Logfile of HijackThis v1.99.1
Scan saved at 11:32:13, on 27.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\FixBlast.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GammaSutra] C:\Program Files\GammaSutra\GammaSutra.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FireDaemon Service: ecure (ecure) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Onkohan vikaa?
48
3298
Vastaukset
- Pois Fix
koneelta kun siellä on vielä tuo Microsoft AntiSpyware siten koneella on vielä tuo avg
Poista se evido lisää/poista sovelutuksen kautta.- katariina.
on sellainen, että kone on ruvennut sammuilemaan itsekseen, ja käynnistäminen on tosi vaikeaa
ei käynnisty, piippaa vain... olen avannut koneen pari kertaa ja varovasti kokeillut että kaapelit on kunnolla kiinni, sitten käynnistyy ihan normaalisti
voiko tuo ewido kuitenkaan aiheuttaa tällaista? ja mikä ihme on tuo bonjour-juttu? - katariina.
sen ewidon, nyt näyttää tältä:
Logfile of HijackThis v1.99.1
Scan saved at 13:00:37, on 27.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GammaSutra] C:\Program Files\GammaSutra\GammaSutra.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FireDaemon Service: ecure (ecure) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe - Fixaaja
Ewidon guard toimii vaan 14 päivää(ja sen voi ottaa siksi aikaa pois päältä) ja ewido löytää paljon paremmin örkkejä kuin M$ Antispyware tai AVG.
- katariina.
Fixaaja kirjoitti:
Ewidon guard toimii vaan 14 päivää(ja sen voi ottaa siksi aikaa pois päältä) ja ewido löytää paljon paremmin örkkejä kuin M$ Antispyware tai AVG.
Minä ehdin sen jo poistaa! Omastakin mielestä se löysi enemmän örkkejä kuin microsoftin oma... Noh, meni jo. Onko tuossa muuten mitään vikaa, kun kuitenkin edellä kuvailemani ongelma on olemassa, vai onko koneessa joku tekninen vika?
Eli ei tahdo käynnistyä, piippaa vain.. Sammuu joskus itsekseen. - Fixaaja
katariina. kirjoitti:
on sellainen, että kone on ruvennut sammuilemaan itsekseen, ja käynnistäminen on tosi vaikeaa
ei käynnisty, piippaa vain... olen avannut koneen pari kertaa ja varovasti kokeillut että kaapelit on kunnolla kiinni, sitten käynnistyy ihan normaalisti
voiko tuo ewido kuitenkaan aiheuttaa tällaista? ja mikä ihme on tuo bonjour-juttu?Ewido ei aiheuta tuota ja bonjour on ihan ok, liittyy esim. iPodiin, ym. applen tuotteisiin.
- katariina.
Fixaaja kirjoitti:
Ewido ei aiheuta tuota ja bonjour on ihan ok, liittyy esim. iPodiin, ym. applen tuotteisiin.
mikähän tuon ongelman sitten aiheuttaisi...
Kone on sempron 3000 , muistaakseni alle vuoden vanha. Onkohan emolevyssä tai muussa vikaa? - Fixaaja
katariina. kirjoitti:
Minä ehdin sen jo poistaa! Omastakin mielestä se löysi enemmän örkkejä kuin microsoftin oma... Noh, meni jo. Onko tuossa muuten mitään vikaa, kun kuitenkin edellä kuvailemani ongelma on olemassa, vai onko koneessa joku tekninen vika?
Eli ei tahdo käynnistyä, piippaa vain.. Sammuu joskus itsekseen.Sen saat halutessasi täältä takaisin -> http://www.ewido.net/en/download Epäilen kyllä teknistä vikaa, mutta voit ajaa vielä halutessasi eScanin -> http://koti.mbnet.fi/pattaya1/escanmwav. Asennus- ja päivitysohjeet ym. on sivulla. Lähetä sitten "örkkitulokset" tänne (ohje sivulla, alin kuva ja sen yläpuolella oleva teksti).
- katariina.
Fixaaja kirjoitti:
Sen saat halutessasi täältä takaisin -> http://www.ewido.net/en/download Epäilen kyllä teknistä vikaa, mutta voit ajaa vielä halutessasi eScanin -> http://koti.mbnet.fi/pattaya1/escanmwav. Asennus- ja päivitysohjeet ym. on sivulla. Lähetä sitten "örkkitulokset" tänne (ohje sivulla, alin kuva ja sen yläpuolella oleva teksti).
escanilla, yksi troijalainen löytyi jonka ohjelma poisti
- Pois fis
Fixaaja kirjoitti:
Sen saat halutessasi täältä takaisin -> http://www.ewido.net/en/download Epäilen kyllä teknistä vikaa, mutta voit ajaa vielä halutessasi eScanin -> http://koti.mbnet.fi/pattaya1/escanmwav. Asennus- ja päivitysohjeet ym. on sivulla. Lähetä sitten "örkkitulokset" tänne (ohje sivulla, alin kuva ja sen yläpuolella oleva teksti).
Sitten vielä muutama palomuuri kerio zone ja ne päälekäin jeeee.
- Fixaaja
Pois fis kirjoitti:
Sitten vielä muutama palomuuri kerio zone ja ne päälekäin jeeee.
Tällä hetkellä koneella on AntiVir, eScan, ewido, M$ AntiSpyware, Ad-aware, Spybot ja muurina Sygate eikä yhtään töki. Homman nimi on se, että YKSI muistinvarainen virustentorjuntaohjelma (esim. AntiVir), YKSI muistinvarainen spywarentorjuntaohjelma (esim. M$ AntiSpyware) ja YKSI palomuuri, niin muita virustentorjuntaohjelmia ja spywarentorjuntaohjelmia voi olla vaikka e^(40) kpl, eikä kone siitä hitaammaksi muutu.
- Pois Fix
Fixaaja kirjoitti:
Tällä hetkellä koneella on AntiVir, eScan, ewido, M$ AntiSpyware, Ad-aware, Spybot ja muurina Sygate eikä yhtään töki. Homman nimi on se, että YKSI muistinvarainen virustentorjuntaohjelma (esim. AntiVir), YKSI muistinvarainen spywarentorjuntaohjelma (esim. M$ AntiSpyware) ja YKSI palomuuri, niin muita virustentorjuntaohjelmia ja spywarentorjuntaohjelmia voi olla vaikka e^(40) kpl, eikä kone siitä hitaammaksi muutu.
teehän sie niin. Romuu koneelle vain tuohon tarvis vielä F-securen ... nortonin... padan ---
- katariina.
Pois Fix kirjoitti:
teehän sie niin. Romuu koneelle vain tuohon tarvis vielä F-securen ... nortonin... padan ---
lopetetaan tämä keskustelu tähän, jos ei kellään ole mitään sanoa itse ongelmaani!?
se ei 36-vuotias kotiäiti jaksa hiekkalaatikkoleikkejä tietokoneellaKIN istuessa - täällä
Pois Fix kirjoitti:
teehän sie niin. Romuu koneelle vain tuohon tarvis vielä F-securen ... nortonin... padan ---
pitäis antaa neuvoja eikä vain soittaa suutaan toisille ? Sitäpaitsi toihan oli ihan asiallista ja paikkansapitävää tekstiä !
- Fixaaja
katariina. kirjoitti:
lopetetaan tämä keskustelu tähän, jos ei kellään ole mitään sanoa itse ongelmaani!?
se ei 36-vuotias kotiäiti jaksa hiekkalaatikkoleikkejä tietokoneellaKIN istuessaLaita hijackthisin kautta startuplist, sen saa open misc tools -> generate startuplist ja niihin kahteen pieneen ruutuun rastit. Lisäksi uninstall-lista: open misc tools -> open uninstall manager -> save list... -> tallenna. Lähetä kummatkin listat tänne.
- katariina.
Fixaaja kirjoitti:
Laita hijackthisin kautta startuplist, sen saa open misc tools -> generate startuplist ja niihin kahteen pieneen ruutuun rastit. Lisäksi uninstall-lista: open misc tools -> open uninstall manager -> save list... -> tallenna. Lähetä kummatkin listat tänne.
tässä nämä, kiitos kun autat:
StartupList report, 28.10.2005, 11:40:13
StartupList version: 1.52.2
Started from : C:\HJT\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\HP_Omistaja\Käynnistä-valikko\Ohjelmat\Käynnistys]
*No files*
Shell folders AltStartup:
*Folder not found*
User shell folders Startup:
*Folder not found*
User shell folders AltStartup:
*Folder not found*
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys]
HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
Shell folders Common AltStartup:
*Folder not found*
User shell folders Common Startup:
*Folder not found*
User shell folders Alternate Common Startup:
*Folder not found*
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*
[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
hpsysdrv = c:\windows\system\hpsysdrv.exe
Recguard = C:\WINDOWS\SMINST\RECGUARD.EXE
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /installquiet /keeploaded /nodetect
SiS Windows KeyHook = C:\WINDOWS\System32\keyhook.exe
PS2 = C:\WINDOWS\system32\ps2.exe
HPDJ Taskbar Utility = C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
AVG7_CC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
AVG7_EMC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Zone Labs Client = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
RemoteControl = "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
GammaSutra = C:\Program Files\GammaSutra\GammaSutra.exe
gcasServ = "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe"
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
Creative WebCam Tray = C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Acme.PCHButton = C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
Ashampoo PopUpBlocker = C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
NBJ = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
RSD_HDDThermo = C:\Program Files\HDD Thermometer\HDD Thermometer.exe
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
*No values found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command
(Default) = "%1" /S
--------------------------------------------------
File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command
(Default) = C:\WINDOWS\System32\mshta.exe "%1" %*
--------------------------------------------------
File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command
(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1
--------------------------------------------------
Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)
[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP
[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll
[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe
[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install
[{8b15971b-5355-4c82-8c07-7e181ea07608}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
--------------------------------------------------
Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps
*Registry key not found*
--------------------------------------------------
Load/Run keys from C:\WINDOWS\WIN.INI:
load=*INI section not found*
run=*INI section not found*
Load/Run keys from Registry:
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=wbsys.dll
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\ssmypics.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Checking for EXPLORER.EXE instances:
C:\WINDOWS\Explorer.exe: PRESENT!
C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present
--------------------------------------------------
Checking for superhidden extensions:
.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden
--------------------------------------------------
Verifying REGEDIT.EXE integrity:
- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Regedit.exe has no CompanyName property! It is either missing or named something else.
- Regedit.exe has no OriginalFilename property! It is either missing or named something else.
- Regedit.exe has no FileDescription property! It is either missing or named something else.
Registry check failed!
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll - {49E0E0F0-5C30-11D4-945D-000000000003}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll - {9394EDE7-C8B5-483E-8773-474BF36AF6E4}
(no name) - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
--------------------------------------------------
Enumerating Task Scheduler jobs:
*No jobs found*
--------------------------------------------------
Enumerating Download Program Files:
[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL
CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204
[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
[Java Plug-in 1.4.2_03]
InProcServer32 = C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
[Java Plug-in 1.5.0_01]
InProcServer32 = C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
[Java Plug-in 1.5.0_02]
InProcServer32 = C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
NameSpace #4: C:\Program Files\Bonjour\mdnsNSP.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
--------------------------------------------------
Enumerating Windows NT/2000/XP services
Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD Networking Support -ympäristö: \SystemRoot\System32\drivers\afd.sys (system)
Service for WDM 3D Audio Driver: system32\drivers\ALCXSENS.SYS (manual start)
Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start)
Hälytys: %SystemRoot%\System32\svchost.exe -k LocalService (disabled)
Sovelluskerroksen yhdyskäytäväpalvelu: %SystemRoot%\System32\alg.exe (manual start)
AMD K7 Processor Driver: System32\DRIVERS\amdk7.sys (system)
Sovellusten hallinta: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
1394 ARP -asiakasprotokolla: System32\DRIVERS\arp1394.sys (manual start)
Aspi32: System32\drivers\aspi32.sys (autostart)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start)
RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
Standardi IDE/ESDI-kiintolevyohjain: System32\DRIVERS\atapi.sys (system)
ATM ARP Client -protokolla: System32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
AVG7 Alert Manager Server: C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (autostart)
AVG7 Kernel: \SystemRoot\System32\Drivers\avg7core.sys (system)
AVG7 Wrap Driver: \SystemRoot\System32\Drivers\avg7rsw.sys (system)
AVG7 Rezident Driver: \SystemRoot\System32\Drivers\avg7rsxp.sys (system)
AVG7 Update Service: C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (autostart)
AVG Network Redirector: \??\C:\WINDOWS\System32\Drivers\avgtdi.sys (autostart)
BITS-tausta-ajo (Background Intelligent Transfer Service): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Bonjour-palvelu: "C:\Program Files\Bonjour\mDNSResponder.exe" (autostart)
Tietokoneiden selaus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Closed Caption Decoder: System32\DRIVERS\CCDECODE.sys (manual start)
CD-ROM-ohjain: System32\DRIVERS\cdrom.sys (system)
Indeksointipalvelu: %SystemRoot%\system32\cisvc.exe (manual start)
Leikekirja: %SystemRoot%\system32\clipsrv.exe (disabled)
COM -järjestelmäsovellus: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Salauspalvelut: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
d347bus: system32\DRIVERS\d347bus.sys (system)
d347prt: System32\Drivers\d347prt.sys (system)
DCOM-palvelinprosessin käynnistys: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP-asiakas: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Levyohjain: System32\DRIVERS\disk.sys (system)
Loogisen levyn hallinnan valvontapalvelu: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
dmio: System32\drivers\dmio.sys (disabled)
dmload: System32\drivers\dmload.sys (disabled)
Loogisen levyn hallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS-asiakas: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
FireDaemon Service: ecure: C:\WINDOWS\Temp\FireDaemon.EXE (autostart)
3Com EtherLink XL 90XB/C Adapter Driver: System32\DRIVERS\el90xbc5.sys (manual start)
Virheraportointipalvelut: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Tapahtumaloki: %SystemRoot%\system32\services.exe (autostart)
COM -tapahtumajärjestelmä: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
Nopean käyttäjän vaihdon yhteensopivuus: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Fax: %systemroot%\system32\fxssvc.exe (manual start)
Levykeaseman ohjain: System32\DRIVERS\fdc.sys (manual start)
VIA Rhine Family Fast Ethernet Adapter Driver Service: System32\DRIVERS\fetnd5b.sys (manual start)
Levykeasemaohjain: System32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\drivers\fltmgr.sys (system)
Volume Manager -ohjain: System32\DRIVERS\ftdisk.sys (system)
GEAR CDRom Filter: SYSTEM32\DRIVERS\GEARAspiWDM.sys (manual start)
Yleinen paketinmääritys: System32\DRIVERS\msgpc.sys (manual start)
Ohjeet ja tuotetuki: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID (Human Interface Device) -liittymä: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Microsoft HID -luokkaohjain: System32\DRIVERS\hidusb.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i8042-näppäimistö ja PS/2-hiiriohjain: System32\DRIVERS\i8042prt.sys (system)
ialm: System32\DRIVERS\ialmnt5.sys (manual start)
InstallDriver Table Manager: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start)
CD-Burning Filter Driver: System32\DRIVERS\imapi.sys (system)
CD-levyjen kirjoittamisen IMAPI COM -palvelu: C:\WINDOWS\System32\imapi.exe (manual start)
IntelIde: \SystemRoot\System32\DRIVERS\intelide.sys (disabled)
Windowsin IPv6-palomuurin ohjain: system32\drivers\ip6fw.sys (manual start)
IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
iPodService: C:\Program Files\iPod\bin\iPodService.exe (manual start)
IPSEC-ohjain: System32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA -väyläohjain: System32\DRIVERS\isapnp.sys (system)
IVI ASPI Shell: system32\drivers\iviaspi.sys (manual start)
Näppäimistön luokkaohjain: System32\DRIVERS\kbdclass.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Palvelin: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Työasema: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Machine Debug Manager: "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe" (autostart)
Viestinvälitys: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
NetMeeting etätyöpöydän jakaminen: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
Hiiren luokkaohjain: System32\DRIVERS\mouclass.sys (system)
WebDav Client Redirector: System32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service -välityspalvelin: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft-järjestelmänhallinnan BIOS-ohjain: System32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink -muunnin: system32\drivers\MSTEE.sys (manual start)
NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O -protokolla: System32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
NetBIOS-käyttöliittymä: System32\DRIVERS\netbios.sys (system)
NetBT: System32\DRIVERS\netbt.sys (system)
Verkon DDE: %SystemRoot%\system32\netdde.exe (disabled)
Verkon DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
Verkkokirjautuminen: %SystemRoot%\System32\lsass.exe (manual start)
Verkkoyhteydet: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Net MD: System32\Drivers\NETMDUSB.sys (manual start)
RCA USB Digital Cable Modem Driver: System32\DRIVERS\netrcacm.sys (manual start)
1394-verkko-ohjain: System32\DRIVERS\nic1394.sys (manual start)
NLA-nimiavaruus (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
NT LM -suojaustuen toimittaja: %SystemRoot%\System32\lsass.exe (manual start)
Siirrettävät tallennusvälineet: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
nv: System32\DRIVERS\nv4_mini.sys (manual start)
NVIDIA Display Driver Service: %SystemRoot%\System32\nvsvc32.exe (autostart)
IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
VIA OHCI Compliant IEEE 1394 Host Controller: System32\DRIVERS\ohci1394.sys (system)
Rinnakkaisporttiohjain: System32\DRIVERS\parport.sys (manual start)
PCI Bus Driver: System32\DRIVERS\pci.sys (system)
PCIIde: System32\DRIVERS\pciide.sys (system)
Padus ASPI Shell: system32\drivers\pfc.sys (manual start)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC-palvelut: %SystemRoot%\System32\lsass.exe (autostart)
WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
Processor Driver: System32\DRIVERS\processr.sys (system)
Suojattu tallennuspaikka: %SystemRoot%\system32\lsass.exe (autostart)
PS2: System32\DRIVERS\PS2.sys (manual start)
QoS-paketinajoitus: System32\DRIVERS\psched.sys (manual start)
Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
PxHelp20: System32\Drivers\PxHelp20.sys (system)
Remote Access Auto Connection -ohjain: System32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection -hallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
Etäkäytön (RAS) yhteyksienhallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: System32\DRIVERS\raspppoe.sys (manual start)
Suora rinnakkainen: System32\DRIVERS\raspti.sys (manual start)
Rdbss: System32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Etätyöpöydän ohjeen istunnonhallinta: C:\WINDOWS\system32\sessmgr.exe (manual start)
Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
Reititys ja etäkäyttö: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Etäproseduurikutsujen (RPC) paikannin: %SystemRoot%\System32\locator.exe (manual start)
Etäproseduurikutsu (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
VSC Engine: \??\C:\Program Files\Cakewalk\Shared Dxi\Roland\RVIEg01.sys (autostart)
Käyttöoikeustilien hallinta: %SystemRoot%\system32\lsass.exe (autostart)
Sandra Data Service: C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe (manual start)
Sandra Service: C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe (manual start)
Älykortti: %SystemRoot%\System32\SCardSvr.exe (manual start)
Tehtävien ajoitus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (manual start)
Toissijainen kirjautuminen: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Järjestelmätapahtuman ilmoitus: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter -ohjain: System32\DRIVERS\serenum.sys (manual start)
Sarjaporttiohjain: System32\DRIVERS\serial.sys (system)
Windowsin palomuuri / Internet-yhteyden jakaminen (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Käyttöliittymän laitteistotunnistus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SiS315: System32\DRIVERS\sisgrp.sys (manual start)
SiS AGP Filter: System32\DRIVERS\SISAGPX.sys (system)
SiSkp: System32\DRIVERS\srvkp.sys (system)
BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Taustatulostusohjain: %SystemRoot%\system32\spoolsv.exe (autostart)
Sony SPTI Service: C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (manual start)
Järjestelmän palautussuodatin -ohjain: System32\DRIVERS\sr.sys (system)
Järjestelmän palauttaminen -palvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Srv: System32\DRIVERS\srv.sys (manual start)
SSDP-palvelu (Simple Service Discovery Protocol): %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
WIA (Windows Image Acquisition): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
FireDaemon Service: svchost1: C:\WINDOWS\Temp\FireDaemon.EXE (autostart)
Ohjelmistoväyläohjain: System32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{71FC5CE2-4757-4D9E-931D-22F24F6BD533} (manual start)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Resurssilokit ja -hälytykset: %SystemRoot%\system32\smlogsvc.exe (manual start)
FireDaemon Service: system: C:\WINDOWS\Temp\FireDaemon.EXE (autostart)
Puhelin: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP-protokollaohjain: System32\DRIVERS\tcpip.sys (system)
Päätelaiteohjain: System32\DRIVERS\termdd.sys (system)
Päätepalvelut: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Teemat: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Tiedostolinkkijäljityksen asiakas: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
Microcode Update -ohjain: System32\DRIVERS\update.sys (manual start)
Universal Plug & Play -laiteisäntä: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
UPS: %SystemRoot%\System32\ups.exe (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: System32\DRIVERS\usbehci.sys (manual start)
USB2 Enabled Hub: System32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: System32\DRIVERS\usbohci.sys (manual start)
Microsoft USB PRINTER -luokka: System32\DRIVERS\usbprint.sys (manual start)
USB-massamuistiohjain: System32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: System32\DRIVERS\usbuhci.sys (manual start)
Creative WebCam Vista Plus: system32\DRIVERS\V0090Vid.sys (manual start)
VGA-näytönohjain: \SystemRoot\System32\drivers\vga.sys (system)
VIA AGP Filter: System32\DRIVERS\viaagp1.sys (system)
viagfx: System32\DRIVERS\vtmini.sys (manual start)
ViaIde: System32\DRIVERS\viaide.sys (system)
vsdatant: System32\vsdatant.sys (system)
TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart)
Aseman tilannevedos: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
WMI-palvelu (Windows Management Instrumentation): %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Kannettavan mediasoittimen sarjanumeropalvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI resurssisovitin: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
Windows Socket 2.0:n tukiympäristö ei-IFS-järjestelmiä varten: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled)
Tietoturvakeskus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
Automaattiset päivitykset: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Verkon käyttöönottopalvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
--------------------------------------------------
End of report, 36 408 bytes
Report generated in 0,172 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
ja toinen:
Ad-Aware SE Personal
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat and Reader 6.0.3 Update
Adobe Reader 6.0.1 - Suomi
ALLOUT v1.4
Amazing Mahjongg 3D
APSW Instant Convertor
Ashampoo Movie Shrink & Burn 2
Ashampoo UnInstaller Platinum Suite
Ashampoo WinOptimizer 2004
a-squared Free 1.6
AudioEdit Deluxe
AVG Free Edition
AVI to VCD/DVD 4.02
Band-in-a-Box 2005
Band-in-a-Box Demo
Blaze Audio RipEditBurn 2
Blaze Audio Sound Effects Set 1
Blue Lotus Flower
Blue Poppies
Cakewalk Home Studio 2002
CCleaner (remove only)
CDBurnerXP Pro 3
CDRWIN
Clipart 1.0
Copernic Desktop Search
Creative WebCam Center
Creative WebCam Vista Plus Driver (1.02.02.0414)
Creative WebCam Vista Plus User's Guide (English)
Cucusoft MPEG/AVI to DVD/VCD/SVCD/MPEG Converter Pro 5.12
DAEMON Tools
Dan! Da! Dan 1.0
dBpowerAMP Music Converter
DivX ;-) Audio Compressor 4.02
DivX Player
Dolet Light for Finale 2005
Down2Home
Dr.DivX
DreamStation DXi
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDPean Pro 3.5.1
dvdSanta 4.00
EasyCleaner
Eraser
EVEREST Home Edition v2.00
Filzip 3.02
Finale 2005
Finale Performance Assessment
GammaSutra 1.0
Get Yahoo! Messenger
Google Earth
Gravity Gems V1.0.0.1
HDD Thermometer
Help and Support Additions
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
hp deskjet 656c series (Vain poisto)
HP Deskjet Preloaded Printer Drivers
HP Image Zone 4.2
HP Image Zone Plus 4.2
HP Photo & Imaging 3.5 - HP Devices
HP Software Update
HPIZ402
Iconoid Version 3.4.0
Image Resizer Powertoy for Windows XP
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
IsoBuster 1.6
iTunes
J2SE Runtime Environment 5.0 Update 1
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 4
Java 2 Runtime Environment, SE v1.4.2_03
jv16 PowerTools 1.3
Kyodai
LiveReg (Symantec Corporation)
LiveUpdate 2.5 (Symantec Corporation)
Logic Fun 4.8
Lumines 1.0
Macromedia Shockwave Player
Mah Jong Quest
Mahjong Towers II
MahJong v1.1
Mario Forever v 2.16 !
MatchItMaster
MemTest 3.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Finnish Language Pack
Microsoft AntiSpyware
Microsoft Data Access Components KB870669
Microsoft Office PowerPoint Viewer 2003
Microsoft Word 2002
Microsoft Works 7.0
Mozilla Firefox (1.0.7)
Mozilla Thunderbird (1.0)
MSN Messenger 7.5
MSN Työkalupalkki
Music MasterWorks
MyVoice ActiveX
MyVoice Lite
Net2Phone
Nokia Monitor Test 1.0
Norton Personal Firewall
NVIDIA Drivers
OpenMG Jukebox
OpenMG Secure Module 3.0.03
Opera
Pacman Worlds 1.0
PC Inspector File Recovery
PC On Off Time 1.0
PG Music DirectX Plugins 1.3.3.1
PowerDVD
PS2
PySol version 4.60
Python 2.2 combined Win32 extensions
Python 2.2.1
Päivitys Windows XP:lle (KB894391)
Päivitys Windows XP:lle (KB896727)
Päivitys Windows XP:lle (KB898461)
QuickTime
RagTime Solo
RealPlayer
Serif PhotoPlus 6.0
Sherlock 2.0
Sibelius v3.0
SiS VGA Utilities
SiSoftware Sandra Lite 2005 (Win64/32/CE)
SlideShow 2
SONAR 4 Producer Edition Demo
Sonic RecordNow!
Sony Net MD Help
Spy Cleaner Gold 9.5 Full Version
Spy Cleaner Gold 9.5 Trial Version
Spybot - Search & Destroy 1.3
SpywareBlaster v3.4
Subtitle Workshop 2.51
Suojauspäivitys Windows XP:lle (KB883939)
Suojauspäivitys Windows XP:lle (KB890046)
Suojauspäivitys Windows XP:lle (KB893756)
Suojauspäivitys Windows XP:lle (KB896358)
Suojauspäivitys Windows XP:lle (KB896422)
Suojauspäivitys Windows XP:lle (KB896423)
Suojauspäivitys Windows XP:lle (KB896428)
Suojauspäivitys Windows XP:lle (KB896688)
Suojauspäivitys Windows XP:lle (KB899587)
Suojauspäivitys Windows XP:lle (KB899588)
Suojauspäivitys Windows XP:lle (KB899591)
Suojauspäivitys Windows XP:lle (KB900725)
Suojauspäivitys Windows XP:lle (KB901017)
Suojauspäivitys Windows XP:lle (KB901214)
Suojauspäivitys Windows XP:lle (KB902400)
Suojauspäivitys Windows XP:lle (KB903235)
Suojauspäivitys Windows XP:lle (KB904706)
Suojauspäivitys Windows XP:lle (KB905414)
Suojauspäivitys Windows XP:lle (KB905749)
Suomalainen talviteema Windows XP -käyttöjärjestelmälle
Super Glinx
Time Adjuster v2.9 (STANDARD)
TMPGEnc Plus 2.5
TransBar
TweakNow RegCleaner
Uninstall Startup Inspector
vanBasco's Karaoke Player
WaveLab Demo
Webshots Desktop
VeloMaster Lite CW
VideoLAN VLC media player 0.8.1
Viewpoint Media Player (Remove Only)
WinAVI VideoConverter
WindowBlinds
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
Virtual Sound Canvas DXi
Visual MP3
VobSub v2.23 (Remove Only)
XnView 1.74
ZoneAlarm - katariina.
täällä kirjoitti:
pitäis antaa neuvoja eikä vain soittaa suutaan toisille ? Sitäpaitsi toihan oli ihan asiallista ja paikkansapitävää tekstiä !
ne on 36-veen kotiäidin hermot vaan välillä ns. säpäleinä ;)
olen vaan ennenkin näiltä suomi24:n sivuilta hakenut tietokoneapua, ja se menee niin herkästi juupas-eipäs -väittelyksi...
kiitos kun autatte! :) - Fixaaja
katariina. kirjoitti:
tässä nämä, kiitos kun autat:
StartupList report, 28.10.2005, 11:40:13
StartupList version: 1.52.2
Started from : C:\HJT\HijackThis.EXE
Detected: Windows XP SP2 (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\HP_Omistaja\Käynnistä-valikko\Ohjelmat\Käynnistys]
*No files*
Shell folders AltStartup:
*Folder not found*
User shell folders Startup:
*Folder not found*
User shell folders AltStartup:
*Folder not found*
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys]
HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
Shell folders Common AltStartup:
*Folder not found*
User shell folders Common Startup:
*Folder not found*
User shell folders Alternate Common Startup:
*Folder not found*
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*
[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
hpsysdrv = c:\windows\system\hpsysdrv.exe
Recguard = C:\WINDOWS\SMINST\RECGUARD.EXE
NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
nwiz = nwiz.exe /installquiet /keeploaded /nodetect
SiS Windows KeyHook = C:\WINDOWS\System32\keyhook.exe
PS2 = C:\WINDOWS\system32\ps2.exe
HPDJ Taskbar Utility = C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
AVG7_CC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
AVG7_EMC = C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Zone Labs Client = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
RemoteControl = "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
GammaSutra = C:\Program Files\GammaSutra\GammaSutra.exe
gcasServ = "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe"
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
Creative WebCam Tray = C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Acme.PCHButton = C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
Ashampoo PopUpBlocker = C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
NBJ = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
RSD_HDDThermo = C:\Program Files\HDD Thermometer\HDD Thermometer.exe
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
*No values found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
--------------------------------------------------
File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command
(Default) = "%1" %*
--------------------------------------------------
File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command
(Default) = "%1" /S
--------------------------------------------------
File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command
(Default) = C:\WINDOWS\System32\mshta.exe "%1" %*
--------------------------------------------------
File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command
(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1
--------------------------------------------------
Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)
[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP
[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll
[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = %SystemRoot%\system32\ie4uinit.exe
[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install
[{8b15971b-5355-4c82-8c07-7e181ea07608}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
--------------------------------------------------
Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps
*Registry key not found*
--------------------------------------------------
Load/Run keys from C:\WINDOWS\WIN.INI:
load=*INI section not found*
run=*INI section not found*
Load/Run keys from Registry:
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=wbsys.dll
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\ssmypics.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Checking for EXPLORER.EXE instances:
C:\WINDOWS\Explorer.exe: PRESENT!
C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present
--------------------------------------------------
Checking for superhidden extensions:
.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden
--------------------------------------------------
Verifying REGEDIT.EXE integrity:
- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Regedit.exe has no CompanyName property! It is either missing or named something else.
- Regedit.exe has no OriginalFilename property! It is either missing or named something else.
- Regedit.exe has no FileDescription property! It is either missing or named something else.
Registry check failed!
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll - {49E0E0F0-5C30-11D4-945D-000000000003}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll - {9394EDE7-C8B5-483E-8773-474BF36AF6E4}
(no name) - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
--------------------------------------------------
Enumerating Task Scheduler jobs:
*No jobs found*
--------------------------------------------------
Enumerating Download Program Files:
[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL
CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204
[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
[Java Plug-in 1.4.2_03]
InProcServer32 = C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
[Java Plug-in 1.5.0_01]
InProcServer32 = C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
[Java Plug-in 1.5.0_02]
InProcServer32 = C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
[Java Plug-in 1.5.0_04]
InProcServer32 = C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
--------------------------------------------------
Enumerating Winsock LSP files:
NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
NameSpace #4: C:\Program Files\Bonjour\mdnsNSP.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll
--------------------------------------------------
Enumerating Windows NT/2000/XP services
Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD Networking Support -ympäristö: \SystemRoot\System32\drivers\afd.sys (system)
Service for WDM 3D Audio Driver: system32\drivers\ALCXSENS.SYS (manual start)
Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start)
Hälytys: %SystemRoot%\System32\svchost.exe -k LocalService (disabled)
Sovelluskerroksen yhdyskäytäväpalvelu: %SystemRoot%\System32\alg.exe (manual start)
AMD K7 Processor Driver: System32\DRIVERS\amdk7.sys (system)
Sovellusten hallinta: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
1394 ARP -asiakasprotokolla: System32\DRIVERS\arp1394.sys (manual start)
Aspi32: System32\drivers\aspi32.sys (autostart)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (manual start)
RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
Standardi IDE/ESDI-kiintolevyohjain: System32\DRIVERS\atapi.sys (system)
ATM ARP Client -protokolla: System32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
AVG7 Alert Manager Server: C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (autostart)
AVG7 Kernel: \SystemRoot\System32\Drivers\avg7core.sys (system)
AVG7 Wrap Driver: \SystemRoot\System32\Drivers\avg7rsw.sys (system)
AVG7 Rezident Driver: \SystemRoot\System32\Drivers\avg7rsxp.sys (system)
AVG7 Update Service: C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (autostart)
AVG Network Redirector: \??\C:\WINDOWS\System32\Drivers\avgtdi.sys (autostart)
BITS-tausta-ajo (Background Intelligent Transfer Service): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Bonjour-palvelu: "C:\Program Files\Bonjour\mDNSResponder.exe" (autostart)
Tietokoneiden selaus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Closed Caption Decoder: System32\DRIVERS\CCDECODE.sys (manual start)
CD-ROM-ohjain: System32\DRIVERS\cdrom.sys (system)
Indeksointipalvelu: %SystemRoot%\system32\cisvc.exe (manual start)
Leikekirja: %SystemRoot%\system32\clipsrv.exe (disabled)
COM -järjestelmäsovellus: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Salauspalvelut: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
d347bus: system32\DRIVERS\d347bus.sys (system)
d347prt: System32\Drivers\d347prt.sys (system)
DCOM-palvelinprosessin käynnistys: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP-asiakas: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Levyohjain: System32\DRIVERS\disk.sys (system)
Loogisen levyn hallinnan valvontapalvelu: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
dmio: System32\drivers\dmio.sys (disabled)
dmload: System32\drivers\dmload.sys (disabled)
Loogisen levyn hallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS-asiakas: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
FireDaemon Service: ecure: C:\WINDOWS\Temp\FireDaemon.EXE (autostart)
3Com EtherLink XL 90XB/C Adapter Driver: System32\DRIVERS\el90xbc5.sys (manual start)
Virheraportointipalvelut: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Tapahtumaloki: %SystemRoot%\system32\services.exe (autostart)
COM -tapahtumajärjestelmä: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
Nopean käyttäjän vaihdon yhteensopivuus: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Fax: %systemroot%\system32\fxssvc.exe (manual start)
Levykeaseman ohjain: System32\DRIVERS\fdc.sys (manual start)
VIA Rhine Family Fast Ethernet Adapter Driver Service: System32\DRIVERS\fetnd5b.sys (manual start)
Levykeasemaohjain: System32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\drivers\fltmgr.sys (system)
Volume Manager -ohjain: System32\DRIVERS\ftdisk.sys (system)
GEAR CDRom Filter: SYSTEM32\DRIVERS\GEARAspiWDM.sys (manual start)
Yleinen paketinmääritys: System32\DRIVERS\msgpc.sys (manual start)
Ohjeet ja tuotetuki: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
HID (Human Interface Device) -liittymä: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Microsoft HID -luokkaohjain: System32\DRIVERS\hidusb.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i8042-näppäimistö ja PS/2-hiiriohjain: System32\DRIVERS\i8042prt.sys (system)
ialm: System32\DRIVERS\ialmnt5.sys (manual start)
InstallDriver Table Manager: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe" (manual start)
CD-Burning Filter Driver: System32\DRIVERS\imapi.sys (system)
CD-levyjen kirjoittamisen IMAPI COM -palvelu: C:\WINDOWS\System32\imapi.exe (manual start)
IntelIde: \SystemRoot\System32\DRIVERS\intelide.sys (disabled)
Windowsin IPv6-palomuurin ohjain: system32\drivers\ip6fw.sys (manual start)
IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
iPodService: C:\Program Files\iPod\bin\iPodService.exe (manual start)
IPSEC-ohjain: System32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA -väyläohjain: System32\DRIVERS\isapnp.sys (system)
IVI ASPI Shell: system32\drivers\iviaspi.sys (manual start)
Näppäimistön luokkaohjain: System32\DRIVERS\kbdclass.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Palvelin: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Työasema: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Machine Debug Manager: "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe" (autostart)
Viestinvälitys: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
NetMeeting etätyöpöydän jakaminen: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
Hiiren luokkaohjain: System32\DRIVERS\mouclass.sys (system)
WebDav Client Redirector: System32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service -välityspalvelin: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft-järjestelmänhallinnan BIOS-ohjain: System32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink -muunnin: system32\drivers\MSTEE.sys (manual start)
NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O -protokolla: System32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
NetBIOS-käyttöliittymä: System32\DRIVERS\netbios.sys (system)
NetBT: System32\DRIVERS\netbt.sys (system)
Verkon DDE: %SystemRoot%\system32\netdde.exe (disabled)
Verkon DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
Verkkokirjautuminen: %SystemRoot%\System32\lsass.exe (manual start)
Verkkoyhteydet: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Net MD: System32\Drivers\NETMDUSB.sys (manual start)
RCA USB Digital Cable Modem Driver: System32\DRIVERS\netrcacm.sys (manual start)
1394-verkko-ohjain: System32\DRIVERS\nic1394.sys (manual start)
NLA-nimiavaruus (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
NT LM -suojaustuen toimittaja: %SystemRoot%\System32\lsass.exe (manual start)
Siirrettävät tallennusvälineet: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
nv: System32\DRIVERS\nv4_mini.sys (manual start)
NVIDIA Display Driver Service: %SystemRoot%\System32\nvsvc32.exe (autostart)
IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
VIA OHCI Compliant IEEE 1394 Host Controller: System32\DRIVERS\ohci1394.sys (system)
Rinnakkaisporttiohjain: System32\DRIVERS\parport.sys (manual start)
PCI Bus Driver: System32\DRIVERS\pci.sys (system)
PCIIde: System32\DRIVERS\pciide.sys (system)
Padus ASPI Shell: system32\drivers\pfc.sys (manual start)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC-palvelut: %SystemRoot%\System32\lsass.exe (autostart)
WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
Processor Driver: System32\DRIVERS\processr.sys (system)
Suojattu tallennuspaikka: %SystemRoot%\system32\lsass.exe (autostart)
PS2: System32\DRIVERS\PS2.sys (manual start)
QoS-paketinajoitus: System32\DRIVERS\psched.sys (manual start)
Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
PxHelp20: System32\Drivers\PxHelp20.sys (system)
Remote Access Auto Connection -ohjain: System32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection -hallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
Etäkäytön (RAS) yhteyksienhallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: System32\DRIVERS\raspppoe.sys (manual start)
Suora rinnakkainen: System32\DRIVERS\raspti.sys (manual start)
Rdbss: System32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Etätyöpöydän ohjeen istunnonhallinta: C:\WINDOWS\system32\sessmgr.exe (manual start)
Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
Reititys ja etäkäyttö: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Etäproseduurikutsujen (RPC) paikannin: %SystemRoot%\System32\locator.exe (manual start)
Etäproseduurikutsu (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
VSC Engine: \??\C:\Program Files\Cakewalk\Shared Dxi\Roland\RVIEg01.sys (autostart)
Käyttöoikeustilien hallinta: %SystemRoot%\system32\lsass.exe (autostart)
Sandra Data Service: C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe (manual start)
Sandra Service: C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe (manual start)
Älykortti: %SystemRoot%\System32\SCardSvr.exe (manual start)
Tehtävien ajoitus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: System32\DRIVERS\secdrv.sys (manual start)
Toissijainen kirjautuminen: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Järjestelmätapahtuman ilmoitus: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter -ohjain: System32\DRIVERS\serenum.sys (manual start)
Sarjaporttiohjain: System32\DRIVERS\serial.sys (system)
Windowsin palomuuri / Internet-yhteyden jakaminen (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Käyttöliittymän laitteistotunnistus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SiS315: System32\DRIVERS\sisgrp.sys (manual start)
SiS AGP Filter: System32\DRIVERS\SISAGPX.sys (system)
SiSkp: System32\DRIVERS\srvkp.sys (system)
BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Taustatulostusohjain: %SystemRoot%\system32\spoolsv.exe (autostart)
Sony SPTI Service: C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (manual start)
Järjestelmän palautussuodatin -ohjain: System32\DRIVERS\sr.sys (system)
Järjestelmän palauttaminen -palvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Srv: System32\DRIVERS\srv.sys (manual start)
SSDP-palvelu (Simple Service Discovery Protocol): %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
WIA (Windows Image Acquisition): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
FireDaemon Service: svchost1: C:\WINDOWS\Temp\FireDaemon.EXE (autostart)
Ohjelmistoväyläohjain: System32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{71FC5CE2-4757-4D9E-931D-22F24F6BD533} (manual start)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Resurssilokit ja -hälytykset: %SystemRoot%\system32\smlogsvc.exe (manual start)
FireDaemon Service: system: C:\WINDOWS\Temp\FireDaemon.EXE (autostart)
Puhelin: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP-protokollaohjain: System32\DRIVERS\tcpip.sys (system)
Päätelaiteohjain: System32\DRIVERS\termdd.sys (system)
Päätepalvelut: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Teemat: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Tiedostolinkkijäljityksen asiakas: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
Microcode Update -ohjain: System32\DRIVERS\update.sys (manual start)
Universal Plug & Play -laiteisäntä: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
UPS: %SystemRoot%\System32\ups.exe (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: System32\DRIVERS\usbehci.sys (manual start)
USB2 Enabled Hub: System32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: System32\DRIVERS\usbohci.sys (manual start)
Microsoft USB PRINTER -luokka: System32\DRIVERS\usbprint.sys (manual start)
USB-massamuistiohjain: System32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: System32\DRIVERS\usbuhci.sys (manual start)
Creative WebCam Vista Plus: system32\DRIVERS\V0090Vid.sys (manual start)
VGA-näytönohjain: \SystemRoot\System32\drivers\vga.sys (system)
VIA AGP Filter: System32\DRIVERS\viaagp1.sys (system)
viagfx: System32\DRIVERS\vtmini.sys (manual start)
ViaIde: System32\DRIVERS\viaide.sys (system)
vsdatant: System32\vsdatant.sys (system)
TrueVector Internet Monitor: C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service (autostart)
Aseman tilannevedos: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
WMI-palvelu (Windows Management Instrumentation): %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Kannettavan mediasoittimen sarjanumeropalvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI resurssisovitin: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
Windows Socket 2.0:n tukiympäristö ei-IFS-järjestelmiä varten: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled)
Tietoturvakeskus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
Automaattiset päivitykset: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Verkon käyttöönottopalvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
--------------------------------------------------
End of report, 36 408 bytes
Report generated in 0,172 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
ja toinen:
Ad-Aware SE Personal
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat and Reader 6.0.3 Update
Adobe Reader 6.0.1 - Suomi
ALLOUT v1.4
Amazing Mahjongg 3D
APSW Instant Convertor
Ashampoo Movie Shrink & Burn 2
Ashampoo UnInstaller Platinum Suite
Ashampoo WinOptimizer 2004
a-squared Free 1.6
AudioEdit Deluxe
AVG Free Edition
AVI to VCD/DVD 4.02
Band-in-a-Box 2005
Band-in-a-Box Demo
Blaze Audio RipEditBurn 2
Blaze Audio Sound Effects Set 1
Blue Lotus Flower
Blue Poppies
Cakewalk Home Studio 2002
CCleaner (remove only)
CDBurnerXP Pro 3
CDRWIN
Clipart 1.0
Copernic Desktop Search
Creative WebCam Center
Creative WebCam Vista Plus Driver (1.02.02.0414)
Creative WebCam Vista Plus User's Guide (English)
Cucusoft MPEG/AVI to DVD/VCD/SVCD/MPEG Converter Pro 5.12
DAEMON Tools
Dan! Da! Dan 1.0
dBpowerAMP Music Converter
DivX ;-) Audio Compressor 4.02
DivX Player
Dolet Light for Finale 2005
Down2Home
Dr.DivX
DreamStation DXi
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDPean Pro 3.5.1
dvdSanta 4.00
EasyCleaner
Eraser
EVEREST Home Edition v2.00
Filzip 3.02
Finale 2005
Finale Performance Assessment
GammaSutra 1.0
Get Yahoo! Messenger
Google Earth
Gravity Gems V1.0.0.1
HDD Thermometer
Help and Support Additions
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
hp deskjet 656c series (Vain poisto)
HP Deskjet Preloaded Printer Drivers
HP Image Zone 4.2
HP Image Zone Plus 4.2
HP Photo & Imaging 3.5 - HP Devices
HP Software Update
HPIZ402
Iconoid Version 3.4.0
Image Resizer Powertoy for Windows XP
InterVideo WinDVD Creator 2
InterVideo WinDVD Player
IsoBuster 1.6
iTunes
J2SE Runtime Environment 5.0 Update 1
J2SE Runtime Environment 5.0 Update 2
J2SE Runtime Environment 5.0 Update 4
Java 2 Runtime Environment, SE v1.4.2_03
jv16 PowerTools 1.3
Kyodai
LiveReg (Symantec Corporation)
LiveUpdate 2.5 (Symantec Corporation)
Logic Fun 4.8
Lumines 1.0
Macromedia Shockwave Player
Mah Jong Quest
Mahjong Towers II
MahJong v1.1
Mario Forever v 2.16 !
MatchItMaster
MemTest 3.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Finnish Language Pack
Microsoft AntiSpyware
Microsoft Data Access Components KB870669
Microsoft Office PowerPoint Viewer 2003
Microsoft Word 2002
Microsoft Works 7.0
Mozilla Firefox (1.0.7)
Mozilla Thunderbird (1.0)
MSN Messenger 7.5
MSN Työkalupalkki
Music MasterWorks
MyVoice ActiveX
MyVoice Lite
Net2Phone
Nokia Monitor Test 1.0
Norton Personal Firewall
NVIDIA Drivers
OpenMG Jukebox
OpenMG Secure Module 3.0.03
Opera
Pacman Worlds 1.0
PC Inspector File Recovery
PC On Off Time 1.0
PG Music DirectX Plugins 1.3.3.1
PowerDVD
PS2
PySol version 4.60
Python 2.2 combined Win32 extensions
Python 2.2.1
Päivitys Windows XP:lle (KB894391)
Päivitys Windows XP:lle (KB896727)
Päivitys Windows XP:lle (KB898461)
QuickTime
RagTime Solo
RealPlayer
Serif PhotoPlus 6.0
Sherlock 2.0
Sibelius v3.0
SiS VGA Utilities
SiSoftware Sandra Lite 2005 (Win64/32/CE)
SlideShow 2
SONAR 4 Producer Edition Demo
Sonic RecordNow!
Sony Net MD Help
Spy Cleaner Gold 9.5 Full Version
Spy Cleaner Gold 9.5 Trial Version
Spybot - Search & Destroy 1.3
SpywareBlaster v3.4
Subtitle Workshop 2.51
Suojauspäivitys Windows XP:lle (KB883939)
Suojauspäivitys Windows XP:lle (KB890046)
Suojauspäivitys Windows XP:lle (KB893756)
Suojauspäivitys Windows XP:lle (KB896358)
Suojauspäivitys Windows XP:lle (KB896422)
Suojauspäivitys Windows XP:lle (KB896423)
Suojauspäivitys Windows XP:lle (KB896428)
Suojauspäivitys Windows XP:lle (KB896688)
Suojauspäivitys Windows XP:lle (KB899587)
Suojauspäivitys Windows XP:lle (KB899588)
Suojauspäivitys Windows XP:lle (KB899591)
Suojauspäivitys Windows XP:lle (KB900725)
Suojauspäivitys Windows XP:lle (KB901017)
Suojauspäivitys Windows XP:lle (KB901214)
Suojauspäivitys Windows XP:lle (KB902400)
Suojauspäivitys Windows XP:lle (KB903235)
Suojauspäivitys Windows XP:lle (KB904706)
Suojauspäivitys Windows XP:lle (KB905414)
Suojauspäivitys Windows XP:lle (KB905749)
Suomalainen talviteema Windows XP -käyttöjärjestelmälle
Super Glinx
Time Adjuster v2.9 (STANDARD)
TMPGEnc Plus 2.5
TransBar
TweakNow RegCleaner
Uninstall Startup Inspector
vanBasco's Karaoke Player
WaveLab Demo
Webshots Desktop
VeloMaster Lite CW
VideoLAN VLC media player 0.8.1
Viewpoint Media Player (Remove Only)
WinAVI VideoConverter
WindowBlinds
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinRAR archiver
Virtual Sound Canvas DXi
Visual MP3
VobSub v2.23 (Remove Only)
XnView 1.74
ZoneAlarmValitettavasti en nähnyt noissa mitään kummallista :/
- katariina.
Fixaaja kirjoitti:
Valitettavasti en nähnyt noissa mitään kummallista :/
pitänee kiikuttaa kone takuuhuoltoon... nyt on taas käynnistynyt moitteetta, mutta eilen sammahti taas kerran itsekseen...
mutta suurkiitos kun yritit auttaa, nyt on sitten ainakin suht varmaa että on joku tekninen vika eikä pöpöjä
:) - Pois Fix
täällä kirjoitti:
pitäis antaa neuvoja eikä vain soittaa suutaan toisille ? Sitäpaitsi toihan oli ihan asiallista ja paikkansapitävää tekstiä !
Jos kaksi virusohjelmaa kopitelee yhtä aikaa konelaa niin mitä siintä tulee. Ei mitään sama on kaksi palomuuria.
Se on aivan sama kun mä täällä kopitelen ton toisen kanssa niin homma ei etene yhtään suuntaan eikä toiseen .. tässä toosassa mikä mulla on niin ei ole kuin yksi virusohjelma yksi palomuuri ja yksi spywareblaster.
Mitkä on aktiivisia.
Ei oo mitään pop up blokaajia viestinvälityksestä on laitettu ei käytössä.
Niihän siekin soitat .. :)))
- Pois Fix
löytyy semmosia mitkä vois otaa pois käynnistyksen yhteydessä toimimasta joita voi käynnistellä tavittaessa mikä taas auttaa koneen toimintaa.
msconfig kautta käynnistys välilehestä niitä en nyt lähde erittelemään mutta tässä lista on.
EI ERITELTY Mitä vois poistaa käynnistyksestä.
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GammaSutra] C:\Program Files\GammaSutra\GammaSutra.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE- pitäis
myös palomuuri ja virustorjunta ottaa pois päältä, niinkö ?
- Pois Fix
pitäis kirjoitti:
myös palomuuri ja virustorjunta ottaa pois päältä, niinkö ?
tuossa.
On kaikki ja mitähän tarkoittaa tämä.
EI ERITELTY Mitä vois poistaa käynnistyksestä.
- Pois Fix
Miltähän mahtaa näyttää se uusin logi?
- katariina.
mikä uusin logi?
en siis ole poistanut mitään paitsi sen ewidon ja yhden troijalaisen
en oikein nyt käsittänyt pitääkö jotain poistaa vai ei? - katariina.
katariina. kirjoitti:
mikä uusin logi?
en siis ole poistanut mitään paitsi sen ewidon ja yhden troijalaisen
en oikein nyt käsittänyt pitääkö jotain poistaa vai ei?jos tätä kaipasit :)
Logfile of HijackThis v1.99.1
Scan saved at 19:45:09, on 28.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GammaSutra] C:\Program Files\GammaSutra\GammaSutra.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FireDaemon Service: ecure (ecure) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe - Pois Fix
katariina. kirjoitti:
jos tätä kaipasit :)
Logfile of HijackThis v1.99.1
Scan saved at 19:45:09, on 28.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GammaSutra] C:\Program Files\GammaSutra\GammaSutra.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FireDaemon Service: ecure (ecure) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\Temp\FireDaemon.EXE
- Fixaaja
Pois Fix kirjoitti:
C:\WINDOWS\Temp\FireDaemon.EXE
Hyvin paljon mahdollista, että on örkki,ei kyllä ole aktiivisena(pitäisi olla, jos service) ja vielä (file missing) => tuskin löytyy
- Pois Fix
Fixaaja kirjoitti:
Hyvin paljon mahdollista, että on örkki,ei kyllä ole aktiivisena(pitäisi olla, jos service) ja vielä (file missing) => tuskin löytyy
svchost1
msconfig käynnistys välilehti tai suoraan fixsaa pois.
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing) - Pois Fix
Pois Fix kirjoitti:
svchost1
msconfig käynnistys välilehti tai suoraan fixsaa pois.
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)tuo vielä
O23 - Service: FireDaemon Service: ecure (ecure) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing) - Pois Fix
katariina. kirjoitti:
jos tätä kaipasit :)
Logfile of HijackThis v1.99.1
Scan saved at 19:45:09, on 28.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GammaSutra] C:\Program Files\GammaSutra\GammaSutra.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FireDaemon Service: ecure (ecure) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exeNäppää "käynnistä" "suorita" kirjoita ruutuun "cleanmgr" ja paina enter ja ok
Valitse
temporary internet files
roskakori
tilapäiset tiedostot
Ja näppää "ok" - Pois Fix
katariina. kirjoitti:
jos tätä kaipasit :)
Logfile of HijackThis v1.99.1
Scan saved at 19:45:09, on 28.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GammaSutra] C:\Program Files\GammaSutra\GammaSutra.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FireDaemon Service: ecure (ecure) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exesulla on sielä backups kansio.
Niin merkkaa fixsaa.
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe - Pois Fix
katariina. kirjoitti:
jos tätä kaipasit :)
Logfile of HijackThis v1.99.1
Scan saved at 19:45:09, on 28.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GammaSutra] C:\Program Files\GammaSutra\GammaSutra.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FireDaemon Service: ecure (ecure) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exeSammuta ja käynnistä kone
Ja uusi logi - katariina.
Pois Fix kirjoitti:
sulla on sielä backups kansio.
Niin merkkaa fixsaa.
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exese lämpömittari pitää poistaa?
sen oon asentanut ihan tietokonelehden mukana tulleelta rompulta
mä oon nyt ihan pudonnut kärryiltä... :( - katariina.
Pois Fix kirjoitti:
C:\WINDOWS\Temp\FireDaemon.EXE
örkki eikä virus
- Poi Fix
katariina. kirjoitti:
örkki eikä virus
tiedotoista.
- Pois Fix
katariina. kirjoitti:
se lämpömittari pitää poistaa?
sen oon asentanut ihan tietokonelehden mukana tulleelta rompulta
mä oon nyt ihan pudonnut kärryiltä... :(http://www.superadblocker.com/H/HDD THERMOMETER.EXE-49.html
- katariina.
mää olen nyt kyllä jo palan matkaa pudonnut kärryiltä... ;)
Logfile of HijackThis v1.99.1
Scan saved at 22:13:10, on 28.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\ps2.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HDD Thermometer\HDD Thermometer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = dna Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://paivitys.dnainternet.fi/yhteys/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GammaSutra] C:\Program Files\GammaSutra\GammaSutra.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [RSD_HDDThermo] C:\Program Files\HDD Thermometer\HDD Thermometer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-0090276F843F} - C:\Program Files\Net2Phone\Net2fone.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FireDaemon Service: ecure (ecure) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe- katariina.
ihan nyt viitsit selittää tarkalleen mitä mun pitää tehdä... olen jo ihan rullalla päästäni :D
- Pois Fix
sammutetaas näiltä siististi valot.
Kirjota Suorita kohtaan services.msc ja Ok
Etsi sieltä nuo Service ja tuplalikkaa niitä ja pistä käynnistys muotoon ei käytössä
O23 - Service: FireDaemon Service: ecure (ecure) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: svchost1 (svchost1) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
O23 - Service: FireDaemon Service: system (system) - Unknown owner - C:\WINDOWS\Temp\FireDaemon.EXE (file missing)
sitten kun se käynnistyy uudellen laita ekaan ikkunaan ruksi Älä näyttä tätä sonomaa tai käynnistä järjestelmän kokoonpanosovellutusta käynnistettäessä ja paina sitten OK - Pois Fix
katariina. kirjoitti:
ihan nyt viitsit selittää tarkalleen mitä mun pitää tehdä... olen jo ihan rullalla päästäni :D
älä noteeraa tätä.
sitten kun se käynnistyy uudellen laita ekaan ikkunaan ruksi Älä näyttä tätä sonomaa tai käynnistä järjestelmän kokoonpanosovellutusta käynnistettäessä ja paina sitten OK - kenties
olla parempi suhtautua tietyllä varauksella tämän vastaajan neuvoihin...
- Pois Fix
kenties kirjoitti:
olla parempi suhtautua tietyllä varauksella tämän vastaajan neuvoihin...
ja hultoon.
- Pois Fix
kenties kirjoitti:
olla parempi suhtautua tietyllä varauksella tämän vastaajan neuvoihin...
tämmä visiin jahtaa spywareja awareja toijalaisia malwareja ..... EVEREST Home Edition v2.00
- Poi Fix
kenties kirjoitti:
olla parempi suhtautua tietyllä varauksella tämän vastaajan neuvoihin...
mitä mahtaa sisältää Lisää / poista sovellus ?
Program Files ? *kansioita jämiä* - katariina.
kenties kirjoitti:
olla parempi suhtautua tietyllä varauksella tämän vastaajan neuvoihin...
alkaa tuntua oudolta
- Poi Fix
katariina. kirjoitti:
alkaa tuntua oudolta
ÄLÄ valita vie sinne huoltoon hopi hopi
- sivullinen...
Poi Fix kirjoitti:
ÄLÄ valita vie sinne huoltoon hopi hopi
tämä touhu oikein on?
Menee kaikki, sekä kysyjä että lukijat sekaisin.
Sen verran vaarallisilla vesillä ollaan että pitäisi toimia sujuvasti.....
Ketjusta on poistettu 5 sääntöjenvastaista viestiä.
Luetuimmat keskustelut
Riikan kukkaronnyöri on umpisolmussa
Kulutus ei lähde liikkeelle, koska kansalaiset eivät usko, että: – työpaikka säilyy – tulot eivät romahda – talous ei h352875Jos vedetään mutkat suoraksi?
Niin kumpaan ryhmään kuulut? A) Niihin, jotka menevät edellä ja tekevät? Vai B) Niihin, jotka kulkevat perässä ja ar1062671Tanskan malli perustuu korkeaan ansioturvaan
Ja vahvoihin työllisyys- ja kotoutumispalveluihin. Suomessa Riikka on leikannut juuri näitä: palkkatukea, työttömyysturv302385Vain vasemmistolaiset ovat aitoja suomalaisia
Esimerkiksi persut ovat ulkomaalaisen pääomasijoittajan edunvalvojia, eivät auta köyhiä suomalaisia.491904Anteeksipyyntöni
Jätän tähän anteeksipyyntöni sinulle, koska en voi sanoa sitä missään muuallakaan. Pyydän anteeksi, jos purkamani tuska141513- 321473
- 271389
Sydämeni valtiaalle
En täältä aio asioita kysellä. Haluan tuoda tiedoksesi, että pohjimmiltani en ihmisiä tahdo satuttaa ja ajattelen muiden1021203- 1771183
En vain unohda
Sitä miten rakastuneesti olet minua katsonut. Oliko tunteet liian suuria että niistä olisi voinut puhua.711025