Just nu i M3-nätverket
Jump to content

Så var det dags igen....


Plaincollar

Recommended Posts

Plaincollar

Min processor ligger konstant på 50%. Ett uppenbart fel är att när jag stänger av datorn så fastnar den i "vänta - inställningar sparas". Jag har väntat i två timmar som mest men den hänger kvar. Processerna som belastar är i huvudsak Winlogon.exe och Svchost.exe. Jag har kört Malwarebytes, SB S&D, Superantispyware samt PC-Doktorn För Windows. Allt utan anmärkning. Har något rasat? Kör XP SP3, Thinkpad T60.

Det här fyller min systemlogg till fullo:

 

Händelsetyp: Varning

Händelsens källa: ACPIEC

Händelsekategori: Ingen

Händelse-ID: 3

Datum: 2009-04-27

Tid: 13:42:05

Användare: Saknas

Dator: MINPAD

Beskrivning:

\Device\ACPIEC: Den inbäddade styrenheten returnerade data som inte begärts. Detta kan bero på att BIOS inkorrekt försöker få åtkomst till EC utan att synkronisera med operativsystemet. Datan ignoreras.

Mer information finns i Hjälp- och supportcenter på sidan http://go.microsoft.com/fwlink/events.asp.

 

Kan någon offra sig och ta en titt på bifogad HJL

 

TACK! // Pc

 

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 08:11:58, on 2009-05-02

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Intel\Wireless\Bin\S24EvMon.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\IPSSVC.EXE

C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program\Intel\Wireless\Bin\EvtEng.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program\Eset\nod32krn.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Program\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

C:\WINDOWS\System32\TPHDEXLG.exe

C:\WINDOWS\system32\TpKmpSVC.exe

C:\Program\ThinkPad\Program\TpKmapMn.exe

C:\Program\ThinkPad\Program\TpKmapMn.exe

C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

C:\Program\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Program\Viewpoint\Common\ViewpointService.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program\Delade filer\Lenovo\Logger\logmon.exe

C:\Program\Lenovo\Client Security Solution\cssauth.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\Program\Lenovo\Client Security Solution\tvtpwm_tray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program\Lenovo\HOTKEY\TPOSDSVC.exe

C:\Program\Lenovo\AwayTask\AwaySch.EXE

C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program\THINKV~2\PrdCtr\LPMGR.exe

C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe

C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\Program\Eset\nod32kui.exe

C:\Program\Lenovo\HOTKEY\TPONSCR.exe

C:\Program\Synaptics\SynTP\SynTPLpr.exe

C:\Program\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\MSN Messenger\msnmsgr.exe

C:\Program\Spybot - Search & Destroy\TeaTimer.exe

C:\Program\SMS från Datorn Stand Alone\mw.exe

C:\Program\ThinkPad\Program\TpKmapMn.exe

C:\Program\ThinkPad\Bluetooth Software\BTTray.exe

C:\Documents and Settings\Skallebang\Start-meny\Program\Autostart\qaccess.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program\Styler\Styler.exe

C:\Program\TPFanControl\TPFanControl.exe

C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program\MSN Messenger\usnsvc.exe

C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program\Windows NT\Tillbehör\WORDPAD.EXE

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\MICROS~2\OFFICE11\OUTLOOK.EXE

C:\Program\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe

C:\My Downloads\ProcessExplorer\procexp.exe

C:\WINDOWS\system32\mspaint.exe

C:\Program\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/'>http://www.google.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade

 

filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft

 

Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program\Adobe\Acrobat 8.0

 

\Acrobat\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: TBHelper Class - {E46A2169-E328-471A-9788-F2B52BB9C681} - C:\Program\SMS från Datorn Stand Alone\miebho1.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program\Lenovo\Client Security

 

Solution\tvtpwm_ie_com.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: SMS från Datorn - {6B49F76B-190A-4FC6-83EA-BAAD234BAFF8} - C:\Program\SMS från Datorn Stand Alone\mie1.dll

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program\Styler\TB\StylerTB.dll

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\Program\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [TPHOTKEY] C:\Program\Lenovo\HOTKEY\TPOSDSVC.exe

O4 - HKLM\..\Run: [AwaySch] C:\Program\Lenovo\AwayTask\AwaySch.EXE

O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

O4 - HKLM\..\Run: [cssauth] "C:\Program\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [LPManager] C:\Program\THINKV~2\PrdCtr\LPMGR.exe

O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program\ThinkPad\Program\TpKmapAp.exe -helper

O4 - HKLM\..\Run: [PDService.exe] "C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [nod32kui] "C:\Program\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe"

 

/startoptions

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DWQueuedReporting] "C:\Program\DELADE~1\MICROS~1\DW\dwtrig20.exe" -t

O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [sMS från Datorn Stand Alone] "C:\Program\SMS från Datorn Stand Alone\mw.exe" /AutoStart

O4 - HKCU\..\Run: [TPKMAPMN] C:\Program\ThinkPad\Program\TpKmapMn.exe

O4 - HKCU\..\Run: [spybot - Search & Destroy] C:\Program\Spybot - Search & Destroy\SpybotSD.exe

O4 - HKCU\..\Run: [spywareBlaster] C:\Program\SpywareBlaster\spywareblaster.exe

O4 - HKCU\..\Run: [update Service] "C:\Program\Delade filer\Teknum Systems\update.exe" /startup

O4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program\Uniblue\RegistryBooster 2\RegistryBooster.exe /S

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - Startup: qaccess.exe

O4 - Startup: Styler.lnk = ?

O4 - Startup: TPFanControl.lnk = C:\Program\TPFanControl\TPFanControl.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program\Delade

 

filer\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to existing PDF - res://C:\Program\Adobe\Acrobat 8.0

 

\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0

 

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program\Adobe\Acrobat 8.0

 

\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0

 

\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program\Adobe\Acrobat 8.0

 

\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0

 

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program\Adobe\Acrobat 8.0

 

\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program\Adobe\Acrobat 8.0

 

\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka som MMS... - file://C:\Program\SMS från Datorn Stand Alone\sendmms.htm

O8 - Extra context menu item: Skicka som SMS... - file://C:\Program\SMS från Datorn Stand Alone\sendsms.htm

O8 - Extra context menu item: Skicka till &Bluetooth-enhet... - C:\Program\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Skicka till Bluetooth - C:\Program\ThinkPad\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client

 

Security Solution\tvtpwm_ie_com.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~3\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~3\INetRepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~3\INetRepl.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\ThinkPad\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\ThinkPad\Bluetooth

 

Software\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

 

Diagnostic\xpnetdiag.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/thinkpad

O15 - Trusted Zone: http://www.ewido.net

O15 - Trusted Zone: http://www.google.se

O15 - Trusted Zone: http://www.skandia.se

O15 - Trusted Zone: www.teknikmagasinet.se

O15 - Trusted Zone: http://forum.thinkpads.com

O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) -

 

http://kc.support.telia.se/sdccommon/download/tgctlsi.cab

O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) -

 

http://kc.support.telia.se/sdccommon/download/tgctlcm.cab

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -

 

http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) -

 

https://support.microsoft.com/OAS/ActiveX/MSDcode.cab

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab

O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab

O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

 

http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {5BF56AD2-E297-416E-BC49-000005000031} - https://cve.trust.telia.com/teliaelegupgrade/iidsetup.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

 

http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1179431131531

O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - http://www-307.ibm.com/pc/support/IbmEgath.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD5/JSCDL/jre/6u11-

 

b90/jinstall-6u11-windows-i586-jc.cab?

 

AuthParam=1232154204_16e1af6546255a537b5c41a38920c022&GroupName=JSC&FilePath=/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows

 

-i586-jc.cab&File=jinstall-6u11-windows-i586-jc.cab&BHost=javadl.sun.com

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -

 

http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BE415DD9-C50D-46AA-9B5D-37F2EEBBBFE6} (acpRunner Class) - https://www-

 

307.ibm.com/pc/support/access/aslibmain/content/AcpControl.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game02.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -

 

http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

 

http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) -

 

http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe

O16 - DPF: {FCFB1252-202F-4A19-82BD-C1EDC3127B86} (OnlinePCAnalyzer.ReportControl) -

 

http://www.proffs.nu/analyzer/OnlinePCAnalyzer.CAB

O17 - HKLM\System\CCS\Services\Tcpip\..\{392F3535-DC31-4335-8A71-0D87CD98E6BE}: NameServer = 195.54.122.200,195.54.122.204

O17 - HKLM\System\CS4\Services\Tcpip\..\{392F3535-DC31-4335-8A71-0D87CD98E6BE}: NameServer = 195.54.122.200,195.54.122.204

O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL C:\WINDOWS\system32\guard32.dll

O20 - Winlogon Notify: AwayNotify - C:\Program\Lenovo\AwayTask\AwayNotify.dll

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\ThinkPad\Bluetooth Software\bin\btwdins.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet

 

Publisher\FNPLicensingService.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32

 

\IDriverT.exe

O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program\Eset\nod32krn.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program\Spyware Doctor\pctsSvc.exe

O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe

O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program\Lenovo\Client Security Solution\tvttcsd.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

O23 - Service: tvtnetwk - Unknown owner - C:\Program\Lenovo\Rescue and Recovery\ADM\IUService.exe

O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program\Viewpoint\Common\ViewpointService.exe

 

--

End of file - 17569 bytes[/log]

 

[bild bifogad 2009-05-02 08:35:02 av Plaincollar]

1138010_thumb.jpg

Link to comment
Share on other sites

Det är en gammal Java-version med säkerhetshål i datorn. Jag rekommenderar dig att installera en ny från http://www.java.com/sv/ och därefter avinstallera alla Java och J2SE utom den senaste i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

 

O23 - Service: Viewpoint Service - Viewpoint Corporation - C:\Program\Viewpoint\Common\ViewpointService.exe

Viewpoint är inget skadligt program men det kommer oftast in i datorn när man installerar något annat. Om du inte använder det så avinstallera det.

 

Angående loggboken så läs http://winhlp.com/node/43

 

 

Link to comment
Share on other sites

Plaincollar

Hej Cecilia

Jag gjorde som du sa men det ville sig inte riktigt så jag chansade på Combofix: (utdrag)

 

 

[log]ComboFix 09-05-02.4 - Skallebang 2009-05-03 0:27.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.2550.1943 [GMT 2:00]

Körs från: c:\my downloads\ComboFix.exe

AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated)

* Resident AV is active

 

.

 

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\Downloaded Program Files\ODCTOOLS

c:\windows\IE4 Error Log.txt

c:\windows\system32\404Fix.exe

c:\windows\system32\dumphive.exe

c:\windows\system32\IEDFix.C.exe

c:\windows\system32\IEDFix.exe

c:\windows\system32\Process.exe

c:\windows\system32\SrchSTS.exe

c:\windows\system32\TDSSrpyh.dat

c:\windows\system32\tmp.reg

c:\windows\system32\VACFix.exe

c:\windows\system32\VCCLSID.exe

c:\windows\system32\WS2Fix.exe

 

.

((((((((((((((((((((((((((((((((((((((( Drivrutiner/Tjänster )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_TDSSSERV.SYS

-------\Service_TDSSserv.sys

 

 

(((((((((((((((((((((((( Filer Skapade från 2009-04-02 till 2009-05-02 ))))))))))))))))))))))))))))))

.

 

2009-05-02 22:45 . 2009-05-02 22:45 53248 ----a-w c:\temp\catchme.dll

2009-05-02 22:39 . 2008-05-29 06:16 158960 ----a-w c:\temp\SSUPDATE.EXE

2009-05-02 22:38 . 2009-05-02 22:38 -------- d-----w c:\temp\WPDNSE

2009-05-02 22:31 . 2009-05-02 22:31 60416 ----a-w c:\temp\Perflib_Perfdata__755.dat

2009-05-02 20:26 . 2005-09-07 12:59 94208 ----a-w c:\windows\system32\IcdYsys.dll

2009-05-02 20:26 . 2005-10-13 18:33 151552 ----a-w c:\windows\system32\IcdShlex.dll

2009-05-02 20:26 . 2001-03-07 13:23 81920 ----a-w c:\windows\syste[/log]

 

Sen löste det sig, kom tillbaka och men försvann igen. So far so good.

 

Tack för din hjälp! // Pc

 

 

 

Link to comment
Share on other sites

Surfa till http://www.virustotal.com (fungerar bäst med Internet Explorer) klistra in följande filnamn i rutan, tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) här.

c:\temp\SSUPDATE.EXE

 

ComboFix tog bort en del men det kan nog fortfarande finnas kvar en del (men du klistrade inte in hela loggen). Ta bort den ComboFix du har för har nog uppdaterats nu efter fyra dagar, följ anvisningarna nedan noga för bästa resultat. Ladda ner en ny ComboFix till Skrivbordet:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

[log]Stäng av alla program du ser inklusive antivirusprogram och antispionprogram men lämna brandväggen på.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara ja.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när den körs annars kan den hänga upp sig.

 

När den är färdig så ska en logg komma upp, bifoga den till ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.[/log]

 

Varning! ComboFix förhindrar automatisk körning av CD, disketter och USB-enheter för att göra det lättare att rensa datorn och skydda datorn mot infektioner i framtiden. Det kan bli problem t ex om datorn har internet via ett USB-modem eller USB-nätverkskort. Säg då till i stället för att köra ComboFix.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...