Just nu i M3-nätverket
Gå till innehåll
Eforum är stängt för nya inlägg och svar sedan 20 juni 2022. Klicka för att läsa vad som hände och om alternativ.

-aktivitetshanteraren, bildskärm mm lagt av - HJT hjälp!

Plaincollar

Startad av Plaincollar,
i Virus, skadliga program & botemedel

Rekommendera Poster

Plaincollar

Plaincollar

Postad
Postad

Hej

Så är det dags igen....Kan Zipp, Cecilia eller någon annan klippa tolka HTJ-loggen åt mig. Att det finns skit i röret är helt klart men vad skall bort och vilket sätt är bästa för det här??? Smitfraud, Combo, VT etc.

 

(Jag har redan konstaterat att SVCMON.exe är smittad av Tojaner och bakdörrar mm men den vill inte längre vara med på loggarna.?)

Tack på förhand// Pc

 

 

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 12:34:20, on 2007-04-13

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16414)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Intel\Wireless\Bin\EvtEng.exe

C:\Program\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\IPSSVC.EXE

C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Program\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program\Eset\nod32krn.exe

C:\Program\Intel\Wireless\Bin\RegSrvc.exe

C:\Program\Spyware Doctor\sdhelp.exe

c:\program\lenovo\system update\suservice.exe

C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

C:\WINDOWS\System32\TPHDEXLG.exe

C:\WINDOWS\system32\TpKmpSVC.exe

C:\Program\Lenovo\Client Security Solution\tvttcsd.exe

C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

C:\Program\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

C:\Program\Delade filer\Lenovo\Logger\logmon.exe

C:\Program\Windows Media Player\WMPNetwk.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\System32\alg.exe

C:\Program\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\Program\Lenovo\Client Security Solution\cssauth.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\Program\Lenovo\Client Security Solution\tvtpwm_tray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\Synaptics\SynTP\SynTPLpr.exe

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program\ThinkPad\UTILIT~1\EzEjMnAp.Exe

C:\WINDOWS\system32\TpShocks.exe

C:\Program\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

C:\Program\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe

C:\Program\THINKV~2\PrdCtr\LPMGR.exe

C:\Program\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe

C:\Program\Java\jre1.5.0_06\bin\jusched.exe

C:\Program\THINKV~2\AMSG\amsg.exe

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Lenovo\AwayTask\AwaySch.EXE

C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe

C:\Program\Eset\nod32kui.exe

C:\Program\DAEMON Tools\daemon.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\Msrtmon.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Microsoft ActiveSync\wcescomm.exe

C:\Program\ThinkPad\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program\MI3AA1~1\rapimgr.exe

C:\WINDOWS\system32\taskmgr.exe

C:\WINDOWS\explorer.exe

C:\Program\Hijackthis\rensare.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar2.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program\SPYWAR~1\tools\iesdpb.dll

O2 - BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\Program\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [EZEJMNAP] C:\Program\ThinkPad\UTILIT~1\EzEjMnAp.Exe

O4 - HKLM\..\Run: [TpShocks] TpShocks.exe

O4 - HKLM\..\Run: [TPHOTKEY] C:\Program\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

O4 - HKLM\..\Run: [TP4EX] tp4ex.exe

O4 - HKLM\..\Run: [soundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [LPManager] C:\Program\THINKV~2\PrdCtr\LPMGR.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [AMSG] C:\Program\THINKV~2\AMSG\amsg.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [AwaySch] C:\Program\Lenovo\AwayTask\AwaySch.EXE

O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [PDService.exe] "C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe"

O4 - HKLM\..\Run: [cssauth] "C:\Program\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Microsoft] Msrtmon.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [bLOG] rundll32 C:\Program\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog

O4 - HKLM\..\RunServices: [Microsoft] Msrtmon.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [Microsoft] Msrtmon.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program\Lenovo\System Update\sulauncher.exe (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/thinkpad

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174676135780

O17 - HKLM\System\CCS\Services\Tcpip\..\{500C0A63-27C0-4304-82A7-B1B11BDEA929}: NameServer = 195.54.122.200,195.54.122.204

O17 - HKLM\System\CCS\Services\Tcpip\..\{712DDE64-0A11-4CC9-9023-76FDB2C68697}: NameServer = 195.54.122.200,195.54.122.204,81.26.227.3

O17 - HKLM\System\CCS\Services\Tcpip\..\{D9CB868B-8041-4B3A-8AC5-98102FD32183}: NameServer = 195.54.122.200,195.54.122.204

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O20 - Winlogon Notify: AwayNotify - C:\Program\Lenovo\AwayTask\AwayNotify.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: NavLogon - C:\WINDOWSO20 - Winlogon Notify: psfus - C:\WINDOWS\system32\psqlpwd.dll

O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll

O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\ThinkPad\Bluetooth Software\bin\btwdins.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program\Spyware Doctor\sdhelp.exe

O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program\lenovo\system update\suservice.exe

O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe

O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program\Lenovo\Client Security Solution\tvttcsd.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

O23 - Service: tvtnetwk - Unknown owner - C:\Program\Lenovo\Rescue and Recovery\ADM\IUService.exe[/log]

 

Länk till kommentar
Dela på andra webbplatser
Plaincollar

Plaincollar

Postad
  • Trådskapare
Postad

Tack för snabbt svar. Här kommer Msrtmon + nästan hela Svcmon (stoppad). // Pc

 

 

 

 

[log]VirusTotalVirusTotal is a free file analisys service that works using several antivirus engines.

 

 

Select file : DistributeSSL

 

Enter your email, choose the file to be scanned with multiple antivirus engines and click Send.Menu:

News Hot news in the virus/antivirus sector.

Estadisticas Statistics of VirusTotal procesing.

Virustotal More info about Virustotal.

 

 

STATUS: FINISHEDComplete scanning result of "Msrtmon.exe", received in VirusTotal at 04.13.2007, 13:37:46 (CET).

 

Antivirus Version Update Result

AhnLab-V3 2007.4.12.0 04.13.2007 Win32/IRCBot.worm.variant

AntiVir 7.3.1.50 04.13.2007 HEUR/Crypted

Authentium 4.93.8 04.13.2007 no virus found

Avast 4.7.936.0 04.11.2007 no virus found

AVG 7.5.0.447 04.12.2007 no virus found

BitDefender 7.2 04.13.2007 no virus found

CAT-QuickHeal 9.00 04.13.2007 no virus found

ClamAV devel-20070312 04.13.2007 no virus found

DrWeb 4.33 04.13.2007 no virus found

eSafe 7.0.15.0 04.12.2007 no virus found

eTrust-Vet 30.7.3565 04.13.2007 no virus found

Ewido 4.0 04.13.2007 no virus found

FileAdvisor 1 04.13.2007 no virus found

Fortinet 2.85.0.0 04.13.2007 suspicious

F-Prot 4.3.2.48 04.12.2007 no virus found

F-Secure 6.70.13030.0 04.13.2007 no virus found

Ikarus T3.1.1.5 04.13.2007 Backdoor.VB.EV

Kaspersky 4.0.2.24 04.13.2007 no virus found

McAfee 5008 04.13.2007 no virus found

Microsoft 1.2405 04.13.2007 no virus found

NOD32v2 2186 04.13.2007 no virus found

Norman 5.80.02 04.12.2007 no virus found

Panda 9.0.0.4 04.13.2007 W32/Gaobot.OXA.worm

Prevx1 V2 04.13.2007 Covert.Sys.Exec

Sophos 4.16.0 04.12.2007 no virus found

Sunbelt 2.2.907.0 04.07.2007 VIPRE.Suspicious

Symantec 10 04.13.2007 no virus found

TheHacker 6.1.6.088 04.09.2007 no virus found

VBA32 3.11.3 04.13.2007 no virus found

VirusBuster 4.3.7:9 04.12.2007 no virus found

Webwasher-Gateway 6.0.1 04.13.2007 Heuristic.Crypted

 

 

Aditional Information

File size: 1351168 bytes

MD5: b9eaf8f1501f173064778e1f7259ad7a

SHA1: 1914a4a873be82614b154636a698af306e44fe34

packers: Themida

Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=382467182966

Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.

 

 

 

 

+++++++++++++++++++++++++++++++++++++++++++++++

 

 

 

VirusTotalVirusTotal is a free file analisys service that works using several antivirus engines.

 

 

Select file : DistributeSSL

 

Enter your email, choose the file to be scanned with multiple antivirus engines and click Send.Menu:

News Hot news in the virus/antivirus sector.

Estadisticas Statistics of VirusTotal procesing.

Virustotal More info about Virustotal.

 

 

STATUS: STOPPEDService is stopped in this moments. Scanning of your sample has not been finalized and results has been lost. If you wish to scan it, please send it again.

 

Antivirus Version Update Result

AhnLab-V3 2007.4.12.0 04.13.2007 Win-Trojan/Xema.variant

AntiVir 7.3.1.50 04.13.2007 TR/Agent.1392640

Authentium 4.93.8 04.13.2007 no virus found

Avast 4.7.936.0 04.11.2007 no virus found

AVG 7.5.0.447 04.12.2007 no virus found

BitDefender 7.2 04.13.2007 DeepScan:Generic.Malware.G!SKI!!FPWX!!VwPkg.2AEC751D

CAT-QuickHeal 9.00 04.13.2007 no virus found

ClamAV devel-20070312 04.13.2007 no virus found

DrWeb 4.33 04.13.2007 no virus found

eSafe 7.0.15.0 04.12.2007 no virus found

eTrust-Vet 30.7.3565 04.13.2007 no virus found

Ewido 4.0 04.13.2007 Trojan.Agent

FileAdvisor 1 04.13.2007 no virus found

Fortinet 2.85.0.0 04.13.2007 suspicious

F-Prot 4.3.2.48 04.12.2007 no virus found

F-Secure 6.70.13030.0 04.13.2007 no virus found

Ikarus T3.1.1.5 04.13.2007 Backdoor.VB.EV

Kaspersky 4.0.2.24 04.13.2007 no virus found

McAfee 5008 04.13.2007 no virus found

Microsoft 1.2405 04.13.2007 Backdoor:Win32/Rbot!0ABE

NOD32v2 2186 04.13.2007 no virus found

Norman 5.80.02 04.12.2007 no virus found

Panda 9.0.0.4 04.13.2007 W32/Gaobot.OXF.worm

Prevx1 V2 04.13.2007 Covert.Sys.Exec

Sophos 4.16.0 04.12.2007 no virus found

Sunbelt 2.2.907.0 04.07.2007 VIPRE.Suspicious

 

 

Aditional Information

File size: 1392640 bytes

MD5: be0a7b0aab888d1e247b67b0cceb298d

SHA1: 76f5cd617802a16b14429221698e617dffa0caf0

packers: Themida

Prevx info: http://fileinfo.prevx.com/fileinfo.asp?PXC=b90f67182969

Sunbelt info: VIPRE.Suspicious is a generic detection for potential threats that are deemed suspicious through heuristics.[/log]

 

 

 

 

Länk till kommentar
Dela på andra webbplatser
Plaincollar

Plaincollar

Postad
  • Trådskapare
Postad

Så, då har man fått tilllbaka uppkopplingen igen..........här kommer hjt-loggen efter att msrtmon och svcmon är borttagna i felsäkert läge.// Pc

 

 

 

 

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 22:09:53, on 2007-04-14

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16414)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Intel\Wireless\Bin\EvtEng.exe

C:\Program\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\IPSSVC.EXE

C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Program\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program\Eset\nod32krn.exe

C:\Program\Intel\Wireless\Bin\RegSrvc.exe

C:\Program\Spyware Doctor\sdhelp.exe

c:\program\lenovo\system update\suservice.exe

C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

C:\WINDOWS\System32\TPHDEXLG.exe

C:\WINDOWS\system32\TpKmpSVC.exe

C:\Program\Lenovo\Client Security Solution\tvttcsd.exe

C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

C:\Program\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

C:\Program\Delade filer\Lenovo\Logger\logmon.exe

C:\Program\Windows Media Player\WMPNetwk.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program\Lenovo\Client Security Solution\cssauth.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\Program\Lenovo\Client Security Solution\tvtpwm_tray.exe

C:\Program\Intel\Wireless\Bin\Dot1XCfg.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\Synaptics\SynTP\SynTPLpr.exe

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program\ThinkPad\UTILIT~1\EzEjMnAp.Exe

C:\WINDOWS\system32\TpShocks.exe

C:\Program\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

C:\Program\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe

C:\Program\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe

C:\Program\THINKV~2\PrdCtr\LPMGR.exe

C:\Program\Java\jre1.5.0_06\bin\jusched.exe

C:\Program\THINKV~2\AMSG\amsg.exe

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Lenovo\AwayTask\AwaySch.EXE

C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe

C:\Program\Eset\nod32kui.exe

C:\Program\DAEMON Tools\daemon.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Microsoft ActiveSync\wcescomm.exe

C:\Program\ThinkPad\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program\MI3AA1~1\rapimgr.exe

C:\WINDOWS\explorer.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Hijackthis\rensare.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)

O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar2.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program\SPYWAR~1\tools\iesdpb.dll

O2 - BHO: CPwmIEBrowserHelper Object - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\Program\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [EZEJMNAP] C:\Program\ThinkPad\UTILIT~1\EzEjMnAp.Exe

O4 - HKLM\..\Run: [TpShocks] TpShocks.exe

O4 - HKLM\..\Run: [TPHOTKEY] C:\Program\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

O4 - HKLM\..\Run: [TP4EX] tp4ex.exe

O4 - HKLM\..\Run: [soundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [LPManager] C:\Program\THINKV~2\PrdCtr\LPMGR.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [AMSG] C:\Program\THINKV~2\AMSG\amsg.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [AwaySch] C:\Program\Lenovo\AwayTask\AwaySch.EXE

O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [PDService.exe] "C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe"

O4 - HKLM\..\Run: [cssauth] "C:\Program\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [bLOG] rundll32 C:\Program\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe"

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MI3AA1~1\INetRepl.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program\Lenovo\System Update\sulauncher.exe (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/thinkpad

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174676135780

O17 - HKLM\System\CCS\Services\Tcpip\..\{500C0A63-27C0-4304-82A7-B1B11BDEA929}: NameServer = 195.54.122.200,195.54.122.204

O17 - HKLM\System\CCS\Services\Tcpip\..\{712DDE64-0A11-4CC9-9023-76FDB2C68697}: NameServer = 195.54.122.200,195.54.122.204,81.26.227.3

O17 - HKLM\System\CCS\Services\Tcpip\..\{D9CB868B-8041-4B3A-8AC5-98102FD32183}: NameServer = 195.54.122.200,195.54.122.204

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O20 - Winlogon Notify: AwayNotify - C:\Program\Lenovo\AwayTask\AwayNotify.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: NavLogon - C:\WINDOWSO20 - Winlogon Notify: psfus - C:\WINDOWS\system32\psqlpwd.dll

O20 - Winlogon Notify: tpfnf2 - C:\WINDOWS\SYSTEM32\notifyf2.dll

O20 - Winlogon Notify: tphotkey - C:\WINDOWS\SYSTEM32\tphklock.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\ThinkPad\Bluetooth Software\bin\btwdins.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program\Spyware Doctor\sdhelp.exe

O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\program\lenovo\system update\suservice.exe

O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe

O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program\Lenovo\Client Security Solution\tvttcsd.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

O23 - Service: tvtnetwk - Unknown owner - C:\Program\Lenovo\Rescue and Recovery\ADM\IUService.exe[/log]

 

 

 

Länk till kommentar
Dela på andra webbplatser
Zipp.

Zipp.

Postad
Postad

 

Scanna med Hijack bocka i följande rader stäng Web-läsaren och klicka Fix checked

 

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

 

sen är loggen ok.

Avinstallera Java och hämta nyaste här

 

http://www.java.com/sv/

 

Länk till kommentar
Dela på andra webbplatser
Plaincollar

Plaincollar

Postad
  • Trådskapare
Postad

Zipp!

Tack för hjälpen. Nu verkar lådan ren igen. Fortfarande finns inga flikar på "egenskaper för bildskärm" (aktiv.hant. ficka jag dock tillbaka med några abrovinklar) och den är ruskigt seg i start och stäng. Sen om någon har "tips om IBMs "Thinkvantage" vore det greit då hela det paketet stjälper mer än hjälper.

Stort tack Zipp // Pc

 

Länk till kommentar
Dela på andra webbplatser
Zipp.

Zipp.

Postad
Postad

 

> finns inga flikar <

 

Testa detta

 

http://www.majorgeeks.com/Wallpaper_Hijack_Remover_d4816.html

 

[log]> och den är ruskigt seg i start och stäng <

 

Gör en sök på dessa i länken och stäng av dom som inte är viktiga för systemet via msconfig > autostart

hittas inte nån av dom så använd Google istället

 

http://www.bleepingcomputer.com/startups/

 

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\Program\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [EZEJMNAP] C:\Program\ThinkPad\UTILIT~1\EzEjMnAp.Exe

O4 - HKLM\..\Run: [TpShocks] TpShocks.exe

O4 - HKLM\..\Run: [TPHOTKEY] C:\Program\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

O4 - HKLM\..\Run: [TP4EX] tp4ex.exe

O4 - HKLM\..\Run: [soundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [LPManager] C:\Program\THINKV~2\PrdCtr\LPMGR.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [AMSG] C:\Program\THINKV~2\AMSG\amsg.exe

O4 - HKLM\..\Run: [iSUSPM Startup] C:\Program\DELADE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [AwaySch] C:\Program\Lenovo\AwayTask\AwaySch.EXE

O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [PDService.exe] "C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe"

O4 - HKLM\..\Run: [cssauth] "C:\Program\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [bLOG] rundll32 C:\Program\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe"

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe[/log]

 

Länk till kommentar
Dela på andra webbplatser
Plaincollar

Plaincollar

Postad
  • Trådskapare
Postad

Hej igen.

Nu kommer jag inte in i utforskaren, eller kontrollpanelen.

I .msc står det:

(%windir%\security\database\secedit.sdb) Felaktig parameter.

 

I loggen står det:

 

[log]Händelsetyp: Granska lyckade försök

Händelsens källa: Security

Händelsekategori: Privilegierad användning

Händelse-ID: 576

Datum: 2007-04-18

Tid: 00:11:24

Användare: NT INSTANS\NETWORK SERVICE

Dator: ILLER2

Beskrivning:

Särskild behörighet tilldelades till ny inloggning:

Användarnamn: NETWORK SERVICE

Domän: NT INSTANS

Inloggnings-ID: (0x0,0x3E4)

Privilegier: SeAuditPrivilege

SeAssignPrimaryTokenPrivilege

SeChangeNotifyPrivilege

 

Mer information finns i Hjälp- och supportcenter på sidan http://go.microsoft.com/fwlink/events.asp.[/log]

 

Kommer inte in till utforskaren via Run heller. Vad kan ha hänt?

 

MVH Pc

 

Länk till kommentar
Dela på andra webbplatser
Plaincollar

Plaincollar

Postad
  • Trådskapare
Postad

Oj, börjar blanda ihop puckarna. Vet inte riktigt vad som gjorde hur men konttrollpanelen och utforskaren kom tillbaka! :-) Wphjt? Bra sajt för övrigt! Många kb att plocka ner....

Tyvärr är "egenskaper f bildskärm" fortfarande fliklös......segt....men man får väl leva med det.

 

MVH Pc

 

Länk till kommentar
Dela på andra webbplatser
Plaincollar

Plaincollar

Postad
  • Trådskapare
Postad

Haha, där kom dyngan av sig! Funka direkt:thumbsup:.

De e greit!// Pc

 

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

Gå till ämneslista


×
×
  • Skapa nytt...