Skocz do zawartości

Zarchiwizowany

Ten temat jest archiwizowany i nie można dodawać nowych odpowiedzi.

Piecho3

Combofix - co naprawiłem?

Przez Piecho3, w Programy

Polecane posty

Piecho3 Elf

Piecho3

Napisano
Napisano

Witam!

Na Win7 miałem problem z wyłączającym się antywirusem Bitdefender, zamulającym komputerem i freezującą się Operą Next. Zrobiłem skan Combofixem. Chyba pomogło, bo laptop chodzi teraz żwawiej. Intersuje mnie jednak co to było, że ani Eset, ani Bitdefender tego nie wykryły? Log:

ComboFix 13-09-12.01 - Beata 2013-09-12 22:26:21.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1250.48.1045.18.2931.1373 [GMT 2:00]

Uruchomiony z: c:\users\Beata\Desktop\ComboFix.exe

AV: Bitdefender Antivirus *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}

FW: Bitdefender Firewall *Disabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}

SP: Bitdefender Antispyware *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Utworzono nowy punkt przywracania

.

.

((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\1378490897.1196.bin

c:\programdata\1378490897.1640.bin

c:\programdata\1378490897.1800.bin

c:\programdata\1378490897.1988.bin

c:\programdata\1378490897.2376.bin

c:\programdata\1378490897.2384.bin

c:\programdata\1378490897.2524.bin

c:\programdata\1378490897.2536.bin

c:\programdata\1378490897.2756.bin

c:\programdata\1378490897.588.bin

c:\programdata\1378492842.bdinstall.bin

.

.

((((((((((((((((((((((((( Pliki utworzone od 2013-08-12 do 2013-09-12 )))))))))))))))))))))))))))))))

.

.

2013-09-12 20:36 . 2013-09-12 20:36 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-09-12 16:56 . 2013-09-12 16:56 -------- d-----w- c:\program files (x86)\Cisco

2013-09-12 16:53 . 2013-09-12 16:53 6656 ----a-w- c:\windows\system32\bcmwlrc.dll

2013-09-12 16:53 . 2013-09-12 16:53 95472 ----a-w- c:\windows\system32\bcmwlcoi.dll

2013-09-12 16:53 . 2013-09-12 16:53 3555840 ----a-w- c:\windows\system32\bcmihvui64.dll

2013-09-12 16:53 . 2013-09-12 16:53 -------- d-----w- c:\program files\Broadcom

2013-09-12 16:53 . 2013-09-12 16:53 3891200 ----a-w- c:\windows\system32\bcmihvsrv64.dll

2013-09-12 16:53 . 2013-09-12 16:53 3058168 ----a-w- c:\windows\system32\drivers\BCMWL664.SYS

2013-09-12 16:52 . 2013-09-12 16:52 -------- d-----w- c:\windows\SysWow64\sda

2013-09-12 16:52 . 2000-01-01 00:00 9887848 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll

2013-09-12 16:52 . 2000-01-01 00:00 251496 ----a-w- c:\windows\system32\drivers\RtsUStor.sys

2013-09-12 16:52 . 2000-01-01 00:00 422504 ----a-w- c:\windows\system32\RtsUStor.dll

2013-09-12 16:49 . 2013-09-12 16:49 -------- d-----w- c:\program files\Realtek

2013-09-12 16:49 . 2013-09-12 16:49 -------- d-----w- c:\windows\SysWow64\RTCOM

2013-09-12 16:47 . 2000-01-01 00:00 65944 ----a-w- c:\windows\system32\tepeqapo64.dll

2013-09-12 16:47 . 2000-01-01 00:00 2603896 ----a-w- c:\windows\system32\WavesGUILib.dll

2013-09-12 16:47 . 2000-01-01 00:00 1361336 ----a-w- c:\windows\system32\tosade.dll

2013-09-12 16:41 . 2013-09-12 16:41 -------- d-----w- c:\program files\Common Files\Intel

2013-09-12 16:41 . 2013-09-12 16:41 -------- d-----w- c:\program files (x86)\Common Files\Intel

2013-09-12 16:14 . 2013-09-12 16:17 -------- d-----w- C:\Intel

2013-09-12 13:14 . 2013-08-19 22:46 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BEBB72CD-5761-481E-9258-04C7E1CFBDC4}\mpengine.dll

2013-09-11 19:19 . 2013-09-11 19:19 -------- d-----w- c:\program files (x86)\Microsoft.NET

2013-09-11 18:55 . 2013-09-11 18:55 466456 ----a-w- c:\windows\system32\wrap_oal.dll

2013-09-11 18:55 . 2013-09-11 18:55 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll

2013-09-11 18:55 . 2013-09-11 18:55 122904 ----a-w- c:\windows\system32\OpenAL32.dll

2013-09-11 18:55 . 2013-09-11 18:55 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll

2013-09-11 18:55 . 2013-09-11 18:55 -------- d-----w- c:\program files (x86)\OpenAL

2013-09-11 18:47 . 2008-07-10 09:01 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll

2013-09-11 05:34 . 2013-08-10 03:17 2706432 ----a-w- c:\windows\system32\mshtml.tlb

2013-09-11 05:29 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys

2013-09-11 05:28 . 2013-08-02 02:12 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

2013-09-09 21:32 . 2011-10-20 09:24 157696 ----a-w- c:\windows\system32\drivers\MxEFUF64.sys

2013-09-09 17:06 . 2013-09-09 17:06 -------- d-----w- c:\program files\Tracker Software

2013-09-07 16:34 . 2013-09-10 06:58 -------- d-----w- c:\program files (x86)\Common Files\Steam

2013-09-07 13:05 . 2012-10-15 11:57 34656 ----a-w- c:\windows\system32\TURegOpt.exe

2013-09-07 13:05 . 2012-10-15 11:57 25952 ----a-w- c:\windows\system32\authuitu.dll

2013-09-07 13:05 . 2012-10-15 11:57 21344 ----a-w- c:\windows\SysWow64\authuitu.dll

2013-09-07 13:04 . 2013-09-07 13:05 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2013

2013-09-07 13:03 . 2013-09-07 13:04 -------- d-----w- c:\programdata\TuneUp Software

2013-09-07 13:03 . 2013-09-07 13:17 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

2013-09-07 13:03 . 2013-09-07 13:03 -------- d--h--w- c:\programdata\Common Files

2013-09-06 23:18 . 2013-09-06 23:18 -------- d-----w- c:\program files (x86)\Opera Next

2013-09-06 23:06 . 2011-06-10 09:21 90112 ----a-w- c:\windows\system32\igfxCoIn_v2418.dll

2013-09-06 22:15 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui

2013-09-06 22:07 . 2013-09-06 22:07 -------- d-----w- c:\windows\SysWow64\Wat

2013-09-06 22:07 . 2013-09-06 22:07 -------- d-----w- c:\windows\system32\Wat

2013-09-06 22:05 . 2012-07-26 05:05 2560 ----a-w- c:\windows\system32\drivers\pl-PL\wdf01000.sys.mui

2013-09-06 22:05 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2013-09-06 22:05 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2013-09-06 22:05 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll

2013-09-06 21:50 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe

2013-09-06 21:48 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll

2013-09-06 21:48 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll

2013-09-06 21:48 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll

2013-09-06 21:48 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2013-09-06 21:36 . 2013-09-11 05:34 -------- d-----w- c:\windows\system32\MRT

2013-09-06 21:19 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll

2013-09-06 21:19 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll

2013-09-06 20:45 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll

2013-09-06 20:45 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll

2013-09-06 20:45 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys

2013-09-06 20:45 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys

2013-09-06 20:45 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe

2013-09-06 20:45 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll

2013-09-06 20:45 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll

2013-09-06 20:18 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys

2013-09-06 20:18 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll

2013-09-06 20:18 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll

2013-09-06 20:18 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll

2013-09-06 20:18 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll

2013-09-06 19:55 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll

2013-09-06 19:55 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll

2013-09-06 19:52 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll

2013-09-06 19:52 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe

2013-09-06 19:52 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll

2013-09-06 19:52 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll

2013-09-06 19:51 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll

2013-09-06 19:51 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll

2013-09-06 19:51 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll

2013-09-06 19:51 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2013-09-06 19:51 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll

2013-09-06 19:51 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll

2013-09-06 19:49 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll

2013-09-06 19:49 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2013-09-06 19:49 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

2013-09-06 19:49 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll

2013-09-06 19:49 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2013-09-06 19:49 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll

2013-09-06 19:49 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys

2013-09-06 19:49 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll

2013-09-06 19:49 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll

2013-09-06 19:48 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-09-06 19:48 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll

2013-09-06 19:48 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll

2013-09-06 19:46 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2013-09-06 19:45 . 2011-06-15 10:02 163840 ----a-w- c:\windows\system32\odbccp32.dll

2013-09-06 19:45 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccu32.dll

2013-09-06 19:45 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccr32.dll

2013-09-06 19:45 . 2011-06-15 09:59 126976 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll

2013-09-06 19:45 . 2011-06-15 10:02 212992 ----a-w- c:\windows\system32\odbctrac.dll

2013-09-06 19:45 . 2011-06-15 08:55 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll

2013-09-06 19:45 . 2011-06-15 08:55 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll

2013-09-06 19:45 . 2011-06-15 08:55 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll

2013-09-06 19:45 . 2011-06-15 08:55 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll

2013-09-06 19:45 . 2011-06-15 08:55 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll

2013-09-06 19:45 . 2011-06-15 08:54 94208 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaosp.dll

2013-09-06 19:26 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll

2013-09-06 19:26 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll

2013-09-06 19:26 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2013-09-06 19:26 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-09-06 19:26 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll

2013-09-06 19:25 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll

2013-09-06 19:25 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll

2013-09-06 19:25 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll

2013-09-06 19:25 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll

2013-09-06 19:24 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll

2013-09-06 19:24 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll

2013-09-06 19:24 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll

2013-09-06 19:24 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll

2013-09-06 19:24 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll

2013-09-06 19:19 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-09-06 19:19 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2013-09-06 19:19 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2013-09-06 19:16 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys

2013-09-06 19:16 . 2013-06-15 04:32 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys

.

.

(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-08-07 02:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-08-02 01:48 . 2013-09-11 05:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll

.

.

((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Steam"="d:\program files\Steam\steam.exe" [2013-09-06 1811368]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\0autocheck autochk *

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys;c:\windows\SYSNATIVE\drivers\bdsandbox.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe;c:\program files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [x]

S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]

S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]

S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF64.sys;c:\windows\SYSNATIVE\DRIVERS\MxEFUF64.sys [x]

S0 rpcnetp;rpcnetp;rpcnetp [x]

S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [x]

S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]

S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x]

S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]

S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]

.

.

--- Inne Usługi/Sterowniki w Pamięci ---

.

*NewlyCreated* - WS2IFSL

.

Zawartość folderu 'Zaplanowane zadania'

.

2013-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-06 14:40]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]

@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"

[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]

2013-02-27 13:43 269200 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]

@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"

[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]

2013-02-27 13:43 269200 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]

@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"

[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]

2013-02-27 13:43 269200 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]

@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"

[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]

2013-02-27 13:43 269200 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Bdagent"="c:\program files\Bitdefender\Bitdefender 2013\bdagent.exe" [2013-08-26 1574680]

.

------- Skan uzupełniający -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = about:blank

mStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 188.122.31.2 188.122.20.62

.

- - - - USUNIĘTO PUSTE WPISY - - - -

.

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

--------------------- ZABLOKOWANE KLUCZE REJESTRU ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_168_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_168_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_168_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_168.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Pozostałe uruchomione procesy ------------------------

.

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\windows\System32\rpcnetp.exe

c:\program files (x86)\Common Files\Steam\SteamService.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera_crashreporter.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

c:\program files (x86)\Opera Next\17.0.1241.11\opera.exe

.

**************************************************************************

.

Czas ukończenia: 2013-09-12 22:45:48 - komputer został uruchomiony ponownie

ComboFix-quarantined-files.txt 2013-09-12 20:45

.

Przed: 15 933 333 504 bajtów wolnych

Po: 16 437 026 816 bajtów wolnych

.

- - End Of File - - 6181C9DF52644C43B877E68B52EE52CB

A36C5E4F47E84449FF07ED3517B43A31

Link do komentarza
Udostępnij na innych stronach
Przejdź do listy tematów

  • Kto przegląda   0 użytkowników

    • Brak zalogowanych użytkowników przeglądających tę stronę.
×
×
  • Utwórz nowe...