[ken979]

datamaskinen min er en slags ny, men det holder krasj. det har skjedd mange ganger allerede.

Når jeg logger på skjermen doesnt flytte. den crusser forblir i samme posisjon.

jeg forsøkt swithing den av, men det doesnt swtich av. Jeg måtte koble den i orden for at det skal skje. Sometimes it doesnt krasj, men det er 50/50.

jeg dont vite hva å gjøre som jeg er en newbie

her er hijact denne loggen

Logfile of Trend Micro HijackThis v2.0.2
Scan lagret på 00:51:31, on 22/02/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe
C: \ WINDOWS \ Explorer.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ Program Files \ Cyberlink \ PowerCinema \ Kernel \ TV \ CLCapSvc.exe
C: \ Program Files \ Cyberlink \ PowerCinema \ Kernel \ TV \ CLSched.exe
C: \ Program Files \ Cyberlink \ Shared Files \ CLML_NTService \ CLMLServer.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ Program Files \ Cyberlink \ Shared Files \ CLML_NTService \ CLMLService.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ Apache Group \ Apache2 \ bin \ apache.exe
C: \ WINDOWS \ system32 \ Inetsrv \ Inetinfo.exe
C: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ bin \ nSvcIp.exe
C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ bin \ nSvcLog.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ bin \ nSvcAppFlt.ex e
C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ Apache Group \ Apache2 \ bin \ apache.exe
C: \ WINDOWS \ system32 \ Dllhost.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Programfiler \ QuickTime \ qttask.exe
C: \ Program Files \ Cyberlink \ PowerCinema \ PCMService.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Program Files \ Cyberlink \ PowerDVD \ PDVDServ.exe
C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ bin \ nTrayFw.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ Programfiler \ Java \ jre1.6.0_04 \ bin \ jusched.exe
C: \ Programfiler \ Zone Labs \ ZoneAlarm \ zlclient.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programfiler \ MSN Messenger \ MsnMsgr.Exe
C: \ Programfiler \ Fellesfiler \ LightScribe \ LightScribeControlPanel.exe
C: \ Programfiler \ Fellesfiler \ Ahead \ Lib \ NMBgMonitor.exe
C: \ Programfiler \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Programfiler \ Fellesfiler \ Ahead \ Lib \ NMIndexingService.exe
C: \ Programfiler \ Fellesfiler \ Ahead \ Lib \ NMIndexStoreSvr.exe
C: \ Program Files \ KWorld Multimedia \ TV Tuner kort Utilities \ HMCP3XCtl.exe
C: \ Programfiler \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ system32 \ wpabaln.exe
C: \ Programfiler \ Trend Micro \ HijackThis \ HijackThis.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://uk.rd.yahoo.com/customize/yco...search/ie.html
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://uk.rd.yahoo.com/customize/yco...//uk.yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.meshcomputers.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://uk.rd.yahoo.com/customize/yco...//uk.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O2 - BHO: & Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ progra ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre1.6.0_04 \ bin \ ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Programfiler \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Programfiler \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [PCMService] "C: \ Program Files \ Cyberlink \ PowerCinema \ PCMService.exe"
O4 - HKLM \ .. \ Run: [RemoteControl] "C: \ Program Files \ Cyberlink \ PowerDVD \ PDVDServ.exe"
O4 - HKLM \ .. \ Run: [(1290A33C-85F5-4164-A1BE-7DD299D4986A)] "C: \ Program Files \ CyberLink \ PowerBackup \ PBKScheduler.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [Ptipbmf] rundll32.exe ptipbmf.dll, SetWriteCacheMode
O4 - HKLM \ .. \ Run: [nTrayFw] C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ bin \ nTrayFw.exe
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [SkyTel] SkyTel.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [JMB36X Configure] C: \ WINDOWS \ system32 \ JMRaidTool.exe støvel
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ Programfiler \ Fellesfiler \ Ahead \ Lib \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / STARTUP
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] C: \ Programfiler \ Java \ jre1.6.0_04 \ bin \ jusched.exe
O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Programfiler \ Zone Labs \ ZoneAlarm \ zlclient.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Programfiler \ MSN Messenger \ MsnMsgr.Exe" / background
O4 - HKCU \ .. \ Run: [Center Agent] C: \ Programfiler \ KWorld Multimedia \ HyperMediaCenter \ DTVR \ Scheduled.exe
O4 - HKCU \ .. \ Run: [LightScribe Control Panel] C: \ Programfiler \ Fellesfiler \ LightScribe \ LightScribeControlPanel.exe-skjult
O4 - HKCU \ .. \ Run: [BgMonitor_ (79662E04-7C6C-4d9f-84C7-88D8A56B10AA)] "C: \ Programfiler \ Fellesfiler \ Ahead \ Lib \ NMBgMonitor.exe"
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Programfiler \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Remote Control.lnk = C: \ Program Files \ KWorld Multimedia \ TV Tuner kort Utilities \ HMCP3XCtl.exe
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 2 \ Office11 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_04 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_04 \ bin \ ssv.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (DFB852A3-47F8-48C4-a200-58CAB36FD2A2) - C: \ progra ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra "Verktøy" MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-a200-58CAB36FD2A2) - C: \ progra ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.meshcomputers.com
O20 - Winlogon Notify:! SASWinLogon - C: \ Programfiler \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - Grisoft, sro - C: \ progra ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Cyberlink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C: \ Program Files \ Cyberlink \ PowerCinema \ Kernel \ TV \ CLCapSvc.exe
O23 - Service: Cyberlink Task Scheduler (CTS) (CLSched) - Unknown owner - C: \ Program Files \ Cyberlink \ PowerCinema \ Kernel \ TV \ CLSched.exe
O23 - Service: Cyberlink Media Library Service - Cyberlink - C: \ Program Files \ Cyberlink \ Shared Files \ CLML_NTService \ CLMLServer.exe
O23 - Service: ForceWare Intelligent Application Manager (engasjert) - Unknown owner - C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ bin \ nSvcAppFlt.ex e
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ Apache Group \ Apache2 \ bin \ apache.exe
O23 - Service: LightScribeService Direct Disc Merking Service (LightScribeService) - Hewlett-Packard Company - C: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
O23 - Service: NBService - Nero AG - C: \ Programfiler \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe
O23 - Service: NMIndexingService - Nero AG - C: \ Programfiler \ Fellesfiler \ Ahead \ Lib \ NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ bin \ nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C: \ Programfiler \ NVIDIA Corporation \ NetworkAccessManager \ bin \ nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe
--
End of file - 10194 bytes

[ken979]

jeg dont vite hvis det er et virus problem eller et hardware problem?

[Axegrinder]

Har du gjort det vanlige, og sjekket for støv opphoping rundt CPU heatsink etc?

[ken979]

Sitat:

Originally Posted by Axegrinder

Har du gjort det vanlige, og sjekket for støv opphoping rundt CPU heatsink etc?

no i havnt jeg er en nybegynner og ikke helt sikker på hva cpu heatsink er.

takk

[philthomas]

Kan du starte opp i sikkermodus? .... (Trykk F8 gjentatte ganger under boot up)

[evilfantasy]

Den Hijackthis loggen er ren.

Visste du installerer noe nytt rundt den tiden denne gang skjer? Kanskje en uke eller så før det skjer for første gang.

[ken979]

vinduspusser, sone alarm, Spybot og norton anti virus

[evilfantasy]

Hva alt var rengjort med vinduspusser og gjorde den starte etter å bruke det?

Zone Alarm eller Norton er ikke de mest effektive på ressurser, kan det være disse også.

[Axegrinder]

Sitat:

Originally Posted by evilfantasy

Zone Alarm eller Norton er ikke de mest effektive på ressurser, kan det være disse også.

Avtalt, spesielt nord som det er et nummer én årsak til PC forsinkelser / krasjer.

Og en CPU heatsink er den store metall tingen med en vifte på toppen på hovedkortet for å holde CPU kjølig.

[ken979]

beklager jeg mening avg. jeg vil se fan out.

stedet for å sone alarmer hva ville dere anbefale.