COMBOFIX LOG

1. ComboFix 15-04-16.01 - admin 18/04/2015 11:33:38.2.2 - x64 MINIMAL
2. Microsoft Windows 7 Professional 6.1.7601.1.1252.51.3082.18.3976.2261 [GMT -5:00]
3. Running from: c:\users\admin\Downloads\ComboFix.exe
4. AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
5. FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
6. SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
7. SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
8. * Created a new restore point
9. .
10. .
11. ((((((((((((((((((((((((( Files Created from 2015-03-18 to 2015-04-18 )))))))))))))))))))))))))))))))
12. .
13. .
14. 2015-04-18 16:37 . 2015-04-18 16:37 -------- d-----w- c:\users\Default\AppData\Local\temp
15. 2015-04-18 16:32 . 2015-04-18 16:32 -------- d-----w- c:\users\admin\AppData\Local\ElevatedDiagnostics
16. 2015-04-18 06:18 . 2015-04-18 15:44 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
17. 2015-04-18 06:18 . 2015-04-18 06:18 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
18. 2015-04-18 06:18 . 2015-03-17 11:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
19. 2015-04-18 06:18 . 2015-03-17 11:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
20. 2015-04-18 06:18 . 2015-03-17 11:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
21. 2015-04-12 17:33 . 2015-04-12 20:09 -------- d-----w- c:\program files (x86)\Minecraft
22. 2015-04-05 00:49 . 2015-04-05 00:50 -------- d-----w- c:\users\admin\htdocs
23. 2015-04-04 20:05 . 2015-04-04 20:05 -------- d-----w- c:\users\admin\AppData\Local\Deosoftware
24. 2015-04-04 19:28 . 2015-04-04 19:28 -------- d-----w- c:\users\admin\AppData\Roaming\Deosoftware
25. 2015-04-04 19:28 . 2015-04-04 19:28 -------- d-----w- c:\program files (x86)\Pampa 1
26. 2015-04-02 01:42 . 2015-04-02 01:42 -------- d-----w- c:\programdata\BlueStacks
27. 2015-04-02 01:42 . 2015-04-02 01:42 -------- d-----w- c:\program files (x86)\BlueStacks
28. 2015-04-02 01:42 . 2015-04-02 01:42 -------- d-----w- c:\users\admin\AppData\Local\Bluestacks
29. 2015-04-01 04:19 . 2015-04-01 04:19 -------- d-----w- c:\program files (x86)\Photoshop Cs6
30. 2015-03-21 23:30 . 2015-03-21 23:30 -------- d-----w- c:\program files\Recuva
31. 2015-03-21 16:26 . 2015-04-18 06:17 -------- d-----w- c:\program files\CCleaner
32. .
33. .
34. .
35. (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
36. .
37. 2015-03-21 19:16 . 2013-03-11 02:45 778928 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
38. 2015-03-21 19:16 . 2013-03-11 02:45 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
39. 2015-03-12 17:05 . 2015-01-21 20:55 20 ----a-w- c:\users\admin\AppData\Roaming\appdataFr3.bin
40. 2015-03-12 13:09 . 2013-04-02 15:40 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
41. 2015-03-09 15:09 . 2013-04-14 00:25 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
42. 2015-01-30 22:03 . 2015-01-30 22:03 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
43. 2015-01-30 22:03 . 2015-01-30 22:03 449936 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
44. 2015-01-30 20:33 . 2015-01-30 20:32 87912 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
45. 2015-01-30 20:33 . 2015-01-30 20:32 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
46. 2015-01-30 20:32 . 2015-01-30 22:03 364512 ----a-w- c:\windows\system32\aswBoot.exe
47. 2015-01-30 20:32 . 2015-01-30 20:32 116728 ----a-w- c:\windows\system32\drivers\aswStm.sys
48. 2015-01-30 20:32 . 2015-01-30 20:32 436624 ----a-w- c:\windows\system32\drivers\aswSP.sys
49. 2015-01-30 20:32 . 2015-01-30 20:32 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
50. 2015-01-30 20:32 . 2015-01-30 20:32 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
51. 2015-01-30 20:32 . 2015-01-30 20:32 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
52. 2015-01-30 20:32 . 2015-01-30 20:32 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
53. 2015-01-30 20:32 . 2015-01-30 20:32 43152 ----a-w- c:\windows\avastSS.scr
54. .
55. .
56. ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
57. .
58. .
59. *Note* empty entries & legit default entries are not shown
60. REGEDIT4
61. .
62. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
63. "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
64. .
65. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
66. "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-01 5227648]
67. "BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2015-02-03 847576]
68. .
69. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
70. "ConsentPromptBehaviorAdmin"= 5 (0x5)
71. "ConsentPromptBehaviorUser"= 3 (0x3)
72. "EnableUIADesktopToggle"= 0 (0x0)
73. "SoftwareSASGeneration"= 1 (0x1)
74. .
75. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
76. "LoadAppInit_DLLs"=1 (0x1)
77. .
78. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
79. "mixer"=wdmaud.drv
80. .
81. R0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
82. R0 aswRvrt;avast! Revert; [x]
83. R0 aswVmm;avast! VM Monitor; [x]
84. R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
85. R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
86. R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
87. R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
88. R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
89. R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
90. R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
91. R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
92. R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
93. R2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
94. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
95. R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
96. R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
97. R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
98. R2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
99. R3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\system32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]
100. R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\system32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]
101. R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\system32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]
102. R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
103. R3 IntcDAud;Sonido Intel(R) para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
104. R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
105. R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
106. R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
107. R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
108. R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
109. R3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\system32\DRIVERS\rtbth.sys;c:\windows\SYSNATIVE\DRIVERS\rtbth.sys [x]
110. R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
111. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
112. R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
113. R3 wampapache64;wampapache64;c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe;c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [x]
114. R3 wampmysqld64;wampmysqld64;c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64;c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 [x]
115. R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
116. S0 iusb3hcs;Controlador del conmutador de la controladora de host Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
117. S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
118. S3 iusb3hub;Controlador del concentrador Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
119. S3 iusb3xhc;Controlador de la controladora de host Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
120. .
121. .
122. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
123. 2014-11-26 02:44 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
124. .
125. Contents of the 'Scheduled Tasks' folder
126. .
127. 2015-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
128. - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-11 19:16]
129. .
130. 2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
131. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05 16:44]
132. .
133. 2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
134. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05 16:44]
135. .
136. .
137. --------- X64 Entries -----------
138. .
139. .
140. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
141. @="{472083B0-C522-11CF-8763-00608CC02F24}"
142. [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
143. 2015-01-30 20:32 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
144. .
145. ------- Supplementary Scan -------
146. .
147. uLocal Page = c:\windows\system32\blank.htm
148. uStart Page = https://www.google.com.pe/
149. mStart Page = https://www.google.com/?trackid=sp-006
150. mSearch Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
151. mSearch Bar = https://www.google.com/?trackid=sp-006
152. IE: &Enviar a OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
153. IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
154. TCP: Interfaces\{01BA558F-4B4D-4E82-ACEF-6CAC27D44351}: NameServer = 200.48.225.130,200.48.225.146
155. FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jxewj1ig.default\
156. FF - prefs.js: browser.startup.homepage - hxxp://login.lataminternet.com/search.php?q=
157. FF - prefs.js: keyword.URL - hxxp://login.lataminternet.com/search.php?q=
158. .
159. .
160. --------------------- LOCKED REGISTRY KEYS ---------------------
161. .
162. [HKEY_LOCAL_MACHINE\software\BlueStacks]
163. "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
164. 00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
165. .
166. [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
167. @Denied: (A 2) (Everyone)
168. @="FlashBroker"
169. "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe,-101"
170. .
171. [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
172. "Enabled"=dword:00000001
173. .
174. [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
175. @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
176. .
177. [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
178. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
179. .
180. [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
181. @Denied: (A 2) (Everyone)
182. @="IFlashBroker6"
183. .
184. [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
185. @="{00020424-0000-0000-C000-000000000046}"
186. .
187. [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
188. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
189. "Version"="1.0"
190. .
191. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
192. @Denied: (A 2) (Everyone)
193. @="FlashBroker"
194. "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe,-101"
195. .
196. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
197. "Enabled"=dword:00000001
198. .
199. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
200. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
201. .
202. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
203. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
204. .
205. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
206. @Denied: (A 2) (Everyone)
207. @="Shockwave Flash Object"
208. .
209. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
210. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
211. "ThreadingModel"="Apartment"
212. .
213. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
214. @="0"
215. .
216. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
217. @="ShockwaveFlash.ShockwaveFlash.17"
218. .
219. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
220. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
221. .
222. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
223. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
224. .
225. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
226. @="1.0"
227. .
228. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
229. @="ShockwaveFlash.ShockwaveFlash"
230. .
231. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
232. @Denied: (A 2) (Everyone)
233. @="Macromedia Flash Factory Object"
234. .
235. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
236. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
237. "ThreadingModel"="Apartment"
238. .
239. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
240. @="FlashFactory.FlashFactory.1"
241. .
242. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
243. @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
244. .
245. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
246. @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
247. .
248. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
249. @="1.0"
250. .
251. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
252. @="FlashFactory.FlashFactory"
253. .
254. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
255. @Denied: (A 2) (Everyone)
256. @="IFlashBroker6"
257. .
258. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
259. @="{00020424-0000-0000-C000-000000000046}"
260. .
261. [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
262. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
263. "Version"="1.0"
264. .
265. [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
266. @Denied: (A) (Everyone)
267. "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
268. .
269. [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
270. @Denied: (A) (Everyone)
271. .
272. [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
273. "Key"="ActionsPane3"
274. "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
275. .
276. [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
277. @Denied: (A) (Users)
278. @Denied: (A) (Everyone)
279. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
280. "BlindDial"=dword:00000000
281. .
282. [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
283. @Denied: (Full) (Everyone)
284. .
285. Completion time: 2015-04-18 11:38:23
286. ComboFix-quarantined-files.txt 2015-04-18 16:38
287. ComboFix2.txt 2015-03-21 20:36
288. .
289. Pre-Run: 202,455,289,856 bytes libres
290. Post-Run: 202,107,752,448 bytes libres
291. .
292. - - End Of File - - 318B4BD2D88130D3981828256A3E1ECE
293. A36C5E4F47E84449FF07ED3517B43A31