Kasavuori Hjt loki +antivir

Logfile of HijackThis v1.99.1
Scan saved at 20:10:47, on 24.2.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Video Access ActiveX Object\isamntr.exe
C:\Program Files\Video Access ActiveX Object\pmsnrr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\SpyDawn\SpyDawn.exe
C:\Program Files\WinAntiVirus Pro 2007\WinAV.exe
C:\Program Files\Common Files\WinAntiVirus Pro 2007\mav_startupmon.exe
C:\Program Files\Common Files\WinAntiVirus Pro 2007\uwa7pcw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Video Access ActiveX Object\pmmnt.exe
C:\Program Files\Video Access ActiveX Object\isamini.exe
C:\Program Files\WinAntiVirus Pro 2007\NtFt.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\PestCapture\PestCapture.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\Video Access ActiveX Object\isamini.exe
C:\Program Files\Video Access ActiveX Object\isamini.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files\VirusBlasters\VirusBlasters.exe
C:\Program Files\Video Access ActiveX Object\isamini.exe
C:\HJT\Pommi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: IEExtension Class - {1F6FE2C2-6040-4645-9053-7F689AFFE176} - C:\Program Files\VirusBlasters\BlastIEmonitor.dll
O2 - BHO: CIEIntegrator Object - {22750ADC-C90F-43C4-9B72-0F9E60CB5119} - C:\Program Files\WinAntiVirus Pro 2007\winavpgi.dll
O2 - BHO: IEFW Object - {67121D62-2C97-4EF0-83EA-2DC643D50B01} - C:\Program Files\WinAntiVirus Pro 2007\fwbho.dll
O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - C:\Program Files\Video Access ActiveX Object\isadd.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video Access ActiveX Object\iesplugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SpyDawn] C:\Program Files\SpyDawn\SpyDawn.exe /h
O4 - HKLM\..\Run: [WinAntiVirus Pro 2007] "C:\Program Files\WinAntiVirus Pro 2007\WinAV.exe" /min
O4 - HKLM\..\Run: [MAV_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\mav_startupmon.exe"
O4 - HKLM\..\Run: [uwa7pcw] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\uwa7pcw.exe" -c
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NI.UERSJ_0001_N86M0707] "C:\WINDOWS\Downloaded Program Files\UERSJ_0001_N86M0707NetInstaller.exe" -nag
O4 - HKLM\..\Run: [VirusBlasters] C:\Program Files\VirusBlasters\VirusBlasters.exe /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinAntiVirusPro2007] C:\Program Files\WinAntiVirus Pro 2007\winav.exe /min
O4 - HKCU\..\Run: [PestCapture] C:\Program Files\PestCapture\PestCapture.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Firewall service (NtTf) - Unknown owner - C:\Program Files\WinAntiVirus Pro 2007\NtFt.exe


End of the scan: 24. helmikuuta 2007 19:49
Used time: 1:17:00 min

The scan has been done completely.

1362 Scanning directories
52697 Files were scanned
6 viruses and/or unwanted programs were found
0 files were deleted
0 files were repaired
5 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
52691 Files not concerned
415 Archives were scanned
2 Warnings
0 Notes

Hoitaako Tämä --->
http://www.iobit.com/AdvancedWindowsCarePersonal/download.htm
Lokin kuntoon

sammutan ja käynnistän vielä voi olla että errori iskee

ajon jälkeen
Logfile of HijackThis v1.99.1
Scan saved at 20:30:52, on 24.2.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Video Access ActiveX Object\isamntr.exe
C:\Program Files\Video Access ActiveX Object\pmsnrr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\SpyDawn\SpyDawn.exe
C:\Program Files\Common Files\WinAntiVirus Pro 2007\mav_startupmon.exe
C:\Program Files\Common Files\WinAntiVirus Pro 2007\uwa7pcw.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Video Access ActiveX Object\pmmnt.exe
C:\WINDOWS\Downloaded Program Files\UERSJ_0001_N86M0707NetInstaller.exe
C:\Program Files\VirusBlasters\VirusBlasters.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Video Access ActiveX Object\isamini.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinAntiVirus Pro 2007\winav.exe
C:\Program Files\PestCapture\PestCapture.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\IObit\Advanced WindowsCare V2\Awc.exe
C:\Program Files\WinAntiVirus Pro 2007\NtFt.exe
C:\Program Files\Video Access ActiveX Object\isamini.exe
C:\HJT\Pommi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {1F6FE2C2-6040-4645-9053-7F689AFFE176} - (no file)
O2 - BHO: CIEIntegrator Object - {22750ADC-C90F-43C4-9B72-0F9E60CB5119} - C:\Program Files\WinAntiVirus Pro 2007\winavpgi.dll
O2 - BHO: IEFW Object - {67121D62-2C97-4EF0-83EA-2DC643D50B01} - C:\Program Files\WinAntiVirus Pro 2007\fwbho.dll
O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - C:\Program Files\Video Access ActiveX Object\isadd.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video Access ActiveX Object\iesplugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SpyDawn] C:\Program Files\SpyDawn\SpyDawn.exe /h
O4 - HKLM\..\Run: [WinAntiVirus Pro 2007] "C:\Program Files\WinAntiVirus Pro 2007\WinAV.exe" /min
O4 - HKLM\..\Run: [MAV_check] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\mav_startupmon.exe"
O4 - HKLM\..\Run: [uwa7pcw] "C:\Program Files\Common Files\WinAntiVirus Pro 2007\uwa7pcw.exe" -c
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NI.UERSJ_0001_N86M0707] "C:\WINDOWS\Downloaded Program Files\UERSJ_0001_N86M0707NetInstaller.exe" -nag
O4 - HKLM\..\Run: [VirusBlasters] C:\Program Files\VirusBlasters\VirusBlasters.exe /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [WinAntiVirusPro2007] C:\Program Files\WinAntiVirus Pro 2007\winav.exe /min
O4 - HKCU\..\Run: [PestCapture] C:\Program Files\PestCapture\PestCapture.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - C:\WINDOWS\system32\higehsg.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Firewall service (NtTf) - Unknown owner - C:\Program Files\WinAntiVirus Pro 2007\NtFt.exe

vieläkin huutelee system arlet

 

Fixaatkos taas omaa lokias täällä? :?

 

Hujo, hujo, hujo...


Fixailet täällä toisten ihmisten lokeja, mutta silti toivot, että joku tarkistaisi sun lokin? Tämä vähän vaikuttaa siltä, vai olenko väärässä?

Teit jo kerran ennekin näin ja sait siitä bannia. Etkö oppinu siitä mitään? Nyt niitä sääntöjä lukemaan! Sääntöjen linkki on minun sigussa, eli sieltä klikkaa sitä ja lue ne ajatuksella. Moderaattoriin vois ottaa yhteyttä, turhista postauksista.

 

@Kasavuori
http://www.iobit.com/AdvancedWindowsCarePersonal/download.htm
eipä tuo hyvältä tunnu.

 

Enpä tienyt, että olit avanut uuden ketjun.

Kun AWC:llä ajat skannauksen, niin Startup Scan kohdalta mene Detaileihin.
Tutki, miten ohjelma on määritellyt käynnistyvät ohjelmat: -Onko joukossa "Unknown"?
Jos on, niin napsauta hiiren oikeanpuoleista näppäintä ja valitse Online Search.
Lopuksi anna ohjelman suorittaa korjaus.

Jos tämäkään ei auta, ja mikäli konettasi vielä voidaan käyttää testipenkkinä, niin tässä linkki kaupalliselle sivustolle. Sieltä löytyy ohjelma, jonka "pitäisi" auttaa. (Ohjelma on ilmainen)

http://www.norman.com/Virus/Virus_removal_tools/24789/