Format du document : text/plain
Prévisualisation
ComboFix 16-11-13.01 - Administrateur 23/11/2016 8:31.1.2 - x86
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.1014.221 [GMT 1:00]
Lancé depuis: c:\users\administrateur.NAWEL-PC\Desktop\Firmo.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - Windows: deleted 192 bytes in 1 streams. [/i]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\trc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\{00D10D70-34D1-477C-9EBF-C39D269F75DA}.xps
c:\users\trc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\{5EBC5CB9-43AE-4A6B-B864-739658D09907}.xps
c:\users\trc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\{9190FF66-B28C-4C67-9619-BF03DA7EF7DA}.xps
c:\users\trc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\{CCCEEA59-DD3D-4572-A4BA-BE2B7554519C}.xps
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-10-23 au 2016-11-23 ))))))))))))))))))))))))))))))))))))
.
.
2017-01-06 02:39 . 2017-01-06 02:39 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{655030F9-01CA-4A5B-9CFA-11C107A4E007}\offreg.1372.dll
2017-01-05 20:39 . 2010-11-20 12:17 302592 ----a-w- C:\sethc.exe
2016-11-23 07:41 . 2016-11-23 07:43 -------- d-----w- c:\users\administrateur.NAWEL-PC\AppData\Local\temp
2016-11-23 07:41 . 2016-11-23 07:41 -------- d-----w- c:\users\trc1\AppData\Local\temp
2016-11-23 07:41 . 2016-11-23 07:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-11-23 07:41 . 2016-11-23 07:41 -------- d-----w- c:\users\NAWEL\AppData\Local\temp
2016-11-23 07:41 . 2016-11-23 07:41 -------- d-----w- c:\users\administrateur\AppData\Local\temp
2016-11-23 07:19 . 2016-11-23 07:19 -------- d-----w- c:\users\administrateur.NAWEL-PC\Tracing
2016-11-22 09:58 . 2016-11-22 09:58 -------- d-----w- c:\program files\ESET
2016-11-21 16:28 . 2016-11-21 16:28 2744320 ----a-w- c:\windows\system32\rdpcorets.dll
2016-11-21 16:14 . 2016-11-21 16:14 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2016-11-21 16:14 . 2016-11-21 16:14 5694464 ----a-w- c:\windows\system32\mstscax.dll
2016-11-21 16:09 . 2016-11-21 16:09 76288 ----a-w- c:\windows\system32\TSWbPrxy.exe
2016-11-21 16:09 . 2016-11-21 16:09 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2016-11-21 16:09 . 2016-11-21 16:09 17920 ----a-w- c:\windows\system32\wksprtPS.dll
2016-11-21 16:09 . 2016-11-21 16:09 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-11-21 16:09 . 2016-11-21 16:09 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-11-21 16:09 . 2016-11-21 16:09 1068544 ----a-w- c:\windows\system32\mstsc.exe
2016-11-21 16:09 . 2016-11-21 16:09 855552 ----a-w- c:\windows\system32\rdvidcrl.dll
2016-11-21 16:09 . 2016-11-21 16:09 53248 ----a-w- c:\windows\system32\tsgqec.dll
2016-11-21 16:09 . 2016-11-21 16:09 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2016-11-21 16:09 . 2016-11-21 16:09 350208 ----a-w- c:\windows\system32\wksprt.exe
2016-11-21 16:09 . 2016-11-21 16:09 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2016-11-21 15:29 . 2016-11-21 15:29 221184 ----a-w- c:\windows\system32\rdpudd.dll
2016-11-21 15:29 . 2016-11-21 15:29 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2016-11-21 15:29 . 2016-11-21 15:29 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2016-11-21 15:22 . 2016-11-21 15:22 293376 ----a-w- c:\windows\system32\browserchoice.exe
2016-11-21 13:35 . 2016-11-21 16:41 -------- d-----w- C:\Win7-SP2-x86
2016-11-21 10:39 . 2016-11-21 16:22 -------- d-----w- c:\windows\system32\catroot2
2016-11-21 07:39 . 2016-11-21 07:43 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-11-21 07:38 . 2016-03-10 13:09 53120 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-11-21 07:38 . 2016-03-10 13:08 126336 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-11-21 07:38 . 2016-03-10 13:08 24448 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-11-21 07:38 . 2016-11-21 07:38 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2016-11-21 07:38 . 2016-11-21 07:38 -------- d-----w- c:\programdata\Malwarebytes
2016-11-17 14:38 . 2016-11-17 14:38 -------- d-----w- c:\users\administrateur.NAWEL-PC\AppData\Local\NitroSpoolDir
2016-11-16 15:27 . 2016-11-16 15:36 -------- d-----w- c:\users\administrateur.NAWEL-PC\AppData\Roaming\ZHP
2016-11-16 10:32 . 2016-11-17 12:14 -------- d-----w- c:\program files\nLite
2016-11-16 08:34 . 2016-09-08 14:47 29376 ----a-w- c:\windows\system32\nitrolocalmon11.dll
2016-11-16 08:34 . 2016-09-08 14:47 20672 ----a-w- c:\windows\system32\nitrolocalui11.dll
2016-11-15 16:22 . 2016-11-15 16:22 -------- d-----w- C:\02f5fd0f21fa8e5ff4e3e2
2016-11-15 16:07 . 2016-11-15 16:07 -------- d-----w- C:\6d423a173003211f7efa6ad95486
2016-11-15 15:51 . 2016-11-17 14:38 -------- d-----w- c:\users\administrateur.NAWEL-PC\AppData\Roaming\Nitro
2016-11-15 15:49 . 2016-08-02 18:09 29344 ----a-w- c:\windows\system32\nitrolocalmon10.dll
2016-11-15 15:49 . 2016-08-02 18:09 20640 ----a-w- c:\windows\system32\nitrolocalui10.dll
2016-11-15 15:49 . 2016-11-16 08:33 -------- d-----w- c:\programdata\Nitro
2016-11-15 15:49 . 2016-11-16 08:33 -------- d-----w- c:\program files\Nitro
2016-11-15 15:49 . 2016-11-16 08:33 -------- d-----w- c:\program files\Common Files\Nitro
2016-11-15 15:45 . 2016-11-16 08:32 -------- d-----w- c:\users\administrateur.NAWEL-PC\AppData\Roaming\Downloaded Installations
2016-11-15 15:23 . 2016-11-15 15:23 -------- d-----w- C:\5ec2bc679d2a038998b8bb51fe1df0
2016-11-15 13:43 . 2016-11-15 13:43 -------- d-----w- c:\users\administrateur.NAWEL-PC\AppData\Local\Supremus Corporation
2016-11-10 09:11 . 2016-11-10 09:11 -------- d-----r- c:\users\administrateur.NAWEL-PC\AppData\Roaming\Brother
2016-11-07 12:57 . 2016-11-07 12:57 -------- d-----w- c:\programdata\ABBYY
2016-11-07 12:46 . 2013-11-01 04:37 45056 ----a-w- c:\windows\system32\BRTCPCON.DLL
2016-11-07 12:46 . 2013-11-01 04:37 180224 ----a-w- c:\windows\system32\BROSNMP.DLL
2016-11-07 12:46 . 2013-11-01 04:37 133744 ----a-w- c:\windows\system32\BRRBI13A.EXE
2016-11-07 12:46 . 2013-11-01 04:37 77824 ----a-w- c:\windows\system32\BRLMW03A.DLL
2016-11-07 12:46 . 2013-11-01 04:37 50688 ----a-w- c:\windows\system32\BRPRTINK.DLL
2016-11-07 12:46 . 2013-11-01 04:37 25299 ----a-w- c:\windows\system32\BRLM03A.DLL
2016-11-07 12:46 . 2013-10-31 16:01 179200 ----a-w- c:\windows\system32\BRCOI13I.DLL
2016-11-07 12:39 . 2016-11-07 12:39 -------- d-----w- c:\program files\ControlCenter4
2016-11-07 12:38 . 2016-11-07 12:38 -------- d-----w- c:\programdata\PCFaxTx
2016-11-07 12:27 . 2016-11-07 14:22 -------- d-----w- c:\programdata\Brother
2016-11-07 12:23 . 2016-11-07 12:23 -------- d-----w- c:\users\administrateur.NAWEL-PC\AppData\Roaming\EncryptStick
2016-11-07 10:42 . 2016-11-07 10:42 -------- d-----w- c:\users\administrateur.NAWEL-PC\AppData\Local\PDFConverter.com
2016-11-07 10:41 . 2015-05-20 12:26 77488 ----a-w- c:\windows\system32\PDFConverter.PCR.3.PortMon.x32.dll
2016-11-07 10:41 . 2016-11-07 10:41 -------- d-----w- c:\program files\PDFConverter.com
2016-11-04 13:04 . 2016-11-21 11:43 -------- d-----w- c:\program files\CCleaner
2016-11-02 15:47 . 2016-11-15 16:18 -------- d-----w- c:\program files\Common Files\Adobe
2016-11-01 09:51 . 2016-11-01 09:57 -------- d-----w- c:\windows\system32\MRT
2016-11-01 09:35 . 2016-11-01 09:41 -------- d-----w- c:\program files\KMSpico
2016-11-01 09:35 . 2016-11-23 07:19 -------- d-----w- c:\users\administrateur.NAWEL-PC\AppData\Roaming\Skype
2016-11-01 09:35 . 2016-11-01 09:35 -------- d-----w- c:\users\administrateur.NAWEL-PC\AppData\Local\Programs
2016-11-01 09:33 . 2016-11-01 09:33 -------- d-----w- c:\program files\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-11-21 16:09 . 2016-11-21 16:09 3584 ----a-w- c:\windows\system32\drivers\fr-FR\tsusbflt.sys.mui
2016-11-01 09:25 . 2002-01-01 00:25 224752 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-11-01 09:25 . 2002-01-01 00:25 433768 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-11-01 09:25 . 2002-01-01 00:25 735488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-09-08 14:47 . 2016-09-08 14:47 71872 ----a-w- c:\windows\system32\NLSSRV32.EXE
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-07-14 11:57 1729752 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-07-14 11:57 1729752 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-07-14 11:57 1729752 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2002-01-01 00:24 832488 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2016-09-28 6889176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"HPUsageTrackingLEDM"="c:\program files\HP\HP UT LEDM\bin\hppusg.exe" [2009-10-15 30264]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-11-15 9080768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-04-15 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Mediatek Wireless Utility.lnk - c:\program files\MediatekWiFi\Common\RaUI.exe -s [2002-1-1 15611024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2002-01-01 118664]
R2 RTLDHCPService;Realtek DHCP Service;c:\program files\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [2014-04-23 262360]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2016-09-20 324224]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2002-01-01 34008]
R3 eapihdrv;eapihdrv;c:\users\ADMINI~1.NAW\AppData\Local\Temp\ehdrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-07-16 102912]
R3 NitroUpdateService;NitroUpdateService;c:\program files\Nitro\Pro 11\Nitro_UpdateService.exe [2016-09-08 405696]
R3 RaMediaServer;Ralink UPnP Media Server;c:\program files\MediatekWiFi\Common\RaMediaServer.exe [2012-07-06 1863680]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2016-11-21 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2016-11-21 49152]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2014-04-09 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2002-01-01 35096]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-11-01 735488]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-11-01 433768]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2002-01-01 92256]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
S2 HPM1210RcvFaxSrvc;HP LaserJet Professional M1210 MFP Series Receive Fax Service;c:\program files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [2012-07-25 247712]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2012-11-08 100232]
S2 MediatekRegistryWriter;MediatekRegistryWriter;c:\program files\MediatekWiFi\Common\RaRegistry.exe [2014-07-31 401040]
S2 NitroDriverReadSpool11;NitroPDFDriverCreatorReadSpool11;c:\program files\Nitro\Pro 11\NitroPDFDriverService11.exe [2016-09-08 281280]
S2 NitroReaderDriverReadSpool5;NitroPDFReaderDriverCreatorReadSpool5;c:\program files\Nitro\Reader 5\NitroPDFReaderDriverService5.exe [2016-08-02 281248]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [2016-09-08 71872]
S2 RealtekWlanU;RealtekWlanU;c:\program files\REALTEK\USB Wireless LAN Utility\RtlService.exe [2014-05-19 48856]
S2 RunSwUSB;RunSwUSB;c:\windows\runSW.exe [2014-04-15 36864]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-05-21 743688]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2014-07-04 1702032]
S3 RTL8167;Pilote Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-11-15 09:45 1364072 ----a-w- c:\program files\Google\Chrome\Application\54.0.2840.99\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2016-11-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-08 12:11]
.
2016-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-11-02 12:38]
.
2016-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-11-02 12:38]
.
.
------- Examen supplémentaire -------
.
IE: &Envoyer à OneNote - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{2021C39F-46F9-4A16-85F2-2022EED1F73A}: NameServer = 192.168.1.5
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\administrateur.NAWEL-PC\AppData\Roaming\Mozilla\Firefox\Profiles\lhfmeh3b.default-1478089942958\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\SAMSUNG\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\SAMSUNG\USB Drivers\25_escape\Uninstall.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\S-1-5-21-2159041285-1511956248-2211599006-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e8,ca,18,df,22,ae,42,4a,93,a2,52,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e8,ca,18,df,22,ae,42,4a,93,a2,52,\
.
[HKEY_USERS\S-1-5-21-2159041285-1511956248-2211599006-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2159041285-1511956248-2211599006-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2159041285-1511956248-2211599006-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="NitroPDF.Document.11"
.
[HKEY_USERS\S-1-5-21-2159041285-1511956248-2211599006-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2159041285-1511956248-2211599006-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2159041285-1511956248-2211599006-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2016-11-23 08:47:08
ComboFix-quarantined-files.txt 2016-11-23 07:47
.
Avant-CF: 16 644 141 056 octets libres
Après-CF: 16 902 750 208 octets libres
.
- - End Of File - - A1FF2CF08D5288B253991584C017E196
A36C5E4F47E84449FF07ED3517B43A31