Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 13-09-23.02 - Mehdi 23/09/2013 22:03:30.1.2 - x86
Microsoft Windows�7 �dition Int�grale 6.1.7600.0.1252.33.1036.18.3070.1671 [GMT 0:00]
Lanc� depuis: c:\users\Mehdi\Downloads\ComboFix.exe
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - Windows: deleted 24 bytes in 1 streams. [/i]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2013-08-23 au 2013-09-23 ))))))))))))))))))))))))))))))))))))
.
.
2013-09-23 22:10 . 2013-09-23 22:10 -------- d-----w- c:\users\Mehdi\AppData\Local\temp
2013-09-23 22:10 . 2013-09-23 22:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-23 21:51 . 2013-09-23 21:52 -------- d-----w- c:\program files\ZHPDiag
2013-09-23 21:51 . 2013-09-23 21:51 -------- d-----w- C:\ZHP
2013-09-23 21:04 . 2013-09-23 21:04 -------- d-----w- c:\users\Mehdi\AppData\Roaming\UsbFix
2013-09-23 21:04 . 2013-09-23 21:07 -------- d-----w- C:\UsbFix
2013-09-23 19:32 . 2013-09-23 19:32 -------- d-----w- c:\windows\system32\SPReview
2013-09-23 19:29 . 2013-09-23 21:38 -------- d-----w- c:\users\Mehdi\AppData\Roaming\ZHP
2013-09-23 19:23 . 2013-09-23 19:23 -------- d-----w- c:\program files\WinMerge
2013-09-23 18:47 . 2013-09-23 18:47 -------- d-----w- c:\windows\system32\EventProviders
2013-09-22 17:16 . 2013-09-22 17:16 -------- d-----w- c:\program files\CCleaner
2013-09-22 17:14 . 2013-09-22 17:20 -------- d-----w- c:\program files\Google
2013-09-22 12:31 . 2013-09-22 12:31 -------- d-----w- c:\users\Mehdi\AppData\Local\Programs
2013-09-22 11:39 . 2013-09-22 11:39 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2013-09-21 20:34 . 2013-09-21 20:34 -------- d-----w- c:\users\Mehdi\AppData\Roaming\JAM Software
2013-09-21 20:34 . 2013-09-21 20:34 -------- d-----w- c:\program files\JAM Software
2013-09-21 16:22 . 2013-09-21 16:22 -------- d-----w- c:\users\Mehdi\AppData\Roaming\AVG2014
2013-09-21 16:21 . 2013-09-21 16:21 -------- d-----w- c:\users\Mehdi\AppData\Roaming\TuneUp Software
2013-09-21 16:19 . 2013-09-21 16:19 -------- d-----w- C:\$AVG
2013-09-21 16:19 . 2013-09-21 16:22 -------- d-----w- c:\programdata\AVG2014
2013-09-21 16:18 . 2013-09-21 16:18 -------- d-----w- c:\program files\AVG
2013-09-21 16:15 . 2013-09-21 16:15 -------- d--h--w- c:\programdata\Common Files
2013-09-21 16:15 . 2013-09-23 21:59 -------- d-----w- c:\programdata\MFAData
2013-09-21 16:15 . 2013-09-21 16:33 -------- d-----w- c:\users\Mehdi\AppData\Local\Avg2014
2013-09-21 16:15 . 2013-09-21 16:15 -------- d-----w- c:\users\Mehdi\AppData\Local\MFAData
2013-09-21 15:34 . 2013-09-21 15:34 -------- d-----w- c:\windows\snack
2013-09-21 15:16 . 2013-09-21 15:20 -------- d-----w- C:\AdwCleaner
2013-09-11 22:00 . 2011-12-15 20:29 26624 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-09-08 14:41 . 2013-09-08 14:57 -------- d-----w- C:\WinSetupFromUSB
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-23 19:07 . 2013-09-21 15:34 25696 ----a-w- c:\windows\system32\drivers\appliand.sys.dump
2013-09-20 16:20 . 2012-08-27 17:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-20 16:20 . 2012-08-27 17:35 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-22 23:37 . 2013-08-22 23:37 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-08-22 22:56 . 2013-08-22 22:56 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-08-22 22:56 . 2013-08-22 22:56 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-08-22 22:56 . 2013-08-22 22:56 146232 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-08-20 22:54 . 2013-08-20 22:54 102200 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2013-08-01 16:08 . 2013-08-01 16:08 193848 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-08-01 16:06 . 2013-08-01 16:06 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-08-01 16:06 . 2013-08-01 16:06 120120 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-08-01 16:05 . 2013-08-01 16:05 26936 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrayFactory"="c:\program files\PS Tray Factory\PSTrayFactory.exe" [2010-05-25 1304576]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"PSTF"="c:\program files\PS Tray Factory\PSTrayFactory.exe" [2010-05-25 1304576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-27 13515296]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-27 92704]
"TrayFactory"="c:\program files\PS Tray Factory\PSTrayFactory.EXE" [2010-05-25 1304576]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-08-26 4851248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 836896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Users^Mehdi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 - Capture d��cran et lancement.lnk]
path=c:\users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d��cran et lancement.lnk
backup=c:\windows\pss\OneNote 2010 - Capture d��cran et lancement.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
2011-07-16 11:52 282512 ----a-w- c:\program files\Samsung\AllShare\AllShareAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2012-09-20 19:46 6377120 ----a-w- c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 14:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent]
2009-07-17 15:25 842816 ----a-w- c:\program files\DigitalPersona\Bin\DpAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
2011-11-08 10:11 929168 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2011-11-08 10:11 21392 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2011-11-08 10:11 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
2011-02-18 10:47 79192 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
R1 appliand;Applian LightWeight Filter;c:\windows\system32\DRIVERS\appliand.sys [2013-02-06 25696]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [2013-08-27 3534896]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-03-01 161384]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-10-27 30312]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-26 294952]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-26 33320]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-10-27 78136]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 GRemoteBus;GRemote virtual joystick Bus Enumerator;c:\windows\system32\DRIVERS\GRemoteBus.sys [2009-08-05 23368]
R3 JakNDis;Jaksta Service;c:\windows\system32\DRIVERS\JakNDis.sys [2010-06-24 28256]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2013-02-05 312704]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files\Samsung\AllShare\AllShareSlideShowService.exe [2011-07-16 27584]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-10-27 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 136808]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-10-27 181432]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-01 35592]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2012-07-15 26112]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2013-08-22 146232]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2013-08-22 223032]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2013-08-01 26936]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2013-08-01 120120]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2012-09-04 50296]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2013-08-22 209208]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2013-08-01 22840]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2013-08-22 176952]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
S2 avgfws;Pare-feu AVG;c:\program files\AVG\AVG2014\avgfws.exe [2013-08-26 1358432]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [2013-08-20 300640]
S2 DragonSvc;Dragon Service;c:\program files\Common Files\Nuance\dgnsvc.exe [2010-07-29 296808]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-09-06 217088]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2011-07-16 24992]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-17 2358656]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-09-06 36640]
S3 JakNDisMP;JakNDisMP;c:\windows\system32\DRIVERS\JakNDis.sys [2010-06-24 28256]
S3 RTL8167;Pilote Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
--- Autres Services/Pilotes en m�moire ---
.
*NewlyCreated* - FSUSBEXDISK
.
Contenu du dossier 'T�ches planifi�es'
.
2013-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-27 16:20]
.
.
------- Examen suppl�mentaire -------
.
uStart Page = hxxp://www.google.fr/
uLocal Page = d:\windows\pchealth\helpctr\System\panels\blank.htm
uInternet Settings,ProxyOverride = local
TCP: Interfaces\{1F294DA7-827D-4A37-80F7-861023A0F12C}: NameServer = 212.217.0.1,212.217.0.12
FF - ProfilePath - c:\users\Mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\pbkfrago.default\
FF - prefs.js: browser.search.selectedEngine - Mixi.DJ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - ExtSQL: !HIDDEN! 2011-09-26 12:13; otis@digitalpersona.com; c:\program files\DigitalPersona\Bin\FirefoxExt
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
MSConfigStartUp-DNS7reminder - c:\program files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe
MSConfigStartUp-FileZilla Server Interface - c:\program files\FileZilla Server\FileZilla Server Interface.exe
MSConfigStartUp-GRemoteServer Pro - c:\program files\GBM\GRemote Pro\GRemoteServer.exe
MSConfigStartUp-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs charg�es dans les processus actifs ---------------------
.
- - - - - - - > 'lsass.exe'(780)
c:\windows\system32\DPPWDFLT.DLL
.
Heure de fin: 2013-09-23 22:12:38
ComboFix-quarantined-files.txt 2013-09-23 22:12
.
Avant-CF: 36�165�754�880 octets libres
Apr�s-CF: 36�072�198�144 octets libres
.
- - End Of File - - F3F0B8EAD0CD48182A862BC063699D21
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows�7 �dition Int�grale 6.1.7600.0.1252.33.1036.18.3070.1671 [GMT 0:00]
Lanc� depuis: c:\users\Mehdi\Downloads\ComboFix.exe
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - Windows: deleted 24 bytes in 1 streams. [/i]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
.
.
((((((((((((((((((((((((((((( Fichiers cr��s du 2013-08-23 au 2013-09-23 ))))))))))))))))))))))))))))))))))))
.
.
2013-09-23 22:10 . 2013-09-23 22:10 -------- d-----w- c:\users\Mehdi\AppData\Local\temp
2013-09-23 22:10 . 2013-09-23 22:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-23 21:51 . 2013-09-23 21:52 -------- d-----w- c:\program files\ZHPDiag
2013-09-23 21:51 . 2013-09-23 21:51 -------- d-----w- C:\ZHP
2013-09-23 21:04 . 2013-09-23 21:04 -------- d-----w- c:\users\Mehdi\AppData\Roaming\UsbFix
2013-09-23 21:04 . 2013-09-23 21:07 -------- d-----w- C:\UsbFix
2013-09-23 19:32 . 2013-09-23 19:32 -------- d-----w- c:\windows\system32\SPReview
2013-09-23 19:29 . 2013-09-23 21:38 -------- d-----w- c:\users\Mehdi\AppData\Roaming\ZHP
2013-09-23 19:23 . 2013-09-23 19:23 -------- d-----w- c:\program files\WinMerge
2013-09-23 18:47 . 2013-09-23 18:47 -------- d-----w- c:\windows\system32\EventProviders
2013-09-22 17:16 . 2013-09-22 17:16 -------- d-----w- c:\program files\CCleaner
2013-09-22 17:14 . 2013-09-22 17:20 -------- d-----w- c:\program files\Google
2013-09-22 12:31 . 2013-09-22 12:31 -------- d-----w- c:\users\Mehdi\AppData\Local\Programs
2013-09-22 11:39 . 2013-09-22 11:39 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2013-09-21 20:34 . 2013-09-21 20:34 -------- d-----w- c:\users\Mehdi\AppData\Roaming\JAM Software
2013-09-21 20:34 . 2013-09-21 20:34 -------- d-----w- c:\program files\JAM Software
2013-09-21 16:22 . 2013-09-21 16:22 -------- d-----w- c:\users\Mehdi\AppData\Roaming\AVG2014
2013-09-21 16:21 . 2013-09-21 16:21 -------- d-----w- c:\users\Mehdi\AppData\Roaming\TuneUp Software
2013-09-21 16:19 . 2013-09-21 16:19 -------- d-----w- C:\$AVG
2013-09-21 16:19 . 2013-09-21 16:22 -------- d-----w- c:\programdata\AVG2014
2013-09-21 16:18 . 2013-09-21 16:18 -------- d-----w- c:\program files\AVG
2013-09-21 16:15 . 2013-09-21 16:15 -------- d--h--w- c:\programdata\Common Files
2013-09-21 16:15 . 2013-09-23 21:59 -------- d-----w- c:\programdata\MFAData
2013-09-21 16:15 . 2013-09-21 16:33 -------- d-----w- c:\users\Mehdi\AppData\Local\Avg2014
2013-09-21 16:15 . 2013-09-21 16:15 -------- d-----w- c:\users\Mehdi\AppData\Local\MFAData
2013-09-21 15:34 . 2013-09-21 15:34 -------- d-----w- c:\windows\snack
2013-09-21 15:16 . 2013-09-21 15:20 -------- d-----w- C:\AdwCleaner
2013-09-11 22:00 . 2011-12-15 20:29 26624 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-09-08 14:41 . 2013-09-08 14:57 -------- d-----w- C:\WinSetupFromUSB
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-23 19:07 . 2013-09-21 15:34 25696 ----a-w- c:\windows\system32\drivers\appliand.sys.dump
2013-09-20 16:20 . 2012-08-27 17:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-20 16:20 . 2012-08-27 17:35 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-22 23:37 . 2013-08-22 23:37 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-08-22 22:56 . 2013-08-22 22:56 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-08-22 22:56 . 2013-08-22 22:56 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-08-22 22:56 . 2013-08-22 22:56 146232 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-08-20 22:54 . 2013-08-20 22:54 102200 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2013-08-01 16:08 . 2013-08-01 16:08 193848 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-08-01 16:06 . 2013-08-01 16:06 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-08-01 16:06 . 2013-08-01 16:06 120120 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-08-01 16:05 . 2013-08-01 16:05 26936 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les �l�ments vides & les �l�ments initiaux l�gitimes ne sont pas list�s
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrayFactory"="c:\program files\PS Tray Factory\PSTrayFactory.exe" [2010-05-25 1304576]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"PSTF"="c:\program files\PS Tray Factory\PSTrayFactory.exe" [2010-05-25 1304576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-27 13515296]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-27 92704]
"TrayFactory"="c:\program files\PS Tray Factory\PSTrayFactory.EXE" [2010-05-25 1304576]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2013-08-26 4851248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 836896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\COMMON~1\JAKSTA~1\AUDIOC~1\jaudcap.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Users^Mehdi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 - Capture d��cran et lancement.lnk]
path=c:\users\Mehdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d��cran et lancement.lnk
backup=c:\windows\pss\OneNote 2010 - Capture d��cran et lancement.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
2011-07-16 11:52 282512 ----a-w- c:\program files\Samsung\AllShare\AllShareAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2012-09-20 19:46 6377120 ----a-w- c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 14:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent]
2009-07-17 15:25 842816 ----a-w- c:\program files\DigitalPersona\Bin\DpAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
2011-11-08 10:11 929168 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2011-11-08 10:11 21392 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2011-11-08 10:11 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
2011-02-18 10:47 79192 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
R1 appliand;Applian LightWeight Filter;c:\windows\system32\DRIVERS\appliand.sys [2013-02-06 25696]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [2013-08-27 3534896]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-03-01 161384]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-10-27 30312]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-26 294952]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-26 33320]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-10-27 78136]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 GRemoteBus;GRemote virtual joystick Bus Enumerator;c:\windows\system32\DRIVERS\GRemoteBus.sys [2009-08-05 23368]
R3 JakNDis;Jaksta Service;c:\windows\system32\DRIVERS\JakNDis.sys [2010-06-24 28256]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2013-02-05 312704]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-06 34064]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files\Samsung\AllShare\AllShareSlideShowService.exe [2011-07-16 27584]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-10-27 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 136808]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-10-27 181432]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-01 35592]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [2012-07-15 26112]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2013-08-22 146232]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2013-08-22 223032]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2013-08-01 26936]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2013-08-01 120120]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2012-09-04 50296]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2013-08-22 209208]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2013-08-01 22840]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2013-08-22 176952]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]
S2 avgfws;Pare-feu AVG;c:\program files\AVG\AVG2014\avgfws.exe [2013-08-26 1358432]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [2013-08-20 300640]
S2 DragonSvc;Dragon Service;c:\program files\Common Files\Nuance\dgnsvc.exe [2010-07-29 296808]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-09-06 217088]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2011-07-16 24992]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-17 2358656]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-09-06 36640]
S3 JakNDisMP;JakNDisMP;c:\windows\system32\DRIVERS\JakNDis.sys [2010-06-24 28256]
S3 RTL8167;Pilote Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
--- Autres Services/Pilotes en m�moire ---
.
*NewlyCreated* - FSUSBEXDISK
.
Contenu du dossier 'T�ches planifi�es'
.
2013-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-27 16:20]
.
.
------- Examen suppl�mentaire -------
.
uStart Page = hxxp://www.google.fr/
uLocal Page = d:\windows\pchealth\helpctr\System\panels\blank.htm
uInternet Settings,ProxyOverride = local
TCP: Interfaces\{1F294DA7-827D-4A37-80F7-861023A0F12C}: NameServer = 212.217.0.1,212.217.0.12
FF - ProfilePath - c:\users\Mehdi\AppData\Roaming\Mozilla\Firefox\Profiles\pbkfrago.default\
FF - prefs.js: browser.search.selectedEngine - Mixi.DJ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - ExtSQL: !HIDDEN! 2011-09-26 12:13; otis@digitalpersona.com; c:\program files\DigitalPersona\Bin\FirefoxExt
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
MSConfigStartUp-DNS7reminder - c:\program files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe
MSConfigStartUp-FileZilla Server Interface - c:\program files\FileZilla Server\FileZilla Server Interface.exe
MSConfigStartUp-GRemoteServer Pro - c:\program files\GBM\GRemote Pro\GRemoteServer.exe
MSConfigStartUp-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs charg�es dans les processus actifs ---------------------
.
- - - - - - - > 'lsass.exe'(780)
c:\windows\system32\DPPWDFLT.DLL
.
Heure de fin: 2013-09-23 22:12:38
ComboFix-quarantined-files.txt 2013-09-23 22:12
.
Avant-CF: 36�165�754�880 octets libres
Apr�s-CF: 36�072�198�144 octets libres
.
- - End Of File - - F3F0B8EAD0CD48182A862BC063699D21
A36C5E4F47E84449FF07ED3517B43A31