jeg trenger hjelp med svchost.exe!

[Kristoymii]

hei jeg har et lite problem....når jeg starter dataen min eller har den på lenge eller starter et spill slår dataen min seg av!! når jeg starter den igjen får jeg en feilmelding om svchost.exe... hva kan jeg gjøre for å fikse det??

[serrghi]

Dette var utrolig lite informasjon å gå på.

[Kristoymii]

jeg lasta ned hijackthis å lagde en logg... vet ikke hva det er til, men det stod at jeg skulle lage en logg å lage et nytt emne og lime in loggenog forklare problemet mitt...her er loggen!

 

Logfile of HijackThis v1.99.1

Scan saved at 14:31:26, on 15.05.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Programfiler\Skype\Phone\Skype.exe

C:\Programfiler\MSN Messenger\MsnMsgr.Exe

C:\Programfiler\Steam\Steam.exe

C:\Programfiler\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe

C:\Programfiler\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Skype\Plugin Manager\skypePM.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Kristoffer\Skrivebord\Ny mappe\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programfiler\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [steam] "C:\Programfiler\Steam\Steam.exe" -silent

O4 - Global Startup: AutoStart IR.lnk = C:\Programfiler\WinTV\Ir.exe

O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Programfiler\RALINK\RT2500 Wireless LAN Card\Installer\WINXP\RaConfig2500.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programfiler\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O15 - Trusted Zone: http://asia.msi.com.tw

O15 - Trusted Zone: http://global.msi.com.tw

O15 - Trusted Zone: http://www.msi.com.tw

O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FELLES~1\Skype\SKYPE4~1.DLL

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporati

Endret 15. mai 2008 av kristofferBE

[serrghi]

svchost er et bibliotek eller noe til dll filer, ikke helt sikker, du får google. Dette er mest sannsynligvis hardware relatert.

[norbat]

Det er gjerne noen services (tjenester) som kjører under svchost. Det du kan forsøke er følgende:

 

Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'.

 

Hent deretter Combofix, og legg det på skrivebordet

 

Kjør combofix.exe, og følg veiledningen.

 

Post loggfilen fra combofix (c:\combofix.txt), så ser vi om den kan si noe om dette er malware-relatert.

[Kristoymii]

Her er loggen fra ComboFix

 

ComboFix 08-05-15.3 - Bruker 2008-05-16 16:57:48.3 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.242 [GMT 2:00]

Running from: C:\Documents and Settings\Bruker\Skrivebord\ComboFix.exe

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\WINDOWS\system32\nsr264.dll

.

---- Previous Run -------

.

C:\WINDOWS\svchost.exe

C:\WINDOWS\system32\dcads-remove.exe

 

.

((((((((((((((((((((((((( Files Created from 2008-04-16 to 2008-05-16 )))))))))))))))))))))))))))))))

.

 

2008-05-16 15:28 . 2008-05-16 15:28 <DIR> dr-h----- C:\Documents and Settings\Bruker\Siste

2008-05-16 15:26 . 2008-05-16 15:26 <DIR> d-------- C:\Programfiler\CCleaner

2008-05-15 11:59 . 2008-05-15 14:17 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys

2008-05-15 11:57 . 2008-05-15 14:20 <DIR> d-------- C:\Documents and Settings\Bruker\.housecall6.6

2008-05-12 17:56 . 2008-05-12 17:56 <DIR> d-------- C:\Programfiler\Fellesfiler\Blizzard Entertainment

2008-05-11 20:32 . 2008-05-11 20:32 <DIR> d-------- C:\Documents and Settings\Bruker\Programdata\.BitTornado

2008-05-11 19:24 . 2008-05-11 19:24 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Azureus

2008-05-11 19:23 . 2008-05-11 22:42 <DIR> d-------- C:\Documents and Settings\Bruker\Programdata\Azureus

2008-05-11 18:23 . 2008-05-11 18:23 <DIR> d-------- C:\Documents and Settings\Bruker\Programdata\DAEMON Tools

2008-05-11 18:23 . 2008-05-11 18:23 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys

2008-05-05 21:29 . 2008-05-05 21:44 318 --a------ C:\WINDOWS\WPE PRO.INI

2008-05-04 18:03 . 2008-05-13 19:54 <DIR> d-------- C:\Programfiler\Cheat Engine

2008-05-04 01:18 . 2008-05-04 01:18 249,856 --------- C:\WINDOWS\Setup1.exe

2008-05-04 01:18 . 2008-05-04 01:18 73,216 --a------ C:\WINDOWS\ST6UNST.EXE

2008-05-03 22:36 . 2008-05-03 22:36 54,156 --ah----- C:\WINDOWS\QTFont.qfn

2008-05-03 22:36 . 2008-05-03 22:36 1,409 --a------ C:\WINDOWS\QTFont.for

2008-04-18 18:24 . 2008-04-18 18:24 <DIR> d-------- C:\Programfiler\Warcraft III

2008-04-18 17:30 . 2007-12-04 16:44 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS

2008-04-18 17:17 . 2005-09-20 10:36 139,264 --a------ C:\WINDOWS\system32\igfxres.dll

2008-04-18 13:40 . 2008-04-18 13:40 36,864 --a------ C:\WINDOWS\key.dat

2008-04-18 13:40 . 2008-04-18 13:40 36,864 --a------ C:\Documents and Settings\Bruker\true.exe

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-05-11 17:06 --------- d-----w C:\Documents and Settings\Bruker\Programdata\LimeWire

2008-05-08 07:05 --------- d-----w C:\Documents and Settings\Bruker\Programdata\Skype

2008-05-08 07:04 --------- d-----w C:\Documents and Settings\Bruker\Programdata\skypePM

2008-05-04 17:43 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll

2008-04-27 14:23 --------- d-----w C:\Documents and Settings\All Users\Programdata\WinZip

2008-04-19 07:52 --------- d-----w C:\Programfiler\Eraser

2008-04-18 18:05 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll

2008-04-18 18:05 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll

2008-04-18 18:05 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll

2008-04-18 10:55 --------- d--h--w C:\Programfiler\InstallShield Installation Information

2008-04-18 10:55 --------- d-----w C:\Programfiler\Full Tilt Poker

2008-04-18 10:54 --------- d-----w C:\Programfiler\PokerStars

2008-04-14 13:25 --------- d-----w C:\Documents and Settings\Bruker\Programdata\Microgaming

2008-04-01 21:00 --------- d-----w C:\Programfiler\Betsson Poker

2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll

2008-03-25 04:51 166,688 ----a-w C:\WINDOWS\system32\msjint40.dll

2008-03-20 08:11 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-17 15:15 --------- d-----w C:\Programfiler\PremiumSoft

2008-03-17 15:15 --------- d-----w C:\Programfiler\MySQL

2008-03-01 13:05 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2008-01-29 18:50 32 ----a-w C:\Documents and Settings\All Users\Programdata\ezsid.dat

2006-03-24 13:55 19,560 ----a-w C:\Documents and Settings\Bruker\Programdata\GDIPFONTCACHEV1.DAT

1998-10-14 09:19 10,000 ----a-w C:\WINDOWS\inf\unregpn.exe

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{733716E1-76D2-4003-AC39-845281C0EF85}]

2008-02-08 19:53 233472 --a------ C:\WINDOWS\system32\nsr25.dll

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Programfiler\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:03 15360]

"swg"="C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-10 16:33 68856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"svchost.exe"="C:\WINDOWS\svchost.exe" [ ]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 10:03 15360]

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{93994DE8-8239-4655-B1D1-5F4E91300429}"= C:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 03:18 49152]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CAVRID]

--a------ 2007-05-03 14:28 230928 C:\Programfiler\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cctray]

--a------ 2007-08-28 21:21 177416 C:\Programfiler\CA\CA Internet Security Suite\cctray\cctray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

--a------ 2004-08-04 10:03 15360 C:\WINDOWS\system32\ctfmon.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]

--a------ 2003-07-25 12:15 536576 C:\Programfiler\Eraser\eraser.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

--a------ 2005-02-17 00:11 49152 C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

--a------ 2005-09-20 10:32 77824 C:\WINDOWS\system32\hkcmd.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

--a------ 2005-09-20 10:36 114688 C:\WINDOWS\system32\igfxpers.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

--a------ 2005-09-20 10:35 94208 C:\WINDOWS\system32\igfxtray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

--a------ 2007-12-11 13:10 267048 C:\Programfiler\iTunes\iTunesHelper.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

--a------ 2007-10-18 12:34 5724184 C:\Programfiler\Windows Live\Messenger\msnmsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Programfiler\QuickTime\QTTask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

-ra------ 2007-12-07 16:08 21686568 C:\Programfiler\Skype\Phone\Skype.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

--a------ 2004-02-26 10:53 65024 C:\WINDOWS\SOUNDMAN.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]

--a------ 2008-04-16 16:18 1271032 D:\Steam.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2007-09-25 02:11 132496 C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

--a------ 2007-08-10 16:33 68856 C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"FirewallOverride"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Programfiler\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Programfiler\\iTunes\\iTunes.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Programfiler\\Windows Live\\Messenger\\livecall.exe"=

"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe"=

"D:\\steamapps\\black_dog_with_rabbies\\counter-strike source\\hl2.exe"=

"C:\\Programfiler\\Skype\\Phone\\Skype.exe"=

"D:\\World of Warcraft\\WoW-2.4.0-enGB-downloader.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"9842:TCP"= 9842:TCP:*:Disabled:SolidNetworkManager

"9842:UDP"= 9842:UDP:*:Disabled:SolidNetworkManager

"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

"6119:TCP"= 6119:TCP:Warcraft III

 

S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys [2007-10-31 15:09]

S3 wampapache;wampapache;"c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe" -k runservice []

S3 wampmysqld;wampmysqld;c:\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe wampmysqld []

 

.

Contents of the 'Scheduled Tasks' folder

"2008-04-07 07:54:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Programfiler\Apple Software Update\SoftwareUpdate.exe

"2008-05-15 11:47:04 C:\WINDOWS\Tasks\Se etter oppdateringer for Windows Live Toolbar.job"

- C:\Programfiler\Windows Live Toolbar\MSNTBUP.EXE

.

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-05-16 17:01:03

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

 

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySQL]

"ImagePath"="\"C:\Programfiler\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"C:\Programfiler\MySQL\MySQL Server 5.0\my.ini\" MySQL"

.

Completion time: 2008-05-16 17:04:45

ComboFix-quarantined-files.txt 2008-05-16 15:04:15

 

Pre-Run: 12,297,003,008 byte ledig

Post-Run: 12,388,073,472 byte ledig

 

166 --- E O F --- 2008-05-15 09:49:30

Endret 16. mai 2008 av kristofferBE

[norbat]

svchost-problemet ditt er/var relatert til malware. Fortsett med følgnede:

 

Last ned gratisversjonen til SAS, installer, oppdater og kjør en Quick Scan på C:

 

Åpne deretter notisblokk og kopier inn det som står i fet skrift under, lagre fila på skrivebordet som CFScript

Dra deretter fila over Combofix-iconet. Combofix vil starte igjen.

Registry::

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{733716E1-76D2-4003-AC39-845281C0EF85}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"svchost.exe"=-

 

Post den nye Combofix-loggen + loggen fra SAS (preferences->statistics/logs)

[Kristoymii]

dette kommer til å ta litt tid....fordi dataen min skrur seg av vært 5. minutt :O

Endret 16. mai 2008 av kristofferBE

[norbat]

Du kan evt. installere SAS og så ser du om PC-en fungerer bedre fra sikker modus (trykk flere ganger på F8-tasten, velg sikker modus). Du kan da foreta scanningen fra sikker modus.

[Kristoymii]

hvordan lagrer jeg som CFScript??

[norbat]

I notisblokk velger du Fil->Lagre som. I Filnavn skriver du CFScript

Sørg for at lagringsstedet er Skrivebord.

[Kristoymii]

hva faen?!??! dataen min skrur seg av i sikker modus også :S

men jeg fikk tatt en halv ferdig scan... 10 threats detected, den var ikke engang ferdig! jeg så en threat på threat description det var en trojan downloader vis det er til hjelp..

Endret 16. mai 2008 av kristofferBE

[norbat]

Får du noen melding før PC-en slår seg av eller skjer det bare plutselig?

Har den slått seg av slik lenge (før du fikk mistanke om at du hadde malware)?

Får du startet den med en gang etterpå?

[Kristoymii]

jeg får ikke noen beskjed når den skrur seg av. den har vært sånn i 4 dager nå. og den skrur seg av med en gang jeg skrur den på rett etter at den har skrudd seg av

[norbat]

Ok,

slikt kan både skyldes malware og hardware. Når det også skjer i sikker modus, begynner jeg å lure på om dette kan skyldes hardware (strømforsyning e.l.).

 

Det du kunne ha forsøk, er å stille PC-en tilbake til før PC-en begynte å slå seg av. Du vil antakelig få gjenskap de infeksjonene du har fjernet, men vi kan ta det derfra - dvs. start med å kjøre en scan med SAS for deretter å fortsette med Combofix.

 

Så lenge PC-en slå seg av både i normal og sikker modus, er det litt begrenset hva man klarer å få til. Alt. er å se om en repair av Windows kunne hjulpet (hvis det ikke er noen hardware)

[Kristoymii]

hvordan er det jeg kan stille den tilbake??

[norbat]

Start->Alle programmer->Tilbehør->Systemverktøy->Systemgjenoppretting

[Kristoymii]

ok takk

[Kristoymii]

jeg tror kanskje at det hjalp...eller ikke =(

Endret 16. mai 2008 av kristofferBE

[Kristoymii]

samma det....men vet du om noen grunner for hvorfor dataen min fryser seg når jeg går inn på et spill??