Scribd
Upload
120 views

Combo Fix

This document is a log file from a ComboFix scan on a Windows 7 system. It lists processes, drivers, files created between certain dates, and registry entries. Some highlights include Microsoft Security Essentials being enabled, various driver files, installed programs like Adobe and Java updates, and registry entries for program startup.

Uploaded by

Joao Silva
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
120 views

Combo Fix

This document is a log file from a ComboFix scan on a Windows 7 system. It lists processes, drivers, files created between certain dates, and registry entries. Some highlights include Microsoft Security Essentials being enabled, various driver files, installed programs like Adobe and Java updates, and registry entries for program startup.

Uploaded by

Joao Silva
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 7

ComboFix 13-08-30.02 - w7 30/08/2013 16:22:34.1.

8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.55.1046.18.8151.6084 [GMT -3:
00]
Executando de: c:\users\w7\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E
4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B9
69A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras Excluses )))))))))))))))))))))))
))))))))))))))))))))))))))))
.
.
c:\users\w7\AppData\Local\Microsoft\Windows\Temporary Internet Files\plot.log
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2013-07-28 to 2013-08-30 )))))
)))))))))))))))))))))))
.
.
2013-08-30 19:41 . 2013-08-30 19:41
-------d-----wc:\users
\LogMeInRemoteUser\AppData\Local\temp
2013-08-30 19:41 . 2013-08-30 19:41
-------d-----wc:\users
\Default\AppData\Local\temp
2013-08-30 19:14 . 2013-08-30 19:28
-------d-----wC:\Progr
ama
2013-08-30 19:14 . 2013-08-30 19:14
76232 ----a-wc:\programdata\M
icrosoft\Microsoft Antimalware\Definition Updates\{3963838C-27B9-46F7-9A36-8C285
0EF7B96}\offreg.dll
2013-08-30 19:13 . 2013-08-30 19:13
-------d-----wC:\Ivone
2013-08-30 19:13 . 2013-08-30 19:13
-------d-----wC:\Dna.
Yvone
2013-08-30 19:13 . 2013-08-30 19:13
-------d-----wC:\Mario
2013-08-30 18:41 . 2013-08-06 08:58
9515512 ----a-wc:\programdata\M
icrosoft\Microsoft Antimalware\Definition Updates\{3963838C-27B9-46F7-9A36-8C285
0EF7B96}\mpengine.dll
2013-08-30 12:05 . 2013-08-30 12:20
-------d-----wc:\users
\w7\AppData\Local\Symbian-Toys.com
2013-08-30 12:05 . 2013-08-30 12:05
-------d-----wc:\users
\w7\AppData\Roaming\NaviFirmPlus
2013-08-30 11:51 . 2005-08-03 19:05
35892 ----a-wc:\windows\SysWo
w64\SER9PL.sys
2013-08-30 11:51 . 2005-08-03 19:04
26719 ----a-wc:\windows\SysWo
w64\SERSPL.VXD
2013-08-29 12:51 . 2013-08-06 08:58
9515512 ----a-wc:\programdata\M
icrosoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-28 14:29 . 2013-08-28 14:30
-------d-----wc:\users
\w7\AppData\Local\Nokia
2013-08-28 14:29 . 2013-08-30 11:45
-------d-----wc:\users
\w7\AppData\Roaming\PC Suite
2013-08-28 14:29 . 2013-08-28 14:29
-------d-----wc:\progr
amdata\PC Suite
2013-08-28 14:28 . 2013-08-30 12:03
-------d-----wc:\progr
amdata\Nokia
2013-08-28 14:28 . 2013-08-30 11:55
-------d-----wc:\progr
am files (x86)\Common Files\Nokia

2013-08-28 14:27 . 2013-08-28 14:27


am files\DIFX
2013-08-28 14:27 . 2012-10-17 17:53
m32\drivers\pccsmcfdx64.sys
2013-08-28 14:27 . 2013-08-28 14:27
ws\system32\DRVSTORE
2013-08-28 14:26 . 2013-08-28 14:26
am files (x86)\PC Connectivity Solution
2013-08-28 14:26 . 2008-02-01 19:17
m32\nmwcdclsX64.dll
2013-08-28 14:25 . 2013-08-30 11:54
am files (x86)\Nokia
2013-08-08 18:22 . 2013-06-24 03:41
ws\system32\MRT.exe
2013-08-08 17:24 . 2012-12-16 17:11
m32\atmlib.dll
2013-08-08 17:24 . 2012-12-16 14:45
m32\atmfd.dll
2013-08-08 17:24 . 2012-12-16 14:13
w64\atmfd.dll
2013-08-08 17:24 . 2012-12-16 14:13
w64\atmlib.dll
2013-08-08 17:24 . 2010-09-30 10:41
m32\fontsub.dll
2013-08-08 17:24 . 2010-09-30 06:47
w64\fontsub.dll
.
.
.
(((((((((((((((((((((((((((((((((((((
)))))))))))))))))))))))))))))
.
2013-08-21 13:44 . 2013-03-24 00:22
w64\FlashPlayerApp.exe
2013-08-21 13:43 . 2013-03-24 00:22
w64\FlashPlayerCPLApp.cpl
2013-07-30 18:26 . 2013-07-30 18:26
w64\IscDbc.dll
2013-07-30 18:26 . 2013-07-30 18:26
w64\OdbcJdbcMT.dll
2013-07-30 18:26 . 2013-07-30 18:26
w64\OdbcJdbc.dll
2013-07-30 18:26 . 2013-07-30 18:26
w64\OdbcJdbcSetup.dll
2013-07-30 18:16 . 2013-07-30 18:16
f_dll.bat
2013-06-13 00:48 . 2013-03-25 17:59
w64\npDeployJava1.dll
2013-06-13 00:48 . 2013-03-25 17:59
w64\deployJava1.dll
2013-06-13 00:47 . 2013-06-20 11:35
w64\WindowsAccessBridge-32.dll
2013-06-12 15:39 . 2013-06-12 15:39
w64\srvany.exe
2013-06-12 15:39 . 2013-06-12 15:39
vice.exe
2013-06-10 11:26 . 2013-03-23 23:03
m32\LMIRfsClientNP.dll
2013-06-10 11:26 . 2013-03-23 23:03
m32\LMIport.dll

-------26112

d-----w----a-w-

c:\progr
c:\windows\syste

--------

dc----w-

c:\windo

--------

d-----w-

c:\progr

66560

----a-w-

c:\windows\syste

--------

d-----w-

c:\progr

78185248

----a-w-

c:\windo

46080

----a-w-

c:\windows\syste

367616 ----a-w-

c:\windows\syste

295424 ----a-w-

c:\windows\SysWo

34304

----a-w-

c:\windows\SysWo

100864 ----a-w-

c:\windows\syste

70656

c:\windows\SysWo

----a-w-

Relatrio Find3M

)))))))))))))))))))))))

692104 ----a-w-

c:\windows\SysWo

71048

----a-w-

c:\windows\SysWo

274432 ----a-w-

c:\windows\SysWo

262144 ----a-w-

c:\windows\SysWo

253952 ----a-w-

c:\windows\SysWo

155648 ----a-w-

c:\windows\SysWo

469

----a-w-

c:\windows\del_h

867240 ----a-w-

c:\windows\SysWo

789416 ----a-w-

c:\windows\SysWo

96168

----a-w-

c:\windows\SysWo

8192

----a-w-

c:\windows\SysWo

77824

----a-w-

c:\windows\KMSer

107368 ----a-w-

c:\windows\syste

35656

c:\windows\syste

----a-w-

2013-06-10 11:26 . 2013-03-23 23:03


100680 ----a-wc:\windows\syste
m32\LMIinit.dll
2013-06-05 03:34 . 2013-07-23 13:21
3153920 ----a-wc:\windows\syste
m32\win32k.sys
2013-06-04 06:00 . 2013-07-23 13:20
624128 ----a-wc:\windows\syste
m32\qedit.dll
2013-06-04 04:53 . 2013-07-23 13:20
509440 ----a-wc:\windows\SysWo
w64\qedit.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))
)))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legtimas por padro no so apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceMa
nager\CS5ServiceManager.exe" [2010-07-23 402432]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [20
13-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusch
ed.exe" [2012-07-03 252848]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard
.exe" [2010-02-19 517096]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [201306-24 295512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\win
dows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\dri
vers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c
:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft
.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ofaApp;ofaApp;c:\program files (x86)\EFI\OFASQ\ofaApp.exe;c:\program files (x
86)\EFI\OFASQ\ofaApp.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\driver
s\dmvsc.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Co
mmon Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\pro
gram files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService
64.exe [x]
R3 hasplms;Sentinel Local License Manager;c:\windows\system32\hasplms.exe -run;
c:\windows\SYSNATIVE\hasplms.exe -run [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrv


WFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Inspeo de Rede da Microsoft;c:\program files\Microsoft Security Client\N
isSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\
Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engi
ne\OSE.EXE [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard
\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoa
rd.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATI
VE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD
.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\driver
s\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\a
tiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Auto
desk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\A
utodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 EFI ES1000;EFI ES1000;c:\program files (x86)\Common Files\EFI\EFI ES-1000 Ser
vice\ES1000Service.exe;c:\program files (x86)\Common Files\EFI\EFI ES-1000 Servi
ce\ES1000Service.exe [x]
S2 EFI License Manager;EFI License Manager;c:\program files (x86)\EFI\EFILM\lmgr
d.exe;c:\program files (x86)\EFI\EFILM\lmgrd.exe [x]
S2 Fiery Mailbox Synchronization;Fiery Mailbox Synchronization;c:\program files
(x86)\Fiery\Applications3\FieryRemoteScanApp\FRSMailboxSyncService.exe;c:\progra
m files (x86)\Fiery\Applications3\FieryRemoteScanApp\FRSMailboxSyncService.exe [
x]
S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvan
y.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianS
vc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x6
4\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexi
s\License Service\PsiService_2.exe;c:\program files\Common Files\Protexis\Licens
e Service\PsiService_2.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Ser
vice;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\p
rogram files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seag
ate\Seagate Dashboard\SeagateDashboardService.exe;c:\program files (x86)\Seagate
\Seagate Dashboard\SeagateDashboardService.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\wi
ndows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries ----------.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 12711
68]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\
UpdaterStartupUtility.exe" [2010-03-06 500208]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-1
6 57928]

"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-06


415680]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 1
12512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser64.dll
.
------- Scan Suplementar ------.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Enviar para o OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Ado
be\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3
000
TCP: DhcpNameServer = 201.6.2.70 201.6.2.30
FF - ProfilePath - c:\users\w7\AppData\Roaming\Mozilla\Firefox\Profiles\mw7yi21n
.default\
FF - prefs.js: browser.startup.homepage - www.google.com.br
FF - ExtSQL: 2013-07-01 08:47; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\progra
m files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - user.js: extensions.shownSelectionUI - true
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800
_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66
}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C
9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C
9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C
9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800
_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C40800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B
0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B
0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B
0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para concluso: 2013-08-30 16:44:42
ComboFix-quarantined-files.txt 2013-08-30 19:44
.
Pr-execuo: 43.356.303.360 bytes disponveis
Ps execuo: 43.345.874.944 bytes disponveis
.
- - End Of File - - 9383C98C1420E2B24635E2ECB248B177
A36C5E4F47E84449FF07ED3517B43A31

You might also like