ComboFix 16-09-28.01 - satellite 06/10/2016 22:42:10.1.2 - x86
Microsoft Windows 7 Édition Intégrale 6.1.7600.0.1252.33.1036.18.2940.1821 [GMT 1:00]
Lancé depuis: c:\users\satellite\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\DFX\DFX.exe
c:\users\satellite\AppData\Roaming\satellitelog.dat
c:\windows\MICROSOFT
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2016-09-06 au 2016-10-06 ))))))))))))))))))))))))))))))))))))
.
.
2016-10-06 21:53 . 2016-10-06 21:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-09-23 17:28 . 2016-09-23 17:28 -------- d-----w- c:\program files\Common Files\Skype
2016-09-11 05:14 . 2016-09-11 05:14 -------- d-----w- c:\users\satellite\AppData\Local\Wondershare
2016-09-11 05:14 . 2016-09-11 05:14 -------- d-----w- c:\program files\Common Files\Wondershare
2016-09-11 05:13 . 2016-09-11 05:14 -------- d-----w- c:\users\satellite\AppData\Roaming\Wondershare
2016-09-09 15:49 . 2016-09-09 15:48 319760 ----a-w- c:\windows\system32\aswBoot.exe
2016-09-09 15:48 . 2016-09-09 15:48 53208 ----a-w- c:\windows\avastSS.scr
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-22 14:43 . 2016-07-07 07:16 433768 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-09-14 13:25 . 2012-09-13 18:37 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-09-14 13:25 . 2012-09-13 18:37 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-09-14 09:23 . 2016-07-07 07:16 735488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-09-09 15:48 . 2016-07-07 07:16 118664 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-09-09 15:48 . 2016-07-07 07:16 224616 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-09-09 15:48 . 2016-07-07 07:16 92256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-09-09 15:48 . 2016-07-07 07:16 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-09-09 15:48 . 2016-07-07 07:16 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-09-09 15:48 . 2016-07-07 07:16 91232 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-09-09 15:48 . 2016-07-07 07:34 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-09-04 04:29 . 2015-05-06 07:11 95808 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 12:52 23520 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2016-07-29 08:34 575448 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2016-07-29 08:34 575448 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2016-07-29 08:34 575448 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-09-09 15:48 832488 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2015-10-21 3911248]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2016-09-12 29635712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-09-12 9107616]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2015-06-24 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tuEaglesService]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MobileGo Service.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk
backup=c:\windows\pss\MobileGo Service.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^satellite^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk]
path=c:\users\satellite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 - Capture d'écran et lancement.lnk
backup=c:\windows\pss\OneNote 2007 - Capture d'écran et lancement.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
2016-07-29 08:34 23375200 ----a-w- c:\program files\Google\Drive\googledrivesync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2016-06-22 01:13 598552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact]
2013-05-04 09:27 1694208 ----a-w- c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-09-09 118664]
R2 egldrv;egldrv;c:\program files\tuEagles\egldrv.sys [x]
R2 eglFS;eglFS;c:\program files\tuEagles\eglfs.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2016-07-25 324224]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-09-09 34008]
R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys [2015-01-13 38984]
R3 CAM1690;USB 2.0 Compliance JPEG Video Camera;c:\windows\system32\Drivers\cam1690.sys [2007-01-05 123264]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot;c:\program files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe [2015-07-22 509408]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-08-26 15576]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-08-26 10200]
R3 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe [2013-07-06 1343400]
R3 zghsdiag;ZTE General Handset Diagnostic Port;c:\windows\system32\DRIVERS\zghsdiag.sys [2011-01-13 106752]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [2011-01-13 106752]
R3 zghsnmea;ZTE General Handset NMEA Port;c:\windows\system32\DRIVERS\zghsnmea.sys [2011-01-13 106752]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2016-09-09 35096]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-09-14 735488]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-09-22 433768]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2014-08-16 42784]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-09-09 92256]
S2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\CodeMeter\Runtime\bin\CodeMeter.exe [2012-07-19 2568120]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-06-12 123968]
S2 tuEaglesService;tuEagles Service;c:\program files\tuEagles\eglsrv.exe [2013-10-31 339336]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2011-04-14 27760]
S3 DFX11_1;DFX Audio Enhancer 11.1;c:\windows\system32\drivers\dfx11_1.sys [2012-12-13 24424]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-03-04 67624]
S3 mpfilt;mpfilt;c:\windows\system32\drivers\mpfilt.sys [2014-01-24 7680]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-10-03 19:27 1266792 ----a-w- c:\program files\Google\Chrome\Application\53.0.2785.143\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2016-10-01 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\system32\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-09-14 13:25]
.
2016-10-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-13 13:25]
.
2016-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-03-21 04:31]
.
2016-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-03-21 04:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyServer = 176.31.165.141:3128
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger tous les liens avec Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\satellite\AppData\Roaming\Mozilla\Firefox\Profiles\qxexr5ou.default-1283357187412\
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-10 - (no file)
HKLM-Run-DFX - c:\program files\DFX\DFX.exe
ShellExecuteHooks-{A5BE62CA-DE0F-4764-A0CB-4044816DB174} - (no file)
MSConfigStartUp-Kepard - c:\program files\Kepard\Kepard.exe
AddRemove-{182FCCE4-E021-5127-0983-E2F47AB135E5} - c:\progra~2\INSTAL~2\{4A4A0~1\Setup.exe
AddRemove-{7462C51A-DDC3-BE88-89B9-57CF70135469} - c:\progra~2\INSTAL~2\{CDE3B~1\Setup.exe
AddRemove-{92595970-AFC7-4F85-AD6E-E7E549BA7B86} - c:\progra~2\INSTAL~2\{92595~1\Setup.exe
AddRemove-{94635B06-AECE-9046-7381-AC9DD64E70DB} - c:\progra~2\INSTAL~2\{1512C~1\Setup.exe
AddRemove-{C7BD8DB8-1F7B-EAE5-7C24-BB3140EA2ED5} - c:\progra~2\INSTAL~2\{FB471~1\Setup.exe
AddRemove-{E926C7BD-908C-57E5-FD63-F98F3EFA396D} - c:\progra~2\INSTAL~2\{B8F57~1\Setup.exe
AddRemove-{FC0CC20B-3ED6-7F5F-8307-ADCB621E086F} - c:\progra~2\INSTAL~2\{D5A75~1\Setup.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,3b,1b,08,df,1c,
6a,82,e9,38,3c,9d,e9,17,af,ad,b0,e5,ab
"{8E5025C2-8EA3-430D-80B8-A14151068A6D}"=hex:51,66,7a,6c,4c,1d,38,12,ac,26,43,
8a,91,c0,63,06,ff,ae,e2,01,54,58,ce,79
"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,38,12,f1,9d,97,
02,e5,86,37,08,c7,6b,3b,0b,78,35,a4,a7
"{437B9306-2FDE-4054-A3C9-6B49507C12D0}"=hex:51,66,7a,6c,4c,1d,38,12,68,90,68,
47,ec,61,3a,05,dc,df,28,09,55,22,56,c4
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:c7,19,34,f5,6d,bc,ce,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,be,f1,14,73,d1,b4,40,a9,04,69,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,be,f1,14,73,d1,b4,40,a9,04,69,\
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*2*0*A*L*L*O*%*2*0*C*H*E*B*%*2*0*Y*O*U*N*E*S*±RZ\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*l*v*`\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*l*v*/"A\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*l*v*¤/¢I\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*l*v*
}´/\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*l*v*ž· c\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*î&]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*î&\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*
=ð/]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*
=ð/\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*i« 6]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*f*i« 6\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*lêÚ!\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*u*t*d*o*o*r*öâì!\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*j–#]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*j–#\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*֘µ:]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*֘µ:\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):7f,71,45,db,9f,84,94,12,62,3e,ac,31,05,6e,bb,51,13,96,46,a1,5e,
76,10,06,c2,7c,55,f4,49,03,2d,2c,c9,67,d2,e0,11,81,24,19,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000_Classes\CLSID\{b0e9de5d-2d14-4a03-834a-cf570342c82c}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000003f
"Therad"=dword:00000018
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-93609834-3616060209-745128814-1000_Classes\CLSID\{f462b32f-d5a4-4e40-a9b1-28656e58de24}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000b7
"Therad"=dword:00000011
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2016-10-06 22:56:53
ComboFix-quarantined-files.txt 2016-10-06 21:56
.
Avant-CF: 8 265 420 800 octets libres
Après-CF: 8 323 846 144 octets libres
.
- - End Of File - - 043C904673F0AE6D0323CFC07F478785
A36C5E4F47E84449FF07ED3517B43A31