Kone käynnistyy uudestaan itsestään | Hjt Loki

Discussion in 'Virukset ja haittaohjelmat' started by Anpi, Jan 28, 2006.

  1. Anpi

    Anpi Member

    Joined:
    Nov 29, 2005
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    11
    Kone käynnistää itsensä uudestaan, mutta koneesta ei löydy viruksia tai spywarea, koitan seuraavaksi tätä vaihtoehtoa.

    Logfile of HijackThis v1.99.0
    Scan saved at 20:10:30, on 28.1.2006
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\Program Files\AVPersonal\AVSched32.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
    C:\WINDOWS\System32\wuauclt.exe
    E:\Ohjelmat\DAEMON Tools\daemon.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Radeon Omega Drivers\v2.6.87\ATI Tray Tools\atitray.exe
    E:\Ohjelmat\SpywareGuard\sgmain.exe
    E:\Ohjelmat\SpywareGuard\sgbhp.exe
    C:\Program Files\Winamp\winamp.exe
    C:\Program Files\AVPersonal\AVWIN.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\totalcmd\TOTALCMD.EXE
    C:\HijackThis\putsari.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://pralerts.zonelabs.com/praler...1035&CL=en&LICFLAG=1&OEM=1038&SKU=1&Mode=1004
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - E:\Ohjelmat\SpywareGuard\dlprotect.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
    O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32.EXE /min
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
    O4 - HKLM\..\Run: [DAEMON Tools] "E:\Ohjelmat\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Radeon Omega Drivers\v2.6.87\ATI Tray Tools\atitray.exe"
    O4 - Startup: SpywareGuard.lnk = E:\Ohjelmat\SpywareGuard\sgmain.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu - Unknown - C:\WINDOWS\System32\dmadmin.exe
    O23 - Service: Tapahtumaloki - Unknown - C:\WINDOWS\system32\services.exe
    O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu - Unknown - C:\WINDOWS\System32\imapi.exe
    O23 - Service: iPodService - Unknown - C:\Program Files\iPod\bin\iPodService.exe (file missing)
    O23 - Service: NetMeeting etätyöpöydän jakaminen - Unknown - C:\WINDOWS\System32\mnmsrvc.exe
    O23 - Service: Verkon DDE - Unknown - C:\WINDOWS\system32\netdde.exe
    O23 - Service: Verkon DDE DSDM - Unknown - C:\WINDOWS\system32\netdde.exe
    O23 - Service: Plug and Play - Unknown - C:\WINDOWS\system32\services.exe
    O23 - Service: Etätyöpöydän ohjeen istunnonhallinta - Unknown - C:\WINDOWS\system32\sessmgr.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) - Unknown - %ProgramFiles%\WinPcap\rpcapd.exe (file missing)
    O23 - Service: Sandra Data Service - SiSoftware - E:\Ohjelmat\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
    O23 - Service: Sandra Service - SiSoftware - E:\Ohjelmat\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
    O23 - Service: Älykortti-apuohjelma - Unknown - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: Älykortti - Unknown - C:\WINDOWS\System32\SCardSvr.exe
    O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Webroot Spy Sweeper Engine - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    O23 - Service: Resurssilokit ja -hälytykset - Unknown - C:\WINDOWS\system32\smlogsvc.exe
    O23 - Service: Telnet - Unknown - C:\WINDOWS\System32\tlntsvr.exe
    O23 - Service: TrueVector Internet Monitor - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    O23 - Service: Aseman tilannevedos - Unknown - C:\WINDOWS\System32\vssvc.exe
    O23 - Service: WMI resurssisovitin - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exe
     
    Anpi, Jan 28, 2006
    #1
  2. spertti

    spertti Active member

    Joined:
    Jun 1, 2005
    Messages:
    1,222
    Likes Received:
    0
    Trophy Points:
    66
    Ikävä kyllä tästäkään ei selvinnyt ongelman lähde =( Taitaapi olla rautavika kyseessä. Eli siis loki on puhdas, jos se yhtään lohduttaa...
     
    spertti, Jan 28, 2006
    #2
  3. Anpi

    Anpi Member

    Joined:
    Nov 29, 2005
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    11
    Ok. No katotaan jatkuuko vika vielä.
     
    Anpi, Jan 28, 2006
    #3
  4. teppoI

    teppoI Moderator Staff Member

    Joined:
    Apr 30, 2005
    Messages:
    4,166
    Likes Received:
    4
    Trophy Points:
    48
    Oletko mahdollisesti katsonut lämpöjä?
     
    teppoI, Jan 29, 2006
    #4
  5. Anpi

    Anpi Member

    Joined:
    Nov 29, 2005
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    11
    Olen ja vaikuttaa siltä että ainut vaihtoehto on että prossu käy kuumana (idle 49 C)
     
    Anpi, Jan 29, 2006
    #5
  6. Anpi

    Anpi Member

    Joined:
    Nov 29, 2005
    Messages:
    24
    Likes Received:
    0
    Trophy Points:
    11
    Puhdistin pölyt IDLE 39 Astetta nyt. Hyvä että samalla tuli kuitenkin katsottua tuo logi. Kiitos vaan.
     
    Anpi, Jan 30, 2006
    #6

Share This Page