cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

ComboFix 16-01-31.01 - ÇÍãÏ ãÍãæÏ ãÍãÏãÍãæÏ 02/03/2016 14:24:29.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1256.966.1025.18.3062.2246 [GMT 3:00]
Running from: c:\users\??Ú? Ú?Úµ? Ú?Ú?Ú?Úµ?\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ÇÍãÏ ãÍãæÏ ãÍãÏãÍãæÏ\AppData\Roaming\e329d265
c:\users\ÇÍãÏ ãÍãæÏ ãÍãÏãÍãæÏ\AppData\Roaming\e329d265\e329d265.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2016-01-03 to 2016-02-03 )))))))))))))))))))))))))))))))
.
.
2016-02-03 11:29 . 2016-02-03 11:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-03 03:30 . 2016-02-03 03:30 -------- d-----w- c:\program files\Microsoft Synchronization Services
2016-02-03 03:29 . 2016-02-03 03:29 -------- d-----w- c:\windows\PCHEALTH
2016-02-03 03:29 . 2016-02-03 03:29 -------- d-----w- c:\program files\Microsoft Sync Framework
2016-02-03 03:29 . 2016-02-03 03:29 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2016-02-03 03:29 . 2016-02-03 03:29 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2016-02-03 03:28 . 2016-02-03 03:28 -------- d-----w- c:\program files\Microsoft Analysis Services
2016-02-03 03:27 . 2016-02-03 03:33 -------- d-----w- c:\programdata\Microsoft Help
2016-02-03 03:27 . 2016-02-03 03:27 -------- d-----r- C:\MSOCache
2016-02-03 02:57 . 2015-12-16 07:15 9014120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{61EAD56D-DDDE-48DA-A80A-DBD43184D459}\mpengine.dll
2016-02-01 11:08 . 2016-02-01 11:08 -------- d-----w- c:\programdata\hik
2016-02-01 11:08 . 2016-02-01 11:08 -------- d-----w- c:\program files\hicloud
2016-01-28 15:19 . 2016-01-28 15:19 -------- d-----w- c:\program files\Common Files\InstallShield
2016-01-28 14:38 . 2015-12-11 18:35 951808 ----a-w- c:\windows\system32\aeinv.dll
2016-01-27 19:29 . 2016-01-27 19:29 -------- d-s---w- c:\windows\system32\CompatTel
2016-01-27 19:29 . 2016-01-27 19:29 -------- d-----w- c:\windows\system32\appraiser
2016-01-26 15:53 . 2016-01-26 15:56 -------- d-s---w- c:\windows\system32\GWX
2016-01-26 11:50 . 2016-01-26 11:50 -------- d-----w- c:\windows\Migration
2016-01-26 08:55 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2016-01-26 08:55 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2016-01-26 08:55 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
2016-01-26 08:47 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2016-01-26 08:47 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2016-01-26 08:47 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2016-01-26 08:47 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2016-01-26 08:47 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2016-01-26 08:47 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2016-01-26 08:47 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2016-01-26 08:47 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2016-01-26 08:47 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2016-01-26 08:45 . 2015-12-08 21:53 641536 ----a-w- c:\windows\system32\advapi32.dll
2016-01-26 08:44 . 2015-07-10 17:34 36864 ----a-w- c:\windows\system32\tsgqec.dll
2016-01-26 08:44 . 2015-07-10 17:34 3221504 ----a-w- c:\windows\system32\mstscax.dll
2016-01-26 08:44 . 2015-07-10 17:33 131584 ----a-w- c:\windows\system32\aaclient.dll
2016-01-26 08:44 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2016-01-26 08:44 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2016-01-26 08:44 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2016-01-26 08:44 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2016-01-26 08:43 . 2015-11-11 18:39 1242624 ----a-w- c:\windows\system32\comsvcs.dll
2016-01-26 08:43 . 2015-11-11 18:39 487936 ----a-w- c:\windows\system32\catsrvut.dll
2016-01-26 08:42 . 2015-07-01 20:30 206848 ----a-w- c:\windows\system32\WebClnt.dll
2016-01-26 08:42 . 2015-07-01 20:30 82432 ----a-w- c:\windows\system32\davclnt.dll
2016-01-26 08:42 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2016-01-26 08:42 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
2016-01-26 08:42 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2016-01-26 08:42 . 2015-11-17 00:42 591872 ----a-w- c:\windows\system32\invagent.dll
2016-01-26 08:42 . 2015-11-17 00:42 633856 ----a-w- c:\windows\system32\generaltel.dll
2016-01-26 08:42 . 2015-11-17 00:42 425984 ----a-w- c:\windows\system32\devinv.dll
2016-01-26 08:42 . 2015-11-17 00:42 65536 ----a-w- c:\windows\system32\acmigration.dll
2016-01-26 08:42 . 2015-11-16 20:12 176128 ----a-w- c:\windows\system32\aepic.dll
2016-01-26 08:42 . 2015-06-03 20:17 1167520 ----a-w- c:\windows\system32\aitstatic.exe
2016-01-26 08:40 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\system32\msxml6.dll
2016-01-26 08:40 . 2015-08-27 17:58 1241088 ----a-w- c:\windows\system32\msxml3.dll
2016-01-26 08:40 . 2015-08-27 17:51 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-01-26 08:40 . 2015-08-27 17:51 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-01-26 08:40 . 2013-01-24 04:47 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2016-01-26 08:40 . 2015-08-05 17:41 751104 ----a-w- c:\windows\system32\schedsvc.dll
2016-01-26 08:39 . 2014-11-11 02:44 186880 ----a-w- c:\windows\system32\pku2u.dll
2016-01-26 08:39 . 2015-06-15 21:43 2364416 ----a-w- c:\windows\system32\msi.dll
2016-01-26 08:39 . 2015-06-15 21:43 337408 ----a-w- c:\windows\system32\msihnd.dll
2016-01-26 08:39 . 2015-06-15 21:42 73216 ----a-w- c:\windows\system32\msiexec.exe
2016-01-26 08:39 . 2015-06-15 21:37 25088 ----a-w- c:\windows\system32\msimsg.dll
2016-01-26 08:39 . 2011-03-03 05:38 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2016-01-26 08:39 . 2011-03-03 05:36 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2016-01-26 08:39 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2016-01-26 08:37 . 2015-07-15 17:59 78784 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2016-01-26 08:37 . 2015-07-15 17:55 1159168 ----a-w- c:\windows\system32\sysmain.dll
2016-01-26 08:37 . 2015-07-15 17:54 10752 ----a-w- c:\windows\system32\msmmsp.dll
2016-01-26 08:37 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2016-01-26 08:37 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
2016-01-26 08:37 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2016-01-26 08:36 . 2015-11-05 19:00 2048 ----a-w- c:\windows\system32\tzres.dll
2016-01-26 08:34 . 2015-11-20 18:34 93696 ----a-w- c:\windows\system32\wudriver.dll
2016-01-26 08:33 . 2015-01-17 02:30 828928 ----a-w- c:\windows\system32\msctf.dll
2016-01-26 08:33 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2016-01-26 08:33 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2016-01-26 08:33 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2016-01-26 08:33 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2016-01-26 08:33 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2016-01-26 08:33 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2016-01-26 08:33 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2016-01-26 08:33 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2016-01-26 08:32 . 2015-07-22 17:53 937984 ----a-w- c:\windows\system32\diagtrack.dll
2016-01-26 08:32 . 2015-07-22 16:38 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-01-26 08:32 . 2015-07-22 17:53 635392 ----a-w- c:\windows\system32\tdh.dll
2016-01-26 08:30 . 2014-06-18 01:52 399360 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2016-01-26 08:30 . 2014-06-18 01:51 646144 ----a-w- c:\windows\system32\osk.exe
2016-01-26 08:30 . 2015-08-06 17:44 1498624 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-26 08:30 . 2011-02-12 05:35 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2016-01-26 08:30 . 2015-07-30 17:57 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2016-01-26 08:30 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2016-01-26 08:30 . 2012-07-04 21:14 41984 ----a-w- c:\windows\system32\browcli.dll
2016-01-26 08:30 . 2012-07-04 21:14 102912 ----a-w- c:\windows\system32\browser.dll
2016-01-26 08:29 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2016-01-26 08:29 . 2015-05-25 18:01 92160 ----a-w- c:\windows\system32\sechost.dll
2016-01-26 08:29 . 2015-05-25 18:00 40448 ----a-w- c:\windows\system32\typeperf.exe
2016-01-26 08:29 . 2015-05-25 18:00 364544 ----a-w- c:\windows\system32\tracerpt.exe
2016-01-26 08:29 . 2015-05-25 18:00 37888 ----a-w- c:\windows\system32\relog.exe
2016-01-26 08:29 . 2015-05-25 18:00 82944 ----a-w- c:\windows\system32\logman.exe
2016-01-26 08:29 . 2015-05-25 18:00 17408 ----a-w- c:\windows\system32\diskperf.exe
2016-01-26 08:29 . 2015-04-18 02:56 342016 ----a-w- c:\windows\system32\certcli.dll
2016-01-26 08:29 . 2010-12-23 05:54 642048 ----a-w- c:\windows\system32\CPFilters.dll
2016-01-26 08:29 . 2010-12-23 05:54 850944 ----a-w- c:\windows\system32\sbe.dll
2016-01-26 08:29 . 2010-12-23 05:50 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2016-01-26 08:28 . 2015-04-27 19:05 179200 ----a-w- c:\windows\system32\wintrust.dll
2016-01-26 08:28 . 2015-04-27 19:04 143872 ----a-w- c:\windows\system32\cryptsvc.dll
2016-01-26 08:28 . 2015-04-27 19:04 1174528 ----a-w- c:\windows\system32\crypt32.dll
2016-01-26 08:28 . 2015-04-27 19:04 103936 ----a-w- c:\windows\system32\cryptnet.dll
2016-01-26 08:28 . 2015-11-03 18:56 627712 ----a-w- c:\windows\system32\usp10.dll
2016-01-26 08:28 . 2015-04-13 03:19 259072 ----a-w- c:\windows\system32\services.exe
2016-01-26 08:28 . 2015-12-08 21:53 305664 ----a-w- c:\windows\system32\gdi32.dll
2016-01-26 08:28 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2016-01-26 08:27 . 2014-04-05 02:25 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-01-26 08:27 . 2013-11-26 11:11 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2016-01-26 08:27 . 2014-04-05 02:24 187840 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-01-26 08:27 . 2015-10-01 17:50 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2016-01-26 08:27 . 2015-10-01 17:50 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-01-26 08:27 . 2015-10-01 17:50 50688 ----a-w- c:\windows\system32\appidapi.dll
2016-01-26 08:27 . 2015-10-01 17:50 28160 ----a-w- c:\windows\system32\appidsvc.dll
2016-01-26 08:27 . 2015-10-01 17:50 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2016-01-26 08:27 . 2015-10-01 16:53 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2016-01-26 08:27 . 2015-12-08 21:53 509952 ----a-w- c:\windows\system32\qedit.dll
2016-01-26 08:25 . 2014-10-25 01:32 67584 ----a-w- c:\windows\system32\packager.dll
2016-01-26 08:25 . 2014-12-11 17:47 46592 ----a-w- c:\windows\system32\TSWbPrxy.exe
2016-01-26 08:25 . 2014-12-19 02:43 164864 ----a-w- c:\windows\system32\profsvc.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-05 17:36 . 2015-11-05 17:36 28352 ----a-w- c:\windows\system32\aspnet_counters.dll
2015-11-05 17:36 . 2015-11-05 17:36 18600 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2015-11-05 17:36 . 2015-11-05 17:36 18600 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2015-11-05 17:36 . 2015-11-05 17:36 18600 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2014-04-21 08:02 23008 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2015-04-20 3898960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SPUpDateServerrun"="c:\program files\hicloud\update_server\startUp.exe" [2015-06-15 15232]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R1 bxxydofj;bxxydofj;c:\windows\system32\drivers\bxxydofj.sys [x]
R1 wdagnved;wdagnved;c:\windows\system32\drivers\wdagnved.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-12-12 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-06-11 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-04-18 122432]
S3 yukonw7;ÈÑäÇãÌ ÊÔÛíá ÇáãäÝÐ ÇáãÕÛÑ NDIS6.2 áÜ Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-01-29 10:32 1090376 ----a-w- c:\program files\Google\Chrome\Application\48.0.2564.97\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2016-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-21 17:21]
.
2016-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-01-21 17:16]
.
2016-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-01-21 17:16]
.
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com.eg/
IE: ÅÑ&ÓÇá Åáì OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Ê&ÕÏíÑ Åáì Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: ÊÍãíá Çáßá ÈæÇÓØÉ Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: ÊÍãíá ÈæÇÓØÉ Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\ÇÍãÏ ãÍãæÏ ãÍãÏãÍãæÏ\AppData\Roaming\Mozilla\Firefox\Profiles\kjqq8s3q.default\
.
- - - - ORPHANS REMOVED - - - -
.
HKU-Default-Run-e329d265 - c:\users\ÇÍãÏ ãÍãæÏ ãÍãÏãÍãæÏ\AppData\Roaming\e329d265\e329d265.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1247624099-1115864786-4014763201-1001_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ac,fc,6d,c2,fb,39,ac,a2,ec,d4,0c,af,04,46,84,e2,b0,b6,bd,9e,e1,
d1,62,ad,57,95,f9,02,e9,ce,52,85,e2,13,b0,1b,62,a5,03,b9,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1247624099-1115864786-4014763201-1001_Classes\CLSID\{eb5ac76a-f38e-48e5-bd47-1800e0e0b962}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000011a
"Therad"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\taskhost.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\GWX\GWX.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\conhost.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\Internet Explorer\iexplore.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2016-02-03 14:34:51 - machine was rebooted
ComboFix-quarantined-files.txt 2016-02-03 11:34
ComboFix2.txt 2016-01-23 04:59
ComboFix3.txt 2016-01-21 20:38
.
Pre-Run: 17,198,903,296 bytes free
Post-Run: 16,841,482,240 bytes free
.
- - End Of File - - F1DACC7B55C29A4C705734DF04D85155
A36C5E4F47E84449FF07ED3517B43A31

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !