Paczki, malware, złośliwe pliki, linki itp.

[tomatto007]

96 files - Identified as malicious on VT

Treść widoczna jedynie dla zarejestrowanych użytkowników

[lukmaciej]

96 files - Identified as malicious on VT

Treść widoczna jedynie dla zarejestrowanych użytkowników

FortiClient 5.0 - 76/96 (79.16%)

[myciu1974]

96 files - Identified as malicious on VT

Treść widoczna jedynie dla zarejestrowanych użytkowników

Emsi 78/96

[Bergo]

96 files - Identified as malicious on VT

Treść widoczna jedynie dla zarejestrowanych użytkowników

Gdata
80/96

[Fr3shMak3r]

Treść widoczna jedynie dla zarejestrowanych użytkowników

Zobaczcie jeszcze to :

Treść widoczna jedynie dla zarejestrowanych użytkowników

Google Chrome blokujeale czy strona działa to nie wiem bo nie mam na razie wirtualnej maszyny.

[Bergo]

Treść widoczna jedynie dla zarejestrowanych użytkowników

Gdata blocked!

[buri]

Zobaczcie jeszcze to :

Treść widoczna jedynie dla zarejestrowanych użytkowników

Opera blokuje przed wejściem.

[McAlex]

Adware z komputera dziecka. Avg krzyczy i wykrywa kilka zainfekowanych plików. Na VT jak zawsze Dr.Web i Eset identyfikują tego typu infekcję.

Treść widoczna jedynie dla zarejestrowanych użytkowników

[Aby zobaczyć linki, zarejestruj się tutaj]

[polak900]

safari block po kliknięciu, jak odblokuje avast blokuje ochroną www

[tachion]

Adware z komputera dziecka. Avg krzyczy i wykrywa kilka zainfekowanych plików. Na VT jak zawsze Dr.Web i Eset identyfikują tego typu infekcję.

Treść widoczna jedynie dla zarejestrowanych użytkowników

[Aby zobaczyć linki, zarejestruj się tutaj]

Wykonanie

Dodanie plików
+ C:\Program Files\MocaFlix\sprotector.dll
+ C:\Program Files\MocaFlix\uninstall.exe
+ C:\Program Files\Optimizer Pro\file_id.diz
+ C:\Program Files\Optimizer Pro\HomePage.url
+ C:\Program Files\Optimizer Pro\OptimizerPro.chm
+ C:\Program Files\Optimizer Pro\OptimizerPro.exe
+ C:\Program Files\Optimizer Pro\OptProGuard.exe
+ C:\Program Files\Optimizer Pro\OptProLauncher.exe
+ C:\Program Files\Optimizer Pro\OptProReminder.exe
+ C:\Program Files\Optimizer Pro\OptProSchedule.exe
+ C:\Program Files\Optimizer Pro\OptProSmartScan.exe
+ C:\Program Files\Optimizer Pro\OptProStart.exe
+ C:\Program Files\Optimizer Pro\OptProUninstaller.exe
+ C:\Program Files\Optimizer Pro\Polish.ini
+ C:\Program Files\Optimizer Pro\scan.gif
+ C:\Program Files\Optimizer Pro\sqlite3.dll
+ C:\Program Files\Optimizer Pro\unins000.dat
+ C:\Program Files\Optimizer Pro\unins000.exe
~ C:\Windows\system32\CatRoot2\edb.chk
? C:\Windows\system32\CatRoot2\edb.log
? C:\Windows\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
? C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
+ C:\Windows\Tasks\OptimizerProUpdaterTask{C5F9E876-3A2D-433E-B09F-9FCEFA8677E1}.job
+ C:\ProgramData\InstallMate\OptimizerPro\Setup.dat
+ C:\ProgramData\InstallMate\OptimizerPro\Setup.exe
+ C:\ProgramData\InstallMate\OptimizerPro\Setup.ico
+ C:\ProgramData\InstallMate\OptimizerPro\TsuDll.dll
+ C:\ProgramData\InstallMate\OptimizerPro\_Setup.dll
+ C:\ProgramData\InstallMate\OptimizerPro\_Setupx.dll
+ C:\ProgramData\InstallMate\{4C0021AE-9948-6934-8BDF-D16A97E30358}\20121203201353.log
+ C:\ProgramData\InstallMate\{4C0021AE-9948-6934-8BDF-D16A97E30358}\Setup.dat
+ C:\ProgramData\InstallMate\{4C0021AE-9948-6934-8BDF-D16A97E30358}\Setup.exe
+ C:\ProgramData\InstallMate\{4C0021AE-9948-6934-8BDF-D16A97E30358}\Setup.ico
+ C:\ProgramData\InstallMate\{4C0021AE-9948-6934-8BDF-D16A97E30358}\TsuDll.dll
+ C:\ProgramData\InstallMate\{4C0021AE-9948-6934-8BDF-D16A97E30358}\_Setup.dll
+ C:\ProgramData\InstallMate\{4C0021AE-9948-6934-8BDF-D16A97E30358}\_Setupx.dll
+ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Deinstalacja programu Optimizer Pro.lnk
+ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Optimizer Pro.lnk
+ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Pomoc.lnk
+ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Strona WWW programu Optimizer Pro.lnk
+ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs\SaveAs.lnk
+ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveAs\Uninstall.lnk
+ C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe
+ C:\ProgramData\Premium\OptimizerPro\profile.ini
+ C:\ProgramData\SaveAs\50bcfb3ec0a19.ocx
+ C:\ProgramData\SaveAs\50bcfb3ec0a52.html
+ C:\ProgramData\SaveAs\50bcfb3ec0a8b.js
+ C:\ProgramData\SaveAs\nobapmapofcgmmkfimjcoolmbflfhefb.crx
+ C:\ProgramData\SaveAs\settings.ini
+ C:\ProgramData\SaveAs\uninstall.exe
~ C:\Users\tachion\AppData\Local\Comodo\Dragon\User Data\Default\Preferences
~ C:\Users\tachion\AppData\Local\Comodo\Dragon\User Data\Default\Web Data
- C:\Users\tachion\AppData\Local\Comodo\Dragon\User Data\Default\Web Data-journal
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Archived History
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Bookmarks
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Cache\index
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Cookies
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Current Session
- C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Extension State\000474.log
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Extension State\000476.sst
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Extension State\000477.log
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Extension State\CURRENT
= C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOCK
- C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000472
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000475
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Favicons
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\History
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-09
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-09-journal
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-10
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-10-journal
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-11
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-11-journal
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\History-journal
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\869C.tmp
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\JumpListIcons\869D.tmp
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\818.tmp
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\JumpListIconsOld\819.tmp
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Last Session
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Login Data
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal
= C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Managed Mode Settings
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
= C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Origin Bound Certs
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Preferences
- C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000262.log
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000265.sst
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000266.log
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT
= C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOCK
- C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000260
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000264
= C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Shortcuts
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Sync Data\SyncData.sqlite3-journal
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Top Sites
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\TransportSecurity
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Visited Links
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Web Data
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Local State
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Prefix Set
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies
+ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Safe Browsing Cookies-journal
= C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist
~ C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Safe Browsing Download
= C:\Users\tachion\AppData\Local\Google\Chrome\User Data\Safe Browsing Download Whitelist
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0CP0E6I2\1[1] .txt
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0CP0E6I2\2[1] .txt
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0CP0E6I2\50bcfb3ed836f[1] .exe
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0CP0E6I2\agent_setup[1] .exe
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VAF4WZE\5[1] .txt
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VAF4WZE\6_1[1] .txt
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VAF4WZE\8[1] .txt
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VAF4WZE\v_grey[1] .jpg
= C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOJ1PQG9\4[1] .txt
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOJ1PQG9\hunt_logo[1] .jpg
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOJ1PQG9\optimizerpro_ala5[1] .exe
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOJ1PQG9\search_defender_alternate_166[1] .exe
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NN8XOMR8\3[1] .txt
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NN8XOMR8\6[1] .txt
+ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NN8XOMR8\7[1] .txt
~ C:\Users\tachion\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
~ C:\Users\tachion\AppData\Local\Microsoft\Windows\WebCache\V01.chk
? C:\Users\tachion\AppData\Local\Microsoft\Windows\WebCache\V01.log
? C:\Users\tachion\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
- C:\Users\tachion\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.tmp
+ C:\Users\tachion\AppData\LocalLow\COMODO\CertSentry\20121203191804_5504.log
+ C:\Users\tachion\AppData\LocalLow\COMODO\CertSentry\20121203191947_5504.log
= C:\Users\tachion\AppData\LocalLow\COMODO\CertSentry\issuers.sst
~ C:\Users\tachion\AppData\LocalLow\COMODO\CertSentry\subjects.sst
= C:\Users\tachion\AppData\Roaming\Microsoft\Windows\Cookies\container.dat
~ C:\Users\tachion\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\2523057645c9db74.customDestinations-ms
+ C:\Users\tachion\Desktop\Optimizer Pro.lnk

Dodanie i zmiana kluczy w rejestrze

machine\software\classes\50bcfb3ec0a19.ocx.50bcfb3ec0a19.ocx= SaveAs
machine\software\classes\50bcfb3ec0a19.ocx.50bcfb3ec0a19.ocx\CLSID= {C5A08D89-B926-528E-8472-DBF8DCD05CA1}
machine\software\classes\50bcfb3ec0a19.ocx.50bcfb3ec0a19.ocx\CurVer= 50bcfb3ec0a19.ocx.2
machine\software\classes\50bcfb3ec0a19.ocx.50bcfb3ec0a19.ocx.2= SaveAs
machine\software\classes\50bcfb3ec0a19.ocx.50bcfb3ec0a19.ocx.2\CLSID= {C5A08D89-B926-528E-8472-DBF8DCD05CA1}

machine\software\classes\clsid\{C5A08D89-B926-528E-8472-DBF8DCD05CA1}= SaveAs Class
machine\software\classes\clsid\{C5A08D89-B926-528E-8472-DBF8DCD05CA1}\InprocServer32= C:\ProgramData\SaveAs\50bcfb3ec0a19.ocx
machine\software\classes\clsid\{C5A08D89-B926-528E-8472-DBF8DCD05CA1}\InprocServer32\ThreadingModel = Apartment
machine\software\classes\clsid\{C5A08D89-B926-528E-8472-DBF8DCD05CA1}\ProgID= 50bcfb3ec0a19.ocx.2
machine\software\classes\clsid\{C5A08D89-B926-528E-8472-DBF8DCD05CA1}\Programmable = created registry key
machine\software\classes\clsid\{C5A08D89-B926-528E-8472-DBF8DCD05CA1}\VersionIndependentProgID= 50bcfb3ec0a19.ocx

machine\software\classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}= IIEPluginStorage
machine\software\classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\ProxyStubClsid= {00020424-0000-0000-C000-000000000046}
machine\software\classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\ProxyStubClsid32= {00020424-0000-0000-C000-000000000046}
machine\software\classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\TypeLib= {E2343056-CC08-46AC-B898-BFC7ACF4E755}
machine\software\classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}\TypeLib\Version = 1.0
machine\software\classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}= IIEPluginBHO
machine\software\classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}\ProxyStubClsid= {00020424-0000-0000-C000-000000000046}
machine\software\classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}\ProxyStubClsid32= {00020424-0000-0000-C000-000000000046}
machine\software\classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}\TypeLib= {E2343056-CC08-46AC-B898-BFC7ACF4E755}
machine\software\classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}\TypeLib\Version = 1.0

machine\software\classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0= IEPluginLib
machine\software\classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\0\win32= C:\ProgramData\SaveAs\50bcfb3ec0a19.ocx
machine\software\classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\FLAGS= 0
machine\software\classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}\1.0\HELPDIR= C:\ProgramData\SaveAs

machine\software\Google\Chrome\Extensions\nobapmapofcgmmkfimjcoolmbflfhefb\path = C:\ProgramData\SaveAs\nobapmapofcgmmkfimjcoolmbflfhefb.crx
machine\software\Google\Chrome\Extensions\nobapmapofcgmmkfimjcoolmbflfhefb\version = 2

machine\software\microsoft\Internet Explorer\Main\Start Page =

[Aby zobaczyć linki, zarejestruj się tutaj]

machine\software\microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\DisplayName = WebSearch
machine\software\microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\FaviconURL =

[Aby zobaczyć linki, zarejestruj się tutaj]

machine\software\microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\FaviconURLFallback =

[Aby zobaczyć linki, zarejestruj się tutaj]

machine\software\microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\URL =

[Aby zobaczyć linki, zarejestruj się tutaj]

{searchTerms}

machine\software\microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5A08D89-B926-528E-8472-DBF8DCD05CA1}= SaveAs
machine\software\microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5A08D89-B926-528E-8472-DBF8DCD05CA1}\NoExplorer = 00000001

machine\software\microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{C5A08D89-B926-528E-8472-DBF8DCD05CA1} = 1

machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\Inno Setup: Setup Version = 5.3.5 (a)
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\Inno Setup: App Path = C:\Program Files\Optimizer Pro
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\InstallLocation = C:\Program Files\Optimizer Pro\
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\Inno Setup: Icon Group = Optimizer Pro
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\Inno Setup: User = tachion
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\Inno Setup: Selected Tasks = desktopicon
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\DisplayName = Optimizer Pro v3.0
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\UninstallString = "C:\Program Files\Optimizer Pro\unins000.exe"
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\QuietUninstallString = "C:\Program Files\Optimizer Pro\unins000.exe" /SILENT
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\DisplayVersion = 3.0
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\Publisher = PC Utilities Pro
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\URLInfoAbout =

[Aby zobaczyć linki, zarejestruj się tutaj]

machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\HelpLink =

[Aby zobaczyć linki, zarejestruj się tutaj]

machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\URLUpdateInfo =

[Aby zobaczyć linki, zarejestruj się tutaj]

machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\NoModify = 00000001
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\NoRepair = 00000001
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\InstallDate = 20121203
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\MajorVersion = 00000003
machine\software\microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1\CategoryName = OptimizerPro
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\UninstallString = C:\ProgramData\InstallMate\OptimizerPro\Setup.exe /remove /q0
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\QuietUninstallString = C:\ProgramData\InstallMate\OptimizerPro\Setup.exe /remove /q
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\ModifyPath = C:\ProgramData\InstallMate\OptimizerPro\Setup.exe /q0
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\Version = 01000000
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\VersionMajor = 00000001
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\EstimatedSize = 000000E4
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\Language = 00000409
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\TSAware = 00000001
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\TinFolder = C:\ProgramData\InstallMate\OptimizerPro
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\TinVersion = 7022
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\InstallDate = 20111203
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\InstallLocation = C:\ProgramData\Premium\OptimizerPro
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\InstallSource = C:\Users\tachion\AppData\Local\Temp\{4C0021AE-9948-6934-8BDF-D16A97E30358}\Addons
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\DisplayIcon = C:\ProgramData\InstallMate\OptimizerPro\Setup.ico
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\DisplayName = OptimizerPro
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\DisplayVersion = 1.0
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\Publisher = Premium
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\TizPath = C:\Users\tachion\AppData\Local\Temp\{4C0021AE-9948-6934-8BDF-D16A97E30358}\Addons\agent_setup.exe
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\CategoryName = OptimizerPro
machine\software\microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro\States = created registry key
machine\software\microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15\DisplayName = Search Assistant MocaFlix 1.66
machine\software\microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15\UninstallString = "C:\Program Files\MocaFlix\uninstall.exe" /FULLPATH="C:\Program Files\MocaFlix"
machine\software\microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15\QuietUninstallString = "C:\Program Files\MocaFlix\uninstall.exe" /S /FULLPATH="C:\Program Files\MocaFlix"
machine\software\microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15\NoModify = 00000001
machine\software\microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15\NoRepair = 00000001
machine\software\microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15\CategoryName = MocaFlix
machine\software\microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15\InstallDate = 20111203
machine\software\microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786}\DisplayName = SaveAs
machine\software\microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786}\Publisher = SaveAs
machine\software\microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786}\URLInfoAbout =

[Aby zobaczyć linki, zarejestruj się tutaj]

machine\software\microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786}\DisplayIcon = C:\ProgramData\SaveAs\uninstall.exe
machine\software\microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786}\UninstallString = "C:\ProgramData\SaveAs\uninstall.exe" /path=C:\ProgramData\SaveAs
machine\software\microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786}\InstallDate = 20111203
machine\software\microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786}\NoModify = 00000001
machine\software\microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786}\NoRepair = 00000001
machine\software\microsoft\Windows\CurrentVersion\Uninstall\{16726771-C380-4280-BAF9-1223B3838786}\CategoryName = SaveAs
machine\software\microsoft\Windows\CurrentVersion\Uninstall\{61880DB4-2199-3AF4-09A1-38802E254618}\TizPath = C:\Users\tachion\Desktop\SaveAs (1).exe
machine\software\microsoft\Windows\CurrentVersion\Uninstall\{61880DB4-2199-3AF4-09A1-38802E254618}\States = created registry key
machine\software\microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs = prio.dll c:\program files\mocaflix\sprotector.dll

machine\software\SP Global\6d682d83 = c:\program files\mocaflix\sprotector.dll

machine\software\SProtector\_56ec1d15\version = 0142046D
machine\software\SProtector\_56ec1d15\uuid = ad9fe2d6-c890cc98-e5bf0906-01cdd18a
machine\software\SProtector\_56ec1d15\date = 1354562275
machine\software\SProtector\_56ec1d15\uiid = 50bb4608087865.16104274
machine\software\SProtector\_56ec1d15\usid = {4C0021AE-9948-6934-8BDF-D16A97E30358}
machine\software\SProtector\_56ec1d15\upid = 378
machine\software\SProtector\_56ec1d15\Install_Dir = C:\Program Files\MocaFlix
machine\software\SProtector\_56ec1d15\0caebbe2\d7cea243 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6////%
machine\software\SProtector\_56ec1d15\0caebbe2\fd0dde78 = KlAu/XZ/JlAu/XD/bxAs/Xx////%
machine\software\SProtector\_56ec1d15\0caebbe2\b2cc84ee = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6/OlAm/Ch/VP/v/YD/OP////%%
machine\software\SProtector\_56ec1d15\2038a74d\d7cea243 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6////%
machine\software\SProtector\_56ec1d15\2038a74d\ef34a9f6 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6////%
machine\software\SProtector\_56ec1d15\2038a74d\f176879d = GxAy/Xl/blAu////
machine\software\SProtector\_56ec1d15\2038a74d\64fc053d = M/////%%
machine\software\SProtector\_56ec1d15\2038a74d\51652492 = ///%
machine\software\SProtector\_56ec1d15\2038a74d\b2cc84ee = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6/OlAm/Ch/VP/v/YD/OPA5/YV/GPAy/YZ/FlAq/WP/GPAf/Xh/blA7////
machine\software\SProtector\_56ec1d15\2038a74d\05502537 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6/GxAy/YF/HPAs/X6/ax/j/Xt/FlAk////
machine\software\SProtector\_56ec1d15\2038a74d\fd0dde78 = KlAu/XZ/JlAu/XD/bxAs/Xx////%
machine\software\SProtector\_56ec1d15\2038a74d\dd0d121e = KlAu/XZ/JlAu/XD/bxAs/Xx////%
machine\software\SProtector\_56ec1d15\2038a74d\bae2dcf8 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6/OlAm/Ch/VP/v/YD/OPA5/YV/GPAy/YZ/FlAq/WP/GPAf/Xh/blA7////
machine\software\SProtector\_56ec1d15\7fe0f877\d7cea243 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6////%
machine\software\SProtector\_56ec1d15\7fe0f877\fd0dde78 = dlAB/DZ/Ml/h/DP/QP/+/Ct/UPAB/DV/M/AC/Bh/M//e/Cb/Vx/i/Ct/PPAC/CP/UP/1/CV/Vl/e/CJ/Qx/1/CD/PlAX/DF/QPA7////
machine\software\SProtector\_56ec1d15\7fe0f877\b2cc84ee = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6/OlAm/Ch/VP/v/YD/OPA5/YV/GPAy/YZ/FlAq/WP/GPAf/Xh/blA7////
machine\software\SProtector\_56ec1d15\eae10f9d\340d3099 = /P////%%
machine\software\SProtector\_56ec1d15\eae10f9d\0c230bcb = ///%
machine\software\SProtector\_56ec1d15\eae10f9d\414bc593 = ///%
machine\software\SProtector\_56ec1d15\eae10f9d\f0bf0bde = ///%
machine\software\SProtector\_56ec1d15\eae10f9d\72758a5d = /P////%%
machine\software\SProtector\_56ec1d15\eae10f9d\e46c271e = ///%
machine\software\SProtector\_56ec1d15\eae10f9d\b10ed930 = ///%
machine\software\SProtector\_56ec1d15\eae10f9d\d94388d2 = clA1/Yb/UxAh/YZ/FPAs/Xm/axAm/B2/HPAj/XF/al////%%
machine\software\SProtector\_56ec1d15\eae10f9d\37b7a6d8 = UlAp/X2/blAh/XD/a/Am/Xh/FPAh/XJ/UlAl/Xx/b//k/YV/b/Af/X6/c/Au/XV/c/Ak/YZ/UxAl/Xx/b/////%%

user\current\software\AppDataLow\SProtector\_56ec1d15\uuid = ad9fe2d6-c890cc98-e5bf0906-01cdd18a
user\current\software\AppDataLow\SProtector\_56ec1d15\date = 1354562275
user\current\software\AppDataLow\SProtector\_56ec1d15\uiid = 50bb4608087865.16104274
user\current\software\AppDataLow\SProtector\_56ec1d15\usid = {4C0021AE-9948-6934-8BDF-D16A97E30358}
user\current\software\AppDataLow\SProtector\_56ec1d15\upid = 378
user\current\software\AppDataLow\SProtector\_56ec1d15\0caebbe2\d7cea243 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6////%
user\current\software\AppDataLow\SProtector\_56ec1d15\0caebbe2\fd0dde78 = KlAu/XZ/JlAu/XD/bxAs/Xx////%
user\current\software\AppDataLow\SProtector\_56ec1d15\0caebbe2\b2cc84ee = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6/OlAm/Ch/VP/v/YD/OP////%%
user\current\software\AppDataLow\SProtector\_56ec1d15\2038a74d\d7cea243 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6////%
user\current\software\AppDataLow\SProtector\_56ec1d15\2038a74d\ef34a9f6 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6////%
user\current\software\AppDataLow\SProtector\_56ec1d15\2038a74d\f176879d = GxAy/Xl/blAu////
user\current\software\AppDataLow\SProtector\_56ec1d15\2038a74d\64fc053d = M/////%%
user\current\software\AppDataLow\SProtector\_56ec1d15\2038a74d\51652492 = ///%
user\current\software\AppDataLow\SProtector\_56ec1d15\2038a74d\b2cc84ee = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6/OlAm/Ch/VP/v/YD/OPA5/YV/GPAy/YZ/FlAq/WP/GPAf/Xh/blA7////
user\current\software\AppDataLow\SProtector\_56ec1d15\2038a74d\05502537 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6/GxAy/YF/HPAs/X6/ax/j/Xt/FlAk////
user\current\software\AppDataLow\SProtector\_56ec1d15\2038a74d\fd0dde78 = KlAu/XZ/JlAu/XD/bxAs/Xx////%
user\current\software\AppDataLow\SProtector\_56ec1d15\2038a74d\dd0d121e = KlAu/XZ/JlAu/XD/bxAs/Xx////%
user\current\software\AppDataLow\SProtector\_56ec1d15\2038a74d\bae2dcf8 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6/OlAm/Ch/VP/v/YD/OPA5/YV/GPAy/YZ/FlAq/WP/GPAf/Xh/blA7////
user\current\software\AppDataLow\SProtector\_56ec1d15\7fe0f877\d7cea243 = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6////%
user\current\software\AppDataLow\SProtector\_56ec1d15\7fe0f877\fd0dde78 = dlAB/DZ/Ml/h/DP/QP/+/Ct/UPAB/DV/M/AC/Bh/M//e/Cb/Vx/i/Ct/PPAC/CP/UP/1/CV/Vl/e/CJ/Qx/1/CD/PlAX/DF/QPA7////
user\current\software\AppDataLow\SProtector\_56ec1d15\7fe0f877\b2cc84ee = H/Ah/YP/b//4/B6/UlA1/XJ/FxAg/XJ/FPAf/XV/H//j/Xh/alAs/XD/GxAm/Xt/d//j/XV/alAi/B6/OlAm/Ch/VP/v/YD/OPA5/YV/GPAy/YZ/FlAq/WP/GPAf/Xh/blA7////
user\current\software\AppDataLow\SProtector\_56ec1d15\eae10f9d\340d3099 = /P////%%
user\current\software\AppDataLow\SProtector\_56ec1d15\eae10f9d\0c230bcb = ///%
user\current\software\AppDataLow\SProtector\_56ec1d15\eae10f9d\414bc593 = ///%
user\current\software\AppDataLow\SProtector\_56ec1d15\eae10f9d\f0bf0bde = ///%
user\current\software\AppDataLow\SProtector\_56ec1d15\eae10f9d\72758a5d = /P////%%
user\current\software\AppDataLow\SProtector\_56ec1d15\eae10f9d\e46c271e = ///%
user\current\software\AppDataLow\SProtector\_56ec1d15\eae10f9d\b10ed930 = ///%
user\current\software\AppDataLow\SProtector\_56ec1d15\eae10f9d\51d2f2ea = JlAu/XD/bxAs/Xx/Z/AA/YV/blAp/YV/c/Ay/X2/c//x/Dh/alAs/XD/QxAm/Xt/d//x/CD/Ux/0/CF////%
user\current\software\AppDataLow\SProtector\_56ec1d15\eae10f9d\d94388d2 = clA1/Yb/UxAh/YZ/FPAs/Xm/axAm/B2/HPAj/XF/al////%%
user\current\software\AppDataLow\SProtector\_56ec1d15\eae10f9d\37b7a6d8 = UlAp/X2/blAh/XD/a/Am/Xh/FPAh/XJ/UlAl/Xx/b//k/YV/b/Af/X6/c/Au/XV/c/Ak/YZ/UxAl/Xx/b/////%%
user\current\software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}\lastrun = 12999035881791026
user\current\software\Microsoft\Internet Explorer\Main\Start Page =

[Aby zobaczyć linki, zarejestruj się tutaj]

user\current\software\Microsoft\Internet Explorer\SearchScopes\DefaultScope = {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
user\current\software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\DisplayName = WebSearch
user\current\software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\FaviconURL =

[Aby zobaczyć linki, zarejestruj się tutaj]

user\current\software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\FaviconURLFallback =

[Aby zobaczyć linki, zarejestruj się tutaj]

user\current\software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\URL =

[Aby zobaczyć linki, zarejestruj się tutaj]

{searchTerms}

user\current\software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeout = 000927C0
user\current\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings = 460000003403000009000000110000003137382E34382E322E3233373A3830383000000000000000000400000000000000C82256B710B6CD010000000000000000000000000200000002000000C0A8380100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A80104000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
user\current\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings = 460000002F01000009000000110000003137382E34382E322E3233373A3830383000000000000000000400000000000000C82256B710B6CD010000000000000000000000000200000002000000C0A8380100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000C0A80104000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
user\current\software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{E1FE5FA9-DE71-46CA-9D03-BC1526EDA415}_{FCC5451A-F56D-4EEA-8DE4-A073F089FCA1}\WpadDecisionTime = 2884DDE78AD1CD01
user\current\software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{E1FE5FA9-DE71-46CA-9D03-BC1526EDA415}_{FCC5451A-F56D-4EEA-8DE4-A073F089FCA1}\WpadNetworkName = Sie
niezidentyfikowana
user\current\software\Microsoft\Windows\CurrentVersion\Run\Optimizer Pro = C:\Program Files\Optimizer Pro\OptProLauncher.exe

user\current\software\Optimizer Pro\DelayedStart = 0000000F
user\current\software\Optimizer Pro\AdsDownloadURL =

[Aby zobaczyć linki, zarejestruj się tutaj]

user\current\software\Optimizer Pro\AdsBuyNowURL =

[Aby zobaczyć linki, zarejestruj się tutaj]

user\current\software\Optimizer Pro\UseAds = 00000001
user\current\software\Optimizer Pro\UninstallURL =

[Aby zobaczyć linki, zarejestruj się tutaj]

user\current\software\Optimizer Pro\SupportURL =

[Aby zobaczyć linki, zarejestruj się tutaj]

user\current\software\Optimizer Pro\BuyNowURL =

[Aby zobaczyć linki, zarejestruj się tutaj]

user\current\software\Optimizer Pro\HomePageURL =

[Aby zobaczyć linki, zarejestruj się tutaj]

user\current\software\Optimizer Pro\SetupName = C:\Windows\Temp\RegistryOptimizer.exe
user\current\software\Optimizer Pro\Language = 0000000A
user\current\software\Optimizer Pro\wpdata\publisher = 378
user\current\software\Optimizer Pro\wpdata\date = 2012/12/03

user\current_classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Sandbox\tachion\DefaultBox\drive\C\Windows\Temp\RegistryOptimizer.exe = Fix PC problems and optimize performance
user\current_classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Sandbox\tachion\DefaultBox\user\current\AppData\Local\Temp\is-KABFF.tmp\RegistryOptimizer.tmp = Setup/Uninstall
user\current_classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Sandbox\tachion\DefaultBox\drive\C\Program Files\Optimizer Pro\OptProStart.exe = Optimizer Pro Launcher
user\current_classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Sandbox\tachion\DefaultBox\user\current\AppData\Local\Temp\{4C0021AE-9948-6934-8BDF-D16A97E30358}\Addons\agent_setup.exe = Installer
user\current_classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Windows\System32\cmd.exe = Procesor poleceD
systemu Windows
user\current_classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\tachion\AppData\Local\Google\Chrome\Application\chrome.exe = Google Chrome

Do tego jeszcze adresy
Internet connection: Connects to "173.194.65.125" on port 5222.
Internet connection: Connects to "173.194.70.100" on port 443.
Internet connection: Connects to "173.194.70.101" on port 443.
Internet connection: Connects to "173.194.70.106" on port 443.
Internet connection: Connects to "173.194.70.120" on port 443.
Internet connection: Connects to "173.194.70.84" on port 443.
Internet connection: Connects to "192.166.218.40" on port 443.
Internet connection: Connects to "46.165.201.120" on port 443.
Internet connection: Connects to "46.19.138.158" on port 80.
Internet connection: Connects to "74.125.136.136" on port 443.
Internet connection: Connects to "74.125.136.139" on port 443.
Internet connection: Connects to "74.125.136.95" on port 443.
Internet connection: Connects to "78.47.53.61" on port 80.
Internet connection: Connects to "95.211.95.250" on port 80.
Internet connection: Connects to "plugnrex.info" on port 80.
Internet connection: Connects to "www.reportpl1.com" on port 80.
Internet connection: Connects to "www.storagepl1.com" on port 80.
Internet connection: Connects to "www.tracknl.info" on port 80.

---

Dodano: 03 gru 2012, 22:45

Świeżyny 2x zbot

Treść widoczna jedynie dla zarejestrowanych użytkowników

3x FakeAV - System Protection Progressive

Treść widoczna jedynie dla zarejestrowanych użytkowników

[lanzone]

Tachion, w jaki sposób dokonujesz analizy jak powyżej?

[ELWIS1]

Treść widoczna jedynie dla zarejestrowanych użytkowników

Avira wykrywa jako phishing.

[Lion]

Pytałem w procesie składania uczestniczące próbek Próbki laboratoryjne ... Muszę wziąć Virus Sample Post?

[lukmaciej]

Treść widoczna jedynie dla zarejestrowanych użytkowników

Zobaczcie jeszcze to :

Treść widoczna jedynie dla zarejestrowanych użytkowników

Google Chrome blokujeale czy strona działa to nie wiem bo nie mam na razie wirtualnej maszyny.

FortiClient 5.0- Web Page Blocked!
You have tried to access a web page which is in violation of your internet usage policy.
URL: indian-picture.com/

Category Adult/Mature Contentornography

---

Dodano: 03 gru 2012, 22:45

Świeżyny 2x zbot

Treść widoczna jedynie dla zarejestrowanych użytkowników

3x FakeAV - System Protection Progressive

Treść widoczna jedynie dla zarejestrowanych użytkowników

2x zbot2/2
3x FakeAV - System Protection Progressive 2/3 FortiClient 5.0 nie wykrywa AE230D4A14A8E8C5513A227C937A9C5E_animal-sex-video.avi.exe

[Lion]

Treść widoczna jedynie dla zarejestrowanych użytkowników

[ Malware Link ]Please Dont Click If You Dont Know What You''re Doing Here..

---

Dodano: 04 Dec 2012, 12:12

189 Sample

Treść widoczna jedynie dla zarejestrowanych użytkowników

[myciu1974]

Treść widoczna jedynie dla zarejestrowanych użytkowników

[ Malware Link ]Please Dont Click If You Dont Know What You''re Doing Here..

---

Dodano: 04 Dec 2012, 12:12

189 Sample

Treść widoczna jedynie dla zarejestrowanych użytkowników

Emsi 15/21,,, 140/188

[Anonymous Network]

NEW Trojan from Facebook

Treść widoczna jedynie dla zarejestrowanych użytkowników

[Fr3shMak3r]

NEW Trojan from Facebook

Treść widoczna jedynie dla zarejestrowanych użytkowników

Avast nie wykrywa .

[Bergo]

NEW Trojan from Facebook

Treść widoczna jedynie dla zarejestrowanych użytkowników

Gdata:missed

[kolon22]

Comodo IS wykrywa