Diih, elikkä mulla on tommonen AMD Athlon(tm) 64 Processor 3000+ 2000MHz Ongelma on se kun pelailee tai kuuntelee musiikkia niin kone saattaa käynnistää itsensä uudestaan ilman mitään syytä, lämmöt ei nouse, joten vika ei ole siinä. osaisiko joku vähän neuvoskella?
Oletko skannannut konetta eri ohjelmistoilla örkkien varalta? Itsellä ainakin iski heti kun pisti verkkopiuhan kiinni virus, joka sammutteli konetta..
Mikähän se tällanen HJT logi mahtaa olla? En ole mikään "nero-patti" näiden tietokoneiden kans. Voisittekohan mahdollisesti vähän ohjeistaa? Mulla on käytössä toi Norton Internet security 2005 uusimmilla päivityksillä ja se löytää aina yhden viiruksen mitä se ei saa poistettua eikä karanteeniin. Pöpö pitää semmosta nimeä mun koneella kun : rdriv.sys -- Trojan.Cachecachekit ei oo ennen tommosta löytynyt ;o ja sama viirus on koneella aina forkkien jälkeen kun windowsin asentaa...
http://securityresponse.symantec.com/avcenter/venc/data/pf/w32.spybot.nlx.html "When W32.Spybot.NLX is executed, it performs the following actions: 1. Copies itself as %Windir%\iTunesMusic.exe. Note: %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt. 2. Drops the file %System%\rdriv.sys, which is detected as Trojan.Cachecachekit. This file operates as a rootkit hiding the presence of the iTunesMusic.exe file and service. 3. Creates the following registry subkeys to register itself as a service: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\rdriv HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iTunesMusic Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP). The service has the following properties: Display Name: iTunesMusic Path to Executable: %Windir%\iTunesMusic.exe Description: W32.Spybot.NLX is executed at startup." HJT=HijackThis: http://koti.mbnet.fi/pattaya1/hijackthis.htm Laita ohjelma omaan kansioon, käynnistä -> Do a system scan and save logfile ja sitten loki tänne.
Dodii Logfile of HijackThis v1.99.1 Scan saved at 16:40:31, on 5.1.2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Norton Internet Security\ISSVC.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\System32\NILaunch.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Valve\Steam\Steam.exe C:\lotus\organize\easyclip.exe C:\lotus\smartctr\smartctr.exe C:\lotus\smartctr\suitest.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\PROGRA~1\MOZILL~2\FIREFOX.EXE D:\HJT\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [Net-It Launcher] C:\WINDOWS\System32\NILaunch.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent O4 - Startup: Lotus Opetusohjelma.lnk = C:\lotus\wordpro\ltsstart.exe O4 - Startup: Lotus Organizer EasyClip.lnk = C:\lotus\organize\easyclip.exe O4 - Startup: Lotus SmartCenter.lnk = C:\lotus\smartctr\smartctr.exe O4 - Startup: Lotus SuiteStart.lnk = C:\lotus\smartctr\suitest.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: win protect (winspro) - Unknown owner - C:\WINDOWS\winsp2pro.exe
