Combo fix

ComboFix 13-02-15.01 - Red 16/02/2013 18:55:48.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.4095.3027 [GMT -3:00]
Executando de: c:usersRedDesktopComboFix.exe
FW: Outpost Firewall Pro *Disabled* {D4D1EAE8-EA68-0A9F-FEFA-AB61226EC615}
SP: Outpost Firewall Pro *Disabled/Updated* {578B8A29-863D-0449-EF15-
3926A73ACBD3}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras
Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:usersRedguefae.exe
c:windowsSysWow64muzapp.exe
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2013-01-16 to 2013-02-
16 ))))))))))))))))))))))))))))
.
.
2013-02-16 22:02 . 2013-02-16 22:02 -------- d-----w-
c:usersDefaultAppDataLocaltemp
2013-02-16 20:56 . 2013-01-31 08:19 203104 ----a-w-
c:windowssystem32driversssudmdm.sys
2013-02-16 20:56 . 2013-01-31 08:19 102368 ----a-w-
c:windowssystem32driversssudbus.sys
2013-02-16 20:51 . 2012-12-18 13:06 4659712 ----a-w-
c:windowsSysWow64Redemption.dll
2013-02-16 20:51 . 2012-12-18 13:06 821824 ----a-w-
c:windowsSysWow64dgderapi.dll
2013-02-16 20:50 . 2013-02-16 20:56 -------- d-----w- c:program files
(x86)Samsung
2013-02-16 20:50 . 2013-02-16 20:55 -------- d-----w-
c:programdataSamsung
2013-02-16 20:49 . 2013-02-16 20:49 -------- d-----w-
c:usersRedAppDataLocalDownloaded Installations
2013-01-19 16:31 . 2013-01-19 16:31 -------- d-----w-
c:usersRedAppDataRoamingNero
2013-01-19 15:21 . 2013-01-19 15:21 -------- d-----w-
c:usersRedAppDataLocalAVG Secure Search
2013-01-19 15:21 . 2013-01-21 13:01 -------- d-----w- c:programdataAVG
Secure Search
2013-01-19 15:21 . 2013-02-12 14:08 39768 ----a-w-
c:windowssystem32driversavgtpx64.sys
(x86)Common FilesAVG Secure Search
(x86)AVG Secure Search
2013-01-19 15:20 . 2013-01-19 15:20 -------- d--h--w- c:programdataCommon
Files
(x86)Common FilesNero
(x86)Nero
2013-01-19 15:19 . 2013-01-19 15:20 -------- d-----w- c:programdataNero
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório
Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-16 20:39 . 2012-08-11 22:04 32320 ----a-w-
c:windowssystem32driversFNETTBOH_305.SYS

2013-01-11 00:11 . 2012-08-12 01:20 697864 ----a-w-
c:windowsSysWow64FlashPlayerApp.exe
2013-01-11 00:11 . 2012-08-11 21:09 74248 ----a-w-
c:windowsSysWow64FlashPlayerCPLApp.cpl
2012-12-18 13:06 . 2012-12-18 13:06 90112 ----a-w-
c:windowsMAMCityDownload.ocx
2012-12-18 13:06 . 2012-12-18 13:06 330240 ----a-w-
c:windowsMASetupCaller.dll
2012-12-18 13:06 . 2012-12-18 13:06 30568 ----a-w-
c:windowsMusiccityDownload.exe
2012-12-18 13:06 . 2012-12-18 13:06 974848 ----a-w-
c:windowsSysWow64cis-2.4.dll
2012-12-18 13:06 . 2012-12-18 13:06 81920 ----a-w-
c:windowsSysWow64issacapi_bs-2.3.dll
2012-12-18 13:06 . 2012-12-18 13:06 65536 ----a-w-
c:windowsSysWow64issacapi_pe-2.3.dll
2012-12-18 13:06 . 2012-12-18 13:06 57344 ----a-w-
c:windowsSysWow64MTXSYNCICON.dll
2012-12-18 13:06 . 2012-12-18 13:06 57344 ----a-w-
c:windowsSysWow64MK_Lyric.dll
2012-12-18 13:06 . 2012-12-18 13:06 57344 ----a-w-
c:windowsSysWow64issacapi_se-2.3.dll
2012-12-18 13:06 . 2012-12-18 13:06 569344 ----a-w-
c:windowsSysWow64muzdecode.ax
2012-12-18 13:06 . 2012-12-18 13:06 491520 ----a-w-
c:windowsSysWow64muzapp.dll
2012-12-18 13:06 . 2012-12-18 13:06 49152 ----a-w-
c:windowsSysWow64MaJGUILib.dll
2012-12-18 13:06 . 2012-12-18 13:06 45320 ----a-w-
c:windowsSysWow64MAMACExtract.dll
2012-12-18 13:06 . 2012-12-18 13:06 45056 ----a-w-
c:windowsSysWow64MaXMLProto.dll
2012-12-18 13:06 . 2012-12-18 13:06 45056 ----a-w-
c:windowsSysWow64MACXMLProto.dll
2012-12-18 13:06 . 2012-12-18 13:06 40960 ----a-w-
c:windowsSysWow64MTTELECHIP.dll
2012-12-18 13:06 . 2012-12-18 13:06 352256 ----a-w-
c:windowsSysWow64MSLUR71.dll
2012-12-18 13:06 . 2012-12-18 13:06 258048 ----a-w-
c:windowsSysWow64muzoggsp.ax
2012-12-18 13:06 . 2012-12-18 13:06 245760 ----a-w-
c:windowsSysWow64MSCLib.dll
2012-12-18 13:06 . 2012-12-18 13:06 24576 ----a-w-
c:windowsSysWow64MASetupCleaner.exe
2012-12-18 13:06 . 2012-12-18 13:06 200704 ----a-w-
c:windowsSysWow64muzwmts.dll
2012-12-18 13:06 . 2012-12-18 13:06 155648 ----a-w-
c:windowsSysWow64MSFLib.dll
2012-12-18 13:06 . 2012-12-18 13:06 143360 ----a-w-
c:windowsSysWow643DAudio.ax
2012-12-18 13:06 . 2012-12-18 13:06 135168 ----a-w-
c:windowsSysWow64muzaf1.dll
2012-12-18 13:06 . 2012-12-18 13:06 131072 ----a-w-
c:windowsSysWow64muzmpgsp.ax
2012-12-18 13:06 . 2012-12-18 13:06 122880 ----a-w-
c:windowsSysWow64muzeffect.ax
2012-12-18 13:06 . 2012-12-18 13:06 118784 ----a-w-
c:windowsSysWow64MaDRM.dll
2012-12-18 13:06 . 2012-12-18 13:06 110592 ----a-w-
c:windowsSysWow64muzmp4sp.ax
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do
Registro )))))))))))))))))))))))))))))))))))))))

.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432Node~Browser Helper Objects{95B7759C-
8C7F-4BF1-B163-73684A933233}]
2013-02-12 14:08 1920688 ----a-w- c:program files (x86)AVG Secure
Search14.1.0.10AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:program files (x86)AVG Secure
Search14.1.0.10AVG Secure Search_toolbar.dll" [2013-02-12 1920688]
.
[HKEY_CLASSES_ROOTclsid{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOTAVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOTAVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"KiesPreload"="c:program files (x86)SamsungKiesKies.exe" [2012-12-20
1476104]
.
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionRun]
"KiesTrayAgent"="c:program files (x86)SamsungKiesKiesTrayAgent.exe" [2012-
12-20 310280]
.
c:programdataMicrosoftWindowsStart MenuProgramsStartup
Monitor Apache Servers.lnk - c:program files (x86)Apache Software
FoundationApache2.2binApacheMonitor.exe [2011-9-9 41051]
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows
ntcurrentversionwindows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:progra~1AgnitumOUTPOS~1wl_hook.dll
.
[HKEY_LOCAL_MACHINEsoftwarewow6432nodemicrosoftwindows
ntcurrentversiondrivers32]
"mixer3"=wdmaud.drv
.
R2 acssrv;Agnitum Client Security Service;c:progra~1AgnitumOUTPOS~1acs.exe
[2012-06-15 3268448]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:program files
(x86)FinalWireAIDA64 Extreme Editionkerneld.x64 [2012-05-30 28320]
R3 ASWFilt;ASWFilt;c:windowssystem32FiltASWFilt64.dll [2012-03-19 66184]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU
Ver.);c:windowssystem32DRIVERSssudbus.sys [2013-01-31 102368]
R3 FNETTBOH_305;FNETTBOH_305;c:windowssystem32driversFNETTBOH_305.SYS [2013-
02-16 32320]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU
Ver.);c:windowssystem32DRIVERSssudmdm.sys [2013-01-31 203104]
R3 X6va009;X6va009;c:windowsSysWOW64DriversX6va009 [x]
R4 NAUpdate;Nero Update;c:program files (x86)NeroUpdateNASvc.exe [2012-07-13
769432]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:program files
(x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2012-05-15 382272]
R4 vToolbarUpdater14.1.7;vToolbarUpdater14.1.7;c:program files (x86)Common
FilesAVG Secure SearchvToolbarUpdater14.1.7ToolbarUpdater.exe [2013-02-12
965296]
S1 afw;Agnitum Firewall Driver;c:windowssystem32DRIVERSafw.sys [2011-03-28

38488]
S1 avgtp;avgtp;c:windowssystem32driversavgtpx64.sys [2013-02-12 39768]
S1 FNETURPX;FNETURPX;c:windowssystem32driversFNETURPX.SYS [2012-08-11 15936]
S1 SandBox;SandBox;c:windowssystem32driversSandBox64.sys [2012-03-19
1266544]
S2 Apache2.2;Apache2.2;c:program files (x86)Apache Software
FoundationApache2.2binhttpd.exe [2011-09-09 20549]
S2 VBoxDrv;VBox Support Driver;c:program files
(x86)YouWave_AndroidvbVBoxDrv.sys [2011-11-20 202592]
S3 afwcore;afwcore;c:windowssystem32driversafwcore.sys [2012-06-14 445568]
S3 VIAHdAudAddService;VIA High Definition Audio Driver
Service;c:windowssystem32driversviahduaa.sys [2012-08-11 1196032]
.
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2013-02-16 c:windowsTasksAdobe Flash Player Updater.job
- c:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-08-12
00:11]
.
2013-02-16 c:windowsTasksROC_JAN2013_TB_rmv.job
- c:program files (x86)AVG Secure SearchPostInstallROC.exe [2013-01-31
02:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershellicon
overlayidentifiersOutpost]
@="{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A}"
[HKEY_CLASSES_ROOTCLSID{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A}]
2012-06-15 18:46 287408 ----a-w- c:program filesAgnitumOutpost
Firewall Proop_shell.dll
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"OutpostMonitor"="c:progra~1AgnitumOUTPOS~1op_mon.exe" [2012-06-15 4366392]
.
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
"AppInit_DLLs"=c:progra~1AgnitumOUTPOS~1wl_hook64.dll
.
------- Scan Suplementar -------
.
uLocal Page = c:windowssystem32blank.htm
uStart Page = about:blank
mStart Page = hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc-
100&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtByCzyyDtAyDyD0E0F0CtBtN0D0Tzu0StByEyDtN1L2Xzut
BtFtCtFtCtFtAtCtB&cr=902815487
mLocal Page = c:windowsSysWOW64blank.htm
IE: &Download by Orbit - c:program files (x86)Orbitdownloaderorbitmxt.dll/201
IE: &Grab video by Orbit - c:program files
(x86)Orbitdownloaderorbitmxt.dll/204
IE: Baixar com Mipony - file://c:program files
(x86)MiPonyBrowserIEContext.htm
IE: Do&wnload selected by Orbit - c:program files
IE: Down&load all by Orbit - c:program files
LSP: %SystemRoot%system32PrxerDrv.dll
TCP: DhcpNameServer = 192.168.1.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:program files
(x86)Common FilesAVG Secure SearchViProtocolInstaller14.1.7ViProtocol.dll
FF - ProfilePath -
c:usersRedAppDataRoamingMozillaFirefoxProfilesf38n2r7c.default

FF - ExtSQL: 2013-01-19 13:21; avg@toolbar; c:programdataAVG Secure
SearchFireFoxExt14.1.0.10
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?
f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtByCzyyDtAyDyD0E0F0CtBtN
0D0Tzu0StBtAyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1335891272
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?
0D0Tzu0StBtAyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1335891272
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?
0D0Tzu0StBtAyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1335891272&q=
FF - user.js: extensions.funmoods.id - 002522695355EFC2
FF - user.js: extensions.funmoods.instlDay - 15577
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2219:36
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - ironpub
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - ironpub
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl -
hxxp://search.babylon.com/?
babsrc=TB_def&mntrId=fce4efc2000000000000002522695355&q=
FF - user.js: extensions.BabylonToolbar.id - fce4efc2000000000000002522695355
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-
F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15585
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1211:28
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110808&tt=3512_8
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.hmpgUrl - hxxp://www.searchya.com/?
s=0&a=foxtab&chnl=tc-
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - Search

FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - true
FF - user.js: extensions.searchya.newTabUrl - hxxp://www.searchya.com/?
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://www.searchya.com/?
BtFtCtFtCtFtAtCtB&cr=902815487&q=
FF - user.js: extensions.searchya.id - 002522695355EFC2
FF - user.js: extensions.searchya.instlDay - 15585
FF - user.js: extensions.searchya.vrsn - 1.5.25.0
FF - user.js: extensions.searchya.vrsni - 1.5.25.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.5.25.011:37
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - foxtab
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef - tc-100
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya.autoRvrt - false
FF - user.js: extensions.searchya.envrmnt - production
FF - user.js: extensions.searchya.isdcmntcmplt - true
FF - user.js: extensions.searchya.mntrvrsn - 1.3.0
.
- - - - ORFÃOS REMOVIDOS - - - -
.
BHO-{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -
c:progra~2Funmoods1.5.23.22bhescort.dll
Toolbar-{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -
c:progra~2Funmoods1.5.23.22escorTlbr.dll
Wow6432Node-HKCU-Run-KiesAirMessage - c:program files
(x86)SamsungKiesKiesAirMessage.exe
.
.
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001servicesAIDA64Driver]
"ImagePath"="??c:program files (x86)FinalWireAIDA64 Extreme
Editionkerneld.x64"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001servicesX6va009]
"ImagePath"="??c:windowsSysWOW64DriversX6va009"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{73C9DFA0-750D-11E1-B0C4-
0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:Windowssystem32MacromedFlashFlashUtil64_11_5_502
_110_ActiveX.exe,-101"
.
0800200C9A66}Elevation]
"Enabled"=dword:00000001
.
0800200C9A66}LocalServer32]
@="c:Windowssystem32MacromedFlashFlashUtil64_11_5_502_110_ActiveX.exe"
.

0800200C9A66}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesInterface{6AE38AE0-750C-11E1-B0C4-
0800200C9A66}]
@="IFlashBroker5"
.
0800200C9A66}ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{73C9DFA0-750D-11E1-B0C4-
0800200C9A66}]
@="FlashBroker"
"LocalizedString"="@c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502
_110_ActiveX.exe,-101"
.
0800200C9A66}Elevation]
"Enabled"=dword:00000001
.
0800200C9A66}LocalServer32]
@="c:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_110_ActiveX.exe"
.
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB6E-AE6D-11cf-96B8-
444553540000}]
@="Shockwave Flash Object"
.
444553540000}InprocServer32]
@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
444553540000}MiscStatus]
@="0"
.
444553540000}ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
444553540000}ToolboxBitmap32]
@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_110.ocx, 1"
.
444553540000}TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
444553540000}Version]

@="1.0"
.
444553540000}VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeCLSID{D27CDB70-AE6D-11cf-96B8-
444553540000}]
@="Macromedia Flash Factory Object"
.
444553540000}InprocServer32]
@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
444553540000}ProgID]
@="FlashFactory.FlashFactory.1"
.
444553540000}ToolboxBitmap32]
@="c:WindowsSysWOW64MacromedFlashFlash32_11_5_502_110.ocx, 1"
.
444553540000}TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
444553540000}Version]
@="1.0"
.
444553540000}VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINESOFTWAREClassesWow6432NodeInterface{6AE38AE0-750C-11E1-
B0C4-0800200C9A66}]
@="IFlashBroker5"
.
B0C4-0800200C9A66}ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
B0C4-0800200C9A66}TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlClass{4D36E96D-E325-11CE-BFC1-
08002BE10318}0000AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlPCWSecurity]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2013-02-16 19:05:27
ComboFix-quarantined-files.txt 2013-02-16 22:05
.
Pré-execução: 83.803.574.272 bytes disponíveis

Pós execução: 88.894.566.400 bytes disponíveis
.
- - End Of File - - 3D19EA6D09A1C6663E6BC8E5F7A04275

Combo fix

Recommended

Recommended

More Related Content

What's hot

What's hot (17)

Viewers also liked

Viewers also liked (9)

Similar to Combo fix

Similar to Combo fix (20)

Combo fix