cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ComboFix 14-08-12.01 - Audrey 13/08/2014 10:49:59.1.2 - x64
Microsoft Windows�7 �dition Familiale Premium 6.1.7601.1.1252.33.1036.18.4025.2403 [GMT 2:00]
Lanc� depuis: c:\users\Audrey\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
AV: Kaspersky Anti-Virus *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Kaspersky Anti-Virus *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\packardbell.ico
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fediheciachmpdophdiejahcjjjgkbif
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fediheciachmpdophdiejahcjjjgkbif\8.1\background.html
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fediheciachmpdophdiejahcjjjgkbif\8.1\content.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fediheciachmpdophdiejahcjjjgkbif\8.1\lsdb.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fediheciachmpdophdiejahcjjjgkbif\8.1\manifest.json
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fediheciachmpdophdiejahcjjjgkbif\8.1\Qqmk8n_1.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljgeaegabficmaccmdbfffoennakbiha
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljgeaegabficmaccmdbfffoennakbiha\2.5\background.html
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljgeaegabficmaccmdbfffoennakbiha\2.5\content.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljgeaegabficmaccmdbfffoennakbiha\2.5\lsdb.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljgeaegabficmaccmdbfffoennakbiha\2.5\manifest.json
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljgeaegabficmaccmdbfffoennakbiha\2.5\uQHqI.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\llnofjfijelilpjdibjjmldcpdenmbfh
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\llnofjfijelilpjdibjjmldcpdenmbfh\164\background.html
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\llnofjfijelilpjdibjjmldcpdenmbfh\164\content.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\llnofjfijelilpjdibjjmldcpdenmbfh\164\LgsTew.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\llnofjfijelilpjdibjjmldcpdenmbfh\164\lsdb.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\llnofjfijelilpjdibjjmldcpdenmbfh\164\manifest.json
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinnimcikdbhhfcgdmcdcbingagfgelm
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinnimcikdbhhfcgdmcdcbingagfgelm\1.0\background.html
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinnimcikdbhhfcgdmcdcbingagfgelm\1.0\content.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinnimcikdbhhfcgdmcdcbingagfgelm\1.0\dmYPG1a.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinnimcikdbhhfcgdmcdcbingagfgelm\1.0\lsdb.js
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinnimcikdbhhfcgdmcdcbingagfgelm\1.0\manifest.json
c:\users\Audrey\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\Audrey\AppData\Local\Temp\jna5194815183433189530.dll
c:\users\Audrey\AppData\Roaming\.#
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2014-07-13 au 2014-08-13 ))))))))))))))))))))))))))))))))))))
.
.
2014-08-13 08:57 . 2014-08-13 08:57 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{235BF597-D558-41A8-BB9E-B7E45214381B}\offreg.dll
2014-08-11 19:43 . 2014-08-12 14:59 -------- d-----w- C:\FRST
2014-08-10 08:10 . 2014-08-12 14:17 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-10 08:09 . 2014-08-10 08:09 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-08-10 08:09 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-10 08:09 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-10 08:09 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-10 07:46 . 2014-08-10 07:46 -------- d-----w- c:\windows\ERUNT
2014-08-10 07:10 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-08-10 07:08 . 2014-08-12 14:10 -------- d-----w- C:\AdwCleaner
2014-08-07 21:36 . 2014-08-11 07:38 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2014-08-07 21:30 . 2014-08-11 07:37 -------- d-----w- c:\users\Audrey\AppData\Roaming\ZHP
2014-08-07 21:30 . 2014-08-07 21:30 -------- d-----w- c:\program files (x86)\ZHPDiag
2014-07-24 19:02 . 2014-07-24 19:02 -------- d-----w- c:\users\Audrey\AppData\Local\ArchiveSoftwareWinsock
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-22 13:01 . 2013-11-20 18:00 829264 ----a-w- c:\windows\system32\msvcr100.dll
2014-07-22 13:01 . 2013-11-20 18:00 608080 ----a-w- c:\windows\system32\msvcp100.dll
2014-06-07 13:39 . 2012-06-19 16:54 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-07 13:39 . 2011-05-13 09:28 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2009-08-21 262912]
"Camera Assistant Software"="c:\program files (x86)\Video Web Camera\traybar.exe" [2008-12-10 630784]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"RemoteControl8"="c:\program files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"CANAL+ CANALSAT A LA DEMANDE"="c:\program files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe" [2014-08-13 163536]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"CanalPlayer"="c:\program files (x86)\Lecteur CANALPLAY\CanalPlayer.exe" [2012-03-06 2259344]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
.
c:\users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files (x86)\LimeWire\LimeWire.exe -startup [2010-9-30 503808]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
Remote Mouse Server.lnk - c:\program files (x86)\Remote Mouse Server\RemoteMouse.exe hide [2011-9-3 7647203]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RgFltX64;RgFltX64;c:\users\Audrey\AppData\Local\ArchiveSoftwareWinsock\RgFltX64.sys;c:\users\Audrey\AppData\Local\ArchiveSoftwareWinsock\RgFltX64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 Service CANALPLAY;Service CANALPLAY;c:\program files (x86)\Lecteur CANALPLAY\CanalPlayService.exe;c:\program files (x86)\Lecteur CANALPLAY\CanalPlayService.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
S2 ArchiveSoftwareWinsock.exe;ArchiveSoftwareWinsock.exe;c:\users\Audrey\AppData\Local\ArchiveSoftwareWinsock\ArchiveSoftwareWinsock.exe;c:\users\Audrey\AppData\Local\ArchiveSoftwareWinsock\ArchiveSoftwareWinsock.exe [x]
S2 CanalPlus.VOD;CanalPlus.VOD;c:\program files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe;c:\program files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
.
.
--- Autres Services/Pilotes en m�moire ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-23 18:09 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Contenu du dossier 'T�ches planifi�es'
.
2012-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cce16eddf1d961.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-05 09:08]
.
2014-05-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6e0dc87a746d.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-05 09:08]
.
2014-08-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-05 09:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-07-20 503864]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-05-22 295936]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2009-08-05 828960]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
.
------- Examen suppl�mentaire -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = ;*origin.com;*ea.com;*akamaihd.net
uInternet Settings,ProxyServer = http=127.0.0.1:38874
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} -
Trusted Zone: canalplay.com
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\Audrey\AppData\Roaming\Mozilla\Firefox\Profiles\Audrey\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-!{A29B2641-9931-448A-8DE7-B2D63BDC1812} - (no file)
Toolbar-!{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1} - (no file)
Toolbar-!{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - (no file)
Wow6432Node-HKLM-Run- - (no file)
c:\users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\genesis.lnk - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-!{A29B2641-9931-448A-8DE7-B2D63BDC1812} - (no file)
AddRemove-eDealsPop_is1 - c:\program files (x86)\eDealsPop\unins000.exe
AddRemove-Grasvue - c:\windows\system32\SpoonUninstall.exe
AddRemove-WatermarkSoftware - c:\users\Audrey\Documents\Watermark\WatermarkSoftware\unin00000.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\canalplay.com]
@DACL=(02 0000)
"*"=dword:00000002
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\canalplusactive.com]
@DACL=(02 0000)
"*"=dword:00000002
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Autres processus actifs ------------------------
.
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\users\Audrey\AppData\Local\ArchiveSoftwareWinsock\FinderMacroSnapshot.exe
.
**************************************************************************
.
Heure de fin: 2014-08-13 11:04:00 - La machine a red�marr�
ComboFix-quarantined-files.txt 2014-08-13 09:04
.
Avant-CF: 506�493�763�584 octets libres
Apr�s-CF: 506�189�729�792 octets libres
.
- - End Of File - - 729BD2A85902A8FD0AB5A1AAE5042AEC
5C616939100B85E558DA92B899A0FC36

Publicité


Signaler le contenu de ce document

Publicité