REKLAMA

ComboFix.txt

Jak usunąć wirusa URL:Mal wykrywanego przez Avast w svchost?

Mam nowa jave juz ale nadal stary problem :) Tzn nadal mi avast pokazuje to ostrzezenie. Zrobilam wszystko jak pisales. Dodano po 1 34 : Chyba udalo "mi" sie rozwiazac problem. Tzn na forum Avasta sporo dzis jest o tym postow (jeszcze wczoraj nie moglam znalezc tam pomocy) i tam znalazlam ze pomaga na to program Combofix. Tu link do postu z tamtego forum Forum Avasta. Jesli ktos nie zna ang to w skrocie: 1. Sciagamy ten program np z Link1 z tamtego posta 2. Sciagamy koniecznie na pulpit 3. Tymczasowo wylaczamy oslony programu przeciwwirusowego - ja wczesniej rozlaczylam sie z internetem i innym tez tak radze aby ten URL:Mal akurat sie nie wlaczyl. 4. Uruchamiamy - tam pisze aby nie klikac myszka w okno programu podczas dzialania bo program moze sie zawiesic. 5. Reset komuptera Po zastosowaniu tych krokow od czasu resetu komputera juz z 20min nie mam ostrzezenia avasta, a normalnie mialam pierwszy raz zaraz po wlaczeniu. Dla osob ktore sie lepiej znaja daje loga do Combofix co u mnie zrobil. Z tego loga widze ze przyczepil sie do programu SecureW2 ktory byl mi potrzebny i nie wydaje mi sie ze jest szkodliwy wiec to pewnie nie on byl wirusem.


Pobierz plik - link do postu

ComboFix 14-07-08.04 - Ania 2014-07-11 1:11.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.8104.4979 [GMT 2:00]
Uruchomiony z: c:\users\Ania\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Usuniêto )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\Uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\users\Ania\AppData\Local\assembly\tmp
c:\users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\r52xez8l.firefox3.6\extensions\staged\jieg-nv9d@hxdlao-cujq.edu
c:\users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\r52xez8l.firefox3.6\extensions\staged\jieg-nv9d@hxdlao-cujq.edu\bootstrap.js
c:\users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\r52xez8l.firefox3.6\extensions\staged\jieg-nv9d@hxdlao-cujq.edu\chrome.manifest
c:\users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\r52xez8l.firefox3.6\extensions\staged\jieg-nv9d@hxdlao-cujq.edu\content\bg.js
c:\users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\r52xez8l.firefox3.6\extensions\staged\jieg-nv9d@hxdlao-cujq.edu\install.rdf
c:\users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\uk6vpk6v.default-1383582554633\extensions\staged\jieg-nv9d@hxdlao-cujq.edu
c:\users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\uk6vpk6v.default-1383582554633\extensions\staged\jieg-nv9d@hxdlao-cujq.edu\bootstrap.js
c:\users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\uk6vpk6v.default-1383582554633\extensions\staged\jieg-nv9d@hxdlao-cujq.edu\chrome.manifest
c:\users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\uk6vpk6v.default-1383582554633\extensions\staged\jieg-nv9d@hxdlao-cujq.edu\content\bg.js
c:\users\Ania\AppData\Roaming\Mozilla\Firefox\Profiles\uk6vpk6v.default-1383582554633\extensions\staged\jieg-nv9d@hxdlao-cujq.edu\install.rdf
D:\install.exe
.
.
((((((((((((((((((((((((( Pliki utworzone od 2014-06-10 do 2014-07-10 )))))))))))))))))))))))))))))))
.
.
2014-07-10 23:22 . 2014-07-10 23:22 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-07-10 23:22 . 2014-07-10 23:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-10 22:02 . 2014-07-10 22:02 313256 ----a-w- c:\windows\system32\javaws.exe
2014-07-10 22:02 . 2014-07-10 22:02 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-07-10 22:02 . 2014-07-10 22:02 189352 ----a-w- c:\windows\system32\java.exe
2014-07-10 22:02 . 2014-07-10 22:02 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-10 22:01 . 2014-07-10 22:01 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-10 22:01 . 2014-07-10 22:01 -------- d-----w- c:\program files (x86)\Java
2014-07-10 21:33 . 2014-07-10 22:06 -------- d-----w- C:\FRST
2014-07-10 20:09 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-10 16:28 . 2014-07-10 16:47 -------- d-----w- c:\users\Ania\Doctor Web
2014-07-10 08:53 . 2014-07-10 08:53 -------- d-----w- c:\program files (x86)\ESET
2014-07-09 20:53 . 2014-07-09 20:53 -------- d-----w- c:\programdata\Malwarebytes
2014-07-09 20:53 . 2014-07-10 20:50 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-07-09 20:53 . 2014-07-10 20:33 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-09 20:52 . 2014-07-10 20:31 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-09 14:56 . 2014-07-09 14:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\Google
2014-07-09 14:56 . 2014-07-09 14:56 -------- d-----w- c:\users\GoϾ
2014-07-09 14:56 . 2014-07-09 14:56 -------- d-----w- c:\users\Administrator
2014-07-08 08:37 . 2014-07-10 23:18 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3F06E064-FC5D-4D96-B952-0B153A1AD247}\offreg.dll
2014-07-08 08:35 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3F06E064-FC5D-4D96-B952-0B153A1AD247}\mpengine.dll
2014-06-29 18:36 . 2014-06-29 18:36 -------- d-----w- c:\program files (x86)\FLV to MPEG
2014-06-29 18:29 . 2014-06-29 18:29 -------- d-----w- c:\users\Ania\AppData\Local\Windows Live
2014-06-29 18:19 . 2013-01-06 20:24 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2014-06-29 18:19 . 2014-06-29 18:19 -------- d-----w- c:\program files\ffdshow
2014-06-29 18:18 . 2014-06-29 18:18 -------- d-----w- c:\users\Ania\AppData\Local\Programs
2014-06-29 17:55 . 2014-06-29 18:01 -------- d-----w- c:\users\Ania\AppData\Roaming\Crystal Player
2014-06-29 17:54 . 2014-06-29 17:55 -------- d-----w- c:\program files (x86)\Crystal Player
.
.
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 17:37 . 2014-01-23 22:24 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-05-15 17:37 . 2011-12-16 17:50 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-05-15 17:37 . 2011-12-16 17:50 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-08 17:36 . 2014-05-08 17:37 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-08 17:36 . 2013-04-25 14:10 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-08 17:36 . 2013-04-25 14:10 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-08 17:36 . 2011-12-16 17:50 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-08 17:36 . 2011-12-16 17:50 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-05-08 17:36 . 2012-03-25 12:00 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-08 17:36 . 2014-05-08 17:36 43152 ----a-w- c:\windows\avastSS.scr
2014-05-08 12:19 . 2014-05-08 12:19 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-05-08 12:19 . 2014-05-08 12:19 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-05-08 12:19 . 2014-05-08 12:19 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-05-08 12:19 . 2014-05-08 12:19 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-05-08 12:19 . 2014-05-08 12:19 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-05-08 12:19 . 2014-05-08 12:19 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-05-08 12:19 . 2014-05-08 12:19 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-08 12:19 . 2014-05-08 12:19 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-05-08 12:19 . 2014-05-08 12:19 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-05-08 12:19 . 2014-05-08 12:19 81408 ----a-w- c:\windows\system32\icardie.dll
2014-05-08 12:19 . 2014-05-08 12:19 774144 ----a-w- c:\windows\system32\jscript.dll
2014-05-08 12:19 . 2014-05-08 12:19 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-05-08 12:19 . 2014-05-08 12:19 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-05-08 12:19 . 2014-05-08 12:19 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-05-08 12:19 . 2014-05-08 12:19 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-05-08 12:19 . 2014-05-08 12:19 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-05-08 12:19 . 2014-05-08 12:19 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-05-08 12:19 . 2014-05-08 12:19 628736 ----a-w- c:\windows\system32\msfeeds.dll
2014-05-08 12:19 . 2014-05-08 12:19 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-05-08 12:19 . 2014-05-08 12:19 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-05-08 12:19 . 2014-05-08 12:19 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-05-08 12:19 . 2014-05-08 12:19 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-05-08 12:19 . 2014-05-08 12:19 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-05-08 12:19 . 2014-05-08 12:19 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-05-08 12:19 . 2014-05-08 12:19 586240 ----a-w- c:\windows\system32\ie4uinit.exe
2014-05-08 12:19 . 2014-05-08 12:19 5784064 ----a-w- c:\windows\system32\jscript9.dll
2014-05-08 12:19 . 2014-05-08 12:19 574976 ----a-w- c:\windows\system32\ieui.dll
2014-05-08 12:19 . 2014-05-08 12:19 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-05-08 12:19 . 2014-05-08 12:19 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-05-08 12:19 . 2014-05-08 12:19 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-05-08 12:19 . 2014-05-08 12:19 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-05-08 12:19 . 2014-05-08 12:19 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-05-08 12:19 . 2014-05-08 12:19 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-05-08 12:19 . 2014-05-08 12:19 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-05-08 12:19 . 2014-05-08 12:19 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-05-08 12:19 . 2014-05-08 12:19 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-05-08 12:19 . 2014-05-08 12:19 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-05-08 12:19 . 2014-05-08 12:19 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-05-08 12:19 . 2014-05-08 12:19 413696 ----a-w- c:\windows\system32\html.iec
2014-05-08 12:19 . 2014-05-08 12:19 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-05-08 12:19 . 2014-05-08 12:19 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-05-08 12:19 . 2014-05-08 12:19 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-05-08 12:19 . 2014-05-08 12:19 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-05-08 12:19 . 2014-05-08 12:19 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-05-08 12:19 . 2014-05-08 12:19 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-05-08 12:19 . 2014-05-08 12:19 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-05-08 12:19 . 2014-05-08 12:19 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-05-08 12:19 . 2014-05-08 12:19 2767360 ----a-w- c:\windows\system32\iertutil.dll
2014-05-08 12:19 . 2014-05-08 12:19 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-08 12:19 . 2014-05-08 12:19 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-08 12:19 . 2014-05-08 12:19 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-05-08 12:19 . 2014-05-08 12:19 247808 ----a-w- c:\windows\system32\msls31.dll
2014-05-08 12:19 . 2014-05-08 12:19 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-05-08 12:19 . 2014-05-08 12:19 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-05-08 12:19 . 2014-05-08 12:19 235520 ----a-w- c:\windows\system32\url.dll
2014-05-08 12:19 . 2014-05-08 12:19 23549440 ----a-w- c:\windows\system32\mshtml.dll
2014-05-08 12:19 . 2014-05-08 12:19 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-05-08 12:19 . 2014-05-08 12:19 2260480 ----a-w- c:\windows\system32\wininet.dll
2014-05-08 12:19 . 2014-05-08 12:19 2043904 ----a-w- c:\windows\system32\inetcpl.cpl
2014-05-08 12:19 . 2014-05-08 12:19 1967104 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-05-08 12:19 . 2014-05-08 12:19 195584 ----a-w- c:\windows\system32\msrating.dll
2014-05-08 12:19 . 2014-05-08 12:19 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-05-08 12:19 . 2014-05-08 12:19 1789440 ----a-w- c:\windows\SysWow64\wininet.dll
2014-05-08 12:19 . 2014-05-08 12:19 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-05-08 12:19 . 2014-05-08 12:19 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-05-08 12:19 . 2014-05-08 12:19 147968 ----a-w- c:\windows\system32\occache.dll
2014-05-08 12:19 . 2014-05-08 12:19 143872 ----a-w- c:\windows\system32\wextract.exe
2014-05-08 12:19 . 2014-05-08 12:19 1400832 ----a-w- c:\windows\system32\urlmon.dll
2014-05-08 12:19 . 2014-05-08 12:19 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-05-08 12:19 . 2014-05-08 12:19 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-05-08 12:19 . 2014-05-08 12:19 13824 ----a-w- c:\windows\system32\mshta.exe
2014-05-08 12:19 . 2014-05-08 12:19 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-05-08 12:19 . 2014-05-08 12:19 13551104 ----a-w- c:\windows\system32\ieframe.dll
2014-05-08 12:19 . 2014-05-08 12:19 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-05-08 12:19 . 2014-05-08 12:19 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-05-08 12:19 . 2014-05-08 12:19 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-05-08 12:19 . 2014-05-08 12:19 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-05-08 12:19 . 2014-05-08 12:19 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-05-08 12:19 . 2014-05-08 12:19 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-05-08 12:19 . 2014-05-08 12:19 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-05-08 12:19 . 2014-05-08 12:19 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-05-08 12:19 . 2014-05-08 12:19 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-05-08 12:19 . 2014-05-08 12:19 101376 ----a-w- c:\windows\system32\inseng.dll
2014-05-08 11:58 . 2013-03-19 10:02 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-08 11:58 . 2011-12-16 17:45 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-14 02:24 . 2014-05-08 12:10 465408 ----a-w- c:\windows\system32\aepdu.dll
2014-04-14 02:19 . 2014-05-08 12:10 424448 ----a-w- c:\windows\system32\aeinv.dll
2011-12-16 20:55 . 2011-12-16 20:58 1093632 ----a-w- c:\program files\BESTplayer.exe
.
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyœlne, prawid³owe wpisy nie s¹ pokazane
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@= " {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Ania\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@= " {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Ania\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@= " {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Ania\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" googletalk " = " c:\users\Ania\AppData\Roaming\Google\Google Talk\googletalk.exe " [2007-01-01 3739648]
" AlcoholAutomount " = " c:\program files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe " [2009-11-15 33120]
" KiesPreload " = " c:\program files (x86)\Samsung\Kies\Kies.exe " [2014-02-14 1564992]
" KiesAirMessage " = " c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe " [2014-01-23 578560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
" HP Software Update " = " c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe " [2007-05-08 54840]
" hpqSRMon " = " c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe " [2008-07-22 150528]
" GrooveMonitor " = " c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe " [2009-02-26 30040]
" KiesTrayAgent " = " c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe " [2014-02-14 311616]
" Adobe ARM " = " c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe " [2013-11-21 959904]
" CucusoftNetGuard " = " c:\program files\Cucusoft\NetGuard\BandwidthGuard.exe " [2013-05-03 868352]
" AvastUI.exe " = " c:\program files\AVAST Software\Avast\AvastUI.exe " [2014-07-04 3890208]
" Adobe Creative Cloud " = " c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe " [2014-03-21 2691480]
" SunJavaUpdateSched " = " c:\program files (x86)\Common Files\Java\Java Update\jusched.exe " [2014-05-07 256896]
.
c:\users\Ania\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-12-7 576000]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-10-22 1133856]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
" ConsentPromptBehaviorAdmin " = 5 (0x5)
" ConsentPromptBehaviorUser " = 3 (0x3)
" EnableUIADesktopToggle " = 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
" LoadAppInit_DLLs " =1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CS_AutoUpdate;CS_AutoUpdate;c:\program files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe;c:\program files\Cucusoft\AutoUpdate\AutoUpdateSrvc.exe [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys;c:\windows\SYSNATIVE\DRIVERS\tap0801.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Us³uga Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CS_BandwidthGuard;CS_BandwidthGuard;c:\program files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys;c:\program files\Cucusoft\NetGuard\BandwidthGuardSrvc.sys [x]
S2 CS_BandwidthGuard64;CS_BandwidthGuard64;c:\program files\Cucusoft\NetGuard\BandwidthGuardSrvc64.sys;c:\program files\Cucusoft\NetGuard\BandwidthGuardSrvc64.sys [x]
S2 CS_SysMsgProxy;CS_SysMsgProxy;c:\program files\Cucusoft\NetGuard\SysMsgProxySrvc.sys;c:\program files\Cucusoft\NetGuard\SysMsgProxySrvc.sys [x]
S2 Giraffic;Veoh Giraffic Video Accelerator;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe;c:\program files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [x]
S2 MySQL56;MySQL56;c:\program files\MySQL\MySQL Server 5.6\bin\mysqld --defaults-file=c:\programdata\MySQL\MySQL Server 5.6\my.ini MySQL56;c:\program files\MySQL\MySQL Server 5.6\bin\mysqld --defaults-file=c:\programdata\MySQL\MySQL Server 5.6\my.ini MySQL56 [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Audio dla ekranów;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Inne Us³ugi/Sterowniki w Pamiêci ---
.
*Deregistered* - CucusoftBandwidthGuard2000
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
ZawartoϾ folderu 'Zaplanowane zadania'
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@= " {472083B0-C522-11CF-8763-00608CC02F24} "
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-08 17:36 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@= " {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Ania\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@= " {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Ania\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@= " {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Ania\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@= " {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Ania\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" RtHDVCpl " = " c:\program files\Realtek\Audio\HDA\RAVCpl64.exe " [2010-11-17 11613288]
" IgfxTray " = " c:\windows\system32\igfxtray.exe " [2012-02-02 167704]
" HotKeysCmds " = " c:\windows\system32\hkcmd.exe " [2012-02-02 392984]
" Persistence " = " c:\windows\system32\igfxpers.exe " [2012-02-02 417560]
" AdobeAAMUpdater-1.0 " = " c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe " [2014-02-27 558496]
.
------- Skan uzupe³niaj¹cy -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E & xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se & nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Wyœlij obraz do urz¹dzenia & Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Wyœlij stronê do urz¹dzenia & Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
.
- - - - USUNIÊTO PUSTE WPISY - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
AddRemove-{FDB962F0-B5B8-9460-D12F-7966E97BAA43} - c:\programdata\PRaicaechoP\fUxkY1tjI.exe
AddRemove-BankBrowser - c:\users\Ania\Desktop\bankbrowser_3_6.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL56]
" ImagePath " = " \ " c:\program files\MySQL\MySQL Server 5.6\bin\mysqld\ " --defaults-file=\ " c:\programdata\MySQL\MySQL Server 5.6\my.ini\ " MySQL56 "
.
--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@= " FlashBroker "
" LocalizedString " = " @c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
" Enabled " =dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@= " c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@= " {FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@= " IFlashBroker5 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@= " {00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@= " {FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
" Version " = " 1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@= " FlashBroker "
" LocalizedString " = " @c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
" Enabled " =dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@= " c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@= " {FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= " Shockwave Flash Object "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= " c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx "
" ThreadingModel " = " Apartment "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@= " 0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@= " ShockwaveFlash.ShockwaveFlash.11 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= " c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@= " {D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@= " 1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= " ShockwaveFlash.ShockwaveFlash "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= " Macromedia Flash Factory Object "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= " c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx "
" ThreadingModel " = " Apartment "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@= " FlashFactory.FlashFactory.1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= " c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@= " {D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@= " 1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= " FlashFactory.FlashFactory "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@= " IFlashBroker5 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@= " {00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@= " {FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
" Version " = " 1.0 "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
@DACL=(02 0000)
@= " Bing "
" DisplayName " = " @ieframe.dll,-12512 "
" URL " = " http://www.bing.com/search?q={searchTerms} & FORM=IE8SRC "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
" Solution " = " {15727DE6-F92D-4E46-ACB4-0E2C58B31A18} "
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
" Key " = " ActionsPane3 "
" Location " = " c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd "
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
" BlindDial " =dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Czas ukoñczenia: 2014-07-11 01:25:35
ComboFix-quarantined-files.txt 2014-07-10 23:25
.
Przed: 21 935 214 592 bajtów wolnych
Po: 21 576 949 760 bajtów wolnych
.
- - End Of File - - 1C8321D9BF35F57F669544B8F0EC4C37