Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ComboFix 15-04-16.01 - admin 18/04/2015 11:33:38.2.2 - x64 MINIMAL
- Microsoft Windows 7 Professional 6.1.7601.1.1252.51.3082.18.3976.2261 [GMT -5:00]
- Running from: c:\users\admin\Downloads\ComboFix.exe
- AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
- FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
- SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
- SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- * Created a new restore point
- .
- .
- ((((((((((((((((((((((((( Files Created from 2015-03-18 to 2015-04-18 )))))))))))))))))))))))))))))))
- .
- .
- 2015-04-18 16:37 . 2015-04-18 16:37 -------- d-----w- c:\users\Default\AppData\Local\temp
- 2015-04-18 16:32 . 2015-04-18 16:32 -------- d-----w- c:\users\admin\AppData\Local\ElevatedDiagnostics
- 2015-04-18 06:18 . 2015-04-18 15:44 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
- 2015-04-18 06:18 . 2015-04-18 06:18 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
- 2015-04-18 06:18 . 2015-03-17 11:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
- 2015-04-18 06:18 . 2015-03-17 11:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
- 2015-04-18 06:18 . 2015-03-17 11:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
- 2015-04-12 17:33 . 2015-04-12 20:09 -------- d-----w- c:\program files (x86)\Minecraft
- 2015-04-05 00:49 . 2015-04-05 00:50 -------- d-----w- c:\users\admin\htdocs
- 2015-04-04 20:05 . 2015-04-04 20:05 -------- d-----w- c:\users\admin\AppData\Local\Deosoftware
- 2015-04-04 19:28 . 2015-04-04 19:28 -------- d-----w- c:\users\admin\AppData\Roaming\Deosoftware
- 2015-04-04 19:28 . 2015-04-04 19:28 -------- d-----w- c:\program files (x86)\Pampa 1
- 2015-04-02 01:42 . 2015-04-02 01:42 -------- d-----w- c:\programdata\BlueStacks
- 2015-04-02 01:42 . 2015-04-02 01:42 -------- d-----w- c:\program files (x86)\BlueStacks
- 2015-04-02 01:42 . 2015-04-02 01:42 -------- d-----w- c:\users\admin\AppData\Local\Bluestacks
- 2015-04-01 04:19 . 2015-04-01 04:19 -------- d-----w- c:\program files (x86)\Photoshop Cs6
- 2015-03-21 23:30 . 2015-03-21 23:30 -------- d-----w- c:\program files\Recuva
- 2015-03-21 16:26 . 2015-04-18 06:17 -------- d-----w- c:\program files\CCleaner
- .
- .
- .
- (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
- .
- 2015-03-21 19:16 . 2013-03-11 02:45 778928 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
- 2015-03-21 19:16 . 2013-03-11 02:45 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
- 2015-03-12 17:05 . 2015-01-21 20:55 20 ----a-w- c:\users\admin\AppData\Roaming\appdataFr3.bin
- 2015-03-12 13:09 . 2013-04-02 15:40 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
- 2015-03-09 15:09 . 2013-04-14 00:25 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
- 2015-01-30 22:03 . 2015-01-30 22:03 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
- 2015-01-30 22:03 . 2015-01-30 22:03 449936 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
- 2015-01-30 20:33 . 2015-01-30 20:32 87912 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
- 2015-01-30 20:33 . 2015-01-30 20:32 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
- 2015-01-30 20:32 . 2015-01-30 22:03 364512 ----a-w- c:\windows\system32\aswBoot.exe
- 2015-01-30 20:32 . 2015-01-30 20:32 116728 ----a-w- c:\windows\system32\drivers\aswStm.sys
- 2015-01-30 20:32 . 2015-01-30 20:32 436624 ----a-w- c:\windows\system32\drivers\aswSP.sys
- 2015-01-30 20:32 . 2015-01-30 20:32 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
- 2015-01-30 20:32 . 2015-01-30 20:32 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
- 2015-01-30 20:32 . 2015-01-30 20:32 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
- 2015-01-30 20:32 . 2015-01-30 20:32 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
- 2015-01-30 20:32 . 2015-01-30 20:32 43152 ----a-w- c:\windows\avastSS.scr
- .
- .
- ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
- .
- .
- *Note* empty entries & legit default entries are not shown
- REGEDIT4
- .
- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
- "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
- .
- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
- "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-01 5227648]
- "BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2015-02-03 847576]
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
- "ConsentPromptBehaviorAdmin"= 5 (0x5)
- "ConsentPromptBehaviorUser"= 3 (0x3)
- "EnableUIADesktopToggle"= 0 (0x0)
- "SoftwareSASGeneration"= 1 (0x1)
- .
- [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
- "LoadAppInit_DLLs"=1 (0x1)
- .
- [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
- "mixer"=wdmaud.drv
- .
- R0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
- R0 aswRvrt;avast! Revert; [x]
- R0 aswVmm;avast! VM Monitor; [x]
- R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
- R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
- R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
- R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
- R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
- R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
- R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
- R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
- R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
- R2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
- R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
- R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
- R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
- R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
- R2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
- R3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\system32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]
- R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\system32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]
- R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\system32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]
- R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
- R3 IntcDAud;Sonido Intel(R) para pantallas;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
- R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
- R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
- R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
- R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
- R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
- R3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\system32\DRIVERS\rtbth.sys;c:\windows\SYSNATIVE\DRIVERS\rtbth.sys [x]
- R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
- R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
- R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
- R3 wampapache64;wampapache64;c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe;c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [x]
- R3 wampmysqld64;wampmysqld64;c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64;c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe wampmysqld64 [x]
- R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
- S0 iusb3hcs;Controlador del conmutador de la controladora de host Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
- S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
- S3 iusb3hub;Controlador del concentrador Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
- S3 iusb3xhc;Controlador de la controladora de host Intel(R) USB 3.0 eXtensible;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
- .
- .
- [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
- 2014-11-26 02:44 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
- .
- Contents of the 'Scheduled Tasks' folder
- .
- 2015-04-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-11 19:16]
- .
- 2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05 16:44]
- .
- 2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-05 16:44]
- .
- .
- --------- X64 Entries -----------
- .
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
- @="{472083B0-C522-11CF-8763-00608CC02F24}"
- [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
- 2015-01-30 20:32 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
- .
- ------- Supplementary Scan -------
- .
- uLocal Page = c:\windows\system32\blank.htm
- uStart Page = https://www.google.com.pe/
- mStart Page = https://www.google.com/?trackid=sp-006
- mSearch Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
- mSearch Bar = https://www.google.com/?trackid=sp-006
- IE: &Enviar a OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
- IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
- TCP: Interfaces\{01BA558F-4B4D-4E82-ACEF-6CAC27D44351}: NameServer = 200.48.225.130,200.48.225.146
- FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\jxewj1ig.default\
- FF - prefs.js: browser.startup.homepage - hxxp://login.lataminternet.com/search.php?q=
- FF - prefs.js: keyword.URL - hxxp://login.lataminternet.com/search.php?q=
- .
- .
- --------------------- LOCKED REGISTRY KEYS ---------------------
- .
- [HKEY_LOCAL_MACHINE\software\BlueStacks]
- "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
- 00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
- @Denied: (A 2) (Everyone)
- @="FlashBroker"
- "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe,-101"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
- "Enabled"=dword:00000001
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
- @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
- @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
- @Denied: (A 2) (Everyone)
- @="IFlashBroker6"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
- @="{00020424-0000-0000-C000-000000000046}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
- @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
- "Version"="1.0"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
- @Denied: (A 2) (Everyone)
- @="FlashBroker"
- "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe,-101"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
- "Enabled"=dword:00000001
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
- @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
- @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
- @Denied: (A 2) (Everyone)
- @="Shockwave Flash Object"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
- @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
- "ThreadingModel"="Apartment"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
- @="0"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
- @="ShockwaveFlash.ShockwaveFlash.17"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
- @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
- @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
- @="1.0"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
- @="ShockwaveFlash.ShockwaveFlash"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
- @Denied: (A 2) (Everyone)
- @="Macromedia Flash Factory Object"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
- @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
- "ThreadingModel"="Apartment"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
- @="FlashFactory.FlashFactory.1"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
- @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
- @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
- @="1.0"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
- @="FlashFactory.FlashFactory"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
- @Denied: (A 2) (Everyone)
- @="IFlashBroker6"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
- @="{00020424-0000-0000-C000-000000000046}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
- @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
- "Version"="1.0"
- .
- [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
- @Denied: (A) (Everyone)
- "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
- .
- [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
- @Denied: (A) (Everyone)
- .
- [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
- "Key"="ActionsPane3"
- "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
- .
- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
- @Denied: (A) (Users)
- @Denied: (A) (Everyone)
- @Allowed: (B 1 2 3 4 5) (S-1-5-20)
- "BlindDial"=dword:00000000
- .
- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
- @Denied: (Full) (Everyone)
- .
- Completion time: 2015-04-18 11:38:23
- ComboFix-quarantined-files.txt 2015-04-18 16:38
- ComboFix2.txt 2015-03-21 20:36
- .
- Pre-Run: 202,455,289,856 bytes libres
- Post-Run: 202,107,752,448 bytes libres
- .
- - - End Of File - - 318B4BD2D88130D3981828256A3E1ECE
- A36C5E4F47E84449FF07ED3517B43A31
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement