baosen

Tenkte å dele min erfaring med dustin og reklamasjon som nettopp er ferdig.

 

Det jeg har reklamert på er det hovedkort kjøpt hos dem for i underkant av 1,5 år siden. For 5,5 uker siden holdt maskinen min på å gå opp i røyk. Smalt skikkelig og luktet svidd i hele rommet. Etter mye om og men finner jeg ut at både skjermkort (kjøpt hos netonnet) og hovedkort er røket. Fikk kontakt med dustin og beskjed om å sende tilbake delen på service. Jeg tar alltid vare på originalemballasje i tilfelle noe slikt som dette skulle skje. Starter med å demontere maskinen. Ut med skjermkort, av med CPU vifte, ut med minnebrikker og alle kabler og til slutt ut med CPU. Alt legges forsiktig tilbake i originalemballasje. Esken til hovedkortet polstrer jeg med ekstra papp og sender i posten dagen etter jeg mottokk returlapp.

 

Nå i dag etter at jeg sendte mail og purret på dem fikk jeg beskjed om at dette ikke går på garanti pga fysisk skade på CPU socket. Jeg fatter ikke at dette er mulig og ber om bilder. De sender over bilder av CPU socket der pinnene tilsynelatende er bøyd. Jeg tok selvsagt ikke bilder av dette før jeg la det ned i pakken men eneste jeg gjorde når jeg demonterte CPU var å ta den UT av socket og jeg brukte da ikke makt eller gjorde noe annet her som kunne forårsaket dette. Forsøker å forklare dette til kundeservice, men det kan selvsagt ikke gjøre noe med dette, de må forholde seg til verkstedet. Får beskjed om at jeg kan klage til kundeombudsmannen eller andre forbrukerinstanser men at svært få slike saker går gjennom med mindre jeg kan bevise at det ikke var jeg som gjorde det. LATTERLIG! Hadde jeg måttet gå gjennom et slikt byråkrati hadde det antagelig kostet mer enn hovedkortet var verdt i tid og penger så jeg orker bare ikke tenke på det.

 

Har bygget maskiner selv i over 15 år og vet da for pokker hvordan man skal behandle hardware. I tillegg klarer Dustin med verkstedet å bruke 35 DAGER på å fortelle meg dette fra de fikk utlevert varen i posten og jeg måtte purre på dem for å få denne infoen. Garantert en på det verkstedet som har dummet seg ut og legger skylden på kunden som ikke kan gjøre en pøkk med det uten bildebevis. Elendig kundeservice og på grensen til svindel spør du meg. 

 

Historen fra netonnet er derimot en annen historie. Der fikk jeg erstattet skjermkortet med et bedre ett, og de vil gi meg et gavekort pga lang servicetid, uten at jeg har purret eller bedt om noe selv. Syntes selvfølgelig 4,5 uker service er lenge, men når de rydder opp på denne måten så kan jeg ikke annet en å anbefale disse.

 

Dustin derimot er det første og SISTE gang jeg handler fra. Tenkte det var greit å fortelle, skal dere sende inn ting på service her, husk å ta bilder av hver krik og krok så dere har noe å banke i bordet med.

Samme opplevelse her. Sendte dem defekt hovedkort på reklamasjon. Sjekket selv at alt var i orden (ingen CPU-pinner bøyd). Fikk tilbakemelding om at CPU-pinnene var bøyd (var sjokkert) og kunne ikke dekkes av reklamasjon.

De antar det var skade fra postsendingen, ettersom de sendte meg bilder hvor bobleplasten jeg la oppå den for å beskytte den var borte. Ble argumentering fram og tilbake på e-post. Dessverre var jeg dum nok å ikke ta bildet av sendingen før jeg sendte den inn som bevis så jeg fikk ikke medhold.

Av og til lurer jeg på om de faktisk bøyer CPU-pinnene med vilje bare for å slippe å betale for reparasjon. Ingen mulighet å motbevise det som forbruker.

Men ellers vet jeg til neste gang at hovedkort må pakkes godt inn i originalpakning med beskyttelsesdekslen + at bildebevis må tas før reklamasjonen skjer.

Legger ved vedlegg med dokumentasjon så andre kan lære av den.

Vurdering til partene.pdf

Innklagede avviser krav.pdf

Har selv bachelor i informatikk, og påstanden med at arbeidsgivere "kommer bankede på døra" er langt fra dagens virkelighet. Det er vanskelig å skaffe seg jobb med bare bachelor i disse tider, siden mange i dag tar en master hvor dem blir prioritert. Masteren har blitt før-tidens bachelor og doktor-graden har blitt før-tidens master.

Denne artikkelen er nok bare reklame for å få studenter til å abonnere på DN. Kreativt av dere DN skal jeg nok si .

Hvis dere studenter studerer på NTNU eller UiO, så finner dere Dagens Næringsliv på biblioteket som dere kan låne og lese gratis, så kan dere bruke de 99kr til noe annet f. eks Spotify.

Et fps med enkle våpen og basert på skill?

www.quakelive.com

Hvis du skal ha en laptop, anbefaler jeg Asus-laptop på det sterkeste.

Asus har som regel ganske bra balanse på ytelse og design (de blir ikke varme der du har hendene dine ). I tillegg har det 24 måneders garanti på laptopene sine.

Du kan ikke gå feil hvis du går for en Asus-laptop.

Ta en titt på disse:

http://rog.asus.com/products/nb/

De holdt ikke det de lovet i utgivelsen av Age of Conan. De annonserte masse "features" som ikke kom med i utgivelsen av spillet. Det tok dem 1 år før de la dem inn.

Da hadde allerede Wrath of the Lich King blitt lansert, så folk brydde seg ikke særlig mye om Age Of Conan lengre.

Dessverre så ødela han fyren som var ansvarlig for PR det gode ryktet til FunCom.

Beklager sen svar

Jeg tok en combofix-scan igjen. Det dukket ikke opp noe logg nå

Jeg tok virustotal-scan på alle kernel32.dll filene jeg fant. Ingen virus her heller.

Datamaskinen fungerer ganske utmerket nå. Jeg har ikke merket noe tegn til virusinfeksjon. Alt ser ut som det er borte.

Det var bare kernel32.dll i system32-mappa.

c:\windows\system32\kernel32.dll

File kernel32.dll received on 2010.07.23 20:03:54 (UTC)

Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

 

 

Result: 0/42 (0%)

Loading server information...

Your file is queued in position: 3.

Estimated start time is between 61 and 87 seconds.

Do not close the window until scan is complete.

The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.

If you are waiting for more than five minutes you have to resend your file.

Your file is being scanned by VirusTotal in this moment,

results will be shown as they're generated.

Compact Print results

Your file has expired or does not exists.

Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

 

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.

Email:

 

 

Antivirus Version Last Update Result

AhnLab-V3 2010.07.23.01 2010.07.23 -

AntiVir 8.2.4.26 2010.07.23 -

Antiy-AVL 2.0.3.7 2010.07.23 -

Authentium 5.2.0.5 2010.07.23 -

Avast 4.8.1351.0 2010.07.23 -

Avast5 5.0.332.0 2010.07.23 -

AVG 9.0.0.851 2010.07.23 -

BitDefender 7.2 2010.07.23 -

CAT-QuickHeal 11.00 2010.07.23 -

ClamAV 0.96.0.3-git 2010.07.23 -

Comodo 5521 2010.07.23 -

DrWeb 5.0.2.03300 2010.07.23 -

Emsisoft 5.0.0.34 2010.07.23 -

eSafe 7.0.17.0 2010.07.22 -

eTrust-Vet 36.1.7732 2010.07.23 -

F-Prot 4.6.1.107 2010.07.23 -

F-Secure 9.0.15370.0 2010.07.23 -

Fortinet 4.1.143.0 2010.07.23 -

GData 21 2010.07.23 -

Ikarus T3.1.1.84.0 2010.07.23 -

Jiangmin 13.0.900 2010.07.23 -

Kaspersky 7.0.0.125 2010.07.23 -

McAfee 5.400.0.1158 2010.07.23 -

McAfee-GW-Edition 2010.1 2010.07.23 -

Microsoft 1.6004 2010.07.23 -

NOD32 5306 2010.07.23 -

Norman 6.05.11 2010.07.23 -

nProtect 2010-07-23.02 2010.07.23 -

Panda 10.0.2.7 2010.07.23 -

PCTools 7.0.3.5 2010.07.23 -

Prevx 3.0 2010.07.23 -

Rising 22.57.03.08 2010.07.23 -

Sophos 4.55.0 2010.07.23 -

Sunbelt 6627 2010.07.23 -

SUPERAntiSpyware 4.40.0.1006 2010.07.23 -

Symantec 20101.1.1.7 2010.07.23 -

TheHacker 6.5.2.1.324 2010.07.23 -

TrendMicro 9.120.0.1004 2010.07.23 -

TrendMicro-HouseCall 9.120.0.1004 2010.07.23 -

VBA32 3.12.12.6 2010.07.23 -

ViRobot 2010.7.23.3956 2010.07.23 -

VirusBuster 5.0.27.0 2010.07.23 -

Additional information

File size: 990720 bytes

MD5...: d023175566b0bcdc4935f3f6e5f70377

SHA1..: c52729de8e3b46d5e97284c5eca9649f9031c37c

SHA256: e37c2898503f11774a4fc7380789f25837bca3b0a845340e62c8e70f4998f191

ssdeep: 12288:uwLw6PKp1IgSq1cNfxVNLww0I7OM4mQRQdlafOiS:OpWHfnNLxwaQRQfaf

OR

 

PEiD..: -

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0xb64e

timedatestamp.....: 0x49c4f536 (Sat Mar 21 14:09:58 2009)

machinetype.......: 0x14c (I386)

 

( 4 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x831e9 0x83200 6.66 20e7d84df75e06dfbc481e20c3e7f8d2

.data 0x85000 0x4460 0x2600 0.59 dd0a1d702ba641dd9a3e4aa8d1896aec

.rsrc 0x8a000 0x66268 0x66400 3.40 6134bd51301991f0281613a31e256536

.reloc 0xf1000 0x5c84 0x5e00 6.62 55b85ac969f28a4d4dff5820d55ffa12

 

( 1 imports )

> ntdll.dll: _wcsnicmp, NtFsControlFile, NtCreateFile, RtlAllocateHeap, RtlFreeHeap, NtOpenFile, NtQueryInformationFile, NtQueryEaFile, RtlLengthSecurityDescriptor, NtQuerySecurityObject, NtSetEaFile, NtSetSecurityObject, NtSetInformationFile, CsrClientCallServer, NtDeviceIoControlFile, NtClose, RtlInitUnicodeString, wcscspn, RtlUnicodeToMultiByteSize, wcslen, _memicmp, memmove, NtQueryValueKey, NtOpenKey, NtFlushKey, NtSetValueKey, NtCreateKey, RtlNtStatusToDosError, RtlFreeUnicodeString, RtlDnsHostNameToComputerName, wcsncpy, RtlUnicodeStringToAnsiString, RtlxUnicodeStringToAnsiSize, NlsMbCodePageTag, RtlAnsiStringToUnicodeString, RtlInitAnsiString, RtlCreateUnicodeStringFromAsciiz, wcschr, wcsstr, RtlPrefixString, _wcsicmp, RtlGetFullPathName_U, RtlGetCurrentDirectory_U, NtQueryInformationProcess, RtlUnicodeStringToOemString, RtlReleasePebLock, RtlEqualUnicodeString, RtlAcquirePebLock, RtlFreeAnsiString, RtlSetCurrentDirectory_U, RtlTimeToTimeFields, NtSetSystemTime, RtlTimeFieldsToTime, NtQuerySystemInformation, RtlSetTimeZoneInformation, NtSetSystemInformation, RtlCutoverTimeToSystemTime, _allmul, NtEnumerateKey, RtlOpenCurrentUser, RtlQueryRegistryValues, _itow, DbgBreakPoint, RtlFreeSid, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, RtlAddAccessAllowedAce, RtlCreateAcl, RtlLengthSid, RtlAllocateAndInitializeSid, DbgPrint, NtOpenProcess, CsrGetProcessId, DbgUiDebugActiveProcess, DbgUiConnectToDbg, DbgUiIssueRemoteBreakin, NtSetInformationDebugObject, DbgUiGetThreadDebugObject, NtQueryInformationThread, DbgUiConvertStateChangeStructure, DbgUiWaitStateChange, DbgUiContinue, DbgUiStopDebugging, RtlDosPathNameToNtPathName_U, RtlIsDosDeviceName_U, RtlCreateAtomTable, NtAddAtom, RtlAddAtomToAtomTable, NtFindAtom, RtlLookupAtomInAtomTable, NtDeleteAtom, RtlDeleteAtomFromAtomTable, NtQueryInformationAtom, RtlQueryAtomInAtomTable, RtlOemStringToUnicodeString, RtlMultiByteToUnicodeN, RtlUnicodeToMultiByteN, RtlMultiByteToUnicodeSize, RtlPrefixUnicodeString, RtlLeaveCriticalSection, RtlEnterCriticalSection, NtEnumerateValueKey, RtlIsTextUnicode, NtReadFile, NtAllocateVirtualMemory, NtUnlockFile, NtLockFile, RtlAppendUnicodeStringToString, RtlAppendUnicodeToString, RtlCopyUnicodeString, NtFreeVirtualMemory, NtWriteFile, RtlCreateUnicodeString, RtlFormatCurrentUserKeyPath, RtlGetLongestNtPathLength, NtDuplicateObject, NtQueryKey, NtDeleteValueKey, RtlEqualString, CsrFreeCaptureBuffer, CsrCaptureMessageString, CsrAllocateCaptureBuffer, strncpy, RtlCharToInteger, RtlUpcaseUnicodeChar, RtlUpcaseUnicodeString, CsrAllocateMessagePointer, NtQueryObject, wcscmp, RtlCompareMemory, NtQueryDirectoryObject, NtQuerySymbolicLinkObject, NtOpenSymbolicLinkObject, NtOpenDirectoryObject, NtCreateIoCompletion, NtSetIoCompletion, NtRemoveIoCompletion, NtSetInformationProcess, NtQueryDirectoryFile, RtlDeleteCriticalSection, NtNotifyChangeDirectoryFile, NtWaitForSingleObject, RtlInitializeCriticalSection, NtQueryVolumeInformationFile, NtFlushBuffersFile, RtlDeactivateActivationContextUnsafeFast, RtlActivateActivationContextUnsafeFast, NtCancelIoFile, NtReadFileScatter, NtWriteFileGather, wcscpy, NtOpenSection, NtMapViewOfSection, NtFlushVirtualMemory, RtlFlushSecureMemoryCache, NtUnmapViewOfSection, NtCreateSection, NtQueryFullAttributesFile, swprintf, NtQueryAttributesFile, RtlDetermineDosPathNameType_U, NtRaiseHardError, NtQuerySystemEnvironmentValueEx, RtlGUIDFromString, NtSetSystemEnvironmentValueEx, RtlInitString, RtlUnlockHeap, RtlSetUserValueHeap, RtlFreeHandle, RtlAllocateHandle, RtlLockHeap, RtlSizeHeap, RtlGetUserInfoHeap, RtlReAllocateHeap, RtlIsValidHandle, RtlCompactHeap, RtlImageNtHeader, NtProtectVirtualMemory, NtQueryVirtualMemory, NtLockVirtualMemory, NtUnlockVirtualMemory, NtFlushInstructionCache, NtAllocateUserPhysicalPages, NtFreeUserPhysicalPages, NtMapUserPhysicalPages, NtMapUserPhysicalPagesScatter, NtGetWriteWatch, NtResetWriteWatch, NtSetInformationObject, LdrQueryImageFileExecutionOptions, CsrNewThread, CsrClientConnectToServer, RtlCreateTagHeap, LdrSetDllManifestProber, RtlSetThreadPoolStartFunc, RtlEncodePointer, _stricmp, wcscat, RtlCreateHeap, RtlDestroyHeap, RtlExtendHeap, RtlQueryTagHeap, RtlUsageHeap, RtlValidateHeap, RtlGetProcessHeaps, RtlWalkHeap, RtlSetHeapInformation, RtlQueryHeapInformation, RtlInitializeHandleTable, RtlExtendedLargeIntegerDivide, NtCreateMailslotFile, RtlFormatMessage, RtlFindMessage, LdrUnloadDll, LdrUnloadAlternateResourceModule, LdrDisableThreadCalloutsForDll, strchr, LdrGetDllHandle, LdrUnlockLoaderLock, LdrAddRefDll, RtlComputePrivatizedDllName_U, RtlPcToFileHeader, LdrLockLoaderLock, RtlGetVersion, LdrEnumerateLoadedModules, RtlVerifyVersionInfo, RtlUnicodeStringToInteger, LdrLoadAlternateResourceModule, RtlDosApplyFileIsolationRedirection_Ustr, LdrLoadDll, LdrGetProcedureAddress, LdrFindResource_U, LdrAccessResource, LdrFindResourceDirectory_U, RtlImageDirectoryEntryToData, _strcmpi, NtSetInformationThread, NtOpenThreadToken, NtCreateNamedPipeFile, RtlDefaultNpAcl, RtlDosSearchPath_Ustr, RtlInitUnicodeStringEx, RtlQueryEnvironmentVariable_U, RtlAnsiCharToUnicodeChar, RtlIntegerToChar, NtSetVolumeInformationFile, RtlIsNameLegalDOS8Dot3, NtQueryPerformanceCounter, sprintf, NtPowerInformation, NtInitiatePowerAction, NtSetThreadExecutionState, NtRequestWakeupLatency, NtGetDevicePowerState, NtIsSystemResumeAutomatic, NtRequestDeviceWakeup, NtCancelDeviceWakeupRequest, NtWriteVirtualMemory, LdrShutdownProcess, NtTerminateProcess, RtlRaiseStatus, RtlSetEnvironmentVariable, RtlExpandEnvironmentStrings_U, NtReadVirtualMemory, RtlCompareUnicodeString, NtCreateJobSet, NtCreateJobObject, NtIsProcessInJob, RtlEqualSid, RtlSubAuthoritySid, RtlInitializeSid, NtQueryInformationToken, NtOpenProcessToken, NtResumeThread, NtAssignProcessToJobObject, CsrCaptureMessageMultiUnicodeStringsInPlace, NtCreateThread, NtCreateProcessEx, RtlDestroyEnvironment, NtQuerySection, NtQueryInformationJobObject, RtlGetNativeSystemInformation, RtlxAnsiStringToUnicodeSize, NtOpenEvent, NtQueryEvent, NtTerminateThread, wcsrchr, NlsMbOemCodePageTag, RtlxUnicodeStringToOemSize, NtAdjustPrivilegesToken, RtlImpersonateSelf, wcsncmp, RtlDestroyProcessParameters, RtlCreateProcessParameters, RtlInitializeCriticalSectionAndSpinCount, NtSetEvent, NtClearEvent, NtPulseEvent, NtCreateSemaphore, NtOpenSemaphore, NtReleaseSemaphore, NtCreateMutant, NtOpenMutant, NtReleaseMutant, NtSignalAndWaitForSingleObject, NtWaitForMultipleObjects, NtDelayExecution, NtCreateTimer, NtOpenTimer, NtSetTimer, NtCancelTimer, NtCreateEvent, RtlCopyLuid, strrchr, _vsnwprintf, RtlReleaseActivationContext, RtlActivateActivationContextEx, RtlQueryInformationActivationContext, NtOpenThread, LdrShutdownThread, RtlFreeThreadActivationContextStack, NtGetContextThread, NtSetContextThread, NtSuspendThread, RtlRaiseException, RtlDecodePointer, towlower, RtlClearBits, RtlFindClearBitsAndSet, RtlAreBitsSet, NtQueueApcThread, NtYieldExecution, RtlRegisterWait, RtlDeregisterWait, RtlDeregisterWaitEx, RtlQueueWorkItem, RtlSetIoCompletionCallback, RtlCreateTimerQueue, RtlCreateTimer, RtlUpdateTimer, RtlDeleteTimer, RtlDeleteTimerQueueEx, CsrIdentifyAlertableThread, RtlApplicationVerifierStop, _alloca_probe, RtlDestroyQueryDebugBuffer, RtlQueryProcessDebugInformation, RtlCreateQueryDebugBuffer, RtlCreateEnvironment, RtlFreeOemString, strstr, toupper, isdigit, atol, tolower, NtOpenJobObject, NtTerminateJobObject, NtSetInformationJobObject, RtlAddRefActivationContext, RtlZombifyActivationContext, RtlActivateActivationContext, RtlDeactivateActivationContext, RtlGetActiveActivationContext, DbgPrintEx, LdrDestroyOutOfProcessImage, LdrAccessOutOfProcessResource, LdrFindCreateProcessManifest, LdrCreateOutOfProcessImage, RtlNtStatusToDosErrorNoTeb, RtlpApplyLengthFunction, RtlGetLengthWithoutLastFullDosOrNtPathElement, RtlpEnsureBufferSize, RtlMultiAppendUnicodeStringBuffer, _snwprintf, RtlCreateActivationContext, RtlFindActivationContextSectionString, RtlFindActivationContextSectionGuid, _allshl, RtlNtPathNameToDosPathName, RtlUnhandledExceptionFilter, CsrCaptureMessageBuffer, NtQueryInstallUILanguage, NtQueryDefaultUILanguage, wcspbrk, RtlGetDaclSecurityDescriptor, NtCreateDirectoryObject, _wcslwr, _wtol, RtlIntegerToUnicodeString, NtQueryDefaultLocale, _strlwr, RtlUnwind

 

( 954 exports )

ActivateActCtx, AddAtomA, AddAtomW, AddConsoleAliasA, AddConsoleAliasW, AddLocalAlternateComputerNameA, AddLocalAlternateComputerNameW, AddRefActCtx, AddVectoredExceptionHandler, AllocConsole, AllocateUserPhysicalPages, AreFileApisANSI, AssignProcessToJobObject, AttachConsole, BackupRead, BackupSeek, BackupWrite, BaseCheckAppcompatCache, BaseCleanupAppcompatCache, BaseCleanupAppcompatCacheSupport, BaseDumpAppcompatCache, BaseFlushAppcompatCache, BaseInitAppcompatCache, BaseInitAppcompatCacheSupport, BaseProcessInitPostImport, BaseQueryModuleData, BaseUpdateAppcompatCache, BasepCheckWinSaferRestrictions, Beep, BeginUpdateResourceA, BeginUpdateResourceW, BindIoCompletionCallback, BuildCommDCBA, BuildCommDCBAndTimeoutsA, BuildCommDCBAndTimeoutsW, BuildCommDCBW, CallNamedPipeA, CallNamedPipeW, CancelDeviceWakeupRequest, CancelIo, CancelTimerQueueTimer, CancelWaitableTimer, ChangeTimerQueueTimer, CheckNameLegalDOS8Dot3A, CheckNameLegalDOS8Dot3W, CheckRemoteDebuggerPresent, ClearCommBreak, ClearCommError, CloseConsoleHandle, CloseHandle, CloseProfileUserMapping, CmdBatNotification, CommConfigDialogA, CommConfigDialogW, CompareFileTime, CompareStringA, CompareStringW, ConnectNamedPipe, ConsoleMenuControl, ContinueDebugEvent, ConvertDefaultLocale, ConvertFiberToThread, ConvertThreadToFiber, CopyFileA, CopyFileExA, CopyFileExW, CopyFileW, CopyLZFile, CreateActCtxA, CreateActCtxW, CreateConsoleScreenBuffer, CreateDirectoryA, CreateDirectoryExA, CreateDirectoryExW, CreateDirectoryW, CreateEventA, CreateEventW, CreateFiber, CreateFiberEx, CreateFileA, CreateFileMappingA, CreateFileMappingW, CreateFileW, CreateHardLinkA, CreateHardLinkW, CreateIoCompletionPort, CreateJobObjectA, CreateJobObjectW, CreateJobSet, CreateMailslotA, CreateMailslotW, CreateMemoryResourceNotification, CreateMutexA, CreateMutexW, CreateNamedPipeA, CreateNamedPipeW, CreateNlsSecurityDescriptor, CreatePipe, CreateProcessA, CreateProcessInternalA, CreateProcessInternalW, CreateProcessInternalWSecure, CreateProcessW, CreateRemoteThread, CreateSemaphoreA, CreateSemaphoreW, CreateSocketHandle, CreateTapePartition, CreateThread, CreateTimerQueue, CreateTimerQueueTimer, CreateToolhelp32Snapshot, CreateVirtualBuffer, CreateWaitableTimerA, CreateWaitableTimerW, DeactivateActCtx, DebugActiveProcess, DebugActiveProcessStop, DebugBreak, DebugBreakProcess, DebugSetProcessKillOnExit, DecodePointer, DecodeSystemPointer, DefineDosDeviceA, DefineDosDeviceW, DelayLoadFailureHook, DeleteAtom, DeleteCriticalSection, DeleteFiber, DeleteFileA, DeleteFileW, DeleteTimerQueue, DeleteTimerQueueEx, DeleteTimerQueueTimer, DeleteVolumeMountPointA, DeleteVolumeMountPointW, DeviceIoControl, DisableThreadLibraryCalls, DisconnectNamedPipe, DnsHostnameToComputerNameA, DnsHostnameToComputerNameW, DosDateTimeToFileTime, DosPathToSessionPathA, DosPathToSessionPathW, DuplicateConsoleHandle, DuplicateHandle, EncodePointer, EncodeSystemPointer, EndUpdateResourceA, EndUpdateResourceW, EnterCriticalSection, EnumCalendarInfoA, EnumCalendarInfoExA, EnumCalendarInfoExW, EnumCalendarInfoW, EnumDateFormatsA, EnumDateFormatsExA, EnumDateFormatsExW, EnumDateFormatsW, EnumLanguageGroupLocalesA, EnumLanguageGroupLocalesW, EnumResourceLanguagesA, EnumResourceLanguagesW, EnumResourceNamesA, EnumResourceNamesW, EnumResourceTypesA, EnumResourceTypesW, EnumSystemCodePagesA, EnumSystemCodePagesW, EnumSystemGeoID, EnumSystemLanguageGroupsA, EnumSystemLanguageGroupsW, EnumSystemLocalesA, EnumSystemLocalesW, EnumTimeFormatsA, EnumTimeFormatsW, EnumUILanguagesA, EnumUILanguagesW, EnumerateLocalComputerNamesA, EnumerateLocalComputerNamesW, EraseTape, EscapeCommFunction, ExitProcess, ExitThread, ExitVDM, ExpandEnvironmentStringsA, ExpandEnvironmentStringsW, ExpungeConsoleCommandHistoryA, ExpungeConsoleCommandHistoryW, ExtendVirtualBuffer, FatalAppExitA, FatalAppExitW, FatalExit, FileTimeToDosDateTime, FileTimeToLocalFileTime, FileTimeToSystemTime, FillConsoleOutputAttribute, FillConsoleOutputCharacterA, FillConsoleOutputCharacterW, FindActCtxSectionGuid, FindActCtxSectionStringA, FindActCtxSectionStringW, FindAtomA, FindAtomW, FindClose, FindCloseChangeNotification, FindFirstChangeNotificationA, FindFirstChangeNotificationW, FindFirstFileA, FindFirstFileExA, FindFirstFileExW, FindFirstFileW, FindFirstVolumeA, FindFirstVolumeMountPointA, FindFirstVolumeMountPointW, FindFirstVolumeW, FindNextChangeNotification, FindNextFileA, FindNextFileW, FindNextVolumeA, FindNextVolumeMountPointA, FindNextVolumeMountPointW, FindNextVolumeW, FindResourceA, FindResourceExA, FindResourceExW, FindResourceW, FindVolumeClose, FindVolumeMountPointClose, FlushConsoleInputBuffer, FlushFileBuffers, FlushInstructionCache, FlushViewOfFile, FoldStringA, FoldStringW, FormatMessageA, FormatMessageW, FreeConsole, FreeEnvironmentStringsA, FreeEnvironmentStringsW, FreeLibrary, FreeLibraryAndExitThread, FreeResource, FreeUserPhysicalPages, FreeVirtualBuffer, GenerateConsoleCtrlEvent, GetACP, GetAtomNameA, GetAtomNameW, GetBinaryType, GetBinaryTypeA, GetBinaryTypeW, GetCPFileNameFromRegistry, GetCPInfo, GetCPInfoExA, GetCPInfoExW, GetCalendarInfoA, GetCalendarInfoW, GetComPlusPackageInstallStatus, GetCommConfig, GetCommMask, GetCommModemStatus, GetCommProperties, GetCommState, GetCommTimeouts, GetCommandLineA, GetCommandLineW, GetCompressedFileSizeA, GetCompressedFileSizeW, GetComputerNameA, GetComputerNameExA, GetComputerNameExW, GetComputerNameW, GetConsoleAliasA, GetConsoleAliasExesA, GetConsoleAliasExesLengthA, GetConsoleAliasExesLengthW, GetConsoleAliasExesW, GetConsoleAliasW, GetConsoleAliasesA, GetConsoleAliasesLengthA, GetConsoleAliasesLengthW, GetConsoleAliasesW, GetConsoleCP, GetConsoleCharType, GetConsoleCommandHistoryA, GetConsoleCommandHistoryLengthA, GetConsoleCommandHistoryLengthW, GetConsoleCommandHistoryW, GetConsoleCursorInfo, GetConsoleCursorMode, GetConsoleDisplayMode, GetConsoleFontInfo, GetConsoleFontSize, GetConsoleHardwareState, GetConsoleInputExeNameA, GetConsoleInputExeNameW, GetConsoleInputWaitHandle, GetConsoleKeyboardLayoutNameA, GetConsoleKeyboardLayoutNameW, GetConsoleMode, GetConsoleNlsMode, GetConsoleOutputCP, GetConsoleProcessList, GetConsoleScreenBufferInfo, GetConsoleSelectionInfo, GetConsoleTitleA, GetConsoleTitleW, GetConsoleWindow, GetCurrencyFormatA, GetCurrencyFormatW, GetCurrentActCtx, GetCurrentConsoleFont, GetCurrentDirectoryA, GetCurrentDirectoryW, GetCurrentProcess, GetCurrentProcessId, GetCurrentThread, GetCurrentThreadId, GetDateFormatA, GetDateFormatW, GetDefaultCommConfigA, GetDefaultCommConfigW, GetDefaultSortkeySize, GetDevicePowerState, GetDiskFreeSpaceA, GetDiskFreeSpaceExA, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetDllDirectoryA, GetDllDirectoryW, GetDriveTypeA, GetDriveTypeW, GetEnvironmentStrings, GetEnvironmentStringsA, GetEnvironmentStringsW, GetEnvironmentVariableA, GetEnvironmentVariableW, GetExitCodeProcess, GetExitCodeThread, GetExpandedNameA, GetExpandedNameW, GetFileAttributesA, GetFileAttributesExA, GetFileAttributesExW, GetFileAttributesW, GetFileInformationByHandle, GetFileSize, GetFileSizeEx, GetFileTime, GetFileType, GetFirmwareEnvironmentVariableA, GetFirmwareEnvironmentVariableW, GetFullPathNameA, GetFullPathNameW, GetGeoInfoA, GetGeoInfoW, GetHandleContext, GetHandleInformation, GetLargestConsoleWindowSize, GetLastError, GetLinguistLangSize, GetLocalTime, GetLocaleInfoA, GetLocaleInfoW, GetLogicalDriveStringsA, GetLogicalDriveStringsW, GetLogicalDrives, GetLogicalProcessorInformation, GetLongPathNameA, GetLongPathNameW, GetMailslotInfo, GetModuleFileNameA, GetModuleFileNameW, GetModuleHandleA, GetModuleHandleExA, GetModuleHandleExW, GetModuleHandleW, GetNamedPipeHandleStateA, GetNamedPipeHandleStateW, GetNamedPipeInfo, GetNativeSystemInfo, GetNextVDMCommand, GetNlsSectionName, GetNumaAvailableMemory, GetNumaAvailableMemoryNode, GetNumaHighestNodeNumber, GetNumaNodeProcessorMask, GetNumaProcessorMap, GetNumaProcessorNode, GetNumberFormatA, GetNumberFormatW, GetNumberOfConsoleFonts, GetNumberOfConsoleInputEvents, GetNumberOfConsoleMouseButtons, GetOEMCP, GetOverlappedResult, GetPriorityClass, GetPrivateProfileIntA, GetPrivateProfileIntW, GetPrivateProfileSectionA, GetPrivateProfileSectionNamesA, GetPrivateProfileSectionNamesW, GetPrivateProfileSectionW, GetPrivateProfileStringA, GetPrivateProfileStringW, GetPrivateProfileStructA, GetPrivateProfileStructW, GetProcAddress, GetProcessAffinityMask, GetProcessDEPPolicy, GetProcessHandleCount, GetProcessHeap, GetProcessHeaps, GetProcessId, GetProcessIoCounters, GetProcessPriorityBoost, GetProcessShutdownParameters, GetProcessTimes, GetProcessVersion, GetProcessWorkingSetSize, GetProfileIntA, GetProfileIntW, GetProfileSectionA, GetProfileSectionW, GetProfileStringA, GetProfileStringW, GetQueuedCompletionStatus, GetShortPathNameA, GetShortPathNameW, GetStartupInfoA, GetStartupInfoW, GetStdHandle, GetStringTypeA, GetStringTypeExA, GetStringTypeExW, GetStringTypeW, GetSystemDEPPolicy, GetSystemDefaultLCID, GetSystemDefaultLangID, GetSystemDefaultUILanguage, GetSystemDirectoryA, GetSystemDirectoryW, GetSystemInfo, GetSystemPowerStatus, GetSystemRegistryQuota, GetSystemTime, GetSystemTimeAdjustment, GetSystemTimeAsFileTime, GetSystemTimes, GetSystemWindowsDirectoryA, GetSystemWindowsDirectoryW, GetSystemWow64DirectoryA, GetSystemWow64DirectoryW, GetTapeParameters, GetTapePosition, GetTapeStatus, GetTempFileNameA, GetTempFileNameW, GetTempPathA, GetTempPathW, GetThreadContext, GetThreadIOPendingFlag, GetThreadLocale, GetThreadPriority, GetThreadPriorityBoost, GetThreadSelectorEntry, GetThreadTimes, GetTickCount, GetTimeFormatA, GetTimeFormatW, GetTimeZoneInformation, GetUserDefaultLCID, GetUserDefaultLangID, GetUserDefaultUILanguage, GetUserGeoID, GetVDMCurrentDirectories, GetVersion, GetVersionExA, GetVersionExW, GetVolumeInformationA, GetVolumeInformationW, GetVolumeNameForVolumeMountPointA, GetVolumeNameForVolumeMountPointW, GetVolumePathNameA, GetVolumePathNameW, GetVolumePathNamesForVolumeNameA, GetVolumePathNamesForVolumeNameW, GetWindowsDirectoryA, GetWindowsDirectoryW, GetWriteWatch, GlobalAddAtomA, GlobalAddAtomW, GlobalAlloc, GlobalCompact, GlobalDeleteAtom, GlobalFindAtomA, GlobalFindAtomW, GlobalFix, GlobalFlags, GlobalFree, GlobalGetAtomNameA, GlobalGetAtomNameW, GlobalHandle, GlobalLock, GlobalMemoryStatus, GlobalMemoryStatusEx, GlobalReAlloc, GlobalSize, GlobalUnWire, GlobalUnfix, GlobalUnlock, GlobalWire, Heap32First, Heap32ListFirst, Heap32ListNext, Heap32Next, HeapAlloc, HeapCompact, HeapCreate, HeapCreateTagsW, HeapDestroy, HeapExtend, HeapFree, HeapLock, HeapQueryInformation, HeapQueryTagW, HeapReAlloc, HeapSetInformation, HeapSize, HeapSummary, HeapUnlock, HeapUsage, HeapValidate, HeapWalk, InitAtomTable, InitializeCriticalSection, InitializeCriticalSectionAndSpinCount, InitializeSListHead, InterlockedCompareExchange, InterlockedDecrement, InterlockedExchange, InterlockedExchangeAdd, InterlockedFlushSList, InterlockedIncrement, InterlockedPopEntrySList, InterlockedPushEntrySList, InvalidateConsoleDIBits, IsBadCodePtr, IsBadHugeReadPtr, IsBadHugeWritePtr, IsBadReadPtr, IsBadStringPtrA, IsBadStringPtrW, IsBadWritePtr, IsDBCSLeadByte, IsDBCSLeadByteEx, IsDebuggerPresent, IsProcessInJob, IsProcessorFeaturePresent, IsSystemResumeAutomatic, IsValidCodePage, IsValidLanguageGroup, IsValidLocale, IsValidUILanguage, IsWow64Process, LCMapStringA, LCMapStringW, LZClose, LZCloseFile, LZCopy, LZCreateFileW, LZDone, LZInit, LZOpenFileA, LZOpenFileW, LZRead, LZSeek, LZStart, LeaveCriticalSection, LoadLibraryA, LoadLibraryExA, LoadLibraryExW, LoadLibraryW, LoadModule, LoadResource, LocalAlloc, LocalCompact, LocalFileTimeToFileTime, LocalFlags, LocalFree, LocalHandle, LocalLock, LocalReAlloc, LocalShrink, LocalSize, LocalUnlock, LockFile, LockFileEx, LockResource, MapUserPhysicalPages, MapUserPhysicalPagesScatter, MapViewOfFile, MapViewOfFileEx, Module32First, Module32FirstW, Module32Next, Module32NextW, MoveFileA, MoveFileExA, MoveFileExW, MoveFileW, MoveFileWithProgressA, MoveFileWithProgressW, MulDiv, MultiByteToWideChar, NlsConvertIntegerToString, NlsGetCacheUpdateCount, NlsResetProcessLocale, NumaVirtualQueryNode, OpenConsoleW, OpenDataFile, OpenEventA, OpenEventW, OpenFile, OpenFileMappingA, OpenFileMappingW, OpenJobObjectA, OpenJobObjectW, OpenMutexA, OpenMutexW, OpenProcess, OpenProfileUserMapping, OpenSemaphoreA, OpenSemaphoreW, OpenThread, OpenWaitableTimerA, OpenWaitableTimerW, OutputDebugStringA, OutputDebugStringW, PeekConsoleInputA, PeekConsoleInputW, PeekNamedPipe, PostQueuedCompletionStatus, PrepareTape, PrivCopyFileExW, PrivMoveFileIdentityW, Process32First, Process32FirstW, Process32Next, Process32NextW, ProcessIdToSessionId, PulseEvent, PurgeComm, QueryActCtxW, QueryDepthSList, QueryDosDeviceA, QueryDosDeviceW, QueryInformationJobObject, QueryMemoryResourceNotification, QueryPerformanceCounter, QueryPerformanceFrequency, QueryWin31IniFilesMappedToRegistry, QueueUserAPC, QueueUserWorkItem, RaiseException, ReadConsoleA, ReadConsoleInputA, ReadConsoleInputExA, ReadConsoleInputExW, ReadConsoleInputW, ReadConsoleOutputA, ReadConsoleOutputAttribute, ReadConsoleOutputCharacterA, ReadConsoleOutputCharacterW, ReadConsoleOutputW, ReadConsoleW, ReadDirectoryChangesW, ReadFile, ReadFileEx, ReadFileScatter, ReadProcessMemory, RegisterConsoleIME, RegisterConsoleOS2, RegisterConsoleVDM, RegisterWaitForInputIdle, RegisterWaitForSingleObject, RegisterWaitForSingleObjectEx, RegisterWowBaseHandlers, RegisterWowExec, ReleaseActCtx, ReleaseMutex, ReleaseSemaphore, RemoveDirectoryA, RemoveDirectoryW, RemoveLocalAlternateComputerNameA, RemoveLocalAlternateComputerNameW, RemoveVectoredExceptionHandler, ReplaceFile, ReplaceFileA, ReplaceFileW, RequestDeviceWakeup, RequestWakeupLatency, ResetEvent, ResetWriteWatch, RestoreLastError, ResumeThread, RtlCaptureContext, RtlCaptureStackBackTrace, RtlFillMemory, RtlMoveMemory, RtlUnwind, RtlZeroMemory, ScrollConsoleScreenBufferA, ScrollConsoleScreenBufferW, SearchPathA, SearchPathW, SetCPGlobal, SetCalendarInfoA, SetCalendarInfoW, SetClientTimeZoneInformation, SetComPlusPackageInstallStatus, SetCommBreak, SetCommConfig, SetCommMask, SetCommState, SetCommTimeouts, SetComputerNameA, SetComputerNameExA, SetComputerNameExW, SetComputerNameW, SetConsoleActiveScreenBuffer, SetConsoleCP, SetConsoleCommandHistoryMode, SetConsoleCtrlHandler, SetConsoleCursor, SetConsoleCursorInfo, SetConsoleCursorMode, SetConsoleCursorPosition, SetConsoleDisplayMode, SetConsoleFont, SetConsoleHardwareState, SetConsoleIcon, SetConsoleInputExeNameA, SetConsoleInputExeNameW, SetConsoleKeyShortcuts, SetConsoleLocalEUDC, SetConsoleMaximumWindowSize, SetConsoleMenuClose, SetConsoleMode, SetConsoleNlsMode, SetConsoleNumberOfCommandsA, SetConsoleNumberOfCommandsW, SetConsoleOS2OemFormat, SetConsoleOutputCP, SetConsolePalette, SetConsoleScreenBufferSize, SetConsoleTextAttribute, SetConsoleTitleA, SetConsoleTitleW, SetConsoleWindowInfo, SetCriticalSectionSpinCount, SetCurrentDirectoryA, SetCurrentDirectoryW, SetDefaultCommConfigA, SetDefaultCommConfigW, SetDllDirectoryA, SetDllDirectoryW, SetEndOfFile, SetEnvironmentVariableA, SetEnvironmentVariableW, SetErrorMode, SetEvent, SetFileApisToANSI, SetFileApisToOEM, SetFileAttributesA, SetFileAttributesW, SetFilePointer, SetFilePointerEx, SetFileShortNameA, SetFileShortNameW, SetFileTime, SetFileValidData, SetFirmwareEnvironmentVariableA, SetFirmwareEnvironmentVariableW, SetHandleContext, SetHandleCount, SetHandleInformation, SetInformationJobObject, SetLastConsoleEventActive, SetLastError, SetLocalPrimaryComputerNameA, SetLocalPrimaryComputerNameW, SetLocalTime, SetLocaleInfoA, SetLocaleInfoW, SetMailslotInfo, SetMessageWaitingIndicator, SetNamedPipeHandleState, SetPriorityClass, SetProcessAffinityMask, SetProcessDEPPolicy, SetProcessPriorityBoost, SetProcessShutdownParameters, SetProcessWorkingSetSize, SetSearchPathMode, SetStdHandle, SetSystemPowerState, SetSystemTime, SetSystemTimeAdjustment, SetTapeParameters, SetTapePosition, SetTermsrvAppInstallMode, SetThreadAffinityMask, SetThreadContext, SetThreadExecutionState, SetThreadIdealProcessor, SetThreadLocale, SetThreadPriority, SetThreadPriorityBoost, SetThreadUILanguage, SetTimeZoneInformation, SetTimerQueueTimer, SetUnhandledExceptionFilter, SetUserGeoID, SetVDMCurrentDirectories, SetVolumeLabelA, SetVolumeLabelW, SetVolumeMountPointA, SetVolumeMountPointW, SetWaitableTimer, SetupComm, ShowConsoleCursor, SignalObjectAndWait, SizeofResource, Sleep, SleepEx, SuspendThread, SwitchToFiber, SwitchToThread, SystemTimeToFileTime, SystemTimeToTzSpecificLocalTime, TerminateJobObject, TerminateProcess, TerminateThread, TermsrvAppInstallMode, Thread32First, Thread32Next, TlsAlloc, TlsFree, TlsGetValue, TlsSetValue, Toolhelp32ReadProcessMemory, TransactNamedPipe, TransmitCommChar, TrimVirtualBuffer, TryEnterCriticalSection, TzSpecificLocalTimeToSystemTime, UTRegister, UTUnRegister, UnhandledExceptionFilter, UnlockFile, UnlockFileEx, UnmapViewOfFile, UnregisterConsoleIME, UnregisterWait, UnregisterWaitEx, UpdateResourceA, UpdateResourceW, VDMConsoleOperation, VDMOperationStarted, ValidateLCType, ValidateLocale, VerLanguageNameA, VerLanguageNameW, VerSetConditionMask, VerifyConsoleIoHandle, VerifyVersionInfoA, VerifyVersionInfoW, VirtualAlloc, VirtualAllocEx, VirtualBufferExceptionHandler, VirtualFree, VirtualFreeEx, VirtualLock, VirtualProtect, VirtualProtectEx, VirtualQuery, VirtualQueryEx, VirtualUnlock, WTSGetActiveConsoleSessionId, WaitCommEvent, WaitForDebugEvent, WaitForMultipleObjects, WaitForMultipleObjectsEx, WaitForSingleObject, WaitForSingleObjectEx, WaitNamedPipeA, WaitNamedPipeW, WideCharToMultiByte, WinExec, WriteConsoleA, WriteConsoleInputA, WriteConsoleInputVDMA, WriteConsoleInputVDMW, WriteConsoleInputW, WriteConsoleOutputA, WriteConsoleOutputAttribute, WriteConsoleOutputCharacterA, WriteConsoleOutputCharacterW, WriteConsoleOutputW, WriteConsoleW, WriteFile, WriteFileEx, WriteFileGather, WritePrivateProfileSectionA, WritePrivateProfileSectionW, WritePrivateProfileStringA, WritePrivateProfileStringW, WritePrivateProfileStructA, WritePrivateProfileStructW, WriteProcessMemory, WriteProfileSectionA, WriteProfileSectionW, WriteProfileStringA, WriteProfileStringW, WriteTapemark, ZombifyActCtx, _hread, _hwrite, _lclose, _lcreat, _llseek, _lopen, _lread, _lwrite, lstrcat, lstrcatA, lstrcatW, lstrcmp, lstrcmpA, lstrcmpW, lstrcmpi, lstrcmpiA, lstrcmpiW, lstrcpy, lstrcpyA, lstrcpyW, lstrcpyn, lstrcpynA, lstrcpynW, lstrlen, lstrlenA, lstrlenW

 

RDS...: NSRL Reference Data Set

-

pdfid.: -

trid..: Win64 Executable Generic (42.6%)

Win32 EXE PECompact compressed (generic) (20.7%)

Win32 Executable MS Visual C++ (generic) (18.8%)

Win 9x/ME Control Panel applet (7.7%)

Win32 Executable Generic (4.2%)

sigcheck:

publisher....: Microsoft Corporation

copyright....: © Microsoft Corporation. Med enerett.

product......: Operativsystemet Microsoft_ Windows_

description..: DLL-fil for Windows NT BASE API-klient

original name: kernel32

internal name: kernel32

file version.: 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

 

Hjelp! Jeg har fått virus!

Jeg fulgte bruksanvisningene på forumet. Her er loggene:

MBAM:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Databaseversjon: 4340

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.11

 

23.07.2010 11:13:23

mbam-log-2010-07-23 (11-13-23).txt

 

Skanntype: Full skann (C:\|)

Objekter skannet: 233007

Tid tilbakelagt: 45 minutt(er), 51 sekund(er)

 

Minneprosesser infisert: 3

Minnemoduler infisert: 1

Registernøkler infisert: 1

Registerverdier infisert: 4

Registerfiler infisert: 3

Mapper infisert: 1

Filer infisert 34

 

Minneprosesser infisert:

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\MSDERUN.EXE (Trojan.FakeAlert) -> Unloaded process successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12A.tmp.exe (Trojan.FakeAlert) -> Unloaded process successfully.

C:\WINDOWS\system32\qtplugin.exe (Rootkit.Agent) -> Unloaded process successfully.

 

Minnemoduler infisert:

C:\Documents and Settings\ltran\Lokale innstillinger\Programdata\Windows Server\mttuqs.dll (Spyware.Passwords) -> Delete on reboot.

 

Registernøkler infisert:

HKEY_LOCAL_MACHINE\SOFTWARE\Defense Center (Rogue.DefenseCenter) -> Quarantined and deleted successfully.

 

Registerverdier infisert:

HKEY_CURRENT_USER\Software\Microsoft\idln2 (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\registrymonitor1 (Rootkit.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls\appsecdll (Trojan.Agent) -> Quarantined and deleted successfully.

 

Registerfiler infisert:

HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\control panel\HomePage (Hijack.HomePageControl) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully.

 

Mapper infisert:

C:\Programfiler\Defense Center (Rogue.DefenseCenter) -> Quarantined and deleted successfully.

 

Filer infisert

C:\Documents and Settings\ltran\Lokale innstillinger\Programdata\Windows Server\mttuqs.dll (Spyware.Passwords) -> Delete on reboot.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\MSDERUN.EXE (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12A.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd126.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd127.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd128.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd129.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12B.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12D.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12E.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\asd12F.tmp.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tbWYNrle.exe.part (Worm.KoobFace) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\TMP26042.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp3AD7.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp44F9.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp4FF6.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp660E.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp693A.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp6EB9.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp7F64.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp8417.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\tmp8DCB.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\topwesitjh (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\ERDNT\ERDNTWIN.OVL (Trojan.Banker) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Skrivebord\nudetube.com.lnk (Rogue.Link) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Skrivebord\pornotube.com.lnk (Rogue.Link) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Skrivebord\spam001.exe (Malware.Trace) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Skrivebord\spam003.exe (Malware.Trace) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Skrivebord\troj000.exe (Malware.Trave) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Skrivebord\youporn.com.lnk (Rogue.Link) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Favoritter\_favdata.dat (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\qtplugin.exe (Rootkit.Agent) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\7.exe (Worm.AutoRun) -> Quarantined and deleted successfully.

C:\Documents and Settings\ltran\Lokale innstillinger\Temp\mschrt20ex.dll (Rogue.DefenseCenter) -> Delete on reboot.

Combofix

ComboFix 10-07-22.01 - LTran 23.07.2010 11:37:56.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.1014.439 [GMT 2:00]

Kjører fra: c:\documents and settings\ltran\Skrivebord\ComboFix.exe

AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

* Opprettet nytt gjenopprettingspunkt

.

 

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr0.dat

c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr1.dat

c:\documents and settings\ltran\Lokale innstillinger\Programdata\Windows Server

c:\documents and settings\ltran\Lokale innstillinger\Programdata\Windows Server\flags.ini

c:\documents and settings\ltran\Lokale innstillinger\Programdata\Windows Server\uses32.dat

c:\windows\xpsp1hfm.log

 

----- BITS: Mulige infiserte sider -----

 

hxxp://siosysop

c:\windows\system32\kernel32.dll . . . er infisert!!

 

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2010-06-23 til 2010-07-23 )))))))))))))))))))))))))))))))))

.

 

2010-07-23 08:19 . 2010-07-23 08:19 -------- d-----w- c:\documents and settings\ltran\Programdata\Malwarebytes

2010-07-23 08:19 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-07-23 08:19 . 2010-07-23 08:19 -------- d-----w- c:\documents and settings\All Users\Programdata\Malwarebytes

2010-07-23 08:19 . 2010-07-23 08:19 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware

2010-07-23 08:19 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-07-23 06:05 . 2007-05-30 17:33 5427 ----a-w- c:\windows\system32\EGATHDRV.SYS

2010-06-06 12:43 . 2008-07-25 14:57 58640 ----a-w- c:\documents and settings\ltran\Lokale innstillinger\Programdata\GDIPFONTCACHEV1.DAT

2010-06-06 12:43 . 2010-06-06 12:42 -------- d-----w- c:\programfiler\Songr

2010-05-22 07:25 . 2010-05-22 07:25 503808 ----a-w- c:\documents and settings\ltran\Programdata\Sun\Java\Deployment\cache\6.0\46\f84c6ae-5899a5b9-n\msvcp71.dll

2010-05-22 07:25 . 2010-05-22 07:25 499712 ----a-w- c:\documents and settings\ltran\Programdata\Sun\Java\Deployment\cache\6.0\46\f84c6ae-5899a5b9-n\jmc.dll

2010-05-22 07:25 . 2010-05-22 07:25 348160 ----a-w- c:\documents and settings\ltran\Programdata\Sun\Java\Deployment\cache\6.0\46\f84c6ae-5899a5b9-n\msvcr71.dll

2007-06-26 11:31 . 2007-06-26 11:31 318 ------w- c:\programfiler\Snarvei til Preload ©.lnk

2009-08-31 19:07 . 2009-03-29 08:36 23864 ------w- c:\programfiler\mozilla firefox\components\Scriptff.dll

2008-04-25 12:32 . 2008-04-25 12:32 5817064 ------w- c:\programfiler\mozilla firefox\plugins\ScorchPDFWrapper.dll

.

 

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-17 68856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2006-05-25 151552]

"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2006-05-25 208896]

"SynTPLpr"="c:\programfiler\Synaptics\SynTP\SynTPLpr.exe" [2006-02-14 110592]

"SynTPEnh"="c:\programfiler\Synaptics\SynTP\SynTPEnh.exe" [2006-02-14 512000]

"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2006-02-23 237568]

"TPKMAPHELPER"="c:\programfiler\ThinkPad\Utilities\TpKmapAp.exe" [2006-06-02 856064]

"TpShocks"="TpShocks.exe" [2006-03-15 106496]

"TPHOTKEY"="c:\progra~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe" [2006-07-25 94208]

"TP4EX"="tp4ex.exe" [2005-10-16 65536]

"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2006-07-04 110592]

"AMSG"="c:\progra~1\THINKV~2\AMSG\amsg.exe" [2005-11-14 487424]

"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-02-02 122940]

"ISUSPM Startup"="c:\progra~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]

"ISUSScheduler"="c:\programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]

"AwaySch"="c:\programfiler\Lenovo\AwayTask\AwaySch.EXE" [2006-08-16 69632]

"TVT Scheduler Proxy"="c:\programfiler\Fellesfiler\Lenovo\Scheduler\scheduler_proxy.exe" [2006-07-14 503808]

"DiskeeperSystray"="c:\programfiler\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-05-18 196696]

"ACWLIcon"="c:\programfiler\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2007-02-19 110592]

"cssauth"="c:\programfiler\Lenovo\Client Security Solution\cssauth.exe" [2006-07-14 2341632]

"Mouse Suite 98 Daemon"="ICO.EXE" [2003-11-20 57344]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-02-26 131072]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-26 155648]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-02-26 131072]

"USBKeypadMs"="c:\progra~1\USBKEY~1\USBKPad.EXE" [2004-02-23 65536]

"USBKeypad USBKPDrv"="c:\progra~1\USBKEY~1\KPDRV4XP.EXE" [2001-10-25 32768]

"SSBkgdUpdate"="c:\programfiler\Fellesfiler\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]

"PaperPort PTD"="c:\programfiler\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-31 57393]

"IndexSearch"="c:\programfiler\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-31 40960]

"ControlCenter2.0"="c:\programfiler\Brother\ControlCenter2\brctrcen.exe" [2004-11-11 864256]

"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]

"SoundMAXPnP"="c:\programfiler\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]

"ShStatEXE"="c:\programfiler\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2009-08-31 124240]

"QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2009-05-26 413696]

"iTunesHelper"="c:\programfiler\iTunes\iTunesHelper.exe" [2009-07-13 292128]

"McAfeeUpdaterUI"="c:\programfiler\McAfee\Common Framework\udaterui.exe" [2009-09-25 136512]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users\Start-meny\Programmer\Oppstart\

BTTray.lnk - c:\programfiler\ThinkPad\Bluetooth Software\BTTray.exe [2006-5-31 622653]

Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-5-30 24576]

VPN Client.lnk - c:\windows\Installer\{24C67B54-0718-445E-B663-3138D9246BD1}\Icon3E5562ED7.ico [2009-2-8 6144]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"LogonType"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoWelcomeScreen"= 1 (0x1)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify]

2006-08-16 17:07 49152 ------w- c:\programfiler\Lenovo\AwayTask\AwayNotify.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]

2006-04-25 17:20 40448 ------w- c:\windows\system32\psqlpwd.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]

2005-07-05 14:45 28672 ------w- c:\windows\system32\notifyf2.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]

2005-11-30 11:16 24576 ------w- c:\windows\system32\tphklock.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

Notification Packages REG_MULTI_SZ scecli psqlpwd

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programfiler\\Danware Data\\NetOp Remote Control\\HOST\\Nhstw32.exe"=

"c:\\Programfiler\\Bonjour\\mDNSResponder.exe"=

"c:\\Programfiler\\iTunes\\iTunes.exe"=

"c:\\Programfiler\\McAfee\\Common Framework\\FrameworkService.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

 

R1 NHostNT1;NetOp Driver 1 ver. 8.00 (2005048);c:\windows\system32\drivers\NHOSTNT1.SYS [19.05.2008 10:26 65808]

R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\programfiler\McAfee\SiteAdvisor Enterprise\McSACore.exe [06.08.2009 17:53 222528]

R2 McAfeeEngineService;McAfee Engine Service;c:\programfiler\McAfee\VirusScan Enterprise\EngineServer.exe [31.08.2009 21:07 21256]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [29.03.2009 10:36 70728]

R2 NetOp Host for NT Service;NetOp Helper ver. 8.00 (2005048);c:\programfiler\Danware Data\NetOp Remote Control\HOST\NHOSTSVC.EXE [19.05.2008 10:26 1184016]

R2 smi2;smi2;c:\programfiler\SMI2\smi2.sys [14.07.2006 15:55 3968]

R2 smihlp;SMI helper driver;c:\programfiler\ThinkVantage Fingerprint Software\smihlp.sys [25.04.2006 19:00 3456]

R2 USBKBFlt;Dritek USB Keypad Filter;c:\windows\system32\drivers\USBKBFLT.SYS [22.08.2001 08:58 31632]

R3 NHOSTNT3;NetOp Driver 3 ver. 8.00 (2005048) (NHOSTNT3);c:\windows\system32\drivers\NHOSTNT3.SYS [19.05.2008 10:26 3216]

R3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\drivers\covpndrv.sys [04.09.2008 21:53 33920]

S3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltw2k.sys [03.09.2008 20:50 10752]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [29.03.2009 10:36 65448]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [25.02.2006 15:00 14336]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

WINRM REG_MULTI_SZ WINRM

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

 

2010-06-17 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programfiler\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

 

2010-06-06 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

 

2010-07-23 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

 

2010-07-23 c:\windows\Tasks\PMTask.job

- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2007-05-30 16:13]

.

.

------- Tilleggsskanning -------

.

uInternet Settings,ProxyOverride = *.local

DPF: {0CDC8A43-059E-47CD-A3D0-FA46E01F6496} - hxxp://tellus.lawson.com/Tellus/Misc/TellusExportAx.CAB

DPF: {195538FD-1C39-44B1-A7C3-5D7137A8A8F1} - hxxps://vpn.sio.no/vdesk/terminal/f5opswati.cab#Version=6500,2009,1118,1405

DPF: {1C7CF466-F149-478F-B232-BC6F72638D28} - hxxp://tellus.lawson.com/Tellus/Misc/TellusList.CAB

DPF: {30CF9713-6614-4556-B5F5-66F8C7F9DEF1} - hxxps://vpn.sio.no/vdesk/terminal/f5opswati.cab#Version=6500,2009,1118,1405

DPF: {49EC7987-E331-44E3-B170-748B58A268B9} - hxxps://vpn.sio.no/vdesk/terminal/f5opswati.cab#Version=6500,2009,1118,1405

DPF: {B8C681FD-D629-4CCE-90CD-89493F1F2799} - hxxp://wp2.sio-net.no/mwp/ieui/IEMod.cab

DPF: {EBDC91CB-F23F-477D-B152-3F7243760D04} - hxxps://vpn.sio.no/vdesk/terminal/f5opswati.cab#Version=6500,2009,1118,1405

FF - ProfilePath - c:\documents and settings\ltran\Programdata\Mozilla\Firefox\Profiles\3g92zqwf.default\

FF - component: c:\programfiler\Mozilla Firefox\components\Scriptff.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

 

---- FIREFOX POLICIES ----

c:\programfiler\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");

.

- - - - TOMME PEKERE FJERNET - - - -

 

Notify-ACNotify - ACNotify.dll

Notify-NavLogon - (no file)

AddRemove-Install AccountMatch 9.8 - g:\akaoek\bankavstemming\setup\setup.exe

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-07-23 11:49

Windows 5.1.2600 Service Pack 3 NTFS

 

skanner skjulte prosesser ...

 

skanner skjulte autostart-oppføringer ...

 

skanner skjulte filer ...

 

skanning vellykket

skjulte filer: 0

 

**************************************************************************

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

 

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]

"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\

.

--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------

 

- - - - - - - > 'winlogon.exe'(284)

c:\windows\system32\CSGina.dll

c:\windows\system32\vrlogon.dll

c:\programfiler\ThinkPad\ConnectUtilities\ACNotify.dll

c:\programfiler\ThinkPad\ConnectUtilities\AcSvcStub.dll

c:\programfiler\ThinkPad\ConnectUtilities\AcLocSettings.dll

c:\programfiler\ThinkPad\ConnectUtilities\ACHelper.dll

c:\windows\system32\psqlpwd.dll

c:\programfiler\ThinkVantage Fingerprint Software\infra.dll

c:\programfiler\ThinkVantage Fingerprint Software\homefus2.dll

c:\windows\system32\biologon.dll

c:\programfiler\ThinkVantage Fingerprint Software\homepass.dll

c:\programfiler\ThinkVantage Fingerprint Software\bio.dll

c:\programfiler\ThinkVantage Fingerprint Software\remote.dll

c:\windows\system32\tphklock.dll

c:\programfiler\Lenovo\AwayTask\AwayNotify.dll

 

- - - - - - - > 'lsass.exe'(340)

c:\windows\system32\psqlpwd.dll

c:\programfiler\ThinkVantage Fingerprint Software\infra.dll

c:\programfiler\ThinkVantage Fingerprint Software\homefus2.dll

 

- - - - - - - > 'explorer.exe'(5804)

c:\windows\system32\PROCHLP.DLL

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\btncopy.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andre Kjørende Prosesser ------------------------

.

c:\windows\system32\ibmpmsvc.exe

c:\programfiler\Intel\Wireless\Bin\EvtEng.exe

c:\programfiler\Intel\Wireless\Bin\S24EvMon.exe

c:\windows\system32\IPSSVC.EXE

c:\programfiler\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

c:\programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\programfiler\Bonjour\mDNSResponder.exe

c:\programfiler\ThinkPad\Bluetooth Software\bin\btwdins.exe

c:\programfiler\Cisco Systems\VPN Client\cvpnd.exe

c:\programfiler\Diskeeper Corporation\Diskeeper\DkService.exe

c:\programfiler\McAfee\Common Framework\FrameworkService.exe

c:\programfiler\McAfee\VirusScan Enterprise\VsTskMgr.exe

c:\programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\programfiler\Intel\Wireless\Bin\RegSrvc.exe

c:\programfiler\McAfee\Common Framework\naPrdMgr.exe

c:\programfiler\lenovo\system update\suservice.exe

c:\programfiler\Fellesfiler\Lenovo\tvt_reg_monitor_svc.exe

c:\windows\System32\TPHDEXLG.EXE

c:\windows\system32\TpKmpSVC.exe

c:\programfiler\Lenovo\Client Security Solution\tvttcsd.exe

c:\programfiler\Lenovo\Rescue and Recovery\rrservice.exe

c:\programfiler\Fellesfiler\Lenovo\Scheduler\tvtsched.exe

c:\programfiler\Lenovo\Rescue and Recovery\ADM\IUService.exe

c:\programfiler\McAfee\VirusScan Enterprise\Mcshield.exe

c:\programfiler\ThinkPad\ConnectUtilities\AcSvc.exe

c:\programfiler\McAfee\VirusScan Enterprise\mfeann.exe

c:\windows\system32\wbem\wmiapsrv.exe

c:\programfiler\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

c:\programfiler\Intel\Wireless\Bin\Dot1XCfg.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\TpShocks.exe

c:\programfiler\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe

c:\programfiler\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe

c:\windows\system32\ICO.EXE

c:\windows\system32\igfxsrvc.exe

c:\progra~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE

c:\programfiler\iPod\bin\iPodService.exe

c:\programfiler\McAfee\Common Framework\McTray.exe

.

**************************************************************************

.

Tidspunkt ferdig: 2010-07-23 11:55:22 - maskinen ble startet på nytt

ComboFix-quarantined-files.txt 2010-07-23 09:55

 

Pre-Run: 38 092 062 720 byte ledig

Post-Run: 38 627 147 776 byte ledig

 

WindowsXP-KB310994-SP2-Pro-BootDisk-NOR.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 

- - End Of File - - 14BE4804A711402C6AEDB4CAFEF73360

Takk for hjelpen !

mbam-log-2010-07-23 (11-13-23).txt

ComboFix.txt

Piratene får skylda i alt...

Jeg lurer på om en average casual DS-spiller som Nintendo satser på vet om hvordan man piratkopierer spill til DS? Svaret er nei! bare 1 av 100stk jeg vet om med DS, kan piratkopiering.

Problemet ligger ikke i piratkopieringen. Det ligger i at det finnes ingen DS-spill som frister å kjøpe. Lag flere Pokemon-spill, og Nintendo vil sikkert merke en økning av salg.

Jeg tror faktisk vi kommer til å bevege oss mot en spillkrakk akkurat som på 80-tallet etter som man bare lager spill i dag for å tjene penger. Hvis det ikke hadde vært for Nintendo som revolusjonerte med kvalitetspill, så hadde spill for lengs vært dødt.

Tenker meg om 2-3 år, når vi får en del "klone"-spill (spesielt i FPS-sjangeren), så blir det spillkrakk. Det samme skjedde på 80-tallet med alle "klone"-spillene til Atari.

Da er det bare "å skylde på piratkopiering"...

Var det siste jeg var ute etter. Hvordan skjermkort har du?

hjelper dette?

 

Last ned Everest Ultimate Edition:

http://www.lavalys.com/products.php?ps=UE&lang=en&page=10

Kjør programmet og sjekk under skjerm-fanen Da vil du se hvilket grafikkort du har

"Det er ikke sikkert du har hørt om koreaneren Minh Lee"

"Det er ikke sikkert du har hørt om vietnameseren Minh Le"

fixed

http://en.wikipedia.org/wiki/Minh_Le

(jepp, jeg har hørt om han )

Vel, hvis dere ikke får til VT så finnes det alternativer som f.eks

http://mumble.sourceforge.net/

vær varsom med å poste e-mailen deres i åpenheten. Spambots kan fange dem opp, og du får spam istedenfor beta-key i innboksen :P

Jeg og en kamerat spilte dette spillet veldig mye i sommerferien. Det er veldig morsomt

PS3 vil ha 24 spillere maks tror jeg.

PC håper jeg vil ha 64 spillere som på BF2 (mapsene blir større etter antall spillere) + kanskje mods + dedicated servers (ingen lag!) + kanskje mer?

BF2 var kjempebra når det kom ut .D

Aldri kjøp fra Steam. Blir kontoen din disabled/bannet på Steam, mister du alle spillene dine (skjedde med meg en gang uten at jeg fikk vite hvorfor). Det er ganske risky...

Det er noen som spiller alle Final Fantasy-spillene mot donasjoner (charity).

sjekk http://www.thespeedgamers.com/

!!

Her er et program som gjør nøyaktig det du sier

http://www.headbands.com/gspot/

For de som har lyst å flashe LiteOn-drives gratis, kan de bruke denne metoden:

http://xbox-experts.com/e/tutorial.php?n=flashyourliteonf

For å flashe LiteOn's, må man ha en dingseboms som henter DVDKEY'en ut fra LiteOn-rommen. Denne nøkkelen må "sammensmeltes" med iXtreme-firmwaren for at firmwaren skal kunne flashes på LiteOn-rommen.

Denne tutorial viser deg hvordan man kan lage en sånn liten dingseboms selv og bruke det.

Jeg har brukt guiden selv, og det funker utmerket

Guiden kan virke litt forvirrende pga dårlig språk, anbefaler at du studerer andre guider for å forstå hvordan hele prosessen fungerer. Her er enda en: http://prankster.freeserverhost.com/Xbox%2...orial_v1.01.pdf

Anbefaler alle å flashe i DOS. Hadde så mye problemer med å få PCen til å gjenkjenne LiteOn DVD-rommen. Løsningen var å lage en bootable DOS minnepenn med DosFlash (trengs for å hente DVDKEY + å flashe firmwaren) og Firmtool (trengs for å smelte sammen DVDKEY med iXtreme-firmwaren), koble LiteOn i første SATA-port og dra ut alle harddisker og CD/DVD-rommer i PCen så at BARE LiteOn DVD-rommen er koblet til PCen. Hvis ikke, vil ikke DosFlash finne LiteOn DVD-rommen xD.

Sett inn DVDen, trykk på Windows-tast (tasten mellom CTRL og ALT) + E, velg DVD-rommen i sidelinja.

Ser du filene på disken? Hvis ja, kjør filen Sims3setup.exe.

Hvis ikke det fungerer, gå inn på Min Datamaskin (skal være et ikon på skrivebordet) og trykk på CD/DVD-rommen.

Hvis det skjer ingenting, har jeg ingen anelse

The Sims 3 funker fint med Intel Pentium 4 3.0 ghz og ATI Radeon 9800 Pro hos meg. Altså, dette er en PC som er kjøpt rundt 2004.

Spillet funker også fint på skolepcen min (AMD Turion x2 med ATI Radeon X1200) som koster bare 2400kr .

Hvis du klarer å kjøre The Sims 2, skal PCen din klare å trekke The Sims 3 . EA har sikkert tenkt at de som kjøper The Sims 3 ikke har noe form for "gamer"-PC og derfor har skredderskydd spillet for gamle og nye PCer

Spill blir ikke lenger satt på DVD/CD. Man kjøper i stedenfor lisenser for å spille et spill. Lisensene er akkurat som billetter, man eier ikke spillet. Man har bare et lisens for å spille spillet.

Når man har lisensen, kan man laste det ned digitalt fra nettet (Steam, EA Downloader, nye Battle.net, Direct2Drive etc.) eller streame det (www.onlive.com).

Dette er for å hindre piratkopiering.

Installer Hamachi versjon 1.0.1.5 eller lavere. De nyeste fungerer ikke noe særlig bra til gaming.

Sjekk om Windows-brannmur er AV!

Sjekk om andres brannmur er AV!

Sjekk om du har fil-og skrivedeling PÅ!

Hvis du bruker Vista, sjekk om at Hamachis nettverk er satt til PRIVAT NETTVERK.

Hilsen

Jeg tenker meg at de fleste spillselskapene nå til dags satser på crossplattform. Det enkleste ville da vært Xbox360-> PC og PS3.

Jeg tenker også at PS3 vil få de mest unike spillene, i mens Xbox 360 får massevis av spill som ligner på hverandre.

Det er bare mine spekulasjoner. Jeg synes det er bra at det finnes folk som gidder å satse på PS3. Jeg håper Carmack klarer å utnytte systemet til full potensiale .

ESET Smart Security/NOD32 Anti-virus er hvertfall kjent for å være lite ressurskrevende. Hvertfall et plusspoeng hvis du har en treg PC.

Kjører det selv. Funker som fett