superaymond Posted August 7, 2007 Share Posted August 7, 2007 ok.. i wanted to start a new post cause the last one is getting too long.. What I have done to try to get rid of .. what ever this virus this is.. so far.. no use.. use the thinkvantage feature on my imb thinkpad to restore everything back to factory state.. this means it deleted everything that I installed or any upgrade.. vista reinstalled.. download.. norten, avg, adaware.. spy doctor.. found absoultely nothing.... right now i am doing a second scam, and so far.. nothing either.. Whats happening to my harddrive: I am losing free space at around .1gb at a time.. this happens when i go on internet for like 1 min, I lose .1gb.. and when i do virus scam or any activity that does not involve installing.. I lose free space.. so far it got from 94.4 gb of free space.. which is last night. to 87.8 gb which is now.. and it is still going down.. my total size for C drive is 105gb.. and around 15gb is hidden or used by the laptop itself which i do not know how to access.. My friend told me it is a worm that might have got into that 15gb part in which even after i reinstall vista, it comes right back and expands itself. I've tried to tract the size of program files and window file to see if there was any expansion, none. Is there anything manual I can do right now to get rid of what ever this thing is? Also, any idea where it is? Dark Phoenix Clan Site Link to comment Share on other sites More sharing options...
blade995 Posted August 7, 2007 Share Posted August 7, 2007 Well it's highly unlikely that the worm got into the restore partition of your disk. Atleast I have never seen it, read it, or heard of a worm like that before. I have a feeling there is nothing wrong and Vista is just doing some work in the background. I also noticed you said you have 2 virus scanners. That may make the detection worse, not better. Un-install one of them, I recommend getting rid of Nortan because it's a resource hog. Are the definitions updated on all of your scanners and did you scan with them after they were updated? Post a hijackthis log which will show if theres something running that shouldn't be. Download from here Link to comment Share on other sites More sharing options...
superaymond Posted August 7, 2007 Author Share Posted August 7, 2007 i lost around 7 gb from last night to now.. (noon) .. could tat be because of vista? and yes both are up to date before i scan the comp.. Dark Phoenix Clan Site Link to comment Share on other sites More sharing options...
superaymond Posted August 7, 2007 Author Share Posted August 7, 2007 this is the log.. note the only thing that i've download after my reinstallment are anti spyware or antivirus programs.. anything that is suspecious plz post :) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:59:53 PM, on 07/08/2007 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Boot mode: Normal Running processes: C:\Windows\System32\smss[Caution: Executable File] C:\Windows\system32\csrss[Caution: Executable File] C:\Windows\system32\wininit[Caution: Executable File] C:\Windows\system32\csrss[Caution: Executable File] C:\Windows\system32\services[Caution: Executable File] C:\Windows\system32\lsass[Caution: Executable File] C:\Windows\system32\lsm[Caution: Executable File] C:\Windows\system32\winlogon[Caution: Executable File] C:\Windows\system32\svchost[Caution: Executable File] C:\Windows\system32\ibmpmsvc[Caution: Executable File] C:\Windows\system32\svchost[Caution: Executable File] C:\Windows\System32\svchost[Caution: Executable File] C:\Windows\System32\svchost[Caution: Executable File] C:\Windows\System32\svchost[Caution: Executable File] C:\Windows\system32\svchost[Caution: Executable File] C:\Windows\system32\SLsvc[Caution: Executable File] C:\Windows\system32\svchost[Caution: Executable File] C:\Windows\system32\svchost[Caution: Executable File] C:\Program Files\ThinkVantage Fingerprint Software\upeksvr[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\ccSvcHst[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32[Caution: Executable File] C:\Windows\System32\spoolsv[Caution: Executable File] C:\Windows\system32\svchost[Caution: Executable File] C:\Windows\system32\IPSSVC[Caution: Executable File] C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc[Caution: Executable File] C:\Windows\system32\AEADISRV[Caution: Executable File] C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\ccSvcHst[Caution: Executable File] C:\Program Files\Diskeeper Corporation\Diskeeper\DkService[Caution: Executable File] C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr[Caution: Executable File] C:\Windows\system32\svchost[Caution: Executable File] C:\Windows\system32\svchost[Caution: Executable File] c:\Program Files\Lenovo\System Update\SUService[Caution: Executable File] C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc[Caution: Executable File] C:\Windows\System32\TPHDEXLG[Caution: Executable File] C:\Windows\system32\Dwm[Caution: Executable File] C:\Program Files\LENOVO\HOTKEY\TPHKSVC[Caution: Executable File] C:\Program Files\Lenovo\Client Security Solution\tvttcsd[Caution: Executable File] C:\Program Files\Lenovo\Rescue and Recovery\rrpservice[Caution: Executable File] C:\Windows\Explorer[Caution: Executable File] C:\Program Files\Lenovo\Rescue and Recovery\rrservice[Caution: Executable File] c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched[Caution: Executable File] C:\Program Files\Windows Defender\MSASCui[Caution: Executable File] C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp[Caution: Executable File] C:\Program Files\Synaptics\SynTP\SynTPEnh[Caution: Executable File] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC[Caution: Executable File] C:\Windows\System32\rundll32[Caution: Executable File] C:\Windows\System32\TpShocks[Caution: Executable File] C:\Program Files\ThinkPad\Utilities\EZEJMNAP[Caution: Executable File] C:\Program Files\Analog Devices\Core\smax4pnp[Caution: Executable File] C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService[Caution: Executable File] C:\Windows\System32\igfxtray[Caution: Executable File] C:\Windows\System32\svchost[Caution: Executable File] C:\Windows\system32\SearchIndexer[Caution: Executable File] C:\Windows\System32\hkcmd[Caution: Executable File] C:\Program Files\Common Files\Lenovo\Logger\logmon[Caution: Executable File] C:\Windows\System32\igfxpers[Caution: Executable File] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy[Caution: Executable File] C:\Program Files\Lenovo\AwayTask\AwaySch[Caution: Executable File] C:\Program Files\ThinkVantage\PrdCtr\LPMGR[Caution: Executable File] C:\Windows\system32\DRIVERS\xaudio[Caution: Executable File] C:\Program Files\ThinkVantage\AMSG\Amsg[Caution: Executable File] C:\Program Files\ThinkPad\ConnectUtilities\AcSvc[Caution: Executable File] C:\Program Files\Java\jre1.6.0\bin\jusched[Caution: Executable File] C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc[Caution: Executable File] C:\Program Files\ThinkPad\ConnectUtilities\ACTray[Caution: Executable File] C:\Program Files\Lenovo\HOTKEY\TPONSCR[Caution: Executable File] C:\Windows\system32\taskeng[Caution: Executable File] C:\Windows\system32\taskeng[Caution: Executable File] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon[Caution: Executable File] C:\Program Files\Lenovo\Client Security Solution\cssauth[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: Executable File] C:\Program Files\Windows Sidebar\sidebar[Caution: Executable File] C:\Program Files\Digital Line Detect\DLG[Caution: Executable File] C:\Windows\system32\igfxsrvc[Caution: Executable File] C:\Program Files\Lenovo\Zoom\TpScrex[Caution: Executable File] C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr[Caution: Executable File] C:\Program Files\Synaptics\SynTP\SynTPLpr[Caution: Executable File] C:\Program Files\Lenovo\Client Security Solution\tvtpwm_tray[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: Executable File] C:\Windows\system32\conime[Caution: Executable File] C:\PROGRA~1\Grisoft\AVG7\avgupsvc[Caution: Executable File] C:\PROGRA~1\Grisoft\AVG7\avgrssvc[Caution: Executable File] C:\PROGRA~1\Grisoft\AVG7\avgrssvc[Caution: Executable File] C:\PROGRA~1\Grisoft\AVG7\avgemc[Caution: Executable File] C:\PROGRA~1\Grisoft\AVG7\avgamsvr[Caution: Executable File] C:\Program Files\Grisoft\AVG7\avgcc[Caution: Executable File] C:\Program Files\Internet Explorer\ieuser[Caution: Executable File] C:\Windows\System32\mobsync[Caution: Executable File] C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice[Caution: Executable File] C:\Windows\system32\SearchProtocolHost[Caution: Executable File] C:\Windows\system32\taskeng[Caution: Executable File] C:\Program Files\Internet Explorer\iexplore[Caution: Executable File] C:\Program Files\Diskeeper Corporation\Diskeeper\DfrgNTFS[Caution: Executable File] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon[Caution: Executable File] C:\Windows\system32\SearchFilterHost[Caution: Executable File] C:\Program Files\Trend Micro\HijackThis\HijackThis[Caution: Executable File] C:\Windows\system32\wbem\wmiprvse[Caution: Executable File] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.live.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui[Caution: Executable File] -hide O4 - HKLM\..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP[Caution: Executable File] /r O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh[Caution: Executable File] O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC[Caution: Executable File] O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor O4 - HKLM\..\Run: rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BTVLogEx.DLL,StartBattLog O4 - HKLM\..\Run: [TpShocks] TpShocks[Caution: Executable File] O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp[Caution: Executable File] O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp[Caution: Executable File] O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray[Caution: Executable File] O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd[Caution: Executable File] O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers[Caution: Executable File] O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy[Caution: Executable File] O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon[Caution: Executable File]" O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch[Caution: Executable File] O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR[Caution: Executable File] O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg[Caution: Executable File] /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched[Caution: Executable File]" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc[Caution: Executable File]" O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray[Caution: Executable File] O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon[Caution: Executable File] O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth[Caution: Executable File]" silent O4 - HKLM\..\Run: [LenovoOobeOffers] c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers[Caution: Executable File] /filePath="c:\swshare\firstrun.txt" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: Executable File]" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc[Caution: Executable File]" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc[Caution: Executable File] /STARTUP O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar[Caution: Executable File] /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32[Caution: Executable File] oobefldr.dll,ShowWelcomeCenter O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar[Caution: Executable File] /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32[Caution: Executable File] oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw[Caution: Executable File] /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar[Caution: Executable File] /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw[Caution: Executable File] /RUNONCE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw[Caution: Executable File] /RUNONCE (User 'Default user') O4 - Startup: Lenovo Registration.lnk = C:\Program Files\Lenovo Registration\Lenovo[Caution: Executable File] O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl[Caution: Executable File] O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync[Caution: Executable File] O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG[Caution: Executable File] O8 - Extra context menu item: &Windows Live Search - res://c:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O13 - Gopher Prefix: O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice[Caution: Executable File] O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc[Caution: Executable File] O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc[Caution: Executable File] O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV[Caution: Executable File] O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc[Caution: Executable File] O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr[Caution: Executable File] O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc[Caution: Executable File] O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc[Caution: Executable File] O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc[Caution: Executable File] O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst[Caution: Executable File] O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst[Caution: Executable File] O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst[Caution: Executable File] O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost[Caution: Executable File] O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService[Caution: Executable File] O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService[Caution: Executable File] O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc[Caution: Executable File] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT[Caution: Executable File] O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\Windows\system32\IPSSVC[Caution: Executable File] O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc[Caution: Executable File] O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr[Caution: Executable File] O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1[Caution: Executable File] O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst[Caution: Executable File] O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc[Caution: Executable File] O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9[Caution: Executable File] O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9[Caution: Executable File] O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9[Caution: Executable File] O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr[Caution: Executable File] O23 - Service: System Update (SUService) - - c:\Program Files\Lenovo\System Update\SUService[Caution: Executable File] O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: Executable File] O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32[Caution: Executable File] O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc[Caution: Executable File] O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG[Caution: Executable File] O23 - Service: On Screen Display (TPHKSVC) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKSVC[Caution: Executable File] O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd[Caution: Executable File] O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice[Caution: Executable File] O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice[Caution: Executable File] O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched[Caution: Executable File] O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService[Caution: Executable File] O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio[Caution: Executable File] -- End of file - 15629 bytes Dark Phoenix Clan Site Link to comment Share on other sites More sharing options...
blade995 Posted August 7, 2007 Share Posted August 7, 2007 My god you have the most programs running and starting up I have ever seen. Go to Start>run>type "msconfig" > startup tab. Disable everything you don't need to start up. Things like Abode reader and other crap that you can load on your own when you want to use the program. Again you have 2 anti-viruses running at the same time which are probably conflicting with each other and is giving you less protection. Un-install one of them, it will keep your computer safer and free up resources. I don't see any virus, worm ect. in the log. My guess is that you have low amounts of physical memory and Vista is using the page file and has to increase it to a large number and thats what is taking you disk space. Link to comment Share on other sites More sharing options...
woopidoo2 Posted August 8, 2007 Share Posted August 8, 2007 There is always space that you cant use, the computer just needs it. (Like my iPod, it says 30GB but it has about 27GB empty.) If your virus scanners cant find anything, I doubt you really have a virus. If you really lose space without doing anything for 5 days, there would be a problem indeed. Maybe you loose space from updates? My advice, look at it for a while. Dont download anything, also no updates. [http://woopidoo2.deviantart.com][Tip.it Moderator from Dec 10, 2006 to 03 Sep, 2008] Link to comment Share on other sites More sharing options...
Chris Posted August 9, 2007 Share Posted August 9, 2007 http://www.jason-preston.com/index.php/ ... ows-vista/ ^ Read that ^ It has to do with the volume shadowing that Vista does. It keeps all your data safe in case of a major software breakdown. Virus or whatever. Only problem is, it doesn't know when to stop. Unless you tell it to. Notoriously Trollish. Link to comment Share on other sites More sharing options...
prorathack Posted August 11, 2007 Share Posted August 11, 2007 If you still get any problem, try formating the hard drive(dunno if you did already) if stills,,then sorry to say it, you have a bad sector. which means a new hard drive. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now