Site wil niet openen

Trimex · 14 augustus 2012

hierbij het logbestandje van combofix

ComboFix 12-08-14.02 - Käyttäjä 14.08.2012 19:09:07.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4061.361 [GMT 3:00]

Sijainti: c:\users\Kõyttõjõ\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Common Files\ASPG_icon.ico

c:\programdata\FullRemove.exe

c:\windows\SysWow64\Packet.dll

c:\windows\SysWow64\pthreadVC.dll

c:\windows\SysWow64\wpcap.dll

.

.

((((((((((((((((((((((((((((((((((((((( Ajurit/Palvelut )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_NPF

-------\Service_npf

.

.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-07-14 to 2012-08-14 )))))))))))))))))

.

.

2012-08-14 16:21 . 2012-08-14 16:21 -------- d-----w- c:\users\Vieras\AppData\Local\temp

2012-08-14 16:21 . 2012-08-14 16:21 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-14 14:17 . 2012-08-14 14:17 -------- d-----w- c:\users\Käyttäjä\AppData\Roaming\Malwarebytes

2012-08-14 14:17 . 2012-08-14 14:17 -------- d-----w- c:\programdata\Malwarebytes

2012-08-14 14:17 . 2012-08-14 14:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-14 14:17 . 2012-07-03 10:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-14 11:24 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A864098-3AA1-44A3-A751-A8FD4B392094}\mpengine.dll

2012-08-12 09:12 . 2012-08-12 09:12 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{EB217769-352A-4F53-A617-2BAB5EFDDB15}

2012-08-12 09:12 . 2012-08-12 09:12 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{4B9752C0-9A73-4048-BC97-0AC474599A05}

2012-08-11 12:23 . 2012-08-11 12:23 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{16AB21DC-E2F7-48C3-80B1-94B6045E35F1}

2012-08-11 12:23 . 2012-08-11 12:23 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{B16DB7C5-55E4-4642-B2B5-678384CCEE5A}

2012-08-09 11:01 . 2012-08-09 11:01 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{365E1898-39B4-444C-8940-840D8F4BACD1}

2012-08-09 11:01 . 2012-08-09 11:01 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{E8E69DF8-257C-4FE7-8DF9-1A01538E82A9}

2012-08-08 15:21 . 2012-08-08 15:21 388096 ----a-r- c:\users\Käyttäjä\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-08 15:21 . 2012-08-08 15:21 -------- d-----w- c:\program files (x86)\Trend Micro

2012-08-07 16:00 . 2012-08-07 16:00 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-08-07 16:00 . 2012-08-07 16:00 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2012-08-07 15:45 . 2012-08-07 15:45 -------- d-----w- c:\users\Käyttäjä\AppData\Roaming\Birdstep Technology

2012-08-07 15:44 . 2012-08-07 15:44 -------- d-----w- c:\program files (x86)\ZTE_1.2074.0.4

2012-08-07 15:44 . 2012-08-07 15:44 -------- d-----w- c:\program files (x86)\Mobiililaajakaista

2012-08-07 14:16 . 2012-08-07 14:16 -------- d-----w- c:\users\Käyttäjä\AppData\Local\Seven Zip

2012-08-07 11:32 . 2012-08-07 11:32 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{6FC768EF-708A-4DA0-9FD6-52BFEFB228E6}

2012-08-06 17:07 . 2012-08-06 17:07 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{B2824425-7924-4687-BEC0-C4B0CE9B52B3}

2012-08-06 05:06 . 2012-08-06 05:06 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{536146F8-327E-41C4-BBBD-DCA9C3FF152A}

2012-08-06 05:03 . 2012-08-06 17:06 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{B4257EAD-842B-4E47-A573-762FA82DA576}

2012-08-05 15:02 . 2012-08-05 15:02 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{16C17530-B025-4C7A-8993-7928BEB7FD04}

2012-08-05 15:00 . 2012-08-05 15:02 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{0D1C91D5-4E6C-461D-964E-6578C9C336AF}

2012-08-05 10:09 . 2012-08-05 10:09 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{C6952152-183A-4E7D-81F8-3A44D4A96E0A}

2012-08-04 14:27 . 2012-08-04 14:27 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{6233EE01-8634-4FB8-89D5-84F54F3FB1A1}

2012-08-04 07:43 . 2012-08-04 07:43 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{08B37848-D119-4B93-9EA4-ED9130EA8F42}

2012-08-03 15:45 . 2012-08-03 15:45 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{E05FF9C1-37B5-40A8-8566-57C2B8ACD89D}

2012-08-03 03:14 . 2012-08-03 03:14 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{9638514F-9252-4706-BFF5-26D13662BFE6}

2012-08-02 18:34 . 2012-08-02 18:34 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F6FF3EC6-FF3C-4F29-B2F5-80708974EB30}

2012-08-02 18:04 . 2012-08-02 18:04 -------- d-----w- c:\users\Käyttäjä\AppData\Roaming\Avira

2012-08-02 18:01 . 2012-07-18 15:05 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-08-02 18:01 . 2012-07-18 15:05 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-08-02 18:01 . 2012-07-18 15:05 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys

2012-08-02 18:00 . 2012-08-02 18:00 -------- d-----w- c:\programdata\Avira

2012-08-02 18:00 . 2012-08-02 18:00 -------- d-----w- c:\program files (x86)\Avira

2012-08-02 17:13 . 2012-08-02 17:13 -------- d-----w- c:\users\Käyttäjä\temp

2012-08-02 17:13 . 2012-08-02 17:13 -------- d-----w- c:\program files (x86)\TeamViewer

2012-08-02 11:02 . 2012-08-02 11:02 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F47AFC0C-4AD1-47CE-8BAD-41DA78361AFD}

2012-08-01 09:51 . 2012-08-01 09:51 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{DCCD7D90-F8D7-4A78-951F-D9017E4C79B3}

2012-08-01 09:48 . 2012-08-01 09:51 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{7A9DD991-03DC-4FBB-BDF6-2D542D8B9627}

2012-07-31 09:41 . 2012-07-31 09:41 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{5A6D7CC7-E0E4-4253-91A2-7A09C98C7389}

2012-07-30 10:46 . 2012-07-30 10:46 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{512F05BA-FFB8-4F66-8EAD-F43E7C95FBAE}

2012-07-29 19:42 . 2012-07-29 19:42 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{192C6023-E3CF-4FEE-B8A8-E13440C82271}

2012-07-29 07:42 . 2012-07-29 19:42 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{34B58BD5-7D29-4917-BEA4-03CE962D3369}

2012-07-28 06:26 . 2012-07-28 06:26 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{A4B69BD2-E85A-4708-8901-F8946592E42E}

2012-07-28 06:22 . 2012-07-28 06:22 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{199ECE22-0AF1-4C5A-9B91-0FD0101C26BE}

2012-07-27 11:55 . 2012-07-27 11:55 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{579F12F6-8FA0-4C67-8492-86595B8B8F86}

2012-07-27 11:19 . 2012-07-27 11:19 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{DBBF05EB-0C5E-40BD-9941-6F95C373D743}

2012-07-26 15:11 . 2012-07-26 15:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F92EEFBA-A6F8-4C37-93CF-DDF1D7B398E4}

2012-07-26 15:10 . 2012-07-26 15:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F6B80AEC-AEC7-4E25-82FA-FDA2AFF6C477}

2012-07-26 10:09 . 2012-07-26 10:09 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{5EA439C9-446D-41EA-8E40-E86DC5A564C0}

2012-07-25 11:33 . 2012-07-25 11:33 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{A9820222-2C83-4F06-9357-5E0B04601206}

2012-07-24 15:08 . 2012-07-24 15:08 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{5FE59A75-05D5-429A-8D2C-2B579B893B9F}

2012-07-23 16:24 . 2012-07-23 16:24 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{9791C897-6607-49AC-84E0-C84AD50CED0D}

2012-07-23 13:39 . 2012-07-23 13:39 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{584ECBE8-07B9-4554-8DEE-9B4F679AC0BF}

2012-07-22 21:31 . 2012-07-22 21:31 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{62D8838E-2CB5-4678-8A48-7A542AB29C85}

2012-07-22 21:29 . 2012-07-22 21:31 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{5EAA45CB-E034-44D8-A3B1-A4A4C54CB739}

2012-07-22 21:20 . 2012-07-22 21:20 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{BD441C96-AE10-40AD-B9FA-56ED1EAA890F}

2012-07-22 19:47 . 2012-07-22 19:47 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{209BF861-38CF-4357-A9F6-A7A84E66FC0E}

2012-07-22 06:06 . 2012-07-22 06:06 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{0A31460F-65FA-4D1C-A42A-08079D85D0BA}

2012-07-22 06:04 . 2012-07-22 06:06 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{4FF72D32-2F2A-4B10-951E-E1554BD4FEBE}

2012-07-22 05:11 . 2012-07-22 05:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{4C3637DE-5971-40C3-88C0-E8E9022E9675}

2012-07-21 14:07 . 2012-07-21 14:07 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{82839D65-4653-4CDC-8074-6FC6337C6491}

2012-07-21 06:49 . 2012-07-21 06:49 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{A451B388-4963-41E2-BDDB-D64E53B5EBD9}

2012-07-20 18:11 . 2012-07-20 18:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{809D7944-31A8-4B7E-AC5D-020F4AE30082}

2012-07-20 06:11 . 2012-07-20 06:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{7945C838-18DB-4D10-8D5D-EABDD9902D4E}

2012-07-20 06:11 . 2012-07-20 18:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{AB4F4AD2-E610-4E84-B384-52D81AE29580}

2012-07-19 18:10 . 2012-07-19 18:10 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{44BAE1C4-A973-45DC-9301-35179C6E5CAB}

2012-07-19 06:10 . 2012-07-19 06:10 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{9D0AF847-B7B0-4868-8725-8388C5F30D8B}

2012-07-19 06:07 . 2012-07-19 18:10 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F08751D6-2EE7-4258-9496-A71378949428}

2012-07-19 05:09 . 2012-07-19 05:09 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{0127B4E4-1F52-41AF-987B-1064603B69B0}

2012-07-18 13:16 . 2012-07-18 13:16 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{6B34229D-09A3-4170-B12D-FC54BE128949}

2012-07-18 13:14 . 2012-07-18 13:16 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{A3EC986A-4ABA-44C5-8389-C587BC238E00}

2012-07-18 10:20 . 2012-07-18 10:20 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{DD923A33-5FA8-44C9-9032-EDB07FEEED00}

2012-07-17 18:56 . 2012-07-17 18:56 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{51874EA6-1E09-4183-82E4-C027B4B433E0}

2012-07-17 09:21 . 2012-07-17 09:21 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{4B5C2368-2246-418F-BC6F-A196EAE1F869}

2012-07-16 19:22 . 2012-07-16 19:22 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{D9A8DD76-0EDD-48BD-AAA4-74523B59B414}

2012-07-16 19:22 . 2012-07-16 19:22 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F54F4EB5-067C-4869-8D66-8FF9F5137E71}

2012-07-16 12:33 . 2012-07-16 12:33 -------- d-----w- c:\windows\Sun

2012-07-16 07:22 . 2012-07-16 07:22 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{417BF0DB-87C6-48D6-A681-B7BA4114A67A}

2012-07-16 07:19 . 2012-07-16 07:22 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{4938330F-984F-4CA7-A95F-32D2E76FABE8}

.

.

.

(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-08 15:21 . 2012-08-08 15:21 388096 ----a-r- c:\users\Käyttäjä\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-08 15:21 . 2012-08-08 15:21 388096 ----a-r- c:\users\Käyttäjä\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-02 19:07 . 2012-06-16 10:35 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-02 19:07 . 2012-02-17 15:45 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-12 07:27 . 2012-02-15 06:34 59701280 ----a-w- c:\windows\system32\MRT.exe

2012-06-25 13:04 . 2012-06-25 13:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll

2012-06-12 03:08 . 2012-07-12 07:32 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-06-09 05:43 . 2012-07-11 06:02 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 06:06 . 2012-07-11 06:02 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-11 06:02 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-11 06:01 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-11 06:02 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-11 06:02 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-11 06:01 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-21 05:45 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 05:45 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-21 05:45 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 05:45 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 05:45 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-21 05:45 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-21 05:45 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 12:49 . 2012-07-12 07:25 17807360 ----a-w- c:\windows\system32\mshtml.dll

2012-06-02 12:19 . 2012-06-21 05:44 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 12:17 . 2012-07-12 07:25 10924032 ----a-w- c:\windows\system32\ieframe.dll

2012-06-02 12:15 . 2012-06-21 05:44 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 12:12 . 2012-07-12 07:25 2311680 ----a-w- c:\windows\system32\jscript9.dll

2012-06-02 12:05 . 2012-07-12 07:25 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-06-02 12:05 . 2012-07-12 07:25 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 12:04 . 2012-07-12 07:25 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-02 12:04 . 2012-07-12 07:25 237056 ----a-w- c:\windows\system32\url.dll

2012-06-02 12:03 . 2012-07-12 07:25 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-06-02 12:01 . 2012-07-12 07:25 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-02 12:00 . 2012-07-12 07:25 818688 ----a-w- c:\windows\system32\jscript.dll

2012-06-02 11:59 . 2012-07-12 07:25 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-06-02 11:57 . 2012-07-12 07:25 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-06-02 11:57 . 2012-07-12 07:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-06-02 11:54 . 2012-07-12 07:25 248320 ----a-w- c:\windows\system32\ieui.dll

2012-06-02 08:33 . 2012-07-12 07:25 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-06-02 08:25 . 2012-07-12 07:25 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-06-02 08:25 . 2012-07-12 07:25 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-06-02 08:20 . 2012-07-12 07:25 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-06-02 08:16 . 2012-07-12 07:25 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-06-02 05:50 . 2012-07-11 06:01 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-11 06:01 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:48 . 2012-07-11 06:01 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:45 . 2012-07-11 06:01 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-11 06:01 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-11 06:01 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-11 06:01 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-11 06:01 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-11 06:01 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-05-31 09:25 . 2010-06-29 07:28 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-05-25 15:23 . 2012-05-25 15:23 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin

2009-04-08 18:31 . 2009-04-08 18:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll

2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll

.

.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]

@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"

[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]

2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="c:\users\Käyttäjä\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]

"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]

"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]

"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]

"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-11-21 202256]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]

.

c:\users\Käyttäjä\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.0.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-02 250056]

R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]

R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]

R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]

R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]

R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x]

R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x]

R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [2011-04-27 11776]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-02 113120]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-30 1255736]

R4 gupdate;Google Päivitä-palvelu (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 116648]

R4 gupdatem;Google Päivitä-palvelu (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 116648]

S0 ***laby;***laby;c:\windows\system32\DRIVERS\***laby.sys [2009-06-18 15928]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-07 283200]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]

S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-09-17 359552]

S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]

S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]

S2 BecHelperService;BecHelperService;c:\program files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe [2011-04-27 1958272]

S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-25 138752]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]

S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2011-04-27 137728]

.

.

--- Muut muistissa olevat ajurit/palvelut ---

.

*NewlyCreated* - WS2IFSL

.

'Ajoitetut tehtävät'-kansion sisältö

.

2012-08-14 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-16 19:07]

.

2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 16:12]

.

2012-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 16:12]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]

@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"

[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]

2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"EeeStorageBackup"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]

"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]

"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Täydentävä tarkistus -------

.

uStart Page = hxxp://www.google.fi/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: Interfaces\{A7964014-BA36-4576-9B6A-857EC6AEFB8F}: NameServer = 195.197.54.100 195.74.0.47

FF - ProfilePath - c:\users\Käyttäjä\AppData\Roaming\Mozilla\Firefox\Profiles\odgcqza6.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.fi/

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c8ce9a3&v=7.007.026.001&i=23&tp=ab&iy=&ychte=fi&lng=fi&q=

FF - prefs.js: network.proxy.type - 0

.

- - - - POISTETUT JÄMÄRIVIT - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-VDownloader - c:\program files (x86)\VDownloader\VDownloader.exe

Wow6432Node-HKLM-Run-Adobe Reader Speed Launcher - c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

Toolbar-Locked - (no file)

.

.

.

--------------------- LUKITUT REKISTERIAVAIMET ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Muut prosessit ------------------------

.

c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

c:\program files\ATKGFNEX\GFNEXSrv.exe

c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe

c:\program files (x86)\Mobiililaajakaista\Mobiililaajakaista\LoggerServer.exe

c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe

c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe

c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe

c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe

c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe

c:\program files (x86)\OpenOffice.org 3\program\soffice.exe

c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

c:\program files (x86)\OpenOffice.org 3\program\soffice.bin

.

**************************************************************************

.

Valmistumisajankohta: 2012-08-14 19:31:59 - kone käynnistettiin uudelleen

ComboFix-quarantined-files.txt 2012-08-14 16:31

.

Ennen ajoa: 39 627 587 584 tavua vapaana

Ajon jälkeen: 40 989 437 952 tavua vapaana

.

- - End Of File - - 45BDE1766AC0E3B9C62F5F4D0245089C

kape · 15 augustus 2012

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\users\Käyttäjä\AppData\Local\{EB217769-352A-4F53-A617-2BAB5EFDDB15}

c:\users\Käyttäjä\AppData\Local\{4B9752C0-9A73-4048-BC97-0AC474599A05}

c:\users\Käyttäjä\AppData\Local\{16AB21DC-E2F7-48C3-80B1-94B6045E35F1}

c:\users\Käyttäjä\AppData\Local\{B16DB7C5-55E4-4642-B2B5-678384CCEE5A}

c:\users\Käyttäjä\AppData\Local\{365E1898-39B4-444C-8940-840D8F4BACD1}

c:\users\Käyttäjä\AppData\Local\{E8E69DF8-257C-4FE7-8DF9-1A01538E82A9}

c:\users\Käyttäjä\AppData\Local\{6FC768EF-708A-4DA0-9FD6-52BFEFB228E6}

c:\users\Käyttäjä\AppData\Local\{B2824425-7924-4687-BEC0-C4B0CE9B52B3}

c:\users\Käyttäjä\AppData\Local\{536146F8-327E-41C4-BBBD-DCA9C3FF152A}

c:\users\Käyttäjä\AppData\Local\{B4257EAD-842B-4E47-A573-762FA82DA576}

c:\users\Käyttäjä\AppData\Local\{16C17530-B025-4C7A-8993-7928BEB7FD04}

c:\users\Käyttäjä\AppData\Local\{0D1C91D5-4E6C-461D-964E-6578C9C336AF}

c:\users\Käyttäjä\AppData\Local\{C6952152-183A-4E7D-81F8-3A44D4A96E0A}

c:\users\Käyttäjä\AppData\Local\{6233EE01-8634-4FB8-89D5-84F54F3FB1A1}

c:\users\Käyttäjä\AppData\Local\{08B37848-D119-4B93-9EA4-ED9130EA8F42}

c:\users\Käyttäjä\AppData\Local\{E05FF9C1-37B5-40A8-8566-57C2B8ACD89D}

c:\users\Käyttäjä\AppData\Local\{9638514F-9252-4706-BFF5-26D13662BFE6}

c:\users\Käyttäjä\AppData\Local\{F6FF3EC6-FF3C-4F29-B2F5-80708974EB30}

c:\users\Käyttäjä\AppData\Local\{F47AFC0C-4AD1-47CE-8BAD-41DA78361AFD}

c:\users\Käyttäjä\AppData\Local\{DCCD7D90-F8D7-4A78-951F-D9017E4C79B3}

c:\users\Käyttäjä\AppData\Local\{7A9DD991-03DC-4FBB-BDF6-2D542D8B9627}

c:\users\Käyttäjä\AppData\Local\{5A6D7CC7-E0E4-4253-91A2-7A09C98C7389}

c:\users\Käyttäjä\AppData\Local\{512F05BA-FFB8-4F66-8EAD-F43E7C95FBAE}

c:\users\Käyttäjä\AppData\Local\{192C6023-E3CF-4FEE-B8A8-E13440C82271}

c:\users\Käyttäjä\AppData\Local\{34B58BD5-7D29-4917-BEA4-03CE962D3369}

c:\users\Käyttäjä\AppData\Local\{A4B69BD2-E85A-4708-8901-F8946592E42E}

c:\users\Käyttäjä\AppData\Local\{199ECE22-0AF1-4C5A-9B91-0FD0101C26BE}

c:\users\Käyttäjä\AppData\Local\{579F12F6-8FA0-4C67-8492-86595B8B8F86}

c:\users\Käyttäjä\AppData\Local\{DBBF05EB-0C5E-40BD-9941-6F95C373D743}

c:\users\Käyttäjä\AppData\Local\{F92EEFBA-A6F8-4C37-93CF-DDF1D7B398E4}

c:\users\Käyttäjä\AppData\Local\{F6B80AEC-AEC7-4E25-82FA-FDA2AFF6C477}

c:\users\Käyttäjä\AppData\Local\{5EA439C9-446D-41EA-8E40-E86DC5A564C0}

c:\users\Käyttäjä\AppData\Local\{A9820222-2C83-4F06-9357-5E0B04601206}

c:\users\Käyttäjä\AppData\Local\{5FE59A75-05D5-429A-8D2C-2B579B893B9F}

c:\users\Käyttäjä\AppData\Local\{9791C897-6607-49AC-84E0-C84AD50CED0D}

c:\users\Käyttäjä\AppData\Local\{584ECBE8-07B9-4554-8DEE-9B4F679AC0BF}

c:\users\Käyttäjä\AppData\Local\{62D8838E-2CB5-4678-8A48-7A542AB29C85}

c:\users\Käyttäjä\AppData\Local\{5EAA45CB-E034-44D8-A3B1-A4A4C54CB739}

c:\users\Käyttäjä\AppData\Local\{BD441C96-AE10-40AD-B9FA-56ED1EAA890F}

c:\users\Käyttäjä\AppData\Local\{209BF861-38CF-4357-A9F6-A7A84E66FC0E}

c:\users\Käyttäjä\AppData\Local\{0A31460F-65FA-4D1C-A42A-08079D85D0BA}

c:\users\Käyttäjä\AppData\Local\{4FF72D32-2F2A-4B10-951E-E1554BD4FEBE}

c:\users\Käyttäjä\AppData\Local\{4C3637DE-5971-40C3-88C0-E8E9022E9675}

c:\users\Käyttäjä\AppData\Local\{82839D65-4653-4CDC-8074-6FC6337C6491}

c:\users\Käyttäjä\AppData\Local\{A451B388-4963-41E2-BDDB-D64E53B5EBD9}

c:\users\Käyttäjä\AppData\Local\{809D7944-31A8-4B7E-AC5D-020F4AE30082}

c:\users\Käyttäjä\AppData\Local\{7945C838-18DB-4D10-8D5D-EABDD9902D4E}

c:\users\Käyttäjä\AppData\Local\{AB4F4AD2-E610-4E84-B384-52D81AE29580}

c:\users\Käyttäjä\AppData\Local\{44BAE1C4-A973-45DC-9301-35179C6E5CAB}

c:\users\Käyttäjä\AppData\Local\{9D0AF847-B7B0-4868-8725-8388C5F30D8B}

c:\users\Käyttäjä\AppData\Local\{F08751D6-2EE7-4258-9496-A71378949428}

c:\users\Käyttäjä\AppData\Local\{0127B4E4-1F52-41AF-987B-1064603B69B0}

c:\users\Käyttäjä\AppData\Local\{6B34229D-09A3-4170-B12D-FC54BE128949}

c:\users\Käyttäjä\AppData\Local\{A3EC986A-4ABA-44C5-8389-C587BC238E00}

c:\users\Käyttäjä\AppData\Local\{DD923A33-5FA8-44C9-9032-EDB07FEEED00}

c:\users\Käyttäjä\AppData\Local\{51874EA6-1E09-4183-82E4-C027B4B433E0}

c:\users\Käyttäjä\AppData\Local\{4B5C2368-2246-418F-BC6F-A196EAE1F869}

c:\users\Käyttäjä\AppData\Local\{D9A8DD76-0EDD-48BD-AAA4-74523B59B414}

c:\users\Käyttäjä\AppData\Local\{F54F4EB5-067C-4869-8D66-8FF9F5137E71}

c:\users\Käyttäjä\AppData\Local\{417BF0DB-87C6-48D6-A681-B7BA4114A67A}

c:\users\Käyttäjä\AppData\Local\{4938330F-984F-4CA7-A95F-32D2E76FABE8}

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Trimex · 15 augustus 2012

ok gedaan, site werkt nog steeds niet :/

hierbij weer logje:

ComboFix 12-08-14.02 - Käyttäjä 15.08.2012 15:52:13.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1035.18.4061.2710 [GMT 3:00]

Sijainti: c:\users\Kõyttõjõ\Desktop\ComboFix.exe

Käytetyt komentorivivalitsimet :: c:\users\Kõyttõjõ\Desktop\CFScript.txt

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2012-07-15 to 2012-08-15 )))))))))))))))))

.

.

2012-08-15 13:02 . 2012-08-15 13:02 -------- d-----w- c:\users\Vieras\AppData\Local\temp

2012-08-15 13:02 . 2012-08-15 13:02 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-14 14:17 . 2012-08-14 14:17 -------- d-----w- c:\users\Käyttäjä\AppData\Roaming\Malwarebytes

2012-08-14 14:17 . 2012-08-14 14:17 -------- d-----w- c:\programdata\Malwarebytes

2012-08-14 14:17 . 2012-08-14 14:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-14 14:17 . 2012-07-03 10:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-14 11:24 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9A864098-3AA1-44A3-A751-A8FD4B392094}\mpengine.dll

2012-08-12 09:12 . 2012-08-12 09:12 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{EB217769-352A-4F53-A617-2BAB5EFDDB15}

2012-08-12 09:12 . 2012-08-12 09:12 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{4B9752C0-9A73-4048-BC97-0AC474599A05}

2012-08-11 12:23 . 2012-08-11 12:23 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{16AB21DC-E2F7-48C3-80B1-94B6045E35F1}

2012-08-11 12:23 . 2012-08-11 12:23 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{B16DB7C5-55E4-4642-B2B5-678384CCEE5A}

2012-08-09 11:01 . 2012-08-09 11:01 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{365E1898-39B4-444C-8940-840D8F4BACD1}

2012-08-09 11:01 . 2012-08-09 11:01 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{E8E69DF8-257C-4FE7-8DF9-1A01538E82A9}

2012-08-08 15:21 . 2012-08-08 15:21 388096 ----a-r- c:\users\Käyttäjä\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-08 15:21 . 2012-08-08 15:21 -------- d-----w- c:\program files (x86)\Trend Micro

2012-08-07 16:00 . 2012-08-07 16:00 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-08-07 16:00 . 2012-08-07 16:00 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2012-08-07 15:45 . 2012-08-07 15:45 -------- d-----w- c:\users\Käyttäjä\AppData\Roaming\Birdstep Technology

2012-08-07 15:44 . 2012-08-07 15:44 -------- d-----w- c:\program files (x86)\ZTE_1.2074.0.4

2012-08-07 15:44 . 2012-08-07 15:44 -------- d-----w- c:\program files (x86)\Mobiililaajakaista

2012-08-07 14:16 . 2012-08-07 14:16 -------- d-----w- c:\users\Käyttäjä\AppData\Local\Seven Zip

2012-08-07 11:32 . 2012-08-07 11:32 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{6FC768EF-708A-4DA0-9FD6-52BFEFB228E6}

2012-08-06 17:07 . 2012-08-06 17:07 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{B2824425-7924-4687-BEC0-C4B0CE9B52B3}

2012-08-06 05:06 . 2012-08-06 05:06 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{536146F8-327E-41C4-BBBD-DCA9C3FF152A}

2012-08-06 05:03 . 2012-08-06 17:06 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{B4257EAD-842B-4E47-A573-762FA82DA576}

2012-08-05 15:02 . 2012-08-05 15:02 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{16C17530-B025-4C7A-8993-7928BEB7FD04}

2012-08-05 15:00 . 2012-08-05 15:02 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{0D1C91D5-4E6C-461D-964E-6578C9C336AF}

2012-08-05 10:09 . 2012-08-05 10:09 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{C6952152-183A-4E7D-81F8-3A44D4A96E0A}

2012-08-04 14:27 . 2012-08-04 14:27 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{6233EE01-8634-4FB8-89D5-84F54F3FB1A1}

2012-08-04 07:43 . 2012-08-04 07:43 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{08B37848-D119-4B93-9EA4-ED9130EA8F42}

2012-08-03 15:45 . 2012-08-03 15:45 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{E05FF9C1-37B5-40A8-8566-57C2B8ACD89D}

2012-08-03 03:14 . 2012-08-03 03:14 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{9638514F-9252-4706-BFF5-26D13662BFE6}

2012-08-02 18:34 . 2012-08-02 18:34 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F6FF3EC6-FF3C-4F29-B2F5-80708974EB30}

2012-08-02 18:04 . 2012-08-02 18:04 -------- d-----w- c:\users\Käyttäjä\AppData\Roaming\Avira

2012-08-02 18:01 . 2012-07-18 15:05 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2012-08-02 18:01 . 2012-07-18 15:05 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2012-08-02 18:01 . 2012-07-18 15:05 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys

2012-08-02 18:00 . 2012-08-02 18:00 -------- d-----w- c:\programdata\Avira

2012-08-02 18:00 . 2012-08-02 18:00 -------- d-----w- c:\program files (x86)\Avira

2012-08-02 17:13 . 2012-08-02 17:13 -------- d-----w- c:\users\Käyttäjä\temp

2012-08-02 17:13 . 2012-08-02 17:13 -------- d-----w- c:\program files (x86)\TeamViewer

2012-08-02 11:02 . 2012-08-02 11:02 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F47AFC0C-4AD1-47CE-8BAD-41DA78361AFD}

2012-08-01 09:51 . 2012-08-01 09:51 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{DCCD7D90-F8D7-4A78-951F-D9017E4C79B3}

2012-08-01 09:48 . 2012-08-01 09:51 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{7A9DD991-03DC-4FBB-BDF6-2D542D8B9627}

2012-07-31 09:41 . 2012-07-31 09:41 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{5A6D7CC7-E0E4-4253-91A2-7A09C98C7389}

2012-07-30 10:46 . 2012-07-30 10:46 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{512F05BA-FFB8-4F66-8EAD-F43E7C95FBAE}

2012-07-29 19:42 . 2012-07-29 19:42 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{192C6023-E3CF-4FEE-B8A8-E13440C82271}

2012-07-29 07:42 . 2012-07-29 19:42 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{34B58BD5-7D29-4917-BEA4-03CE962D3369}

2012-07-28 06:26 . 2012-07-28 06:26 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{A4B69BD2-E85A-4708-8901-F8946592E42E}

2012-07-28 06:22 . 2012-07-28 06:22 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{199ECE22-0AF1-4C5A-9B91-0FD0101C26BE}

2012-07-27 11:55 . 2012-07-27 11:55 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{579F12F6-8FA0-4C67-8492-86595B8B8F86}

2012-07-27 11:19 . 2012-07-27 11:19 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{DBBF05EB-0C5E-40BD-9941-6F95C373D743}

2012-07-26 15:11 . 2012-07-26 15:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F92EEFBA-A6F8-4C37-93CF-DDF1D7B398E4}

2012-07-26 15:10 . 2012-07-26 15:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F6B80AEC-AEC7-4E25-82FA-FDA2AFF6C477}

2012-07-26 10:09 . 2012-07-26 10:09 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{5EA439C9-446D-41EA-8E40-E86DC5A564C0}

2012-07-25 11:33 . 2012-07-25 11:33 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{A9820222-2C83-4F06-9357-5E0B04601206}

2012-07-24 15:08 . 2012-07-24 15:08 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{5FE59A75-05D5-429A-8D2C-2B579B893B9F}

2012-07-23 16:24 . 2012-07-23 16:24 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{9791C897-6607-49AC-84E0-C84AD50CED0D}

2012-07-23 13:39 . 2012-07-23 13:39 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{584ECBE8-07B9-4554-8DEE-9B4F679AC0BF}

2012-07-22 21:31 . 2012-07-22 21:31 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{62D8838E-2CB5-4678-8A48-7A542AB29C85}

2012-07-22 21:29 . 2012-07-22 21:31 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{5EAA45CB-E034-44D8-A3B1-A4A4C54CB739}

2012-07-22 21:20 . 2012-07-22 21:20 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{BD441C96-AE10-40AD-B9FA-56ED1EAA890F}

2012-07-22 19:47 . 2012-07-22 19:47 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{209BF861-38CF-4357-A9F6-A7A84E66FC0E}

2012-07-22 06:06 . 2012-07-22 06:06 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{0A31460F-65FA-4D1C-A42A-08079D85D0BA}

2012-07-22 06:04 . 2012-07-22 06:06 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{4FF72D32-2F2A-4B10-951E-E1554BD4FEBE}

2012-07-22 05:11 . 2012-07-22 05:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{4C3637DE-5971-40C3-88C0-E8E9022E9675}

2012-07-21 14:07 . 2012-07-21 14:07 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{82839D65-4653-4CDC-8074-6FC6337C6491}

2012-07-21 06:49 . 2012-07-21 06:49 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{A451B388-4963-41E2-BDDB-D64E53B5EBD9}

2012-07-20 18:11 . 2012-07-20 18:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{809D7944-31A8-4B7E-AC5D-020F4AE30082}

2012-07-20 06:11 . 2012-07-20 06:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{7945C838-18DB-4D10-8D5D-EABDD9902D4E}

2012-07-20 06:11 . 2012-07-20 18:11 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{AB4F4AD2-E610-4E84-B384-52D81AE29580}

2012-07-19 18:10 . 2012-07-19 18:10 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{44BAE1C4-A973-45DC-9301-35179C6E5CAB}

2012-07-19 06:10 . 2012-07-19 06:10 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{9D0AF847-B7B0-4868-8725-8388C5F30D8B}

2012-07-19 06:07 . 2012-07-19 18:10 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F08751D6-2EE7-4258-9496-A71378949428}

2012-07-19 05:09 . 2012-07-19 05:09 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{0127B4E4-1F52-41AF-987B-1064603B69B0}

2012-07-18 13:16 . 2012-07-18 13:16 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{6B34229D-09A3-4170-B12D-FC54BE128949}

2012-07-18 13:14 . 2012-07-18 13:16 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{A3EC986A-4ABA-44C5-8389-C587BC238E00}

2012-07-18 10:20 . 2012-07-18 10:20 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{DD923A33-5FA8-44C9-9032-EDB07FEEED00}

2012-07-17 18:56 . 2012-07-17 18:56 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{51874EA6-1E09-4183-82E4-C027B4B433E0}

2012-07-17 09:21 . 2012-07-17 09:21 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{4B5C2368-2246-418F-BC6F-A196EAE1F869}

2012-07-16 19:22 . 2012-07-16 19:22 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{D9A8DD76-0EDD-48BD-AAA4-74523B59B414}

2012-07-16 19:22 . 2012-07-16 19:22 -------- d-----w- c:\users\Käyttäjä\AppData\Local\{F54F4EB5-067C-4869-8D66-8FF9F5137E71}

.

.

.

(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-08 15:21 . 2012-08-08 15:21 388096 ----a-r- c:\users\Käyttäjä\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-08 15:21 . 2012-08-08 15:21 388096 ----a-r- c:\users\Käyttäjä\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-02 19:07 . 2012-06-16 10:35 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-02 19:07 . 2012-02-17 15:45 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-12 07:27 . 2012-02-15 06:34 59701280 ----a-w- c:\windows\system32\MRT.exe

2012-06-25 13:04 . 2012-06-25 13:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll

2012-06-12 03:08 . 2012-07-12 07:32 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-06-09 05:43 . 2012-07-11 06:02 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 06:06 . 2012-07-11 06:02 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-11 06:02 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-11 06:01 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-11 06:02 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-11 06:02 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-11 06:01 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-21 05:45 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-21 05:45 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-21 05:45 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-21 05:45 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-21 05:45 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-21 05:45 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-21 05:45 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 12:49 . 2012-07-12 07:25 17807360 ----a-w- c:\windows\system32\mshtml.dll

2012-06-02 12:19 . 2012-06-21 05:44 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 12:17 . 2012-07-12 07:25 10924032 ----a-w- c:\windows\system32\ieframe.dll

2012-06-02 12:15 . 2012-06-21 05:44 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 12:12 . 2012-07-12 07:25 2311680 ----a-w- c:\windows\system32\jscript9.dll

2012-06-02 12:05 . 2012-07-12 07:25 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-06-02 12:05 . 2012-07-12 07:25 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-06-02 12:04 . 2012-07-12 07:25 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-02 12:04 . 2012-07-12 07:25 237056 ----a-w- c:\windows\system32\url.dll

2012-06-02 12:03 . 2012-07-12 07:25 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-06-02 12:01 . 2012-07-12 07:25 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-02 12:00 . 2012-07-12 07:25 818688 ----a-w- c:\windows\system32\jscript.dll

2012-06-02 11:59 . 2012-07-12 07:25 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-06-02 11:57 . 2012-07-12 07:25 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-06-02 11:57 . 2012-07-12 07:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-06-02 11:54 . 2012-07-12 07:25 248320 ----a-w- c:\windows\system32\ieui.dll

2012-06-02 08:33 . 2012-07-12 07:25 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-06-02 08:25 . 2012-07-12 07:25 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-06-02 08:25 . 2012-07-12 07:25 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-06-02 08:20 . 2012-07-12 07:25 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-06-02 08:16 . 2012-07-12 07:25 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-06-02 05:50 . 2012-07-11 06:01 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-11 06:01 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:48 . 2012-07-11 06:01 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:45 . 2012-07-11 06:01 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-11 06:01 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-11 06:01 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-11 06:01 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-11 06:01 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-11 06:01 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2012-05-31 09:25 . 2010-06-29 07:28 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-05-25 15:23 . 2012-05-25 15:23 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin

2009-04-08 18:31 . 2009-04-08 18:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll

2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-14_16.26.13 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-03-04 14:16 . 2012-08-15 11:51 65120 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-08-15 11:51 49020 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2010-06-24 15:48 . 2012-08-15 11:51 24974 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3795750051-532687555-2399500607-1001_UserData.bin

- 2009-08-04 11:04 . 2012-08-14 15:26 90748 c:\windows\system32\perfc00B.dat

+ 2009-08-04 11:04 . 2012-08-15 13:09 90748 c:\windows\system32\perfc00B.dat

+ 2010-06-02 00:19 . 2012-08-15 14:13 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-06-02 00:19 . 2012-08-14 14:57 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-06-02 00:19 . 2012-08-15 14:13 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-06-02 00:19 . 2012-08-14 14:57 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-08-14 14:57 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-15 14:13 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-06-29 11:25 . 2012-08-14 16:53 6890 c:\windows\system32\wdi\ERCQueuedResolutions.dat

+ 2012-08-15 13:04 . 2012-08-15 13:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-08-14 16:25 . 2012-08-14 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-15 13:04 . 2012-08-15 13:04 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-08-14 16:25 . 2012-08-14 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-08-04 11:04 . 2012-08-15 13:09 455888 c:\windows\system32\perfh00B.dat

- 2009-08-04 11:04 . 2012-08-14 15:26 455888 c:\windows\system32\perfh00B.dat

- 2009-07-14 02:36 . 2012-08-14 15:26 631610 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-08-15 13:09 631610 c:\windows\system32\perfh009.dat

- 2009-07-14 02:36 . 2012-08-14 15:26 113336 c:\windows\system32\perfc009.dat

+ 2009-07-14 02:36 . 2012-08-15 13:09 113336 c:\windows\system32\perfc009.dat

- 2009-07-14 05:01 . 2012-08-14 16:24 422356 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-08-15 13:03 422356 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2012-02-15 20:13 . 2012-08-15 13:03 10535420 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3795750051-532687555-2399500607-1001-12288.dat

.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]

@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"

[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]

2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="c:\users\Käyttäjä\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-12 138096]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]

"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]

"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-07-07 8493624]

"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]

"TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-11-21 202256]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-18 348664]

.

c:\users\Käyttäjä\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.0.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-02 250056]

R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]

R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]

R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]

R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]

R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x]

R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x]

R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [2011-04-27 11776]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-02 113120]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 WatAdminSvc;Windowsin aktivointitekniikoiden palvelu;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-30 1255736]

R4 gupdate;Google Päivitä-palvelu (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 116648]

R4 gupdatem;Google Päivitä-palvelu (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 116648]

S0 ***laby;***laby;c:\windows\system32\DRIVERS\***laby.sys [2009-06-18 15928]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-07-18 27760]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-07 283200]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]

S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-09-17 359552]

S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]

S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]

S2 BecHelperService;BecHelperService;c:\program files (x86)\Mobiililaajakaista\Mobiililaajakaista\BecHelperService.exe [2011-04-27 1958272]

S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-25 138752]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]

S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2011-04-27 137728]

.

.

'Ajoitetut tehtävät'-kansion sisältö

.

2012-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-16 19:07]

.

2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 16:12]

.

2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-04-18 16:12]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]

@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"

[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]

2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"EeeStorageBackup"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]

"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]

"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]

.

------- Täydentävä tarkistus -------

.

uStart Page = hxxp://www.google.fi/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: Interfaces\{A7964014-BA36-4576-9B6A-857EC6AEFB8F}: NameServer = 195.197.54.100 195.74.0.47

FF - ProfilePath - c:\users\Käyttäjä\AppData\Roaming\Mozilla\Firefox\Profiles\odgcqza6.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.fi/

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c8ce9a3&v=7.007.026.001&i=23&tp=ab&iy=&ychte=fi&lng=fi&q=

FF - prefs.js: network.proxy.type - 0

.

- - - - POISTETUT JÄMÄRIVIT - - - -

.

Toolbar-Locked - (no file)

.

.

.

--------------------- LUKITUT REKISTERIAVAIMET ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Muut prosessit ------------------------

.

c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

c:\program files\ATKGFNEX\GFNEXSrv.exe

c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe

c:\program files (x86)\Mobiililaajakaista\Mobiililaajakaista\LoggerServer.exe

c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe

c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe

c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe

c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe

c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe

c:\program files (x86)\OpenOffice.org 3\program\soffice.exe

c:\program files (x86)\OpenOffice.org 3\program\soffice.bin

c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

c:\program files (x86)\avira\antivir desktop\ipmGui.exe

.

**************************************************************************

.

Valmistumisajankohta: 2012-08-15 17:32:03 - kone käynnistettiin uudelleen

ComboFix-quarantined-files.txt 2012-08-15 14:32

ComboFix2.txt 2012-08-14 16:32

.

Ennen ajoa: 40 677 318 656 tavua vapaana

Ajon jälkeen: 39 560 704 000 tavua vapaana

.

- - End Of File - - D3D32A0989244AF9067B44FE9DA71619

manman, jullie steken hier veel hulp in , nogmaals bedankt, zoveel werk

kape · 15 augustus 2012

Er komen nog een heel pakket nieuwe mappen van dit type opduiken c:\users\Käyttäjä\AppData\Local\{D9A8DD76-0EDD-48BD-AAA4-74523B59B414} Verwijder in die map Local alle mappen met cijfercombinaties tussen haakjes.

Trimex · 15 augustus 2012

ok heb ik gedaan, nog steeds geen suc6 met de website :s

kape · 15 augustus 2012

Download MVPS Hosts.

Unzip het programma naar een door u bepaalde locatie.

Windows XP

Klik op mvps.bat en kies voor “uitvoeren” om mvps.bat op te starten (*).

Druk op toets om door te gaan.

Van het bestaande bestand HOSTS op de standaardlocatie C:\windows\system32\drivers\etc wordt een backup gemaakt met de naam HOSTS.MVP

Dan wordt het bestand vervangen door de actuele MVPS Hosts-versie.

(*) Windows Vista en Windows 7 gebruikers moeten rechtsklikken op mvps.bat en kiezen voor ”uitvoeren als administrator” om mvps.bat op te starten.

Trimex · 20 augustus 2012

hallo, sorry voor late reply.

ik heb dit reeds geprobeerd, en nog steeds werkt de website niet , het is echt een raar probleem o_o

kape · 20 augustus 2012

Zou het kunnen (gokje) dat de site ergens op een blacklist (bvb. van het antivirusprogramma of browser) is gezet ?

Trimex · 21 augustus 2012

Zou het kunnen (gokje) dat de site ergens op een blacklist (bvb. van het antivirusprogramma of browser) is gezet ?

dat dacht ik ook eerst, ze had 'AVG', maar die werkte aan geen kanten en had pop-ups, en trial versie, en een toolbar etc..

die heb ik allen verwijdert en ik heb avira ge-installeerd. ik heb ook al de website proberen openen met een gesloten avira, maar nog steeds niets. of zouden er andere black lists zijn dat ik moet controleren ?

kape · 21 augustus 2012

De firewall eventueel ?

Inloggen

Site wil niet openen

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie