Kone jumissa, mahdollisesti troijalaisia Hjt

vaimon kone juntturassa tässä loki:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:36:24, on 3.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\mini\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Mozilla Firefox\firefox.exe
C:\loki\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [ASUS WebStorage] C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\mini\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\windows\system32\SearchIndexer.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\windows\system32\svchost.exe

--
End of file - 19411 bytes

 

anyone?

 

.
Täällä Foorumilla on sellainen ongelma, ettei avunpyytäjälle kelpaa annetut ohjeet
tai ei ainakaan viitsitä vastata.
- Me tehdään tunti vapaaehtoista työtä login kanssa turhaan.
- On turha ihmetellä, ettei vapaaehtoisia auttajia löydy.
- On ensiarvoisen tärkeää saada logit ja pyydetyt tiedot, että tiedetään
mitkä lääkkeet puree mihikin vaivaan.
- Muutoon tämä menee lottoarvonnaksi !!!
-

PS.
Voidaan vilkaista emännän konetta, jos em. periaatteet käy.

- Logilla ei suoranaisesti pöpöjä näy.
- Tämä vaikuttaa "miniläppäriltä" jossa tehot senmukaiset.
- Suurinosa noista asuksen palikoista O4 riveillä on
startissa tarpeettomia. (syö tehoja)

-----------------------------------------------------------------

Kun käynnistät HijackThis =(HJT) ohjelman tee se hiiren oikealla napilla
ja valitset Suorita Järjestelmänvalvojana
(HJT sammuttaa ohjelman ei poista)
Sammuta selain ja muut ohjelmat Fixin ajaksi. (ei virustorjuntaa)
ja Scan ja ruksaa seuraavat punaisella listatut rivit sekä sammuta ne.
(fix Chekked napista)

R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

----------------------------------------------------------------

Tyhjennä roskakori ja käynnistä koneesi uudelleen.

Postita tänne seuraavat lokit:
* Tuore HijackThis loki (Otetaan viimeisenä ennen postitusta)
*
* Mikä on tilanne auttoiko yhtään ???
*

 

Ensinnäkin kiitoksia neuvoista! kaikki neuvot otan nöyrästi vastaan, kun itse olen aika palikka koneen kanssa. toiseksi lähtökohta oli se että essence security löysi uhkia eikä pystynyt poistamaan niitä ja kone kaatuili kokoajan, kun virustorjunta oli päällä. nyt virustorjunta on pois päältä. ja sitten asiaan eli tässä uusi loki ohjeitten jälkeen:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:53:44, on 9.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\mini\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\loki\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [ASUS WebStorage] C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\mini\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Verkkopalvelu')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\windows\system32\SearchIndexer.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\windows\system32\svchost.exe

--
End of file - 19031 bytes

 

.
OK

Lataa Malwarebytes' Anti-Malware työpöydällesi.

Jos linkki ei toimi, voit ladata myös seuraavista linkeistä:
Linkki1
Linkki2

* Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
* Lopuksi varmistu, että seuraavat on valittu: Päivitä Malwarebytes' Anti-Malware ja Käynnistä Malwarebytes' Anti-Malware ja sen jälkeen klikkaa Lopeta.
* Jos päivitys löytyy, ohjelma lataa ja asentaa uusimman version.
* Jos päivityksien lataaminen ei onnistu, voit ladata päivitykset TÄSTÄ. Tuplaklikkaa mbam-rules.exe asentaaksesi päivitykset.
* Kun ohjelma on latautunut ja päivitykset tehty, valitse Suorita täysi tarkistus ja klikkaa Tarkista.
* Kun tarkistus on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset.
* Varmistu, että kaikki on merkitty ja klikkaa Poista valitut.
* Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
* Lähetä lokin sisältö seuraavassa viestissäsi.[/list]

Huom. Jos Mbam ei pystynyt poistamaan tiedostoa, se pyytää sinua käynnistämään koneesi uudelleen. Käynnistä koneesi silloin uudelleen heti. Mbam voi tehdä muutoksia rekisteriisi osana puhdistusta. Jos käytät suojausohjelmaa, joka havaitsee rekisterin muutokset, salli Mbamin tehdä muutokset.

Lähetä =>

Kopioi Malwarebytes' Anti-Malwaren Logitiedostot välilehdeltä uusin logi tänne.

 

Samaa näkee monilla muillakin keskustelualueilla. Toki on paljon niitäkin, jotka kertovat, toimiko neuvo, ja myönteisessä tapauksessa kiittävätkin saamastaan avusta. Valitettavan usein kysyjä ei mitenkään noteeraa saamaansa vastausta silloinkaan, kun se on varmasti ratkaissut ongelman. Ollaan vaan hiljaa eikä neuvojakaan aina tiedä, menikö ohjeet perille.

 

.
Tottapuhut !!!
Jääpähän enemmän aikaa omiin projekteihin.

 

Noniin vähän aikaa taas kesti, kun hommat painaa päälle.
Tässä lista:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Tietokantaversio: v2012.09.10.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
mini :: MINI-PC [järjestelmänvalvoja]

10.9.2012 14:49:07
mbam-log-2012-09-10 (14-49-07).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|Q:\|)
Tarkistussuodattimia valittu: Muisti | Käynnistys | Rekisteri | Tietojärjestelmä | Heuristinen/Ylimäärinen | Heuristinen/Shuriken | Mahdollisesti haitallinen ohjelma | Mahdollisesti haitallinen muutos
Käytöstä poistetut tarkistusvalinnat: Vertaisverkko (Peer-to-Peer)
Tarkistettuja kohteita: 301360
Kulunut aika: 2 tunti(a), 11 minuutti(a), 16 sekunti(a)

Epäilyttäviä muistiprosesseja: 0
(Ei haitallisia kohteita)

Epäilyttäviä muistimoduuleja: 0
(Ei haitallisia kohteita)

Epäilyttäviä rekisteriavaimia: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Karanteenattu ja poistettu onnistuneesti.

Epäilyttäviä rekisteriarvoja: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Tiedot: C:\Users\mini\AppData\Local\{0ae480f9-4ece-209f-4524-24673a2416a2}\n. -> Karanteenattu ja poistettu onnistuneesti.

Epäilyttäviä rekisterikohteita: 0
(Ei haitallisia kohteita)

Epäilyttäviä kansioita: 0
(Ei haitallisia kohteita)

Epäilyttäviä tiedostoja: 5
C:\Windows\assembly\GAC\Desktop.ini (Trojan.0access) -> Poistetaan uudelleenkäynnistyksen yhteydessä.
C:\Windows\Installer\{0ae480f9-4ece-209f-4524-24673a2416a2}\U\00000004.@ (Rootkit.Zaccess) -> Karanteenattu ja poistettu onnistuneesti.
C:\Windows\Installer\{0ae480f9-4ece-209f-4524-24673a2416a2}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Karanteenattu ja poistettu onnistuneesti.
C:\Windows\Installer\{0ae480f9-4ece-209f-4524-24673a2416a2}\U\000000cb.@ (Rootkit.0Access) -> Karanteenattu ja poistettu onnistuneesti.
C:\Windows\Installer\{0ae480f9-4ece-209f-4524-24673a2416a2}\U\80000000.@ (Trojan.Small) -> Karanteenattu ja poistettu onnistuneesti.

(loppu)

 

.
Olihan siellä pöpöjä !!!

-------------

Käynnistä Malwarebytes Sieltä Karanteeni välileti ja tyhjennä roskat.

--------------------

Tuliko muutosta joko "Microsoft Security" pysyy käynnissä ???

 

Karanteeni tyhjennetty. Käynnistin koneen uudelleen niin tuli security essentials ilmoitus 4 eri vakavasta uhkasta: Trojan: Win32/sirefef.AB, Virus: Win32/sirefef.R, Virus: Win32/sirefef.AG, Virus: Win32/sirefef.AB, Virus: Win32/sirefef.AH, Virus: Win32/sirefef
Yritin poistaa security essencin omalla, mutta kone kaatui.

 

.
Ollenee jotain vakavampaa !!!

------------------------------------------------

Ole hyvä ja lataa TDSSKiller.zip ja pura ohjelma työpöydällesi.

* Tuplaklikkaa TDSSKiller.exe Käynnistääksesi ohjelman.
* Paina Start Scan, aloittaaksesi scannauksen.
* Älä muuta näitä asetuksia:
* Jos saastunut tiedosto on havaittu,Oletus toiminto on Cure,sitten paina Continue.
* Jos epäilyttävä tiedosto on havaittu,Oletus toiminto on Skip, sitten paina Continue.
* Sinua saatetaan pyytää käynnistämään kone uudelleen saattaaksesi puhdistus loppuun, Paina Reboot now.
* Nähdäksesi tulos raportin :
* Paina Report nappia ja kopioi sekä Liitä sisältö seuraavaan vastaukseesi.

-----------------------------------------------------------------------------

Tässä välissä älä käynnistä konetta uudelleen.
Jollei ohjelma sitä pyydä.

---------------------------------------------------

Ole hyvä ja lataa Combofix yhdestä alla olevista linkeistä:

Linkki 3

* TÄRKEÄÄ !!! Tallenna ComboFix.exe työpöydällesi

* Sulje/ota pois päältä kaikki virustorjunta- ja haittaohjelmien poisto-ohjelmat, jotta ne eivät häiritse ComboFixin ajoa.
(ei palomuuria)
* Tuplaklikkaa Combofix.exe ja noudata ohjeita.

* Osana skannausta Combofix tarkistaa onko palautuskonsoli asennettuna. Nykypäivän haittaohjelmien takia on erittäin suositeltua olla asennettuna palautuskonsoli ennen haittaohjelmien poistoa. Windowsin palautuskonsoli mahdollistaa käynnistyksen erityiseen palautustilaan. Palautuskonsolin kautta voimme auttaa sinua helpommin mikäli haittaohjelmien poiston yhteydessä ilmenee ongelmia.

* Seuraa ohjeita ja salli Combofixin ladata ja asentaa Microsoftin palautuskonsoli, ja kun pyydetään, hyväksy ohjelman takuuehdot asentaaksesi palautuskonsolin.

**Huomaa: Jos palautuskonsoli on jo asennettuna, Combofix jatkaa eteenpäin.



Kun Microsoftin palautuskonsoli on asennettu, sinun pitäisi nähdä seuraava viesti:



Klikkaa Kyllä jatkaaksesi skannausta.

Varoitus: ÄLÄ aja ComboFixia ilman valvontaa. Se ei ole lelu ja sitä ei tule käyttää rutiininomaisesti päivittäin.

Jos tarvitset apua, katso yksityiskohtaisempi ohje:
http://www.bleepingcomputer.com/combofix/fi/combofixin-kayttoohje

Kun ComboFix on valmis, se luo raportin. Ole hyvä ja kopioi/liitä
seuraavat raportit vastaukseesi:

C:\ComboFix.txt
Uusi HijackThis-loki

 

tässä tdsskillerin raportti:

15:50:40.0602 2416 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
15:50:41.0038 2416 ============================================================
15:50:41.0038 2416 Current date / time: 2012/09/12 15:50:41.0038
15:50:41.0038 2416 SystemInfo:
15:50:41.0038 2416
15:50:41.0038 2416 OS Version: 6.1.7601 ServicePack: 1.0
15:50:41.0038 2416 Product type: Workstation
15:50:41.0038 2416 ComputerName: MINI-PC
15:50:41.0038 2416 UserName: mini
15:50:41.0038 2416 Windows directory: C:\windows
15:50:41.0038 2416 System windows directory: C:\windows
15:50:41.0038 2416 Processor architecture: Intel x86
15:50:41.0038 2416 Number of processors: 2
15:50:41.0038 2416 Page size: 0x1000
15:50:41.0038 2416 Boot type: Normal boot
15:50:41.0038 2416 ============================================================
15:50:44.0018 2416 BG loaded
15:50:45.0360 2416 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:50:45.0890 2416 ============================================================
15:50:45.0890 2416 \Device\Harddisk0\DR0:
15:50:45.0890 2416 MBR partitions:
15:50:45.0890 2416 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
15:50:45.0890 2416 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0xEBBB000
15:50:45.0890 2416 ============================================================
15:50:45.0937 2416 C: <-> \Device\Harddisk0\DR0\Partition1
15:50:46.0249 2416 D: <-> \Device\Harddisk0\DR0\Partition2
15:50:46.0249 2416 ============================================================
15:50:46.0249 2416 Initialize success
15:50:46.0249 2416 ============================================================

 

yritän ajaa tota combofixiä, mutta sanoo että mulla ois päällä trend micro internet security. en löydä tollasta ohjelmaa mistään.

 

.
TDSS logi ei ollut kokonaan.

Comboa voit ajaa vikasietotilassa F 8

Harkitse myös palautus pisteen ottamista ennen ongelmaa.

 

tässä uusi killerin loki

11:55:06.0669 3516 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
11:55:06.0939 3516 ============================================================
11:55:06.0939 3516 Current date / time: 2012/09/13 11:55:06.0939
11:55:06.0939 3516 SystemInfo:
11:55:06.0939 3516
11:55:06.0939 3516 OS Version: 6.1.7601 ServicePack: 1.0
11:55:06.0939 3516 Product type: Workstation
11:55:06.0939 3516 ComputerName: MINI-PC
11:55:06.0939 3516 UserName: mini
11:55:06.0939 3516 Windows directory: C:\windows
11:55:06.0939 3516 System windows directory: C:\windows
11:55:06.0939 3516 Processor architecture: Intel x86
11:55:06.0939 3516 Number of processors: 2
11:55:06.0939 3516 Page size: 0x1000
11:55:06.0939 3516 Boot type: Normal boot
11:55:06.0939 3516 ============================================================
11:55:06.0969 3516 BG loaded
11:55:07.0729 3516 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:55:07.0819 3516 ============================================================
11:55:07.0829 3516 \Device\Harddisk0\DR0:
11:55:07.0839 3516 MBR partitions:
11:55:07.0839 3516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
11:55:07.0839 3516 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0xEBBB000
11:55:07.0839 3516 ============================================================
11:55:07.0869 3516 C: <-> \Device\Harddisk0\DR0\Partition1
11:55:07.0919 3516 D: <-> \Device\Harddisk0\DR0\Partition2
11:55:07.0919 3516 ============================================================
11:55:07.0919 3516 Initialize success
11:55:07.0919 3516 ============================================================
11:55:10.0479 3848 ============================================================
11:55:10.0479 3848 Scan started
11:55:10.0479 3848 Mode: Manual;
11:55:10.0479 3848 ============================================================
11:55:12.0119 3848 ================ Scan system memory ========================
11:55:12.0119 3848 System memory - ok
11:55:12.0119 3848 ================ Scan services =============================
11:55:12.0519 3848 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
11:55:12.0539 3848 1394ohci - ok
11:55:12.0579 3848 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
11:55:12.0589 3848 ACPI - ok
11:55:12.0639 3848 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
11:55:12.0639 3848 AcpiPmi - ok
11:55:12.0739 3848 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:55:12.0739 3848 AdobeFlashPlayerUpdateSvc - ok
11:55:12.0819 3848 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
11:55:12.0849 3848 adp94xx - ok
11:55:12.0899 3848 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
11:55:12.0909 3848 adpahci - ok
11:55:12.0939 3848 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
11:55:12.0949 3848 adpu320 - ok
11:55:13.0019 3848 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:55:13.0019 3848 AeLookupSvc - ok
11:55:13.0109 3848 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
11:55:13.0119 3848 AFD - ok
11:55:13.0159 3848 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
11:55:13.0159 3848 agp440 - ok
11:55:13.0259 3848 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
11:55:13.0269 3848 aic78xx - ok
11:55:13.0339 3848 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
11:55:13.0349 3848 ALG - ok
11:55:13.0379 3848 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
11:55:13.0389 3848 aliide - ok
11:55:13.0419 3848 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
11:55:13.0429 3848 amdagp - ok
11:55:13.0459 3848 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
11:55:13.0469 3848 amdide - ok
11:55:13.0519 3848 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
11:55:13.0529 3848 AmdK8 - ok
11:55:13.0549 3848 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
11:55:13.0559 3848 AmdPPM - ok
11:55:13.0599 3848 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
11:55:13.0609 3848 amdsata - ok
11:55:13.0649 3848 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
11:55:13.0659 3848 amdsbs - ok
11:55:13.0679 3848 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
11:55:13.0679 3848 amdxata - ok
11:55:13.0779 3848 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
11:55:13.0779 3848 AppID - ok
11:55:13.0839 3848 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:55:13.0849 3848 AppIDSvc - ok
11:55:13.0909 3848 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
11:55:13.0909 3848 Appinfo - ok
11:55:14.0009 3848 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
11:55:14.0009 3848 arc - ok
11:55:14.0049 3848 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
11:55:14.0059 3848 arcsas - ok
11:55:14.0129 3848 [ A9A565C669786C402752F609AFDD0DD5 ] AsUpIO C:\windows\system32\drivers\AsUpIO.sys
11:55:14.0129 3848 AsUpIO - ok
11:55:14.0199 3848 [ C4FB2613D3C75364BB159B9C23A00E7A ] AsusService C:\Windows\System32\AsusService.exe
11:55:14.0209 3848 AsusService - ok
11:55:14.0259 3848 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
11:55:14.0259 3848 AsyncMac - ok
11:55:14.0339 3848 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
11:55:14.0349 3848 atapi - ok
11:55:14.0469 3848 [ 31CB2740BFDBAC1E48E2B7EAD38F0D27 ] athr C:\windows\system32\DRIVERS\athr.sys
11:55:14.0569 3848 athr - ok
11:55:14.0639 3848 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
11:55:14.0659 3848 AudioEndpointBuilder - ok
11:55:14.0689 3848 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
11:55:14.0709 3848 Audiosrv - ok
11:55:14.0779 3848 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
11:55:14.0789 3848 AxInstSV - ok
11:55:14.0859 3848 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
11:55:14.0879 3848 b06bdrv - ok
11:55:14.0919 3848 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
11:55:14.0929 3848 b57nd60x - ok
11:55:14.0989 3848 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
11:55:14.0999 3848 BDESVC - ok
11:55:15.0029 3848 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
11:55:15.0029 3848 Beep - ok
11:55:15.0119 3848 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
11:55:15.0139 3848 BFE - ok
11:55:15.0259 3848 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
11:55:15.0289 3848 BITS - ok
11:55:15.0339 3848 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
11:55:15.0339 3848 blbdrive - ok
11:55:15.0399 3848 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:55:15.0399 3848 bowser - ok
11:55:15.0449 3848 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
11:55:15.0449 3848 BrFiltLo - ok
11:55:15.0479 3848 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
11:55:15.0479 3848 BrFiltUp - ok
11:55:15.0559 3848 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
11:55:15.0569 3848 BridgeMP - ok
11:55:15.0619 3848 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\windows\System32\browser.dll
11:55:15.0619 3848 Browser - ok
11:55:15.0659 3848 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
11:55:15.0669 3848 Brserid - ok
11:55:15.0699 3848 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
11:55:15.0709 3848 BrSerWdm - ok
11:55:15.0739 3848 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
11:55:15.0739 3848 BrUsbMdm - ok
11:55:15.0789 3848 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
11:55:15.0789 3848 BrUsbSer - ok
11:55:15.0849 3848 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
11:55:15.0859 3848 BthEnum - ok
11:55:15.0889 3848 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
11:55:15.0899 3848 BTHMODEM - ok
11:55:15.0939 3848 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
11:55:15.0949 3848 BthPan - ok
11:55:16.0029 3848 [ C2FBF6D271D9A94D839C416BF186EAD9 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
11:55:16.0049 3848 BTHPORT - ok
11:55:16.0119 3848 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
11:55:16.0119 3848 bthserv - ok
11:55:16.0179 3848 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
11:55:16.0189 3848 BTHUSB - ok
11:55:16.0249 3848 [ 92C5B845803F3662637EB691AC0B250F ] btusbflt C:\windows\system32\drivers\btusbflt.sys
11:55:16.0249 3848 btusbflt - ok
11:55:16.0279 3848 btwaudio - ok
11:55:16.0329 3848 btwavdt - ok
11:55:16.0349 3848 btwl2cap - ok
11:55:16.0379 3848 btwrchid - ok
11:55:16.0429 3848 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:55:16.0439 3848 cdfs - ok
11:55:16.0489 3848 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
11:55:16.0499 3848 cdrom - ok
11:55:16.0559 3848 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
11:55:16.0559 3848 CertPropSvc - ok
11:55:16.0619 3848 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
11:55:16.0629 3848 circlass - ok
11:55:16.0689 3848 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
11:55:16.0699 3848 CLFS - ok
11:55:16.0819 3848 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:55:16.0819 3848 clr_optimization_v2.0.50727_32 - ok
11:55:16.0949 3848 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:55:16.0989 3848 clr_optimization_v4.0.30319_32 - ok
11:55:17.0049 3848 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
11:55:17.0049 3848 CmBatt - ok
11:55:17.0089 3848 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
11:55:17.0099 3848 cmdide - ok
11:55:17.0159 3848 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
11:55:17.0169 3848 CNG - ok
11:55:17.0209 3848 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
11:55:17.0219 3848 Compbatt - ok
11:55:17.0289 3848 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
11:55:17.0299 3848 CompositeBus - ok
11:55:17.0329 3848 COMSysApp - ok
11:55:17.0429 3848 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
11:55:17.0429 3848 crcdisk - ok
11:55:17.0499 3848 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\windows\system32\cryptsvc.dll
11:55:17.0509 3848 CryptSvc - ok
11:55:17.0689 3848 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:55:17.0719 3848 cvhsvc - ok
11:55:17.0849 3848 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
11:55:17.0869 3848 DcomLaunch - ok
11:55:17.0929 3848 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
11:55:17.0939 3848 defragsvc - ok
11:55:18.0019 3848 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
11:55:18.0029 3848 DfsC - ok
11:55:18.0089 3848 [ 73FC5BC52572084EC1241514CF6230A0 ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
11:55:18.0089 3848 dg_ssudbus - ok
11:55:18.0169 3848 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
11:55:18.0179 3848 Dhcp - ok
11:55:18.0249 3848 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
11:55:18.0259 3848 discache - ok
11:55:18.0299 3848 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
11:55:18.0299 3848 Disk - ok
11:55:18.0379 3848 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
11:55:18.0389 3848 Dnscache - ok
11:55:18.0449 3848 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
11:55:18.0459 3848 dot3svc - ok
11:55:18.0509 3848 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
11:55:18.0509 3848 DPS - ok
11:55:18.0559 3848 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:55:18.0559 3848 drmkaud - ok
11:55:18.0609 3848 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:55:18.0639 3848 DXGKrnl - ok
11:55:18.0699 3848 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
11:55:18.0709 3848 EapHost - ok
11:55:18.0839 3848 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
11:55:18.0959 3848 ebdrv - ok
11:55:19.0059 3848 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
11:55:19.0069 3848 EFS - ok
11:55:19.0159 3848 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
11:55:19.0179 3848 elxstor - ok
11:55:19.0249 3848 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
11:55:19.0259 3848 ErrDev - ok
11:55:19.0369 3848 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
11:55:19.0379 3848 EventSystem - ok
11:55:19.0439 3848 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
11:55:19.0449 3848 exfat - ok
11:55:19.0479 3848 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
11:55:19.0489 3848 fastfat - ok
11:55:19.0569 3848 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
11:55:19.0599 3848 Fax - ok
11:55:19.0649 3848 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
11:55:19.0649 3848 fdc - ok
11:55:19.0689 3848 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
11:55:19.0689 3848 fdPHost - ok
11:55:19.0729 3848 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
11:55:19.0729 3848 FDResPub - ok
11:55:19.0759 3848 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:55:19.0769 3848 FileInfo - ok
11:55:19.0799 3848 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:55:19.0809 3848 Filetrace - ok
11:55:19.0849 3848 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
11:55:19.0849 3848 flpydisk - ok
11:55:19.0899 3848 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:55:19.0909 3848 FltMgr - ok
11:55:19.0999 3848 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
11:55:20.0039 3848 FontCache - ok
11:55:20.0129 3848 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:55:20.0129 3848 FontCache3.0.0.0 - ok
11:55:20.0189 3848 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:55:20.0189 3848 FsDepends - ok
11:55:20.0269 3848 [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
11:55:20.0269 3848 fssfltr - ok
11:55:20.0399 3848 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
11:55:20.0439 3848 fsssvc - ok
11:55:20.0499 3848 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:55:20.0499 3848 Fs_Rec - ok
11:55:20.0579 3848 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:55:20.0589 3848 fvevol - ok
11:55:20.0649 3848 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
11:55:20.0659 3848 gagp30kx - ok
11:55:20.0729 3848 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
11:55:20.0759 3848 gpsvc - ok
11:55:20.0839 3848 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
11:55:20.0849 3848 hcw85cir - ok
11:55:20.0909 3848 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:55:20.0919 3848 HdAudAddService - ok
11:55:20.0969 3848 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
11:55:20.0979 3848 HDAudBus - ok
11:55:21.0029 3848 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
11:55:21.0039 3848 HidBatt - ok
11:55:21.0069 3848 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
11:55:21.0079 3848 HidBth - ok
11:55:21.0119 3848 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
11:55:21.0119 3848 HidIr - ok
11:55:21.0169 3848 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
11:55:21.0179 3848 hidserv - ok
11:55:21.0249 3848 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
11:55:21.0249 3848 HidUsb - ok
11:55:21.0309 3848 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
11:55:21.0319 3848 hkmsvc - ok
11:55:21.0389 3848 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:55:21.0399 3848 HomeGroupListener - ok
11:55:21.0459 3848 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:55:21.0479 3848 HomeGroupProvider - ok
11:55:21.0539 3848 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
11:55:21.0549 3848 HpSAMD - ok
11:55:21.0629 3848 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
11:55:21.0649 3848 HTTP - ok
11:55:21.0729 3848 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:55:21.0739 3848 hwpolicy - ok
11:55:21.0789 3848 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
11:55:21.0799 3848 i8042prt - ok
11:55:21.0919 3848 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:55:21.0929 3848 IAANTMON - ok
11:55:21.0989 3848 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
11:55:21.0999 3848 iaStor - ok
11:55:22.0059 3848 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:55:22.0069 3848 iaStorV - ok
11:55:22.0199 3848 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:55:22.0249 3848 idsvc - ok
11:55:22.0709 3848 [ BA41E1BBA410212CE6D30E0DAC47972B ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
11:55:22.0889 3848 igfx - ok
11:55:22.0949 3848 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
11:55:22.0959 3848 iirsp - ok
11:55:23.0029 3848 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
11:55:23.0069 3848 IKEEXT - ok
11:55:23.0239 3848 [ BF9866875EDF86AAE24DD8BD9418DEFF ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
11:55:23.0379 3848 IntcAzAudAddService - ok
11:55:23.0439 3848 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
11:55:23.0439 3848 intelide - ok
11:55:23.0499 3848 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
11:55:23.0499 3848 intelppm - ok
11:55:23.0549 3848 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
11:55:23.0559 3848 IPBusEnum - ok
11:55:23.0589 3848 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:55:23.0599 3848 IpFilterDriver - ok
11:55:23.0699 3848 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:55:23.0729 3848 iphlpsvc - ok
11:55:23.0779 3848 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
11:55:23.0789 3848 IPMIDRV - ok
11:55:23.0839 3848 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:55:23.0839 3848 IPNAT - ok
11:55:23.0889 3848 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
11:55:23.0889 3848 IRENUM - ok
11:55:23.0939 3848 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
11:55:23.0939 3848 isapnp - ok
11:55:24.0009 3848 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
11:55:24.0019 3848 iScsiPrt - ok
11:55:24.0129 3848 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
11:55:24.0129 3848 kbdclass - ok
11:55:24.0209 3848 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
11:55:24.0209 3848 kbdhid - ok
11:55:24.0279 3848 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
11:55:24.0289 3848 kbfiltr - ok
11:55:24.0329 3848 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
11:55:24.0339 3848 KeyIso - ok
11:55:24.0399 3848 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:55:24.0409 3848 KSecDD - ok
11:55:24.0459 3848 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:55:24.0459 3848 KSecPkg - ok
11:55:24.0529 3848 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
11:55:24.0549 3848 KtmRm - ok
11:55:24.0629 3848 [ A158CEA8644B8A5C1EC0E9A81B70F65A ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
11:55:24.0629 3848 L1C - ok
11:55:24.0689 3848 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll
11:55:24.0699 3848 LanmanServer - ok
11:55:24.0759 3848 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:55:24.0769 3848 LanmanWorkstation - ok
11:55:24.0869 3848 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:55:24.0879 3848 lltdio - ok
11:55:24.0929 3848 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
11:55:24.0939 3848 lltdsvc - ok
11:55:24.0979 3848 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
11:55:24.0989 3848 lmhosts - ok
11:55:25.0039 3848 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
11:55:25.0049 3848 LSI_FC - ok
11:55:25.0079 3848 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
11:55:25.0089 3848 LSI_SAS - ok
11:55:25.0109 3848 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
11:55:25.0119 3848 LSI_SAS2 - ok
11:55:25.0149 3848 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
11:55:25.0149 3848 LSI_SCSI - ok
11:55:25.0199 3848 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
11:55:25.0199 3848 luafv - ok
11:55:25.0259 3848 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
11:55:25.0259 3848 megasas - ok
11:55:25.0299 3848 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
11:55:25.0309 3848 MegaSR - ok
11:55:25.0379 3848 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
11:55:25.0379 3848 MMCSS - ok
11:55:25.0419 3848 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
11:55:25.0419 3848 Modem - ok
11:55:25.0479 3848 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
11:55:25.0479 3848 monitor - ok
11:55:25.0509 3848 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
11:55:25.0519 3848 mouclass - ok
11:55:25.0549 3848 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
11:55:25.0549 3848 mouhid - ok
11:55:25.0609 3848 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:55:25.0609 3848 mountmgr - ok
11:55:25.0729 3848 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:55:25.0739 3848 MozillaMaintenance - ok
11:55:25.0799 3848 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
11:55:25.0799 3848 MpFilter - ok
11:55:25.0849 3848 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
11:55:25.0859 3848 mpio - ok
11:55:25.0909 3848 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:55:25.0909 3848 mpsdrv - ok
11:55:25.0999 3848 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:55:26.0009 3848 MRxDAV - ok
11:55:26.0059 3848 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:55:26.0069 3848 mrxsmb - ok
11:55:26.0099 3848 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:55:26.0109 3848 mrxsmb10 - ok
11:55:26.0149 3848 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:55:26.0159 3848 mrxsmb20 - ok
11:55:26.0179 3848 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
11:55:26.0189 3848 msahci - ok
11:55:26.0249 3848 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
11:55:26.0259 3848 msdsm - ok
11:55:26.0299 3848 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
11:55:26.0309 3848 MSDTC - ok
11:55:26.0379 3848 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
11:55:26.0389 3848 Msfs - ok
11:55:26.0419 3848 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:55:26.0429 3848 mshidkmdf - ok
11:55:26.0479 3848 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
11:55:26.0479 3848 msisadrv - ok
11:55:26.0529 3848 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:55:26.0549 3848 MSiSCSI - ok
11:55:26.0569 3848 msiserver - ok
11:55:26.0619 3848 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:55:26.0629 3848 MSKSSRV - ok
11:55:26.0709 3848 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
11:55:26.0709 3848 MsMpSvc - ok
11:55:26.0769 3848 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:55:26.0769 3848 MSPCLOCK - ok
11:55:26.0799 3848 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:55:26.0809 3848 MSPQM - ok
11:55:26.0839 3848 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:55:26.0849 3848 MsRPC - ok
11:55:26.0899 3848 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
11:55:26.0899 3848 mssmbios - ok
11:55:26.0939 3848 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:55:26.0939 3848 MSTEE - ok
11:55:26.0969 3848 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
11:55:26.0979 3848 MTConfig - ok
11:55:27.0019 3848 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
11:55:27.0019 3848 Mup - ok
11:55:27.0079 3848 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
11:55:27.0099 3848 napagent - ok
11:55:27.0149 3848 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:55:27.0159 3848 NativeWifiP - ok
11:55:27.0229 3848 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\windows\system32\drivers\ndis.sys
11:55:27.0259 3848 NDIS - ok
11:55:27.0339 3848 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:55:27.0339 3848 NdisCap - ok
11:55:27.0379 3848 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:55:27.0379 3848 NdisTapi - ok
11:55:27.0449 3848 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:55:27.0459 3848 Ndisuio - ok
11:55:27.0519 3848 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:55:27.0529 3848 NdisWan - ok
11:55:27.0589 3848 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:55:27.0599 3848 NDProxy - ok
11:55:27.0669 3848 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
11:55:27.0679 3848 Net Driver HPZ12 - ok
11:55:27.0729 3848 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:55:27.0739 3848 NetBIOS - ok
11:55:27.0789 3848 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:55:27.0799 3848 NetBT - ok
11:55:27.0829 3848 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
11:55:27.0839 3848 Netlogon - ok
11:55:27.0909 3848 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
11:55:27.0929 3848 Netman - ok
11:55:27.0969 3848 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
11:55:27.0989 3848 netprofm - ok
11:55:28.0049 3848 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:55:28.0059 3848 NetTcpPortSharing - ok
11:55:28.0159 3848 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
11:55:28.0159 3848 nfrd960 - ok
11:55:28.0219 3848 [ B52F26BADE7D7E4A79706E3FD91834CD ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
11:55:28.0219 3848 NisDrv - ok
11:55:28.0259 3848 [ 290C0D4C4889398797F8DF3BE00B9698 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
11:55:28.0269 3848 NisSrv - ok
11:55:28.0329 3848 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\windows\System32\nlasvc.dll
11:55:28.0339 3848 NlaSvc - ok
11:55:28.0389 3848 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
11:55:28.0399 3848 Npfs - ok
11:55:28.0449 3848 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
11:55:28.0459 3848 nsi - ok
11:55:28.0479 3848 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:55:28.0489 3848 nsiproxy - ok
11:55:28.0599 3848 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:55:28.0649 3848 Ntfs - ok
11:55:28.0689 3848 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
11:55:28.0699 3848 Null - ok
11:55:28.0749 3848 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:55:28.0759 3848 nvraid - ok
11:55:28.0789 3848 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:55:28.0799 3848 nvstor - ok
11:55:28.0849 3848 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:55:28.0859 3848 nv_agp - ok
11:55:28.0989 3848 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
11:55:28.0989 3848 ohci1394 - ok
11:55:29.0089 3848 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:55:29.0099 3848 ose - ok
11:55:29.0359 3848 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:55:29.0529 3848 osppsvc - ok
11:55:29.0599 3848 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:55:29.0639 3848 p2pimsvc - ok
11:55:29.0699 3848 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
11:55:29.0719 3848 p2psvc - ok
11:55:29.0759 3848 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
11:55:29.0769 3848 Parport - ok
11:55:29.0829 3848 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
11:55:29.0839 3848 partmgr - ok
11:55:29.0879 3848 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
11:55:29.0879 3848 Parvdm - ok
11:55:29.0939 3848 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
11:55:29.0949 3848 PcaSvc - ok
11:55:30.0009 3848 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
11:55:30.0009 3848 pci - ok
11:55:30.0039 3848 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
11:55:30.0049 3848 pciide - ok
11:55:30.0089 3848 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
11:55:30.0099 3848 pcmcia - ok
11:55:30.0129 3848 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
11:55:30.0129 3848 pcw - ok
11:55:30.0199 3848 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:55:30.0229 3848 PEAUTH - ok
11:55:30.0409 3848 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
11:55:30.0459 3848 pla - ok
11:55:30.0529 3848 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:55:30.0559 3848 PlugPlay - ok
11:55:30.0599 3848 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
11:55:30.0609 3848 Pml Driver HPZ12 - ok
11:55:30.0659 3848 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:55:30.0669 3848 PNRPAutoReg - ok
11:55:30.0719 3848 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:55:30.0729 3848 PNRPsvc - ok
11:55:30.0789 3848 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:55:30.0809 3848 PolicyAgent - ok
11:55:30.0879 3848 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
11:55:30.0889 3848 Power - ok
11:55:30.0949 3848 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
11:55:30.0949 3848 PptpMiniport - ok
11:55:30.0979 3848 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
11:55:30.0989 3848 Processor - ok
11:55:31.0049 3848 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
11:55:31.0059 3848 ProfSvc - ok
11:55:31.0089 3848 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
11:55:31.0099 3848 ProtectedStorage - ok
11:55:31.0159 3848 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:55:31.0169 3848 Psched - ok
11:55:31.0359 3848 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
11:55:31.0419 3848 ql2300 - ok
11:55:31.0459 3848 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
11:55:31.0469 3848 ql40xx - ok
11:55:31.0559 3848 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
11:55:31.0579 3848 QWAVE - ok
11:55:31.0629 3848 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:55:31.0629 3848 QWAVEdrv - ok
11:55:31.0679 3848 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:55:31.0679 3848 RasAcd - ok
11:55:31.0749 3848 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
11:55:31.0759 3848 RasAgileVpn - ok
11:55:31.0799 3848 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
11:55:31.0819 3848 RasAuto - ok
11:55:31.0849 3848 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
11:55:31.0849 3848 Rasl2tp - ok
11:55:31.0929 3848 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
11:55:31.0949 3848 RasMan - ok
11:55:31.0989 3848 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:55:31.0989 3848 RasPppoe - ok
11:55:32.0049 3848 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
11:55:32.0059 3848 RasSstp - ok
11:55:32.0129 3848 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:55:32.0129 3848 rdbss - ok
11:55:32.0169 3848 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
11:55:32.0179 3848 rdpbus - ok
11:55:32.0229 3848 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
11:55:32.0229 3848 RDPCDD - ok
11:55:32.0279 3848 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
11:55:32.0279 3848 RDPENCDD - ok
11:55:32.0319 3848 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
11:55:32.0329 3848 RDPREFMP - ok
11:55:32.0389 3848 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
11:55:32.0409 3848 RDPWD - ok
11:55:32.0469 3848 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:55:32.0479 3848 rdyboost - ok
11:55:32.0549 3848 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
11:55:32.0559 3848 RemoteAccess - ok
11:55:32.0619 3848 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
11:55:32.0629 3848 RemoteRegistry - ok
11:55:32.0699 3848 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
11:55:32.0709 3848 RFCOMM - ok
11:55:32.0809 3848 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:55:32.0819 3848 RpcEptMapper - ok
11:55:32.0869 3848 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
11:55:32.0879 3848 RpcLocator - ok
11:55:32.0929 3848 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
11:55:32.0939 3848 RpcSs - ok
11:55:33.0019 3848 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:55:33.0019 3848 rspndr - ok
11:55:33.0069 3848 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
11:55:33.0079 3848 SamSs - ok
11:55:33.0149 3848 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:55:33.0159 3848 sbp2port - ok
11:55:33.0209 3848 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
11:55:33.0219 3848 SCardSvr - ok
11:55:33.0249 3848 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:55:33.0259 3848 scfilter - ok
11:55:33.0329 3848 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
11:55:33.0369 3848 Schedule - ok
11:55:33.0409 3848 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
11:55:33.0419 3848 SCPolicySvc - ok
11:55:33.0489 3848 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
11:55:33.0509 3848 SDRSVC - ok
11:55:33.0569 3848 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
11:55:33.0569 3848 secdrv - ok
11:55:33.0619 3848 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
11:55:33.0639 3848 seclogon - ok
11:55:33.0669 3848 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
11:55:33.0679 3848 SENS - ok
11:55:33.0709 3848 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
11:55:33.0719 3848 Serenum - ok
11:55:33.0759 3848 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
11:55:33.0769 3848 Serial - ok
11:55:33.0809 3848 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
11:55:33.0819 3848 sermouse - ok
11:55:33.0919 3848 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
11:55:33.0939 3848 SessionEnv - ok
11:55:33.0989 3848 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
11:55:33.0989 3848 sffdisk - ok
11:55:34.0019 3848 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
11:55:34.0029 3848 sffp_mmc - ok
11:55:34.0059 3848 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
11:55:34.0059 3848 sffp_sd - ok
11:55:34.0099 3848 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
11:55:34.0109 3848 sfloppy - ok
11:55:34.0189 3848 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
11:55:34.0229 3848 Sftfs - ok
11:55:34.0319 3848 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
11:55:34.0349 3848 sftlist - ok
11:55:34.0399 3848 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
11:55:34.0409 3848 Sftplay - ok
11:55:34.0439 3848 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
11:55:34.0449 3848 Sftredir - ok
11:55:34.0479 3848 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
11:55:34.0489 3848 Sftvol - ok
11:55:34.0519 3848 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
11:55:34.0529 3848 sftvsa - ok
11:55:34.0579 3848 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:55:34.0619 3848 ShellHWDetection - ok
11:55:34.0669 3848 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
11:55:34.0669 3848 sisagp - ok
11:55:34.0729 3848 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
11:55:34.0739 3848 SiSRaid2 - ok
11:55:34.0759 3848 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
11:55:34.0769 3848 SiSRaid4 - ok
11:55:34.0819 3848 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
11:55:34.0819 3848 Smb - ok
11:55:34.0909 3848 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:55:34.0919 3848 SNMPTRAP - ok
11:55:34.0949 3848 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
11:55:34.0949 3848 spldr - ok
11:55:35.0019 3848 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\windows\System32\spoolsv.exe
11:55:35.0029 3848 Spooler - ok
11:55:35.0169 3848 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
11:55:35.0269 3848 sppsvc - ok
11:55:35.0319 3848 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
11:55:35.0329 3848 sppuinotify - ok
11:55:35.0379 3848 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
11:55:35.0389 3848 srv - ok
11:55:35.0429 3848 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:55:35.0439 3848 srv2 - ok
11:55:35.0469 3848 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:55:35.0479 3848 srvnet - ok
11:55:35.0539 3848 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:55:35.0549 3848 SSDPSRV - ok
11:55:35.0579 3848 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
11:55:35.0589 3848 SstpSvc - ok
11:55:35.0649 3848 [ E3D493BFB7CD108EC50B2F560C96367C ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
11:55:35.0649 3848 ssudmdm - ok
11:55:35.0689 3848 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
11:55:35.0699 3848 stexstor - ok
11:55:35.0769 3848 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
11:55:35.0809 3848 StiSvc - ok
11:55:35.0849 3848 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
11:55:35.0859 3848 swenum - ok
11:55:35.0909 3848 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
11:55:35.0919 3848 swprv - ok
11:55:35.0989 3848 [ BD8E7F87DE409A745A132A8812DE5A96 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:55:35.0999 3848 SynTP - ok
11:55:36.0089 3848 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
11:55:36.0139 3848 SysMain - ok
11:55:36.0199 3848 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
11:55:36.0219 3848 TabletInputService - ok
11:55:36.0269 3848 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
11:55:36.0289 3848 TapiSrv - ok
11:55:36.0369 3848 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
11:55:36.0389 3848 TBS - ok
11:55:36.0479 3848 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:55:36.0539 3848 Tcpip - ok
11:55:36.0599 3848 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:55:36.0619 3848 TCPIP6 - ok
11:55:36.0709 3848 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:55:36.0709 3848 tcpipreg - ok
11:55:36.0789 3848 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
11:55:36.0799 3848 TDPIPE - ok
11:55:36.0849 3848 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
11:55:36.0859 3848 TDTCP - ok
11:55:36.0929 3848 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:55:36.0939 3848 tdx - ok
11:55:36.0989 3848 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
11:55:36.0999 3848 TermDD - ok
11:55:37.0069 3848 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
11:55:37.0119 3848 TermService - ok
11:55:37.0189 3848 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
11:55:37.0209 3848 Themes - ok
11:55:37.0239 3848 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
11:55:37.0249 3848 THREADORDER - ok
11:55:37.0329 3848 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
11:55:37.0339 3848 TrkWks - ok
11:55:37.0429 3848 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:55:37.0439 3848 TrustedInstaller - ok
11:55:37.0479 3848 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
11:55:37.0489 3848 tssecsrv - ok
11:55:37.0569 3848 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:55:37.0579 3848 TsUsbFlt - ok
11:55:37.0649 3848 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:55:37.0659 3848 tunnel - ok
11:55:37.0719 3848 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
11:55:37.0719 3848 uagp35 - ok
11:55:37.0759 3848 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:55:37.0769 3848 udfs - ok
11:55:37.0869 3848 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
11:55:37.0879 3848 UI0Detect - ok
11:55:37.0949 3848 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:55:37.0949 3848 uliagpkx - ok
11:55:38.0009 3848 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\DRIVERS\umbus.sys
11:55:38.0019 3848 umbus - ok
11:55:38.0059 3848 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
11:55:38.0069 3848 UmPass - ok
11:55:38.0119 3848 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
11:55:38.0139 3848 upnphost - ok
11:55:38.0219 3848 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
11:55:38.0219 3848 usbccgp - ok
11:55:38.0259 3848 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
11:55:38.0269 3848 usbcir - ok
11:55:38.0299 3848 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
11:55:38.0309 3848 usbehci - ok
11:55:38.0359 3848 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
11:55:38.0369 3848 usbhub - ok
11:55:38.0409 3848 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
11:55:38.0419 3848 usbohci - ok
11:55:38.0489 3848 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
11:55:38.0499 3848 usbprint - ok
11:55:38.0539 3848 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
11:55:38.0549 3848 usbscan - ok
11:55:38.0579 3848 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
11:55:38.0589 3848 USBSTOR - ok
11:55:38.0639 3848 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
11:55:38.0649 3848 usbuhci - ok
11:55:38.0729 3848 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
11:55:38.0739 3848 usbvideo - ok
11:55:38.0819 3848 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
11:55:38.0839 3848 UxSms - ok
11:55:38.0869 3848 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
11:55:38.0879 3848 VaultSvc - ok
11:55:38.0919 3848 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
11:55:38.0919 3848 vdrvroot - ok
11:55:39.0009 3848 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
11:55:39.0039 3848 vds - ok
11:55:39.0089 3848 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
11:55:39.0089 3848 vga - ok
11:55:39.0129 3848 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
11:55:39.0129 3848 VgaSave - ok
11:55:39.0179 3848 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
11:55:39.0189 3848 vhdmp - ok
11:55:39.0229 3848 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
11:55:39.0239 3848 viaagp - ok
11:55:39.0279 3848 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
11:55:39.0289 3848 ViaC7 - ok
11:55:39.0319 3848 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
11:55:39.0329 3848 viaide - ok
11:55:39.0399 3848 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
11:55:39.0409 3848 volmgr - ok
11:55:39.0449 3848 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:55:39.0469 3848 volmgrx - ok
11:55:39.0519 3848 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
11:55:39.0529 3848 volsnap - ok
11:55:39.0589 3848 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
11:55:39.0599 3848 vsmraid - ok
11:55:39.0689 3848 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
11:55:39.0749 3848 VSS - ok
11:55:39.0799 3848 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
11:55:39.0799 3848 vwifibus - ok
11:55:39.0849 3848 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:55:39.0859 3848 vwififlt - ok
11:55:39.0919 3848 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
11:55:39.0959 3848 W32Time - ok
11:55:40.0019 3848 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
11:55:40.0029 3848 WacomPen - ok
11:55:40.0089 3848 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
11:55:40.0099 3848 WANARP - ok
11:55:40.0109 3848 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
11:55:40.0109 3848 Wanarpv6 - ok
11:55:40.0199 3848 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
11:55:40.0249 3848 wbengine - ok
11:55:40.0289 3848 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:55:40.0309 3848 WbioSrvc - ok
11:55:40.0369 3848 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
11:55:40.0389 3848 wcncsvc - ok
11:55:40.0419 3848 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:55:40.0429 3848 WcsPlugInService - ok
11:55:40.0479 3848 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
11:55:40.0489 3848 Wd - ok
11:55:40.0519 3848 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:55:40.0529 3848 Wdf01000 - ok
11:55:40.0559 3848 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
11:55:40.0569 3848 WdiServiceHost - ok
11:55:40.0579 3848 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
11:55:40.0589 3848 WdiSystemHost - ok
11:55:40.0639 3848 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
11:55:40.0649 3848 WebClient - ok
11:55:40.0699 3848 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
11:55:40.0709 3848 Wecsvc - ok
11:55:40.0739 3848 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
11:55:40.0749 3848 wercplsupport - ok
11:55:40.0789 3848 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
11:55:40.0799 3848 WerSvc - ok
11:55:40.0839 3848 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
11:55:40.0839 3848 WfpLwf - ok
11:55:40.0859 3848 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:55:40.0859 3848 WIMMount - ok
11:55:40.0959 3848 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:55:40.0969 3848 WinDefend - ok
11:55:40.0999 3848 WinHttpAutoProxySvc - ok
11:55:41.0089 3848 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:55:41.0099 3848 Winmgmt - ok
11:55:41.0179 3848 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
11:55:41.0229 3848 WinRM - ok
11:55:41.0339 3848 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
11:55:41.0339 3848 WinUsb - ok
11:55:41.0409 3848 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
11:55:41.0449 3848 Wlansvc - ok
11:55:41.0519 3848 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
11:55:41.0519 3848 WmiAcpi - ok
11:55:41.0589 3848 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:55:41.0599 3848 wmiApSrv - ok
11:55:41.0689 3848 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:55:41.0739 3848 WMPNetworkSvc - ok
11:55:41.0799 3848 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
11:55:41.0819 3848 WPCSvc - ok
11:55:41.0869 3848 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:55:41.0889 3848 WPDBusEnum - ok
11:55:41.0949 3848 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:55:41.0959 3848 ws2ifsl - ok
11:55:42.0019 3848 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll
11:55:42.0039 3848 wscsvc - ok
11:55:42.0059 3848 WSearch - ok
11:55:42.0229 3848 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
11:55:42.0299 3848 wuauserv - ok
11:55:42.0359 3848 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:55:42.0369 3848 WudfPf - ok
11:55:42.0449 3848 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
11:55:42.0459 3848 WUDFRd - ok
11:55:42.0519 3848 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:55:42.0529 3848 wudfsvc - ok
11:55:42.0579 3848 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
11:55:42.0589 3848 WwanSvc - ok
11:55:42.0799 3848 ================ Scan global ===============================
11:55:42.0849 3848 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
11:55:42.0889 3848 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
11:55:42.0929 3848 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
11:55:42.0989 3848 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
11:55:43.0029 3848 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
11:55:43.0039 3848 [Global] - ok
11:55:43.0039 3848 ================ Scan MBR ==================================
11:55:43.0049 3848 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:55:43.0899 3848 \Device\Harddisk0\DR0 - ok
11:55:43.0899 3848 ================ Scan VBR ==================================
11:55:43.0909 3848 [ 1EAD98DD48795CAFF415F9490430D94D ] \Device\Harddisk0\DR0\Partition1
11:55:43.0919 3848 \Device\Harddisk0\DR0\Partition1 - ok
11:55:43.0949 3848 [ E561D3855E7409F40C075F86402524CE ] \Device\Harddisk0\DR0\Partition2
11:55:43.0959 3848 \Device\Harddisk0\DR0\Partition2 - ok
11:55:43.0959 3848 ============================================================
11:55:43.0959 3848 Scan finished
11:55:43.0959 3848 ============================================================
11:55:44.0009 3780 Detected object count: 0
11:55:44.0009 3780 Actual detected object count: 0

 

combofix:

ComboFix 12-09-12.02 - mini 13.09.2012 12:05:34.1.2 - x86 MINIMAL
Microsoft Windows 7 Starter 6.1.7601.1.1252.358.1035.18.1014.414 [GMT 3:00]
Sijainti: c:\users\mini\Downloads\ComboFix.exe
AV: Trend Micro Internet Security *Enabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
FW: Trend Micro Personal Firewall *Enabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B}
SP: Trend Micro Internet Security *Enabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Uusi palautuspiste luotu
.
.
(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\system32\service
c:\windows\system32\service\01102011_TIS17_SfFniAU.log
c:\windows\system32\service\01112011_TIS17_PccScan.log
c:\windows\system32\service\02072011_TIS17_PccScan.log
c:\windows\system32\service\03032012_TIS17_PccScan.log
c:\windows\system32\service\03052012_TIS17_SfFniAU.log
c:\windows\system32\service\04022012_TIS17_PccScan.log
c:\windows\system32\service\04032012_TIS17_SfFniAU.log
c:\windows\system32\service\04072011_TIS17_SfFniAU.log
c:\windows\system32\service\05022012_TIS17_PccScan.log
c:\windows\system32\service\05042012_TIS17_PccScan.log
c:\windows\system32\service\05102011_TIS17_SfFniAU.log
c:\windows\system32\service\06032012_TIS17_PccScan.log
c:\windows\system32\service\06112011_TIS17_SfFniAU.log
c:\windows\system32\service\07022012_TIS17_SfFniAU.log
c:\windows\system32\service\07062012_TIS17_SfFniAU.log
c:\windows\system32\service\07082012_TIS17_PccScan.log
c:\windows\system32\service\07092011_TIS17_SfFniAU.log
c:\windows\system32\service\07112011_TIS17_SfFniAU.log
c:\windows\system32\service\08072011_TIS17_SfFniAU.log
c:\windows\system32\service\08072012_TIS17_SfFniAU.log
c:\windows\system32\service\08082012_TIS17_SfFniAU.log
c:\windows\system32\service\09012012_TIS17_SfFniAU.log
c:\windows\system32\service\09062012_TIS17_SfFniAU.log
c:\windows\system32\service\09072012_TIS17_SfFniAU.log
c:\windows\system32\service\09082011_TIS17_SfFniAU.log
c:\windows\system32\service\09112011_TIS17_SfFniAU.log
c:\windows\system32\service\10082011_TIS17_PccScan.log
c:\windows\system32\service\11032012_TIS17_PccScan.log
c:\windows\system32\service\11062011_TIS17_SfFniAU.log
c:\windows\system32\service\11082011_TIS17_SfFniAU.log
c:\windows\system32\service\11092011_TIS17_SfFniAU.log
c:\windows\system32\service\11102011_TIS17_SfFniAU.log
c:\windows\system32\service\11112011_TIS17_SfFniAU.log
c:\windows\system32\service\12022012_TIS17_PccScan.log
c:\windows\system32\service\12082011_TIS17_PccScan.log
c:\windows\system32\service\12102011_TIS17_SfFniAU.log
c:\windows\system32\service\12122011_TIS17_SfFniAU.log
c:\windows\system32\service\13092011_TIS17_SfFniAU.log
c:\windows\system32\service\13102011_TIS17_SfFniAU.log
c:\windows\system32\service\13122011_TIS17_PccScan.log
c:\windows\system32\service\15092011_TIS17_SfFniAU.log
c:\windows\system32\service\15102011_TIS17_SfFniAU.log
c:\windows\system32\service\19062012_TIS17_PccScan.log
c:\windows\system32\service\19122011_TIS17_SfFniAU.log
c:\windows\system32\service\20032012_TIS17_PccScan.log
c:\windows\system32\service\20052012_TIS17_SfFniAU.log
c:\windows\system32\service\20072011_TIS17_PccScan.log
c:\windows\system32\service\20092011_TIS17_PccScan.log
c:\windows\system32\service\22082011_TIS17_PccScan.log
c:\windows\system32\service\23032012_TIS17_PccScan.log
c:\windows\system32\service\24052012_TIS17_SfFniAU.log
c:\windows\system32\service\25042012_TIS17_SfFniAU.log
c:\windows\system32\service\25072012_TIS17_SfFniAU.log
c:\windows\system32\service\26022012_TIS17_SfFniAU.log
c:\windows\system32\service\27022012_TIS17_SfFniAU.log
c:\windows\system32\service\27052012_TIS17_SfFniAU.log
c:\windows\system32\service\27062011_TIS17_SfFniAU.log
c:\windows\system32\service\27082011_TIS17_SfFniAU.log
c:\windows\system32\service\27092011_TIS17_SfFniAU.log
c:\windows\system32\service\28122011_TIS17_SfFniAU.log
c:\windows\system32\service\29032012_TIS17_PccScan.log
c:\windows\system32\service\29112011_TIS17_SfFniAU.log
c:\windows\system32\service\30032012_TIS17_SfFniAU.log
c:\windows\system32\service\30072011_TIS17_SfFniAU.log
c:\windows\system32\service\31072011_TIS17_SfFniAU.log
c:\windows\system32\service\31102011_TIS17_SfFniAU.log
.
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-08-13 to 2012-09-13 )))))))))))))))))
.
.
2030-01-04 06:49 . 2011-06-12 16:50 -------- d-----w- C:\Boot
2012-09-13 09:17 . 2012-09-13 09:17 -------- d-----w- c:\users\mini\AppData\Local\temp
2012-09-13 09:17 . 2012-09-13 09:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-13 09:09 . 2012-09-13 09:09 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{632144AF-C7A6-459B-BF73-1EFE3F03CF45}\offreg.dll
2012-09-12 12:46 . 2012-09-12 12:46 -------- d-----w- C:\TDSSKiller_Quarantine
2012-09-12 09:26 . 2012-09-13 08:59 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AEA6565E-A2F3-4249-9EE5-3216506955B6}\offreg.dll
2012-09-10 11:36 . 2012-09-10 11:36 -------- d-----w- c:\users\mini\AppData\Roaming\Malwarebytes
2012-09-10 11:35 . 2012-09-10 11:35 -------- d-----w- c:\programdata\Malwarebytes
2012-09-10 11:35 . 2012-09-10 11:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-10 11:35 . 2012-07-03 10:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-06 17:45 . 2012-08-01 22:51 7023536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AEA6565E-A2F3-4249-9EE5-3216506955B6}\mpengine.dll
2012-09-03 18:39 . 2012-09-03 18:39 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-08-25 16:12 . 2012-08-01 22:51 7023536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-18 18:45 . 2012-08-18 18:45 -------- d-----w- c:\program files\ESET
2012-08-17 12:28 . 2012-08-17 12:28 -------- d-----w- c:\users\mini\AppData\Local\Macromedia
2012-08-17 07:17 . 2012-09-12 08:03 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-17 07:05 . 2012-08-17 07:05 -------- d-----w- c:\program files\Oracle
2012-08-15 13:42 . 2012-08-15 13:42 388096 ----a-r- c:\users\mini\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-15 13:42 . 2012-08-15 13:42 -------- d-----w- C:\loki
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-12 12:49 . 2009-07-13 23:11 259072 ----a-w- c:\windows\system32\services.exe
2012-09-12 08:03 . 2011-06-09 17:00 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-05 19:06 . 2012-05-13 12:43 772544 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-05 19:06 . 2011-06-13 14:58 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-29 08:44 . 2012-07-27 12:14 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{632144AF-C7A6-459B-BF73-1EFE3F03CF45}\mpengine.dll
2012-06-25 13:04 . 2012-06-25 13:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-07-21 07:55 . 2012-06-20 20:48 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\mini\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-25 1193176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"HotkeyMon"="AsusSender.exe" [2011-07-13 34728]
"HotkeyService"="AsusSender.exe" [2011-07-13 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-07-13 34728]
"LiveUpdate"="AsusSender.exe" [2011-07-13 34728]
"CapsHook"="AsusSender.exe" [2011-07-13 34728]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-03-29 415920]
"ASUS WebStorage"="c:\program files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-05-26 9177632]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-13 1594664]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-06-25 2018032]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2010-04-13 83240]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-25 173592]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\ASUS\AsusVibe\AsusVibeLauncher.exe [2012-5-13 549040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
R2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoftin verkon tarkastus;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
'Ajoitetut tehtävät'-kansion sisältö
.
2012-09-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-17 08:03]
.
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://asus.msn.com
TCP: DhcpNameServer = 192.168.100.1
FF - ProfilePath - c:\users\mini\AppData\Roaming\Mozilla\Firefox\Profiles\8xll5b63.default\
.
- - - - POISTETUT JÄMÄRIVIT - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
SafeBoot-83982306.sys
.
.
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Valmistumisajankohta: 2012-09-13 12:22:12
ComboFix-quarantined-files.txt 2012-09-13 09:22
.
Ennen ajoa: 42 625 585 152 tavua vapaana
Ajon jälkeen: 42 751 504 384 tavua vapaana
.
- - End Of File - - AD5A76034852531A5F04A74BBF9A0EAB

 

ja hjt loki:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:09:50, on 13.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\mini\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\loki\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [ASUS WebStorage] C:\Program Files\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\mini\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: SharedAccess - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\windows\system32\svchost.exe

--
End of file - 19087 bytes

 

tein ton combofixin vikasietotilassa, mutta silti se herjasi siitä että trend micro internet security olisi päällä, vaikka se on poistettu ccleanerin poisto työkalulla.

 

.
Kyllähä tuo Combo kasan pöpöjä löyti ja poisti !!!

---------------------------------------------------------

Lataa työpöydälle => TÄMÄ
* Sulje kaikki päälläolevat ikkunat ja sovellukset.


Kopioi alla olevasta laatikosta kaikki muistiin. (Ctrl+C)

Koodi:

:Files
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini

:commands
[PURITY]
[EMPTYTEMP]
[EMPTYFLASH]

* Käynnistät OTL.exen = tee se hiiren oikealla napilla
ja valitset Suorita Järjestelmänvalvojana
* Liitä muistista texti OTL:n valkoiseen laatikkoon (Custom Scans/Fixes)
* Paina sitten Run Fix nappia
Lopuksi se pyytää koneen ReStarttia => OK
Logi aukeaa muistioon josta kopioit sen viestiisi.
Tällä kertaa ei tule enään Extra.txt logia.

----------------------------------------------------------------------

Kerro vieläkö virukset temppuilee ja miten ???

Onko sulla tarkoitus poistaa koneelta kokonaan =>
"trend micro internet security"

Lähetä => OTL.log

 

Joo olis toi trend micro internet security tarkoitus poistaa.
tällä hetkellä ei toi microsoft security ainakaan herjaa mitään, kun laitoin realiaikaisen suojauksen päälle.
Ja lopuksi tässä lista:

All processes killed
========== FILES ==========
File\Folder C:\Windows\assembly\GAC_32\Desktop.ini not found.
File\Folder C:\Windows\assembly\GAC_64\Desktop.ini not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 321 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: mini
->Temp folder emptied: 309 bytes
->Temporary Internet Files folder emptied: 5076674 bytes
->Java cache emptied: 208560908 bytes
->FireFox cache emptied: 75537052 bytes
->Flash cache emptied: 32204 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 553182 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 276.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: mini
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.61.3 log created on 09132012_160424

Files\Folders moved on Reboot...
C:\windows\temp\HS.log moved successfully.
File\Folder C:\windows\temp\TMP000000740A37F055B4C771E6 not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...