Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ComboFix 14-10-29.01 - Err0r 01/11/2014 22:42:23.2.2 - x86
- Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3325.2204 [GMT 1:00]
- Lancé depuis: c:\users\Err0r\Desktop\Mes documents\Downloads\ComboFix.exe
- .
- .
- (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
- .
- .
- c:\users\Err0r\AppData\Local\Microsoft\Wallpaper1.bmp
- .
- .
- ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
- .
- .
- -------\Legacy_driverhardwarev2
- -------\Service_driverhardwarev2
- .
- .
- ((((((((((((((((((((((((((((( Fichiers créés du 2014-10-01 au 2014-11-01 ))))))))))))))))))))))))))))))))))))
- .
- .
- 2071-07-25 08:13 . 2006-11-21 19:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
- 2014-11-01 22:06 . 2014-11-01 22:12 -------- d-----w- c:\users\Err0r\AppData\Local\temp
- 2014-11-01 22:06 . 2014-11-01 22:06 -------- d-----w- c:\users\Public\AppData\Local\temp
- 2014-11-01 22:06 . 2014-11-01 22:06 -------- d-----w- c:\users\Default\AppData\Local\temp
- 2014-11-01 21:11 . 2014-04-14 08:06 22304 ----a-w- c:\windows\system32\RegBootDefrag.exe
- 2014-10-30 15:40 . 2014-10-30 15:49 -------- d-----w- c:\program files\FINAL FANTASY VII
- 2014-10-30 13:49 . 2014-10-30 14:58 -------- d-----w- c:\users\Err0r\AppData\Local\JDownloader v2.0
- 2014-10-29 17:44 . 2014-10-29 17:44 -------- d-----w- c:\program files\7-Zip
- 2014-10-16 01:24 . 2014-06-15 22:18 1131664 ----a-w- c:\windows\system32\dfshim.dll
- 2014-10-16 01:24 . 2014-06-13 18:22 81560 ----a-w- c:\windows\system32\mscories.dll
- 2014-10-16 01:24 . 2014-06-13 18:22 156824 ----a-w- c:\windows\system32\mscorier.dll
- 2014-10-16 01:19 . 2014-09-27 23:29 2054656 ----a-w- c:\windows\system32\win32k.sys
- 2014-10-16 01:05 . 2014-09-04 23:27 143360 ----a-w- c:\windows\system32\drivers\fastfat.sys
- 2014-10-16 01:01 . 2014-09-16 16:56 66560 ----a-w- c:\windows\system32\packager.dll
- 2014-10-07 15:30 . 2014-10-07 15:30 -------- d-----w- c:\program files\Telltale Games
- .
- .
- .
- (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
- .
- 2014-10-30 15:24 . 2007-09-11 16:21 171892 ----a-w- c:\windows\DUMP5994.tmp
- 2014-10-28 05:35 . 2009-10-02 23:46 229000 ------w- c:\windows\system32\MpSigStub.exe
- 2014-10-15 11:22 . 2012-04-21 00:35 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
- 2014-10-15 11:22 . 2011-07-11 05:40 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
- 2014-10-14 20:13 . 2014-10-31 09:55 8901368 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{107F3C8C-48F9-47FC-929E-1E98D8999702}\mpengine.dll
- 2014-09-09 06:24 . 2014-09-24 23:12 2048 ----a-w- c:\windows\system32\tzres.dll
- 2014-08-23 01:03 . 2014-08-29 01:02 297984 ----a-w- c:\windows\system32\gdi32.dll
- 2014-08-22 09:37 . 2010-06-24 10:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
- 2014-08-13 17:25 . 2014-08-13 17:25 341848 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
- 2014-08-04 22:30 . 2014-08-04 22:30 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
- 2008-07-20 18:25 . 2011-03-07 21:17 305664 ----a-w- c:\program files\Xtremsplit.exe
- 2009-03-05 16:08 . 2014-10-29 14:40 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
- .
- .
- ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
- .
- .
- *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
- REGEDIT4
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
- @="{472083B0-C522-11CF-8763-00608CC02F24}"
- [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
- 2014-07-27 00:01 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
- .
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
- "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-31 4085896]
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
- "EnableLUA"= 0 (0x0)
- "PromptOnSecureDesktop"= 0 (0x0)
- "EnableUIADesktopToggle"= 0 (0x0)
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
- "aux3"=wdmaud.drv
- .
- [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
- BootExecute REG_MULTI_SZ autocheck autochk *
- .
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
- @="Service"
- .
- [HKLM\~\startupfolder\C:^Users^Err0r^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Real Desktop.lnk]
- backup=c:\windows\pss\Real Desktop.lnk.Startup
- backupExtension=.Startup
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Antivirus]
- c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run [X]
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
- 2014-08-21 16:30 959176 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
- 2014-04-23 14:04 43848 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun]
- 1999-10-10 17:00 41984 ------w- c:\windows\Ctregrun.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
- 2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
- 2014-08-19 06:41 448856 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
- 2014-01-10 05:26 1861968 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
- 2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
- 2014-05-26 17:12 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
- 2012-11-01 12:16 577536 ----a-w- c:\program files\Samsung\Kies\KiesAirMessage.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
- 2012-11-12 10:45 1104824 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
- 2012-11-12 10:45 968120 ----a-w- c:\program files\Samsung\Kies\Kies.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
- 2012-11-12 10:45 309688 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
- 2008-08-04 15:22 160800 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
- 2001-07-09 09:50 155648 ----a-w- c:\windows\System32\NeroCheck.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
- 2014-07-25 14:02 2403104 ----a-w- c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAHSSSessionManager]
- 2009-08-24 12:22 135920 ----a-w- c:\program files\OrangeHSS\SessionManager\SessionManager.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
- 2014-04-25 12:14 4101584 ----a-w- c:\program files\Spybot - Search & Destroy 2\SDTray.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spybot-S&D Cleaning]
- 2014-04-25 12:13 4566984 ----a-w- c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
- 2014-07-25 10:29 256896 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
- 2008-08-04 15:22 721936 ----a-w- c:\windows\vVX1000.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
- 2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
- "DisableMonitoring"=dword:00000001
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2957423914-35575658-2526966217-1000]
- "EnableNotificationsRef"=dword:00000001
- .
- R3 adipfusb;ADI USB RNDIS Compatible Network Device - AD6489;c:\windows\system32\DRIVERS\adipfusb.sys [2005-05-12 28182]
- R4 acssrv;Agnitum Client Security Service; [x]
- .
- .
- [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
- getPlusHelper REG_MULTI_SZ getPlusHelper
- LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
- .
- Contenu du dossier 'Tâches planifiées'
- .
- 2014-10-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 11:22]
- .
- 2014-11-01 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- - c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-05-06 12:14]
- .
- 2014-11-01 c:\windows\Tasks\GlaryInitialize 4.job
- - c:\program files\Glary Utilities 4\Initialize.exe [2014-04-14 08:01]
- .
- 2014-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 15:26]
- .
- 2014-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 15:26]
- .
- 2014-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
- - c:\windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-08 11:05]
- .
- 2014-11-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
- - c:\windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-08 11:05]
- .
- 2014-10-28 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- - c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-05-06 12:13]
- .
- .
- ------- Examen supplémentaire -------
- .
- uInternet Settings,ProxyOverride = local;*.local
- IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
- Trusted Zone: dell.com
- Trusted Zone: mappy.com
- Trusted Zone: orange.fr
- Trusted Zone: voila.fr\rw.search.ke
- Trusted Zone: weborama.fr\orange
- TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
- DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
- FF - ProfilePath - c:\users\Err0r\AppData\Roaming\Mozilla\Firefox\Profiles\576ayv1h.default\
- FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search
- FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/
- .
- - - - - ORPHELINS SUPPRIMES - - - -
- .
- SafeBoot-WudfPf
- SafeBoot-WudfRd
- MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe
- .
- .
- .
- **************************************************************************
- .
- catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
- Rootkit scan 2014-11-01 23:12
- Windows 6.0.6002 Service Pack 2 NTFS
- .
- Recherche de processus cachés ...
- .
- Recherche d'éléments en démarrage automatique cachés ...
- .
- Recherche de fichiers cachés ...
- .
- Scan terminé avec succès
- Fichiers cachés: 0
- .
- **************************************************************************
- .
- --------------------- CLES DE REGISTRE BLOQUEES ---------------------
- .
- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
- @Denied: (2) (LocalSystem)
- "{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"=hex:51,66,7a,6c,4c,1d,38,12,34,14,09,
- c8,69,aa,83,04,dc,1a,8a,f1,d2,fe,84,3b
- "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
- 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
- "{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
- 8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
- "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
- 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
- "{CA6319C0-31B7-401E-A518-A07C3DB8F777}"=hex:51,66,7a,6c,4c,1d,38,12,ae,1a,70,
- ce,85,7f,70,05,da,0e,e3,3c,38,e6,b3,63
- "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
- df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
- .
- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
- @Denied: (2) (LocalSystem)
- "Timestamp"=hex:53,60,a8,6d,11,28,cf,01
- .
- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
- @Denied: (2) (LocalSystem)
- "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
- d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5f,de,75,9f,bb,72,2a,40,bb,5f,69,\
- "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
- d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5f,de,75,9f,bb,72,2a,40,bb,5f,69,\
- .
- [HKEY_USERS\S-1-5-21-2957423914-35575658-2526966217-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
- "??"=hex:b3,b1,f5,4b,98,05,88,f7,33,e6,72,7f,98,29,36,24,3e,da,d0,14,c6,45,7b,
- 88,0e,ca,7e,66,3a,c8,da,bf,10,f7,15,9c,19,03,15,ec,9c,b6,d0,33,57,da,dd,37,\
- "??"=hex:d7,12,dd,f9,61,65,54,86,1f,34,0a,36,d5,04,02,53
- .
- [HKEY_USERS\S-1-5-21-2957423914-35575658-2526966217-1000\Software\SecuROM\License information*]
- "datasecu"=hex:93,c7,2c,a8,47,cd,e3,af,e7,e2,e4,c3,94,b1,32,24,57,69,89,6f,2e,
- a2,91,a1,65,1a,7b,84,40,48,9d,1e,78,98,4a,db,9d,dc,62,ed,7e,61,42,26,e2,fa,\
- "rkeysecu"=hex:04,43,45,70,0e,c7,0f,49,15,34,7e,21,68,f1,68,3e
- .
- [HKEY_USERS\S-1-5-21-2957423914-35575658-2526966217-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
- @Denied: (Full) (Everyone)
- @Allowed: (Read) (RestrictedCode)
- "scansk"=hex(0):8d,2c,07,7f,19,56,bb,cf,2f,af,ae,ce,42,4e,e6,ad,8e,df,64,f7,2e,
- 44,bd,03,a8,56,8c,24,2a,c5,af,9d,a4,7e,66,90,52,8f,46,ff,00,00,00,00,00,00,\
- .
- [HKEY_USERS\S-1-5-21-2957423914-35575658-2526966217-1000_Classes\CLSID\{8020d527-b821-4525-bd7e-ef0f270059c1}]
- @Denied: (Full) (Everyone)
- @Allowed: (Read) (RestrictedCode)
- "Model"=dword:00000164
- "Therad"=dword:0000001e
- "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
- 38,95,44,93,f9,e9,8c,ec,50,16,fc,fd,6d,36,59,93,06,a4,50,8f,f6,f5,79,b4,ba,\
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
- @Denied: (A 2) (Everyone)
- @="FlashBroker"
- "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe,-101"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
- "Enabled"=dword:00000001
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
- @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
- @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
- @Denied: (A 2) (Everyone)
- @="IFlashBroker5"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
- @="{00020424-0000-0000-C000-000000000046}"
- .
- [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
- @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
- "Version"="1.0"
- .
- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
- @Denied: (A) (Users)
- @Denied: (A) (Everyone)
- @Allowed: (B 1 2 3 4 5) (S-1-5-20)
- "BlindDial"=dword:00000000
- .
- ------------------------ Autres processus actifs ------------------------
- .
- c:\windows\system32\nvvsvc.exe
- c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
- c:\windows\system32\nvvsvc.exe
- c:\program files\AVAST Software\Avast\AvastSvc.exe
- c:\windows\system32\conime.exe
- c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
- c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- c:\program files\FolderSize\FolderSizeSvc.exe
- c:\windows\system32\libusbd-nt.exe
- c:\program files\Microsoft LifeCam\MSCamS32.exe
- c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe
- c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe
- c:\program files\TeamViewer\Version9\TeamViewer_Service.exe
- c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
- c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
- c:\windows\System32\WUDFHost.exe
- c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe
- c:\windows\system32\wbem\unsecapp.exe
- .
- **************************************************************************
- .
- Heure de fin: 2014-11-01 23:24:02 - La machine a redémarré
- ComboFix-quarantined-files.txt 2014-11-01 22:23
- ComboFix2.txt 2014-06-13 02:31
- .
- Avant-CF: 13 941 882 880 octets libres
- Après-CF: 13 760 827 392 octets libres
- .
- - - End Of File - - 180274220AA808CE3CDB8BE2D24FFD32
- 5C616939100B85E558DA92B899A0FC36
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement