API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 26th, 2014
307
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.63 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 14-11-25.01 - Łukasz 2014-11-26 14:34:58.1.4 - x64
  2. Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.8075.6440 [GMT 1:00]
  3. Uruchomiony z: c:\users\úukasz\Downloads\ComboFix.exe
  4. AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
  5. SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
  6. SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  7. .
  8. .
  9. ((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
  10. .
  11. .
  12. c:\windows\PFRO.log
  13. .
  14. .
  15. ((((((((((((((((((((((((( Pliki utworzone od 2014-10-26 do 2014-11-26 )))))))))))))))))))))))))))))))
  16. .
  17. .
  18. 2014-11-26 13:38 . 2014-11-26 13:38 -------- d-----w- c:\users\Default\AppData\Local\temp
  19. 2014-11-26 10:04 . 2014-11-26 10:04 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A66DC4D3-F3B8-4972-A3A8-12C3B0277603}\offreg.dll
  20. 2014-11-26 08:51 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A66DC4D3-F3B8-4972-A3A8-12C3B0277603}\mpengine.dll
  21. 2014-11-25 21:56 . 2014-11-25 21:57 -------- d-----w- C:\FRST
  22. 2014-11-25 21:44 . 2014-11-25 21:44 -------- d-----w- c:\programdata\NVIDIA
  23. 2014-11-25 21:43 . 2014-11-12 21:56 6897352 ----a-w- c:\windows\system32\nvcpl.dll
  24. 2014-11-25 21:43 . 2014-11-12 21:56 3534152 ----a-w- c:\windows\system32\nvsvc64.dll
  25. 2014-11-25 21:43 . 2014-11-12 21:56 934032 ----a-w- c:\windows\system32\nvvsvc.exe
  26. 2014-11-25 21:43 . 2014-11-12 21:56 62608 ----a-w- c:\windows\system32\nvshext.dll
  27. 2014-11-25 21:43 . 2014-11-12 21:56 386368 ----a-w- c:\windows\system32\nvmctray.dll
  28. 2014-11-25 21:43 . 2014-11-12 21:56 2559808 ----a-w- c:\windows\system32\nvsvcr.dll
  29. 2014-11-25 21:43 . 2014-11-11 10:29 4100776 ----a-w- c:\windows\system32\nvcoproc.bin
  30. 2014-11-25 21:43 . 2014-11-13 00:20 74056 ----a-w- c:\windows\system32\OpenCL.dll
  31. 2014-11-25 21:43 . 2014-11-13 00:20 59592 ----a-w- c:\windows\SysWow64\OpenCL.dll
  32. 2014-11-25 21:39 . 2014-11-25 21:39 -------- d-----w- C:\NVIDIA
  33. 2014-11-25 06:08 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
  34. 2014-11-23 19:34 . 2014-11-23 19:34 -------- d-----w- c:\users\Łukasz\AppData\Local\Overwolf
  35. 2014-11-21 15:58 . 2014-11-21 15:58 -------- d-----w- c:\programdata\Futuremark
  36. 2014-11-21 07:17 . 2014-09-18 09:11 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C754C2CD-E974-48B3-BF83-E4DEFC8EBE31}\gapaengine.dll
  37. 2014-11-19 22:47 . 2014-11-19 22:47 -------- d-----w- c:\users\Łukasz
  38. 2014-11-19 09:10 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
  39. 2014-11-19 09:10 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
  40. 2014-11-19 09:10 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
  41. 2014-11-19 09:10 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
  42. 2014-11-15 21:16 . 2014-11-25 22:10 -------- d-----w- c:\users\Łukasz\Valley
  43. 2014-11-15 15:17 . 2014-11-15 15:17 -------- d-----w- c:\program files (x86)\Geeks3D
  44. 2014-11-12 10:44 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
  45. 2014-11-12 10:44 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
  46. 2014-11-12 10:44 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
  47. 2014-11-12 10:44 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
  48. 2014-11-12 10:44 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
  49. 2014-11-12 10:44 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
  50. 2014-11-12 10:44 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
  51. 2014-11-12 10:44 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
  52. 2014-11-12 10:44 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
  53. 2014-11-12 10:42 . 2014-10-03 02:12 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
  54. .
  55. .
  56. .
  57. (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
  58. .
  59. 2014-11-26 09:04 . 2013-11-27 22:14 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
  60. 2014-11-26 09:04 . 2013-11-27 22:14 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
  61. 2014-11-12 23:28 . 2013-09-21 12:39 103374192 ----a-w- c:\windows\system32\MRT.exe
  62. 2014-10-30 11:25 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
  63. 2014-09-18 09:11 . 2013-10-18 21:53 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
  64. 2014-09-04 05:23 . 2014-10-15 06:44 424448 ----a-w- c:\windows\system32\rastls.dll
  65. 2014-09-04 05:04 . 2014-10-15 06:44 372736 ----a-w- c:\windows\SysWow64\rastls.dll
  66. .
  67. .
  68. ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
  69. .
  70. .
  71. *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
  72. REGEDIT4
  73. .
  74. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
  75. @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
  76. [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
  77. 2014-10-14 22:27 1729752 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
  78. .
  79. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
  80. @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
  81. [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
  82. 2014-10-14 22:27 1729752 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
  83. .
  84. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
  85. @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
  86. [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
  87. 2014-10-14 22:27 1729752 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
  88. .
  89. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  90. "CMD"="start http://ooov.net && exit" [X]
  91. "DAEMON Tools Lite"="e:\program files\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
  92. "ALLUpdate"="e:\program files\ALLPlayer\ALLUpdate.exe" [2013-07-18 2995712]
  93. .
  94. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  95. "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
  96. .
  97. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  98. "ConsentPromptBehaviorAdmin"= 5 (0x5)
  99. "ConsentPromptBehaviorUser"= 3 (0x3)
  100. "EnableUIADesktopToggle"= 0 (0x0)
  101. .
  102. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
  103. "LoadAppInit_DLLs"=1 (0x1)
  104. "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
  105. .
  106. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
  107. @="Service"
  108. .
  109. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
  110. R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
  111. R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
  112. R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
  113. R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
  114. R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
  115. R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
  116. R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
  117. R3 NisSrv;Inspekcja sieci firmy Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
  118. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
  119. R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
  120. R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
  121. S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
  122. S1 {a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64;{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64;c:\windows\system32\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys;c:\windows\SYSNATIVE\drivers\{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw64.sys [x]
  123. S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
  124. S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
  125. S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
  126. S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
  127. S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
  128. .
  129. .
  130. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
  131. 2014-11-26 09:02 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
  132. .
  133. Zawartość folderu 'Zaplanowane zadania'
  134. .
  135. 2014-11-26 c:\windows\Tasks\Adobe Flash Player Updater.job
  136. - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-27 09:04]
  137. .
  138. 2014-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  139. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-03 12:33]
  140. .
  141. 2014-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  142. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-03 12:33]
  143. .
  144. .
  145. --------- X64 Entries -----------
  146. .
  147. .
  148. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
  149. @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
  150. [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
  151. 2014-10-14 22:31 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
  152. .
  153. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
  154. @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
  155. [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
  156. 2014-10-14 22:31 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
  157. .
  158. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
  159. @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
  160. [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
  161. 2014-10-14 22:31 2334928 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
  162. .
  163. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  164. "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
  165. .
  166. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  167. "AppInit_DLLs"=c:\windows\System32\nvinitx.dll
  168. .
  169. ------- Skan uzupełniający -------
  170. .
  171. uLocal Page = c:\windows\system32\blank.htm
  172. uStart Page = hxxp://www.gazeta.pl/0,0.html?p=180&d=20140603
  173. mDefault_Page_URL = hxxp://www.google.com
  174. mStart Page = hxxp://www.gazeta.pl/0,0.html?p=180&d=20140603
  175. mLocal Page = c:\windows\SysWOW64\blank.htm
  176. IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
  177. IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
  178. Trusted Zone: 4game.com
  179. TCP: DhcpNameServer = 192.168.1.254
  180. Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
  181. .
  182. - - - - USUNIĘTO PUSTE WPISY - - - -
  183. .
  184. Wow6432Node-HKCU-Run-RGSC - e:\program files\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe
  185. HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
  186. AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
  187. AddRemove-BattlEye for OA - e:\program files\Steam\steamapps\common\Arma 2 Operation Arrowhead\Expansion\BattlEye\UnInstallBE.exe
  188. .
  189. .
  190. .
  191. --------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
  192. .
  193. [HKEY_USERS\S-1-5-21-717820670-338933895-430088421-1000\Software\SecuROM\License information*]
  194. "datasecu"=hex:d6,2b,83,d6,b1,2f,67,d6,9a,58,7d,1a,1e,81,d0,0c,b6,7c,c1,89,79,
  195. c1,d7,44,f1,68,0d,a7,85,30,45,89,6e,e8,57,e6,3e,58,03,b4,aa,f7,b9,f9,98,07,\
  196. "rkeysecu"=hex:92,88,72,82,57,7c,0e,8b,e9,01,17,e8,a7,81,9f,76
  197. .
  198. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
  199. @Denied: (A 2) (Everyone)
  200. @="FlashBroker"
  201. "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
  202. .
  203. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
  204. "Enabled"=dword:00000001
  205. .
  206. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
  207. @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
  208. .
  209. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
  210. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  211. .
  212. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
  213. @Denied: (A 2) (Everyone)
  214. @="IFlashBroker6"
  215. .
  216. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
  217. @="{00020424-0000-0000-C000-000000000046}"
  218. .
  219. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
  220. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  221. "Version"="1.0"
  222. .
  223. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
  224. @Denied: (A 2) (Everyone)
  225. @="FlashBroker"
  226. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe,-101"
  227. .
  228. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
  229. "Enabled"=dword:00000001
  230. .
  231. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
  232. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe"
  233. .
  234. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
  235. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  236. .
  237. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  238. @Denied: (A 2) (Everyone)
  239. @="Shockwave Flash Object"
  240. .
  241. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  242. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
  243. "ThreadingModel"="Apartment"
  244. .
  245. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  246. @="0"
  247. .
  248. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  249. @="ShockwaveFlash.ShockwaveFlash.15"
  250. .
  251. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  252. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
  253. .
  254. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  255. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  256. .
  257. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  258. @="1.0"
  259. .
  260. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  261. @="ShockwaveFlash.ShockwaveFlash"
  262. .
  263. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  264. @Denied: (A 2) (Everyone)
  265. @="Macromedia Flash Factory Object"
  266. .
  267. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  268. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
  269. "ThreadingModel"="Apartment"
  270. .
  271. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  272. @="FlashFactory.FlashFactory.1"
  273. .
  274. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  275. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
  276. .
  277. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  278. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  279. .
  280. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  281. @="1.0"
  282. .
  283. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  284. @="FlashFactory.FlashFactory"
  285. .
  286. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
  287. @Denied: (A 2) (Everyone)
  288. @="IFlashBroker6"
  289. .
  290. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
  291. @="{00020424-0000-0000-C000-000000000046}"
  292. .
  293. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
  294. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  295. "Version"="1.0"
  296. .
  297. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
  298. @Denied: (A) (Everyone)
  299. "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
  300. .
  301. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
  302. @Denied: (A) (Everyone)
  303. .
  304. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
  305. "Key"="ActionsPane3"
  306. "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
  307. .
  308. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  309. @Denied: (Full) (Everyone)
  310. .
  311. Czas ukończenia: 2014-11-26 14:40:24
  312. ComboFix-quarantined-files.txt 2014-11-26 13:40
  313. .
  314. Przed: 128 626 290 688 bajtów wolnych
  315. Po: 130 758 582 272 bajtów wolnych
  316. .
  317. - - End Of File - - FFA914BF9A17AB50018417C964454BE0
  318. A36C5E4F47E84449FF07ED3517B43A31
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!