baosen
-
Innlegg
70 -
Ble med
-
Besøkte siden sist
Innholdstype
Profiler
Forum
Hendelser
Blogger
Om forumet
Innlegg skrevet av baosen
-
-
Har selv bachelor i informatikk, og påstanden med at arbeidsgivere "kommer bankede på døra" er langt fra dagens virkelighet. Det er vanskelig å skaffe seg jobb med bare bachelor i disse tider, siden mange i dag tar en master hvor dem blir prioritert. Masteren har blitt før-tidens bachelor og doktor-graden har blitt før-tidens master.
Denne artikkelen er nok bare reklame for å få studenter til å abonnere på DN. Kreativt av dere DN skal jeg nok si .
Hvis dere studenter studerer på NTNU eller UiO, så finner dere Dagens Næringsliv på biblioteket som dere kan låne og lese gratis, så kan dere bruke de 99kr til noe annet f. eks Spotify.
- 2
-
Et fps med enkle våpen og basert på skill?
www.quakelive.com
- 1
-
Hvis du skal ha en laptop, anbefaler jeg Asus-laptop på det sterkeste.
Asus har som regel ganske bra balanse på ytelse og design (de blir ikke varme der du har hendene dine ). I tillegg har det 24 måneders garanti på laptopene sine.
Du kan ikke gå feil hvis du går for en Asus-laptop.
Ta en titt på disse:
-
De holdt ikke det de lovet i utgivelsen av Age of Conan. De annonserte masse "features" som ikke kom med i utgivelsen av spillet. Det tok dem 1 år før de la dem inn.
Da hadde allerede Wrath of the Lich King blitt lansert, så folk brydde seg ikke særlig mye om Age Of Conan lengre.
Dessverre så ødela han fyren som var ansvarlig for PR det gode ryktet til FunCom.
-
Beklager sen svar
Jeg tok en combofix-scan igjen. Det dukket ikke opp noe logg nå
Jeg tok virustotal-scan på alle kernel32.dll filene jeg fant. Ingen virus her heller.
Datamaskinen fungerer ganske utmerket nå. Jeg har ikke merket noe tegn til virusinfeksjon. Alt ser ut som det er borte.
-
Det var bare kernel32.dll i system32-mappa.
c:\windows\system32\kernel32.dll
File kernel32.dll received on 2010.07.23 20:03:54 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/42 (0%)
Loading server information...
Your file is queued in position: 3.
Estimated start time is between 61 and 87 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.
You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:
Antivirus Version Last Update Result
AhnLab-V3 2010.07.23.01 2010.07.23 -
AntiVir 8.2.4.26 2010.07.23 -
Antiy-AVL 2.0.3.7 2010.07.23 -
Authentium 5.2.0.5 2010.07.23 -
Avast 4.8.1351.0 2010.07.23 -
Avast5 5.0.332.0 2010.07.23 -
AVG 9.0.0.851 2010.07.23 -
BitDefender 7.2 2010.07.23 -
CAT-QuickHeal 11.00 2010.07.23 -
ClamAV 0.96.0.3-git 2010.07.23 -
Comodo 5521 2010.07.23 -
DrWeb 5.0.2.03300 2010.07.23 -
Emsisoft 5.0.0.34 2010.07.23 -
eSafe 7.0.17.0 2010.07.22 -
eTrust-Vet 36.1.7732 2010.07.23 -
F-Prot 4.6.1.107 2010.07.23 -
F-Secure 9.0.15370.0 2010.07.23 -
Fortinet 4.1.143.0 2010.07.23 -
GData 21 2010.07.23 -
Ikarus T3.1.1.84.0 2010.07.23 -
Jiangmin 13.0.900 2010.07.23 -
Kaspersky 7.0.0.125 2010.07.23 -
McAfee 5.400.0.1158 2010.07.23 -
McAfee-GW-Edition 2010.1 2010.07.23 -
Microsoft 1.6004 2010.07.23 -
NOD32 5306 2010.07.23 -
Norman 6.05.11 2010.07.23 -
nProtect 2010-07-23.02 2010.07.23 -
Panda 10.0.2.7 2010.07.23 -
PCTools 7.0.3.5 2010.07.23 -
Prevx 3.0 2010.07.23 -
Rising 22.57.03.08 2010.07.23 -
Sophos 4.55.0 2010.07.23 -
Sunbelt 6627 2010.07.23 -
SUPERAntiSpyware 4.40.0.1006 2010.07.23 -
Symantec 20101.1.1.7 2010.07.23 -
TheHacker 6.5.2.1.324 2010.07.23 -
TrendMicro 9.120.0.1004 2010.07.23 -
TrendMicro-HouseCall 9.120.0.1004 2010.07.23 -
VBA32 3.12.12.6 2010.07.23 -
ViRobot 2010.7.23.3956 2010.07.23 -
VirusBuster 5.0.27.0 2010.07.23 -
Additional information
File size: 990720 bytes
MD5...: d023175566b0bcdc4935f3f6e5f70377
SHA1..: c52729de8e3b46d5e97284c5eca9649f9031c37c
SHA256: e37c2898503f11774a4fc7380789f25837bca3b0a845340e62c8e70f4998f191
ssdeep: 12288:uwLw6PKp1IgSq1cNfxVNLww0I7OM4mQRQdlafOiS:OpWHfnNLxwaQRQfaf
OR
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xb64e
timedatestamp.....: 0x49c4f536 (Sat Mar 21 14:09:58 2009)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x831e9 0x83200 6.66 20e7d84df75e06dfbc481e20c3e7f8d2
.data 0x85000 0x4460 0x2600 0.59 dd0a1d702ba641dd9a3e4aa8d1896aec
.rsrc 0x8a000 0x66268 0x66400 3.40 6134bd51301991f0281613a31e256536
.reloc 0xf1000 0x5c84 0x5e00 6.62 55b85ac969f28a4d4dff5820d55ffa12
( 1 imports )
> ntdll.dll: _wcsnicmp, NtFsControlFile, NtCreateFile, RtlAllocateHeap, RtlFreeHeap, NtOpenFile, NtQueryInformationFile, NtQueryEaFile, RtlLengthSecurityDescriptor, NtQuerySecurityObject, NtSetEaFile, NtSetSecurityObject, NtSetInformationFile, CsrClientCallServer, NtDeviceIoControlFile, NtClose, RtlInitUnicodeString, wcscspn, RtlUnicodeToMultiByteSize, wcslen, _memicmp, memmove, NtQueryValueKey, NtOpenKey, NtFlushKey, NtSetValueKey, NtCreateKey, RtlNtStatusToDosError, RtlFreeUnicodeString, RtlDnsHostNameToComputerName, wcsncpy, RtlUnicodeStringToAnsiString, RtlxUnicodeStringToAnsiSize, NlsMbCodePageTag, RtlAnsiStringToUnicodeString, RtlInitAnsiString, RtlCreateUnicodeStringFromAsciiz, wcschr, wcsstr, RtlPrefixString, _wcsicmp, RtlGetFullPathName_U, RtlGetCurrentDirectory_U, NtQueryInformationProcess, RtlUnicodeStringToOemString, RtlReleasePebLock, RtlEqualUnicodeString, RtlAcquirePebLock, RtlFreeAnsiString, RtlSetCurrentDirectory_U, RtlTimeToTimeFields, NtSetSystemTime, RtlTimeFieldsToTime, NtQuerySystemInformation, RtlSetTimeZoneInformation, NtSetSystemInformation, RtlCutoverTimeToSystemTime, _allmul, NtEnumerateKey, RtlOpenCurrentUser, RtlQueryRegistryValues, _itow, DbgBreakPoint, RtlFreeSid, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, RtlAddAccessAllowedAce, RtlCreateAcl, RtlLengthSid, RtlAllocateAndInitializeSid, DbgPrint, NtOpenProcess, CsrGetProcessId, DbgUiDebugActiveProcess, DbgUiConnectToDbg, DbgUiIssueRemoteBreakin, NtSetInformationDebugObject, DbgUiGetThreadDebugObject, NtQueryInformationThread, DbgUiConvertStateChangeStructure, DbgUiWaitStateChange, DbgUiContinue, DbgUiStopDebugging, RtlDosPathNameToNtPathName_U, RtlIsDosDeviceName_U, RtlCreateAtomTable, NtAddAtom, RtlAddAtomToAtomTable, NtFindAtom, RtlLookupAtomInAtomTable, NtDeleteAtom, RtlDeleteAtomFromAtomTable, NtQueryInformationAtom, RtlQueryAtomInAtomTable, RtlOemStringToUnicodeString, RtlMultiByteToUnicodeN, RtlUnicodeToMultiByteN, RtlMultiByteToUnicodeSize, RtlPrefixUnicodeString, RtlLeaveCriticalSection, RtlEnterCriticalSection, NtEnumerateValueKey, RtlIsTextUnicode, NtReadFile, NtAllocateVirtualMemory, NtUnlockFile, NtLockFile, RtlAppendUnicodeStringToString, RtlAppendUnicodeToString, RtlCopyUnicodeString, NtFreeVirtualMemory, NtWriteFile, RtlCreateUnicodeString, RtlFormatCurrentUserKeyPath, RtlGetLongestNtPathLength, NtDuplicateObject, NtQueryKey, NtDeleteValueKey, RtlEqualString, CsrFreeCaptureBuffer, CsrCaptureMessageString, CsrAllocateCaptureBuffer, strncpy, RtlCharToInteger, RtlUpcaseUnicodeChar, RtlUpcaseUnicodeString, CsrAllocateMessagePointer, NtQueryObject, wcscmp, RtlCompareMemory, NtQueryDirectoryObject, NtQuerySymbolicLinkObject, NtOpenSymbolicLinkObject, NtOpenDirectoryObject, NtCreateIoCompletion, NtSetIoCompletion, NtRemoveIoCompletion, NtSetInformationProcess, NtQueryDirectoryFile, RtlDeleteCriticalSection, NtNotifyChangeDirectoryFile, NtWaitForSingleObject, RtlInitializeCriticalSection, NtQueryVolumeInformationFile, NtFlushBuffersFile, RtlDeactivateActivationContextUnsafeFast, RtlActivateActivationContextUnsafeFast, NtCancelIoFile, NtReadFileScatter, NtWriteFileGather, wcscpy, NtOpenSection, NtMapViewOfSection, NtFlushVirtualMemory, RtlFlushSecureMemoryCache, NtUnmapViewOfSection, NtCreateSection, NtQueryFullAttributesFile, swprintf, NtQueryAttributesFile, RtlDetermineDosPathNameType_U, NtRaiseHardError, NtQuerySystemEnvironmentValueEx, RtlGUIDFromString, NtSetSystemEnvironmentValueEx, RtlInitString, RtlUnlockHeap, RtlSetUserValueHeap, RtlFreeHandle, RtlAllocateHandle, RtlLockHeap, RtlSizeHeap, RtlGetUserInfoHeap, RtlReAllocateHeap, RtlIsValidHandle, RtlCompactHeap, RtlImageNtHeader, NtProtectVirtualMemory, NtQueryVirtualMemory, NtLockVirtualMemory, NtUnlockVirtualMemory, NtFlushInstructionCache, NtAllocateUserPhysicalPages, NtFreeUserPhysicalPages, NtMapUserPhysicalPages, NtMapUserPhysicalPagesScatter, NtGetWriteWatch, NtResetWriteWatch, NtSetInformationObject, LdrQueryImageFileExecutionOptions, CsrNewThread, CsrClientConnectToServer, RtlCreateTagHeap, LdrSetDllManifestProber, RtlSetThreadPoolStartFunc, RtlEncodePointer, _stricmp, wcscat, RtlCreateHeap, RtlDestroyHeap, RtlExtendHeap, RtlQueryTagHeap, RtlUsageHeap, RtlValidateHeap, RtlGetProcessHeaps, RtlWalkHeap, RtlSetHeapInformation, RtlQueryHeapInformation, RtlInitializeHandleTable, RtlExtendedLargeIntegerDivide, NtCreateMailslotFile, RtlFormatMessage, RtlFindMessage, LdrUnloadDll, LdrUnloadAlternateResourceModule, LdrDisableThreadCalloutsForDll, strchr, LdrGetDllHandle, LdrUnlockLoaderLock, LdrAddRefDll, RtlComputePrivatizedDllName_U, RtlPcToFileHeader, LdrLockLoaderLock, RtlGetVersion, LdrEnumerateLoadedModules, RtlVerifyVersionInfo, RtlUnicodeStringToInteger, LdrLoadAlternateResourceModule, RtlDosApplyFileIsolationRedirection_Ustr, LdrLoadDll, LdrGetProcedureAddress, LdrFindResource_U, LdrAccessResource, LdrFindResourceDirectory_U, RtlImageDirectoryEntryToData, _strcmpi, NtSetInformationThread, NtOpenThreadToken, NtCreateNamedPipeFile, RtlDefaultNpAcl, RtlDosSearchPath_Ustr, RtlInitUnicodeStringEx, RtlQueryEnvironmentVariable_U, RtlAnsiCharToUnicodeChar, RtlIntegerToChar, NtSetVolumeInformationFile, RtlIsNameLegalDOS8Dot3, NtQueryPerformanceCounter, sprintf, NtPowerInformation, NtInitiatePowerAction, NtSetThreadExecutionState, NtRequestWakeupLatency, NtGetDevicePowerState, NtIsSystemResumeAutomatic, NtRequestDeviceWakeup, NtCancelDeviceWakeupRequest, NtWriteVirtualMemory, LdrShutdownProcess, NtTerminateProcess, RtlRaiseStatus, RtlSetEnvironmentVariable, RtlExpandEnvironmentStrings_U, NtReadVirtualMemory, RtlCompareUnicodeString, NtCreateJobSet, NtCreateJobObject, NtIsProcessInJob, RtlEqualSid, RtlSubAuthoritySid, RtlInitializeSid, NtQueryInformationToken, NtOpenProcessToken, NtResumeThread, NtAssignProcessToJobObject, CsrCaptureMessageMultiUnicodeStringsInPlace, NtCreateThread, NtCreateProcessEx, RtlDestroyEnvironment, NtQuerySection, NtQueryInformationJobObject, RtlGetNativeSystemInformation, RtlxAnsiStringToUnicodeSize, NtOpenEvent, NtQueryEvent, NtTerminateThread, wcsrchr, NlsMbOemCodePageTag, RtlxUnicodeStringToOemSize, NtAdjustPrivilegesToken, RtlImpersonateSelf, wcsncmp, RtlDestroyProcessParameters, RtlCreateProcessParameters, RtlInitializeCriticalSectionAndSpinCount, NtSetEvent, NtClearEvent, NtPulseEvent, NtCreateSemaphore, NtOpenSemaphore, NtReleaseSemaphore, NtCreateMutant, NtOpenMutant, NtReleaseMutant, NtSignalAndWaitForSingleObject, NtWaitForMultipleObjects, NtDelayExecution, NtCreateTimer, NtOpenTimer, NtSetTimer, NtCancelTimer, NtCreateEvent, RtlCopyLuid, strrchr, _vsnwprintf, RtlReleaseActivationContext, RtlActivateActivationContextEx, RtlQueryInformationActivationContext, NtOpenThread, LdrShutdownThread, RtlFreeThreadActivationContextStack, NtGetContextThread, NtSetContextThread, NtSuspendThread, RtlRaiseException, RtlDecodePointer, towlower, RtlClearBits, RtlFindClearBitsAndSet, RtlAreBitsSet, NtQueueApcThread, NtYieldExecution, RtlRegisterWait, RtlDeregisterWait, RtlDeregisterWaitEx, RtlQueueWorkItem, RtlSetIoCompletionCallback, RtlCreateTimerQueue, RtlCreateTimer, RtlUpdateTimer, RtlDeleteTimer, RtlDeleteTimerQueueEx, CsrIdentifyAlertableThread, RtlApplicationVerifierStop, _alloca_probe, RtlDestroyQueryDebugBuffer, RtlQueryProcessDebugInformation, RtlCreateQueryDebugBuffer, RtlCreateEnvironment, RtlFreeOemString, strstr, toupper, isdigit, atol, tolower, NtOpenJobObject, NtTerminateJobObject, NtSetInformationJobObject, RtlAddRefActivationContext, RtlZombifyActivationContext, RtlActivateActivationContext, RtlDeactivateActivationContext, RtlGetActiveActivationContext, DbgPrintEx, LdrDestroyOutOfProcessImage, LdrAccessOutOfProcessResource, LdrFindCreateProcessManifest, LdrCreateOutOfProcessImage, RtlNtStatusToDosErrorNoTeb, RtlpApplyLengthFunction, RtlGetLengthWithoutLastFullDosOrNtPathElement, RtlpEnsureBufferSize, RtlMultiAppendUnicodeStringBuffer, _snwprintf, RtlCreateActivationContext, RtlFindActivationContextSectionString, RtlFindActivationContextSectionGuid, _allshl, RtlNtPathNameToDosPathName, RtlUnhandledExceptionFilter, CsrCaptureMessageBuffer, NtQueryInstallUILanguage, NtQueryDefaultUILanguage, wcspbrk, RtlGetDaclSecurityDescriptor, NtCreateDirectoryObject, _wcslwr, _wtol, RtlIntegerToUnicodeString, NtQueryDefaultLocale, _strlwr, RtlUnwind
( 954 exports )
ActivateActCtx, AddAtomA, AddAtomW, AddConsoleAliasA, AddConsoleAliasW, AddLocalAlternateComputerNameA, AddLocalAlternateComputerNameW, AddRefActCtx, AddVectoredExceptionHandler, AllocConsole, AllocateUserPhysicalPages, AreFileApisANSI, AssignProcessToJobObject, AttachConsole, BackupRead, BackupSeek, BackupWrite, BaseCheckAppcompatCache, BaseCleanupAppcompatCache, BaseCleanupAppcompatCacheSupport, BaseDumpAppcompatCache, BaseFlushAppcompatCache, BaseInitAppcompatCache, BaseInitAppcompatCacheSupport, BaseProcessInitPostImport, BaseQueryModuleData, BaseUpdateAppcompatCache, BasepCheckWinSaferRestrictions, Beep, BeginUpdateResourceA, BeginUpdateResourceW, BindIoCompletionCallback, BuildCommDCBA, BuildCommDCBAndTimeoutsA, BuildCommDCBAndTimeoutsW, BuildCommDCBW, CallNamedPipeA, CallNamedPipeW, CancelDeviceWakeupRequest, CancelIo, CancelTimerQueueTimer, CancelWaitableTimer, ChangeTimerQueueTimer, CheckNameLegalDOS8Dot3A, CheckNameLegalDOS8Dot3W, CheckRemoteDebuggerPresent, ClearCommBreak, ClearCommError, CloseConsoleHandle, CloseHandle, CloseProfileUserMapping, CmdBatNotification, CommConfigDialogA, CommConfigDialogW, CompareFileTime, CompareStringA, CompareStringW, ConnectNamedPipe, ConsoleMenuControl, ContinueDebugEvent, ConvertDefaultLocale, ConvertFiberToThread, ConvertThreadToFiber, CopyFileA, CopyFileExA, CopyFileExW, CopyFileW, CopyLZFile, CreateActCtxA, CreateActCtxW, CreateConsoleScreenBuffer, CreateDirectoryA, CreateDirectoryExA, CreateDirectoryExW, CreateDirectoryW, CreateEventA, CreateEventW, CreateFiber, CreateFiberEx, CreateFileA, CreateFileMappingA, CreateFileMappingW, CreateFileW, CreateHardLinkA, CreateHardLinkW, CreateIoCompletionPort, CreateJobObjectA, CreateJobObjectW, CreateJobSet, CreateMailslotA, CreateMailslotW, CreateMemoryResourceNotification, CreateMutexA, CreateMutexW, CreateNamedPipeA, CreateNamedPipeW, CreateNlsSecurityDescriptor, CreatePipe, CreateProcessA, CreateProcessInternalA, CreateProcessInternalW, CreateProcessInternalWSecure, CreateProcessW, CreateRemoteThread, CreateSemaphoreA, CreateSemaphoreW, CreateSocketHandle, CreateTapePartition, CreateThread, CreateTimerQueue, CreateTimerQueueTimer, CreateToolhelp32Snapshot, CreateVirtualBuffer, CreateWaitableTimerA, CreateWaitableTimerW, DeactivateActCtx, DebugActiveProcess, DebugActiveProcessStop, DebugBreak, DebugBreakProcess, DebugSetProcessKillOnExit, DecodePointer, DecodeSystemPointer, DefineDosDeviceA, DefineDosDeviceW, DelayLoadFailureHook, DeleteAtom, DeleteCriticalSection, DeleteFiber, DeleteFileA, DeleteFileW, DeleteTimerQueue, DeleteTimerQueueEx, DeleteTimerQueueTimer, DeleteVolumeMountPointA, DeleteVolumeMountPointW, DeviceIoControl, DisableThreadLibraryCalls, DisconnectNamedPipe, DnsHostnameToComputerNameA, DnsHostnameToComputerNameW, DosDateTimeToFileTime, DosPathToSessionPathA, DosPathToSessionPathW, DuplicateConsoleHandle, DuplicateHandle, EncodePointer, EncodeSystemPointer, EndUpdateResourceA, EndUpdateResourceW, EnterCriticalSection, EnumCalendarInfoA, EnumCalendarInfoExA, EnumCalendarInfoExW, EnumCalendarInfoW, EnumDateFormatsA, EnumDateFormatsExA, EnumDateFormatsExW, EnumDateFormatsW, EnumLanguageGroupLocalesA, EnumLanguageGroupLocalesW, EnumResourceLanguagesA, EnumResourceLanguagesW, EnumResourceNamesA, EnumResourceNamesW, EnumResourceTypesA, EnumResourceTypesW, EnumSystemCodePagesA, EnumSystemCodePagesW, EnumSystemGeoID, EnumSystemLanguageGroupsA, EnumSystemLanguageGroupsW, EnumSystemLocalesA, EnumSystemLocalesW, EnumTimeFormatsA, EnumTimeFormatsW, EnumUILanguagesA, EnumUILanguagesW, EnumerateLocalComputerNamesA, EnumerateLocalComputerNamesW, EraseTape, EscapeCommFunction, ExitProcess, ExitThread, ExitVDM, ExpandEnvironmentStringsA, ExpandEnvironmentStringsW, ExpungeConsoleCommandHistoryA, ExpungeConsoleCommandHistoryW, ExtendVirtualBuffer, FatalAppExitA, FatalAppExitW, FatalExit, FileTimeToDosDateTime, FileTimeToLocalFileTime, FileTimeToSystemTime, FillConsoleOutputAttribute, FillConsoleOutputCharacterA, FillConsoleOutputCharacterW, FindActCtxSectionGuid, FindActCtxSectionStringA, FindActCtxSectionStringW, FindAtomA, FindAtomW, FindClose, FindCloseChangeNotification, FindFirstChangeNotificationA, FindFirstChangeNotificationW, FindFirstFileA, FindFirstFileExA, FindFirstFileExW, FindFirstFileW, FindFirstVolumeA, FindFirstVolumeMountPointA, FindFirstVolumeMountPointW, FindFirstVolumeW, FindNextChangeNotification, FindNextFileA, FindNextFileW, FindNextVolumeA, FindNextVolumeMountPointA, FindNextVolumeMountPointW, FindNextVolumeW, FindResourceA, FindResourceExA, FindResourceExW, FindResourceW, FindVolumeClose, FindVolumeMountPointClose, FlushConsoleInputBuffer, FlushFileBuffers, FlushInstructionCache, FlushViewOfFile, FoldStringA, FoldStringW, FormatMessageA, FormatMessageW, FreeConsole, FreeEnvironmentStringsA, FreeEnvironmentStringsW, FreeLibrary, FreeLibraryAndExitThread, FreeResource, FreeUserPhysicalPages, FreeVirtualBuffer, GenerateConsoleCtrlEvent, GetACP, GetAtomNameA, GetAtomNameW, GetBinaryType, GetBinaryTypeA, GetBinaryTypeW, GetCPFileNameFromRegistry, GetCPInfo, GetCPInfoExA, GetCPInfoExW, GetCalendarInfoA, GetCalendarInfoW, GetComPlusPackageInstallStatus, GetCommConfig, GetCommMask, GetCommModemStatus, GetCommProperties, GetCommState, GetCommTimeouts, GetCommandLineA, GetCommandLineW, GetCompressedFileSizeA, GetCompressedFileSizeW, GetComputerNameA, GetComputerNameExA, GetComputerNameExW, GetComputerNameW, GetConsoleAliasA, GetConsoleAliasExesA, GetConsoleAliasExesLengthA, GetConsoleAliasExesLengthW, GetConsoleAliasExesW, GetConsoleAliasW, GetConsoleAliasesA, GetConsoleAliasesLengthA, GetConsoleAliasesLengthW, GetConsoleAliasesW, GetConsoleCP, GetConsoleCharType, GetConsoleCommandHistoryA, GetConsoleCommandHistoryLengthA, GetConsoleCommandHistoryLengthW, GetConsoleCommandHistoryW, GetConsoleCursorInfo, GetConsoleCursorMode, GetConsoleDisplayMode, GetConsoleFontInfo, GetConsoleFontSize, GetConsoleHardwareState, GetConsoleInputExeNameA, GetConsoleInputExeNameW, GetConsoleInputWaitHandle, GetConsoleKeyboardLayoutNameA, GetConsoleKeyboardLayoutNameW, GetConsoleMode, GetConsoleNlsMode, GetConsoleOutputCP, GetConsoleProcessList, GetConsoleScreenBufferInfo, GetConsoleSelectionInfo, GetConsoleTitleA, GetConsoleTitleW, GetConsoleWindow, GetCurrencyFormatA, GetCurrencyFormatW, GetCurrentActCtx, GetCurrentConsoleFont, GetCurrentDirectoryA, GetCurrentDirectoryW, GetCurrentProcess, GetCurrentProcessId, GetCurrentThread, GetCurrentThreadId, GetDateFormatA, GetDateFormatW, GetDefaultCommConfigA, GetDefaultCommConfigW, GetDefaultSortkeySize, GetDevicePowerState, GetDiskFreeSpaceA, GetDiskFreeSpaceExA, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetDllDirectoryA, GetDllDirectoryW, GetDriveTypeA, GetDriveTypeW, GetEnvironmentStrings, GetEnvironmentStringsA, GetEnvironmentStringsW, GetEnvironmentVariableA, GetEnvironmentVariableW, GetExitCodeProcess, GetExitCodeThread, GetExpandedNameA, GetExpandedNameW, GetFileAttributesA, GetFileAttributesExA, GetFileAttributesExW, GetFileAttributesW, GetFileInformationByHandle, GetFileSize, GetFileSizeEx, GetFileTime, GetFileType, GetFirmwareEnvironmentVariableA, GetFirmwareEnvironmentVariableW, GetFullPathNameA, GetFullPathNameW, GetGeoInfoA, GetGeoInfoW, GetHandleContext, GetHandleInformation, GetLargestConsoleWindowSize, GetLastError, GetLinguistLangSize, GetLocalTime, GetLocaleInfoA, GetLocaleInfoW, GetLogicalDriveStringsA, GetLogicalDriveStringsW, GetLogicalDrives, GetLogicalProcessorInformation, GetLongPathNameA, GetLongPathNameW, GetMailslotInfo, GetModuleFileNameA, GetModuleFileNameW, GetModuleHandleA, GetModuleHandleExA, GetModuleHandleExW, GetModuleHandleW, GetNamedPipeHandleStateA, GetNamedPipeHandleStateW, GetNamedPipeInfo, GetNativeSystemInfo, GetNextVDMCommand, GetNlsSectionName, GetNumaAvailableMemory, GetNumaAvailableMemoryNode, GetNumaHighestNodeNumber, GetNumaNodeProcessorMask, GetNumaProcessorMap, GetNumaProcessorNode, GetNumberFormatA, GetNumberFormatW, GetNumberOfConsoleFonts, GetNumberOfConsoleInputEvents, GetNumberOfConsoleMouseButtons, GetOEMCP, GetOverlappedResult, GetPriorityClass, GetPrivateProfileIntA, GetPrivateProfileIntW, GetPrivateProfileSectionA, GetPrivateProfileSectionNamesA, GetPrivateProfileSectionNamesW, GetPrivateProfileSectionW, GetPrivateProfileStringA, GetPrivateProfileStringW, GetPrivateProfileStructA, GetPrivateProfileStructW, GetProcAddress, GetProcessAffinityMask, GetProcessDEPPolicy, GetProcessHandleCount, GetProcessHeap, GetProcessHeaps, GetProcessId, GetProcessIoCounters, GetProcessPriorityBoost, GetProcessShutdownParameters, GetProcessTimes, GetProcessVersion, GetProcessWorkingSetSize, GetProfileIntA, GetProfileIntW, GetProfileSectionA, GetProfileSectionW, GetProfileStringA, GetProfileStringW, GetQueuedCompletionStatus, GetShortPathNameA, GetShortPathNameW, GetStartupInfoA, GetStartupInfoW, GetStdHandle, GetStringTypeA, GetStringTypeExA, GetStringTypeExW, GetStringTypeW, GetSystemDEPPolicy, GetSystemDefaultLCID, GetSystemDefaultLangID, GetSystemDefaultUILanguage, GetSystemDirectoryA, GetSystemDirectoryW, GetSystemInfo, GetSystemPowerStatus, GetSystemRegistryQuota, GetSystemTime, GetSystemTimeAdjustment, GetSystemTimeAsFileTime, GetSystemTimes, GetSystemWindowsDirectoryA, GetSystemWindowsDirectoryW, GetSystemWow64DirectoryA, GetSystemWow64DirectoryW, GetTapeParameters, GetTapePosition, GetTapeStatus, GetTempFileNameA, GetTempFileNameW, GetTempPathA, GetTempPathW, GetThreadContext, GetThreadIOPendingFlag, GetThreadLocale, GetThreadPriority, GetThreadPriorityBoost, GetThreadSelectorEntry, GetThreadTimes, GetTickCount, GetTimeFormatA, GetTimeFormatW, GetTimeZoneInformation, GetUserDefaultLCID, GetUserDefaultLangID, GetUserDefaultUILanguage, GetUserGeoID, GetVDMCurrentDirectories, GetVersion, GetVersionExA, GetVersionExW, GetVolumeInformationA, GetVolumeInformationW, GetVolumeNameForVolumeMountPointA, GetVolumeNameForVolumeMountPointW, GetVolumePathNameA, GetVolumePathNameW, GetVolumePathNamesForVolumeNameA, GetVolumePathNamesForVolumeNameW, GetWindowsDirectoryA, GetWindowsDirectoryW, GetWriteWatch, GlobalAddAtomA, GlobalAddAtomW, GlobalAlloc, GlobalCompact, GlobalDeleteAtom, GlobalFindAtomA, GlobalFindAtomW, GlobalFix, GlobalFlags, GlobalFree, GlobalGetAtomNameA, GlobalGetAtomNameW, GlobalHandle, GlobalLock, GlobalMemoryStatus, GlobalMemoryStatusEx, GlobalReAlloc, GlobalSize, GlobalUnWire, GlobalUnfix, GlobalUnlock, GlobalWire, Heap32First, Heap32ListFirst, Heap32ListNext, Heap32Next, HeapAlloc, HeapCompact, HeapCreate, HeapCreateTagsW, HeapDestroy, HeapExtend, HeapFree, HeapLock, HeapQueryInformation, HeapQueryTagW, HeapReAlloc, HeapSetInformation, HeapSize, HeapSummary, HeapUnlock, HeapUsage, HeapValidate, HeapWalk, InitAtomTable, InitializeCriticalSection, InitializeCriticalSectionAndSpinCount, InitializeSListHead, InterlockedCompareExchange, InterlockedDecrement, InterlockedExchange, InterlockedExchangeAdd, InterlockedFlushSList, InterlockedIncrement, InterlockedPopEntrySList, InterlockedPushEntrySList, InvalidateConsoleDIBits, IsBadCodePtr, IsBadHugeReadPtr, IsBadHugeWritePtr, IsBadReadPtr, IsBadStringPtrA, IsBadStringPtrW, IsBadWritePtr, IsDBCSLeadByte, IsDBCSLeadByteEx, IsDebuggerPresent, IsProcessInJob, IsProcessorFeaturePresent, IsSystemResumeAutomatic, IsValidCodePage, IsValidLanguageGroup, IsValidLocale, IsValidUILanguage, IsWow64Process, LCMapStringA, LCMapStringW, LZClose, LZCloseFile, LZCopy, LZCreateFileW, LZDone, LZInit, LZOpenFileA, LZOpenFileW, LZRead, LZSeek, LZStart, LeaveCriticalSection, LoadLibraryA, LoadLibraryExA, LoadLibraryExW, LoadLibraryW, LoadModule, LoadResource, LocalAlloc, LocalCompact, LocalFileTimeToFileTime, LocalFlags, LocalFree, LocalHandle, LocalLock, LocalReAlloc, LocalShrink, LocalSize, LocalUnlock, LockFile, LockFileEx, LockResource, MapUserPhysicalPages, MapUserPhysicalPagesScatter, MapViewOfFile, MapViewOfFileEx, Module32First, Module32FirstW, Module32Next, Module32NextW, MoveFileA, MoveFileExA, MoveFileExW, MoveFileW, MoveFileWithProgressA, MoveFileWithProgressW, MulDiv, MultiByteToWideChar, NlsConvertIntegerToString, NlsGetCacheUpdateCount, NlsResetProcessLocale, NumaVirtualQueryNode, OpenConsoleW, OpenDataFile, OpenEventA, OpenEventW, OpenFile, OpenFileMappingA, OpenFileMappingW, OpenJobObjectA, OpenJobObjectW, OpenMutexA, OpenMutexW, OpenProcess, OpenProfileUserMapping, OpenSemaphoreA, OpenSemaphoreW, OpenThread, OpenWaitableTimerA, OpenWaitableTimerW, OutputDebugStringA, OutputDebugStringW, PeekConsoleInputA, PeekConsoleInputW, PeekNamedPipe, PostQueuedCompletionStatus, PrepareTape, PrivCopyFileExW, PrivMoveFileIdentityW, Process32First, Process32FirstW, Process32Next, Process32NextW, ProcessIdToSessionId, PulseEvent, PurgeComm, QueryActCtxW, QueryDepthSList, QueryDosDeviceA, QueryDosDeviceW, QueryInformationJobObject, QueryMemoryResourceNotification, QueryPerformanceCounter, QueryPerformanceFrequency, QueryWin31IniFilesMappedToRegistry, QueueUserAPC, QueueUserWorkItem, RaiseException, ReadConsoleA, ReadConsoleInputA, ReadConsoleInputExA, ReadConsoleInputExW, ReadConsoleInputW, ReadConsoleOutputA, ReadConsoleOutputAttribute, ReadConsoleOutputCharacterA, ReadConsoleOutputCharacterW, ReadConsoleOutputW, ReadConsoleW, ReadDirectoryChangesW, ReadFile, ReadFileEx, ReadFileScatter, ReadProcessMemory, RegisterConsoleIME, RegisterConsoleOS2, RegisterConsoleVDM, RegisterWaitForInputIdle, RegisterWaitForSingleObject, RegisterWaitForSingleObjectEx, RegisterWowBaseHandlers, RegisterWowExec, ReleaseActCtx, ReleaseMutex, ReleaseSemaphore, RemoveDirectoryA, RemoveDirectoryW, RemoveLocalAlternateComputerNameA, RemoveLocalAlternateComputerNameW, RemoveVectoredExceptionHandler, ReplaceFile, ReplaceFileA, ReplaceFileW, RequestDeviceWakeup, RequestWakeupLatency, ResetEvent, ResetWriteWatch, RestoreLastError, ResumeThread, RtlCaptureContext, RtlCaptureStackBackTrace, RtlFillMemory, RtlMoveMemory, RtlUnwind, RtlZeroMemory, ScrollConsoleScreenBufferA, ScrollConsoleScreenBufferW, SearchPathA, SearchPathW, SetCPGlobal, SetCalendarInfoA, SetCalendarInfoW, SetClientTimeZoneInformation, SetComPlusPackageInstallStatus, SetCommBreak, SetCommConfig, SetCommMask, SetCommState, SetCommTimeouts, SetComputerNameA, SetComputerNameExA, SetComputerNameExW, SetComputerNameW, SetConsoleActiveScreenBuffer, SetConsoleCP, SetConsoleCommandHistoryMode, SetConsoleCtrlHandler, SetConsoleCursor, SetConsoleCursorInfo, SetConsoleCursorMode, SetConsoleCursorPosition, SetConsoleDisplayMode, SetConsoleFont, SetConsoleHardwareState, SetConsoleIcon, SetConsoleInputExeNameA, SetConsoleInputExeNameW, SetConsoleKeyShortcuts, SetConsoleLocalEUDC, SetConsoleMaximumWindowSize, SetConsoleMenuClose, SetConsoleMode, SetConsoleNlsMode, SetConsoleNumberOfCommandsA, SetConsoleNumberOfCommandsW, SetConsoleOS2OemFormat, SetConsoleOutputCP, SetConsolePalette, SetConsoleScreenBufferSize, SetConsoleTextAttribute, SetConsoleTitleA, SetConsoleTitleW, SetConsoleWindowInfo, SetCriticalSectionSpinCount, SetCurrentDirectoryA, SetCurrentDirectoryW, SetDefaultCommConfigA, SetDefaultCommConfigW, SetDllDirectoryA, SetDllDirectoryW, SetEndOfFile, SetEnvironmentVariableA, SetEnvironmentVariableW, SetErrorMode, SetEvent, SetFileApisToANSI, SetFileApisToOEM, SetFileAttributesA, SetFileAttributesW, SetFilePointer, SetFilePointerEx, SetFileShortNameA, SetFileShortNameW, SetFileTime, SetFileValidData, SetFirmwareEnvironmentVariableA, SetFirmwareEnvironmentVariableW, SetHandleContext, SetHandleCount, SetHandleInformation, SetInformationJobObject, SetLastConsoleEventActive, SetLastError, SetLocalPrimaryComputerNameA, SetLocalPrimaryComputerNameW, SetLocalTime, SetLocaleInfoA, SetLocaleInfoW, SetMailslotInfo, SetMessageWaitingIndicator, SetNamedPipeHandleState, SetPriorityClass, SetProcessAffinityMask, SetProcessDEPPolicy, SetProcessPriorityBoost, SetProcessShutdownParameters, SetProcessWorkingSetSize, SetSearchPathMode, SetStdHandle, SetSystemPowerState, SetSystemTime, SetSystemTimeAdjustment, SetTapeParameters, SetTapePosition, SetTermsrvAppInstallMode, SetThreadAffinityMask, SetThreadContext, SetThreadExecutionState, SetThreadIdealProcessor, SetThreadLocale, SetThreadPriority, SetThreadPriorityBoost, SetThreadUILanguage, SetTimeZoneInformation, SetTimerQueueTimer, SetUnhandledExceptionFilter, SetUserGeoID, SetVDMCurrentDirectories, SetVolumeLabelA, SetVolumeLabelW, SetVolumeMountPointA, SetVolumeMountPointW, SetWaitableTimer, SetupComm, ShowConsoleCursor, SignalObjectAndWait, SizeofResource, Sleep, SleepEx, SuspendThread, SwitchToFiber, SwitchToThread, SystemTimeToFileTime, SystemTimeToTzSpecificLocalTime, TerminateJobObject, TerminateProcess, TerminateThread, TermsrvAppInstallMode, Thread32First, Thread32Next, TlsAlloc, TlsFree, TlsGetValue, TlsSetValue, Toolhelp32ReadProcessMemory, TransactNamedPipe, TransmitCommChar, TrimVirtualBuffer, TryEnterCriticalSection, TzSpecificLocalTimeToSystemTime, UTRegister, UTUnRegister, UnhandledExceptionFilter, UnlockFile, UnlockFileEx, UnmapViewOfFile, UnregisterConsoleIME, UnregisterWait, UnregisterWaitEx, UpdateResourceA, UpdateResourceW, VDMConsoleOperation, VDMOperationStarted, ValidateLCType, ValidateLocale, VerLanguageNameA, VerLanguageNameW, VerSetConditionMask, VerifyConsoleIoHandle, VerifyVersionInfoA, VerifyVersionInfoW, VirtualAlloc, VirtualAllocEx, VirtualBufferExceptionHandler, VirtualFree, VirtualFreeEx, VirtualLock, VirtualProtect, VirtualProtectEx, VirtualQuery, VirtualQueryEx, VirtualUnlock, WTSGetActiveConsoleSessionId, WaitCommEvent, WaitForDebugEvent, WaitForMultipleObjects, WaitForMultipleObjectsEx, WaitForSingleObject, WaitForSingleObjectEx, WaitNamedPipeA, WaitNamedPipeW, WideCharToMultiByte, WinExec, WriteConsoleA, WriteConsoleInputA, WriteConsoleInputVDMA, WriteConsoleInputVDMW, WriteConsoleInputW, WriteConsoleOutputA, WriteConsoleOutputAttribute, WriteConsoleOutputCharacterA, WriteConsoleOutputCharacterW, WriteConsoleOutputW, WriteConsoleW, WriteFile, WriteFileEx, WriteFileGather, WritePrivateProfileSectionA, WritePrivateProfileSectionW, WritePrivateProfileStringA, WritePrivateProfileStringW, WritePrivateProfileStructA, WritePrivateProfileStructW, WriteProcessMemory, WriteProfileSectionA, WriteProfileSectionW, WriteProfileStringA, WriteProfileStringW, WriteTapemark, ZombifyActCtx, _hread, _hwrite, _lclose, _lcreat, _llseek, _lopen, _lread, _lwrite, lstrcat, lstrcatA, lstrcatW, lstrcmp, lstrcmpA, lstrcmpW, lstrcmpi, lstrcmpiA, lstrcmpiW, lstrcpy, lstrcpyA, lstrcpyW, lstrcpyn, lstrcpynA, lstrcpynW, lstrlen, lstrlenA, lstrlenW
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win64 Executable Generic (42.6%)
Win32 EXE PECompact compressed (generic) (20.7%)
Win32 Executable MS Visual C++ (generic) (18.8%)
Win 9x/ME Control Panel applet (7.7%)
Win32 Executable Generic (4.2%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: © Microsoft Corporation. Med enerett.
product......: Operativsystemet Microsoft_ Windows_
description..: DLL-fil for Windows NT BASE API-klient
original name: kernel32
internal name: kernel32
file version.: 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
-
Hjelp! Jeg har fått virus!
Jeg fulgte bruksanvisningene på forumet. Her er loggene:
MBAM:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Databaseversjon: 4340
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11
23.07.2010 11:13:23
mbam-log-2010-07-23 (11-13-23).txt
Skanntype: Full skann (C:\|)
Objekter skannet: 233007
Tid tilbakelagt: 45 minutt(er), 51 sekund(er)
Minneprosesser infisert: 3
Minnemoduler infisert: 1
Registernøkler infisert: 1
Registerverdier infisert: 4
Registerfiler infisert: 3
Mapper infisert: 1
Filer infisert 34
Minneprosesser infisert:
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\MSDERUN.EXE (Trojan.FakeAlert) -> Unloaded process successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12A.tmp.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\system32\qtplugin.exe (Rootkit.Agent) -> Unloaded process successfully.
Minnemoduler infisert:
C:\Documents and Settings\ltran\Lokale innstillinger\Programdata\Windows Server\mttuqs.dll (Spyware.Passwords) -> Delete on reboot.
Registernøkler infisert:
HKEY_LOCAL_MACHINE\SOFTWARE\Defense Center (Rogue.DefenseCenter) -> Quarantined and deleted successfully.
Registerverdier infisert:
HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\registrymonitor1 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\appsecdll (Trojan.Agent) -> Quarantined and deleted successfully.
Registerfiler infisert:
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel\HomePage (Hijack.HomePageControl) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully.
Mapper infisert:
C:\Programfiler\Defense Center (Rogue.DefenseCenter) -> Quarantined and deleted successfully.
Filer infisert
C:\Documents and Settings\ltran\Lokale innstillinger\Programdata\Windows Server\mttuqs.dll (Spyware.Passwords) -> Delete on reboot.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\MSDERUN.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12A.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd126.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd127.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd128.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd129.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12B.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12D.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12E.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12F.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tbWYNrle.exe.part (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\TMP26042.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp3AD7.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp44F9.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp4FF6.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp660E.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp693A.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp6EB9.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp7F64.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp8417.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp8DCB.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\topwesitjh (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\ERDNT\ERDNTWIN.OVL (Trojan.Banker) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Skrivebord\nudetube.com.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Skrivebord\pornotube.com.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Skrivebord\spam001.exe (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Skrivebord\spam003.exe (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Skrivebord\troj000.exe (Malware.Trave) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Skrivebord\youporn.com.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Favoritter\_favdata.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qtplugin.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\7.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\ltran\Lokale innstillinger\Temp\mschrt20ex.dll (Rogue.DefenseCenter) -> Delete on reboot.
Combofix
ComboFix 10-07-22.01 - LTran 23.07.2010 11:37:56.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.1014.439 [GMT 2:00]
Kjører fra: c:\documents and settings\ltran\Skrivebord\ComboFix.exe
AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
* Opprettet nytt gjenopprettingspunkt
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\ltran\Lokale innstillinger\Programdata\Windows Server
c:\documents and settings\ltran\Lokale innstillinger\Programdata\Windows Server\flags.ini
c:\documents and settings\ltran\Lokale innstillinger\Programdata\Windows Server\uses32.dat
c:\windows\xpsp1hfm.log
----- BITS: Mulige infiserte sider -----
hxxp://siosysop
c:\windows\system32\kernel32.dll . . . er infisert!!
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2010-06-23 til 2010-07-23 )))))))))))))))))))))))))))))))))
.
2010-07-23 08:19 . 2010-07-23 08:19 -------- d-----w- c:\documents and settings\ltran\Programdata\Malwarebytes
2010-07-23 08:19 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-23 08:19 . 2010-07-23 08:19 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes
2010-07-23 08:19 . 2010-07-23 08:19 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware
2010-07-23 08:19 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-23 06:05 . 2007-05-30 17:33 5427 ----a-w- c:\windows\system32\EGATHDRV.SYS
2010-06-06 12:43 . 2008-07-25 14:57 58640 ----a-w- c:\documents and settings\ltran\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT
2010-06-06 12:43 . 2010-06-06 12:42 -------- d-----w- c:\programfiler\Songr
2010-05-22 07:25 . 2010-05-22 07:25 503808 ----a-w- c:\documents and settings\ltran\Programdata\Sun\Java\Deployment\cache\6.0\46\f84c6ae-5899a5b9-n\msvcp71.dll
2010-05-22 07:25 . 2010-05-22 07:25 499712 ----a-w- c:\documents and settings\ltran\Programdata\Sun\Java\Deployment\cache\6.0\46\f84c6ae-5899a5b9-n\jmc.dll
2010-05-22 07:25 . 2010-05-22 07:25 348160 ----a-w- c:\documents and settings\ltran\Programdata\Sun\Java\Deployment\cache\6.0\46\f84c6ae-5899a5b9-n\msvcr71.dll
2007-06-26 11:31 . 2007-06-26 11:31 318 ------w- c:\programfiler\Snarvei til Preload ©.lnk
2009-08-31 19:07 . 2009-03-29 08:36 23864 ------w- c:\programfiler\mozilla firefox\components\Scriptff.dll
2008-04-25 12:32 . 2008-04-25 12:32 5817064 ------w- c:\programfiler\mozilla firefox\plugins\ScorchPDFWrapper.dll
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-17 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2006-05-25 151552]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2006-05-25 208896]
"SynTPLpr"="c:\programfiler\Synaptics\SynTP\SynTPLpr.exe" [2006-02-14 110592]
"SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2006-02-14 512000]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2006-02-23 237568]
"TPKMAPHELPER"="c:\programfiler\ThinkPad\Utilities\TpKmapAp.exe" [2006-06-02 856064]
"TpShocks"="TpShocks.exe" [2006-03-15 106496]
"TPHOTKEY"="c:\progra~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe" [2006-07-25 94208]
"TP4EX"="tp4ex.exe" [2005-10-16 65536]
"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2006-07-04 110592]
"AMSG"="c:\progra~1\THINKV~2\AMSG\amsg.exe" [2005-11-14 487424]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-02-02 122940]
"ISUSPM Startup"="c:\progra~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"AwaySch"="c:\programfiler\Lenovo\AwayTask\AwaySch.EXE" [2006-08-16 69632]
"TVT Scheduler Proxy"="c:\programfiler\Fellesfiler\Lenovo\Scheduler\scheduler_proxy.exe" [2006-07-14 503808]
"DiskeeperSystray"="c:\programfiler\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-05-18 196696]
"ACWLIcon"="c:\programfiler\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2007-02-19 110592]
"cssauth"="c:\programfiler\Lenovo\Client Security Solution\cssauth.exe" [2006-07-14 2341632]
"Mouse Suite 98 Daemon"="ICO.EXE" [2003-11-20 57344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-02-26 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-26 155648]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-02-26 131072]
"USBKeypadMs"="c:\progra~1\USBKEY~1\USBKPad.EXE" [2004-02-23 65536]
"USBKeypad USBKPDrv"="c:\progra~1\USBKEY~1\KPDRV4XP.EXE" [2001-10-25 32768]
"SSBkgdUpdate"="c:\programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\programfiler\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-31 57393]
"IndexSearch"="c:\programfiler\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-31 40960]
"ControlCenter2.0"="c:\programfiler\Brother\ControlCenter2\brctrcen.exe" [2004-11-11 864256]
"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SoundMAXPnP"="c:\programfiler\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"ShStatEXE"="c:\programfiler\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-08-31 124240]
"QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"McAfeeUpdaterUI"="c:\programfiler\McAfee\Common Framework\udaterui.exe" [2009-09-25 136512]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\
BTTray.lnk - c:\programfiler\ThinkPad\Bluetooth Software\BTTray.exe [2006-5-31 622653]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-5-30 24576]
VPN Client.lnk - c:\windows\Installer\{24C67B54-0718-445E-B663-3138D9246BD1}\Icon3E5562ED7.ico [2009-2-8 6144]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"LogonType"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify]
2006-08-16 17:07 49152 ------w- c:\programfiler\Lenovo\AwayTask\AwayNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2006-04-25 17:20 40448 ------w- c:\windows\system32\psqlpwd.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2005-07-05 14:45 28672 ------w- c:\windows\system32\notifyf2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2005-11-30 11:16 24576 ------w- c:\windows\system32\tphklock.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
Notification Packages REG_MULTI_SZ scecli psqlpwd
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programfiler\\Danware Data\\NetOp Remote Control\\HOST\\Nhstw32.exe"=
"c:\\Programfiler\\Bonjour\\mDNSResponder.exe"=
"c:\\Programfiler\\iTunes\\iTunes.exe"=
"c:\\Programfiler\\McAfee\\Common Framework\\FrameworkService.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
R1 NHostNT1;NetOp Driver 1 ver. 8.00 (2005048);c:\windows\system32\drivers\NHOSTNT1.SYS [19.05.2008 10:26 65808]
R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\programfiler\McAfee\SiteAdvisor Enterprise\McSACore.exe [06.08.2009 17:53 222528]
R2 McAfeeEngineService;McAfee Engine Service;c:\programfiler\McAfee\VirusScan Enterprise\EngineServer.exe [31.08.2009 21:07 21256]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [29.03.2009 10:36 70728]
R2 NetOp Host for NT Service;NetOp Helper ver. 8.00 (2005048);c:\programfiler\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE [19.05.2008 10:26 1184016]
R2 smi2;smi2;c:\programfiler\SMI2\smi2.sys [14.07.2006 15:55 3968]
R2 smihlp;SMI helper driver;c:\programfiler\ThinkVantage Fingerprint Software\smihlp.sys [25.04.2006 19:00 3456]
R2 USBKBFlt;Dritek USB Keypad Filter;c:\windows\system32\drivers\USBKBFLT.SYS [22.08.2001 08:58 31632]
R3 NHOSTNT3;NetOp Driver 3 ver. 8.00 (2005048) (NHOSTNT3);c:\windows\system32\drivers\NHOSTNT3.SYS [19.05.2008 10:26 3216]
R3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\drivers\covpndrv.sys [04.09.2008 21:53 33920]
S3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltw2k.sys [03.09.2008 20:50 10752]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [29.03.2009 10:36 65448]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [25.02.2006 15:00 14336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
2010-06-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
2010-06-06 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
2010-07-23 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
2010-07-23 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2007-05-30 16:13]
.
.
------- Tilleggsskanning -------
.
uInternet Settings,ProxyOverride = *.local
DPF: {0CDC8A43-059E-47CD-A3D0-FA46E01F6496} - hxxp://tellus.lawson.com/Tellus/Misc/TellusExportAx.CAB
DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - hxxps://vpn.sio.no/vdesk/terminal/f5opswati.cab#Version=6500,2009,1118,1405
DPF: {1C7CF466-F149-478F-B232-BC6F72638D28} - hxxp://tellus.lawson.com/Tellus/Misc/TellusList.CAB
DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - hxxps://vpn.sio.no/vdesk/terminal/f5opswati.cab#Version=6500,2009,1118,1405
DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - hxxps://vpn.sio.no/vdesk/terminal/f5opswati.cab#Version=6500,2009,1118,1405
DPF: {B8C681FD-D629-4CCE-90CD-89493F1F2799} - hxxp://wp2.sio-net.no/mwp/ieui/IEMod.cab
DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - hxxps://vpn.sio.no/vdesk/terminal/f5opswati.cab#Version=6500,2009,1118,1405
FF - ProfilePath - c:\documents and settings\ltran\Programdata\Mozilla\Firefox\Profiles\3g92zqwf.default\
FF - component: c:\programfiler\Mozilla Firefox\components\Scriptff.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
.
- - - - TOMME PEKERE FJERNET - - - -
Notify-ACNotify - ACNotify.dll
Notify-NavLogon - (no file)
AddRemove-Install AccountMatch 9.8 - g:\akaoek\bankavstemming\setup\setup.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-23 11:49
Windows 5.1.2600 Service Pack 3 NTFS
skanner skjulte prosesser ...
skanner skjulte autostart-oppføringer ...
skanner skjulte filer ...
skanning vellykket
skjulte filer: 0
**************************************************************************
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------
- - - - - - - > 'winlogon.exe'(284)
c:\windows\system32\CSGina.dll
c:\windows\system32\vrlogon.dll
c:\programfiler\ThinkPad\ConnectUtilities\ACNotify.dll
c:\programfiler\ThinkPad\ConnectUtilities\AcSvcStub.dll
c:\programfiler\ThinkPad\ConnectUtilities\AcLocSettings.dll
c:\programfiler\ThinkPad\ConnectUtilities\ACHelper.dll
c:\windows\system32\psqlpwd.dll
c:\programfiler\ThinkVantage Fingerprint Software\infra.dll
c:\programfiler\ThinkVantage Fingerprint Software\homefus2.dll
c:\windows\system32\biologon.dll
c:\programfiler\ThinkVantage Fingerprint Software\homepass.dll
c:\programfiler\ThinkVantage Fingerprint Software\bio.dll
c:\programfiler\ThinkVantage Fingerprint Software\remote.dll
c:\windows\system32\tphklock.dll
c:\programfiler\Lenovo\AwayTask\AwayNotify.dll
- - - - - - - > 'lsass.exe'(340)
c:\windows\system32\psqlpwd.dll
c:\programfiler\ThinkVantage Fingerprint Software\infra.dll
c:\programfiler\ThinkVantage Fingerprint Software\homefus2.dll
- - - - - - - > 'explorer.exe'(5804)
c:\windows\system32\PROCHLP.DLL
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\programfiler\Intel\Wireless\Bin\EvtEng.exe
c:\programfiler\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\system32\IPSSVC.EXE
c:\programfiler\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
c:\programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\programfiler\Bonjour\mDNSResponder.exe
c:\programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe
c:\programfiler\Cisco Systems\VPN Client\cvpnd.exe
c:\programfiler\Diskeeper Corporation\Diskeeper\DkService.exe
c:\programfiler\McAfee\Common Framework\FrameworkService.exe
c:\programfiler\McAfee\VirusScan Enterprise\VsTskMgr.exe
c:\programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\programfiler\Intel\Wireless\Bin\RegSrvc.exe
c:\programfiler\McAfee\Common Framework\naPrdMgr.exe
c:\programfiler\lenovo\system update\suservice.exe
c:\programfiler\Fellesfiler\Lenovo\tvt_reg_monitor_svc.exe
c:\windows\System32\TPHDEXLG.EXE
c:\windows\system32\TpKmpSVC.exe
c:\programfiler\Lenovo\Client Security Solution\tvttcsd.exe
c:\programfiler\Lenovo\Rescue and Recovery\rrservice.exe
c:\programfiler\Fellesfiler\Lenovo\Scheduler\tvtsched.exe
c:\programfiler\Lenovo\Rescue and Recovery\ADM\IUService.exe
c:\programfiler\McAfee\VirusScan Enterprise\Mcshield.exe
c:\programfiler\ThinkPad\ConnectUtilities\AcSvc.exe
c:\programfiler\McAfee\VirusScan Enterprise\mfeann.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programfiler\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
c:\programfiler\Intel\Wireless\Bin\Dot1XCfg.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\TpShocks.exe
c:\programfiler\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
c:\programfiler\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
c:\windows\system32\ICO.EXE
c:\windows\system32\igfxsrvc.exe
c:\progra~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE
c:\programfiler\iPod\bin\iPodService.exe
c:\programfiler\McAfee\Common Framework\McTray.exe
.
**************************************************************************
.
Tidspunkt ferdig: 2010-07-23 11:55:22 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt 2010-07-23 09:55
Pre-Run: 38 092 062 720 byte ledig
Post-Run: 38 627 147 776 byte ledig
WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 14BE4804A711402C6AEDB4CAFEF73360
Takk for hjelpen !
-
Piratene får skylda i alt...
Jeg lurer på om en average casual DS-spiller som Nintendo satser på vet om hvordan man piratkopierer spill til DS? Svaret er nei! bare 1 av 100stk jeg vet om med DS, kan piratkopiering.
Problemet ligger ikke i piratkopieringen. Det ligger i at det finnes ingen DS-spill som frister å kjøpe. Lag flere Pokemon-spill, og Nintendo vil sikkert merke en økning av salg.
Jeg tror faktisk vi kommer til å bevege oss mot en spillkrakk akkurat som på 80-tallet etter som man bare lager spill i dag for å tjene penger. Hvis det ikke hadde vært for Nintendo som revolusjonerte med kvalitetspill, så hadde spill for lengs vært dødt.
Tenker meg om 2-3 år, når vi får en del "klone"-spill (spesielt i FPS-sjangeren), så blir det spillkrakk. Det samme skjedde på 80-tallet med alle "klone"-spillene til Atari.
Da er det bare "å skylde på piratkopiering"...
-
Var det siste jeg var ute etter. Hvordan skjermkort har du?
hjelper dette?
Last ned Everest Ultimate Edition:
http://www.lavalys.com/products.php?ps=UE&lang=en&page=10
Kjør programmet og sjekk under skjerm-fanen Da vil du se hvilket grafikkort du har
-
"Det er ikke sikkert du har hørt om koreaneren Minh Lee"
"Det er ikke sikkert du har hørt om vietnameseren Minh Le"
fixed
http://en.wikipedia.org/wiki/Minh_Le
(jepp, jeg har hørt om han )
-
-
vær varsom med å poste e-mailen deres i åpenheten. Spambots kan fange dem opp, og du får spam istedenfor beta-key i innboksen :P
-
Jeg og en kamerat spilte dette spillet veldig mye i sommerferien. Det er veldig morsomt
-
PS3 vil ha 24 spillere maks tror jeg.
PC håper jeg vil ha 64 spillere som på BF2 (mapsene blir større etter antall spillere) + kanskje mods + dedicated servers (ingen lag!) + kanskje mer?
BF2 var kjempebra når det kom ut .D
-
Aldri kjøp fra Steam. Blir kontoen din disabled/bannet på Steam, mister du alle spillene dine (skjedde med meg en gang uten at jeg fikk vite hvorfor). Det er ganske risky...
-
Det er noen som spiller alle Final Fantasy-spillene mot donasjoner (charity).
sjekk http://www.thespeedgamers.com/
!!
-
-
For de som har lyst å flashe LiteOn-drives gratis, kan de bruke denne metoden:
http://xbox-experts.com/e/tutorial.php?n=flashyourliteonf
For å flashe LiteOn's, må man ha en dingseboms som henter DVDKEY'en ut fra LiteOn-rommen. Denne nøkkelen må "sammensmeltes" med iXtreme-firmwaren for at firmwaren skal kunne flashes på LiteOn-rommen.
Denne tutorial viser deg hvordan man kan lage en sånn liten dingseboms selv og bruke det.
Jeg har brukt guiden selv, og det funker utmerket
Guiden kan virke litt forvirrende pga dårlig språk, anbefaler at du studerer andre guider for å forstå hvordan hele prosessen fungerer. Her er enda en: http://prankster.freeserverhost.com/Xbox%2...orial_v1.01.pdf
Anbefaler alle å flashe i DOS. Hadde så mye problemer med å få PCen til å gjenkjenne LiteOn DVD-rommen. Løsningen var å lage en bootable DOS minnepenn med DosFlash (trengs for å hente DVDKEY + å flashe firmwaren) og Firmtool (trengs for å smelte sammen DVDKEY med iXtreme-firmwaren), koble LiteOn i første SATA-port og dra ut alle harddisker og CD/DVD-rommer i PCen så at BARE LiteOn DVD-rommen er koblet til PCen. Hvis ikke, vil ikke DosFlash finne LiteOn DVD-rommen xD.
-
Sett inn DVDen, trykk på Windows-tast (tasten mellom CTRL og ALT) + E, velg DVD-rommen i sidelinja.
Ser du filene på disken? Hvis ja, kjør filen Sims3setup.exe.
Hvis ikke det fungerer, gå inn på Min Datamaskin (skal være et ikon på skrivebordet) og trykk på CD/DVD-rommen.
Hvis det skjer ingenting, har jeg ingen anelse
-
The Sims 3 funker fint med Intel Pentium 4 3.0 ghz og ATI Radeon 9800 Pro hos meg. Altså, dette er en PC som er kjøpt rundt 2004.
Spillet funker også fint på skolepcen min (AMD Turion x2 med ATI Radeon X1200) som koster bare 2400kr .
Hvis du klarer å kjøre The Sims 2, skal PCen din klare å trekke The Sims 3 . EA har sikkert tenkt at de som kjøper The Sims 3 ikke har noe form for "gamer"-PC og derfor har skredderskydd spillet for gamle og nye PCer
-
Spill blir ikke lenger satt på DVD/CD. Man kjøper i stedenfor lisenser for å spille et spill. Lisensene er akkurat som billetter, man eier ikke spillet. Man har bare et lisens for å spille spillet.
Når man har lisensen, kan man laste det ned digitalt fra nettet (Steam, EA Downloader, nye Battle.net, Direct2Drive etc.) eller streame det (www.onlive.com).
Dette er for å hindre piratkopiering.
-
Installer Hamachi versjon 1.0.1.5 eller lavere. De nyeste fungerer ikke noe særlig bra til gaming.
Sjekk om Windows-brannmur er AV!
Sjekk om andres brannmur er AV!
Sjekk om du har fil-og skrivedeling PÅ!
Hvis du bruker Vista, sjekk om at Hamachis nettverk er satt til PRIVAT NETTVERK.
Hilsen
-
Jeg tenker meg at de fleste spillselskapene nå til dags satser på crossplattform. Det enkleste ville da vært Xbox360-> PC og PS3.
Jeg tenker også at PS3 vil få de mest unike spillene, i mens Xbox 360 får massevis av spill som ligner på hverandre.
Det er bare mine spekulasjoner. Jeg synes det er bra at det finnes folk som gidder å satse på PS3. Jeg håper Carmack klarer å utnytte systemet til full potensiale .
-
ESET Smart Security/NOD32 Anti-virus er hvertfall kjent for å være lite ressurskrevende. Hvertfall et plusspoeng hvis du har en treg PC.
Kjører det selv. Funker som fett
Dustin Home bruker lang tid på min service
i Butikkerfaring
Skrevet
Samme opplevelse her. Sendte dem defekt hovedkort på reklamasjon. Sjekket selv at alt var i orden (ingen CPU-pinner bøyd). Fikk tilbakemelding om at CPU-pinnene var bøyd (var sjokkert) og kunne ikke dekkes av reklamasjon.
De antar det var skade fra postsendingen, ettersom de sendte meg bilder hvor bobleplasten jeg la oppå den for å beskytte den var borte. Ble argumentering fram og tilbake på e-post. Dessverre var jeg dum nok å ikke ta bildet av sendingen før jeg sendte den inn som bevis så jeg fikk ikke medhold.
Av og til lurer jeg på om de faktisk bøyer CPU-pinnene med vilje bare for å slippe å betale for reparasjon. Ingen mulighet å motbevise det som forbruker.
Men ellers vet jeg til neste gang at hovedkort må pakkes godt inn i originalpakning med beskyttelsesdekslen + at bildebevis må tas før reklamasjonen skjer.
Legger ved vedlegg med dokumentasjon så andre kan lære av den.
Vurdering til partene.pdf
Innklagede avviser krav.pdf