Just nu i M3-nätverket
Jump to content

Dator som låser sig


Anders Malm

Recommended Posts

Hej min dator har börjat bete sig underligt på senaste tiden i vissa lägen går det så segt att man tror den hängt sig. Ibland orkar den inte ens svara på ctr-alt-del. Om man får igång aktivitetshanteraren indikerar denna ingen märkvärdig processorlast eller minnesanvändning men ändå går det som sirap.

 

Jag har uppdaterat McAfee virusprogram, zoneAlarmPro brandvägg och har scannat datorn både med ad-aware, windows defender och spybootSD utan att hitta något speciellt underligt.

 

Kan någon ta en titt på den här HijackThis loggen och se om något se skumt ut?

 

[log]

Logfile of HijackThis v1.99.1

Scan saved at 20:23:17, on 2006-09-19

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

c:\program\mcafee.com\agent\mcdetect.exe

c:\program\mcafee.com\vso\mcshield.exe

c:\program\mcafee.com\agent\mctskshd.exe

C:\Program\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe

C:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

C:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

C:\Program\NVIDIA Corporation\nTune\nTuneService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\VMware\VMware Server\vmware-authd.exe

C:\Program\Delade filer\VMware\VMware Virtual Image Editing\vmount2.exe

C:\WINDOWS\system32\vmnat.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

C:\WINDOWS\system32\vmnetdhcp.exe

C:\WINDOWS\Explorer.EXE

C:\Program\MSN Toolbar Suite\SL\02.05.0001.1119\sv-se\msn_sl.exe

C:\Program\McAfee.com\VSO\mcvsshld.exe

C:\Program\McAfee.com\VSO\oasclnt.exe

C:\program\mcafee.com\agent\mcagent.exe

c:\program\mcafee.com\vso\mcvsescn.exe

C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe

C:\Program Files\Adobe\Distillr\Acrotray.exe

C:\Program\Windows Defender\MSASCui.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\Adobe\Acrobat\acrobat_sl.exe

C:\Program\MICROS~4\rapimgr.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\sv-se\bin\WindowsSearch.exe

C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\sv-se\bin\WindowsSearchIndexer.exe

C:\Program\Microsoft ActiveSync\WCESMgr.exe

C:\Program\VMware\VMware Server\vmserverdWin32.exe

C:\Documents and Settings\Anders\Skrivbord\HijackThis.exe

C:\Program\VMware\VMware Server\snhelper.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.idg.se/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll

O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\program\mcafee.com\vso\mcvsshl.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll

O4 - HKLM\..\Run: [VSOCheckTask] "C:\Program\McAfee.com\VSO\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [VirusScan Online] C:\Program\McAfee.com\VSO\mcvsshld.exe

O4 - HKLM\..\Run: [OASClnt] C:\Program\McAfee.com\VSO\oasclnt.exe

O4 - HKLM\..\Run: [MCAgentExe] c:\program\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] C:\program\mcafee.com\agent\McUpdate.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NVMixerTray] "C:\Program\NVIDIA Corporation\NvMixer\NVMixerTray.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Distillr\Acrotray.exe"

O4 - HKLM\..\Run: [Windows Defender] "C:\Program\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program\NVIDIA Corporation\nTune\nTuneCmd.exe" clear

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [nTrayFw] C:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [NBJ] "C:\Program\Ahead\Nero BackItUp\NBJ.exe"

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\sv-se\bin\WindowsSearch.exe

O8 - Extra context menu item: &MSN Search - res://C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll/search.htm

O8 - Extra context menu item: Konvertera länkmål till Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konvertera länkmål till befintlig PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konvertera markering till Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konvertera markering till befintlig PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konvertera till Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konvertera till befintlig PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konvertera valda länkar till Adobe PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Konvertera valda länkar till befintlig PDF - res://C:\Program Files\Adobe\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Öppna på ny flik i bakgrunden - res://C:\Program\MSN Toolbar Suite\TAB\02.05.0000.1105\sv-se\msntabres.dll/229?bc3abedda9d34b5eb6c69db0eb9b7418

O8 - Extra context menu item: Öppna på ny flik i förgrunden - res://C:\Program\MSN Toolbar Suite\TAB\02.05.0000.1105\sv-se\msntabres.dll/230?bc3abedda9d34b5eb6c69db0eb9b7418

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~4\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~4\INetRepl.dll

O9 - Extra 'Tools' menuitem: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\MICROS~4\INetRepl.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145905869750

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program\Delade filer\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe

O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program\mcafee.com\agent\mcdetect.exe

O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\program\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\program\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\Program\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)

O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe

O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe

O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe

O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program\VMware\VMware Server\vmware-authd.exe

O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe

O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program\Delade filer\VMware\VMware Virtual Image Editing\vmount2.exe

O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - C:\Program\VMware\VMware Server\vmserverdWin32.exe

O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

[/log]

 

Tack på förhand

Anders Malm

 

Link to comment
Share on other sites

 

Ser inget i loggen men om du har 2 brandvägg igång Zone och Nvidia så stäng av en av dom.

Sen om du kör en virtual pc (VMware) samtidigt så kan det bli lite segt om man inte har en "superdator" :)

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...