API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 4th, 2012
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.08 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 12-03-03.02 - Apock 2012-03-04 14:11:49.1.4 - x64
  2. Microsoft Windows 7 Enterprise 6.1.7601.1.1250.48.1033.18.4095.1660 [GMT 1:00]
  3. Uruchomiony z: c:\users\Apock\Desktop\ComboFix.exe
  4. AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
  5. SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
  6. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  7. .
  8. .
  9. ((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
  10. .
  11. .
  12. c:\programdata\ntuser.dat
  13. c:\windows\logboot_14.02.2012.tureg.log
  14. c:\windows\logboot_18.02.2012.tureg.log
  15. c:\windows\SysWow64\Temp
  16. c:\windows\SysWow64\Temp\KSKD87SFXS
  17. .
  18. Zainfekowana kopia c:\windows\System32\winver.exe została znaleziona. Problem naprawiono
  19. Plik odzyskano z - c:\windows\winsxs\amd64_microsoft-windows-winver_31bf3856ad364e35_6.1.7600.16385_none_12466fe3b629e036\winver.exe
  20. .
  21. .
  22. ((((((((((((((((((((((((( Pliki utworzone od 2012-02-04 do 2012-03-04 )))))))))))))))))))))))))))))))
  23. .
  24. .
  25. 2012-03-04 13:15 . 2012-03-04 13:15 -------- d-----w- c:\users\Default\AppData\Local\temp
  26. 2012-03-03 14:12 . 2012-03-03 14:12 -------- d-----w- c:\users\Apock\AppData\Roaming\Avira
  27. 2012-03-03 14:12 . 2012-03-04 19:19 -------- d-----w- c:\programdata\Avira
  28. 2012-03-03 14:12 . 2012-03-03 14:12 -------- d-----w- c:\program files (x86)\Avira
  29. 2012-03-03 14:12 . 2011-09-18 07:39 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys
  30. 2012-03-03 14:12 . 2011-09-15 22:55 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys
  31. 2012-03-03 14:12 . 2011-09-15 22:55 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys
  32. 2012-02-29 15:43 . 2012-02-29 15:43 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
  33. 2012-02-28 07:52 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA202D88-3660-4B7B-A942-5A8CE88B087A}\mpengine.dll
  34. 2012-02-27 11:47 . 2012-03-04 10:57 -------- d-----w- c:\users\UpdatusUser
  35. 2012-02-25 23:57 . 2012-02-25 23:57 -------- d-----w- c:\users\Apock\AppData\Local\PassMark
  36. 2012-02-25 23:55 . 2012-02-25 23:55 -------- d-----w- c:\programdata\PassMark
  37. 2012-02-25 23:55 . 2012-02-25 23:55 -------- d-----w- c:\program files (x86)\BurnInTest
  38. 2012-02-25 23:44 . 2012-02-25 23:44 -------- d-----w- c:\program files (x86)\HD Tune
  39. 2012-02-25 17:00 . 2012-02-25 19:10 -------- d-----w- c:\program files (x86)\Google
  40. 2012-02-21 11:48 . 2012-02-21 11:48 -------- d-----w- c:\users\Apock\AppData\Roaming\Canneverbe Limited
  41. 2012-02-21 11:48 . 2012-02-21 11:48 -------- d-----w- c:\programdata\Canneverbe Limited
  42. 2012-02-21 11:47 . 2012-02-21 11:48 -------- d-----w- c:\program files (x86)\CDBurnerXP
  43. 2012-02-20 15:09 . 2012-02-20 15:09 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
  44. 2012-02-20 15:09 . 2012-02-20 15:09 -------- d-----w- c:\users\Apock\AppData\Roaming\SystemRequirementsLab
  45. 2012-02-17 13:10 . 2012-02-17 13:10 -------- d-----w- c:\program files\CPUID
  46. 2012-02-17 13:10 . 2011-09-21 09:25 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x64.sys
  47. 2012-02-17 12:50 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
  48. 2012-02-17 12:01 . 2012-02-17 12:45 -------- d-----w- c:\users\Apock\AppData\Roaming\Download Manager
  49. 2012-02-12 12:41 . 2012-02-12 12:41 -------- d-----w- c:\users\Apock\AppData\Local\Western Digital
  50. 2012-02-12 10:07 . 2012-02-12 10:07 -------- d-----w- c:\windows\SysWow64\xlive
  51. 2012-02-12 10:07 . 2012-02-12 10:07 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
  52. 2012-02-12 09:59 . 2011-11-16 13:35 54400 ----a-w- c:\windows\system32\drivers\usbfilter.sys
  53. 2012-02-12 09:58 . 2012-02-12 09:58 -------- d-----w- C:\AMD
  54. 2012-02-12 09:57 . 2011-12-21 16:35 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
  55. 2012-02-12 09:57 . 2011-11-23 22:02 648808 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
  56. 2012-02-12 09:57 . 2011-11-23 22:02 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
  57. 2012-02-12 09:20 . 2012-02-12 09:20 -------- d-----w- c:\users\Apock\AppData\Local\PackageAware
  58. 2012-02-11 13:48 . 2012-02-11 13:48 -------- d-----w- c:\program files (x86)\7-Zip
  59. 2012-02-11 12:50 . 2009-03-18 15:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
  60. 2012-02-09 19:28 . 2012-03-01 20:11 -------- d-----w- c:\users\Apock\AppData\Roaming\Skype
  61. 2012-02-09 19:28 . 2012-02-09 19:28 -------- d-----w- c:\program files (x86)\Common Files\Skype
  62. 2012-02-09 19:28 . 2012-02-09 19:28 -------- d-----r- c:\program files (x86)\Skype
  63. 2012-02-09 19:27 . 2012-02-09 19:27 -------- d-----w- c:\programdata\Skype
  64. 2012-02-09 19:11 . 2012-02-22 22:40 -------- d-----w- c:\program files (x86)\Steam
  65. 2012-02-09 16:23 . 2012-02-15 00:24 -------- d-----w- c:\program files (x86)\Common Files\Steam
  66. 2012-02-09 13:45 . 2012-02-09 13:45 -------- d-----w- c:\users\Apock\AppData\Local\Adobe
  67. 2012-02-09 13:45 . 2012-02-09 13:45 -------- d-----w- c:\program files (x86)\Common Files\Adobe
  68. 2012-02-08 22:52 . 2012-03-04 13:15 -------- d-----w- c:\users\Apock\AppData\Local\LogMeIn Hamachi
  69. 2012-02-05 11:49 . 2012-02-05 11:49 -------- d-----w- c:\users\Apock\AppData\Local\Diagnostics
  70. 2012-02-04 18:30 . 2012-02-04 18:30 -------- d-----w- c:\programdata\RELOADED
  71. 2012-02-04 18:17 . 2012-02-04 18:17 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
  72. 2012-02-04 18:16 . 2012-02-04 18:17 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
  73. 2012-02-04 18:16 . 2012-02-04 18:19 -------- d-----w- c:\users\Apock\AppData\Roaming\DAEMON Tools Lite
  74. 2012-02-04 18:16 . 2012-02-04 18:16 -------- d-----w- c:\programdata\DAEMON Tools Lite
  75. 2012-02-03 13:19 . 2012-02-03 13:19 -------- d-----w- c:\users\Apock\AppData\Roaming\Media Player Classic
  76. .
  77. .
  78. .
  79. (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
  80. .
  81. 2012-02-23 16:23 . 2012-01-30 10:29 258520 ----a-w- c:\windows\system32\aswBoot.exe
  82. 2012-02-10 04:13 . 2012-01-30 11:29 7713088 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
  83. 2012-02-10 04:13 . 2012-01-30 11:29 2660160 ----a-w- c:\windows\system32\nvapi64.dll
  84. 2012-02-10 04:13 . 2012-01-30 11:29 2301248 ----a-w- c:\windows\SysWow64\nvapi.dll
  85. 2012-02-10 04:13 . 2012-01-30 11:29 1737536 ----a-w- c:\windows\system32\nvdispco64.dll
  86. 2012-02-10 04:13 . 2012-01-30 11:29 1466176 ----a-w- c:\windows\system32\nvgenco64.dll
  87. 2012-02-10 04:13 . 2009-07-13 21:59 9717568 ----a-w- c:\windows\system32\nvwgf2umx.dll
  88. 2012-02-10 04:13 . 2009-06-10 20:37 15009600 ----a-w- c:\windows\SysWow64\nvd3dum.dll
  89. 2012-02-10 03:14 . 2012-01-30 11:30 6074176 ----a-w- c:\windows\system32\nvcpl.dll
  90. 2012-02-10 03:14 . 2012-01-30 11:30 3089728 ----a-w- c:\windows\system32\nvsvc64.dll
  91. 2012-02-10 03:07 . 2012-01-30 11:30 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
  92. 2012-02-10 03:07 . 2012-01-30 11:30 889664 ----a-w- c:\windows\system32\nvvsvc.exe
  93. 2012-02-10 03:07 . 2012-01-30 11:30 63296 ----a-w- c:\windows\system32\nvshext.dll
  94. 2012-02-10 03:07 . 2012-01-30 11:30 118080 ----a-w- c:\windows\system32\nvmctray.dll
  95. 2012-01-30 12:24 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
  96. 2012-01-30 12:24 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
  97. 2012-01-30 10:07 . 2012-01-30 10:07 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  98. 2012-01-30 10:05 . 2012-01-30 10:05 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
  99. 2012-01-29 04:10 . 2010-10-11 17:47 279656 ------w- c:\windows\system32\MpSigStub.exe
  100. 2012-01-25 18:00 . 2012-01-30 16:03 79360 ----a-w- c:\windows\SysWow64\ff_vfw.dll
  101. 2011-12-21 18:14 . 2012-01-30 16:03 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
  102. 2011-12-13 17:27 . 2012-01-30 11:37 4718952 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
  103. 2011-12-13 15:58 . 2012-01-30 11:37 1560168 ----a-w- c:\windows\system32\RTSnMg64.cpl
  104. 2011-12-13 10:01 . 2012-01-30 09:45 1698408 ----a-w- c:\windows\RtlExUpd.dll
  105. 2011-12-12 16:20 . 2012-01-30 11:37 100456 ----a-w- c:\windows\system32\RCoInstII64.dll
  106. 2011-12-09 15:42 . 2012-01-30 11:37 2684416 ----a-w- c:\windows\system32\RCoRes64.dat
  107. 2011-12-08 16:28 . 2012-01-30 11:37 1969768 ----a-w- c:\windows\system32\RtkApi64.dll
  108. 2011-12-08 15:27 . 2012-01-30 11:37 3744872 ----a-w- c:\windows\system32\RtkAPO64.dll
  109. .
  110. .
  111. ------- Sigcheck -------
  112. Note: Unsigned files aren't necessarily malware.
  113. .
  114. [7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
  115. [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
  116. [-] 2010-11-20 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
  117. .
  118. [7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
  119. [7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
  120. [-] 2002-01-01 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
  121. .
  122. ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
  123. .
  124. .
  125. *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
  126. REGEDIT4
  127. .
  128. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  129. "F.lux"="c:\users\Apock\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
  130. "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-01-19 3477312]
  131. .
  132. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  133. "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
  134. "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-09-23 258512]
  135. .
  136. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  137. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  138. "ConsentPromptBehaviorUser"= 3 (0x3)
  139. "EnableUIADesktopToggle"= 0 (0x0)
  140. "PromptOnSecureDesktop"= 0 (0x0)
  141. .
  142. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  143. Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  144. .
  145. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
  146. "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
  147. "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
  148. "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  149. "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  150. .
  151. R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  152. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  153. R3 BS_DEF;BS_DEF;c:\windows\system32\drivers\BS_DEF.sys [x]
  154. R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
  155. R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
  156. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
  157. R3 tsusbhub;tsusbhub; [x]
  158. R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-01-31 158856]
  159. S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
  160. S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
  161. S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-09-23 86224]
  162. S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
  163. S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
  164. S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
  165. S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
  166. .
  167. .
  168. --- Inne Usługi/Sterowniki w Pamięci ---
  169. .
  170. *NewlyCreated* - WS2IFSL
  171. .
  172. .
  173. --------- x86-64 -----------
  174. .
  175. .
  176. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  177. "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-12-12 7560296]
  178. .
  179. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  180. "LoadAppInit_DLLs"=0x0
  181. .
  182. ------- Skan uzupełniający -------
  183. .
  184. uLocal Page = c:\windows\system32\blank.htm
  185. uStart Page = hxxp://www.ask.com/?l=dis&o=102866&gct=hp
  186. mLocal Page = c:\windows\SysWOW64\blank.htm
  187. IE: E&ksportuj do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
  188. FF - ProfilePath - c:\users\Apock\AppData\Roaming\Mozilla\Firefox\Profiles\tm6u7lv3.default\
  189. FF - prefs.js: browser.startup.homepage - www.onet.pl
  190. FF - user.js: network.http.max-persistent-connections-per-server - 4
  191. FF - user.js: nglayout.initialpaint.delay - 600
  192. FF - user.js: content.notify.interval - 600000
  193. FF - user.js: content.max.tokenizing.time - 1800000
  194. FF - user.js: content.switch.threshold - 600000
  195. .
  196. .
  197. --------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
  198. .
  199. [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
  200. @Denied: (2) (LocalSystem)
  201. "Progid"="ChromeHTML"
  202. .
  203. [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
  204. @Denied: (2) (LocalSystem)
  205. "Progid"="ChromeHTML"
  206. .
  207. [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
  208. @Denied: (2) (LocalSystem)
  209. "Progid"="ChromeHTML"
  210. .
  211. [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
  212. @Denied: (2) (LocalSystem)
  213. "Progid"="ChromeHTML"
  214. .
  215. [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
  216. @Denied: (2) (LocalSystem)
  217. "Progid"="ChromeHTML"
  218. .
  219. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  220. @Denied: (A 2) (Everyone)
  221. @="FlashBroker"
  222. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
  223. .
  224. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  225. "Enabled"=dword:00000001
  226. .
  227. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  228. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
  229. .
  230. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  231. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  232. .
  233. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  234. @Denied: (A 2) (Everyone)
  235. @="Shockwave Flash Object"
  236. .
  237. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  238. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
  239. "ThreadingModel"="Apartment"
  240. .
  241. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  242. @="0"
  243. .
  244. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  245. @="ShockwaveFlash.ShockwaveFlash.10"
  246. .
  247. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  248. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
  249. .
  250. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  251. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  252. .
  253. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  254. @="1.0"
  255. .
  256. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  257. @="ShockwaveFlash.ShockwaveFlash"
  258. .
  259. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  260. @Denied: (A 2) (Everyone)
  261. @="Macromedia Flash Factory Object"
  262. .
  263. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  264. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
  265. "ThreadingModel"="Apartment"
  266. .
  267. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  268. @="FlashFactory.FlashFactory.1"
  269. .
  270. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  271. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
  272. .
  273. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  274. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  275. .
  276. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  277. @="1.0"
  278. .
  279. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  280. @="FlashFactory.FlashFactory"
  281. .
  282. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  283. @Denied: (A 2) (Everyone)
  284. @="IFlashBroker4"
  285. .
  286. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  287. @="{00020424-0000-0000-C000-000000000046}"
  288. .
  289. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  290. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  291. "Version"="1.0"
  292. .
  293. [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
  294. @Denied: (Full) (Everyone)
  295. .
  296. ------------------------ Pozostałe uruchomione procesy ------------------------
  297. .
  298. c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
  299. c:\program files\ASUS\GPU Boost Driver\GpuBoostServer.exe
  300. .
  301. **************************************************************************
  302. .
  303. Czas ukończenia: 2012-03-04 14:20:20 - komputer został uruchomiony ponownie
  304. ComboFix-quarantined-files.txt 2012-03-04 13:20
  305. .
  306. Przed: 115 694 243 840 bajtów wolnych
  307. Po: 119 142 547 456 bajtów wolnych
  308. .
  309. - - End Of File - - 558C67ABC332922481EF217C95385E2F
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!