Apua kaivattaisiin taas.. Eli kone on nyt parin päivän ajan boottaillut useita kertoja päivässä. Antivirillä en ole saanut konetta tarkastettua, koska kone kaatuu kesken skannauksen. Vikasietotilassa skannaus onnistui. Tässä Hjt-loki + vikasietotilassa ajettu Antivirin raportti: Logfile of HijackThis v1.99.1 Scan saved at 18:46:27, on 6.3.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Ewido\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\VTtrayp.exe C:\WINDOWS\system32\VTTimer.exe C:\Program Files\VIAudioi\SBADeck\ADeck.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1 O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Airboard Manager] C:\Program Files\Netropa\Airboard Manager\TouchMgr.exe O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42" O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{168BF9B8-5614-42AD-8E29-BBA2A8D544FF}: NameServer = 193.210.19.19 193.210.18.18 O17 - HKLM\System\CS1\Services\Tcpip\..\{168BF9B8-5614-42AD-8E29-BBA2A8D544FF}: NameServer = 193.210.19.19 193.210.18.18 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Ewido\AVG Anti-Spyware 7.5\guard.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: Aseman tilannevedos (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing) AntiVir PersonalEdition Classic Report file date: 5. maaliskuuta 2007 20:06 Scanning for 690218 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Alex Computer name: 123-B1232ACD4A2 Version information: BUILD.DAT : 217 12749 Bytes 5.12.2006 17:00:00 AVSCAN.EXE : 7.0.3.5 208936 Bytes 20.1.2007 09:04:04 AVSCAN.DLL : 7.0.3.1 35880 Bytes 5.12.2006 15:00:22 LUKE.DLL : 7.0.3.2 143400 Bytes 31.10.2006 15:07:46 LUKERES.DLL : 7.0.2.0 9256 Bytes 5.12.2006 15:00:22 ANTIVIR0.VDF : 6.35.0.1 7371264 Bytes 31.5.2006 14:30:06 ANTIVIR1.VDF : 6.37.1.151 4303360 Bytes 23.2.2007 10:30:24 ANTIVIR2.VDF : 6.37.1.182 86528 Bytes 1.3.2007 13:12:30 ANTIVIR3.VDF : 6.37.1.197 32256 Bytes 5.3.2007 13:12:31 AVEWIN32.DLL : 7.3.1.38 2322944 Bytes 21.2.2007 19:42:13 AVPREF.DLL : 7.0.2.0 23592 Bytes 3.11.2006 09:53:44 AVREP.DLL : 6.37.1.100 1142824 Bytes 16.2.2007 19:39:53 AVRPBASE.DLL : 7.0.0.0 2162728 Bytes 30.3.2006 07:43:31 AVPACK32.DLL : 7.2.0.5 368680 Bytes 23.10.2006 14:21:31 AVREG.DLL : 7.0.1.2 30760 Bytes 20.1.2007 09:04:04 NETNT.DLL : No Information! RCIMAGE.DLL : 7.0.1.3 2097192 Bytes 8.11.2006 11:26:26 RCTEXT.DLL : 7.0.12.1 77864 Bytes 5.12.2006 15:00:21 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: C:\Program Files\AntiVir PersonalEdition Classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: E:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Expanded search settings.........: 0x00007000 Start of the scan: 5. maaliskuuta 2007 20:06 The scan of running processes will be started Scan process 'avscan.exe' - '1' Modules have been scanned Scan process 'avcenter.exe' - '1' Modules have been scanned Scan process 'explorer.exe' - '1' Modules have been scanned Scan process 'userinit.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'svchost.exe' - '1' Modules have been scanned Scan process 'lsass.exe' - '1' Modules have been scanned Scan process 'services.exe' - '1' Modules have been scanned Scan process 'winlogon.exe' - '1' Modules have been scanned Scan process 'csrss.exe' - '1' Modules have been scanned Scan process 'smss.exe' - '1' Modules have been scanned 12 processes with 12 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Boot sector 'F:\' [NOTE] No virus was found! Boot sector 'A:\' [NOTE] In the drive 'A:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( 23 files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\vdmredir.dll [WARNING] The file could not be opened! C:\WINDOWS\system32\vssvc.exe [WARNING] The file could not be opened! C:\WINDOWS\system32\wbem\wbemperf.dll [WARNING] The file could not be opened! Begin scan in 'D:\' Begin scan in 'F:\' Begin scan in 'A:\' The path A:\ could not be found! Laite ei ole valmiina. Begin scan in 'E:\' The path E:\ could not be found! Laite ei ole valmiina. End of the scan: 5. maaliskuuta 2007 20:26 Used time: 20:23 min The scan has been done completely. 4634 Scanning directories 183681 Files were scanned 0 viruses and/or unwanted programs were found 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 4 Files cannot be scanned 183681 Files not concerned 2726 Archives were scanned 4 Warnings 14 Notes
En oo ollenkaan varma, mutta kun en ole niin taitava näiden koneiden kanssa, että osaisin lähteä itse sen tarkemmin selvittämään..
