh014.dat
2009-05-01 12:05 . 2008-12-22 22:51 -------- d-----w c:\programfiler\Curse
2009-04-26 09:21 . 2008-05-31 14:34 -------- d-----w c:\programfiler\Java
2009-04-25 14:47 . 2007-07-16 11:33 -------- d-----w c:\programfiler\Fellesfiler\Apple
2009-04-25 12:36 . 2008-10-02 21:44 -------- d-----w c:\programfiler\Guild Wars
2009-04-25 11:53 . 2008-10-20 14:49 -------- d-----w c:\programfiler\DAEMON Tools Toolbar
2009-04-25 11:47 . 2008-06-10 17:09 721904 ----a-w c:\windows\system32\drivers\sptd.sys
2009-03-26 13:23 . 2008-11-03 19:08 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-19 14:32 . 2008-11-03 19:09 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-09 03:19 . 2008-11-26 15:42 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 02:34 . 2004-08-04 12:00 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 02:34 . 2004-08-04 12:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 02:33 . 2004-08-04 12:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 02:33 . 2004-08-04 12:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 02:32 . 2004-08-04 12:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 02:32 . 2004-08-04 12:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 02:31 . 2004-08-04 12:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 02:31 . 2004-08-04 12:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 02:31 . 2004-08-04 12:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 02:22 . 2004-08-04 12:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:24 . 2004-08-04 12:00 284160 ----a-w c:\windows\system32\pdh.dll
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"CTZDetec.exe"="c:\programfiler\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"Google Update"="c:\documents and settings\Bruginator\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" [2008-12-21 133104]
"DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"CurseClient"="c:\programfiler\Curse\CurseClient.exe" [2009-05-14 1933312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1970176]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Lycosa"="c:\programfiler\Razer\Lycosa\razerhid.exe" [2008-10-16 147456]
"QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-04-07 16859136]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 11:41 294912 ----a-w c:\programfiler\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programfiler\\Steam\\steamapps\\common\\trackmania nations forever\\TmForever.exe"=
"c:\\Programfiler\\uTorrent\\uTorrent.exe"=
"c:\\Programfiler\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"c:\\Programfiler\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Programfiler\\SEGA\\Medieval II Total War\\medieval2.exe"=
"c:\\Programfiler\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Programfiler\\LucasArts\\SWKotOR2\\swupdate.exe"=
"c:\\Programfiler\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Programfiler\\THQ\\Dawn Of War\\W40k.exe"=
"c:\\Programfiler\\THQ\\Dawn Of War\\W40kWA.exe"=
"c:\\Programfiler\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Programfiler\\THQ\\Dawn of War - Soulstorm\\Soulstorm.exe"=
"c:\\Programfiler\\mIRC\\mirc.exe"=
"c:\\Programfiler\\Microsoft Games\\Halo\\halo.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programfiler\\Microsoft Games\\Halo 2\\halo2.exe"=
"c:\\Programfiler\\Psygnosis\\Rollcage\\Direct3D\\Rollcage.exe"=
"c:\\Programfiler\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Programfiler\\Ventrilo\\Ventrilo.exe"=
"c:\\Programfiler\\Curse\\CurseClient.exe"=
"c:\\Programfiler\\Skype\\Phone\\Skype.exe"=
"c:\\Programfiler\\Steam\\steamapps\\common\\warhammer 40,000 dawn of war ii - beta\\DOW2.exe"=
"c:\\Programfiler\\Tortun\\gui.exe"=
"c:\\Programfiler\\World of Warcraft\\Launcher.exe"=
"c:\\Programfiler\\Kalypso\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=
"c:\\Programfiler\\THQ\\Gas Powered Games\\Supreme Commander - Forged Alliance\\bin\\ForgedAlliance.exe"=
"c:\\Programfiler\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"=
"c:\\Programfiler\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=
"c:\\Programfiler\\Bonjour\\mDNSResponder.exe"=
"c:\\Programfiler\\iTunes\\iTunes.exe"=
"c:\\Programfiler\\Messenger\\msmsgs.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [01.05.2009 16:15 114768]
R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [28.05.2008 10:33 8944]
R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [28.05.2008 10:33 55024]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [01.05.2009 16:15 20560]
R3 LycoFltr;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [10.01.2009 02:00 16896]
S3 lac97inf;lac97inf;\??\c:\docume~1\BRUGIN~1\LOKALE~1\Temp\lac97inf.sys --> c:\docume~1\BRUGIN~1\LOKALE~1\Temp\lac97inf.sys [?]
S3 SASENUM;SASENUM;c:\programfiler\SUPERAntiSpyware\SASENUM.SYS [28.05.2008 10:33 7408]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [03.11.2008 21:08 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
2009-05-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-796845957-725345543-1004.job
- c:\documents and settings\Bruginator\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe [2008-12-21 00:10]
.
.
------- Tilleggsskanning -------
.
uInternet Settings,ProxyOverride = *.local
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\programfiler\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath -
---- FIREFOX POLICIES ----
c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-16 22:10
Windows 5.1.2600 Service Pack 3 NTFS
skanner skjulte prosesser ...
skanner skjulte autostart-oppføringer ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
CTZDetec.exe = c:\programfiler\Creative\Creative Media Lite\CTZDetec.exe??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
skanner skjulte filer ...
skanning vellykket
skjulte filer: 0
**************************************************************************
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------
- - - - - - - > 'winlogon.exe'(732)
c:\programfiler\SUPERAntiSpyware\SASWINLO.dll
- - - - - - - > 'explorer.exe'(2016)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Tidspunkt ferdig: 2009-05-16 22:12
ComboFix-quarantined-files.txt 2009-05-16 20:12
ComboFix2.txt 2009-05-16 19:17
ComboFix3.txt 2009-05-16 19:05
ComboFix4.txt 2009-05-16 18:04
ComboFix5.txt 2009-05-16 20:07
Pre-Run: 96 091 181 056 byte ledig
Post-Run: 96 078 974 976 byte ledig
206 --- E O F --- 2009-05-14 21:31
-
-
Online scan ga ingen resultater
ComboFix 09-05-16.01 - Bruginator 16.05.2009 21:13.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.2046.1429 [GMT 2:00]
Kjører fra: c:\documents and settings\Bruginator\Skrivebord\ComboFix.exe
Command switches brukt :: c:\documents and settings\Bruginator\Skrivebord\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090515-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!
FILE ::
c:\docume~1\BRUGIN~1\LOKALE~1\Temp\lac97inf.sys
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2009-04-16 til 2009-05-16 )))))))))))))))))))))))))))))))))
.
2009-05-16 14:44 . 2009-05-16 14:44 -------- d-----w c:\programfiler\JRE
2009-05-16 14:31 . 2009-05-16 14:31 -------- d-----w c:\documents and settings\Bruginator\Programdata\OpenOffice.org
2009-05-16 14:30 . 2009-05-16 14:44 -------- d-----w c:\programfiler\OpenOffice.org 3
2009-05-16 13:45 . 2009-05-16 13:45 -------- d-----w c:\documents and settings\Bruginator\Programdata\Malwarebytes
2009-05-16 13:45 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-16 13:45 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-16 13:45 . 2009-05-16 13:45 -------- d-----w c:\documents and settings\All Users.WINDOWS\Programdata\Malwarebytes
2009-05-16 13:45 . 2009-05-16 13:45 -------- d-----w c:\programfiler\Malwarebytes' Anti-Malware
2009-05-16 12:18 . 2009-05-16 12:25 -------- d-----w c:\programfiler\Google
2009-05-16 12:18 . 2009-05-16 12:22 -------- d-----w c:\windows\LastGood
2009-05-16 12:16 . 2009-05-16 12:16 -------- d-sh--w c:\documents and settings\Bruginator\IECompatCache
2009-05-16 12:15 . 2009-05-16 12:15 -------- d-sh--w c:\documents and settings\Bruginator\PrivacIE
2009-05-11 17:08 . 2009-05-11 17:08 -------- d-sh--w c:\documents and settings\NetworkService.NT-MYNDIGHET\IETldCache
2009-05-11 17:05 . 2009-05-11 17:05 -------- d-sh--w c:\documents and settings\Bruginator\IETldCache
2009-05-10 23:20 . 2009-05-10 23:20 -------- d-----w c:\windows\ie8updates
2009-05-10 23:20 . 2009-04-25 05:30 102400 -c----w c:\windows\system32\dllcache\iecompat.dll
2009-05-10 23:19 . 2009-05-10 23:20 -------- dc-h--w c:\windows\ie8
2009-05-10 22:57 . 2009-05-10 22:58 -------- d-----w C:\e9cbded051f93498780f
2009-04-25 14:47 . 2009-04-25 14:47 -------- d-----w c:\programfiler\iPod
2009-04-25 14:47 . 2009-04-25 14:47 -------- d-----w c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-25 14:47 . 2009-04-25 14:47 -------- d-----w c:\programfiler\iTunes
2009-04-25 14:41 . 2009-04-25 14:43 -------- d-----w c:\programfiler\QuickTime
2009-04-25 14:37 . 2009-03-26 13:23 1900544 ----a-w c:\windows\system32\usbaaplrc.dll
2009-04-25 14:33 . 2009-04-25 14:33 -------- d-----w c:\programfiler\Bonjour
2009-04-25 11:53 . 2009-04-26 08:29 -------- d-----w c:\programfiler\DAEMON Tools Lite
2009-04-25 11:46 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-25 11:46 . 2009-03-06 14:24 284160 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-25 11:46 . 2009-02-09 11:27 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-25 11:46 . 2009-02-09 10:56 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-25 11:46 . 2009-02-09 10:56 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-25 11:46 . 2009-02-09 10:56 680448 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-25 11:46 . 2009-02-09 10:56 729088 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-25 11:46 . 2009-02-09 10:56 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-25 11:46 . 2009-02-09 10:56 710656 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-25 11:46 . 2008-04-21 21:16 217088 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-21 22:20 . 2009-04-21 22:20 14311680 ----a-w c:\windows\system32\xlive.dll
2009-04-21 22:20 . 2009-04-21 22:20 13642496 ----a-w c:\windows\system32\xlivefnt.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-16 16:29 . 2008-07-28 17:54 -------- d-----w c:\programfiler\World of Warcraft
2009-05-16 14:29 . 2008-05-31 15:05 -------- d-----w c:\programfiler\OpenOffice.org 2.4
2009-05-11 17:00 . 2008-05-31 14:52 17672 ----a-w c:\documents and settings\Bruginator\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT
2009-05-10 23:02 . 2004-08-04 12:00 79838 ----a-w c:\windows\system32\perfc014.dat
2009-05-10 23:02 . 2004-08-04 12:00 444344 ----a-w c:\windows\system32\perfh014.dat
2009-05-01 12:05 . 2008-12-22 22:51 -------- d-----w c:\programfiler\Curse
2009-04-26 09:21 . 2008-05-31 14:34 -------- d-----w c:\programfiler\Java
2009-04-25 14:47 . 2007-07-16 11:33 -------- d-----w c:\programfiler\Fellesfiler\Apple
2009-04-25 12:36 . 2008-10-02 21:44 -------- d-----w c:\programfiler\Guild Wars
2009-04-25 11:53 . 2008-10-20 14:49 -------- d-----w c:\programfiler\DAEMON Tools Toolbar
2009-04-25 11:47 . 2008-06-10 17:09 721904 ----a-w c:\windows\system32\drivers\sptd.sys
2009-03-26 13:23 . 2008-11-03 19:08 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-19 14:32 . 2008-11-03 19:09 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-09 03:19 . 2008-11-26 15:42 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 02:34 . 2004-08-04 12:00 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 02:34 . 2004-08-04 12:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 02:33 . 2004-08-04 12:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 02:33 . 2004-08-04 12:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 02:32 . 2004-08-04 12:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 02:32 . 2004-08-04 12:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 02:31 . 2004-08-04 12:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 02:31 . 2004-08-04 12:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 02:31 . 2004-08-04 12:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 02:22 . 2004-08-04 12:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:24 . 2004-08-04 12:00 284160 ----a-w c:\windows\system32\pdh.dll
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} ----
2009-04-25 14:47 . 2009-04-25 14:48 3678 ----a-w c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\DIFxInstallLog.txt
2009-03-24 23:19 . 2009-03-24 23:19 7919 ----a-w c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\gearaspiwdmx86.cat
2009-03-19 14:38 . 2009-03-19 14:38 2763 ----a-w c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\GEARAspiWDM.inf
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-02-04 11:56 . 2009-02-04 11:56 75112 ----a-w c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\DifXInstall32.exe
2008-04-17 10:12 . 2008-04-17 10:12 107368 ----a-w c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspi.dll
2006-11-02 04:21 . 2006-11-02 04:21 319456 ----a-w c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\DIFxAPI.dll
---- Directory of C:\e9cbded051f93498780f ----
2009-05-10 22:57 . 2008-06-19 05:33 72 ------w c:\e9cbded051f93498780f\amd64\msxpsinc.ppd
2009-05-10 22:57 . 2008-06-19 05:33 2204 ------w c:\e9cbded051f93498780f\i386\msxpsdrv.inf
2009-05-10 22:57 . 2008-06-19 09:03 73 ------w c:\e9cbded051f93498780f\i386\msxpsinc.gpd
2009-05-10 22:57 . 2008-06-19 05:33 72 ------w c:\e9cbded051f93498780f\i386\msxpsinc.ppd
2009-05-10 22:57 . 2008-06-19 05:33 2204 ------w c:\e9cbded051f93498780f\amd64\msxpsdrv.inf
2009-05-10 22:57 . 2008-07-06 12:06 10929 ------w c:\e9cbded051f93498780f\amd64\msxpsdrv.cat
2009-05-10 22:57 . 2008-07-06 12:06 10929 ------w c:\e9cbded051f93498780f\i386\msxpsdrv.cat
2009-05-10 22:57 . 2008-07-06 12:06 147456 ------w c:\e9cbded051f93498780f\amd64\filterpipelineprintproc.dll
2009-05-10 22:57 . 2008-07-06 12:06 89088 ------w c:\e9cbded051f93498780f\i386\filterpipelineprintproc.dll
2009-05-10 22:57 . 2008-07-06 12:06 765440 ------w c:\e9cbded051f93498780f\i386\mxdwdrv.dll
2009-05-10 22:57 . 2008-07-06 12:06 1676288 ------w c:\e9cbded051f93498780f\i386\xpssvcs.dll
2009-05-10 22:57 . 2008-07-06 12:06 748032 ------w c:\e9cbded051f93498780f\amd64\mxdwdrv.dll
2008-07-06 15:36 . 2008-07-06 15:36 2936832 ------w c:\e9cbded051f93498780f\amd64\xpssvcs.dll
2008-06-19 09:03 . 2008-06-19 09:03 73 ------w c:\e9cbded051f93498780f\amd64\msxpsinc.gpd
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"CTZDetec.exe"="c:\programfiler\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"Google Update"="c:\documents and settings\Bruginator\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" [2008-12-21 133104]
"DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"CurseClient"="c:\programfiler\Curse\CurseClient.exe" [2009-05-14 1933312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1970176]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Lycosa"="c:\programfiler\Razer\Lycosa\razerhid.exe" [2008-10-16 147456]
"QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-04-07 16859136]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 11:41 294912 ----a-w c:\programfiler\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programfiler\\Steam\\steamapps\\common\\trackmania nations forever\\TmForever.exe"=
"c:\\Programfiler\\uTorrent\\uTorrent.exe"=
"c:\\Programfiler\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"c:\\Programfiler\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Programfiler\\SEGA\\Medieval II Total War\\medieval2.exe"=
"c:\\Programfiler\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Programfiler\\LucasArts\\SWKotOR2\\swupdate.exe"=
"c:\\Programfiler\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Programfiler\\THQ\\Dawn Of War\\W40k.exe"=
"c:\\Programfiler\\THQ\\Dawn Of War\\W40kWA.exe"=
"c:\\Programfiler\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Programfiler\\THQ\\Dawn of War - Soulstorm\\Soulstorm.exe"=
"c:\\Programfiler\\mIRC\\mirc.exe"=
"c:\\Programfiler\\Microsoft Games\\Halo\\halo.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programfiler\\Microsoft Games\\Halo 2\\halo2.exe"=
"c:\\Programfiler\\Psygnosis\\Rollcage\\Direct3D\\Rollcage.exe"=
"c:\\Programfiler\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Programfiler\\Ventrilo\\Ventrilo.exe"=
"c:\\Programfiler\\Curse\\CurseClient.exe"=
"c:\\Programfiler\\Skype\\Phone\\Skype.exe"=
"c:\\Programfiler\\Steam\\steamapps\\common\\warhammer 40,000 dawn of war ii - beta\\DOW2.exe"=
"c:\\Programfiler\\Tortun\\gui.exe"=
"c:\\Programfiler\\World of Warcraft\\Launcher.exe"=
"c:\\Programfiler\\Kalypso\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=
"c:\\Programfiler\\THQ\\Gas Powered Games\\Supreme Commander - Forged Alliance\\bin\\ForgedAlliance.exe"=
"c:\\Programfiler\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"=
"c:\\Programfiler\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=
"c:\\Programfiler\\Bonjour\\mDNSResponder.exe"=
"c:\\Programfiler\\iTunes\\iTunes.exe"=
"c:\\Programfiler\\Messenger\\msmsgs.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [01.05.2009 16:15 114768]
R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [28.05.2008 10:33 8944]
R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [28.05.2008 10:33 55024]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [01.05.2009 16:15 20560]
R3 LycoFltr;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [10.01.2009 02:00 16896]
S3 lac97inf;lac97inf;\??\c:\docume~1\BRUGIN~1\LOKALE~1\Temp\lac97inf.sys --> c:\docume~1\BRUGIN~1\LOKALE~1\Temp\lac97inf.sys [?]
S3 SASENUM;SASENUM;c:\programfiler\SUPERAntiSpyware\SASENUM.SYS [28.05.2008 10:33 7408]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [03.11.2008 21:08 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
2009-05-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-796845957-725345543-1004.job
- c:\documents and settings\Bruginator\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe [2008-12-21 00:10]
.
.
------- Tilleggsskanning -------
.
uInternet Settings,ProxyOverride = *.local
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\programfiler\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath -
---- FIREFOX POLICIES ----
c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-16 21:15
Windows 5.1.2600 Service Pack 3 NTFS
skanner skjulte prosesser ...
skanner skjulte autostart-oppføringer ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
CTZDetec.exe = c:\programfiler\Creative\Creative Media Lite\CTZDetec.exe??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
skanner skjulte filer ...
skanning vellykket
skjulte filer: 0
**************************************************************************
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------
- - - - - - - > 'winlogon.exe'(732)
c:\programfiler\SUPERAntiSpyware\SASWINLO.dll
- - - - - - - > 'explorer.exe'(3964)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Tidspunkt ferdig: 2009-05-16 21:17
ComboFix-quarantined-files.txt 2009-05-16 19:17
ComboFix2.txt 2009-05-16 19:05
ComboFix3.txt 2009-05-16 18:04
ComboFix4.txt 2008-08-02 21:59
Pre-Run: 96 109 780 992 byte ledig
Post-Run: 96 096 169 984 byte ledig
230 --- E O F --- 2009-05-14 21:31
-
Jeg er ganske sikker på at jeg har en trojaner, for jeg har en laptopp som fikk problemet først, tror det ble spredt gjennom nettet på skolen min. Når jeg kom hjem og startet opp tenkte jeg ikke på trojaneren og jeg fikk same problem på min stasjonære PC.
Igjen, takk for all hjelp.
Combofix logg:
ComboFix 09-05-15.08 - Bruginator 16.05.2009 19:57.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.47.1044.18.2046.1393 [GMT 2:00]
Kjører fra: c:\documents and settings\Bruginator\Mine dokumenter\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090515-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
ADVARSEL -DENNE MASKINEN HAR IKKE GJENOPPRETTINGSKONSOLLEN INSTALLERT !!
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Bruginator\Programdata\.#
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2009-04-16 til 2009-05-16 )))))))))))))))))))))))))))))))))
.
2009-05-16 14:44 . 2009-05-16 14:44 -------- d-----w c:\programfiler\JRE
2009-05-16 14:31 . 2009-05-16 14:31 -------- d-----w c:\documents and settings\Bruginator\Programdata\OpenOffice.org
2009-05-16 14:30 . 2009-05-16 14:44 -------- d-----w c:\programfiler\OpenOffice.org 3
2009-05-16 13:45 . 2009-05-16 13:45 -------- d-----w c:\documents and settings\Bruginator\Programdata\Malwarebytes
2009-05-16 13:45 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-16 13:45 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-16 13:45 . 2009-05-16 13:45 -------- d-----w c:\documents and settings\All Users.WINDOWS\Programdata\Malwarebytes
2009-05-16 13:45 . 2009-05-16 13:45 -------- d-----w c:\programfiler\Malwarebytes' Anti-Malware
2009-05-16 12:18 . 2009-05-16 12:25 -------- d-----w c:\programfiler\Google
2009-05-16 12:18 . 2009-05-16 12:22 -------- d-----w c:\windows\LastGood
2009-05-16 12:16 . 2009-05-16 12:16 -------- d-sh--w c:\documents and settings\Bruginator\IECompatCache
2009-05-16 12:15 . 2009-05-16 12:15 -------- d-sh--w c:\documents and settings\Bruginator\PrivacIE
2009-05-11 17:08 . 2009-05-11 17:08 -------- d-sh--w c:\documents and settings\NetworkService.NT-MYNDIGHET\IETldCache
2009-05-11 17:05 . 2009-05-11 17:05 -------- d-sh--w c:\documents and settings\Bruginator\IETldCache
2009-05-10 23:20 . 2009-05-10 23:20 -------- d-----w c:\windows\ie8updates
2009-05-10 23:20 . 2009-04-25 05:30 102400 -c----w c:\windows\system32\dllcache\iecompat.dll
2009-05-10 23:19 . 2009-05-10 23:20 -------- dc-h--w c:\windows\ie8
2009-05-10 22:57 . 2009-05-10 22:58 -------- d-----w C:\e9cbded051f93498780f
2009-04-25 14:47 . 2009-04-25 14:47 -------- d-----w c:\programfiler\iPod
2009-04-25 14:47 . 2009-04-25 14:47 -------- d-----w c:\documents and settings\All Users.WINDOWS\Programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-25 14:47 . 2009-04-25 14:47 -------- d-----w c:\programfiler\iTunes
2009-04-25 14:41 . 2009-04-25 14:43 -------- d-----w c:\programfiler\QuickTime
2009-04-25 14:37 . 2009-03-26 13:23 1900544 ----a-w c:\windows\system32\usbaaplrc.dll
2009-04-25 14:33 . 2009-04-25 14:33 -------- d-----w c:\programfiler\Bonjour
2009-04-25 11:53 . 2009-04-26 08:29 -------- d-----w c:\programfiler\DAEMON Tools Lite
2009-04-25 11:46 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-25 11:46 . 2009-03-06 14:24 284160 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-25 11:46 . 2009-02-09 11:27 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-25 11:46 . 2009-02-09 10:56 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-25 11:46 . 2009-02-09 10:56 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-25 11:46 . 2009-02-09 10:56 680448 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-25 11:46 . 2009-02-09 10:56 729088 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-25 11:46 . 2009-02-09 10:56 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-25 11:46 . 2009-02-09 10:56 710656 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-25 11:46 . 2008-04-21 21:16 217088 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-21 22:20 . 2009-04-21 22:20 14311680 ----a-w c:\windows\system32\xlive.dll
2009-04-21 22:20 . 2009-04-21 22:20 13642496 ----a-w c:\windows\system32\xlivefnt.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-16 16:29 . 2008-07-28 17:54 -------- d-----w c:\programfiler\World of Warcraft
2009-05-16 14:29 . 2008-05-31 15:05 -------- d-----w c:\programfiler\OpenOffice.org 2.4
2009-05-11 17:00 . 2008-05-31 14:52 17672 ----a-w c:\documents and settings\Bruginator\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT
2009-05-10 23:02 . 2004-08-04 12:00 79838 ----a-w c:\windows\system32\perfc014.dat
2009-05-10 23:02 . 2004-08-04 12:00 444344 ----a-w c:\windows\system32\perfh014.dat
2009-05-01 12:05 . 2008-12-22 22:51 -------- d-----w c:\programfiler\Curse
2009-04-26 09:21 . 2008-05-31 14:34 -------- d-----w c:\programfiler\Java
2009-04-25 14:47 . 2007-07-16 11:33 -------- d-----w c:\programfiler\Fellesfiler\Apple
2009-04-25 12:36 . 2008-10-02 21:44 -------- d-----w c:\programfiler\Guild Wars
2009-04-25 11:53 . 2008-10-20 14:49 -------- d-----w c:\programfiler\DAEMON Tools Toolbar
2009-04-25 11:47 . 2008-06-10 17:09 721904 ----a-w c:\windows\system32\drivers\sptd.sys
2009-03-26 13:23 . 2008-11-03 19:08 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys
2009-03-19 14:32 . 2008-11-03 19:09 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-09 03:19 . 2008-11-26 15:42 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 02:34 . 2004-08-04 12:00 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 02:34 . 2004-08-04 12:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 02:33 . 2004-08-04 12:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 02:33 . 2004-08-04 12:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 02:32 . 2004-08-04 12:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 02:32 . 2004-08-04 12:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 02:31 . 2004-08-04 12:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 02:31 . 2004-08-04 12:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 02:31 . 2004-08-04 12:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 02:22 . 2004-08-04 12:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:24 . 2004-08-04 12:00 284160 ----a-w c:\windows\system32\pdh.dll
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"CTZDetec.exe"="c:\programfiler\Creative\Creative Media Lite\CTZDetec.exe" [2007-12-18 401408]
"Google Update"="c:\documents and settings\Bruginator\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" [2008-12-21 133104]
"DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"CurseClient"="c:\programfiler\Curse\CurseClient.exe" [2009-05-14 1933312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1970176]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"Lycosa"="c:\programfiler\Razer\Lycosa\razerhid.exe" [2008-10-16 147456]
"QuickTime Task"="c:\programfiler\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"SunJavaUpdateSched"="c:\programfiler\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-04-07 16859136]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 11:41 294912 ----a-w c:\programfiler\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programfiler\\Steam\\steamapps\\common\\trackmania nations forever\\TmForever.exe"=
"c:\\Programfiler\\uTorrent\\uTorrent.exe"=
"c:\\Programfiler\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"c:\\Programfiler\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Programfiler\\SEGA\\Medieval II Total War\\medieval2.exe"=
"c:\\Programfiler\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\Programfiler\\LucasArts\\SWKotOR2\\swupdate.exe"=
"c:\\Programfiler\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Programfiler\\THQ\\Dawn Of War\\W40k.exe"=
"c:\\Programfiler\\THQ\\Dawn Of War\\W40kWA.exe"=
"c:\\Programfiler\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Programfiler\\THQ\\Dawn of War - Soulstorm\\Soulstorm.exe"=
"c:\\Programfiler\\mIRC\\mirc.exe"=
"c:\\Programfiler\\Microsoft Games\\Halo\\halo.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programfiler\\Microsoft Games\\Halo 2\\halo2.exe"=
"c:\\Programfiler\\Psygnosis\\Rollcage\\Direct3D\\Rollcage.exe"=
"c:\\Programfiler\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Programfiler\\Ventrilo\\Ventrilo.exe"=
"c:\\Programfiler\\Curse\\CurseClient.exe"=
"c:\\Programfiler\\Skype\\Phone\\Skype.exe"=
"c:\\Programfiler\\Steam\\steamapps\\common\\warhammer 40,000 dawn of war ii - beta\\DOW2.exe"=
"c:\\Programfiler\\Tortun\\gui.exe"=
"c:\\Programfiler\\World of Warcraft\\Launcher.exe"=
"c:\\Programfiler\\Kalypso\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=
"c:\\Programfiler\\THQ\\Gas Powered Games\\Supreme Commander - Forged Alliance\\bin\\ForgedAlliance.exe"=
"c:\\Programfiler\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"=
"c:\\Programfiler\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=
"c:\\Programfiler\\Bonjour\\mDNSResponder.exe"=
"c:\\Programfiler\\iTunes\\iTunes.exe"=
"c:\\Programfiler\\Messenger\\msmsgs.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [01.05.2009 16:15 114768]
R1 SASDIFSV;SASDIFSV;c:\programfiler\SUPERAntiSpyware\sasdifsv.sys [28.05.2008 10:33 8944]
R1 SASKUTIL;SASKUTIL;c:\programfiler\SUPERAntiSpyware\SASKUTIL.SYS [28.05.2008 10:33 55024]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [01.05.2009 16:15 20560]
R3 LycoFltr;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [10.01.2009 02:00 16896]
S3 lac97inf;lac97inf;\??\c:\docume~1\BRUGIN~1\LOKALE~1\Temp\lac97inf.sys --> c:\docume~1\BRUGIN~1\LOKALE~1\Temp\lac97inf.sys [?]
S3 SASENUM;SASENUM;c:\programfiler\SUPERAntiSpyware\SASENUM.SYS [28.05.2008 10:33 7408]
S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [03.11.2008 21:08 36864]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
2009-05-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-796845957-725345543-1004.job
- c:\documents and settings\Bruginator\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe [2008-12-21 00:10]
.
- - - - TOMME PEKERE FJERNET - - - -
HKCU-Run-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe
HKLM-Run-NBKeyScan - c:\programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
------- Tilleggsskanning -------
.
uInternet Settings,ProxyOverride = *.local
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\programfiler\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath -
---- FIREFOX POLICIES ----
c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-16 20:01
Windows 5.1.2600 Service Pack 3 NTFS
skanner skjulte prosesser ...
skanner skjulte autostart-oppføringer ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
CTZDetec.exe = c:\programfiler\Creative\Creative Media Lite\CTZDetec.exe??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
skanner skjulte filer ...
skanning vellykket
skjulte filer: 0
**************************************************************************
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------
- - - - - - - > 'winlogon.exe'(732)
c:\programfiler\SUPERAntiSpyware\SASWINLO.dll
- - - - - - - > 'explorer.exe'(2392)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Tidspunkt ferdig: 2009-05-16 20:04
ComboFix-quarantined-files.txt 2009-05-16 18:04
ComboFix2.txt 2008-08-02 21:59
Pre-Run: 95 444 611 072 byte ledig
Post-Run: 96 111 153 152 byte ledig
207 --- E O F --- 2009-05-14 21:31
-
Hei. Jeg sliter med det jeg tror er en trojaner som gjemmer seg i prosessen til lyddriveren min. Når jeg starter opp maskinen min, avslutter Windows Generic Host Process for Win32 for å gi maskinen bedre sikkerhet, og da forsvinner lyden også. Kjørt noen viruskanner og lignende uten resultat.
Takk for all hjelp.
MBAM logg:
Malwarebytes' Anti-Malware 1.36
Databaseversjon: 2141
Windows 5.1.2600 Service Pack 3
16.05.2009 16:53:15
mbam-log-2009-05-16 (16-53-15).txt
Skanntype: Rask Skann
Objekter skannet: 87992
Tid tilbakelagt: 3 minute(s), 50 second(s)
Minneprosesser infisert: 0
Minnemoduler infisert: 0
Registernøkler infisert: 0
Registerverdier infisert: 0
Registerfiler infisert: 0
Mapper infisert: 0
Filer infisert: 0
Minneprosesser infisert:
(Ingen mistenkelige filer funnet)
Minnemoduler infisert:
(Ingen mistenkelige filer funnet)
Registernøkler infisert:
(Ingen mistenkelige filer funnet)
Registerverdier infisert:
(Ingen mistenkelige filer funnet)
Registerfiler infisert:
(Ingen mistenkelige filer funnet)
Mapper infisert:
(Ingen mistenkelige filer funnet)
Filer infisert:
(Ingen mistenkelige filer funnet)
HJT logg:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:27:22, on 16.05.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe
C:\Programfiler\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programfiler\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programfiler\Creative\Shared Files\CTDevSrv.exe
C:\Programfiler\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe
C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programfiler\Razer\Lycosa\razerhid.exe
C:\Programfiler\iTunes\iTunesHelper.exe
C:\Programfiler\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Creative\Creative Media Lite\CTZDetec.exe
C:\Documents and Settings\Bruginator\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe
C:\Programfiler\Razer\Lycosa\razertra.exe
C:\Programfiler\DAEMON Tools Lite\daemon.exe
C:\Programfiler\Curse\CurseClient.exe
C:\Programfiler\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Bruginator\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Bruginator\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Bruginator\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Bruginator\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe
C:\Programfiler\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Bruginator\Lokale innstillinger\Programdata\Google\Chrome\Application\chrome.exe
C:\Programfiler\OpenOffice.org 3\program\swriter.exe
C:\Programfiler\OpenOffice.org 3\program\soffice.exe
C:\Programfiler\OpenOffice.org 3\program\soffice.bin
C:\Documents and Settings\Bruginator\Skrivebord\HJT\pyramide.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programfiler\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programfiler\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programfiler\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programfiler\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programfiler\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programfiler\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NBKeyScan] "C:\Programfiler\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Lycosa] "C:\Programfiler\Razer\Lycosa\razerhid.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programfiler\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programfiler\Fellesfiler\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Programfiler\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Bruginator\Lokale innstillinger\Programdata\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [CurseClient] C:\Programfiler\Curse\CurseClient.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/...101/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1212246958890
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15106/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Programfiler\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Programfiler\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programfiler\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 10003 bytes
-
Hvorfor har dere valgt å bruke navnet Loki alternativt til Loke i det første spørsmålet, som er det jeg har opplevd som det vanligste navnet å bruke, i historiene fra norrøn mytologi. Har bare kommet over navnet Loki i engelske tekster og jeg er vant med den fornorskningen dere bruker i anmeldelsene deres.
-
Hei.
Avast! finner virus, så jeg lurte på om dere kunne hjelpe meg med å få fjerna alt.
ComboFix:
ComboFix 08-08-01.05 - Bruginator 2008-08-02 23:48:09.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.1598 [GMT 2:00]
Running from: C:\Documents and Settings\Bruginator\Skrivebord\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-07-02 to 2008-08-02 )))))))))))))))))))))))))))))))
.
2008-08-02 23:33 . 2008-08-02 23:33 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware
2008-08-02 23:33 . 2008-08-02 23:33 <DIR> d-------- C:\Documents and Settings\Bruginator\Programdata\SUPERAntiSpyware.com
2008-08-02 23:33 . 2008-08-02 23:33 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Programdata\SUPERAntiSpyware.com
2008-08-02 23:30 . 2008-08-02 23:30 <DIR> dr-h----- C:\Documents and Settings\Bruginator\Siste
2008-07-28 22:59 . 2008-07-28 22:59 <DIR> d-------- C:\Logs
2008-07-28 19:54 . 2008-07-28 23:02 <DIR> d-------- C:\Programfiler\World of Warcraft
2008-07-27 20:48 . 2008-07-27 20:48 <DIR> d-------- C:\Programfiler\LucasArts
2008-07-25 15:21 . 2008-07-25 15:21 <DIR> d-------- C:\Programfiler\DAEMON Tools Lite
2008-07-25 14:38 . 2008-07-25 14:38 <DIR> d-------- C:\Programfiler\EA GAMES
2008-07-21 15:46 . 2008-07-21 15:46 <DIR> d-------- C:\Documents and Settings\Bruginator\Programdata\My Games
2008-07-21 15:43 . 2008-07-21 15:43 <DIR> d-------- C:\Programfiler\Firaxis Games
2008-07-19 05:08 . 2008-07-19 05:08 <DIR> dr-h----- C:\Documents and Settings\Bruginator\Programdata\SecuROM
2008-07-19 05:08 . 2008-07-19 05:08 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-07-19 02:02 . 2008-07-19 02:02 <DIR> d-------- C:\Programfiler\SEGA
2008-07-19 02:00 . 2008-07-19 02:00 <DIR> d-------- C:\Documents and Settings\Bruginator\Programdata\InstallShield
2008-07-19 01:30 . 2008-07-19 01:30 <DIR> d--h----- C:\Documents and Settings\All Users.WINDOWS\Programdata\{FD71DB76-A64B-4A16-BD57-1CC61B92D082}
2008-07-19 01:19 . 2008-07-19 01:19 <DIR> d-------- C:\Programfiler\Kalypso
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-02 21:53 --------- d-----w C:\Programfiler\Steam
2008-08-02 21:33 --------- d-----w C:\Programfiler\Fellesfiler\Wise Installation Wizard
2008-07-31 16:02 --------- d-----w C:\Documents and Settings\Bruginator\Programdata\OpenOffice.org2
2008-07-28 22:48 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-07-28 17:59 --------- d-----w C:\Programfiler\Fellesfiler\Blizzard Entertainment
2008-07-25 12:52 --------- d--h--w C:\Programfiler\InstallShield Installation Information
2008-07-23 00:11 --------- d-----w C:\Documents and Settings\Bruginator\Programdata\uTorrent
2008-07-14 08:33 --------- d-----w C:\Programfiler\Java
2008-06-21 01:51 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Programdata\TrackMania
2008-06-21 01:38 --------- d-----w C:\Programfiler\Electronic Arts
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-17 00:37 278,728 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-06-17 00:37 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2008-06-16 14:30 --------- d-----w C:\Programfiler\Combined Community Codec Pack
2008-06-14 18:00 272,256 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 21:08 --------- d-----w C:\Programfiler\Ubisoft
2008-06-10 17:09 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-06-10 17:09 --------- d-----w C:\Documents and Settings\Bruginator\Programdata\DAEMON Tools
2008-06-09 17:23 --------- d-----w C:\Documents and Settings\Bruginator\Programdata\LimeWire
2008-06-09 17:06 --------- d-----w C:\Programfiler\uTorrent
2008-05-31 14:16 315,392 ----a-w C:\WINDOWS\HideWin.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]
"Steam"="c:\programfiler\steam\steam.exe" [2008-06-02 00:24 1271032]
"MSMSGS"="C:\Programfiler\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
"DAEMON Tools Lite"="C:\Programfiler\DAEMON Tools Lite\daemon.exe" [2008-07-24 17:02 490952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]
"JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [2007-03-20 14:36 36864]
"36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [2007-11-19 11:01 1970176]
"Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-07 16:06 16859136 C:\WINDOWS\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programfiler\\Steam\\steamapps\\common\\trackmania nations forever\\TmForever.exe"=
"C:\\Programfiler\\uTorrent\\uTorrent.exe"=
"C:\\Programfiler\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"C:\\Programfiler\\Electronic Arts\\EADM\\Core.exe"=
"C:\\Programfiler\\Kalypso\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=
"C:\\Programfiler\\SEGA\\Medieval II Total War\\medieval2.exe"=
"C:\\Programfiler\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"C:\\Programfiler\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Programfiler\\LucasArts\\SWKotOR2\\swupdate.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ca95439a-2f22-11dd-8b63-806d6172696f}]
\Shell\AutoRun\command - D:\setup.exe /autorun
.
- - - - ORPHANS REMOVED - - - -
Notify-dimsntfy - (no file)
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Bruginator\Programdata\Mozilla\Firefox\Profiles\rh3qo1nq.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE -
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-02 23:53:20
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe
C:\Programfiler\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe
C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2008-08-02 23:59:39 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-02 21:59:36
Pre-Run: 182,963,838,976 byte ledig
Post-Run: 182,897,786,880 byte ledig
132 --- E O F --- 2008-07-25 13:18:16
Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:00:27, on 03.08.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe
C:\Programfiler\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe
C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\programfiler\steam\steam.exe
C:\Programfiler\Messenger\msmsgs.exe
C:\Programfiler\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Bruginator\Skrivebord\HJT\pyramide.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [steam] "c:\programfiler\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1212246958890
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programfiler\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 5509 bytes
SAS logg:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 08/02/2008 at 11:44 PM
Application Version : 4.15.1000
Core Rules Database Version : 3524
Trace Rules Database Version: 1514
Scan type : Quick Scan
Total Scan Time : 00:09:01
Memory items scanned : 385
Memory threats detected : 0
Registry items scanned : 308
Registry threats detected : 0
File items scanned : 7119
File threats detected : 8
Adware.Tracking Cookie
C:\Documents and Settings\Brage\Cookies\[email protected][1].txt
C:\Documents and Settings\Brage\Cookies\brage@imrworldwide[2].txt
C:\Documents and Settings\Brage\Cookies\[email protected][1].txt
C:\Documents and Settings\Brage\Cookies\brage@hitbox[2].txt
C:\Documents and Settings\Brage\Cookies\brage@2o7[2].txt
C:\Documents and Settings\Brage\Cookies\[email protected][1].txt
C:\Documents and Settings\Brage\Cookies\brage@revsci[2].txt
C:\Documents and Settings\Brage\Cookies\[email protected][1].txt
track.adform.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
track.adform.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.stat.katalysatormedia.no [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.imrworldwide.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
ad.zanox.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.specificclick.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.trackmania.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.tacoda.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.2o7.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.kontera.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
ad1.emediate.dk [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
webcount.finn.no [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
clicktorrent.info [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.adbrite.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.adopt.euroclick.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.revsci.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.ice.112.2o7.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
optimize.indieclick.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
media.adrevolver.com [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\Brage\Programdata\Mozilla\Firefox\Profiles\geovf0zj.default\cookies.txt ]
Avast! karantene-skjermskudd:
Overklokkingscafèen - Generelt om overklokking o.l
i Overklokking og entusiastbruk
Skrevet
4500 på en 1.3v krasjet etter en halv time i Aida64, har foreløpig kjørt i en time på 4400. Temperaturene ligger rundt 75c for det meste, med max temp på 87c.