Suojausvaroitus Soundman.exe

Discussion in 'Windows -ongelmat' started by hirvoset, Oct 21, 2006.

  1. hirvoset

    hirvoset Member

    Joined:
    Sep 3, 2006
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    16
    Aina kun avaa Xp:n istunnon niin yo herja tulee, eli :

    "Avaa tiedosto Suojausvaroitus" on herjan otsikko ja sen alla "suorita tai peruuta". Sovelluksen nimi = Soundman.exe
    Sijainti kyseiselle sovellukselle on C/Windows.
    En ole uskaltanut suorittaa, eli olen peruuttanut tai ruksilla poistanut.
    Onko vaarallinen sovellus ja miten saa pois ? Kone on Xp SP2.
     
    hirvoset, Oct 21, 2006
    #1
  2. Neptun

    Neptun Active member

    Joined:
    Jan 17, 2005
    Messages:
    3,954
    Likes Received:
    10
    Trophy Points:
    68
    Kun ihmettelee mikä jokin tiedosto on, kannattaa käyttää Googlea. Tämä Soundman.exe on Realtekin äänikorttiin liittyviä tiedostoja. Onko koneessasi Realtekin äänikkortti tai ajuri? Voit rauhassa sitä klikkailla ja tutkia, mikä se on esim. oikea hiiren nappi - Ominaisuudet. Se ei ole mikään pahis, ellei sellaiseksi naamioitunut, joka aina on mahdollista. Tarpeeton, jos koneessa ei ole esim. enää mitään Realtekin ajureita jne. mutta ei siitä muuta haittaa ole kuin että jostakin syystä se nyt ilmoittelee olemassaolostaan.
     
    Neptun, Oct 21, 2006
    #2
  3. hirvoset

    hirvoset Member

    Joined:
    Sep 3, 2006
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    16
    Koneessa on Realtekin AC97 integroitu äänikortti jota päivittelin päivä pari sitten sekä Fujitsun että Atin sivuilta ja Atilta se onnistui! Tuo herja vissiin tuli just sopivasti sen yhteydessä ajankohdan perusteella. Nyt mulla Norman löyti W32/Malvaren.
    Norman siirti sen karanteeniin jossa pitäis tietää: tehdäänkö palauta, tallenna nimellä vai poista ? sijainti : c/system volume information...... lopuksi .exe
    Onkohan tuo sijainti niin harmiton että vois poistaa ?
     
    hirvoset, Oct 21, 2006
    #3
  4. hirvoset

    hirvoset Member

    Joined:
    Sep 3, 2006
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    16
    Tässä vielä Normanin loki:

    ===================================================================================================
    NVCOD On Demand Scanner 5.80.02

    NSE revision 5.90.23
    nvcbin.def revision 5.90.00 of 2006/10/20 03:02:59 (497265 variants)
    nvcmacro.def revision 5.90.00 of 2006/10/18 16:10:19 (19955 variants)
    Total number of variants: 517220
    Command line: ""@C:\Norman\NVC\Bin\Task2.sdf""
    ===================================================================================================

    * Error during scanning of C:\pagefile.sys: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Hirppe\NTUSER.DAT: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Hirppe\ntuser.dat.LOG: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Hirppe\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Hirppe\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\ntuser.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\ntuser.dat.LOG: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Cookies\index.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Application Data\ApplicationHistory\PMC.Service.Main.exe.d04bbf2f.ini.inuse: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Sivuhistoria\History.IE5\index.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Temp\Acr168.tmp: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Temp\Acr3.tmp: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Temp\AcrA.tmp: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Temp\AcrB.tmp: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Temp\Perflib_Perfdata_bd8.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Temp\Sivuhistoria\History.IE5\MSHist012006102120061022\index.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Jouni\Local Settings\Temporary Internet Files\Content.IE5\index.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\LocalService\NTUSER.DAT: Sharing violation.
    * Error during scanning of C:\Documents and Settings\LocalService\ntuser.dat.LOG: Sharing violation.
    * Error during scanning of C:\Documents and Settings\LocalService\Cookies\index.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG: Sharing violation.
    * Error during scanning of C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\NetworkService\NTUSER.DAT: Sharing violation.
    * Error during scanning of C:\Documents and Settings\NetworkService\ntuser.dat.LOG: Sharing violation.
    * Error during scanning of C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\ntuser.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\ntuser.dat.LOG: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Cookies\index.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Local Settings\Application Data\ApplicationHistory\CLI.EXE.c88dbd71.ini.inuse: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Local Settings\Application Data\ApplicationHistory\PMC.Service.Main.exe.d04bbf2f.ini.inuse: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Local Settings\Sivuhistoria\History.IE5\index.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Local Settings\Temp\Perflib_Perfdata_a30.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Local Settings\Temp\Perflib_Perfdata_ac4.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Local Settings\Temp\Perflib_Perfdata_ae0.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Local Settings\Temp\Perflib_Perfdata_b0c.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Omistaja\Local Settings\Temporary Internet Files\Content.IE5\index.dat: Sharing violation.
    * Error during scanning of C:\Documents and Settings\Susanna\Local Settings\Temporary Internet Files\Content.IE5\DTJYZVA7\organisaatiokaavio_01052006[1].ppt: Illegal structures in scanned file.
    * Error during scanning of C:\Norman\Logs\nvc00003.log: Sharing violation.
    * Error during scanning of C:\Program Files\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask : Ad-Aware SE Default.skn: CRC error in archive.
    * Error during scanning of C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf: Sharing violation.
    * Error during scanning of C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf: Sharing violation.
    * Error during scanning of C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf: Sharing violation.
    * Error during scanning of C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf: Sharing violation.
    * Error during scanning of C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf: Sharing violation.
    * Error during scanning of C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF: Sharing violation.
    * Error during scanning of C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf: Sharing violation.
    * Error during scanning of C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf: Sharing violation.
    * Error during scanning of C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG: Sharing violation.
    * Error during scanning of C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\Media\Temp\Thumbnails\Storage.bin: Sharing violation.

    *** Possible virus found ***
    *** C:\System Volume Information\_restore{B969810E-0401-4D94-9450-50AB09A2AF43}\RP245\A0073272.exe -> Virus W32/Malware ( [ General information ]
    * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**.
    * File length: 13824 bytes.

    [ Changes to filesystem ]
    * Deletes file c:\sample.exe.

    [ Process/window information ]
    * Attemps to open http://www.adobe.com/shockwave/download/triggerpages_mmcom/default.html NULL.
    * Modifies other process memory.
    * Creates a remote thread.

    )
    * Error during scanning of C:\System Volume Information\_restore{B969810E-0401-4D94-9450-50AB09A2AF43}\RP259\change.log: Sharing violation.
    * Error during scanning of C:\WINDOWS\SchedLgU.Txt: Sharing violation.
    * Error during scanning of C:\WINDOWS\Sti_Trace.log: Sharing violation.
    * Error during scanning of C:\WINDOWS\wiadebug.log: Sharing violation.
    * Error during scanning of C:\WINDOWS\wiaservc.log: Sharing violation.
    * Error during scanning of C:\WINDOWS\WindowsUpdate.log: Sharing violation.
    * Error during scanning of C:\WINDOWS\Debug\PASSWD.LOG: Sharing violation.
    * Error during scanning of C:\WINDOWS\SoftwareDistribution\ReportingEvents.log: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\CatRoot2\edb.log: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\CatRoot2\tmp.edb: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\ACEEvent.evt: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\AppEvent.Evt: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\default: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\default.LOG: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\SAM: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\SAM.LOG: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\SecEvent.Evt: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\SECURITY: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\SECURITY.LOG: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\software: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\software.LOG: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\SysEvent.Evt: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\system: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\config\system.LOG: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA: Sharing violation.
    * Error during scanning of C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP: Sharing violation.
    * Error during scanning of C:\WINDOWS\Temp\Perflib_Perfdata_94.dat: Sharing violation.
    - File C:\System Volume Information\_restore{B969810E-0401-4D94-9450-50AB09A2AF43}\RP245\A0073272.exe quarantined.
    - File C:\System Volume Information\_restore{B969810E-0401-4D94-9450-50AB09A2AF43}\RP245\A0073272.exe deleted.

    ===================================================================================================

    The scanning started: 2006/10/21 15:06:37
    ended: 2006/10/21 16:32:03
    Logged on as : Omistaja
    on hostname : JOUNI-C299BF643

    Scanning results:
    Total number of files found..............................: 127233
    Number of files scanned..................................: 126577
    Number of files/directories skipped due to exclude list..: 0
    Number of files that could not be opened.................: 88
    Number of archive files unpacked.........................: 357
    Number of archive files not unpacked.....................: 0
    Number of infections.....................................: 1

    Copyright (c) 1993-2005 Norman ASA.

     
    hirvoset, Oct 21, 2006
    #4
  5. Agent_007

    Agent_007 Senior member

    Joined:
    May 5, 2003
    Messages:
    29,936
    Likes Received:
    124
    Trophy Points:
    143
    Jos se on todellakin system volume information kansiossa niin se on jossain palautus pisteessä. Sen voi kyllä poistaa sieltä.
     
    Agent_007, Oct 22, 2006
    #5
  6. hirvoset

    hirvoset Member

    Joined:
    Sep 3, 2006
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    16
    Mites tuo poisto tarkalleen tehdään? Tehdäänkö vain Xp:n palautuspiste jollekin päivälle ennen tuon Malvaren saantia? Tietysti pitää tietää milloin se on tullut.. Tuo soundman.exe herja tuli tän viikon ke, kun mm päivitin Realtekin äänikorttia. Ja jos tuo malvaren saa sieltä ko kansiosta pois, niin mitä tuolle karanteenissa olevalle kansiolle tehdään?
     
    hirvoset, Oct 22, 2006
    #6
  7. Jupsu

    Jupsu Active member

    Joined:
    Dec 30, 2005
    Messages:
    1,459
    Likes Received:
    2
    Trophy Points:
    68
    siis järjestelmän palautuksen voi tyhjentää painamall omaa tietokonetta hiiren oikealla napilla-> ominaisuudet->järjestelmänpalauttaminen-> raksi kohtaan "poista järjestlmänpalautus käytöstä" tjsp sit käynnstä kone uudelleen ja tee edellä mainittu juttu uudelleen paitsi että nyt ota se raksi taas pois siitä "poista järjestelmänpalautus.." kohasta
     
    Jupsu, Oct 22, 2006
    #7
  8. Neptun

    Neptun Active member

    Joined:
    Jan 17, 2005
    Messages:
    3,954
    Likes Received:
    10
    Trophy Points:
    68
    Poista karanteenissa oleva/olevat Normannin poistoiminolla. En muista missä se on kun olen itse luopunut Normannista. Ei oikeastaan ole mitään haittaa, vaikka jättää sinnekin.
     
    Neptun, Oct 23, 2006
    #8

Share This Page