Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 19-11-04.01 - Utilisateur 15/11/2019 10:31:07.1.4 - x64
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3995.2257 [GMT 1:00]
Lancé depuis: c:\users\Utilisateur\Desktop\ComboFix.exe
AV: Kaspersky Free *Disabled/Updated* {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
SP: Kaspersky Free *Disabled/Updated* {B1D2E896-6D96-7460-F17A-838B9D00DD65}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Utilisateur\AppData\Local\assembly\tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2019-10-15 au 2019-11-15 ))))))))))))))))))))))))))))))))))))
.
.
2019-11-15 09:40 . 2019-11-15 09:40 -------- d-----w- c:\users\Stéphane\AppData\Local\temp
2019-11-15 09:40 . 2019-11-15 09:40 -------- d-----w- c:\users\Invité\AppData\Local\temp
2019-11-15 09:40 . 2019-11-15 09:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2019-11-15 09:01 . 2019-11-15 09:01 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.6788.dll
2019-11-15 04:40 . 2019-11-15 04:40 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5384.dll
2019-11-14 05:54 . 2019-11-14 05:54 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.6420.dll
2019-11-14 02:51 . 2019-11-14 02:51 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5476.dll
2019-11-13 08:05 . 2019-11-13 08:05 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5560.dll
2019-11-13 04:47 . 2019-11-13 04:47 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.4320.dll
2019-11-12 10:08 . 2019-11-12 10:08 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.1072.dll
2019-11-12 09:41 . 2019-11-14 05:50 -------- d-----w- C:\FRST
2019-11-12 04:01 . 2019-11-12 04:01 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.1800.dll
2019-11-11 18:10 . 2019-11-11 18:10 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5884.dll
2019-11-10 16:50 . 2019-11-10 16:50 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5748.dll
2019-11-10 07:09 . 2019-11-12 07:42 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\ZHP
2019-11-10 07:09 . 2019-11-11 07:28 -------- d-----w- c:\users\Utilisateur\AppData\Local\ZHP
2019-11-10 05:14 . 2019-11-10 05:14 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.168.dll
2019-11-09 14:30 . 2019-11-09 14:30 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5788.dll
2019-11-09 05:14 . 2019-11-09 05:14 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.4940.dll
2019-11-07 19:38 . 2019-11-07 19:38 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.2172.dll
2019-11-07 17:52 . 2019-11-07 17:52 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.2224.dll
2019-11-07 03:49 . 2019-11-07 03:49 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.6504.dll
2019-11-06 05:33 . 2019-11-06 05:33 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.3540.dll
2019-11-05 06:15 . 2019-11-05 06:15 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.6520.dll
2019-11-04 18:17 . 2019-11-04 18:17 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5172.dll
2019-11-04 05:32 . 2019-11-04 05:32 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.6424.dll
2019-11-04 05:05 . 2019-11-04 05:05 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.4420.dll
2019-11-04 04:25 . 2019-10-17 22:53 14459904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2019-11-15 05:48 . 2018-08-15 05:41 69042424 ----a-w- c:\users\Utilisateur\AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0}]
2019-10-31 10:35 1180368 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\ieext\ie_plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{C500C267-63BF-451F-8797-4D720C9A2ED9}"= "c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll" [2019-10-31 1180368]
.
[HKEY_CLASSES_ROOT\clsid\{c500c267-63bf-451f-8797-4d720c9a2ed9}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"="c:\users\Utilisateur\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [2015-11-11 144008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-05-14 56088]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-02-03 506712]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-11-08 291648]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-09-20 60552]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-09-27 1279120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 AMPPALP;Protocole Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files (x86)\Google\Chrome\Application\78.0.3904.97\elevation_service.exe;c:\program files (x86)\Google\Chrome\Application\78.0.3904.97\elevation_service.exe [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 klvssbridge64_19.0.0;klvssbridge64_19.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 klim6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 AVP19.0.0;Kaspersky Anti-Virus Service 19.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 IEU_Service;NEC Projector USB Display Service;c:\program files (x86)\NEC Projector User Supportware\Image Express Utility Lite\IEU_Service.exe;c:\program files (x86)\NEC Projector User Supportware\Image Express Utility Lite\IEU_Service.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 KSDE3.0.0;Kaspersky Secure Connection Service 3.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [x]
S2 PDF Architect 5 Manager;PDF Architect 5 Manager;c:\program files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe;c:\program files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Carte réseau virtuelle Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 kltap;Kaspersky Security Data Escort Adapter;c:\windows\system32\DRIVERS\kltap.sys;c:\windows\SYSNATIVE\DRIVERS\kltap.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0}]
2019-10-31 10:35 1410768 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ieext\ie_plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{C500C267-63BF-451F-8797-4D720C9A2ED9}"= "c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll" [2019-10-31 1410768]
.
[HKEY_CLASSES_ROOT\CLSID\{C500C267-63BF-451F-8797-4D720C9A2ED9}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-20 1158248]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-20 1158248]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-05-31 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-06-18 11586944]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-09 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-09 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-09 439064]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bing.com/?pc=COS2&ptag=D082019-N0390A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer à Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
Trusted Zone: localhost
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\of47kfkz.default-1475240351343\
FF - prefs.js: browser.search.selectedEngine - Bing Search Engine
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-MBAMService
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_31_0_0_122_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_31_0_0_122_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_31_0_0_122_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_31_0_0_122_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_122.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.31"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_122.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_122.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_122.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\AVAST Software]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2019-11-15 10:44:28
ComboFix-quarantined-files.txt 2019-11-15 09:44
.
Avant-CF: 128 740 933 632 octets libres
Après-CF: 128 553 635 840 octets libres
.
- - End Of File - - 0BC3AC062B43BF7D178263007396DA0C
Microsoft Windows 7 Professionnel 6.1.7601.1.1252.33.1036.18.3995.2257 [GMT 1:00]
Lancé depuis: c:\users\Utilisateur\Desktop\ComboFix.exe
AV: Kaspersky Free *Disabled/Updated* {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
SP: Kaspersky Free *Disabled/Updated* {B1D2E896-6D96-7460-F17A-838B9D00DD65}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Un nouveau point de restauration a été créé
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Utilisateur\AppData\Local\assembly\tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2019-10-15 au 2019-11-15 ))))))))))))))))))))))))))))))))))))
.
.
2019-11-15 09:40 . 2019-11-15 09:40 -------- d-----w- c:\users\Stéphane\AppData\Local\temp
2019-11-15 09:40 . 2019-11-15 09:40 -------- d-----w- c:\users\Invité\AppData\Local\temp
2019-11-15 09:40 . 2019-11-15 09:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2019-11-15 09:01 . 2019-11-15 09:01 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.6788.dll
2019-11-15 04:40 . 2019-11-15 04:40 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5384.dll
2019-11-14 05:54 . 2019-11-14 05:54 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.6420.dll
2019-11-14 02:51 . 2019-11-14 02:51 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5476.dll
2019-11-13 08:05 . 2019-11-13 08:05 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5560.dll
2019-11-13 04:47 . 2019-11-13 04:47 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.4320.dll
2019-11-12 10:08 . 2019-11-12 10:08 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.1072.dll
2019-11-12 09:41 . 2019-11-14 05:50 -------- d-----w- C:\FRST
2019-11-12 04:01 . 2019-11-12 04:01 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.1800.dll
2019-11-11 18:10 . 2019-11-11 18:10 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5884.dll
2019-11-10 16:50 . 2019-11-10 16:50 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5748.dll
2019-11-10 07:09 . 2019-11-12 07:42 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\ZHP
2019-11-10 07:09 . 2019-11-11 07:28 -------- d-----w- c:\users\Utilisateur\AppData\Local\ZHP
2019-11-10 05:14 . 2019-11-10 05:14 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.168.dll
2019-11-09 14:30 . 2019-11-09 14:30 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5788.dll
2019-11-09 05:14 . 2019-11-09 05:14 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.4940.dll
2019-11-07 19:38 . 2019-11-07 19:38 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.2172.dll
2019-11-07 17:52 . 2019-11-07 17:52 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.2224.dll
2019-11-07 03:49 . 2019-11-07 03:49 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.6504.dll
2019-11-06 05:33 . 2019-11-06 05:33 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.3540.dll
2019-11-05 06:15 . 2019-11-05 06:15 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.6520.dll
2019-11-04 18:17 . 2019-11-04 18:17 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.5172.dll
2019-11-04 05:32 . 2019-11-04 05:32 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.6424.dll
2019-11-04 05:05 . 2019-11-04 05:05 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\offreg.4420.dll
2019-11-04 04:25 . 2019-10-17 22:53 14459904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E172E71B-2B6E-4C4D-9C35-F5640535B836}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2019-11-15 05:48 . 2018-08-15 05:41 69042424 ----a-w- c:\users\Utilisateur\AppData\Roaming\Microsoft\Skype for Desktop\Skype-Setup.exe
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0}]
2019-10-31 10:35 1180368 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\ieext\ie_plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{C500C267-63BF-451F-8797-4D720C9A2ED9}"= "c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll" [2019-10-31 1180368]
.
[HKEY_CLASSES_ROOT\clsid\{c500c267-63bf-451f-8797-4d720c9a2ed9}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"="c:\users\Utilisateur\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [2015-11-11 144008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-05-14 56088]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-02-03 506712]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-11-08 291648]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-09-20 60552]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-09-27 1279120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 AMPPALP;Protocole Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files (x86)\Google\Chrome\Application\78.0.3904.97\elevation_service.exe;c:\program files (x86)\Google\Chrome\Application\78.0.3904.97\elevation_service.exe [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 klvssbridge64_19.0.0;klvssbridge64_19.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 klim6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 klwtp;KLwtp - WFP callout traffic inspector;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 AVP19.0.0;Kaspersky Anti-Virus Service 19.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 IEU_Service;NEC Projector USB Display Service;c:\program files (x86)\NEC Projector User Supportware\Image Express Utility Lite\IEU_Service.exe;c:\program files (x86)\NEC Projector User Supportware\Image Express Utility Lite\IEU_Service.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 KSDE3.0.0;Kaspersky Secure Connection Service 3.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [x]
S2 PDF Architect 5 Manager;PDF Architect 5 Manager;c:\program files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe;c:\program files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Carte réseau virtuelle Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 kltap;Kaspersky Security Data Escort Adapter;c:\windows\system32\DRIVERS\kltap.sys;c:\windows\SYSNATIVE\DRIVERS\kltap.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0}]
2019-10-31 10:35 1410768 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ieext\ie_plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{C500C267-63BF-451F-8797-4D720C9A2ED9}"= "c:\program files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll" [2019-10-31 1410768]
.
[HKEY_CLASSES_ROOT\CLSID\{C500C267-63BF-451F-8797-4D720C9A2ED9}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-20 1158248]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-20 1158248]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-05-31 184112]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-06-18 11586944]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-09 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-09 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-09 439064]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bing.com/?pc=COS2&ptag=D082019-N0390A9FCDBB39EF&form=CONMHP&conlogo=CT3335799
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Envoyer à Bluetooth - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
Trusted Zone: localhost
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\of47kfkz.default-1475240351343\
FF - prefs.js: browser.search.selectedEngine - Bing Search Engine
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-MBAMService
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_31_0_0_122_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_31_0_0_122_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_31_0_0_122_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_31_0_0_122_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_122.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.31"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_122.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_122.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_31_0_0_122.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\AVAST Software]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2019-11-15 10:44:28
ComboFix-quarantined-files.txt 2019-11-15 09:44
.
Avant-CF: 128 740 933 632 octets libres
Après-CF: 128 553 635 840 octets libres
.
- - End Of File - - 0BC3AC062B43BF7D178263007396DA0C