Alko epäilyttää ku rupes Norton 2005 herjaa ja muutenki yhtäkkiä hidastu kone. eScan oon ajanu (löyty joku zipin mukana tullu virus, adware ja spypot ei löydä enää mitään). Onkos tuossa jotain ihmeellistä?? Logfile of HijackThis v1.99.1 Scan saved at 0:08:00, on 6.8.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Ahead\InCD\InCDsrv.exe D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe D:\WINDOWS\system32\LEXBCES.EXE D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\system32\LEXPPS.EXE D:\WINDOWS\system32\CTSVCCDA.EXE D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe D:\Program Files\Norton AntiVirus\navapsvc.exe D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe D:\WINDOWS\system32\ZoneLabs\vsmon.exe D:\Program Files\Norton AntiVirus\SAVScan.exe D:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe D:\WINDOWS\Explorer.EXE D:\Program Files\ASUS\WLAN Card Utilities\Center.exe D:\WINDOWS\system32\CTHELPER.EXE D:\Program Files\Common Files\Symantec Shared\ccApp.exe D:\Program Files\D-Tools\daemon.exe D:\Program Files\NetLimiter\NetLimiter.exe D:\Program Files\Java\jre1.5.0_04\bin\jusched.exe D:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\Program Files\ASUS\Cool & Quiet\cool&quiet.exe D:\WINDOWS\SOUNDMAN.EXE D:\WINDOWS\system32\RUNDLL32.EXE D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Proxomitron Naoko-4\Proxomitron.exe D:\Program Files\Mozilla Firefox\firefox.exe C:\ohjelmat\HTJ\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8080 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {0A8CE102-FA03-4612-9BEE-7FE5452F4CB1} - (no file) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [Control Center] D:\Program Files\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] "D:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [CTStartup] D:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NetLimiter] D:\Program Files\NetLimiter\NetLimiter.exe /s O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Cool & Quiet] D:\Program Files\ASUS\Cool & Quiet\cool&quiet.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Zone Labs Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKLM\..\RunOnce: [srePostpone] rundll32.exe d:\windows\system32\zonelabs\srescan.dll,DoSpecialAction O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - Startup: The Proxomitron (2).lnk = D:\Program Files\Proxomitron Naoko-4\Proxomitron.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Download with GetRight - D:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: Open with GetRight Browser - D:\Program Files\GetRight\GRbrowse.htm O8 - Extra context menu item: Vie Microsoft E&xceliin - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120155219375 O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://gw.tallinnlv.ee:11082/activex/AxisCamControl.cab O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} - O20 - Winlogon Notify: WB - D:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\system32\CTSVCCDA.EXE O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - D:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pimtasvcp - Unknown owner - (no file) O23 - Service: RadClock - Unknown owner - D:\WINDOWS\system32\RadClock.exe (file missing) O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe Ja kiitoksia paljon jo etukäteen!
Semmosta lisäilisin että kone ei sammu enää, eli kun yrittää sammutta niin jää kohtaan "suljetaan wintoosa" j asiitä ei sammu jun resetillä tai virrat pois ottamalla.?? mistähän johtuu? toivottavasti joku "osaa" tai kehtaa auttaa!!
Ja kukaan ei osaa sanoa mitään..?? Hmm..tai sitten ei kehtaa?? Eli voi sanoa myös jos tuosta logista ei löydy mitään epäilyttävää..vai pitääkö sanat laittaa ihmisten suuhun? Porukka vaan kehuu että täällä olis asiantuntioita, niin ajattelin sitten kysyä apua. Ja KIITOKSIA edelleen jos joku viitsi vaivautua..?
Laita piilotiedostot näkyviin. http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2002092715262339 Sulje selain ja ylimääräiset ohjelmat. FIXaa: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://minisearch.startnow.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/ R3 - Default URLSearchHook is missing O3 - Toolbar: (no name) - {0A8CE102-FA03-4612-9BEE-7FE5452F4CB1} - (no file) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O23 - Service: Pimtasvcp - Unknown owner - (no file) O23 - Service: RadClock - Unknown owner - D:\WINDOWS\system32\RadClock.exe (file missing) Tyhjennä tempit ja väliaikaiset internet tiedostot. Boottaa ja laita uus logi.
