Just nu i M3-nätverket
Jump to content

winlogon.exe drar CPU


lenhen

Recommended Posts

Hej!

Jag har en Lenovo ThinkPad T60 och stör mig på något som beter sig som ett virus. Processen winlogon.exe tar mellan 30% och 100% CPU hela tiden och slöar därmed ner min PC. Dessutom beter sig IE på ett konstigt sätt och hänger sig. (Som tur är kör jag mest Firefox och Opera.)Ibland försvinner ikoner och fonter ändras. Jag har sökt på nätet för att hitta något om detta problem och hittat en hel del. Har därför laddad ner ett speciellt program från Symantec som skall fixa ett liknande problem (FixVundo) - utan resultat. Har dessutom senaste AV-programvaran från Symantec och har kört en scan av hela min PC utan att den hittat något virus/adware. Körde dessutom senaste Ad-Aware och den hittade heller någon adware på min PC.

 

Alla tips mottas tacksamt!!!

 

/Lelle

 

Link to comment
Share on other sites

Här kommer loggen från HiJackThis.

 

Tack på förhand!

--------------------------------------

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 20:07:01, on 2007-06-01

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Intel\Wireless\Bin\EvtEng.exe

C:\Program\Intel\Wireless\Bin\S24EvMon.exe

C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

C:\Program\Delade filer\Symantec Shared\ccProxy.exe

C:\Program\Symantec Client Security\Symantec Client Firewall\ISSVC.exe

C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\IPSSVC.EXE

C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program\IBM\SQLLIB\BIN\db2mgmtsvc.exe

C:\Program\Symantec Client Security\Symantec AntiVirus\DefWatch.exe

C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

c:\program\lenovo\system update\suservice.exe

C:\Program\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe

C:\Program\Symantec Client Security\Symantec Client Firewall\SymSPort.exe

C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

C:\WINDOWS\System32\TPHDEXLG.EXE

C:\WINDOWS\system32\TpKmpSVC.exe

C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program\IBM\SQLLIB\bin\db2dasstm.exe

C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

C:\Program\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Program\Delade filer\Lenovo\Logger\logmon.exe

C:\Program\IBM\SQLLIB\BIN\db2sec.exe

C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\Program\Lenovo\Client Security Solution\cssauth.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\Synaptics\SynTP\SynTPLpr.exe

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program\ThinkPad\UTILIT~1\EzEjMnAp.Exe

C:\WINDOWS\system32\TpShocks.exe

C:\Program\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

C:\Program\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program\THINKV~2\PrdCtr\LPMGR.exe

C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program\Java\jre1.5.0_10\bin\jusched.exe

C:\Program\THINKV~2\AMSG\amsg.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Lenovo\AwayTask\AwaySch.EXE

C:\Program\ThinkPad\ConnectUtilities\ACTray.exe

C:\Program\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\Program\Picasa2\PicasaMediaDetector.exe

C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe

C:\Program\Lenovo\Client Security Solution\cssauth.exe

C:\Program\Google\Google Desktop Search\GoogleDesktopIndex.exe

C:\Program\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe

C:\Program\IBM\SQLLIB\BIN\db2systray.exe

C:\Program\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe

C:\Program\DAP\DAP.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program\Bredbandsbolaget\Servicecenter\servicecenter.exe

C:\Program\QuickTime\qttask.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\Program\SYMANT~1\SYMANT~2\VPTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

C:\Program\Skype\Phone\Skype.exe

C:\Program\Google\Google Desktop Search\GoogleDesktopCrawl.exe

C:\Program\Windows Media Player\WMPNSCFG.exe

C:\Program\iPod\bin\iPodService.exe

C:\Program\ThinkPad\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program\ThinkPad\BLUETO~1\BTSTAC~1.EXE

C:\Program\Skype\Plugin Manager\SkypePM.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Documents and Settings\Len\Skrivbord\HiJackThis_v2.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bredbandsbolaget.se/mittkonto

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar2.dll

O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\Program\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: [bLOG] rundll32 C:\Program\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog

O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [EZEJMNAP] C:\Program\ThinkPad\UTILIT~1\EzEjMnAp.Exe

O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program\ThinkPad\Program\TpKmapAp.exe -helper

O4 - HKLM\..\Run: [TpShocks] TpShocks.exe

O4 - HKLM\..\Run: [TPHOTKEY] C:\Program\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

O4 - HKLM\..\Run: [TP4EX] tp4ex.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [LPManager] C:\Program\THINKV~2\PrdCtr\LPMGR.exe

O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.5.0_10\bin\jusched.exe"

O4 - HKLM\..\Run: [AMSG] C:\Program\THINKV~2\AMSG\amsg.exe

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program\Delade filer\Installshield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [AwaySch] C:\Program\Lenovo\AwayTask\AwaySch.EXE

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [ACTray] C:\Program\ThinkPad\ConnectUtilities\ACTray.exe

O4 - HKLM\..\Run: [ACWLIcon] C:\Program\ThinkPad\ConnectUtilities\ACWLIcon.exe

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PDService.exe] "C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe"

O4 - HKLM\..\Run: [cssauth] "C:\Program\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [DB2COPY1 - db2systray.exe DB2] C:\Program\IBM\SQLLIB\BIN\db2systray.exe DB2

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program\DAP\DAP.EXE" /STARTUP

O4 - HKLM\..\Run: [bredbandsbolaget] "C:\Program\Bredbandsbolaget\Servicecenter\servicecenter.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\Program\SYMANT~1\SYMANT~2\VPTray.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1070574465-3657711369-3409556268-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'db2admin')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = ?

O8 - Extra context menu item: &Clean Traces - C:\Program\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program\DAP\dapextie2.htm

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka till &Bluetooth-enhet... - C:\Program\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program\Lenovo\System Update\sulauncher.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/thinkpad

O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1169246162610

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O20 - Winlogon Notify: AwayNotify - C:\Program\Lenovo\AwayTask\AwayNotify.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\ThinkPad\Bluetooth Software\bin\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

O23 - Service: DB2 - DB2COPY1 - DB2-0 (DB2-0) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\bin\db2syscs.exe

O23 - Service: DB2DAS - DB2DAS00 (DB2DAS00) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\\bin\db2dasrrm.exe

O23 - Service: DB2 Governor (DB2COPY1) (DB2GOVERNOR_DB2COPY1) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\BIN\db2govds.exe

O23 - Service: DB2 License Server (DB2COPY1) (DB2LICD_DB2COPY1) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\BIN\db2licd.exe

O23 - Service: DB2 Management Service (DB2COPY1) (DB2MGMTSVC_DB2COPY1) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\BIN\db2mgmtsvc.exe

O23 - Service: DB2 Security Server (DB2COPY1) (DB2NTSECSERVER_DB2COPY1) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\BIN\db2sec.exe

O23 - Service: DB2 Remote Command Server (DB2COPY1) (DB2REMOTECMD_DB2COPY1) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\BIN\db2rcmd.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program\Symantec Client Security\Symantec AntiVirus\DefWatch.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE

O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program\Symantec Client Security\Symantec Client Firewall\ISSVC.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program\Symantec Client Security\Symantec AntiVirus\SavRoam.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: System Update (SUService) - - c:\program\lenovo\system update\suservice.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe

O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program\Symantec Client Security\Symantec Client Firewall\SymSPort.exe

O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE

O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program\Lenovo\Client Security Solution\tvttcsd.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

O23 - Service: tvtnetwk - Unknown owner - C:\Program\Lenovo\Rescue and Recovery\ADM\IUService.exe

 

--

End of file - 17415 bytes

 

 

 

Link to comment
Share on other sites

 

men har väl sett några tusen loggor men den här va den värsta. inte att det finns nåt dåligt utan att det är för mycket av allt. det är väl uppåt 100 processer och 50 program/processer som startar med windows varje gång.

 

nu är det fel att jämföra med in dator eftersom den är inte representativ som en normal dator men säg att 35 processer är normalt och 10 autostartande program (jag har 26/4)

 

jag vet inte vad alla dina program gör men gå igen alla 04 rader och kolla dom du känner igen. ställ dig frågan vad tjänar jag på att just det programmet startar med windows

(symanec, synatics och CTFMON.EXE måste finnas där)

 

hittar du ett program så kan gå in i det programmet och leta efter inställning som kan heta run at startup och är det en bock där.

du kanske hittar program som du vet att du aldrig kommer använda, då kan du ju avinstallera det.

 

problemet är att nu att datorn orkar inte alla aktiva processer eller så kanske några program krockar...

 

Link to comment
Share on other sites

Ja, visst är det många processer men det är normalt inga problem. Många har med hårdvaran att göra (levereras med PCn av Lenovo). Som sagt, normalt har jag inga problem - det är först på senare tid när winlogon.exe har fått spel och drar massor av CPU. Jag ser ingen koppling mellan antalet processer och att winlogon.exe drar CPU.

 

 

Link to comment
Share on other sites

vad jag känner till så är problem med winlogon ovanliga och jag håller med men kan du med säkerhet säga att det inte är nåt program som är orsaken till problemet?

jag kan inte säga att det är så men datorproblem kan visa sig väldigt märkliga och vad jag tror mig veta så hör winogon ihop med andra windowsprocesser

 

den winlogn som du har är ju den riktiga men den kan bli infekterad så om du vill då kan du scanna filen. jag tycker att man borde se nåt annat som adware, trojan eller mask i datorn utöver det och du borde märka andra fel.

scanna filen här

http://www.virustotal.com/en/indexf.html

 

kolla winlogon med ett program som heter process explorer. programmet ska va uppdelat i ett övre och undre fönster och när du scrollar i det nedre så kan det blinka till rött och i ditt fall så kanske det lyser rött. kanske den raden kan ge dig info men allt detta är bara spekulation

 

[inlägget ändrat 2007-06-02 00:01:31 av 927]

Link to comment
Share on other sites

Hej!

 

Jag provade att köra Pandas viruskontroll på min maskin och den hittade 17 virus och 37 spyware som den desinfekterade. Sedan dess går maskinen lika bra som förut och i normalläge så går det bara åt någon enstaka procent CPU.

 

Jag använde http://www.pandasoftware.com/products/activescan.htm för att göra en scan av min maskin.

 

Tack för ditt engagemang!

 

Link to comment
Share on other sites

 

skulle varit roligt att se panda loggen

 

sen så va det nog inte virus och adware tar inte panda bort online (om det inte ändrats nyligen)

 

kan du posta en ny hjt logg så kanske man ser nån skillnad

 

Link to comment
Share on other sites

Här är Panda-loggen.

 

-------------------------

 

Incident Status Location

 

Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[statse.webtrendslive.com/]

Spyware:Cookie/Research-int Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.research-int.se/]

Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.adtech.de/]

Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.doubleclick.net/]

Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.advertising.com/]

Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.tradedoubler.com/]

Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.2o7.net/]

Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.atdmt.com/]

Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.hitbox.com/]

Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.mediaplex.com/]

Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.statcounter.com/]

Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.casalemedia.com/]

Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.fastclick.net/]

Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.bravenet.com/]

Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.tribalfusion.com/]

Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.atwola.com/]

Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.burstnet.com/]

Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.overture.com/]

Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.questionmarket.com/]

Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[hc2.humanclick.com/]

Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[hc2.humanclick.com/hc/24894229]

Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.zedo.com/]

Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.realmedia.com/]

Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.ehg-dig.hitbox.com/]

Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.go.com/]

Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[.trafficmp.com/]

Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Len\Application Data\Mozilla\Firefox\Profiles\an04fef8.default\cookies.txt[counter.hitslink.com/]

Virus:Trj/Alanchum.OH Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Inbox[~0002535.~][Full Story.exe]

Virus:Trj/Alanchum.OD Renamed C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Inbox[~0002539.~][Full Story.exe]

Virus:Trj/Alanchum.PO Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Inbox[Flash Postcard.exe]

Virus:W32/Nurech.A.worm Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Inbox[Greeting Postcard.exe]

Virus:W32/Nurech.A.worm Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Inbox[~0004352.~][Postcard.exe]

Virus:W32/Nuwar.B.worm Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[~0000839.~][postcard.exe]

Virus:Trj/Alanchum.OD Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[~0001095.~][Full Story.exe]

Virus:Trj/Alanchum.OH Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[~0001097.~][Full Story.exe]

Virus:Trj/Alanchum.PJ Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[~0001272.~][Greeting Postcard.exe]

Virus:Trj/Alanchum.PO Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[Flash Postcard.exe]

Virus:W32/Nurech.A.worm Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[~0001582.~][flash postcard.exe]

Virus:W32/Nurech.A.worm Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[Greeting Postcard.exe]

Virus:W32/Nurech.A.worm Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[~0001739.~][Greeting Postcard.exe]

Virus:W32/Nurech.A.worm Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[~0001740.~][Postcard.exe]

Virus:W32/Nurech.A.worm Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[~0001741.~][postcard.exe]

Virus:W32/Nurech.A.worm Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[~0001754.~][Postcard.exe]

Virus:W32/Nurech.A.worm Disinfected C:\Documents and Settings\Len\Application Data\Thunderbird\Profiles\dd0c1276.default\Mail\pop.forss.net\Trash[~0001755.~][Postcard.exe]

Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Len\Cookies\len@adtech[2].txt

Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Len\Cookies\len@advertising[1].txt

Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Len\Cookies\len@atwola[1].txt

Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Len\Cookies\len@burstnet[1].txt

Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Len\Cookies\len@doubleclick[1].txt

Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Len\Cookies\len@errorsafe[2].txt

Spyware:Cookie/Screensavers Not disinfected C:\Documents and Settings\Len\Cookies\len@i.screensavers[1].txt

Spyware:Cookie/Research-int Not disinfected C:\Documents and Settings\Len\Cookies\len@research-int[2].txt

Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Len\Cookies\len@www3.addfreestats[1].txt

Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Len\Cookies\len@xiti[1].txt

 

 

 

Link to comment
Share on other sites

Här är en ny HijackThis logg.

 

-------------------------------------

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 15:13:56, on 2007-06-02

Platform: Windows XP SP2 (WinNT 5.01.2600)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Intel\Wireless\Bin\EvtEng.exe

C:\Program\Intel\Wireless\Bin\S24EvMon.exe

C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

C:\Program\Delade filer\Symantec Shared\ccProxy.exe

C:\Program\Symantec Client Security\Symantec Client Firewall\ISSVC.exe

C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\IPSSVC.EXE

C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Program\ThinkPad\Bluetooth Software\bin\btwdins.exe

C:\Program\IBM\SQLLIB\BIN\db2mgmtsvc.exe

C:\Program\Symantec Client Security\Symantec AntiVirus\DefWatch.exe

C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

c:\program\lenovo\system update\suservice.exe

C:\Program\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe

C:\Program\Symantec Client Security\Symantec Client Firewall\SymSPort.exe

C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

C:\WINDOWS\System32\TPHDEXLG.EXE

C:\WINDOWS\system32\TpKmpSVC.exe

C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program\IBM\SQLLIB\bin\db2dasstm.exe

C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

C:\Program\Lenovo\Rescue and Recovery\ADM\IUService.exe

C:\Program\Delade filer\Lenovo\Logger\logmon.exe

C:\Program\IBM\SQLLIB\BIN\db2sec.exe

C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\Program\Lenovo\Client Security Solution\cssauth.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\Synaptics\SynTP\SynTPLpr.exe

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\Program\ThinkPad\UTILIT~1\EzEjMnAp.Exe

C:\WINDOWS\system32\TpShocks.exe

C:\Program\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

C:\Program\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program\THINKV~2\PrdCtr\LPMGR.exe

C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program\Java\jre1.5.0_10\bin\jusched.exe

C:\Program\THINKV~2\AMSG\amsg.exe

C:\WINDOWS\System32\DLA\DLACTRLW.EXE

C:\Program\Delade filer\InstallShield\UpdateService\issch.exe

C:\Program\Lenovo\AwayTask\AwaySch.EXE

C:\Program\ThinkPad\ConnectUtilities\ACTray.exe

C:\Program\ThinkPad\ConnectUtilities\ACWLIcon.exe

C:\Program\Picasa2\PicasaMediaDetector.exe

C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe

C:\Program\Lenovo\Client Security Solution\cssauth.exe

C:\Program\Google\Google Desktop Search\GoogleDesktopIndex.exe

C:\Program\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe

C:\Program\IBM\SQLLIB\BIN\db2systray.exe

C:\Program\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe

C:\Program\DAP\DAP.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program\Bredbandsbolaget\Servicecenter\servicecenter.exe

C:\Program\QuickTime\qttask.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\Program\SYMANT~1\SYMANT~2\VPTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

C:\Program\Skype\Phone\Skype.exe

C:\Program\Google\Google Desktop Search\GoogleDesktopCrawl.exe

C:\Program\Windows Media Player\WMPNSCFG.exe

C:\Program\iPod\bin\iPodService.exe

C:\Program\ThinkPad\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program\ThinkPad\BLUETO~1\BTSTAC~1.EXE

C:\Program\Skype\Plugin Manager\SkypePM.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program\Internet Explorer\iexplore.exe

C:\PROGRAM\MOZILL~2\THUNDE~1.EXE

C:\Program\Adobe\Reader 8.0\Reader\AcroRd32Info.exe

C:\Documents and Settings\Len\Skrivbord\HiJackThis_v2.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bredbandsbolaget.se/mittkonto

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar2.dll

O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\Program\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: [bLOG] rundll32 C:\Program\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog

O4 - HKLM\..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [EZEJMNAP] C:\Program\ThinkPad\UTILIT~1\EzEjMnAp.Exe

O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program\ThinkPad\Program\TpKmapAp.exe -helper

O4 - HKLM\..\Run: [TpShocks] TpShocks.exe

O4 - HKLM\..\Run: [TPHOTKEY] C:\Program\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe

O4 - HKLM\..\Run: [TP4EX] tp4ex.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe /tray

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [LPManager] C:\Program\THINKV~2\PrdCtr\LPMGR.exe

O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program\Delade filer\Lenovo\Scheduler\scheduler_proxy.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.5.0_10\bin\jusched.exe"

O4 - HKLM\..\Run: [AMSG] C:\Program\THINKV~2\AMSG\amsg.exe

O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program\Delade filer\Installshield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [AwaySch] C:\Program\Lenovo\AwayTask\AwaySch.EXE

O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program\Diskeeper Corporation\Diskeeper\DkIcon.exe"

O4 - HKLM\..\Run: [ACTray] C:\Program\ThinkPad\ConnectUtilities\ACTray.exe

O4 - HKLM\..\Run: [ACWLIcon] C:\Program\ThinkPad\ConnectUtilities\ACWLIcon.exe

O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program\Picasa2\PicasaMediaDetector.exe

O4 - HKLM\..\Run: [PDService.exe] "C:\Program\Lenovo\SafeGuard PrivateDisk\pdservice.exe"

O4 - HKLM\..\Run: [cssauth] "C:\Program\Lenovo\Client Security Solution\cssauth.exe" silent

O4 - HKLM\..\Run: [DB2COPY1 - db2systray.exe DB2] C:\Program\IBM\SQLLIB\BIN\db2systray.exe DB2

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program\DAP\DAP.EXE" /STARTUP

O4 - HKLM\..\Run: [bredbandsbolaget] "C:\Program\Bredbandsbolaget\Servicecenter\servicecenter.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\Program\SYMANT~1\SYMANT~2\VPTray.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [skype] "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1070574465-3657711369-3409556268-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'db2admin')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = ?

O8 - Extra context menu item: &Clean Traces - C:\Program\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program\DAP\dapextie2.htm

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Skicka till &Bluetooth-enhet... - C:\Program\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program\Lenovo\System Update\sulauncher.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/thinkpad

O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/activedata/nprdtinf.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1169246162610

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program\DELADE~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\Program\Google\GOOGLE~1\GOEC62~1.DLL

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O20 - Winlogon Notify: AwayNotify - C:\Program\Lenovo\AwayTask\AwayNotify.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program\ThinkPad\ConnectUtilities\AcSvc.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program\ThinkPad\Bluetooth Software\bin\btwdins.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

O23 - Service: DB2 - DB2COPY1 - DB2-0 (DB2-0) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\bin\db2syscs.exe

O23 - Service: DB2DAS - DB2DAS00 (DB2DAS00) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\\bin\db2dasrrm.exe

O23 - Service: DB2 Governor (DB2COPY1) (DB2GOVERNOR_DB2COPY1) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\BIN\db2govds.exe

O23 - Service: DB2 License Server (DB2COPY1) (DB2LICD_DB2COPY1) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\BIN\db2licd.exe

O23 - Service: DB2 Management Service (DB2COPY1) (DB2MGMTSVC_DB2COPY1) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\BIN\db2mgmtsvc.exe

O23 - Service: DB2 Security Server (DB2COPY1) (DB2NTSECSERVER_DB2COPY1) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\BIN\db2sec.exe

O23 - Service: DB2 Remote Command Server (DB2COPY1) (DB2REMOTECMD_DB2COPY1) - International Business Machines Corporation - C:\Program\IBM\SQLLIB\BIN\db2rcmd.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program\Symantec Client Security\Symantec AntiVirus\DefWatch.exe

O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE

O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program\Symantec Client Security\Symantec Client Firewall\ISSVC.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program\Symantec Client Security\Symantec AntiVirus\SavRoam.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: System Update (SUService) - - c:\program\lenovo\system update\suservice.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe

O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program\Symantec Client Security\Symantec Client Firewall\SymSPort.exe

O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program\Delade filer\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE

O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program\Lenovo\Client Security Solution\tvttcsd.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program\Delade filer\Lenovo\Scheduler\tvtsched.exe

O23 - Service: tvtnetwk - Unknown owner - C:\Program\Lenovo\Rescue and Recovery\ADM\IUService.exe

 

--

End of file - 17686 bytes

 

 

Link to comment
Share on other sites

 

det är ju diverse mail som fanns i inkorgen och papperskorgen som är borttagna, det är ju inget som påverkar datorns prestanda.

det du ska fundera över är ju när dessa kom in och om norton är inställt på att scanna åtmindstånde inkommande mail för det måste varit under en längre tid eftersom det va ju rätt så många mail.

 

panda kallar ju cookies för spyware (felaktigt anser jag) och sånt tas inte bort

 

alltså tycker jag att det är mystiskt att winlogon krånga och att den inte krånglar nu. då får väl se om det återkomer

 

Link to comment
Share on other sites

Ja, det är inte helt enkelt att se något samband, men jag är ju nöjd med att winlogon.exe inte längre tar massa CPU i onödan.

 

Norton tar alltid massa tid på sig att scanna både utgående och ingående e-post. Det är lite märkligt att Norton inte hittade det som Panda kallar virus/spyware.

 

Link to comment
Share on other sites

 

kanske är så att du inte scannat hela datorn med norton på länge. när problemen dyker upp så finns det inte i nortons databas men tex 1-14 dagar senare så finns det så därför hittas dom i efterhand. å andra sidan är det ju inget som säger att just dina filer var nya problem norton är inte känt för att ha hög detektion som tex kaspersky har

 

jag tycker det verkas om att alla program detekterar cookies olika men eftersom det bara en en simplel txt fil så är det ju inget att bry sig om

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...