Enya
-
Innlegg
271 -
Ble med
-
Besøkte siden sist
Innholdstype
Profiler
Forum
Hendelser
Blogger
Om forumet
Innlegg skrevet av Enya
-
-
-
Ny logg
ComboFix 10-09-08.03 - Jørgen 09.09.2010 16:58:32.2.2 - x86 NETWORK
Microsoft Windows 7 Professional 6.1.7600.0.1252.47.1044.18.2975.2335 [GMT 2:00]
Kjører fra: c:\users\Jørgen\Desktop\ComboFix.exe
Command switches brukt :: c:\users\Jørgen\Desktop\CFScript.txt.txt
* Opprettet nytt gjenopprettingspunkt
FILE ::
"c:\users\Jørgen\AppData\Local\869604542. exe"
"c:\users\Jørgen\AppData\Local\869604542.exe"
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Jørgen\AppData\Local\869604542.exe
c:\users\Jørgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.lnk
.
((((((((((((((((((((((((((((((((((((((( Drivere/Tjenester )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_haftqv
((((((((((((((((((((((((((( Filer Opprettet Fra 2010-08-09 til 2010-09-09 )))))))))))))))))))))))))))))))))
.
2010-09-09 15:05 . 2010-09-09 15:05 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-09 15:05 . 2010-09-09 15:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-09 14:04 . 2009-06-04 18:43 330264 ----a-w- c:\windows\system32\drivers\iaStor.sys
2010-09-09 08:16 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-09 08:16 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-08 17:50 . 1996-11-05 14:13 299008 ----a-w- c:\windows\uninst.exe
2010-09-08 17:25 . 2010-09-09 14:37 -------- d-----w- c:\program files\Logic Minimizer
2010-09-08 17:01 . 2010-09-08 18:13 -------- d-----w- c:\windows\Downloaded Installations
2010-09-08 15:17 . 2010-09-08 15:18 -------- d-----w- c:\program files\Calc98
2010-09-07 16:39 . 2010-09-07 16:39 -------- d-----w- c:\program files\CRW
2010-09-07 13:02 . 2010-09-07 13:02 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2010-08-24 09:51 . 2010-09-08 17:51 -------- d-----w- c:\program files\Alvls
2010-08-19 12:03 . 2010-09-09 12:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-19 12:03 . 2010-08-19 12:03 -------- d-----w- c:\programdata\Malwarebytes
2010-08-18 17:24 . 2010-08-18 17:24 -------- d-----w- C:\AMD
2010-08-18 00:52 . 2010-08-18 00:52 -------- d-----w- c:\windows\system32\%LocalAppData%
2010-08-18 00:52 . 2010-08-18 00:52 -------- d-sh--w- c:\windows\system32\%APPDATA%
2010-08-14 20:13 . 2010-06-14 06:12 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-14 20:12 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-08-14 20:12 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-08-14 20:12 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-08-14 20:11 . 2010-06-08 06:02 1233920 ----a-w- c:\windows\system32\msxml3.dll
2010-08-14 20:11 . 2010-06-22 02:47 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-14 20:11 . 2010-06-22 02:47 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-14 20:11 . 2010-06-22 02:47 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-14 20:09 . 2010-06-16 05:48 224256 ----a-w- c:\windows\system32\schannel.dll
2010-08-14 20:08 . 2010-06-19 04:07 2326016 ----a-w- c:\windows\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-09 15:06 . 2010-02-03 21:27 -------- d-----w- c:\program files\Common Files\Akamai
2010-09-09 14:12 . 2009-07-14 07:31 74124 ----a-w- c:\windows\system32\perfc014.dat
2010-09-09 14:12 . 2009-07-14 07:31 448210 ----a-w- c:\windows\system32\perfh014.dat
2010-09-09 12:09 . 2010-04-27 14:35 -------- d-----w- c:\program files\FlashFXP
2010-09-09 08:21 . 2010-02-08 16:50 -------- d-----w- c:\programdata\Microsoft Help
2010-09-08 12:43 . 2010-07-29 16:46 -------- d-----w- c:\program files\Realtek
2010-09-08 12:43 . 2010-02-03 19:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-19 19:47 . 2009-07-13 23:11 13904 ----a-w- c:\windows\system32\drivers\hwpolicy.sys
2010-08-19 07:46 . 2010-08-18 00:27 784 ----a-w- c:\programdata\id.tmp
2010-08-09 01:37 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-07-29 18:23 . 2010-02-03 19:20 -------- d-----w- c:\program files\Intel
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Start-meny
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Skrivebord
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Programdata
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Maler
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Favoritter
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Dokumenter
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\program files\Fellesfiler
2010-07-29 17:19 . 2010-07-29 17:19 21464 ----a-w- c:\windows\system32\emptyregdb.dat
2010-07-29 16:55 . 2010-03-24 21:05 -------- d-----w- c:\program files\VideoLAN
2010-07-29 16:55 . 2010-02-08 14:10 -------- d-----w- c:\program files\uTorrent
2010-07-29 16:55 . 2010-06-24 12:21 -------- d-----w- c:\program files\TmNationsForever
2010-07-29 16:55 . 2010-04-27 15:10 -------- d-----w- c:\program files\Tansee iPhone Transfer Photo
2010-07-29 16:55 . 2010-02-17 16:33 -------- d-----w- c:\program files\Spotify
2010-07-29 16:55 . 2010-02-16 19:57 -------- d-----w- c:\program files\SopCast
2010-07-29 16:55 . 2010-06-12 13:39 -------- d-----w- c:\program files\Sony Ericsson
2010-07-29 16:55 . 2010-02-08 07:55 -------- d-----w- c:\program files\Solid Edge V20
2010-07-29 16:54 . 2010-04-14 10:41 -------- d-----w- c:\program files\QuickTime
2010-07-29 16:54 . 2010-02-12 14:44 -------- d-----w- c:\program files\MSECache
2010-07-29 16:54 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-07-29 16:54 . 2010-04-13 19:30 -------- d-----w- c:\program files\Microsoft.NET
2010-07-29 16:54 . 2010-02-08 16:51 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-07-29 16:54 . 2010-04-13 19:30 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-07-29 16:54 . 2010-04-13 19:30 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-07-29 16:54 . 2010-04-13 19:30 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-07-29 16:54 . 2010-02-18 12:26 -------- d-----w- c:\program files\Microsoft Silverlight
2010-07-29 16:53 . 2010-04-13 19:25 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-07-29 16:53 . 2010-02-23 22:13 -------- d-----w- c:\program files\Microsoft
2010-07-29 16:52 . 2010-04-08 15:48 -------- d-----w- c:\program files\LimeWire
2010-07-29 16:52 . 2010-02-04 15:57 -------- d-----w- c:\program files\Mathcad
2010-07-29 16:52 . 2010-02-03 19:30 -------- d-----w- c:\program files\Launch Manager
2010-07-29 16:52 . 2010-04-14 10:42 -------- d-----w- c:\program files\iTunes
2010-07-29 16:52 . 2010-02-11 10:16 -------- d-----w- c:\program files\Java
2010-07-29 16:51 . 2010-04-14 10:42 -------- d-----w- c:\program files\iPod
2010-07-29 16:51 . 2010-02-23 22:11 -------- d-----w- c:\program files\Common Files\Windows Live
2010-07-29 16:51 . 2010-02-08 16:41 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-07-29 16:51 . 2010-02-11 10:17 -------- d-----w- c:\program files\Common Files\Java
2010-07-29 16:51 . 2010-02-03 22:06 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-07-29 16:51 . 2010-02-03 19:27 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-29 16:51 . 2010-02-03 22:04 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-07-29 16:51 . 2010-02-03 19:32 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-07-29 16:50 . 2010-04-14 10:40 -------- d-----w- c:\program files\Common Files\Apple
2010-07-29 16:50 . 2010-02-04 15:16 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-29 16:50 . 2010-04-14 10:41 -------- d-----w- c:\program files\Bonjour
2010-07-29 16:50 . 2010-02-03 22:04 -------- d-----w- c:\program files\AutoCAD 2010
2010-07-29 16:50 . 2010-02-03 19:47 -------- d-----w- c:\program files\AutomationLabs
2010-07-29 16:50 . 2010-02-03 19:31 -------- d-----w- c:\program files\ATI Technologies
2010-07-29 16:50 . 2010-02-03 19:31 -------- d-----w- c:\program files\ATI
2010-07-29 16:50 . 2010-04-14 10:41 -------- d-----w- c:\program files\Apple Software Update
2010-07-29 16:50 . 2010-02-03 19:36 -------- d-----w- c:\program files\Acer Bio Protection
2010-07-29 16:50 . 2010-02-03 19:38 -------- d-----w- c:\program files\Acer
2010-07-29 16:46 . 2010-07-29 16:46 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-07-29 16:46 . 2010-07-29 16:46 -------- d-----w- c:\program files\Synaptics
2010-07-29 16:46 . 2010-07-29 16:46 0 ----a-w- c:\windows\ativpsrm.bin
2010-06-30 06:25 . 2010-08-14 20:10 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-19 06:33 . 2010-08-14 20:10 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:33 . 2010-08-14 20:10 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-12 13:40 . 2010-06-12 13:40 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-19 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-19 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-19 151064]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-18 1537320]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-06 7600672]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-25 142120]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-27 1191432]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-07-30 180224]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"VitaKeyPdtWzd"="c:\program files\Acer Bio Protection\PdtWzd.exe" [2009-09-05 3567616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCInstallQueue"="netman.dll" [2009-07-14 280576]
c:\users\J›rgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-30 503808]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 795936]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-08 691696]
R0 touerci;touerci;c:\windows\System32\drivers\wljxtnjo.sys [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 16896]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-07 1343400]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-19 172032]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2009-08-24 107016]
S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [2010-02-03 29744]
S2 IGBASVC;EgisTec Service;c:\program files\Acer Bio Protection\BASVC.exe [2009-09-05 3450368]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2009-07-30 118784]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2009-08-19 5068800]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2009-08-19 106496]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd32.sys [2009-08-19 5924864]
S3 netw5v32;Intel® trådløs WiFi-kobling 5000-kortdriver for 32-biters Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-06-12 27632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Tilleggsskanning -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send bilde til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send side til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Jørgen\AppData\Roaming\Mozilla\Firefox\Profiles\lhy4fwex.default\
FF - plugin: c:\progra~1\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - TOMME PEKERE FJERNET - - - -
SafeBoot-dmboot.sys
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,7e,88,28,4e,4b,38,42,9e,a6,36,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,7e,88,28,4e,4b,38,42,9e,a6,36,\
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.URL"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------
- - - - - - - > 'Explorer.exe'(3352)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Acer Bio Protection\CompPtcVUI.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Tidspunkt ferdig: 2010-09-09 17:11:45 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt 2010-09-09 15:11
ComboFix2.txt 2010-09-09 14:21
ComboFix3.txt 2010-01-25 19:23
ComboFix4.txt 2010-01-25 18:34
ComboFix5.txt 2010-09-09 14:57
Pre-Run: 175 421 513 728 byte ledig
Post-Run: 175 350 325 248 byte ledig
- - End Of File - - BB68A957469B8AA814CBE47526C2DF44
Ser ut til å kjøre fint nå, er den ren?
-
MBAM
[skjult]
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Databaseversjon: 4582
Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385
09.09.2010 15:56:23
mbam-log-2010-09-09 (15-56-23).txt
Skanntype: Full skann (C:\|)
Objekter skannet: 264861
Tid tilbakelagt: 55 minutt(er), 17 sekund(er)
Minneprosesser infisert: 0
Minnemoduler infisert: 0
Registernøkler infisert: 0
Registerverdier infisert: 0
Registerfiler infisert: 0
Mapper infisert: 0
Filer infisert 5
Minneprosesser infisert:
(Ingen skadelige objekter funnet)
Minnemoduler infisert:
(Ingen skadelige objekter funnet)
Registernøkler infisert:
(Ingen skadelige objekter funnet)
Registerverdier infisert:
(Ingen skadelige objekter funnet)
Registerfiler infisert:
(Ingen skadelige objekter funnet)
Mapper infisert:
(Ingen skadelige objekter funnet)
Filer infisert
C:\Program Files\FlashFXP\ntshrui.dll (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\dietxug.exe.vir (Trojan.Sasfis) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\nxdm.exe.vir (Trojan.Sasfis) -> Quarantined and deleted successfully.
C:\Users\Jørgen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\3d224be8-3050b1bb (Trojan.Cycler) -> Quarantined and deleted successfully.
C:\Users\Jørgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully.
[/skjult]
Combofix
[skjult]
ComboFix 10-09-08.03 - Jørgen 09.09.2010 16:06:38.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.47.1044.18.2975.2144 [GMT 2:00]
Kjører fra: c:\users\Jørgen\Desktop\ComboFix.exe
* Opprettet nytt gjenopprettingspunkt
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Jørgen\AppData\Local\Windows Server
c:\users\Jørgen\AppData\Local\Windows Server\admin.txt
c:\users\Jørgen\AppData\Local\Windows Server\flags.ini
c:\users\Jørgen\AppData\Local\Windows Server\server.dat
c:\users\Jørgen\AppData\Local\Windows Server\uses32.dat
c:\users\Jørgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.lnk
c:\windows\system32\0.691474118252938.exe
Infisert kopi av c:\windows\system32\DRIVERS\iaStor.sys ble funnet og desinfisert
Gjenopprettet kopi fra - Kitty had a snack
Infisert kopi av c:\windows\system32\wininit.exe ble funnet og desinfisert
Gjenopprettet kopi fra - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
Infisert kopi av c:\windows\explorer.exe ble funnet og desinfisert
Gjenopprettet kopi fra - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2010-08-09 til 2010-09-09 )))))))))))))))))))))))))))))))))
.
2010-09-09 14:16 . 2010-09-09 14:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-09 14:04 . 2009-06-04 18:43 330264 ----a-w- c:\windows\system32\drivers\iaStor.sys
2010-09-09 08:16 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-09 08:16 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-08 17:50 . 1996-11-05 14:13 299008 ----a-w- c:\windows\uninst.exe
2010-09-08 17:25 . 2010-09-08 18:17 -------- d-----w- c:\program files\Logic Minimizer
2010-09-08 17:01 . 2010-09-08 18:13 -------- d-----w- c:\windows\Downloaded Installations
2010-09-08 15:17 . 2010-09-08 15:18 -------- d-----w- c:\program files\Calc98
2010-09-07 16:39 . 2010-09-07 16:39 -------- d-----w- c:\program files\CRW
2010-09-07 13:02 . 2010-09-07 13:02 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2010-08-24 09:51 . 2010-09-08 17:51 -------- d-----w- c:\program files\Alvls
2010-08-19 12:03 . 2010-09-09 12:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-19 12:03 . 2010-08-19 12:03 -------- d-----w- c:\programdata\Malwarebytes
2010-08-18 17:24 . 2010-08-18 17:24 -------- d-----w- C:\AMD
2010-08-18 00:52 . 2010-08-18 00:52 -------- d-----w- c:\windows\system32\%LocalAppData%
2010-08-18 00:52 . 2010-08-18 00:52 -------- d-sh--w- c:\windows\system32\%APPDATA%
2010-08-14 20:13 . 2010-06-14 06:12 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-08-14 20:12 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-08-14 20:12 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-08-14 20:12 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-08-14 20:11 . 2010-06-08 06:02 1233920 ----a-w- c:\windows\system32\msxml3.dll
2010-08-14 20:11 . 2010-06-22 02:47 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-14 20:11 . 2010-06-22 02:47 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-14 20:11 . 2010-06-22 02:47 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-08-14 20:09 . 2010-06-16 05:48 224256 ----a-w- c:\windows\system32\schannel.dll
2010-08-14 20:08 . 2010-06-19 04:07 2326016 ----a-w- c:\windows\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"869604542"="c:\users\Jørgen\AppData\Local\869604542.exe" [2010-09-09 955904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-19 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-19 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-19 151064]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-18 1537320]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-06 7600672]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-25 142120]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-27 1191432]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-07-30 180224]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"VitaKeyPdtWzd"="c:\program files\Acer Bio Protection\PdtWzd.exe" [2009-09-05 3567616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCInstallQueue"="netman.dll" [2009-07-14 280576]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
c:\users\J›rgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-30 503808]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 795936]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
R0 haftqv;haftqv;c:\windows\System32\drivers\muduox.sys [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 16896]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-19 172032]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2009-08-24 107016]
S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [2010-02-03 29744]
S2 IGBASVC;EgisTec Service;c:\program files\Acer Bio Protection\BASVC.exe [2009-09-05 3450368]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2009-08-19 5068800]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2009-08-19 106496]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd32.sys [2009-08-19 5924864]
S3 netw5v32;Intel® trådløs WiFi-kobling 5000-kortdriver for 32-biters Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Tilleggsskanning -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send bilde til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send side til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Jørgen\AppData\Roaming\Mozilla\Firefox\Profiles\lhy4fwex.default\
FF - plugin: c:\progra~1\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Filassosiasjoner -------
.
.scr=AutoCADScriptFile
.
- - - - TOMME PEKERE FJERNET - - - -
SafeBoot-dmio.sys
SafeBoot-dmload.sys
SafeBoot-dmadmin
SafeBoot-dmserver
SafeBoot-SRService
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------
- - - - - - - > 'Explorer.exe'(2252)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Acer Bio Protection\CompPtcVUI.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\DAEMON Tools Lite\DTLite.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Tidspunkt ferdig: 2010-09-09 16:21:48 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt 2010-09-09 14:21
ComboFix2.txt 2010-01-25 19:23
ComboFix3.txt 2010-01-25 18:34
ComboFix4.txt 2010-01-25 15:36
ComboFix5.txt 2010-09-09 14:01
Pre-Run: 175 344 451 584 byte ledig
Post-Run: 175 358 164 992 byte ledig
- - End Of File - - 1454A500A4D34D5A085589682EBA9A9D
[/skjult]
-
Nice, godt utført!
Tar jeg feil viss det er en stålbjelke av et slag?
-
Skal en tur til bergen for å handle en del basisklær i morgen, chinos, jeans, v-hals, t-shirts, sko etc. Har stort sett de senere årene bestilt det meste på nettet, men nå har jeg endelig motet meg opp til å ta en tur i butikker
Det store spørsmålet er, hvor skal jeg handle for å finne dette? Er relativt godt kjendt i Bergen, men ikke på hvilke butikker som har hva og slikt. Noen som kan komme med noen gode tips?
-
Så skjønner jeg dere rett så er det like greit å fortsette med kitobjektivet og etterbehandle bildene. De ekstra millimeterene i brennvidde vil jeg ikke dra nytte av, og begge objektivene er like skarpe?
-
Har tatt de seneste bildene mine både i RAW og jpeg. Har prøvd meg litt på redigering, og det retter jo opp en del, men skal det virkelig være slik at jeg skal etterbehandle nesten alle bildene jeg tar?
Samtidig vet jeg at polariseringsfilter bare fjerner refleksjoner, og legger en ekstra touch på himmel/(gress).
Har lest litt rundt på nettet, og de optiske ytelsene til kitobjektivet og 16-85mm er omtrent lik, stemmer det? I så fall, de ekstra millimeterene i vidvinkel og tele, kan det forsvare et slikt kjøp? (merker at oppgraderingsspøkelse har tatt meg
)Hører med til historien at jeg har tilbud om halvt år gammelt 16-85mm med solblender og polariseringsfilter til 3k, burde jeg slå til?
Blir bare rot dette her, noen som kan sette meg på riktig spor
-
Kjøpte for ca. 1 år siden et Nikon D5000 hus med kitobjektiv (18-55mm?). Har aldri vært helt fornøyd med objektivet, synst ofte fargene blir litt "blasse", og litt uklare.
Nå som jeg snart starter på en lengre rundreise i Asia vurderer jeg et nytt innkjøp, rett og slett fordi jeg nesten er "redd" for å komme hjem med blasse/fargeløse bilder viss jeg bruker kitobjektivet. Motiver vil være alt fra landskap til portrett.
Ser for meg tre muligheter:
1 - Er det rett og slett jeg som er en ubrukelig fotograf, burde trene mer og fortsette med kitobjektivet?
2 - Kjøpe et polariseringsfilter, spriter ikke dette opp fargene litt, men blir vel feil å fotografere med det hele tiden?
3 - Innkjøp av nytt allround objektiv, ser da spesielt på Nikon 16-85mm f/3.5-5.6G ED VR.
Hva tror dere? Tenker mest på nytt objektiv, da gjerne med polariseringsfilter. Vil jeg merke noe markant forskjell i bildekvalitet, eller blir det totalt unødvendig til mitt formål?
-
Pass trenger du, og etter hva jeg kan huske skal det være gyldig i tre mnd fra avreise dato. Tror jeg...
-
Thor kan ikke være mye blid nå. Cavendish var vel hektet av lenge før velten?
-
Herlig, satte litt penger på 2 måls seier til mexico til fine 7,90 i odds. Bare surt at jeg selfølgelig ikke turde å sette mye på det. Så jeg kombinerte den med disse:
Nederland - Japan H 1,43
Slovenia - USA B 2,05
Tyskland - Serbia(0-1)H 2,85
Total odds: 66,00
Innsats: 30kr
Hva tror dere, er det håp? USA driter seg vel ut, har ikke fått inn en eneste bong til nå i VM. Kanskje det har snudd
-
Tomålsseier til Mexico eller Frankrike? 7,90 på mexico frister...
-
Hva tror dere om denne?
Sør Afrika - Uruguay H 3,40
Argentina - Sør Korea H med handicap (0-1) 2,45
Tyskland - Serbia H med handicap (0-1) 2,85
Total odds: 23,74
Med litt flaks vinner Sør-Afrika, men har på følelsen at Sør-Korea kommer til å gi Argentina kamp, så er litt usikker på den andre der... :s
Helt klart vært et forsøk!
Argentina - Sør Korea (0-1) 1 2,45
Hellas - Nigeria 2 1,95
Frankrike - Mexico (0-1) 1 4,60
21,98
Hva tror dere om denne?
Ble bare singel spill på sør afrika for meg.
Frankrike er det ikke mye igjen av, jeg tørr i alle fall ikke sette noen penger på deres kamper
Samme med Hellas, de kan i kjent stil fort finne på å vinne med et mål. -
Hva tror dere om denne?
Sør Afrika - Uruguay H 3,40
Argentina - Sør Korea H med handicap (0-1) 2,45
Tyskland - Serbia H med handicap (0-1) 2,85
Total odds: 23,74
-
Ja, angrer litt på at Paraguay kom med, men blir jo alltid sånn når du setter opp til dels usannsynlige bonger.. Alltid en som ikke vil, denne gangen blir det nok Paraguay..
-
Har denne bongen inne. Ser lovende ut, men er en del kamper igjen som må inn..
Argentina - Nigeria H 1,40 (1-0)
Algerie - Slovenia B 2,25 (0-1)
Serbia - Ghana B 2,50 (0-1)
Tyskland - Australia H med handicap 0-1 2,55
Nederland - Danmark H med handicap 0-1 2,24
Japan - Kamerun B 2,18
Italia - Paraguay B 3,70
Total odds: 362,84
Innsats: 20kr
Tipper den ryker på Paraguay, men er jo lov å håpe
-
Hei!
Lurer på om noen kan hjelpe meg litt her, blir sikkert litt rotetet forklart, men er bare til å spørre etter mer informasjon
Jeg har tenkt til å skrive ett leserinnlegg i lokalavisa etter en særdeles dårlig arrangert pub i bygda. Scenarioet jeg skriver her er bare en av grunnene.
Scenario
Her jeg bor blir det hver påske arrangert en lokalpub, ett arrangement det er 18 årsgrense på. Jeg (20år) og dama (17år) bestemte oss for å ta turen, (for dere som ikke bor på "landet" så går det stort sett greit å komme inn når man er 17år).
Det koster 200kr i inngangspenger for å komme inn, dette betaler vi begge i en billettluke, her blir det ikke spurd etter legitimasjon. Vi er begge fornøyde etter å ha fått bånd på armen, så vi fortsetter videre bortover til inngangsdøren. Her går jeg lett igjenom, mens damen ikke får komme inn siden hun blir spurd om å vise legitimasjon.
Vi tenker da selvfølgelig at hun kan få pengene igjen, noe de ikke går med på.
Scenario slutt
Rundt billettluken var det ingen opplysninger om at det var 18 årsgrense på arrangemanget, viss jeg er "firkantet" nok kunne jeg faktisk ikke vite at det var 18 år for å komme inn.
Siden jeg ikke har så god peiling på juss, og synst der er vanskelig å finne frem på lovdata.no søker jeg hjelp her.
Er måten de gjør det på "selge billetter først, så sjekke legitimasjon" lovlig? Noen som i så fall kan finne en parragraf jeg kan refferere til?
Spar meg for slikt som "hun er 17år og burde holdt seg hjemme". Dersom hun ikke fikk kjøpt billett på grunn av legitimasjonssjek hadde vi selvfølgelig akseptert det, men det er måten de bevist vil tjene penger på å ta betalt for alt som kommer for så å kaste de ut senere.
Takker for hjelp!
Enya
-
Kunne ikke vært mer enig, tenker ofte mye de samme tankene. Hvem skal stå for vedhogging om femti år?
-
Har lagt inn ny mbr så nå er alt bra
-
Trenger tips/hjelp til denne oppgaven:
Sett opp en uendelig rekke for f(x)=x^(1/2) om x=1. Lineariser funksjonen. Bestem en anslagsverdi for sqrt(1,1) ved hjelp av den lineariserte funksjonen. Hva er det største estimeringsavviket da?
Anyone?
-
Kommer ikke inn i sikkerhetsmodus, er en skolepc så jeg mangler passordet. Fikk riktignok komt meg gjennom i vanlig modus etter noen forsøk.
Logg
Klikk for å se/fjerne innholdet nedenforComboFix 10-02-05.04 - suskol 06.02.2010 20:25:26.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.2038.1312 [GMT 1:00]
Kjører fra: c:\documents and settings\suskol\Skrivebord\ComboFix.exe
AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Forrige skanning -------
.
c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\twain_32.dll
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2010-01-06 til 2010-02-06 )))))))))))))))))))))))))))))))))
.
Ingen nye filer opprettet i dette tidsrommet
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-06 19:24 . 2008-04-29 08:37 -------- d-----w- c:\programfiler\Symantec AntiVirus
2010-02-06 15:14 . 2009-05-31 16:58 -------- d-----w- c:\programfiler\Malwarebytes' Anti-Malware
2010-01-31 18:25 . 2008-10-15 08:24 -------- d-----w- c:\programfiler\GeoGebra
2010-01-14 10:12 . 2009-10-11 16:02 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-07 15:07 . 2009-05-31 16:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-05-31 16:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 12:18 . 2008-04-09 04:10 80384 ----a-w- c:\windows\system32\perfc014.dat
2010-01-05 12:18 . 2008-04-09 04:10 444914 ----a-w- c:\windows\system32\perfh014.dat
2009-12-21 19:10 . 2008-04-09 04:10 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-14 07:07 . 2009-12-14 07:07 1647984 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2f1602.vdb\NAVEX32A.DLL
2009-12-14 07:07 . 2009-12-14 07:07 1323568 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2f1602.vdb\NAVEX15.SYS
2009-12-14 07:07 . 2009-12-14 07:07 84912 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2f1602.vdb\NAVENG.SYS
2009-12-14 07:07 . 2009-12-14 07:07 177520 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2f1602.vdb\NAVENG32.DLL
2009-12-14 07:07 . 2009-12-14 07:07 102448 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2f1602.vdb\ERASER.SYS
2009-12-14 07:07 . 2009-12-14 07:07 371248 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2f1602.vdb\EECTRL.SYS
2009-12-14 07:07 . 2009-12-14 07:07 2747440 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2f1602.vdb\CCERASER.DLL
2009-12-14 07:07 . 2009-12-14 07:07 259440 ----a-w- c:\documents and settings\All Users\Programdata\Symantec\Symantec AntiVirus Corporate Edition\7.5\I2_LDVP.VDB\vd2f1602.vdb\ECMSVR32.DLL
2009-11-21 16:03 . 2008-04-09 04:10 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MessengerPlus3"="c:\programfiler\MessengerPlus! 3\MsgPlus.exe" [2008-09-24 190024]
"msnmsgr"="c:\programfiler\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-18 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPHOTKEY"="c:\programfiler\Lenovo\HOTKEY\TPOSDSVC.exe" [2008-01-24 66928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-05 137752]
"TpShocks"="TpShocks.exe" [2007-11-22 181536]
"Apoint"="c:\programfiler\Apoint2K\Apoint.exe" [2007-08-20 172032]
"PSQLLauncher"="c:\programfiler\ThinkVantage Fingerprint Software\launcher.exe" [2007-08-14 48904]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-02-02 122940]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2008-01-10 294912]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2008-01-10 208896]
"TPFNF7"="c:\programfiler\Lenovo\NPDIRECT\TPFNF7SP.exe" [2008-03-26 59680]
"QuickTime Task"="c:\programfiler\QuickTime\qttask.exe" [2008-03-28 413696]
"LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2008-01-11 144728]
"LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2008-01-11 124248]
"ccApp"="c:\programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2007-05-29 52840]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2007-10-07 125368]
"Acrobat Assistant 8.0"="c:\programfiler\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992]
"Adobe Reader Speed Launcher"="c:\programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"TSClientMSIUninstaller"="c:\windows\Installer\TSClientMsiTrans\tscuinst.vbs" [2007-10-30 13801]
"TSClientAXDisabler"="c:\windows\Installer\TSClientMsiTrans\tscdsbl.bat" [2008-01-18 2247]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-08-14 13:54 89600 ----a-w- c:\windows\system32\psqlpwd.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2]
2006-09-06 14:37 34344 ----a-w- c:\programfiler\Lenovo\HOTKEY\notifyf2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]
2007-12-14 14:36 28672 ----a-w- c:\programfiler\Lenovo\HOTKEY\tphklock.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli psqlpwd
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-489248529-1699838375-1845911597-313889\Scripts\Logon]
"Script"=Sym2Server.bat
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programfiler\\Windows Live\\Sync\\WindowsLiveSync.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [16.10.2007 17:32 19504]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [10.03.2009 20:00 54752]
R2 SavRoam;SAVRoam;c:\programfiler\Symantec AntiVirus\SavRoam.exe [07.10.2007 19:48 116664]
R2 smihlp;SMI Helper Driver (smihlp);c:\programfiler\Fellesfiler\ThinkVantage Fingerprint Software\Drivers\smihlp.sys [14.08.2007 14:46 10896]
R2 WinDefend;Windows Defender;c:\programfiler\Windows Defender\MsMpEng.exe [03.11.2006 18:19 13592]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programfiler\Fellesfiler\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [28.08.2009 11:05 102448]
S3 fsssvc;Windows Live Tryggere for familien-tjenesten;c:\programfiler\Windows Live\Family Safety\fsssvc.exe [05.08.2009 22:48 704864]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [09.04.2008 05:10 14336]
--- Andre tjenester/drivere lastet i minnet ---
*Deregistered* - uphcleanhlp
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
WINRM REG_MULTI_SZ WINRM
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
2010-02-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programfiler\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
2010-02-06 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2008-04-22 23:30]
2010-02-06 c:\windows\Tasks\updater.exe.job
- c:\programfiler\Kunnskapsforlaget\Ordnett Pluss\updater.exe [2009-06-17 13:48]
.
.
------- Tilleggsskanning -------
.
uStart Page = hxxp://fuv.hfk.no
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\programfiler\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab
.
- - - - TOMME PEKERE FJERNET - - - -
ActiveSetup-{02F6399F-D184-0735-DFF6-3FCA8D6567B7} - c:\windows\system32\explorer.exe
**************************************************************************
skanner skjulte prosesser ...
skanner skjulte autostart-oppføringer ...
skanner skjulte filer ...
skanning vellykket
skjulte filer:
**************************************************************************
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------
- - - - - - - > 'winlogon.exe'(1176)
c:\windows\system32\vrlogon.dll
c:\windows\system32\psqlpwd.dll
c:\programfiler\ThinkVantage Fingerprint Software\homefus2.dll
c:\programfiler\ThinkVantage Fingerprint Software\infra.dll
c:\programfiler\ThinkVantage Fingerprint Software\homepass.dll
c:\programfiler\ThinkVantage Fingerprint Software\bio.dll
c:\programfiler\ThinkVantage Fingerprint Software\ps2css.dll
c:\programfiler\ThinkVantage Fingerprint Software\remote.dll
c:\programfiler\Lenovo\HOTKEY\tphklock.dll
c:\programfiler\ThinkVantage Fingerprint Software\pscssint.dll
c:\programfiler\ThinkVantage Fingerprint Software\crypto.dll
- - - - - - - > 'lsass.exe'(1236)
c:\windows\system32\psqlpwd.dll
c:\programfiler\ThinkVantage Fingerprint Software\homefus2.dll
c:\programfiler\ThinkVantage Fingerprint Software\infra.dll
.
Tidspunkt ferdig: 2010-02-06 20:34:58
ComboFix-quarantined-files.txt 2010-02-06 19:34
ComboFix2.txt 2009-05-31 22:14
Pre-Run: 81 767 813 120 byte ledig
Post-Run: 81 762 594 816 byte ledig
- - End Of File - - 5148F8DBDE5CA589976970A489F30FCD
-
Hei
Routeren i naboens nettverk "kræsjer" rimelig ofte. Siden jeg ikke finner noe feil i oppsett av nettverk/router søker jeg hjelp her. Kommer til å legge ut logger for en pc om gangen, for å se om de er rene.
Takker for hjelp
Altså, pc nr 1. MBAM viser ren logg, kjørte combofix, men dette resulterte i bluscreen hver gang. Legger derfor ut logg med DDS.
MBAM
Klikk for å se/fjerne innholdet nedenforMalwarebytes' Anti-Malware 1.44
Databaseversjon: 3697
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
06.02.2010 16:35:16
mbam-log-2010-02-06 (16-35-16).txt
Skanntype: Rask Skann
Objekter skannet: 125873
Tid tilbakelagt: 16 minute(s), 32 second(s)
Minneprosesser infisert: 0
Minnemoduler infisert: 0
Registernøkler infisert: 0
Registerverdier infisert: 0
Registerfiler infisert: 0
Mapper infisert: 0
Filer infisert: 0
Minneprosesser infisert:
(Ingen mistenkelige filer funnet)
Minnemoduler infisert:
(Ingen mistenkelige filer funnet)
Registernøkler infisert:
(Ingen mistenkelige filer funnet)
Registerverdier infisert:
(Ingen mistenkelige filer funnet)
Registerfiler infisert:
(Ingen mistenkelige filer funnet)
Mapper infisert:
(Ingen mistenkelige filer funnet)
Filer infisert:
(Ingen mistenkelige filer funnet)
DDS
Klikk for å se/fjerne innholdet nedenforDDS (Ver_09-12-01.01) - NTFSx86
Run by suskol at 17:14:01,10 on 06.02.2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.47.1044.18.2038.1274 [GMT 1:00]
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
============== Running Processes ===============
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Programfiler\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe
C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\acs.exe
C:\Programfiler\Bonjour\mDNSResponder.exe
C:\Programfiler\Symantec AntiVirus\DefWatch.exe
C:\Programfiler\Fellesfiler\InterVideo\RegMgr\iviRegMgr.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Programfiler\Symantec AntiVirus\SavRoam.exe
C:\Programfiler\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programfiler\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\Programfiler\UPHClean\uphclean.exe
C:\WINDOWS\Explorer.EXE
C:\Programfiler\Lenovo\HOTKEY\TPOSDSVC.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Programfiler\Apoint2K\Apoint.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programfiler\Lenovo\NPDIRECT\TPFNF7SP.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Programfiler\Apoint2K\ApMsgFwd.exe
C:\Programfiler\Lenovo\HOTKEY\TPONSCR.exe
C:\Programfiler\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Programfiler\Lenovo\Zoom\TpScrex.exe
C:\Programfiler\Apoint2K\Apntex.exe
C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Programfiler\Windows Live\Messenger\msnmsgr.exe
C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Programfiler\Windows Live\Messenger\msnmsgr.exe
C:\Programfiler\Internet Explorer\iexplore.exe
C:\Programfiler\Internet Explorer\iexplore.exe
C:\Programfiler\Windows Live\Toolbar\wltuser.exe
C:\Programfiler\Internet Explorer\iexplore.exe
C:\Documents and Settings\suskol\Skrivebord\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://fuv.hfk.no
uDefault_Page_URL = hxxp://fuv.hfk.no
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\programfiler\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\programfiler\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\programfiler\fellesfiler\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programfiler\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\programfiler\java\jre1.6.0_05\bin\ssv.dll
BHO: Påloggingshjelp for Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programfiler\fellesfiler\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\programfiler\google\googletoolbar1.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\programfiler\google\googletoolbarnotifier\3.1.807.1746\swg.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programfiler\windows live\toolbar\wltcore.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\programfiler\yahoo!\companion\installs\cpn\yt.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\programfiler\google\googletoolbar1.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programfiler\windows live\toolbar\wltcore.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\programfiler\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [MessengerPlus3] "c:\programfiler\messengerplus! 3\MsgPlus.exe" /WinStart
uRun: [msnmsgr] "c:\programfiler\windows live\messenger\msnmsgr.exe" /background
uRun: [swg] c:\programfiler\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; MathPlayer 2.10d; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.pockgames.com/free-games/290/Barn-Yard-Jersey-Joyride.html"
mRun: [TPHOTKEY] c:\programfiler\lenovo\hotkey\TPOSDSVC.exe
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TpShocks] TpShocks.exe
mRun: [Apoint] c:\programfiler\apoint2k\Apoint.exe
mRun: [PSQLLauncher] "c:\programfiler\thinkvantage fingerprint software\launcher.exe" /startup
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
mRun: rundll32 c:\progra~1\thinkpad\utilit~1\BatLogEx.DLL,StartBattLog
mRun: [TPFNF7] c:\programfiler\lenovo\npdirect\TPFNF7SP.exe /r
mRun: [QuickTime Task] "c:\programfiler\quicktime\qttask.exe" -atboottime
mRun: [LPManager] c:\progra~1\thinkv~2\prdctr\LPMGR.exe
mRun: [LPMailChecker] c:\progra~1\thinkv~2\prdctr\LPMLCHK.exe
mRun: [ccApp] "c:\programfiler\fellesfiler\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [Acrobat Assistant 8.0] "c:\programfiler\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [Adobe_ID0EYTHM] c:\progra~1\felles~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [Adobe Reader Speed Launcher] "c:\programfiler\adobe\reader 8.0\reader\Reader_sl.exe"
dRunOnce: [TSClientAXDisabler] cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programfiler\messenger\msmsgs.exe
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Notify: psfus - c:\windows\system32\psqlpwd.dll
Notify: tpfnf2 - c:\programfiler\lenovo\hotkey\notifyf2.dll
Notify: tphotkey - c:\programfiler\lenovo\hotkey\tphklock.dll
LSA: Notification Packages = scecli psqlpwd
mASetup: {02F6399F-D184-0735-DFF6-3FCA8D6567B7} - c:\windows\system32\explorer.exe
============= SERVICES / DRIVERS ===============
R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2007-10-16 19504]
R1 SAVRT;SAVRT;c:\programfiler\symantec antivirus\savrt.sys [2006-9-6 337592]
R1 SAVRTPEL;SAVRTPEL;c:\programfiler\symantec antivirus\Savrtpel.sys [2006-9-6 54968]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-10 54752]
R2 SavRoam;SAVRoam;c:\programfiler\symantec antivirus\SavRoam.exe [2007-10-7 116664]
R2 WinDefend;Windows Defender;c:\programfiler\windows defender\MsMpEng.exe [2006-11-3 13592]
R3 NAVENG;NAVENG;c:\progra~1\felles~1\symant~1\virusd~1\20100204.006\naveng.sys [2010-2-4 84912]
S2 PEVSystemStart;PEVSystemStart;c:\combofix\PEV.cfxxe [2010-2-6 261632]
=============== Created Last 30 ================
2010-02-06 15:49:50 0 d-s---w- C:\ComboFix
2010-02-06 15:38:09 98816 ----a-w- c:\windows\sed.exe
2010-02-06 15:38:09 77312 ----a-w- c:\windows\MBR.exe
2010-02-06 15:38:09 261632 ----a-w- c:\windows\PEV.exe
2010-02-06 15:38:09 161792 ----a-w- c:\windows\SWREG.exe
2010-02-03 19:58:58 54156 ---ha-w- c:\windows\QTFont.qfn
2010-02-03 19:58:58 1409 ----a-w- c:\windows\QTFont.for
==================== Find3M ====================
2010-01-14 10:12:06 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-07 15:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 12:18:34 80384 ----a-w- c:\windows\system32\perfc014.dat
2010-01-05 12:18:34 444914 ----a-w- c:\windows\system32\perfh014.dat
2009-12-21 19:10:29 916480 ----a-w- c:\windows\system32\wininet.dll
2001-03-28 10:02:58 122880 ----a-w- c:\windows\inf\agfa\message.exe
-
Trenger en kjapp innføring i hvordan jeg løser "rekke oppgaver" i mathcad, altså sjekke om de divergerer eller konvergerer, og hva de går mot (vanlige rekker, potens rekker, laplace). Det skal sies at jeg aldri har brukt mathcad noe særlig.
Har prøvd å lete etter guider på nettet, men har ikke funnet noe brukende. Noen som kan hjelpe? Har lagt ved eksempler på oppgaver.
Takk
-
Hår er dødeceller, ergo, uansett hvor mye lime, kokkosnøttektrakter og annet vidundermiddel du putter i det vil disse cellene forbli døde. Thats a fact !
Eneste du kan gjøre er å farge det mindre slik at det blir mindre slitt
Noen som kan se over loggene, problemer med google søk
i IKT-drift og sikkerhet
Skrevet · Endret av Hårek
Lange logger må inn i spoiler
Malwarebytes logg:
MBAM
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Databaseversjon: 4660
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
23.09.2010 11:10:19
mbam-log-2010-09-23 (11-10-19).txt
Skanntype: Hurtigsøk
Objekter skannet: 141612
Tid tilbakelagt: 4 minutt(er), 14 sekund(er)
Minneprosesser infisert: 0
Minnemoduler infisert: 0
Registernøkler infisert: 0
Registerverdier infisert: 0
Registerfiler infisert: 0
Mapper infisert: 0
Filer infisert 0
Minneprosesser infisert:
(Ingen skadelige objekter funnet)
Minnemoduler infisert:
(Ingen skadelige objekter funnet)
Registernøkler infisert:
(Ingen skadelige objekter funnet)
Registerverdier infisert:
(Ingen skadelige objekter funnet)
Registerfiler infisert:
(Ingen skadelige objekter funnet)
Mapper infisert:
(Ingen skadelige objekter funnet)
Filer infisert
(Ingen skadelige objekter funnet)
Combofix
ComboFix 10-09-22.05 - Jørgen 23.09.2010 11:24:55.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.47.1044.18.2975.1781 [GMT 2:00]
Kjører fra: c:\users\Jørgen\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Public\Documents\Server\admin.txt
c:\windows\system32\0.691474118252938.exe
Infisert kopi av c:\windows\explorer.exe ble funnet og desinfisert
Gjenopprettet kopi fra - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
Infisert kopi av c:\windows\System32\wininit.exe ble funnet og desinfisert
Gjenopprettet kopi fra - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
Infisert kopi av c:\windows\explorer.exe ble funnet og desinfisert
Gjenopprettet kopi fra - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
.
((((((((((((((((((((((((((( Filer Opprettet Fra 2010-08-23 til 2010-09-23 )))))))))))))))))))))))))))))))))
.
2010-09-23 09:31 . 2010-09-23 09:31 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-23 09:31 . 2010-09-23 09:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-21 17:38 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-21 10:36 . 1996-11-05 14:13 299008 ----a-w- c:\windows\uninst.exe
2010-09-20 22:39 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-20 22:39 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-08 17:25 . 2010-09-20 22:20 -------- d-----w- c:\program files\Logic Minimizer
2010-09-08 15:17 . 2010-09-12 20:11 -------- d-----w- c:\program files\Calc98
2010-09-07 16:39 . 2010-09-07 16:39 -------- d-----w- c:\program files\CRW
2010-09-07 13:02 . 2010-09-07 13:02 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2010-08-24 09:51 . 2010-09-21 10:38 -------- d-----w- c:\program files\Alvls
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-23 09:33 . 2010-02-03 21:27 -------- d-----w- c:\program files\Common Files\Akamai
2010-09-23 09:23 . 2010-08-18 00:27 1808 ---ha-w- c:\programdata\id.tmp
2010-09-23 08:12 . 2010-02-08 16:50 -------- d-----w- c:\programdata\Microsoft Help
2010-09-23 08:10 . 2009-07-14 07:31 74124 ----a-w- c:\windows\system32\perfc014.dat
2010-09-23 08:10 . 2009-07-14 07:31 448210 ----a-w- c:\windows\system32\perfh014.dat
2010-09-20 22:39 . 2010-08-19 12:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-20 22:20 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Portable Devices
2010-09-20 22:20 . 2010-07-29 16:46 -------- d-----w- c:\program files\Realtek
2010-09-20 22:20 . 2010-02-18 12:26 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-20 22:20 . 2010-02-17 16:33 -------- d-----w- c:\program files\Spotify
2010-09-20 22:19 . 2010-02-03 19:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-09 12:09 . 2010-04-27 14:35 -------- d-----w- c:\program files\FlashFXP
2010-08-19 19:47 . 2009-07-13 23:11 13904 ----a-w- c:\windows\system32\drivers\hwpolicy.sys
2010-08-19 12:03 . 2010-08-19 12:03 -------- d-----w- c:\programdata\Malwarebytes
2010-08-09 01:37 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-07-29 18:23 . 2010-02-03 19:20 -------- d-----w- c:\program files\Intel
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Start-meny
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Skrivebord
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Programdata
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Maler
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Favoritter
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\programdata\Dokumenter
2010-07-29 18:23 . 2010-07-29 18:23 -------- d-sh--we c:\program files\Fellesfiler
2010-07-29 17:19 . 2010-07-29 17:19 21464 ----a-w- c:\windows\system32\emptyregdb.dat
2010-07-29 16:55 . 2010-03-24 21:05 -------- d-----w- c:\program files\VideoLAN
2010-07-29 16:55 . 2010-02-08 14:10 -------- d-----w- c:\program files\uTorrent
2010-07-29 16:55 . 2010-06-24 12:21 -------- d-----w- c:\program files\TmNationsForever
2010-07-29 16:55 . 2010-04-27 15:10 -------- d-----w- c:\program files\Tansee iPhone Transfer Photo
2010-07-29 16:55 . 2010-02-16 19:57 -------- d-----w- c:\program files\SopCast
2010-07-29 16:55 . 2010-06-12 13:39 -------- d-----w- c:\program files\Sony Ericsson
2010-07-29 16:55 . 2010-02-08 07:55 -------- d-----w- c:\program files\Solid Edge V20
2010-07-29 16:54 . 2010-04-14 10:41 -------- d-----w- c:\program files\QuickTime
2010-07-29 16:54 . 2010-02-12 14:44 -------- d-----w- c:\program files\MSECache
2010-07-29 16:54 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-07-29 16:54 . 2010-04-13 19:30 -------- d-----w- c:\program files\Microsoft.NET
2010-07-29 16:54 . 2010-02-08 16:51 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-07-29 16:54 . 2010-04-13 19:30 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-07-29 16:54 . 2010-04-13 19:30 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-07-29 16:54 . 2010-04-13 19:30 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-07-29 16:53 . 2010-04-13 19:25 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-07-29 16:53 . 2010-02-23 22:13 -------- d-----w- c:\program files\Microsoft
2010-07-29 16:52 . 2010-04-08 15:48 -------- d-----w- c:\program files\LimeWire
2010-07-29 16:52 . 2010-02-04 15:57 -------- d-----w- c:\program files\Mathcad
2010-07-29 16:52 . 2010-02-03 19:30 -------- d-----w- c:\program files\Launch Manager
2010-07-29 16:52 . 2010-04-14 10:42 -------- d-----w- c:\program files\iTunes
2010-07-29 16:52 . 2010-02-11 10:16 -------- d-----w- c:\program files\Java
2010-07-29 16:51 . 2010-04-14 10:42 -------- d-----w- c:\program files\iPod
2010-07-29 16:51 . 2010-02-23 22:11 -------- d-----w- c:\program files\Common Files\Windows Live
2010-07-29 16:51 . 2010-02-08 16:41 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-07-29 16:51 . 2010-02-11 10:17 -------- d-----w- c:\program files\Common Files\Java
2010-07-29 16:51 . 2010-02-03 22:06 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-07-29 16:51 . 2010-02-03 19:27 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-29 16:51 . 2010-02-03 22:04 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-07-29 16:51 . 2010-02-03 19:32 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-07-29 16:50 . 2010-04-14 10:40 -------- d-----w- c:\program files\Common Files\Apple
2010-07-29 16:50 . 2010-02-04 15:16 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-29 16:50 . 2010-04-14 10:41 -------- d-----w- c:\program files\Bonjour
2010-07-29 16:50 . 2010-02-03 22:04 -------- d-----w- c:\program files\AutoCAD 2010
2010-07-29 16:50 . 2010-02-03 19:47 -------- d-----w- c:\program files\AutomationLabs
2010-07-29 16:50 . 2010-02-03 19:31 -------- d-----w- c:\program files\ATI Technologies
2010-07-29 16:50 . 2010-02-03 19:31 -------- d-----w- c:\program files\ATI
2010-07-29 16:50 . 2010-04-14 10:41 -------- d-----w- c:\program files\Apple Software Update
2010-07-29 16:50 . 2010-02-03 19:36 -------- d-----w- c:\program files\Acer Bio Protection
2010-07-29 16:50 . 2010-02-03 19:38 -------- d-----w- c:\program files\Acer
2010-07-29 16:46 . 2010-07-29 16:46 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
2010-07-29 16:46 . 2010-07-29 16:46 -------- d-----w- c:\program files\Synaptics
2010-07-29 16:46 . 2010-07-29 16:46 0 ----a-w- c:\windows\ativpsrm.bin
2010-07-29 06:30 . 2010-08-14 20:12 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-14 20:12 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-06-30 06:25 . 2010-08-14 20:10 978432 ----a-w- c:\windows\system32\wininet.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-19 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-19 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-19 151064]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-18 1537320]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-06 7600672]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-25 142120]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-27 1191432]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-07-30 180224]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"VitaKeyPdtWzd"="c:\program files\Acer Bio Protection\PdtWzd.exe" [2009-09-05 3567616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCInstallQueue"="netman.dll" [2009-07-14 280576]
c:\users\J›rgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-3-30 503808]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 795936]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptbehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptbehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-08 691696]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 16896]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-07 1343400]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-19 172032]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2009-08-24 107016]
S2 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys);c:\windows\system32\Drivers\FPSensor.sys [2010-02-03 29744]
S2 IGBASVC;EgisTec Service;c:\program files\Acer Bio Protection\BASVC.exe [2009-09-05 3450368]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2009-07-30 118784]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2009-08-19 5068800]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2009-08-19 106496]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd32.sys [2009-08-19 5924864]
S3 netw5v32;Intel® trådløs WiFi-kobling 5000-kortdriver for 32-biters Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-06-12 27632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
.
------- Tilleggsskanning -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send bilde til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send side til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Jørgen\AppData\Roaming\Mozilla\Firefox\Profiles\lhy4fwex.default\
FF - plugin: c:\progra~1\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".no");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- Filassosiasjoner -------
.
.scr=AutoCADScriptFile
.
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,7e,88,28,4e,4b,38,42,9e,a6,36,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,7e,88,28,4e,4b,38,42,9e,a6,36,\
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.URL"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLL'er Lastet Av Kjørende Prosesser ---------------------
- - - - - - - > 'Explorer.exe'(2704)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Acer Bio Protection\CompPtcVUI.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Tidspunkt ferdig: 2010-09-23 11:38:45 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt 2010-09-23 09:38
ComboFix2.txt 2010-09-09 15:11
ComboFix3.txt 2010-09-09 14:21
ComboFix4.txt 2010-01-25 19:23
ComboFix5.txt 2010-09-23 09:22
Pre-Run: 209 743 421 440 byte ledig
Post-Run: 209 611 169 792 byte ledig
- - End Of File - - 08B1E9141C9ED23ECD4447ED13DFDA87