Taustakuva ei vaihdu

Discussion in 'Virukset ja haittaohjelmat' started by Penala, Dec 24, 2005.

  1. Penala

    Penala Member

    Joined:
    Dec 24, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    11
    Taustakuva ei vaihdu sitten millään. F-Secure koneella + ad aware + micros spyware. CCleaner ajettu etc...Kun kuvaa on vaihtamassa se hetkeksi ikäänkuin tulee mutta vanha kuva (ilman mitään spyware tekstejä yms ts normaali taustakuva) pysyy sitkeästi näytöllä. Ja aika tumpelo siis näppäimen ääressä ..:(
    Tämä ongelma ollut noin kuukauden nyt...
     
    Penala, Dec 24, 2005
    #1
  2. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    -kemisti-, Dec 24, 2005
    #2
  3. Penala

    Penala Member

    Joined:
    Dec 24, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    11
    Logfile of HijackThis v1.99.1
    Scan saved at 17:41:46, on 24.12.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FSM32.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\PROGRA~1\SURFFI~1\backweb\1575007\Program\SERVIC~1.EXE
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fsgk32st.exe
    C:\Program Files\SurffiNet Tietoturva\backweb\1575007\Program\fspex.exe
    C:\Program Files\SurffiNet Tietoturva\backweb\1575007\program\fsbwsys.exe
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\FSGK32.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FSMA32.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FSMB32.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fssm32.exe
    C:\Program Files\SurffiNet Tietoturva\Common\FCH32.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FAMEH32.EXE
    C:\Program Files\SurffiNet Tietoturva\FWES\Program\fsdfwd.exe
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fsav32.exe
    C:\Program Files\SurffiNet Tietoturva\FSGUI\fsguiexe.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\DOCUME~1\Omistaja\LOCALS~1\Temp\Tilapäinen kansio 1 hijackthis_199.zip\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surffi.net/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SurffiNet Tietoturva\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SurffiNet Tietoturva\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\SurffiNet Tietoturva\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: SurffiNet Tietoturva (BackWeb Plug-in - 1575007) - Unknown owner - C:\PROGRA~1\SURFFI~1\backweb\1575007\Program\SERVIC~1.EXE
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\SurffiNet Tietoturva\backweb\1575007\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SurffiNet Tietoturva\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SurffiNet Tietoturva\Common\FSMA32.EXE

     
    Penala, Dec 24, 2005
    #3
  4. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Ei näy örkkejä. Tehdääs näin:

    Hae täältä -> http://www.billsway.com/vbspage/ registry search tool ja tee haku "desktop.html":llä. Jos antivirus herjaa, anna ajaa.

    Lähetä registry searchin tulokset.

    Jollei löydy, kokeile hakusanaa "warnhp.html".
     
    -kemisti-, Dec 24, 2005
    #4
  5. Penala

    Penala Member

    Joined:
    Dec 24, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    11
    Moro. Kumpikaan haku ei tuottanut tuloksia..
     
    Penala, Dec 24, 2005
    #5
  6. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Selvä. Kokeillaan sitten tätä

    Hae ewido -> http://www.ewido.net/en/download

    Asenna, päivitä, skannaa. Anna poistaa, mitä löytää ja tallenna raportti. Lähetä uusi HjT-loki ja ewidon raportti tänne.
     
    -kemisti-, Dec 24, 2005
    #6
  7. Penala

    Penala Member

    Joined:
    Dec 24, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    11
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 20:48:41, 24.12.2005
    + Report-Checksum: DF664FCA

    + Scan result:

    No infected objects found.


    ::Report End

    Logfile of HijackThis v1.99.1
    Scan saved at 20:50:25, on 24.12.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FSM32.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\PROGRA~1\SURFFI~1\backweb\1575007\Program\SERVIC~1.EXE
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fsgk32st.exe
    C:\Program Files\SurffiNet Tietoturva\backweb\1575007\Program\fspex.exe
    C:\Program Files\SurffiNet Tietoturva\backweb\1575007\program\fsbwsys.exe
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\FSGK32.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FSMA32.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FSMB32.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fssm32.exe
    C:\Program Files\SurffiNet Tietoturva\Common\FCH32.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FAMEH32.EXE
    C:\Program Files\SurffiNet Tietoturva\FWES\Program\fsdfwd.exe
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fsav32.exe
    C:\Program Files\SurffiNet Tietoturva\FSGUI\fsguiexe.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\SecuritySuite.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\DOCUME~1\Omistaja\LOCALS~1\Temp\Tilapäinen kansio 1 hijackthis_199.zip\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.surffi.net/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\SurffiNet Tietoturva\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\SurffiNet Tietoturva\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\SurffiNet Tietoturva\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: SurffiNet Tietoturva (BackWeb Plug-in - 1575007) - Unknown owner - C:\PROGRA~1\SURFFI~1\backweb\1575007\Program\SERVIC~1.EXE
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\SurffiNet Tietoturva\backweb\1575007\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\SurffiNet Tietoturva\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\SurffiNet Tietoturva\Common\FSMA32.EXE

     
    Penala, Dec 24, 2005
    #7
  8. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Ok, ei löytänyt mitään. Laitas sitten staruplista, HjT:ssä open misc tools, niihin kahteen ruutuun ruksi ja paina generate startuplist.
     
    -kemisti-, Dec 24, 2005
    #8
  9. Penala

    Penala Member

    Joined:
    Dec 24, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    11
    StartupList report, 24.12.2005, 21:10:52
    StartupList version: 1.52.2
    Started from : C:\DOCUME~1\Omistaja\LOCALS~1\Temp\Tilapäinen kansio 1 hijackthis_199.zip\HijackThis.EXE
    Detected: Windows XP SP2 (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    * Using default options
    * Including empty and uninteresting sections
    * Showing rarely important sections
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FSM32.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\PROGRA~1\SURFFI~1\backweb\1575007\Program\SERVIC~1.EXE
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fsgk32st.exe
    C:\Program Files\SurffiNet Tietoturva\backweb\1575007\Program\fspex.exe
    C:\Program Files\SurffiNet Tietoturva\backweb\1575007\program\fsbwsys.exe
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\FSGK32.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FSMA32.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FSMB32.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fssm32.exe
    C:\Program Files\SurffiNet Tietoturva\Common\FCH32.EXE
    C:\Program Files\SurffiNet Tietoturva\Common\FAMEH32.EXE
    C:\Program Files\SurffiNet Tietoturva\FWES\Program\fsdfwd.exe
    C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fsav32.exe
    C:\Program Files\SurffiNet Tietoturva\FSGUI\fsguiexe.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\WINDOWS\system32\LVComsX.exe
    C:\DOCUME~1\Omistaja\LOCALS~1\Temp\Tilapäinen kansio 1 hijackthis_199.zip\HijackThis.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Startup:
    [C:\Documents and Settings\Omistaja\Käynnistä-valikko\Ohjelmat\Käynnistys]
    *No files*

    Shell folders AltStartup:
    *Folder not found*

    User shell folders Startup:
    *Folder not found*

    User shell folders AltStartup:
    *Folder not found*

    Shell folders Common Startup:
    [C:\Documents and Settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys]
    *No files*

    Shell folders Common AltStartup:
    *Folder not found*

    User shell folders Common Startup:
    *Folder not found*

    User shell folders Alternate Common Startup:
    *Folder not found*

    --------------------------------------------------

    Checking Windows NT UserInit:

    [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    UserInit = C:\WINDOWS\system32\userinit.exe,

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*

    [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    *Registry value not found*

    [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    F-Secure Manager = "C:\Program Files\SurffiNet Tietoturva\Common\FSM32.EXE" /splash
    F-Secure TNB = "C:\Program Files\SurffiNet Tietoturva\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    F-Secure Startup Wizard = "C:\Program Files\SurffiNet Tietoturva\FSGUI\FSSW.EXE" /reboot
    gcasServ = "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run

    CTFMON.EXE = C:\WINDOWS\system32\ctfmon.exe
    MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

    *No values found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run

    [OptionalComponents]
    *No values found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    *No subkeys found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*

    --------------------------------------------------

    Autorun entries in Registry subkeys of:
    HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
    *Registry key not found*

    --------------------------------------------------

    File association entry for .EXE:
    HKEY_CLASSES_ROOT\exefile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .COM:
    HKEY_CLASSES_ROOT\comfile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .BAT:
    HKEY_CLASSES_ROOT\batfile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .PIF:
    HKEY_CLASSES_ROOT\piffile\shell\open\command

    (Default) = "%1" %*

    --------------------------------------------------

    File association entry for .SCR:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command

    (Default) = "%1" /S

    --------------------------------------------------

    File association entry for .HTA:
    HKEY_CLASSES_ROOT\htafile\shell\open\command

    (Default) = C:\WINDOWS\System32\mshta.exe "%1" %*

    --------------------------------------------------

    File association entry for .TXT:
    HKEY_CLASSES_ROOT\txtfile\shell\open\command

    (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

    --------------------------------------------------

    Enumerating Active Setup stub paths:
    HKLM\Software\Microsoft\Active Setup\Installed Components
    (* = disabled by HKCU twin)

    [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

    [>{26923b43-4d38-484f-9b9e-de460746276c}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

    [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
    StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

    [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
    StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

    [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
    StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

    [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

    [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

    [{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

    [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
    StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub

    [{7790769C-0471-11d2-AF11-00C04FA35D02}] *
    StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

    [{89820200-ECBD-11cf-8B85-00AA005B4340}] *
    StubPath = regsvr32.exe /s /n /i:U shell32.dll

    [{89820200-ECBD-11cf-8B85-00AA005B4383}] *
    StubPath = %SystemRoot%\system32\ie4uinit.exe

    --------------------------------------------------

    Enumerating ICQ Agent Autostart apps:
    HKCU\Software\Mirabilis\ICQ\Agent\Apps

    *Registry key not found*

    --------------------------------------------------

    Load/Run keys from C:\WINDOWS\WIN.INI:

    load=*INI section not found*
    run=*INI section not found*

    Load/Run keys from Registry:

    HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
    HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
    HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
    HKCU\..\Windows NT\CurrentVersion\Windows: load=
    HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
    HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

    --------------------------------------------------

    Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

    Shell=*INI section not found*
    SCRNSAVE.EXE=*INI section not found*
    drivers=*INI section not found*

    Shell & screensaver key from Registry:

    Shell=Explorer.exe
    SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr
    drivers=*Registry value not found*

    Policies Shell key:

    HKCU\..\Policies: Shell=*Registry key not found*
    HKLM\..\Policies: Shell=*Registry value not found*

    --------------------------------------------------

    Checking for EXPLORER.EXE instances:

    C:\WINDOWS\Explorer.exe: PRESENT!

    C:\Explorer.exe: not present
    C:\WINDOWS\Explorer\Explorer.exe: not present
    C:\WINDOWS\System\Explorer.exe: not present
    C:\WINDOWS\System32\Explorer.exe: not present
    C:\WINDOWS\Command\Explorer.exe: not present
    C:\WINDOWS\Fonts\Explorer.exe: not present

    --------------------------------------------------

    Checking for superhidden extensions:

    .lnk: HIDDEN! (arrow overlay: yes)
    .pif: HIDDEN! (arrow overlay: yes)
    .exe: not hidden
    .com: not hidden
    .bat: not hidden
    .hta: not hidden
    .scr: not hidden
    .shs: HIDDEN!
    .shb: HIDDEN!
    .vbs: not hidden
    .vbe: not hidden
    .wsh: not hidden
    .scf: HIDDEN! (arrow overlay: NO!)
    .url: HIDDEN! (arrow overlay: yes)
    .js: not hidden
    .jse: not hidden

    --------------------------------------------------

    Verifying REGEDIT.EXE integrity:

    - Regedit.exe found in C:\WINDOWS
    - .reg open command is normal (regedit.exe %1)
    - Regedit.exe has no CompanyName property! It is either missing or named something else.
    - Regedit.exe has no OriginalFilename property! It is either missing or named something else.
    - Regedit.exe has no FileDescription property! It is either missing or named something else.

    Registry check failed!

    --------------------------------------------------

    Enumerating Browser Helper Objects:

    (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
    (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
    (no name) - c:\program files\google\googletoolbar2.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
    (no name) - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}

    --------------------------------------------------

    Enumerating Task Scheduler jobs:

    Scheduled scanning task.job

    --------------------------------------------------

    Enumerating Download Program Files:

    [Windows Genuine Advantage Validation Tool]
    InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL
    CODEBASE = http://go.microsoft.com/fwlink/?linkid=39204

    [XML DOM Document 4.0]
    InProcServer32 = C:\WINDOWS\system32\msxml4.dll
    CODEBASE = file://C:\TempEI4\EI40_\msxml4.cab

    [Shockwave Flash Object]
    InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
    CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    --------------------------------------------------

    Enumerating Winsock LSP files:

    NameSpace #1: C:\WINDOWS\System32\mswsock.dll
    NameSpace #2: C:\WINDOWS\System32\winrnr.dll
    NameSpace #3: C:\WINDOWS\System32\mswsock.dll
    Protocol #1: C:\WINDOWS\system32\mswsock.dll
    Protocol #2: C:\WINDOWS\system32\mswsock.dll
    Protocol #3: C:\WINDOWS\system32\mswsock.dll
    Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
    Protocol #6: C:\WINDOWS\system32\mswsock.dll
    Protocol #7: C:\WINDOWS\system32\mswsock.dll
    Protocol #8: C:\WINDOWS\system32\mswsock.dll
    Protocol #9: C:\WINDOWS\system32\mswsock.dll
    Protocol #10: C:\WINDOWS\system32\mswsock.dll
    Protocol #11: C:\WINDOWS\system32\mswsock.dll
    Protocol #12: C:\WINDOWS\system32\mswsock.dll
    Protocol #13: C:\WINDOWS\system32\mswsock.dll
    Protocol #14: C:\WINDOWS\system32\mswsock.dll
    Protocol #15: C:\WINDOWS\system32\mswsock.dll
    Protocol #16: C:\WINDOWS\system32\mswsock.dll
    Protocol #17: C:\WINDOWS\system32\mswsock.dll

    --------------------------------------------------

    Enumerating Windows NT/2000/XP services

    Microsoft ACPI Driver: System32\DRIVERS\ACPI.sys (system)
    Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
    AFD Networking Support -ympäristö: \SystemRoot\System32\drivers\afd.sys (system)
    Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start)
    Hälytys: %SystemRoot%\System32\svchost.exe -k LocalService (disabled)
    Sovelluskerroksen yhdyskäytäväpalvelu: %SystemRoot%\System32\alg.exe (manual start)
    Sovellusten hallinta: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    RAS Asynchronous Media Driver: System32\DRIVERS\asyncmac.sys (manual start)
    Standardi IDE/ESDI-kiintolevyohjain: System32\DRIVERS\atapi.sys (system)
    ATM ARP Client -protokolla: System32\DRIVERS\atmarpc.sys (manual start)
    Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Audio Stub Driver: System32\DRIVERS\audstub.sys (manual start)
    SurffiNet Tietoturva: C:\PROGRA~1\SURFFI~1\backweb\1575007\Program\SERVIC~1.EXE (autostart)
    basic2: System32\DRIVERS\HSF_BSC2.sys (manual start)
    BITS-tausta-ajo (Background Intelligent Transfer Service): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Tietokoneiden selaus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start)
    CD-ROM-ohjain: System32\DRIVERS\cdrom.sys (system)
    Indeksointipalvelu: %SystemRoot%\system32\cisvc.exe (manual start)
    Leikekirja: %SystemRoot%\system32\clipsrv.exe (disabled)
    COM+-järjestelmäsovellus: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
    Salauspalvelut: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    DCOM-palvelinprosessin käynnistys: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
    DHCP-asiakas: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Levyohjain: System32\DRIVERS\disk.sys (system)
    Loogisen levyn hallinnan valvontapalvelu: %SystemRoot%\System32\dmadmin.exe /com (manual start)
    dmboot: System32\drivers\dmboot.sys (disabled)
    dmio: System32\drivers\dmio.sys (disabled)
    dmload: System32\drivers\dmload.sys (disabled)
    Loogisen levyn hallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
    DNS-asiakas: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
    Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
    Intel(R) PRO Adapter Driver: System32\DRIVERS\e100b325.sys (manual start)
    Virheraportointipalvelut: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Tapahtumaloki: %SystemRoot%\system32\services.exe (autostart)
    COM+-tapahtumajärjestelmä: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start)
    ewido security suite control: C:\Program Files\ewido anti-malware\ewidoctrl.exe (autostart)
    ewido security suite driver: \??\C:\Program Files\ewido anti-malware\guard.sys (system)
    ewido security suite guard: C:\Program Files\ewido anti-malware\ewidoguard.exe (autostart)
    F-Secure File System Filter: \??\C:\Program Files\SurffiNet Tietoturva\Anti-Virus\Win2K\FSfilter.sys (autostart)
    F-Secure Gatekeeper: \??\C:\Program Files\SurffiNet Tietoturva\Anti-Virus\Win2K\FSgk.sys (autostart)
    F-Secure Gatekeeper Handler Starter: "C:\Program Files\SurffiNet Tietoturva\Anti-Virus\fsgk32st.exe" (autostart)
    F-Secure File System Recognizer: \??\C:\Program Files\SurffiNet Tietoturva\Anti-Virus\Win2K\FSrec.sys (autostart)
    Fallback: System32\DRIVERS\HSF_FALL.sys (autostart)
    Nopean käyttäjän vaihdon yhteensopivuus: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Levykeaseman ohjain: System32\DRIVERS\fdc.sys (manual start)
    Levykeasemaohjain: System32\DRIVERS\flpydisk.sys (manual start)
    FltMgr: system32\drivers\fltmgr.sys (system)
    fsbwsys: "C:\Program Files\SurffiNet Tietoturva\backweb\1575007\program\fsbwsys.exe" (autostart)
    F-Secure Anti-Virus Firewall Daemon: "C:\Program Files\SurffiNet Tietoturva\FWES\Program\fsdfwd.exe" (manual start)
    F-Secure Firewall Driver: System32\drivers\fsdfw.sys (system)
    Fsks: System32\DRIVERS\HSF_FSKS.sys (autostart)
    F-Secure Management Agent: "C:\Program Files\SurffiNet Tietoturva\Common\FSMA32.EXE" (autostart)
    Volume Manager -ohjain: System32\DRIVERS\ftdisk.sys (system)
    Yleinen paketinmääritys: System32\DRIVERS\msgpc.sys (manual start)
    Ohjeet ja tuotetuki: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    HID (Human Interface Device) -liittymä: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    Microsoft HID -luokkaohjain: System32\DRIVERS\hidusb.sys (manual start)
    HSFHWBS2: System32\DRIVERS\HSFHWBS2.sys (manual start)
    HSF_DP: System32\DRIVERS\HSF_DP.sys (manual start)
    hsf_msft: System32\DRIVERS\HSF_MSFT.sys (manual start)
    HTTP: System32\Drivers\HTTP.sys (manual start)
    HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
    i8042-näppäimistö ja PS/2-hiiriohjain: System32\DRIVERS\i8042prt.sys (system)
    ialm: System32\DRIVERS\ialmnt5.sys (manual start)
    IdeBusDr: System32\DRIVERS\IdeBusDr.sys (system)
    Intel(R) Ultra ATA Controller: System32\DRIVERS\IdeChnDr.sys (system)
    CD-Burning Filter Driver: System32\DRIVERS\imapi.sys (system)
    CD-levyjen kirjoittamisen IMAPI COM -palvelu: C:\WINDOWS\System32\imapi.exe (manual start)
    IntelIde: System32\DRIVERS\intelide.sys (system)
    Intel-suoritinohjain: System32\DRIVERS\intelppm.sys (system)
    Windowsin IPv6-palomuurin ohjain: system32\drivers\ip6fw.sys (manual start)
    IP Traffic Filter Driver: System32\DRIVERS\ipfltdrv.sys (manual start)
    IP in IP Tunnel Driver: System32\DRIVERS\ipinip.sys (manual start)
    IP Network Address Translator: System32\DRIVERS\ipnat.sys (manual start)
    IPSEC-ohjain: System32\DRIVERS\ipsec.sys (system)
    IR Enumerator Service: System32\DRIVERS\irenum.sys (manual start)
    PnP ISA/EISA -väyläohjain: System32\DRIVERS\isapnp.sys (system)
    K56: System32\DRIVERS\HSF_K56K.sys (autostart)
    Näppäimistön luokkaohjain: System32\DRIVERS\kbdclass.sys (system)
    Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
    Palvelin: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Työasema: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    TCP/IP NetBIOS Helper: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    Logitech USB Monitor Filter: system32\drivers\lvusbsta.sys (manual start)
    mdmxsdk: System32\DRIVERS\mdmxsdk.sys (autostart)
    Viestinvälitys: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    NetMeeting etätyöpöydän jakaminen: C:\WINDOWS\System32\mnmsrvc.exe (manual start)
    Hiiren luokkaohjain: System32\DRIVERS\mouclass.sys (system)
    WebDav Client Redirector: System32\DRIVERS\mrxdav.sys (manual start)
    MRXSMB: System32\DRIVERS\mrxsmb.sys (system)
    Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start)
    Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
    Microsoft Streaming Service -välityspalvelin: system32\drivers\MSKSSRV.sys (manual start)
    Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
    Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
    Microsoft-järjestelmänhallinnan BIOS-ohjain: System32\DRIVERS\mssmbios.sys (manual start)
    Microsoft Streaming Tee/Sink-to-Sink -muunnin: system32\drivers\MSTEE.sys (manual start)
    NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
    Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
    Remote Access NDIS TAPI Driver: System32\DRIVERS\ndistapi.sys (manual start)
    NDIS Usermode I/O -protokolla: System32\DRIVERS\ndisuio.sys (manual start)
    Remote Access NDIS WAN Driver: System32\DRIVERS\ndiswan.sys (manual start)
    NetBIOS-käyttöliittymä: System32\DRIVERS\netbios.sys (system)
    NetBIOS TCP/IP:n päällä: System32\DRIVERS\netbt.sys (system)
    Verkon DDE: %SystemRoot%\system32\netdde.exe (disabled)
    Verkon DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
    Verkkokirjautuminen: %SystemRoot%\System32\lsass.exe (manual start)
    Verkkoyhteydet: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    NLA-nimiavaruus (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    NT LM -suojaustuen toimittaja: %SystemRoot%\System32\lsass.exe (manual start)
    Siirrettävät tallennusvälineet: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
    IPX Traffic Filter Driver: System32\DRIVERS\nwlnkflt.sys (manual start)
    IPX Traffic Forwarder Driver: System32\DRIVERS\nwlnkfwd.sys (manual start)
    Rinnakkaisporttiohjain: System32\DRIVERS\parport.sys (manual start)
    PCI-väyläohjain: System32\DRIVERS\pci.sys (system)
    PCIIde: System32\DRIVERS\pciide.sys (system)
    Plug and Play: %SystemRoot%\system32\services.exe (autostart)
    IPSEC-palvelut: %SystemRoot%\System32\lsass.exe (autostart)
    WAN Miniport (PPTP): System32\DRIVERS\raspptp.sys (manual start)
    Processor Driver: System32\DRIVERS\processr.sys (system)
    Suojattu tallennuspaikka: %SystemRoot%\system32\lsass.exe (autostart)
    QoS-paketinajoitus: System32\DRIVERS\psched.sys (manual start)
    Direct Parallel Link Driver: System32\DRIVERS\ptilink.sys (manual start)
    Logitech QuickCam Communicate: system32\DRIVERS\LVCM.sys (manual start)
    Remote Access Auto Connection -ohjain: System32\DRIVERS\rasacd.sys (system)
    Remote Access Auto Connection -hallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    WAN Miniport (L2TP): System32\DRIVERS\rasl2tp.sys (manual start)
    Etäkäytön (RAS) yhteyksienhallinta: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Remote Access PPPOE Driver: System32\DRIVERS\raspppoe.sys (manual start)
    Suora rinnakkainen: System32\DRIVERS\raspti.sys (manual start)
    Rdbss: System32\DRIVERS\rdbss.sys (system)
    RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
    Etätyöpöydän ohjeen istunnonhallinta: C:\WINDOWS\system32\sessmgr.exe (manual start)
    Digital CD Audio Playback Filter Driver: System32\DRIVERS\redbook.sys (system)
    Reititys ja etäkäyttö: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
    Rksample: System32\DRIVERS\HSF_SAMP.sys (manual start)
    Etäproseduurikutsujen (RPC) paikannin: %SystemRoot%\System32\locator.exe (manual start)
    Etäproseduurikutsu (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
    QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start)
    Käyttöoikeustilien hallinta: %SystemRoot%\system32\lsass.exe (autostart)
    Älykortti: %SystemRoot%\System32\SCardSvr.exe (manual start)
    Tehtävien ajoitus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Secdrv: System32\DRIVERS\secdrv.sys (autostart)
    Toissijainen kirjautuminen: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Järjestelmätapahtuman ilmoitus: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Serenum Filter -ohjain: System32\DRIVERS\serenum.sys (manual start)
    Sarjaporttiohjain: System32\DRIVERS\serial.sys (system)
    Windowsin palomuuri / Internet-yhteyden jakaminen (ICS): %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Käyttöliittymän laitteistotunnistus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
    Intel (R) System Management BIOS Service: System32\DRIVERS\SMBios.sys (manual start)
    SoftFax: System32\DRIVERS\HSF_FAXX.sys (autostart)
    Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
    Taustatulostusohjain: %SystemRoot%\system32\spoolsv.exe (autostart)
    Järjestelmän palautussuodatin -ohjain: System32\DRIVERS\sr.sys (system)
    Järjestelmän palauttaminen -palvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Srv: System32\DRIVERS\srv.sys (manual start)
    SSDP-palvelu (Simple Service Discovery Protocol): %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
    WIA (Windows Image Acquisition): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart)
    BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
    Ohjelmistoväyläohjain: System32\DRIVERS\swenum.sys (manual start)
    Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
    MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{DCFDB001-B1F3-4E29-84AD-DFC66EC16536} (manual start)
    Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
    Resurssilokit ja -hälytykset: %SystemRoot%\system32\smlogsvc.exe (manual start)
    Puhelin: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    TCP/IP-protokollaohjain: System32\DRIVERS\tcpip.sys (system)
    Päätelaiteohjain: System32\DRIVERS\termdd.sys (system)
    Päätepalvelut: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
    Teemat: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Tones: System32\DRIVERS\HSF_TONE.sys (autostart)
    Tiedostolinkkijäljityksen asiakas: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
    Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart)
    Microcode Update -ohjain: System32\DRIVERS\update.sys (manual start)
    Universal Plug & Play -laiteisäntä: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
    UPS: %SystemRoot%\System32\ups.exe (manual start)
    USB-ääniohjain (WDM): system32\drivers\usbaudio.sys (manual start)
    Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start)
    Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: System32\DRIVERS\usbehci.sys (manual start)
    Microsoft USB Standard Hub Driver: System32\DRIVERS\usbhub.sys (manual start)
    Microsoft USB PRINTER -luokka: system32\DRIVERS\usbprint.sys (manual start)
    USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
    USB-massamuistiohjain: System32\DRIVERS\USBSTOR.SYS (manual start)
    Microsoft USB Universal Host Controller Miniport Driver: System32\DRIVERS\usbuhci.sys (manual start)
    V124: System32\DRIVERS\HSF_V124.sys (autostart)
    VGA-näytönohjain: \SystemRoot\System32\drivers\vga.sys (system)
    Aseman tilannevedos: %SystemRoot%\System32\vssvc.exe (manual start)
    Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Remote Access IP ARP Driver: System32\DRIVERS\wanarp.sys (manual start)
    Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
    WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
    winachsf: System32\DRIVERS\HSF_CNXT.sys (manual start)
    WMI-palvelu (Windows Management Instrumentation): %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Kannettavan mediasoittimen sarjanumeropalvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    WMI resurssisovitin: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start)
    Tietoturvakeskus: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
    Automaattiset päivitykset: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
    Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
    Verkon käyttöönottopalvelu: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
    Intel(R) Graphics Platform (SoftBIOS) Driver: system32\drivers\ialmsbw.sys (system)
    Intel(R) Graphics Chipset (KCH) Driver: system32\drivers\ialmkchw.sys (manual start)


    --------------------------------------------------

    Enumerating Windows NT logon/logoff scripts:
    *No scripts set to run*

    Windows NT checkdisk command:
    BootExecute = autocheck autochk *

    Windows NT 'Wininit.ini':
    PendingFileRenameOperations: C:\DOCUME~1\Omistaja\LOCALS~1\TEMPOR~1\Content.IE5\index.dat||C:\DOCUME~1\Omistaja\Cookies\index.dat


    --------------------------------------------------

    Enumerating ShellServiceObjectDelayLoad items:

    PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
    CDBurn: C:\WINDOWS\system32\SHELL32.dll
    WebCheck: C:\WINDOWS\System32\webcheck.dll
    SysTray: C:\WINDOWS\System32\stobject.dll

    --------------------------------------------------
    Autorun entries from Registry:
    HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

    *Registry key not found*

    --------------------------------------------------

    Autorun entries from Registry:
    HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

    *Registry key not found*

    --------------------------------------------------

    End of report, 33 622 bytes
    Report generated in 0,172 seconds

    Command line options:
    /verbose - to add additional info on each section
    /complete - to include empty sections and unsuspicious data
    /full - to include several rarely-important sections
    /force9x - to include Win9x-only startups even if running on WinNT
    /forcent - to include WinNT-only startups even if running on Win9x
    /forceall - to include all Win9x and WinNT startups, regardless of platform
    /history - to list version history only
     
    Penala, Dec 24, 2005
    #9
  10. Penala

    Penala Member

    Joined:
    Dec 24, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    11
    puuh...sattumalta kävin räpläämässä mukauta työpöytää näyttöasetuksissa ja siellä web välilehti - siellä oli ylimääräinen web sivu ja joku active desktop kommentti..poistin ko web sivun ja voila! - homma kunnossa. Kiitos ISO kuitenkin vaivannäöstä ja Rauhallista Joulua...ja nyt kone sammuksiin :)
     
    Penala, Dec 24, 2005
    #10
  11. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Okei, hyvä homma. Ei tullut tuo mieleen, vaikka tiedänkin ton. Oikein hyvää joulua :)
     
    -kemisti-, Dec 24, 2005
    #11

Share This Page