Kovalevytila vähenee itsestään

Yksityisviestit

Luo uusi yksityisviesti

Kaikki uudet viestit

Ilman vastauksia olevat viestiketjut

Hae viestejä

keskiviikko 12.11.2025 / 18:05

Hae keskustelualueilta:

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > kovalevytila vähenee itsestään

Aiheet

Keskustelualueet

Vastaa

Aloita uusi viestiketju

Kovalevytila vähenee itsestään

Siirry:

Kirjoittaja

Viesti

jajumi

Member

1. toukokuuta 2007 @ 06:22

Linkki tähän viestiin

En ole varma, että kuuluisiko tämä windows puolelle vai tänne, mutta sen verran virusta epäilen, että laitoin sitten tänne.

Sitten itse asiaan. Eli c-asemalta(ainoa) vähenee tilaa 10mt n.5 sekunnin välein, vaikka sinne mitään ei menekään. Myöskin kun katsoo c-aseman juuresta löytyvien kansioiden ominaisuudet, ei sieltä yli 125gt löydy, vaikka omastatietokoneesta katsottaessa c-asemalla onkin 148gt ja lisääntyy jatkuvasti. Kovalevy myös ruksuttaa jatkuvasti, joten jotain siellä on meneillään. Avastilla olen koneen yrittänyt skannata, mutta mitään ei löydy.

Nyt siis olen pahasti avun tarpeessa! Aika paljon olen joutunut jo kaikkea poistelemaankin, kun kovalevyn vapaan tilan määräksi on ilmoitettu 0t.

[ + lainaa]

-AMD AThlon 3000+ (2,17ghz)
-2048mt ddr400mhz (pc3200)
-MSI MS 6786 emo
-Asustek Geforce GF 6800 GT 128mb (AGP)
-Seagate Barracuda 160GB
-ATX 350w virtalähde
-Logitech s510
-Logitech G25 Racing Wheel

Auttaja

Suspended permanently

1. toukokuuta 2007 @ 06:24

Linkki tähän viestiin

Jotkut haittaohjelmat tosiaan voivat täyttää kovon, tutkitaan:

-> Lataa Hijackthis: http://koti.mbnet.fi/pattaya1/HijackThis.exe
-> Tallenna hakemistoon C:\hjt
->Uudelleennimeä HijackThis.exe -> scanner.exe:ksi näin:
1. Klikkaa hiiren oikealla painikkeella HijackThis ikonia.

2. Valitse Uudelleennineä/ Rename.

3. Kirjoita scanner.exe

-> Käynnistä HijackThis ja klikkaa: do a system scan and save a logfile.
-> Lähetä ilmestynyt logisi tähän ketjuun

[ + lainaa]

Don´t send your HijackThis log to another user topic. Remember to describe what kind of problems you have. (In my opinion afterdawn has very unsupportive attitude against malware fighters)
How to send HijackThis log (step 3-5)Hijackthis login lähettämisohjeet (Finland)
My profile "Therefore I say to you, do not worry about your life, what you will eat or what you will drink; nor about your body, what you will put on."
My home forum (Finland) Geeks To Go - Another place
List of rogue programs. (Finland) For exampe MSG+ is there. Another list

jajumi

Member

1. toukokuuta 2007 @ 06:44

Linkki tähän viestiin

Tuon näköistä tuli:

Logfile of HijackThis v1.99.1
Scan saved at 1:33:15, on 7.1.2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Bluetooth\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\RF Driver\One Take V2.0.8\GLtakone.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bluetooth\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\BLUETO~1\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Scanner.exe.exe
C:\WINDOWS\Temp\WDF721E.tmp\Microsoft User-Mode Driver Framework Install-v1.0-WinXP.exe
c:\7301c6fc9aec062296b02ba8\update\update.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [GLtakone.exe] "C:\Program Files\RF Driver\One Take V2.0.8\GLtakone.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: ClientManager3.lnk = C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
O4 - Global Startup: WinZIP Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: Avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Bluetooth\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

[ + lainaa]

jajumi

Member

1. toukokuuta 2007 @ 06:59

Linkki tähän viestiin

Tuota lokia, kun itse katselen niin silmään pistää prosesseista update.exe(viimeinen). Tuon ko. ohjelman hakemisto nimittäin ihmeellisesti pomppii näkyviin ja pois c-aseman juuressa. task manageristakaan en saa prosessia tapettua, koska se siinä niin pikaisesti käväisee. Voisiko ongelma olla siinä prosessissa? Ja jos on, niin miten poistan sellaisen mitä ei ole...? :D

[ + lainaa]

Auttaja

Suspended permanently

1. toukokuuta 2007 @ 07:26

Linkki tähän viestiin

1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen

******

c:\7301c6fc9aec062296b02ba8\update\update.exe

etsi tuo tiedosto ja lähetä se tänne http://virusscan.jotti.org/
File to upload & scan: kohtaan, jos ei löydy tää voi auttaa, Laita piilotiedostot näkyviin

[ + lainaa]

jajumi

Member

1. toukokuuta 2007 @ 11:31

Linkki tähän viestiin

Lainaus, alkuperäisen viestin kirjoitti Auttaja:
******

c:\7301c6fc9aec062296b02ba8\update\update.exe

etsi tuo tiedosto ja lähetä se tänne http://virusscan.jotti.org/
File to upload & scan: kohtaan, jos ei löydy tää voi auttaa, Laita piilotiedostot näkyviin

Kansio ei ole piilotettu, vaan se näkyy aivan oikein, mutta pomppii edestakaisin näkyviin ja pois näkyvistä(ei ole väliä näyttääkö piilotetut vai ei). Kansio ikään kuin häviää ja tulee jälleen takaisin. Prosessi tekee myös samaa, joten en pääse siihen mitenkään käsiksi. :/

Tuossa se toinen loki:

"JaJuMi" - 04-01-07 6:10:52 Service Pack 2
ComboFix 07-04-25.4V - Running from: "C:\Documents and Settings\JaJuMi\Desktop\"

((((((((((((((((((((((((((((((( Files Created from 2003-12-07 to 2004-01-07 ))))))))))))))))))))))))))))))))))

2004-01-17 18:20 <KANSIO> d-------- C:\DOCUME~1\JaJuMi\Bluetooth Software
2004-01-07 21:21 237,936 --a------ C:\WINDOWS\system32\unicows.dll
2004-01-07 01:31 218,112 --a------ C:\Scanner.exe.exe
2004-01-07 00:55 <KANSIO> d-------- C:\Program Files\Lavasoft
2004-01-07 00:55 <KANSIO> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2004-01-07 00:55 <KANSIO> d-------- C:\DOCUME~1\JaJuMi\APPLIC~1\Lavasoft
2004-01-07 00:02 <KANSIO> d-------- C:\WINDOWS\system32\appmgmt
2004-01-05 08:56 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
2004-01-05 08:42 <KANSIO> d-------- C:\Program Files\ToniArts
2004-01-01 21:14 372,480 -ra------ C:\WINDOWS\system32\drivers\CBG54.SYS
2004-01-01 10:13 52,736 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-04-30 18:41 94552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 18:41 85952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 18:39 23416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 18:38 43176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 18:37 26888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-03-02 22:53 1972224 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-02-22 09:15 8320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2007-02-22 09:15 137216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2007-02-22 09:15 12288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2007-02-22 09:15 12288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2006-10-18 19:00 38528 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys
2006-10-13 12:23 163584 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2006-09-15 21:30 82688 --------- C:\WINDOWS\system32\drivers\WudfRd.sys
2006-09-15 21:29 76544 --------- C:\WINDOWS\system32\drivers\WudfPf.sys
2006-08-25 05:47 36528 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys
2006-08-25 05:47 2560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2006-08-25 05:47 2432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2006-08-21 11:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2006-08-16 11:37 225664 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2006-08-14 12:34 332928 --a------ C:\WINDOWS\system32\drivers\srv.sys
2006-07-13 10:48 202240 --a------ C:\WINDOWS\system32\drivers\rmcast.sys
2006-06-14 11:00 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2006-06-14 10:47 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2006-06-14 10:47 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2006-06-10 08:58 1373120 --a------ C:\WINDOWS\system32\drivers\cmuda.sys
2006-05-05 11:47 174592 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2006-05-05 11:41 453120 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2006-04-20 13:51 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2006-04-18 21:59 78720 --a------ C:\WINDOWS\system32\drivers\TE100XP.SYS
2006-03-17 02:33 262784 --a------ C:\WINDOWS\system32\drivers\http.sys
2006-03-15 14:00 96256 --a------ C:\WINDOWS\system32\drivers\scsiport.sys
2006-03-15 14:00 9600 --a------ C:\WINDOWS\system32\drivers\ndistapi.sys
2006-03-15 14:00 9600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2006-03-15 14:00 95360 --a------ C:\WINDOWS\system32\drivers\atapi.sys
2006-03-15 14:00 92032 --a------ C:\WINDOWS\system32\drivers\ksecdd.sys
2006-03-15 14:00 91776 --a------ C:\WINDOWS\system32\drivers\ndiswan.sys
2006-03-15 14:00 88448 --a------ C:\WINDOWS\system32\drivers\nwlnkipx.sys
2006-03-15 14:00 8832 --a------ C:\WINDOWS\system32\drivers\rasacd.sys
2006-03-15 14:00 80128 --a------ C:\WINDOWS\system32\drivers\parport.sys
2006-03-15 14:00 799744 --a------ C:\WINDOWS\system32\drivers\dmboot.sys
2006-03-15 14:00 79744 --a------ C:\WINDOWS\system32\drivers\videoprt.sys
2006-03-15 14:00 7936 --a------ C:\WINDOWS\system32\drivers\fs_rec.sys
2006-03-15 14:00 7680 --a------ C:\WINDOWS\system32\drivers\mcd.sys
2006-03-15 14:00 7552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2006-03-15 14:00 74752 --a------ C:\WINDOWS\system32\drivers\ipsec.sys
2006-03-15 14:00 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2006-03-15 14:00 72960 --a------ C:\WINDOWS\system32\drivers\mqac.sys
2006-03-15 14:00 71552 --a------ C:\WINDOWS\system32\drivers\bridge.sys
2006-03-15 14:00 71040 --a------ C:\WINDOWS\system32\drivers\dxg.sys
2006-03-15 14:00 69120 --a------ C:\WINDOWS\system32\drivers\psched.sys
2006-03-15 14:00 68224 --a------ C:\WINDOWS\system32\drivers\pci.sys
2006-03-15 14:00 6784 --a------ C:\WINDOWS\system32\drivers\parvdm.sys
2006-03-15 14:00 67584 --a------ C:\WINDOWS\system32\drivers\sdbus.sys
2006-03-15 14:00 66176 --a------ C:\WINDOWS\system32\drivers\udfs.sys
2006-03-15 14:00 64896 --a------ C:\WINDOWS\system32\drivers\serial.sys
2006-03-15 14:00 63744 --a------ C:\WINDOWS\system32\drivers\mf.sys
2006-03-15 14:00 63744 --a------ C:\WINDOWS\system32\drivers\cdfs.sys
2006-03-15 14:00 63232 --a------ C:\WINDOWS\system32\drivers\nwlnknb.sys
2006-03-15 14:00 61824 --a------ C:\WINDOWS\system32\drivers\nic1394.sys
2006-03-15 14:00 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2006-03-15 14:00 60800 --a------ C:\WINDOWS\system32\drivers\arp1394.sys
2006-03-15 14:00 59904 --a------ C:\WINDOWS\system32\drivers\atmarpc.sys
2006-03-15 14:00 5888 --a------ C:\WINDOWS\system32\drivers\rootmdm.sys
2006-03-15 14:00 5888 --a------ C:\WINDOWS\system32\drivers\dmload.sys
2006-03-15 14:00 58112 --a------ C:\WINDOWS\system32\drivers\vdmindvd.sys
2006-03-15 14:00 57600 --a------ C:\WINDOWS\system32\drivers\usbhub.sys
2006-03-15 14:00 574592 --a------ C:\WINDOWS\system32\drivers\ntfs.sys
2006-03-15 14:00 55936 --a------ C:\WINDOWS\system32\drivers\nwlnkspx.sys
2006-03-15 14:00 55936 --a------ C:\WINDOWS\system32\drivers\atmlane.sys
2006-03-15 14:00 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2006-03-15 14:00 5376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2006-03-15 14:00 52352 --a------ C:\WINDOWS\system32\drivers\volsnap.sys
2006-03-15 14:00 51712 --a------ C:\WINDOWS\system32\drivers\tosdvd.sys
2006-03-15 14:00 51328 --a------ C:\WINDOWS\system32\drivers\rasl2tp.sys
2006-03-15 14:00 4992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2006-03-15 14:00 49664 --a------ C:\WINDOWS\system32\drivers\classpnp.sys
2006-03-15 14:00 49536 --a------ C:\WINDOWS\system32\drivers\cdrom.sys
2006-03-15 14:00 48384 --a------ C:\WINDOWS\system32\drivers\raspptp.sys
2006-03-15 14:00 4736 --a------ C:\WINDOWS\system32\drivers\usbd.sys
2006-03-15 14:00 46464 --a------ C:\WINDOWS\system32\drivers\gagp30kx.sys
2006-03-15 14:00 44928 --a------ C:\WINDOWS\system32\drivers\agpcpq.sys
2006-03-15 14:00 44672 --a------ C:\WINDOWS\system32\drivers\uagp35.sys
2006-03-15 14:00 4352 --a------ C:\WINDOWS\system32\drivers\wmilib.sys
2006-03-15 14:00 4352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2006-03-15 14:00 43008 --a------ C:\WINDOWS\system32\drivers\amdagp.sys
2006-03-15 14:00 42752 --a------ C:\WINDOWS\system32\drivers\alim1541.sys
2006-03-15 14:00 42496 --a------ C:\WINDOWS\system32\drivers\p3.sys
2006-03-15 14:00 42368 --a------ C:\WINDOWS\system32\drivers\agp440.sys
2006-03-15 14:00 42240 --a------ C:\WINDOWS\system32\drivers\viaagp.sys
2006-03-15 14:00 42240 --a------ C:\WINDOWS\system32\drivers\mountmgr.sys
2006-03-15 14:00 4224 --a------ C:\WINDOWS\system32\drivers\rdpcdd.sys
2006-03-15 14:00 4224 --a------ C:\WINDOWS\system32\drivers\mnmdd.sys
2006-03-15 14:00 4224 --a------ C:\WINDOWS\system32\drivers\beep.sys
2006-03-15 14:00 41856 --a------ C:\WINDOWS\system32\drivers\imapi.sys
2006-03-15 14:00 41472 --a------ C:\WINDOWS\system32\drivers\raspppoe.sys
2006-03-15 14:00 41088 --a------ C:\WINDOWS\system32\drivers\sisagp.sys
2006-03-15 14:00 40320 --a------ C:\WINDOWS\system32\drivers\nmnt.sys
2006-03-15 14:00 38016 --a------ C:\WINDOWS\system32\drivers\ndproxy.sys
2006-03-15 14:00 37376 --a------ C:\WINDOWS\system32\drivers\amdk7.sys
2006-03-15 14:00 36992 --a------ C:\WINDOWS\system32\drivers\amdk6.sys
2006-03-15 14:00 36480 --a------ C:\WINDOWS\system32\drivers\crusoe.sys
2006-03-15 14:00 36352 --a------ C:\WINDOWS\system32\drivers\disk.sys
2006-03-15 14:00 36224 --a------ C:\WINDOWS\system32\drivers\hidclass.sys
2006-03-15 14:00 36096 --a------ C:\WINDOWS\system32\drivers\intelppm.sys
2006-03-15 14:00 35840 --a------ C:\WINDOWS\system32\drivers\isapnp.sys
2006-03-15 14:00 35328 --a------ C:\WINDOWS\system32\drivers\processr.sys
2006-03-15 14:00 352256 --a------ C:\WINDOWS\system32\drivers\atmuni.sys
2006-03-15 14:00 35072 --a------ C:\WINDOWS\system32\drivers\msgpc.sys
2006-03-15 14:00 34944 --a------ C:\WINDOWS\system32\drivers\fips.sys
2006-03-15 14:00 34560 --a------ C:\WINDOWS\system32\drivers\wanarp.sys
2006-03-15 14:00 34560 --a------ C:\WINDOWS\system32\drivers\netbios.sys
2006-03-15 14:00 3456 --a------ C:\WINDOWS\system32\drivers\oprghdlr.sys
2006-03-15 14:00 34432 --a------ C:\WINDOWS\system32\drivers\rawwan.sys
2006-03-15 14:00 3328 --a------ C:\WINDOWS\system32\drivers\pciide.sys
2006-03-15 14:00 3328 --a------ C:\WINDOWS\system32\drivers\dxgthk.sys
2006-03-15 14:00 32896 --a------ C:\WINDOWS\system32\drivers\ipfltdrv.sys
2006-03-15 14:00 32512 --a------ C:\WINDOWS\system32\drivers\nwlnkfwd.sys
2006-03-15 14:00 31616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2006-03-15 14:00 31360 --a------ C:\WINDOWS\system32\drivers\atmepvc.sys
2006-03-15 14:00 30848 --a------ C:\WINDOWS\system32\drivers\npfs.sys
2006-03-15 14:00 30080 --a------ C:\WINDOWS\system32\drivers\rndismp.sys
2006-03-15 14:00 30080 --a------ C:\WINDOWS\system32\drivers\modem.sys
2006-03-15 14:00 2944 --a------ C:\WINDOWS\system32\drivers\null.sys
2006-03-15 14:00 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2006-03-15 14:00 29056 --a------ C:\WINDOWS\system32\drivers\ip6fw.sys
2006-03-15 14:00 27440 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2006-03-15 14:00 27392 --a------ C:\WINDOWS\system32\drivers\fdc.sys
2006-03-15 14:00 26624 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2006-03-15 14:00 262528 --a------ C:\WINDOWS\system32\drivers\cinemst2.sys
2006-03-15 14:00 25472 --a------ C:\WINDOWS\system32\drivers\sonydcam.sys
2006-03-15 14:00 25088 --a------ C:\WINDOWS\system32\drivers\pciidex.sys
2006-03-15 14:00 24960 --a------ C:\WINDOWS\system32\drivers\hidparse.sys
2006-03-15 14:00 24576 --a------ C:\WINDOWS\system32\drivers\kbdclass.sys
2006-03-15 14:00 23936 --a------ C:\WINDOWS\system32\drivers\usbcamd2.sys
2006-03-15 14:00 23808 --a------ C:\WINDOWS\system32\drivers\usbcamd.sys
2006-03-15 14:00 23040 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2006-03-15 14:00 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2006-03-15 14:00 21376 --a------ C:\WINDOWS\system32\drivers\tsbvcap.sys
2006-03-15 14:00 20992 --a------ C:\WINDOWS\system32\drivers\vga.sys
2006-03-15 14:00 20992 --a------ C:\WINDOWS\system32\drivers\ipinip.sys
2006-03-15 14:00 209408 --a------ C:\WINDOWS\system32\drivers\update.sys
2006-03-15 14:00 20480 --a------ C:\WINDOWS\system32\drivers\flpydisk.sys
2006-03-15 14:00 19072 --a------ C:\WINDOWS\system32\drivers\msfs.sys
2006-03-15 14:00 187776 --a------ C:\WINDOWS\system32\drivers\acpi.sys
2006-03-15 14:00 18688 --a------ C:\WINDOWS\system32\drivers\partmgr.sys
2006-03-15 14:00 18688 --a------ C:\WINDOWS\system32\drivers\cdaudio.sys
2006-03-15 14:00 18560 --a------ C:\WINDOWS\system32\drivers\tdi.sys
2006-03-15 14:00 182912 --a------ C:\WINDOWS\system32\drivers\ndis.sys
2006-03-15 14:00 181248 --a------ C:\WINDOWS\system32\drivers\mrxdav.sys
2006-03-15 14:00 17792 --a------ C:\WINDOWS\system32\drivers\ptilink.sys
2006-03-15 14:00 17024 --a------ C:\WINDOWS\system32\drivers\usbohci.sys
2006-03-15 14:00 16512 --a------ C:\WINDOWS\system32\drivers\raspti.sys
2006-03-15 14:00 162816 --a------ C:\WINDOWS\system32\drivers\netbt.sys
2006-03-15 14:00 16000 --a------ C:\WINDOWS\system32\drivers\usbintel.sys
2006-03-15 14:00 15488 --a------ C:\WINDOWS\system32\drivers\serenum.sys
2006-03-15 14:00 15488 --a------ C:\WINDOWS\system32\drivers\mssmbios.sys
2006-03-15 14:00 153344 --a------ C:\WINDOWS\system32\drivers\dmio.sys
2006-03-15 14:00 14976 --a------ C:\WINDOWS\system32\drivers\tape.sys
2006-03-15 14:00 14848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2006-03-15 14:00 14592 --a------ C:\WINDOWS\system32\drivers\smclib.sys
2006-03-15 14:00 143360 --a------ C:\WINDOWS\system32\drivers\fastfat.sys
2006-03-15 14:00 14336 --a------ C:\WINDOWS\system32\drivers\asyncmac.sys
2006-03-15 14:00 142976 --a------ C:\WINDOWS\system32\drivers\usbport.sys
2006-03-15 14:00 14208 --a------ C:\WINDOWS\system32\drivers\diskdump.sys
2006-03-15 14:00 13952 --a------ C:\WINDOWS\system32\drivers\cbidf2k.sys
2006-03-15 14:00 138496 --a------ C:\WINDOWS\system32\drivers\afd.sys
2006-03-15 14:00 12672 --a------ C:\WINDOWS\system32\drivers\usb8023.sys
2006-03-15 14:00 125056 --a------ C:\WINDOWS\system32\drivers\ftdisk.sys
2006-03-15 14:00 12416 --a------ C:\WINDOWS\system32\drivers\tunmp.sys
2006-03-15 14:00 12416 --a------ C:\WINDOWS\system32\drivers\nwlnkflt.sys
2006-03-15 14:00 12160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2006-03-15 14:00 12160 --a------ C:\WINDOWS\system32\drivers\fsvga.sys
2006-03-15 14:00 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2006-03-15 14:00 12032 --a------ C:\WINDOWS\system32\drivers\ws2ifsl.sys
2006-03-15 14:00 12032 --a------ C:\WINDOWS\system32\drivers\riodrv.sys
2006-03-15 14:00 12032 --a------ C:\WINDOWS\system32\drivers\rio8drv.sys
2006-03-15 14:00 12032 --a------ C:\WINDOWS\system32\drivers\nikedrv.sys
2006-03-15 14:00 119936 --a------ C:\WINDOWS\system32\drivers\pcmcia.sys
2006-03-15 14:00 11776 --a------ C:\WINDOWS\system32\drivers\cpqdap01.sys
2006-03-15 14:00 11648 --a------ C:\WINDOWS\system32\drivers\acpiec.sys
2006-03-15 14:00 11392 --a------ C:\WINDOWS\system32\drivers\sfloppy.sys
2006-03-15 14:00 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2006-03-15 14:00 11136 --a------ C:\WINDOWS\system32\drivers\sffdisk.sys
2006-03-15 14:00 107904 --a------ C:\WINDOWS\system32\drivers\mup.sys
2006-03-15 14:00 10624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2006-03-15 14:00 10496 --a------ C:\WINDOWS\system32\drivers\dxapi.sys
2006-03-15 14:00 10240 --a------ C:\WINDOWS\system32\drivers\sffp_sd.sys
2006-02-15 02:22 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2005-09-29 09:43 9792 --a------ C:\WINDOWS\system32\drivers\LGTkFtr.sys
2005-09-20 15:26 1342122 --a------ C:\WINDOWS\system32\drivers\btkrnl.sys
2005-09-20 15:03 401664 --a------ C:\WINDOWS\system32\drivers\btaudio.sys
2005-09-19 15:44 23271 --a------ C:\WINDOWS\system32\drivers\btserial.sys
2005-09-19 15:44 222876 --a------ C:\WINDOWS\system32\drivers\btslbcsp.sys
2005-09-19 15:42 30363 --a------ C:\WINDOWS\system32\drivers\btport.sys
2005-09-19 15:41 56648 --a------ C:\WINDOWS\system32\drivers\btwusb.sys
2005-09-19 15:41 30189 --a------ C:\WINDOWS\system32\drivers\btwmodem.sys
2005-09-19 15:38 148040 --a------ C:\WINDOWS\system32\drivers\btwdndis.sys
2005-09-15 09:45 9888 --a------ C:\WINDOWS\system32\drivers\UGTkFtr.sys
2005-06-29 01:43 46592 --------- C:\WINDOWS\system32\drivers\irbus.sys
2005-06-29 01:43 19200 --------- C:\WINDOWS\system32\drivers\hidir.sys
2005-06-21 03:52 14592 --a------ C:\WINDOWS\system32\drivers\ndisuio.sys
2005-06-10 06:09 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2005-02-02 11:21 14408 --a------ C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2004-12-19 06:32 38229 --------- C:\WINDOWS\system32\drivers\StMp3Rec.sys
2004-09-30 00:28 134912 --a------ C:\WINDOWS\system32\drivers\ipnat.sys
2004-08-10 13:45 11008 --a------ C:\WINDOWS\system32\drivers\mhndrv.sys
2004-08-04 11:01 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2004-08-04 09:01 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2004-08-04 08:31 20992 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys
2004-08-04 01:07 59264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2004-08-04 01:07 52864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2004-08-04 00:59 57472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2004-08-03 23:15 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2004-08-03 23:15 140928 --a------ C:\WINDOWS\system32\drivers\ks.sys
2004-08-03 23:08 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2004-08-03 23:08 48640 --a------ C:\WINDOWS\system32\drivers\stream.sys
2004-06-03 10:40 79360 --a------ C:\WINDOWS\system32\drivers\nvatabus.sys
2004-05-25 15:58 962560 --a------ C:\WINDOWS\system32\drivers\nvmcp.sys
2004-05-25 15:58 66688 --a------ C:\WINDOWS\system32\drivers\nvarm.sys
2004-05-25 15:58 48640 --a------ C:\WINDOWS\system32\drivers\nvax.sys
2004-05-25 15:58 396032 --a------ C:\WINDOWS\system32\drivers\nvapu.sys
2004-04-02 15:40 21760 --a------ C:\WINDOWS\system32\drivers\nv_agp.SYS
2004-03-15 19:24 21275 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2004-01-07 00:09 -------- d-------- C:\Program Files\nokia

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
"Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd"
"GLtakone.exe"="\"C:\\Program Files\\RF Driver\\One Take V2.0.8\\GLtakone.exe\""
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
@=""
"StartCCC"="C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
6d,73,73,74,79,6c,65,73,00
"InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2004-01-07 06:14:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

********************************************************************

Completion time: 04-01-07 6:18:31
C:\ComboFix-quarantined-files.txt ... 04-01-07 06:18

[ + lainaa]

Auttaja

Suspended permanently

1. toukokuuta 2007 @ 14:56

Linkki tähän viestiin

Lataa Killbox Option^Explicitiltä.

Huomaa: Jos sinulla on jo Killbox, tämä on uusi versio joka sinun tulee asentaa. Poista aikaisempi.

[*]Tallenna työpöydällesi.
[*] Tupla-klikkaa Killbox.exe ajaaksesi ohjelman.
[*] Valitse: [*]Delete on Reboot[*] sitten klikkaa All Files valintaa.
[*]Kopioi ja liitä alapuolella olevat tiedostopolut leikepöydälle mustaamalla KAIKKI ne ja painamalla CTRL + C (tai, mustaamisen jälkeen, oikea klikki hiirellä ja valitse kopioi):

vc:\7301c6fc9aec062296b02ba8\update\update.exe

[*] Palaa Killboxiin, mene File valikkoon, ja valitse Paste from Clipboard.

[*]Klikkaa puna-valkoista Delete File valintaa. Klikkaa Yes "Delete on Reboot" pyyntöön. Klikkaa OK mihin vain PendingFileRenameOperations pyyntöön (ja anna fixaajan tietää jos jokin tälläinen tulee!).
Käynnistä koneesi itse jos se ei sitä automaattisesti tee

Jos saat tälläisen viestin: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." Kun yrität ajaa KillBoxia, klikkaa tätä ladataksesi ja ajaaksesi Missingfilessetup.exe;n. Sitten koita KillBoxia uudestaan.'

uusi HjT logi

[ + lainaa]

Solonen

Member

5 tuotearviota

18. heinäkuuta 2007 @ 08:26

Linkki tähän viestiin

Mulla on sama onkelma tässä on loki
Olis ihan kiva jos joku pystys auttaa :P

Logfile of HijackThis v1.99.1
Scan saved at 12:23:19, on 18.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\WINDOWS\system32\o2flash.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\xoblite_bb3_rc1\Blackbox.exe
C:\Program Files\TopDesk\topdesk.exe
C:\Program Files\3D\Yodm3D.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\mIRC\mirc.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Ville Viitaharju\Työpöytä\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://irc-galleria.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/d...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=C:\xoblite_bb3_rc1\Blackbox.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: Loader Class - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - C:\Documents and Settings\Ville Viitaharju\Työpöytä\FindeXer Nightly V1.1.0.3\FindeXer.dll (file missing)
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\RunServices: [asdfg] C:\WINDOWS\system32\nmydk.exe
O4 - HKCU\..\Run: [Windows restart by pönsö] C:\Program Files\Windowsin restartti by pönsö\1.bat
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - Startup: Instance Manager Group Default Instance Group.lnk = C:\Program Files\Samurize\InstanceManager.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ville Viitaharju\Käynnistä-valikko\Ohjelmat\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) - http://www.gamescampus.com/luncher/GamesCampus.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6D5A6763-9132-466B-91AB-A2D663E2C379}: NameServer = 193.210.18.18,193.210.19.19
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing)
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: WinRemotePC Server (WinRPC10) - Unknown owner - C:\Program Files\WinSoftMagic\WinRemotePC\WRPCServer.exe (file missing)

[ + lainaa]

MiKa85

Senior Member

16 tuotearviota

25. heinäkuuta 2007 @ 03:45

Linkki tähän viestiin

Ottakaa järjestelmän palauttaminen pois käytöstä ja katsokaa tuliko kovalevytila takaisin.. saattas auttaa. Itsellä ainakin.

[ + lainaa]

Tompas

Junior Member

31. heinäkuuta 2007 @ 08:31

Linkki tähän viestiin

Lainaus, alkuperäisen viestin kirjoitti jajumi:
Eli c-asemalta(ainoa) vähenee tilaa 10mt n.5 sekunnin välein, vaikka sinne mitään ei menekään. Myöskin kun katsoo c-aseman juuresta löytyvien kansioiden ominaisuudet, ei sieltä yli 125gt löydy, vaikka omastatietokoneesta katsottaessa c-asemalla onkin 148gt ja lisääntyy jatkuvasti. Kovalevy myös ruksuttaa jatkuvasti, joten jotain siellä on meneillään. Avastilla olen koneen yrittänyt skannata, mutta mitään ei löydy.

Nyt siis olen pahasti avun tarpeessa! Aika paljon olen joutunut jo kaikkea poistelemaankin, kun kovalevyn vapaan tilan määräksi on ilmoitettu 0t.

Minulla hiukan sama tilanne, paitsi mulla nyt on koneessa vielä d-asemakin(jos se nyt jotain merkkaa). Tässäpä lokia, mitä tuli tuosta hijack -hommelista ulos:

Logfile of HijackThis v1.99.1
Scan saved at 12:23:06, on 31.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\DOCUME~1\Tommi\LOCALS~1\Temp\200732120338_mcinfo.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Wireless LAN Utility\SiWake.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Wireless LAN Utility\SISCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hjt\scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R3 - Default URLSearchHook is missing
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\Tommi\LOCALS~1\Temp\200732120338_mcinfo.exe /insfin
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O15 - Trusted Zone: *.line6.net
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared...90/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared...,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Network Proxy (ccProxy) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe (file missing)
O23 - Service: Symantec Password Validation (ccPwdSvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus (navapsvc) - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SAVScan - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Mitäs pitäis tehä?

[ + lainaa]

Mainos

Auttaja

Suspended permanently

2. elokuuta 2007 @ 09:31

Linkki tähän viestiin

LUKEA SÄÄNNÖT...

-> Lähetä ilmestynyt logisi AfterDawn:n Virukset ja haittaohjelmat-osioon HijackThis-logit: http://keskustelu.afterdawn.com/forum_view.cfm/198
Aloita uusi viestiketjusi ja kerro ongelmasta sekä liitä HijackThis logi mukaan! Odota rauhassa apua

Eli editoi oma viestisi pois...

[ + lainaa]

Vastaa

Aloita uusi viestiketju

afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > kovalevytila vähenee itsestään


		Käyttäjä	Salasana

		Puuttuuko tunnus? Liity jäseneksi nyt!. Salasana hukassa? Klikkaa tästä.