1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

Selain sekoilee

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi kake47 04.02.2015.

  1. kake47

    kake47 Member

    Liittynyt:
    22.02.2007
    Viestejä:
    38
    Kiitokset:
    0
    Pisteet:
    16
    Avas heittelee kokoajan herjoja "selain on estänyt sivuston" ja kokoajan aukeilee itsestään sivuja missä on suurimmaksi osaksi jotain virusohjelmia. tämänkin kirjoittaminen on vaikeaa kun pompsahtelee noita varoituksia eteen.Voisiko joku auttaa.
    Tässä hijackthis logi

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 19:48:47, on 4.2.2015
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.17496)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
    C:\Program Files (x86)\PicPick\picpick.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
    C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
    C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
    C:\Program Files\AVAST Software\Avast\avastui.exe
    C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Microsoft-tilin kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
    O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    O4 - HKLM\..\Run: [IndicatorUtility] "C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
    O4 - HKLM\..\Run: [DeskUpdateNotifier] "C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe"
    O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
    O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKCU\..\Run: [AudialsNotifier] C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
    O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Kaitsu\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
    O4 - HKCU\..\Run: [PicPick Start] "C:\Program Files (x86)\PicPick\picpick.exe" /startup
    O4 - .DEFAULT User Startup: LaunchCenter.lnk = C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (User 'Default user')
    O4 - Startup: LaunchCenter.lnk = C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: DTSAudioSvc - DTS, Inc - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
    O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: FUJ02E3Service - FUJITSU LIMITED - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
    O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Google Päivitä-palvelu (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Päivitä-palvelu (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
    O23 - Service: PFNService - FUJITSU LIMITED - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: PowerSavingUtilityService - FUJITSU LIMITED - C:\Program Files\Fujitsu\PSUtility\PSUService.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

    --
    End of file - 26339 bytes
     
  2.  
  3. Nanna_86

    Nanna_86 Active member

    Liittynyt:
    03.09.2014
    Viestejä:
    561
    Kiitokset:
    124
    Pisteet:
    53
    Lataa AdwCleaner tästä. (4.1.0.9)
    • Sulje kaikki avoimet ohjelmat ja Internet-selain tarkistuksen ajaksi.
    • Tuplaklikkaa AdwCleaner.exe auki ja valitse " Scan ".
    • Kun tarkistus on valmis, Valitse " Clean ".
    • Tietokone käynnistyy automaattisesti ohjelman valmistuttua.
    • Käynnistyessään, Saat näkyviin lokitiedoston. Lähetä se seuraavassa viestissäsi.
    • Loki löytyy myös polusta: C:\AdwCleaner[R1].txt



    [​IMG]

    -------

    Lataa Junkware Removal Tool tästä.

    • Suorita ohjelma ( JRT.exe ) kaksoisnapsauttamalla sitä. ( Jos käytössä on Windows Vista, 7 tai 8; valitse oikealla " Suorita järjestelmänvalvojana ". )
    • Ohjelma avautuu ja aloittaa järjestelmän tarkastuksen
    • Kun tarkistus on valmis, Se tallentaa lokitiedoston ( JRT.txt ) työpöydällesi ja avautuu automaattisesti.
    • Lähetä JRT.txt sisältö seuraavassa viestissäsi.
    [​IMG]

    --------------



    Lataa OTL ( OldTimerListIt ) tästä.
    - OTL, monikäyttöinen diagnostinen haittaohjelmien poistotyökalu. Tunnistaa järjestelmässä tapahtuneet muutokset. Tunnistaa mm. eri haitta- ja vakoiluohjelmia. Luo yksityiskohtaisen raportin tiedostoista, rekistereistä.

    * Tallenna ohjelma työpöydällesi
    * käynnistä OTL.exe
    * Vaihda File age kohtaan " 30 days " jos ei tämä ollut jo vakiona ja aloita tarkistus " Run Scan ".
    * Kun tarkistus on valmis , saat näkyviin tekstitiedoston (OTL.txt) ja (Extras.txt), joissa on listattu muutoksia/tapahtumia 30 päivän ajan.
    * Lisää OTL.txt -tiedoston sisältö seuraavaan viestiisi.

    [​IMG]


     
  4. kake47

    kake47 Member

    Liittynyt:
    22.02.2007
    Viestejä:
    38
    Kiitokset:
    0
    Pisteet:
    16
    Tässä pyytämäsi raportit.
    Kiitos kun autat.

    # AdwCleaner v4.109 - Report created 04/02/2015 at 21:19:53
    # Updated 24/01/2015 by Xplode
    # Database : 2015-02-04.1 [Live]
    # Operating System : Windows 7 Professional Service Pack 1 (64 bits)
    # Username : Kaitsu - KAITSU-PC
    # Running from : C:\Users\Kaitsu\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Users\Kaitsu\AppData\Local\CrashRpt

    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17496


    -\\ Google Chrome v40.0.2214.93


    *************************

    AdwCleaner[R0].txt - [5229 octets] - [03/02/2015 22:39:10]
    AdwCleaner[R1].txt - [928 octets] - [04/02/2015 20:26:36]
    AdwCleaner[R2].txt - [987 octets] - [04/02/2015 20:40:41]
    AdwCleaner[R3].txt - [1103 octets] - [04/02/2015 21:18:36]
    AdwCleaner[S0].txt - [4125 octets] - [03/02/2015 22:42:18]
    AdwCleaner[S1].txt - [1049 octets] - [04/02/2015 20:57:34]
    AdwCleaner[S2].txt - [1027 octets] - [04/02/2015 21:19:53]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1087 octets] ##########




    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.2 (02.02.2015:1)
    OS: Windows 7 Professional x64
    Ran by Kaitsu on ke 04.02.2015 at 21:01:55,89
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on ke 04.02.2015 at 21:09:28,26
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    OTL logfile created on: 4.2.2015 21:11:42 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kaitsu\Downloads
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.17501)
    Locale: 0000040B | Country: Suomi | Language: FIN | Date Format: d.M.yyyy

    7,91 Gb Total Physical Memory | 5,26 Gb Available Physical Memory | 66,44% Memory free
    15,82 Gb Paging File | 12,78 Gb Available in Paging File | 80,77% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 175,00 Gb Total Space | 17,57 Gb Free Space | 10,04% Space Free | Partition Type: NTFS
    Drive D: | 273,75 Gb Total Space | 201,81 Gb Free Space | 73,72% Space Free | Partition Type: NTFS
    Drive E: | 4,25 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

    Computer Name: KAITSU-PC | User Name: Kaitsu | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2015.02.04 21:10:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kaitsu\Downloads\OTL.exe
    PRC - [2015.02.03 22:38:12 | 002,194,432 | ---- | M] () -- C:\Users\Kaitsu\Downloads\AdwCleaner.exe
    PRC - [2015.01.27 13:20:07 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
    PRC - [2015.01.25 08:08:45 | 000,843,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    PRC - [2015.01.20 20:40:12 | 019,918,656 | ---- | M] (NTeWORKS) -- C:\Program Files (x86)\PicPick\picpick.exe
    PRC - [2014.12.19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2014.12.13 02:13:07 | 002,531,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    PRC - [2014.12.13 02:13:04 | 001,701,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    PRC - [2014.12.06 00:21:12 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2014.12.03 20:07:00 | 000,840,592 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    PRC - [2014.11.21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    PRC - [2014.11.21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    PRC - [2014.11.21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    PRC - [2014.11.19 14:58:52 | 002,412,296 | ---- | M] () -- C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
    PRC - [2014.11.12 22:46:08 | 000,409,800 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    PRC - [2014.10.21 14:45:20 | 000,451,416 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    PRC - [2014.01.13 20:41:10 | 001,198,456 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    PRC - [2014.01.13 20:40:48 | 001,710,456 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    PRC - [2014.01.13 20:40:38 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    PRC - [2013.12.20 09:38:34 | 000,292,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    PRC - [2013.12.11 13:30:40 | 000,101,728 | ---- | M] (Fujitsu Technology Solutions) -- C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
    PRC - [2013.09.04 01:53:48 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2013.09.04 01:53:42 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    PRC - [2013.05.31 05:09:54 | 000,267,224 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
    PRC - [2010.09.30 04:05:32 | 000,048,752 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
    PRC - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    PRC - [2006.09.28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


    ========== Modules (No Company Name) ==========

    MOD - [2015.02.03 22:38:12 | 002,194,432 | ---- | M] () -- C:\Users\Kaitsu\Downloads\AdwCleaner.exe
    MOD - [2015.01.25 08:08:43 | 014,913,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll
    MOD - [2015.01.25 08:08:41 | 009,170,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll
    MOD - [2015.01.25 08:08:37 | 001,117,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
    MOD - [2015.01.25 08:08:35 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
    MOD - [2015.01.17 10:33:48 | 010,069,504 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll
    MOD - [2015.01.17 10:25:56 | 000,740,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\log4net\e6989a2c00c74e1706835591794511ee\log4net.ni.dll
    MOD - [2015.01.17 10:25:56 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeskUpdateNotifier\9314e7e5cd84208ccf9743d260491710\DeskUpdateNotifier.ni.exe
    MOD - [2015.01.17 10:25:54 | 003,057,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AudialsKernel\68e9398a957009222dce06597b50ac7f\AudialsKernel.ni.dll
    MOD - [2015.01.17 10:25:51 | 015,990,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AudialsGUI\546be596e6b2769a646d27b70dda0ffd\AudialsGUI.ni.dll
    MOD - [2015.01.17 10:25:20 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\fastJSON\4fd4687d17cdc20d7eb7de6dfdc1debf\fastJSON.ni.dll
    MOD - [2015.01.17 10:25:18 | 003,789,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AudialsComponents\9df619be69d778f457cef03a5cf865fe\AudialsComponents.ni.dll
    MOD - [2015.01.17 10:25:14 | 000,099,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BaseServices\c0c88b70588e9373887b3f81d0d7f75b\BaseServices.ni.dll
    MOD - [2015.01.17 10:25:14 | 000,062,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CrashHandlerNET\0dbec0d93b06c60c8f6fd57bd461a0a4\CrashHandlerNET.ni.dll
    MOD - [2015.01.17 10:25:14 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BaseServicesNet\2b8a376219c682e55734a118f316af89\BaseServicesNet.ni.dll
    MOD - [2015.01.17 10:25:02 | 000,655,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\7b462506712ac710eab57918c0e48e87\ManagedInterfaces.ni.dll
    MOD - [2015.01.17 10:25:02 | 000,628,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\log4net\4ddf927308024dd79f4fc729766edb5c\log4net.ni.dll
    MOD - [2015.01.17 10:25:02 | 000,316,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Utils\494834cbfccf8aede1ff91b4d4806970\Utils.ni.dll
    MOD - [2015.01.16 22:57:13 | 013,710,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\69128e9ba7f2453dc9cf5d6111c9491c\System.Web.ni.dll
    MOD - [2015.01.16 22:56:38 | 007,386,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\20aaf6bbc4e93d10d6a2ce3c0193b859\System.Data.ni.dll
    MOD - [2015.01.16 22:56:26 | 012,895,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d8223c30928e02bc7ed5b8b81effa7b5\System.Windows.Forms.ni.dll
    MOD - [2015.01.16 22:56:20 | 001,642,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd2f9ea99ac0f984b9dc430824638c9f\System.Drawing.ni.dll
    MOD - [2015.01.16 22:56:00 | 007,793,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll
    MOD - [2015.01.16 22:55:56 | 000,972,288 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5a977e1f055b4f8f41da5d9142a1913c\System.Configuration.ni.dll
    MOD - [2015.01.16 22:55:33 | 007,002,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\23d1162d1943c1b1d6c4fd7c6d8512d4\System.Core.ni.dll
    MOD - [2015.01.16 22:55:23 | 018,761,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\9f1f464b854d655c74c8cd4ee5b731bd\PresentationFramework.ni.dll
    MOD - [2015.01.16 22:55:12 | 011,013,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\eb3ba0fe2449d7ca96b51f71b2061cf6\PresentationCore.ni.dll
    MOD - [2015.01.16 22:55:06 | 003,945,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\61c8a838d217ea8b4f68bbf38172114f\WindowsBase.ni.dll
    MOD - [2015.01.16 22:54:56 | 001,873,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\1196cc375887ce75f134047505fe19bf\System.Xaml.ni.dll
    MOD - [2015.01.16 22:54:47 | 017,207,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll
    MOD - [2014.12.06 00:21:13 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
    MOD - [2014.11.19 14:59:09 | 000,580,360 | ---- | M] () -- C:\Program Files (x86)\Audials\Audials 12\SQLite3.dll
    MOD - [2014.11.19 14:59:09 | 000,545,032 | ---- | M] () -- C:\Program Files (x86)\Audials\Audials 12\StreamingClient.dll
    MOD - [2014.11.19 14:58:55 | 000,068,360 | ---- | M] () -- C:\Program Files (x86)\Audials\Audials 12\CrashRpt.dll
    MOD - [2014.11.19 14:58:55 | 000,040,712 | ---- | M] () -- C:\Program Files (x86)\Audials\Audials 12\CrashHandlerNET.dll
    MOD - [2014.11.19 14:58:53 | 000,614,912 | ---- | M] () -- C:\Program Files (x86)\Audials\Audials 12\boost_regex-vc90-mt-1_39.dll
    MOD - [2014.11.19 14:58:53 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\Audials\Audials 12\boost_thread-vc90-mt-1_39.dll
    MOD - [2014.11.19 14:58:53 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Audials\Audials 12\boost_date_time-vc90-mt-1_39.dll
    MOD - [2014.11.19 14:58:53 | 000,012,800 | ---- | M] () -- C:\Program Files (x86)\Audials\Audials 12\boost_system-vc90-mt-1_39.dll
    MOD - [2014.11.19 14:58:52 | 002,412,296 | ---- | M] () -- C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
    MOD - [2014.11.13 02:20:36 | 000,010,952 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014.12.13 02:13:04 | 001,148,560 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
    SRV:64bit: - [2014.12.13 02:13:03 | 019,823,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
    SRV:64bit: - [2014.12.06 00:21:12 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV:64bit: - [2014.12.06 00:21:07 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
    SRV:64bit: - [2014.11.22 04:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2014.11.12 00:06:52 | 002,449,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
    SRV:64bit: - [2014.02.03 09:31:49 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2013.11.21 04:00:20 | 003,674,864 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
    SRV:64bit: - [2013.11.21 03:59:58 | 000,284,912 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
    SRV:64bit: - [2013.11.21 03:59:38 | 000,631,024 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
    SRV:64bit: - [2013.11.21 03:58:50 | 000,154,864 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
    SRV:64bit: - [2013.07.19 03:07:44 | 000,074,448 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe -- (FUJ02E3Service)
    SRV:64bit: - [2013.07.13 07:03:52 | 000,051,608 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
    SRV:64bit: - [2013.05.12 03:45:54 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
    SRV:64bit: - [2013.05.12 03:45:38 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
    SRV:64bit: - [2012.10.02 07:41:44 | 000,240,584 | ---- | M] (DTS, Inc) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe -- (DTSAudioSvc)
    SRV:64bit: - [2012.07.12 00:48:00 | 002,219,520 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
    SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV - [2014.12.19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2014.12.13 02:13:04 | 001,701,520 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
    SRV - [2014.11.21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2014.11.21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2014.11.12 22:46:08 | 000,409,800 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
    SRV - [2014.10.21 14:45:20 | 000,451,416 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
    SRV - [2014.04.11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2014.01.13 20:41:10 | 001,198,456 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
    SRV - [2014.01.13 20:40:48 | 001,710,456 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
    SRV - [2014.01.13 20:40:38 | 001,161,592 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
    SRV - [2013.09.04 01:53:48 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2013.09.04 01:53:42 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
    SRV - [2013.08.27 19:27:08 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
    SRV - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
    SRV - [2006.09.28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
     
  5. kake47

    kake47 Member

    Liittynyt:
    22.02.2007
    Viestejä:
    38
    Kiitokset:
    0
    Pisteet:
    16
    Tässä loppu listaa..

    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2015.02.04 20:59:44 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
    DRV:64bit: - [2014.12.13 02:13:03 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
    DRV:64bit: - [2014.12.06 00:21:41 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
    DRV:64bit: - [2014.12.06 00:21:14 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
    DRV:64bit: - [2014.12.06 00:21:14 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
    DRV:64bit: - [2014.12.06 00:21:14 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
    DRV:64bit: - [2014.12.06 00:21:14 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
    DRV:64bit: - [2014.12.06 00:21:14 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswmonflt.sys -- (aswMonFlt)
    DRV:64bit: - [2014.12.06 00:21:14 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
    DRV:64bit: - [2014.12.06 00:21:14 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
    DRV:64bit: - [2014.12.06 00:21:07 | 000,271,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
    DRV:64bit: - [2014.11.22 12:46:30 | 000,038,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
    DRV:64bit: - [2014.11.21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
    DRV:64bit: - [2014.11.21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2014.11.19 14:59:09 | 000,048,296 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
    DRV:64bit: - [2014.11.19 14:58:59 | 000,024,744 | ---- | M] (Audials AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RrNetCapFilterDriver.sys -- (RrNetCapFilterDriver)
    DRV:64bit: - [2014.11.13 02:20:36 | 000,031,560 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
    DRV:64bit: - [2014.09.03 06:49:36 | 000,169,984 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
    DRV:64bit: - [2014.04.04 03:14:38 | 000,169,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibtusb.sys -- (ibtusb)
    DRV:64bit: - [2014.03.03 14:46:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2014.03.03 14:46:41 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2014.02.03 09:29:05 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2013.12.20 09:38:04 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
    DRV:64bit: - [2013.12.20 09:38:02 | 000,790,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
    DRV:64bit: - [2013.12.20 09:38:02 | 000,369,648 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
    DRV:64bit: - [2013.12.11 10:31:16 | 001,419,576 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
    DRV:64bit: - [2013.12.05 21:54:48 | 003,601,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwsw02.sys -- (NETwNs64)
    DRV:64bit: - [2013.11.07 18:35:26 | 000,140,600 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
    DRV:64bit: - [2013.09.04 01:53:44 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
    DRV:64bit: - [2013.08.31 07:18:02 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
    DRV:64bit: - [2013.08.31 07:18:02 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
    DRV:64bit: - [2013.08.08 00:53:56 | 000,452,088 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
    DRV:64bit: - [2013.08.08 00:44:52 | 004,448,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2013.07.26 00:21:34 | 001,849,752 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
    DRV:64bit: - [2013.07.09 07:35:38 | 000,329,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
    DRV:64bit: - [2013.04.10 04:09:24 | 000,849,992 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2013.03.05 08:22:14 | 000,040,896 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
    DRV:64bit: - [2012.10.26 10:55:36 | 000,461,624 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2012.04.18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
    DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
    DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
    DRV:64bit: - [2009.07.14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
    DRV:64bit: - [2009.07.14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
    DRV:64bit: - [2009.06.24 07:31:30 | 000,021,104 | ---- | M] (FUJITSU LIMITED) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\FBIOSDRV.sys -- (FBIOSDRV)
    DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2007.06.22 11:58:14 | 000,581,120 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
    DRV:64bit: - [2007.06.22 11:57:46 | 000,054,656 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
    DRV:64bit: - [2006.11.01 12:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
    DRV:64bit: - [2006.11.01 12:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
    DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=FSJB
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=FSJB

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Kaitsu\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Kaitsu\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kaitsu\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kaitsu\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.01.28 15:19:09 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015.02.03 12:33:57 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: ()
    CHR - default_search_provider: search_url =
    CHR - default_search_provider: suggest_url =
    CHR - plugin: Error reading preferences file
    CHR - Extension: No name found = C:\Users\Kaitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
    CHR - Extension: No name found = C:\Users\Kaitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
    CHR - Extension: No name found = C:\Users\Kaitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
    CHR - Extension: No name found = C:\Users\Kaitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
    CHR - Extension: No name found = C:\Users\Kaitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: No name found = C:\Users\Kaitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\epindigjbiphgfhnmlpcocaiafjgbabe\237\
    CHR - Extension: No name found = C:\Users\Kaitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
    CHR - Extension: No name found = C:\Users\Kaitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
    CHR - Extension: No name found = C:\Users\Kaitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
    CHR - Extension: No name found = C:\Users\Kaitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

    O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
    O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4:64bit: - HKLM..\Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Motorola Solutions, Inc.)
    O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll (Motorola Solutions, Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
    O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RtHDVBg_DTS_SWVOL] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
    O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [DeskUpdateNotifier] C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
    O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
    O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
    O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
    O4 - HKLM..\Run: [YouCam Service] C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)
    O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
    O4 - HKCU..\Run: [AudialsNotifier] C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe ()
    O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
    O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
    O4 - HKCU..\Run: [PicPick Start] C:\Program Files (x86)\PicPick\picpick.exe (NTeWORKS)
    O4 - Startup: C:\Users\Kaitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
    O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
    O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
    O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
    O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92D0C926-A921-4C1B-9A03-35F906C4EE95}: DhcpNameServer = 192.168.0.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A660EF15-7C84-4A67-A75E-8197C7B186B5}: DhcpNameServer = 192.168.0.254
    O18:64bit: - Protocol\Handler\osf - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
    O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
    O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2015.02.04 20:59:02 | 000,000,000 | ---D | C] -- C:\Users\Kaitsu\AppData\Local\CrashRpt
    [2015.02.04 20:06:09 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
    [2015.02.04 20:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    [2015.02.04 20:05:14 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
    [2015.02.04 20:05:14 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
    [2015.02.04 20:05:14 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2015.02.04 20:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
    [2015.02.04 20:05:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2015.02.04 19:40:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
    [2015.02.04 19:40:17 | 000,000,000 | ---D | C] -- C:\Users\Kaitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    [2015.02.03 22:39:06 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2015.02.03 18:37:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SnapPea Photos
    [2015.02.03 18:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\{11d6d4f7-3098-a6f1-11d6-6d4f730953dc}
    [2015.02.03 18:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\{e836c2f8-52af-fb32-e836-6c2f852a0be1}
    [2015.02.03 14:36:59 | 000,000,000 | R--D | C] -- C:\Users\Kaitsu\AppData\Roaming\Brother
    [2015.02.03 12:24:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2015.02.03 11:12:52 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonMF Uninstaller Information
    [2015.02.03 11:12:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
    [2015.02.03 11:12:50 | 000,189,952 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNCLSU45b.DLL
    [2015.02.03 11:12:50 | 000,105,472 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNCLST45b.DLL
    [2015.02.03 11:12:49 | 000,132,096 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNCLSD45b.DLL
    [2015.02.03 11:12:49 | 000,118,272 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNCLSI45b.DLL
    [2015.02.03 11:12:49 | 000,090,624 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNCLSC45b.DLL
    [2015.02.03 11:12:48 | 000,131,584 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNCL8500C.DLL
    [2015.02.03 11:12:48 | 000,118,272 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNCI8500C.DLL
    [2015.02.03 11:12:47 | 000,368,640 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNCC8500C.DLL
    [2015.02.03 11:12:47 | 000,152,576 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNCE8500C.DLL
    [2015.02.03 11:12:10 | 001,006,080 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNAS0MOK.DLL
    [2015.02.02 17:58:44 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
    [2015.02.02 17:18:45 | 000,000,000 | ---D | C] -- C:\Users\Kaitsu\Desktop\Uusi kansio
    [2015.02.02 14:05:38 | 000,000,000 | ---D | C] -- C:\Users\Kaitsu\AppData\Roaming\Mozilla
    [2015.02.01 22:00:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
    [2015.02.01 22:00:27 | 000,000,000 | ---D | C] -- C:\Users\Kaitsu\AppData\Roaming\Canneverbe Limited
    [2015.02.01 22:00:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
    [2015.02.01 18:14:13 | 000,000,000 | ---D | C] -- C:\Users\Kaitsu\AppData\Local\MigWiz
    [2015.01.27 22:15:42 | 000,000,000 | ---D | C] -- C:\Users\Kaitsu\Desktop\sprint kartat
    [2015.01.26 13:03:44 | 000,000,000 | ---D | C] -- C:\Users\Kaitsu\AppData\Roaming\PicPick
    [2015.01.26 13:03:44 | 000,000,000 | ---D | C] -- C:\ProgramData\PicPick
    [2015.01.26 13:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick
    [2015.01.26 13:03:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PicPick
    [2015.01.16 17:38:33 | 000,000,000 | ---D | C] -- C:\Users\Kaitsu\AppData\Local\Diagnostics
    [2015.01.14 14:06:04 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
    [2015.01.14 14:06:04 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
    [2015.01.14 14:06:02 | 005,553,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2015.01.14 14:06:02 | 003,971,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
    [2015.01.14 14:06:01 | 003,916,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
    [2015.01.14 14:06:01 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
    [2015.01.14 14:06:01 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
    [2015.01.14 14:06:01 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
    [2015.01.12 22:40:01 | 000,000,000 | ---D | C] -- C:\Users\Kaitsu\Desktop\Adobe Acrobat Pro X v10.0 Multilingual
    [2015.01.12 22:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
    [2015.01.12 22:24:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2

    ========== Files - Modified Within 30 Days ==========

    [2015.02.04 21:06:35 | 001,355,114 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2015.02.04 21:06:35 | 000,654,464 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2015.02.04 21:06:35 | 000,481,810 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
    [2015.02.04 21:06:35 | 000,122,336 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2015.02.04 21:06:35 | 000,101,870 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
    [2015.02.04 21:06:35 | 000,031,536 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2015.02.04 21:06:35 | 000,031,536 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2015.02.04 21:04:00 | 000,001,022 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3046974913-3099487733-369991021-1000UA.job
    [2015.02.04 20:59:54 | 000,001,206 | ---- | M] () -- C:\Users\Kaitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
    [2015.02.04 20:59:44 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
    [2015.02.04 20:58:38 | 000,001,004 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2015.02.04 20:58:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2015.02.04 20:58:18 | 2074,963,967 | -HS- | M] () -- C:\hiberfil.sys
    [2015.02.04 20:28:01 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2015.02.04 20:05:21 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2015.02.04 19:40:17 | 000,002,981 | ---- | M] () -- C:\Users\Kaitsu\Desktop\HiJackThis.lnk
    [2015.02.04 19:15:07 | 000,290,536 | ---- | M] () -- C:\Users\Kaitsu\Desktop\Kuva Avast kuva.pdf
    [2015.02.04 15:04:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3046974913-3099487733-369991021-1000Core.job
    [2015.02.03 22:27:04 | 000,526,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2015.02.03 12:34:02 | 000,002,032 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
    [2015.02.03 11:10:25 | 000,006,612 | ---- | M] () -- C:\Users\Kaitsu\Documents\cc_20150203_111020.reg
    [2015.02.01 22:00:27 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
    [2015.01.28 15:26:57 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2015.01.27 13:29:52 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2015.01.26 13:03:40 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\PicPick.lnk
    [2015.01.16 22:52:39 | 001,329,562 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2015.01.16 12:50:42 | 000,000,000 | -H-- | M] () -- C:\Users\Kaitsu\Documents\Default.rdp

    ========== Files Created - No Company Name ==========

    [2015.02.04 20:05:21 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2015.02.04 19:40:17 | 000,002,981 | ---- | C] () -- C:\Users\Kaitsu\Desktop\HiJackThis.lnk
    [2015.02.04 19:15:07 | 000,290,536 | ---- | C] () -- C:\Users\Kaitsu\Desktop\Kuva Avast kuva.pdf
    [2015.02.03 22:26:36 | 000,526,192 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2015.02.03 11:12:50 | 000,000,439 | ---- | C] () -- C:\Windows\SysNative\CNCMFP45.INI
    [2015.02.03 11:10:23 | 000,006,612 | ---- | C] () -- C:\Users\Kaitsu\Documents\cc_20150203_111020.reg
    [2015.02.01 22:00:27 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
    [2015.02.01 22:00:26 | 000,001,111 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
    [2015.01.26 13:03:40 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\PicPick.lnk
    [2015.01.21 17:05:40 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
    [2015.01.16 12:50:42 | 000,000,000 | -H-- | C] () -- C:\Users\Kaitsu\Documents\Default.rdp
    [2015.01.12 22:24:00 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
    [2015.01.12 22:24:00 | 000,002,032 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
    [2014.12.05 23:20:46 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
    [2014.11.26 14:09:05 | 000,175,104 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
    [2014.11.26 14:09:04 | 000,237,646 | ---- | C] () -- C:\Windows\SysWow64\Snap_device.dll
    [2014.11.26 14:09:04 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\GTTunerCard.dll
    [2014.11.26 14:09:02 | 000,069,707 | ---- | C] () -- C:\Windows\SysWow64\DISP_OPT1.dll
    [2014.11.26 05:35:21 | 001,707,800 | ---- | C] () -- C:\Windows\snuvcdsm.exe
    [2014.11.26 05:35:21 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
    [2014.03.04 04:02:14 | 001,329,562 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2013.08.28 16:50:43 | 019,587,072 | ---- | C] () -- C:\Windows\SysWow64\igdfcl32.dll
    [2013.08.28 16:50:43 | 000,241,152 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
    [2013.08.28 16:50:42 | 000,109,056 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
    [2013.05.12 03:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

    ========== ZeroAccess Check ==========

    [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >
     
  6. Nanna_86

    Nanna_86 Active member

    Liittynyt:
    03.09.2014
    Viestejä:
    561
    Kiitokset:
    124
    Pisteet:
    53
    Käynnistä uudelleen OTL.exe
    Kopioi ja Liitä alla oleva teksti, " Custom Scans/ Fixes tekstilaatikkoon ".

    Koodi:
    
    :OTL
    
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=FSJB
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=FSJB
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
    
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
    O4 - HKCU..\Run: [PicPick Start] C:\Program Files (x86)\PicPick\picpick.exe (NTeWORKS)
    O4 - Startup: C:\Users\Kaitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = File not found
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O18:64bit: - Protocol\Handler\osf - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    [2015.02.04 20:58:38 | 000,001,004 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2015.02.04 20:28:01 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2015.02.04 15:04:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3046974913-3099487733-369991021-1000Core.job
    [2014.12.05 23:20:46 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
    
    :Commands
    [purity]
    [emptytemp]
    [emptyjava]
    [emptyflash]
    [Reboot]
    
    Paina sitten " [B]Run Fix [/B]" ,
    Jos OTL haluaa käynnistää tietokoneen uudelleen, anna sen tehdä niin.
    Lähetä tulokset seuraavassa postissasi.
    
    Löytyy polusta:
    c:\_OTL\MovedFiles
    ---------
    Seuraavaksi:

    Mene käynnistä > Suorita.
    ( vaihtoehtoisesti Windows-näppäin[​IMG] + R. )
    Kirjoita tekstikenttään seuraava komento:
    Koodi:
    cmd
    
    Tai

    Käynnistä > Apuohjelmat > Komentokehote.
    ( Windows 7 tai uudempi = Suorita järjestelmänvalvojana ).

    [​IMG]

    Kun Komentokehote on auki, kirjoitetaan sinne seuraava komento:
    Koodi:
    sfc /scannow
    
    Komento sfc /scannow tarkistaa kaikki suojatut järjestelmätiedostot ja korvaa vioittuneet tiedostot välimuistiin asetetulla kopiolla, joka sijaitsee pakatussa kansiossa %WinDir%\System32\dllcache.

    [​IMG]

    Älä sulje tätä komentokehoteikkunaa, ennen kuin vahvistus on tehty kokonaan loppuun.

    ---------------------------------------------------


    1. Lataa ESET ohjelma tietokoneellesi tästä.

    2. Tallenna se työpöydällesi.

    3. Käynnistä ohjelma " esetsmartinstaller_enu.exe ". Saat näkyviin turvavarmenteen paina " Run/ Jatka "

    4. Seuraavassa hyväksyt käyttöehdot ja paina " Start / Next "

    5. Tarkistuksen asetukset, Voit muuttaa niitä halutessasi " Start "

    [​IMG]

    6. Ohjelma lataa ensin uusimmat virustietokannat ja aloittaa sitten tarkistukset.

    [​IMG]

    7. Tarkistus

    [​IMG]

    8. Kun tarkistus on saatu päätökseen, saat tulokset ruutuusi. Ohjelma kertoo jos haittaohjelmia on löytynyt.

    [​IMG]

    Lopuksi, ESET luo loki-tiedoston polkuun:
    " C:\Program Files\ESET\EsetOnlineScanner\log.txt " 64-bittisessä järjestelmässä polku on
    "C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt".

    Lähetä tämän loki-tiedoston sisältö seuraavassa viestissäsi.
     
    Viimeksi muokattu: 04.02.2015
  7. kake47

    kake47 Member

    Liittynyt:
    22.02.2007
    Viestejä:
    38
    Kiitokset:
    0
    Pisteet:
    16
    Tässä taas näitä logitekstejä.
    SFc tarkastus ilmoitti että windowsin resurssien siivous ei löytänyt eheytysristiriitoja.
    Suurkiitos kun jaksat auttaa.

    ll processes killed
    ========== OTL ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}\ not found.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D8EC626D-0102-42DD-8EB1-4E4A8F7CC39D}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UVS10 Preload deleted successfully.
    C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe moved successfully.
    Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PicPick Start not found.
    C:\Program Files (x86)\PicPick\picpick.exe moved successfully.
    C:\Users\Kaitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk moved successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\osf\ deleted successfully.
    File Protocol\Handler\osf - No CLSID value found not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
    File Protocol\Handler\wlmailhtml - No CLSID value found not found.
    64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
    C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
    C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
    C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3046974913-3099487733-369991021-1000Core.job moved successfully.
    C:\ProgramData\DP45977C.lfl moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33298 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Kaitsu
    ->Temp folder emptied: 13037506 bytes
    ->Temporary Internet Files folder emptied: 1758565 bytes
    ->Google Chrome cache emptied: 102236735 bytes
    ->Flash cache emptied: 427 bytes



    ESETSmartInstaller@High as downloader log:
    all ok
    # product=EOS
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.7623
    # api_version=3.0.2
    # EOSSerial=c4f56a3006cc284fb68166682d653e4b
    # engine=22308
    # end=finished
    # remove_checked=true
    # archives_checked=false
    # unwanted_checked=true
    # unsafe_checked=false
    # antistealth_checked=true
    # utc_time=2015-02-04 10:38:03
    # local_time=2015-02-05 12:38:03 (+0200, Suomen normaaliaika)
    # country="Finland"
    # lang=1033
    # osver=6.1.7601 NT Service Pack 1
    # compatibility_mode_1='avast! Antivirus'
    # compatibility_mode=783 16777213 71 94 638334 5275445 0 0
    # compatibility_mode_1=''
    # compatibility_mode=5893 16776573 100 94 11883 174719333 0 0
    # scanned=188803
    # found=2
    # cleaned=2
    # scan_time=3982
    sh=403A7E8591775777AFBA3EB105C19A0A9F9A660C ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB trojan (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\bpbnophaijoopkoiecgcnhblbbinckio\lsdb.js.vir"
    sh=148B62997BEB5A6D818D4619DB845897AD3F71B8 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB trojan (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\bpbnophaijoopkoiecgcnhblbbinckio\PsOuEV.js.vir"
     
  8. kake47

    kake47 Member

    Liittynyt:
    22.02.2007
    Viestejä:
    38
    Kiitokset:
    0
    Pisteet:
    16
    Mitä minun pitäisi tehdä seuraavaksi vai onkohan kone jo "puhdas"
     

Jaa tämä sivu