kroghelg
-
Innlegg
92 -
Ble med
-
Besøkte siden sist
Innholdstype
Profiler
Forum
Hendelser
Blogger
Om forumet
Innlegg skrevet av kroghelg
-
-
Dette var en 1080p-fil du hadde lastet ne, eller fra kameraet? Hvis PC-e er koblet til ruteren trådløst det og, virker det nesten som om 1: Mnnekortet i telefonen in har for lav lesehastighettil å lese inn filen raskt nok (tilsomt.) eller 2: Telefonen er for treg med å streame av andre grunnerer. Her ville jeg testet med et annet streamingprogram på telefonen.Testet med 1080 p og den buffret under overføring fra mobilen(og en samsung tablet). Det rare er at når jeg testet samme fila fra pc(trådløs) til tv, eksisterte det ikke buffring.Samme skjer om jeg enten bruker allshare fra tv og henter fra enhet, eller jeg bruker allshare fra enheten og til tv. Kan det være en android-greie?
Hvis PC-en er koblet til ruteren med kabel, OG TV-en er koblet til ruteren med kabel, skyldes det nok at nettverkt ditt er for tregt. Hvis PC-en er koblet til med kabel men TV-en trådløs, skyldes det nok også at nettverket er for tregt - Hvis begge enhetene (mobilen og tv-en) er tilkoblet trådløst, genereres det nemlig dobbelt så mye nettverkstrafikk, og du trengr derfor dobbelt såkraftig (omtrent) nett for å spille av uten bufring.
Det er sjeldent 1080p fungerer over trådløst.
Det var en nedlastet fil.
Pcen er trådløs og tv koblet til via kabel.
Må si jeg ikke helt skjønner dette, men skal forsøke/teste videre.
Hadde jo vært interessant å hørt om andre slet med samme problemer...?
-
S II kan jo filme i både 1080p og 720p - begge deler kan man normalt bare glemme å streame trådløt på b eller g-trådløsnett, sle om det ikke skal ut på nett. Men det avhener veldig av bitraten.
Hverken avi eller mp4 er videoformater forresten, et er bare containere (eller "innpakking"). S II filmer i H.264, og det er det vanligst støttede formatet på nyere tv-er også, men det varier litt HVA de støtter innenfor dette formatet likevel. Avi kan være mye rart, og sier ikke noe som helst.
Kan være S II lager avanerte H.264.filer for alt jeg vet. Du kunne jo sett om du fant en filmtrailer eller noe annet i 720p i mp4/H.264 og sett om den splles av fint fra TV-en eller mobilen. VIrker jo ikke som om mobilen er problemet i hvertfall, siden du kan streame de samme filene fra moblen som fra PC-en.
Kanskje det enkleste hadde vært å høre med Samsung kundeserive hva TV-en støtter, om du ikke finner noe mer info på nettsidene dere?
Testet med 1080 p og den buffret under overføring fra mobilen(og en samsung tablet). Det rare er at når jeg testet samme fila fra pc(trådløs) til tv, eksisterte det ikke buffring.Samme skjer om jeg enten bruker allshare fra tv og henter fra enhet, eller jeg bruker allshare fra enheten og til tv. Kan det være en android-greie?
-
Nettet ditt er sannsynligvis for tregt, enten det, eller nettverkskortet i TV-en. Ihvertfall dersom filstørrelsen etter konvertering er mindre - det kan og tyde på at det er problemet. Man kan vel velge å filme i lavere oppløsninger? Da blir jo bitraten mindre, og nettet ditt takler det kanskje.
I og med at TV-en spiller av H.264 i det hele tatt, vil jeg absolutt tro at den støtter HW-dekoding av formatet, men kalrt - det kan være formatet som er problemet også.
Takker for alle svar. Har til nå trodd det kanskje kunne være mobilen som ikke håndterte trådløs overføring av høy videokvalitet, men forsøkte å redigere samme video i redigeringsprogrammet som er på mobilen. Endret til mye lavere kvalitet,,,uten hell. Angående mitt nett,,,så går vel dette kun på internt nett og det skal vel sjelden være for tregt til slike overføringer eller?
Skal gjøre noen tester på videoer i orginalt lavere kvalitet, samt forsøke allshare fra vanlig pc.
Edit. Den filmen som først ble redigert, ble det via pc og da til avi. Den gikk greit via allshare fra mobilen.
-
Overfører du direkte fra telefonen, eller via en PC med Allshare installert?
Hvis det siste, så bytt ut Allshare programmet på PCen med Serviio. Det fungerer mye bedre.
Direkte fra tlf ja.
-
Heisan
Lurte på om noen vet om det er mulig å endre formatet(mp4) opptaksvideoene blir lagret som på eller om dette er noe som kun kan gjøres via redigeringsprogram etterpå?
Det må du gjøre via pc etter opptak. Ikke mulig å endre formatet på opptak. Men hvorfor vil du endre opptaksformat? Mp4 er bra det.
Det er pga overføringer til Samsung tv via AllShare. Mye bufring oppleves ved overføringer av mp4,men ikke etter video er konvertert.
-
Heisan
Lurte på om noen vet om det er mulig å endre formatet(mp4) opptaksvideoene blir lagret som på eller om dette er noe som kun kan gjøres via redigeringsprogram etterpå?
-
Jeg laster opp endel videoer av sønnen min til Youtube. Noen ganger blir de litt for lange og trenger editering. Er det noen som vet om et Android-program jeg kan editere videoen på telefonen før jeg laster den opp?
Slenger meg på denne. Vet det ligger et videoe-redigeringsprogram med tlf, men ønsker pga problemer med dette i forhold til det å vise videon på tv, å bruke et annet.
-
Kan det være at det tenkes at nettlesern åpnes, trykk på menyknapp "mer-innstillinger-aktiver tilleggsprogram-alltid på"?
-
Gml post, men løfter den allikevel.
Har samme "problemet", kun lyd når videon kjøres via quicktime. Når desiren kjøres rett på tv for visning av video, oppnås heller ikke lyd.
Noen som vet om annen løsning på dette?
-
Heisan.
Har koblet opp en stuepc som har lyd ut via HDMI til tv. Stuepc har ikke optisk utgang.
Prøver så å få denne lyden ut på surroundanlegget(lg-anlegg som kun har optisk og hdmi ut). Har koblet optisk fra tv til surround.
Vil jeg kunne få surround fra stuepcen ut på surroundanlegget?
Må sies at sålangt ser det ikke ut til å virke. Tv`en har "returlyd" fra hdmi 2, men det hjelper vel ikke så lenge recievern kun har hdmi inn?
Usikker på om dette er postet på rett plass, men mod får bare flytte den i såfall.
Reciever: LG ht503
Stue pc: Dell Zino HD
TV: Samsung le46c755
-
-
Hei.
Har funnet ut at det er pci-express som står i den.
Er bare nå usikker på om det virkelig er skjermkortet som forårsaker problemet.
Hører ulyder av strømforsyningen, så kan meget godt være det som svikter ved last.
Må sjekke litt til før jeg evt. kjøper skjermkort.
Takk for info
-
agp/pci...tja, si det.
Har 4 hvite (til lydkort etc) , samt en brun som skjermkortet står på idag. Trodde de hvite var pci og den brune som skj.kortet stod i var agp......
fant noen bokstaver på hovedkortet, men rakk ikke å sjekke det nu.
w26361-w83-x-02
w26361-w83-z2-03-36.
Tror ikke jeg trenger noe bedre kort enn det som har stått der,,,det har, på en eller annen måte, virket til spill
-
Heisan
Har slitt en del med pc`en som jeg nå tror kommer av skjermkortet.
Kortet er et radeon x 1950 pro.
Har p4 3.6 ghz prosessor
Brukes noe til spilling.
Mulig å få noe til mellom 500-1000?
Hvilket kort gir mest for pengene?
-
-
Ja, alle vifter går som de skal og er rengjort.
Har testet litt og det ser ut som den kan restarte etter en lengre stund
ved "vanlig" bruk....men det virke mere sporadisk.
Kun ved videoavspilling?Fungerer vifter på grafikkortet?
Og hva med viftene i pc?
-
Heisan
Har fått et problem.
Når jeg spiller av video går det ikke lange tiden før pc`en restarter.
Det samme skjer når jeg spiller.
Har en mistanke om at det kanskje kan være skjermkortet, men vet ikke helt hvordan jeg skal få testet/bekreftet dette. (skjermkortet er et radeon 1950x pro)
Har fått fjernet støv som lå i kabinettet/vifte/skjermkort.
Noen forslag?
-
CiD-problemene dine skyldes at du har installert Messenger Plus! Live. Det medfølger et sponsorprogram som gir disse popupene. Fjern Messenger Plus! Live (evt. bare sponsorprogrammet) fra legg til/fjern programmer.
Post deretter en ny combofix-logg, så fjerner vi evt. rester etter dette.
Ok, det blir noe senere, men skal se hva jeg får til.
Takker så mye
-
ny combofix logg da
ny combo-log
Får forresten opp noen reklamesider hvor det står CID
ComboFix 08-11-24.03 - markus 2008-11-25 18:07:54.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.1646 [GMT 1:00]
Running from: c:\documents and settings\markus\Skrivebord\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-10-25 to 2008-11-25 )))))))))))))))))))))))))))))))
.
2008-11-25 18:07 . 2008-11-25 18:07 4,958,588 --a------ c:\windows\{0000000B-00000000-00000009-00001102-00000004-20021102}.BAK
2008-11-25 18:06 . 2008-11-25 18:06 <DIR> dr-h----- c:\documents and settings\markus\Siste
2008-11-25 17:23 . 2008-11-25 17:23 <DIR> d-------- c:\programfiler\ATI Technologies
2008-11-25 17:21 . 2008-11-25 17:21 <DIR> d-------- c:\programfiler\Trend Micro
2008-11-25 17:10 . 2008-11-25 17:10 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2008-11-25 17:03 . 2008-11-25 17:02 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2008-11-25 17:02 . 2008-11-25 17:02 107,832 --a------ c:\windows\system32\PnkBstrB.exe
2008-11-25 17:02 . 2008-11-25 17:02 22,328 --a------ c:\documents and settings\markus\Programdata\PnkBstrK.sys
2008-11-25 17:01 . 2008-11-25 17:01 2,250,024 --a------ c:\windows\system32\pbsvc.exe
2008-11-25 17:01 . 2008-11-25 17:01 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2008-11-25 16:50 . 2008-11-25 16:50 <DIR> d-------- c:\programfiler\Ubisoft
2008-11-21 23:22 . 2008-11-21 23:22 <DIR> d-------- c:\programfiler\rect grid view
2008-11-12 19:24 . 2008-09-04 18:17 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 19:24 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-09 15:33 . 2008-11-09 15:33 <DIR> d-------- c:\programfiler\Activision
2008-11-09 15:27 . 2008-11-09 15:27 <DIR> d--hs---- c:\windows\ftpcache
2008-11-09 15:26 . 2008-11-09 15:26 <DIR> d-------- c:\programfiler\DAEMON Tools Lite
2008-11-09 15:22 . 2008-11-09 15:22 <DIR> d-------- c:\documents and settings\spillkonto\Programdata\rect grid view
2008-11-09 15:22 . 2008-11-09 15:22 <DIR> d-------- c:\documents and settings\markus\Programdata\DAEMON Tools
2008-11-09 15:22 . 2008-11-09 15:22 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2008-11-09 15:04 . 2008-08-03 02:49 <DIR> dr------- c:\documents and settings\spillkonto\Start-meny
2008-11-09 15:04 . 2008-08-03 02:49 <DIR> d--h----- c:\documents and settings\spillkonto\Skrivere
2008-11-09 15:04 . 2008-08-03 02:49 <DIR> d-------- c:\documents and settings\spillkonto\Skrivebord
2008-11-09 15:04 . 2008-11-09 15:05 <DIR> dr-h----- c:\documents and settings\spillkonto\Siste
2008-11-09 15:04 . 2008-11-25 17:13 <DIR> dr-h----- c:\documents and settings\spillkonto\Programdata
2008-11-09 15:04 . 2008-11-25 17:15 <DIR> dr------- c:\documents and settings\spillkonto\Mine dokumenter
2008-11-09 15:04 . 2008-08-03 00:56 <DIR> d--h----- c:\documents and settings\spillkonto\Maler
2008-11-09 15:04 . 2008-11-25 18:09 <DIR> d--h----- c:\documents and settings\spillkonto\Lokale innstillinger
2008-11-09 15:04 . 2008-11-09 15:05 <DIR> dr------- c:\documents and settings\spillkonto\Favoritter
2008-11-09 15:04 . 2008-08-03 02:49 <DIR> d--h----- c:\documents and settings\spillkonto\AndrMask
2008-11-09 15:04 . 2008-11-09 15:04 <DIR> d-------- c:\documents and settings\spillkonto
2008-10-29 03:22 . 2008-10-29 03:22 314,880 --a------ c:\windows\system32\SETF.tmp
2008-10-29 03:11 . 2008-10-29 03:11 188,416 --a------ c:\windows\system32\SET34.tmp
2008-10-29 03:11 . 2008-10-29 03:11 43,520 --a------ c:\windows\system32\SET3A.tmp
2008-10-29 03:10 . 2008-10-29 03:10 143,360 --a------ c:\windows\system32\SET31.tmp
2008-10-29 03:09 . 2008-10-29 03:09 585,728 --a------ c:\windows\system32\SET2E.tmp
2008-10-29 02:57 . 2008-10-29 02:57 4,041,472 --a------ c:\windows\system32\SET18.tmp
2008-10-29 02:41 . 2008-10-29 02:41 2,472,832 --a------ c:\windows\system32\SET1B.tmp
2008-10-29 02:40 . 2008-11-25 17:31 60,452 --a------ c:\windows\system32\ativvaxx.cap
2008-10-29 02:12 . 2008-10-29 02:12 577,536 --a------ c:\windows\system32\SET12.tmp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-25 16:23 --------- d--h--w c:\programfiler\InstallShield Installation Information
2008-11-25 16:10 --------- d-----w c:\documents and settings\markus\Programdata\uTorrent
2008-11-21 22:23 --------- d-----w c:\documents and settings\markus\Programdata\rect grid view
2008-11-21 22:22 --------- d-----w c:\documents and settings\All Users\Programdata\grey ante kind mess
2008-11-15 14:59 30 ----a-w c:\documents and settings\markus\jagex_runescape_preferences.dat
2008-10-29 03:10 3,341,824 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2008-10-29 02:23 425,984 ----a-w c:\windows\system32\ATIDEMGX.dll
2008-10-29 02:22 314,880 ----a-w c:\windows\system32\ati2dvag.dll
2008-10-29 02:11 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2008-10-29 02:11 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2008-10-29 02:11 188,416 ----a-w c:\windows\system32\atipdlxx.dll
2008-10-29 02:11 147,456 ----a-w c:\windows\system32\Oemdspif.dll
2008-10-29 02:10 143,360 ----a-w c:\windows\system32\ati2evxx.dll
2008-10-29 02:10 10,973,184 ----a-w c:\windows\system32\atioglxx.dll
2008-10-29 02:09 585,728 ----a-w c:\windows\system32\ati2evxx.exe
2008-10-29 02:07 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2008-10-29 01:57 4,041,472 ----a-w c:\windows\system32\ati3duag.dll
2008-10-29 01:49 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2008-10-29 01:41 2,472,832 ----a-w c:\windows\system32\ativvaxx.dll
2008-10-29 01:25 48,640 ----a-w c:\windows\system32\amdpcom32.dll
2008-10-29 01:21 389,120 ----a-w c:\windows\system32\atikvmag.dll
2008-10-29 01:19 44,032 ----a-w c:\windows\system32\atiadlxx.dll
2008-10-29 01:19 17,408 ----a-w c:\windows\system32\atitvo32.dll
2008-10-29 01:18 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
2008-10-29 01:18 253,952 ----a-w c:\windows\system32\atiok3x2.dll
2008-10-29 01:12 577,536 ----a-w c:\windows\system32\ati2cqag.dll
2008-10-28 20:05 593,920 ------w c:\windows\system32\ati2sgag.exe
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-22 17:59 --------- d-----w c:\programfiler\Google
2008-10-21 17:51 118,784 ----a-w c:\windows\system32\atibrtmon.exe
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-13 15:13 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-10-13 15:13 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-10-11 17:23 --------- d-----w c:\programfiler\Messenger Plus! Live
2008-09-15 15:29 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-13 11:39 48,396 ----a-w c:\windows\UninstVeetleTVPlayer.exe
2008-09-10 01:16 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-09-04 17:17 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-26 08:30 826,368 ----a-w c:\windows\system32\wininet.dll
.
((((((((((((((((((((((((((((( snapshot@2008-11-25_17.28.26,29 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-11 16:51:07 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys
+ 2008-11-25 16:51:18 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"H/PC Connection Agent"="c:\programfiler\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"showmeal"="c:\docume~1\markus\PROGRA~1\RECTGR~1\SixthHideKind.exe" [2008-11-21 544256]
"DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched"="c:\programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"BigDogPath"="c:\windows\VM_STI.EXE" [2006-12-22 40960]
"Kind Mess Surf Settings"="c:\documents and settings\All Users\Programdata\grey ante kind mess\bias active.exe" [2008-11-25 3602432]
"CTHelper"="CTHELPER.EXE" [2008-06-27 c:\windows\system32\CtHelper.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\programfiler\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a------ 2008-08-21 02:18 443968 c:\programfiler\Picasa2\PicasaMediaDetector.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programfiler\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programfiler\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programfiler\\SopCast\\SopCast.exe"=
"c:\programfiler\Microsoft ActiveSync\rapimgr.exe"= c:\programfiler\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programfiler\Microsoft ActiveSync\wcescomm.exe"= c:\programfiler\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programfiler\Microsoft ActiveSync\WCESMgr.exe"= c:\programfiler\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programfiler\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Programfiler\\TVAnts\\Tvants.exe"=
"c:\\Programfiler\\Messenger\\msmsgs.exe"=
"c:\\Programfiler\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Programfiler\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Programfiler\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet-kort;c:\windows\system32\DRIVERS\AN983.sys [2008-08-03 36224]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.SYS [2008-06-27 99352]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.SYS [2008-06-27 555032]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.SYS [2008-06-27 566296]
R3 ZY760_XP;ZyXEL 802.11g XG762 1211 Driver;c:\windows\system32\DRIVERS\WlanUZXP.sys [2008-08-03 402944]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [2008-06-27 99352]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [2008-06-27 555032]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [2008-06-27 566296]
.
Contents of the 'Scheduled Tasks' folder
2008-11-25 c:\windows\Tasks\ADB2C58991857919.job
- c:\docume~1\markus\progra~1\rectgr~1\amenclockidol.exe [2008-11-21 23:23]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-25 18:09:28
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(776)
c:\programfiler\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2008-11-25 18:10:07
ComboFix-quarantined-files.txt 2008-11-25 17:10:05
ComboFix2.txt 2008-11-25 16:28:45
Pre-Run: 20 545 515 520 byte ledig
Post-Run: 20,533,051,392 byte ledig
190 --- E O F --- 2008-11-13 02:01:53
-
last ned Ccleaner her: http://www.ccleaner.com/ og post ny combofix
Har kjørt ccleaner, men i etterkant
-
Hadde vært fint om noen kunne sjekket disse.
Har ikke mistanke om noe spesielt, men ønsker sjekk.
Avira har funnet noe som er slettet og anti malware fant ingenting, men vet den brukes mye på
bla msn
combo
ComboFix 08-11-24.03 - markus 2008-11-25 17:25:55.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1044.18.1631 [GMT 1:00]
Running from: c:\documents and settings\markus\Skrivebord\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-10-25 to 2008-11-25 )))))))))))))))))))))))))))))))
.
2008-11-25 17:23 . 2008-11-25 17:23 <DIR> d-------- c:\windows\LastGood
2008-11-25 17:23 . 2008-11-25 17:23 <DIR> d-------- c:\programfiler\ATI Technologies
2008-11-25 17:23 . 2008-07-04 04:00 3,786,144 --a------ c:\windows\system32\OLD43.tmp
2008-11-25 17:23 . 2008-07-04 03:49 2,140,672 --a------ c:\windows\system32\OLD42.tmp
2008-11-25 17:23 . 2008-07-04 03:22 565,248 --a------ c:\windows\system32\OLD44.tmp
2008-11-25 17:23 . 2008-07-04 04:12 561,152 --a------ c:\windows\system32\OLD41.tmp
2008-11-25 17:23 . 2008-07-04 03:30 348,160 --a------ c:\windows\system32\OLD3D.tmp
2008-11-25 17:23 . 2008-07-04 04:23 309,248 --a------ c:\windows\system32\OLD45.tmp
2008-11-25 17:23 . 2008-07-04 04:14 184,320 --a------ c:\windows\system32\OLD3F.tmp
2008-11-25 17:23 . 2008-07-04 04:13 139,264 --a------ c:\windows\system32\OLD40.tmp
2008-11-25 17:23 . 2008-07-04 04:13 43,520 --a------ c:\windows\system32\OLD3E.tmp
2008-11-25 17:21 . 2008-11-25 17:21 <DIR> d-------- c:\programfiler\Trend Micro
2008-11-25 17:10 . 2008-11-25 17:10 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2008-11-25 17:03 . 2008-11-25 17:02 22,328 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2008-11-25 17:02 . 2008-11-25 17:02 107,832 --a------ c:\windows\system32\PnkBstrB.exe
2008-11-25 17:02 . 2008-11-25 17:02 22,328 --a------ c:\documents and settings\markus\Programdata\PnkBstrK.sys
2008-11-25 17:01 . 2008-11-25 17:01 2,250,024 --a------ c:\windows\system32\pbsvc.exe
2008-11-25 17:01 . 2008-11-25 17:01 66,872 --a------ c:\windows\system32\PnkBstrA.exe
2008-11-25 16:50 . 2008-11-25 16:50 <DIR> d-------- c:\programfiler\Ubisoft
2008-11-21 23:22 . 2008-11-21 23:22 <DIR> d-------- c:\programfiler\rect grid view
2008-11-13 03:00 . 2008-11-13 03:00 1,393 --a------ c:\windows\imsins.BAK
2008-11-12 19:24 . 2008-09-04 18:17 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-12 19:24 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-09 16:09 . 2008-11-25 17:23 4,958,588 --a------ c:\windows\{0000000B-00000000-00000009-00001102-00000004-20021102}.BAK
2008-11-09 16:04 . 2008-11-25 17:13 <DIR> dr-h----- c:\documents and settings\markus\Siste
2008-11-09 15:33 . 2008-11-09 15:33 <DIR> d-------- c:\programfiler\Activision
2008-11-09 15:27 . 2008-11-09 15:27 <DIR> d--hs---- c:\windows\ftpcache
2008-11-09 15:26 . 2008-11-09 15:26 <DIR> d-------- c:\programfiler\DAEMON Tools Lite
2008-11-09 15:22 . 2008-11-09 15:22 <DIR> d-------- c:\documents and settings\spillkonto\Programdata\rect grid view
2008-11-09 15:22 . 2008-11-09 15:22 <DIR> d-------- c:\documents and settings\markus\Programdata\DAEMON Tools
2008-11-09 15:22 . 2008-11-09 15:22 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2008-11-09 15:04 . 2008-08-03 02:49 <DIR> dr------- c:\documents and settings\spillkonto\Start-meny
2008-11-09 15:04 . 2008-08-03 02:49 <DIR> d--h----- c:\documents and settings\spillkonto\Skrivere
2008-11-09 15:04 . 2008-08-03 02:49 <DIR> d-------- c:\documents and settings\spillkonto\Skrivebord
2008-11-09 15:04 . 2008-11-09 15:05 <DIR> dr-h----- c:\documents and settings\spillkonto\Siste
2008-11-09 15:04 . 2008-11-25 17:13 <DIR> dr-h----- c:\documents and settings\spillkonto\Programdata
2008-11-09 15:04 . 2008-11-25 17:15 <DIR> dr------- c:\documents and settings\spillkonto\Mine dokumenter
2008-11-09 15:04 . 2008-08-03 00:56 <DIR> d--h----- c:\documents and settings\spillkonto\Maler
2008-11-09 15:04 . 2008-11-25 17:27 <DIR> d--h----- c:\documents and settings\spillkonto\Lokale innstillinger
2008-11-09 15:04 . 2008-11-09 15:05 <DIR> dr------- c:\documents and settings\spillkonto\Favoritter
2008-11-09 15:04 . 2008-08-03 02:49 <DIR> d--h----- c:\documents and settings\spillkonto\AndrMask
2008-11-09 15:04 . 2008-11-09 15:04 <DIR> d-------- c:\documents and settings\spillkonto
2008-10-29 03:22 . 2008-10-29 03:22 314,880 --a------ c:\windows\system32\SETF.tmp
2008-10-29 03:11 . 2008-10-29 03:11 188,416 --a------ c:\windows\system32\SET34.tmp
2008-10-29 03:11 . 2008-10-29 03:11 43,520 --a------ c:\windows\system32\SET3A.tmp
2008-10-29 03:10 . 2008-10-29 03:10 143,360 --a------ c:\windows\system32\SET31.tmp
2008-10-29 03:09 . 2008-10-29 03:09 585,728 --a------ c:\windows\system32\SET2E.tmp
2008-10-29 02:57 . 2008-10-29 02:57 4,041,472 --a------ c:\windows\system32\SET18.tmp
2008-10-29 02:41 . 2008-10-29 02:41 2,472,832 --a------ c:\windows\system32\SET1B.tmp
2008-10-29 02:40 . 2008-10-29 02:40 60,452 --a------ c:\windows\system32\ativvaxx.cap
2008-10-29 02:18 . 2008-10-29 02:18 253,952 --a------ c:\windows\system32\SET7B.tmp
2008-10-29 02:18 . 2008-10-29 02:18 253,952 --a------ c:\windows\system32\SET70.tmp
2008-10-29 02:12 . 2008-10-29 02:12 577,536 --a------ c:\windows\system32\SET12.tmp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-25 16:23 --------- d--h--w c:\programfiler\InstallShield Installation Information
2008-11-25 16:10 --------- d-----w c:\documents and settings\markus\Programdata\uTorrent
2008-11-21 22:23 --------- d-----w c:\documents and settings\markus\Programdata\rect grid view
2008-11-21 22:22 --------- d-----w c:\documents and settings\All Users\Programdata\grey ante kind mess
2008-11-15 14:59 30 ----a-w c:\documents and settings\markus\jagex_runescape_preferences.dat
2008-10-29 03:10 3,341,824 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2008-10-29 02:23 425,984 ----a-w c:\windows\system32\ATIDEMGX.dll
2008-10-29 02:22 314,880 ----a-w c:\windows\system32\ati2dvag.dll
2008-10-29 02:11 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2008-10-29 02:11 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2008-10-29 02:11 188,416 ----a-w c:\windows\system32\atipdlxx.dll
2008-10-29 02:11 147,456 ----a-w c:\windows\system32\Oemdspif.dll
2008-10-29 02:10 143,360 ----a-w c:\windows\system32\ati2evxx.dll
2008-10-29 02:10 10,973,184 ----a-w c:\windows\system32\atioglxx.dll
2008-10-29 02:09 585,728 ----a-w c:\windows\system32\ati2evxx.exe
2008-10-29 02:07 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2008-10-29 01:57 4,041,472 ----a-w c:\windows\system32\ati3duag.dll
2008-10-29 01:49 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2008-10-29 01:41 2,472,832 ----a-w c:\windows\system32\ativvaxx.dll
2008-10-29 01:25 48,640 ----a-w c:\windows\system32\amdpcom32.dll
2008-10-29 01:21 389,120 ----a-w c:\windows\system32\atikvmag.dll
2008-10-29 01:19 44,032 ----a-w c:\windows\system32\atiadlxx.dll
2008-10-29 01:19 17,408 ----a-w c:\windows\system32\atitvo32.dll
2008-10-29 01:18 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
2008-10-29 01:12 577,536 ----a-w c:\windows\system32\ati2cqag.dll
2008-10-28 20:05 593,920 ------w c:\windows\system32\ati2sgag.exe
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-22 17:59 --------- d-----w c:\programfiler\Google
2008-10-21 17:51 118,784 ----a-w c:\windows\system32\atibrtmon.exe
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-13 15:13 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-10-13 15:13 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-10-11 17:23 --------- d-----w c:\programfiler\Messenger Plus! Live
2008-09-15 15:29 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-13 11:39 48,396 ----a-w c:\windows\UninstVeetleTVPlayer.exe
2008-09-10 01:16 1,307,648 ------w c:\windows\system32\msxml6.dll
2008-09-04 17:17 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-26 08:30 826,368 ----a-w c:\windows\system32\wininet.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"H/PC Connection Agent"="c:\programfiler\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"showmeal"="c:\docume~1\markus\PROGRA~1\RECTGR~1\SixthHideKind.exe" [2008-11-21 544256]
"DAEMON Tools Lite"="c:\programfiler\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched"="c:\programfiler\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"BigDogPath"="c:\windows\VM_STI.EXE" [2006-12-22 40960]
"Kind Mess Surf Settings"="c:\documents and settings\All Users\Programdata\grey ante kind mess\bias active.exe" [2008-11-25 3602432]
"CTHelper"="CTHELPER.EXE" [2008-06-27 c:\windows\system32\CtHelper.exe]
"ATIModeChange"="Ati2mdxx.exe" [2008-10-29 c:\windows\system32\Ati2mdxx.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programfiler\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\programfiler\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
--a------ 2008-08-21 02:18 443968 c:\programfiler\Picasa2\PicasaMediaDetector.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programfiler\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Programfiler\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programfiler\\SopCast\\SopCast.exe"=
"c:\programfiler\Microsoft ActiveSync\rapimgr.exe"= c:\programfiler\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programfiler\Microsoft ActiveSync\wcescomm.exe"= c:\programfiler\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programfiler\Microsoft ActiveSync\WCESMgr.exe"= c:\programfiler\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programfiler\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Programfiler\\TVAnts\\Tvants.exe"=
"c:\\Programfiler\\Messenger\\msmsgs.exe"=
"c:\\Programfiler\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Programfiler\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Programfiler\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"=
"c:\\Programfiler\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet-kort;c:\windows\system32\DRIVERS\AN983.sys [2008-08-03 36224]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.SYS [2008-06-27 99352]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.SYS [2008-06-27 555032]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.SYS [2008-06-27 566296]
R3 ZY760_XP;ZyXEL 802.11g XG762 1211 Driver;c:\windows\system32\DRIVERS\WlanUZXP.sys [2008-08-03 402944]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [2008-06-27 99352]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [2008-06-27 555032]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [2008-06-27 566296]
*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
2008-11-25 c:\windows\Tasks\ADB2C58991857919.job
- c:\docume~1\markus\progra~1\rectgr~1\amenclockidol.exe [2008-11-21 23:23]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-25 17:28:06
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(768)
c:\programfiler\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2008-11-25 17:28:44
ComboFix-quarantined-files.txt 2008-11-25 16:28:42
Pre-Run: 20 198 694 912 byte ledig
Post-Run: 20,535,865,344 byte ledig
200 --- E O F --- 2008-11-13 02:01:53
HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:37:28, on 25.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programfiler\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Internet Explorer\IEXPLORE.EXE
C:\Programfiler\Microsoft ActiveSync\wcescomm.exe
C:\Programfiler\Internet Explorer\IEXPLORE.EXE
C:\Programfiler\DAEMON Tools Lite\daemon.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programfiler\Internet Explorer\iexplore.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vg.no/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programfiler\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE %;USB\VID_0AC8&PID_0302.DeviceDesc%
O4 - HKLM\..\Run: [Kind Mess Surf Settings] C:\Documents and Settings\All Users\Programdata\grey ante kind mess\bias active.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programfiler\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [showmeal] C:\DOCUME~1\markus\PROGRA~1\RECTGR~1\SixthHideKind.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programfiler\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Opprett mobil favoritt... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1217702304421
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programfiler\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programfiler\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 6143 bytes
-
Loggene ser greie ut.
Hvem gir melding om Vundo?
Fikk den beskjeden fra windows defender ved oppstarten.
Har kjørt ccleaner, SAS og combofix
Får ikke den beskjeden lenger ved oppstart.
-
combofix
ComboFix 08-09-05.03 - Inger 2008-09-07 17:03:36.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1044.18.2098 [GMT 2:00]
Running from: C:\Users\Inger\Desktop\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2008-08-07 to 2008-09-07 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-07 14:44 --------- d-----w C:\Users\Inger\AppData\Roaming\Malwarebytes
2008-09-07 14:44 --------- d-----w C:\ProgramData\Malwarebytes
2008-09-07 14:44 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-09-07 14:36 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com
2008-09-07 14:35 --------- d-----w C:\Users\Inger\AppData\Roaming\SUPERAntiSpyware.com
2008-09-07 14:35 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-09-07 14:35 --------- d-----w C:\Program Files\CCleaner
2008-09-07 14:34 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-05 12:55 --------- d-----w C:\Users\Inger\AppData\Roaming\BitTorrent
2008-09-05 11:25 0 ----a-w C:\Users\Inger\AppData\Roaming\wklnhst.dat
2008-09-05 11:25 --------- d-----w C:\Users\Inger\AppData\Roaming\Template
2008-09-04 19:50 --------- d-----w C:\Program Files\DAEMON Tools Toolbar
2008-09-04 19:14 --------- d-----w C:\Users\Inger\AppData\Roaming\vlc
2008-09-04 18:56 --------- d-----w C:\Program Files\VideoLAN
2008-09-04 18:49 --------- d-----w C:\Users\Inger\AppData\Roaming\Sony
2008-09-04 18:49 --------- d-----w C:\ProgramData\Sony
2008-09-04 18:48 --------- d-----w C:\Program Files\Vstplugins
2008-09-04 18:44 --------- d-----w C:\ProgramData\Pinnacle
2008-09-04 18:18 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-09-04 18:17 --------- d-----w C:\Users\Inger\AppData\Roaming\DAEMON Tools
2008-09-04 12:59 --------- d-----w C:\Users\Inger\AppData\Roaming\DNA
2008-09-04 12:58 --------- d-----w C:\ProgramData\CyberLink
2008-09-04 12:06 --------- d-----w C:\Users\Inger\AppData\Roaming\CyberLink
2008-09-04 11:54 --------- d-----w C:\ProgramData\WildTangent
2008-09-04 11:36 --------- d-----w C:\Users\Inger\AppData\Roaming\PlayFirst
2008-09-04 11:20 --------- d-----w C:\ProgramData\PlayFirst
2008-09-04 11:17 --------- d-----w C:\Users\Inger\AppData\Roaming\WildTangent
2008-09-04 09:21 --------- d-----w C:\Users\Inger\AppData\Roaming\LimeWire
2008-09-04 08:46 --------- d-----w C:\Program Files\LimeWire
2008-09-03 18:17 --------- d-----w C:\Program Files\PhotoScape
2008-09-03 18:07 --------- d-----w C:\Program Files\DNA
2008-09-03 18:07 --------- d-----w C:\Program Files\BitTorrent
2008-09-01 22:16 38,528 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys
2008-09-01 22:16 17,200 ----a-w C:\Windows\system32\drivers\mbam.sys
2008-09-01 14:36 --------- d-----w C:\Program Files\Windows Mail
2008-09-01 14:34 --------- d-----w C:\Program Files\Common Files\Adobe
2008-09-01 14:19 --------- d-----w C:\ProgramData\Symantec
2008-09-01 14:18 --------- d-----w C:\Program Files\MSXML 4.0
2008-09-01 14:18 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-09-01 14:01 --------- d-----w C:\Users\Inger\AppData\Roaming\Symantec
2008-09-01 14:01 --------- d-----w C:\Users\Inger\AppData\Roaming\ATI
2008-09-01 14:00 --------- d-----w C:\Users\Inger\AppData\Roaming\DigitalPersona
2008-09-01 13:56 --------- d-----w C:\Users\Inger\AppData\Roaming\Hewlett-Packard
2008-09-01 13:54 --------- d-----w C:\Program Files\Microsoft Works
2008-09-01 13:51 --------- d-----w C:\Program Files\MSN Messenger
2008-09-01 13:50 0 --sha-r C:\Windows\system32\drivers\103C_HP_cNB_Pavilion dv5 Notebook PC_Y5335KV_0U_QCNF83148MN_E465488-DH2_4A_I3600_SHP_V98.1E_F.07_T080717_WV3-1_L414_M3069_J320_7AMD_8F31_92.00_#080901_N10EC8168;168C002A_(FP692EA#UUW)_XMOBILE_CN10_Z_
Rev 1.MRK
2008-09-01 13:50 --------- d-----w C:\Users\Inger\AppData\Roaming\Macrovision
2008-08-11 17:11 --------- d-----w C:\ProgramData\ATI
2008-08-11 17:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-11 17:09 --------- d-----w C:\ProgramData\Macrovision
2008-08-11 17:09 --------- d-----w C:\Program Files\DigitalPersona
2008-08-11 17:08 --------- d-----w C:\Program Files\CyberLink
2008-08-11 17:03 --------- d-----w C:\ProgramData\Hewlett-Packard
2008-08-11 17:03 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-08-11 16:37 --------- d-----w C:\Program Files\WIDCOMM
2008-08-11 16:36 --------- d-----w C:\Program Files\AMD
2008-08-11 16:35 --------- d-----w C:\Program Files\Hewlett-Packard
2008-08-11 16:35 --------- d-----w C:\Program Files\AVerMedia
2008-08-11 16:35 --------- d-----w C:\Program Files\Atheros
2008-08-11 16:34 --------- d-----w C:\ProgramData\Atheros
2008-08-11 16:34 --------- d-----w C:\Program Files\Realtek
2008-08-11 16:34 --------- d-----w C:\Program Files\IDT
2008-08-11 16:34 --------- d-----w C:\Program Files\Cisco
2008-08-11 16:30 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2008-08-11 16:30 --------- d-----w C:\Program Files\Validity Sensors, Inc
2008-08-11 16:30 --------- d-----w C:\Program Files\Synaptics
2008-08-11 16:28 --------- d-----w C:\Program Files\ATI Technologies
2008-08-11 16:25 --------- d-----w C:\Program Files\ATI
2008-07-30 15:42 23,888 ----a-w C:\Windows\system32\drivers\COH_Mon.sys
2008-07-30 15:28 706 ----a-w C:\Windows\system32\drivers\COH_Mon.inf
2008-07-30 15:28 10,537 ----a-w C:\Windows\system32\drivers\coh_mon.cat
2008-01-21 02:43 174 --sha-w C:\Program Files\desktop.ini
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-02-26 2289664]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-17 1033512]
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" [2008-04-16 442433]
"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-25 222504]
"DpAgent"="C:\Program Files\DigitalPersona\Bin\dpagent.exe" [2008-03-13 699456]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2008-05-15 468264]
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-02-07 51048]
"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-02 554288]
"HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-09 54840]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Malwarebytes Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [2008-09-02 1244848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-01-17 727592]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{77EE5ECE-F6EA-460F-8BA9-66AF7E5ED80F}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play
"{1F154C7C-27EB-4171-AB63-7DC5A2BA90EC}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{A7B725BE-FF70-4A2B-8480-BD3DD5C33BFC}"= C:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{BA1C6823-0502-47B7-9DA7-7058F0930690}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{38AF2B09-7495-462C-BC2E-D413638784D3}"= UDP:C:\Program Files\DNA\btdna.exe:DNA (TCP-In)
"{823AD503-AE50-4648-9AB4-C1C88915C122}"= TCP:C:\Program Files\DNA\btdna.exe:DNA (UDP-In)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
R0 ahcix86s;ahcix86s;C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-04-15 170000]
R0 Amddfltr;Amd Disk Lower Filter Driver;C:\Windows\system32\DRIVERS\Amddfltr.sys [2008-01-07 15416]
R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-29 7680]
R0 MegaSR;MegaSR;C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20080905.002\IDSvix86.sys [2008-03-20 261680]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe [2008-02-12 73728]
R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe [2008-03-19 19456]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-02-07 149864]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS);C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2008-05-15 292248]
R2 QPSched;QuickPlay Task Scheduler (QTS);C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2008-05-15 116112]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Windows\SMINST\BLService.exe [2008-03-27 341328]
R2 vfsFPService;Validity Fingerprint Service;C:\Windows\system32\vfsFPService.exe [2008-03-27 595248]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-28 3544064]
R3 AVerAF15;HP DVB-T TV Tuner;C:\Windows\system32\Drivers\AVerAF15.sys [2008-03-14 280192]
R3 btwaudio;Bluetooth Audio Device Service;C:\Windows\system32\drivers\btwaudio.sys [2008-02-01 80424]
R3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys [2008-02-01 80936]
R3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2008-02-01 16168]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-02-05 41008]
R3 vfs101x;vfs101x;C:\Windows\system32\drivers\vfs101x.sys [2008-03-27 40752]
S3 COH_Mon;COH_Mon;C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
S3 ErrDev;Microsoft Hardware Error Device Driver;C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 GameConsoleService;GameConsoleService;C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-06 165416]
S3 HpqRemHid;HP Remote Control HID Device;C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
*Newly Created Service* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.startsiden.no/
R0 -: HKLM-Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nb_no&c=83&bd=Pavilion&pf=cnnb
O8 -: &Søkefunksjon i AOL-verktrylinjen - C:\ProgramData\AOL\ieToolbar\resources\nb-NO\local\search.html
O8 -: Send bilde til &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 -: Send side til &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 -: {CAC677B6-4963-4305-9066-0BD135CD9233} - hxxps://asp.photoprintit.de/microsite/5026/defaults/activex/ips/IPSUploader4.cab
C:\Windows\Downloaded Program Files\IPSUploader4.inf
C:\Windows\System32\unicows.dll
C:\Windows\Downloaded Program Files\IPSUploader4.ocx
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 17:12:31
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\Windows\Explorer.exe
-> C:\Program Files\WinRAR\rarext.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\Ati2evxx.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe
C:\Windows\System32\audiodg.exe
C:\Windows\System32\Ati2evxx.exe
C:\Windows\System32\wlanext.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\conime.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Completion time: 2008-09-07 17:20:30 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-07 15:20:14
Pre-Run: Finner ikke meldingstekst for melding nummer 0x2379 i meldingsfilen for Application.
Post-Run: 218,602,147,840 byte ledig
247 --- E O F --- 2008-09-07 14:32:59
hjt-log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:19, on 2008-09-07
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\CF30494.exe
C:\ComboFix\sed.cfexe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.5\CoIEPlg.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Send bilde til &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send side til &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/5026/...PSUploader4.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatisk LiveUpdate-planlegging (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\STacSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
--
End of file - 10118 bytes
-
heia
Takker for tilbakemelding.
Lcd skjermen er ikke en wide, men ordinær 19"
Kjører oppløsning nå på 1280*1024(som virker ok) og 60 hz.
Så snart jeg restarter, mister jeg den under winpåloggingen.
Kan ikke skjønne dette.......
Ny bærbar (som også skal brukes til spilling)
i Hjelp til kjøp og salg av PC
Skrevet · Endret av kroghelg
Hei.
Er i ferd med å kjøpe ny bærbar.
Vil bli brukt til jobb samt litt spilling.
Regner med det kommer tilbud i romjula eller januar og har allerede sett ut en fra power som kan være aktuell.
https://www.power.no/data-og-tilbehoer/baerbar-pc/asus-rog-fx502vm-dm277t-156-laptop/p-504594/
Max pris +/- 10k
Ønsker ikke en "glorete" av utseende, samt ok lav vekt. Noen tips?
Edit: ser nå at prisen er gått opp til 14k. Var nok bare dagstilbud hvor den var nede i 11k,så da blir denne uaktuell med nåværende pris.