XxxCinuxxX Opublikowano 24 Marca 2015 Zgłoś Udostępnij Opublikowano 24 Marca 2015 Witam mam prosbe, czy moglby mi ktos sprawdzic moj log z Combofixa pod katem wirusow? Oto zawartosc loga: ComboFix 15-03-23.01 - Jan Majowski 2015-03-24 14:49:36.1.1 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.2812.1514 [GMT 1:00] Uruchomiony z: c:\windows\SysWOW64\config\systemprofile\Desktop\ComboFix.exe AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Usunięto ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\msdownld.tmp c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C033CB86-D5D0-4421-9B75-ACE1A22D3ED3}\ISBEW64.exe c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C033CB86-D5D0-4421-9B75-ACE1A22D3ED3}\ISRT.dll c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\{C033CB86-D5D0-4421-9B75-ACE1A22D3ED3}\TosChk.dll c:\windows\system32\config\SYSTEM~1\AppData\Local\Temp\UNINSTALL.EXE c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C033CB86-D5D0-4421-9B75-ACE1A22D3ED3}\ISBEW64.exe c:\windows\system32\config\systemprofile\AppData\Local\Temp\{C033CB86-D5D0-4421-9B75-ACE1A22D3ED3}\ISRT.dll c:\windows\System32\config\systemprofile\AppData\Local\Temp\{C033CB86-D5D0-4421-9B75-ACE1A22D3ED3}\TosChk.dll c:\windows\system32\config\systemprofile\AppData\Local\Temp\UNINSTALL.EXE c:\windows\SysWow64\Cache c:\windows\SysWow64\Cache\b2736cd47a20ea66.fb c:\windows\SysWow64\Cache\b2736cd47a20ea66__exp__1427205586 . . ((((((((((((((((((((((((( Pliki utworzone od 2015-02-24 do 2015-03-24 ))))))))))))))))))))))))))))))) . . 2015-03-24 14:00 . 2015-03-24 14:00 -------- d-----w- c:\users\TEMP\AppData\Local\temp 2015-03-24 14:00 . 2015-03-24 14:00 -------- d-----w- c:\users\Jan Majowski\AppData\Local\temp 2015-03-24 13:29 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll 2015-03-24 13:29 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll 2015-03-24 13:28 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll 2015-03-24 13:28 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll 2015-03-24 13:28 . 2006-11-29 12:06 4398360 ----a-w- c:\windows\system32\d3dx9_32.dll 2015-03-24 13:28 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\SysWow64\d3dx9_32.dll 2015-03-13 13:55 . 2015-03-13 13:55 -------- d-----w- c:\users\Default\AppData\Local\Toshiba 2015-03-13 13:42 . 2015-03-24 13:15 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin 2015-03-13 13:41 . 2015-03-13 13:41 -------- d-----w- c:\windows\SysWow64\BestPractices 2015-03-13 13:41 . 2015-03-13 13:41 -------- d-----w- c:\windows\system32\msmq 2015-03-13 13:41 . 2015-03-13 13:41 -------- d-----w- c:\windows\system32\BestPractices 2015-03-12 07:35 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll 2015-03-12 07:35 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll 2015-03-12 07:34 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll 2015-03-12 07:34 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll 2015-03-12 07:34 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe 2015-03-12 07:34 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll 2015-03-12 07:34 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe 2015-03-12 07:34 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll 2015-03-12 07:34 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll 2015-03-12 07:34 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll 2015-03-12 07:34 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll 2015-03-12 07:34 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll 2015-03-11 16:38 . 2015-03-13 13:41 -------- d-----w- C:\inetpub 2015-03-11 08:08 . 2015-02-03 03:31 215552 ----a-w- c:\windows\system32\ubpm.dll 2015-03-11 08:05 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll 2015-03-11 08:05 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll . . . (((((((((((((((((((((((((((((((((((((((( Sekcja Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-02-05 09:55 . 2013-06-19 20:10 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-02-05 09:55 . 2013-06-19 20:10 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-02-04 03:16 . 2015-02-11 12:32 609280 ----a-w- c:\windows\system32\generaltel.dll 2015-02-04 03:16 . 2015-02-11 12:32 762368 ----a-w- c:\windows\system32\invagent.dll 2015-02-04 03:16 . 2015-02-11 12:32 414720 ----a-w- c:\windows\system32\devinv.dll 2015-02-04 03:16 . 2015-02-11 12:32 894976 ----a-w- c:\windows\system32\appraiser.dll 2015-02-04 03:16 . 2015-02-11 12:32 227328 ----a-w- c:\windows\system32\aepdu.dll 2015-02-04 03:16 . 2015-02-11 12:32 192000 ----a-w- c:\windows\system32\aepic.dll 2015-02-04 03:13 . 2015-02-11 12:32 1098752 ----a-w- c:\windows\system32\aeinv.dll 2015-01-27 23:36 . 2015-02-11 12:32 1239720 ----a-w- c:\windows\system32\aitstatic.exe 2015-01-09 03:14 . 2015-02-18 09:43 91136 ----a-w- c:\windows\system32\wdi.dll 2015-01-09 03:14 . 2015-02-18 09:43 950272 ----a-w- c:\windows\system32\perftrack.dll 2015-01-09 03:14 . 2015-02-18 09:43 29696 ----a-w- c:\windows\system32\powertracker.dll 2015-01-09 02:48 . 2015-02-18 09:43 76800 ----a-w- c:\windows\SysWow64\wdi.dll . . ((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-07-27 98304] "SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-03-03 352256] "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-03 423936] "KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-15 34160] "ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336] "TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-05-01 2454840] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2014-11-03 4411952] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x] R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Usługa Technologie aktywacji systemu Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x] S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x] S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x] S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x] S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x] S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x] S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys;c:\windows\SYSNATIVE\DRIVERS\CeKbFilter.sys [x] S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-03-22 01:57 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe . Zawartość folderu 'Zaplanowane zadania' . 2015-03-24 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-19 09:55] . 2015-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-19 09:50] . 2015-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-19 09:50] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-28 11101800] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-07-28 2120808] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976] "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136] . ------- Skan uzupełniający ------- . uLocal Page = c:\windows\system32\blank.htm TCP: DhcpNameServer = 192.168.1.1 0.0.0.0 FF - ProfilePath - . - - - - USUNIĘTO PUSTE WPISY - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-RunOnce-InstallShieldSetup - c:\program files (x86)\InstallShield Installation Information\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}\setup.exe HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe . . . --------------------- ZABLOKOWANE KLUCZE REJESTRU --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.16" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Czas ukończenia: 2015-03-24 15:04:49 ComboFix-quarantined-files.txt 2015-03-24 14:04 . Przed: 111 501 934 592 bajtów wolnych Po: 110 763 560 960 bajtów wolnych . - - End Of File - - 1ABE100DA5BBD6AB0B3DB0A9ED2F4EE7 Odnośnik do komentarza
Rucek Opublikowano 24 Marca 2015 Zgłoś Udostępnij Opublikowano 24 Marca 2015 Witam, nie dostosowałeś się do zasad obowiązujących w dziale, w Twoim poście jest bałagan, Co do używania Combofixa to tutaj masz info, dlaczego lepiej nie używać: https://www.fixitpc.pl/topic/7-dezynfekcja-narz%C4%99dzie-combofix/?p=34 zapoznaj się prosze z zasadami działu:1. https://www.fixitpc.pl/forum-38/announcement-3-wa%C5%BCne-zak%C5%82adanie-tematu-obowi%C4%85zkowe-logi/2. https://www.fixitpc.pl/forum-38/announcement-2-wa%C5%BCne-oprogramowanie-emuluj%C4%85ce-nap%C4%99dy/3. https://www.fixitpc.pl/forum-38/announcement-1-wa%C5%BCne-u%C5%BCytkownicy-uprawnieni-do-pomocy/Przeczytaj wszystko dokładnie przed wykonaniem dzialan.Postepujac zgodnie z powyzszymi instrukcjami - dołącz wymagane logi do tematu.Łącznie mają być 4 logi: (GMER [recznie wklejasz wynik skanowania do pliku GMER.txt], FRST [FRST.txt, Addition.txt, Shortcut.txt],Jak coś nie bedzie chciało sie uruchomić - to odpal system w trybie awaryjnym i wtedy zrób logi.Jeśli z czymś bedzie problem - pisz w poście.Po wrzuceniu logów nie dokonuj już żadnych zmian na kompie - logi muszą być aktualne.Przeczytaj dokładnie info na temat GMERa.Jak coś zmieniasz w poście to używaj opcji EDYTUJ by był porządek.Czekaj cierpliwie na pomoc. Odnośnik do komentarza
Rekomendowane odpowiedzi
Jeśli chcesz dodać odpowiedź, zaloguj się lub zarejestruj nowe konto
Jedynie zarejestrowani użytkownicy mogą komentować zawartość tej strony.
Zarejestruj nowe konto
Załóż nowe konto. To bardzo proste!
Zarejestruj sięZaloguj się
Posiadasz już konto? Zaloguj się poniżej.
Zaloguj się