API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 1st, 2014
432
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.09 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 14-10-29.01 - Err0r 01/11/2014 22:42:23.2.2 - x86
  2. Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.3325.2204 [GMT 1:00]
  3. Lancé depuis: c:\users\Err0r\Desktop\Mes documents\Downloads\ComboFix.exe
  4. .
  5. .
  6. (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
  7. .
  8. .
  9. c:\users\Err0r\AppData\Local\Microsoft\Wallpaper1.bmp
  10. .
  11. .
  12. ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
  13. .
  14. .
  15. -------\Legacy_driverhardwarev2
  16. -------\Service_driverhardwarev2
  17. .
  18. .
  19. ((((((((((((((((((((((((((((( Fichiers créés du 2014-10-01 au 2014-11-01 ))))))))))))))))))))))))))))))))))))
  20. .
  21. .
  22. 2071-07-25 08:13 . 2006-11-21 19:48 203576 ------w- c:\program files\Microsoft Games\Age of Empires III\autopatcher2.exe
  23. 2014-11-01 22:06 . 2014-11-01 22:12 -------- d-----w- c:\users\Err0r\AppData\Local\temp
  24. 2014-11-01 22:06 . 2014-11-01 22:06 -------- d-----w- c:\users\Public\AppData\Local\temp
  25. 2014-11-01 22:06 . 2014-11-01 22:06 -------- d-----w- c:\users\Default\AppData\Local\temp
  26. 2014-11-01 21:11 . 2014-04-14 08:06 22304 ----a-w- c:\windows\system32\RegBootDefrag.exe
  27. 2014-10-30 15:40 . 2014-10-30 15:49 -------- d-----w- c:\program files\FINAL FANTASY VII
  28. 2014-10-30 13:49 . 2014-10-30 14:58 -------- d-----w- c:\users\Err0r\AppData\Local\JDownloader v2.0
  29. 2014-10-29 17:44 . 2014-10-29 17:44 -------- d-----w- c:\program files\7-Zip
  30. 2014-10-16 01:24 . 2014-06-15 22:18 1131664 ----a-w- c:\windows\system32\dfshim.dll
  31. 2014-10-16 01:24 . 2014-06-13 18:22 81560 ----a-w- c:\windows\system32\mscories.dll
  32. 2014-10-16 01:24 . 2014-06-13 18:22 156824 ----a-w- c:\windows\system32\mscorier.dll
  33. 2014-10-16 01:19 . 2014-09-27 23:29 2054656 ----a-w- c:\windows\system32\win32k.sys
  34. 2014-10-16 01:05 . 2014-09-04 23:27 143360 ----a-w- c:\windows\system32\drivers\fastfat.sys
  35. 2014-10-16 01:01 . 2014-09-16 16:56 66560 ----a-w- c:\windows\system32\packager.dll
  36. 2014-10-07 15:30 . 2014-10-07 15:30 -------- d-----w- c:\program files\Telltale Games
  37. .
  38. .
  39. .
  40. (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
  41. .
  42. 2014-10-30 15:24 . 2007-09-11 16:21 171892 ----a-w- c:\windows\DUMP5994.tmp
  43. 2014-10-28 05:35 . 2009-10-02 23:46 229000 ------w- c:\windows\system32\MpSigStub.exe
  44. 2014-10-15 11:22 . 2012-04-21 00:35 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
  45. 2014-10-15 11:22 . 2011-07-11 05:40 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
  46. 2014-10-14 20:13 . 2014-10-31 09:55 8901368 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{107F3C8C-48F9-47FC-929E-1E98D8999702}\mpengine.dll
  47. 2014-09-09 06:24 . 2014-09-24 23:12 2048 ----a-w- c:\windows\system32\tzres.dll
  48. 2014-08-23 01:03 . 2014-08-29 01:02 297984 ----a-w- c:\windows\system32\gdi32.dll
  49. 2014-08-22 09:37 . 2010-06-24 10:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  50. 2014-08-13 17:25 . 2014-08-13 17:25 341848 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
  51. 2014-08-04 22:30 . 2014-08-04 22:30 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
  52. 2008-07-20 18:25 . 2011-03-07 21:17 305664 ----a-w- c:\program files\Xtremsplit.exe
  53. 2009-03-05 16:08 . 2014-10-29 14:40 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
  54. .
  55. .
  56. ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
  57. .
  58. .
  59. *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
  60. REGEDIT4
  61. .
  62. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
  63. @="{472083B0-C522-11CF-8763-00608CC02F24}"
  64. [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
  65. 2014-07-27 00:01 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
  66. .
  67. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  68. "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-31 4085896]
  69. .
  70. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  71. "EnableLUA"= 0 (0x0)
  72. "PromptOnSecureDesktop"= 0 (0x0)
  73. "EnableUIADesktopToggle"= 0 (0x0)
  74. .
  75. [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
  76. "aux3"=wdmaud.drv
  77. .
  78. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
  79. BootExecute REG_MULTI_SZ autocheck autochk *
  80. .
  81. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
  82. @="Service"
  83. .
  84. [HKLM\~\startupfolder\C:^Users^Err0r^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Real Desktop.lnk]
  85. backup=c:\windows\pss\Real Desktop.lnk.Startup
  86. backupExtension=.Startup
  87. .
  88. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Antivirus]
  89. c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run [X]
  90. .
  91. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  92. 2014-08-21 16:30 959176 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
  93. .
  94. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
  95. 2014-04-23 14:04 43848 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
  96. .
  97. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun]
  98. 1999-10-10 17:00 41984 ------w- c:\windows\Ctregrun.exe
  99. .
  100. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
  101. 2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
  102. .
  103. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
  104. 2014-08-19 06:41 448856 ----a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
  105. .
  106. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
  107. 2014-01-10 05:26 1861968 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
  108. .
  109. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
  110. 2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe
  111. .
  112. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
  113. 2014-05-26 17:12 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
  114. .
  115. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
  116. 2012-11-01 12:16 577536 ----a-w- c:\program files\Samsung\Kies\KiesAirMessage.exe
  117. .
  118. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
  119. 2012-11-12 10:45 1104824 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
  120. .
  121. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
  122. 2012-11-12 10:45 968120 ----a-w- c:\program files\Samsung\Kies\Kies.exe
  123. .
  124. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
  125. 2012-11-12 10:45 309688 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
  126. .
  127. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]
  128. 2008-08-04 15:22 160800 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe
  129. .
  130. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  131. 2001-07-09 09:50 155648 ----a-w- c:\windows\System32\NeroCheck.exe
  132. .
  133. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
  134. 2014-07-25 14:02 2403104 ----a-w- c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
  135. .
  136. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ORAHSSSessionManager]
  137. 2009-08-24 12:22 135920 ----a-w- c:\program files\OrangeHSS\SessionManager\SessionManager.exe
  138. .
  139. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
  140. 2014-04-25 12:14 4101584 ----a-w- c:\program files\Spybot - Search & Destroy 2\SDTray.exe
  141. .
  142. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spybot-S&D Cleaning]
  143. 2014-04-25 12:13 4566984 ----a-w- c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe
  144. .
  145. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  146. 2014-07-25 10:29 256896 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
  147. .
  148. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]
  149. 2008-08-04 15:22 721936 ----a-w- c:\windows\vVX1000.exe
  150. .
  151. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
  152. 2008-01-19 07:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
  153. .
  154. [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
  155. "DisableMonitoring"=dword:00000001
  156. .
  157. [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2957423914-35575658-2526966217-1000]
  158. "EnableNotificationsRef"=dword:00000001
  159. .
  160. R3 adipfusb;ADI USB RNDIS Compatible Network Device - AD6489;c:\windows\system32\DRIVERS\adipfusb.sys [2005-05-12 28182]
  161. R4 acssrv;Agnitum Client Security Service; [x]
  162. .
  163. .
  164. [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
  165. getPlusHelper REG_MULTI_SZ getPlusHelper
  166. LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
  167. .
  168. Contenu du dossier 'Tâches planifiées'
  169. .
  170. 2014-10-16 c:\windows\Tasks\Adobe Flash Player Updater.job
  171. - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 11:22]
  172. .
  173. 2014-11-01 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
  174. - c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-05-06 12:14]
  175. .
  176. 2014-11-01 c:\windows\Tasks\GlaryInitialize 4.job
  177. - c:\program files\Glary Utilities 4\Initialize.exe [2014-04-14 08:01]
  178. .
  179. 2014-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  180. - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 15:26]
  181. .
  182. 2014-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  183. - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-26 15:26]
  184. .
  185. 2014-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
  186. - c:\windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-08 11:05]
  187. .
  188. 2014-11-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
  189. - c:\windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-08 11:05]
  190. .
  191. 2014-10-28 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
  192. - c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-05-06 12:13]
  193. .
  194. .
  195. ------- Examen supplémentaire -------
  196. .
  197. uInternet Settings,ProxyOverride = local;*.local
  198. IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
  199. Trusted Zone: dell.com
  200. Trusted Zone: mappy.com
  201. Trusted Zone: orange.fr
  202. Trusted Zone: voila.fr\rw.search.ke
  203. Trusted Zone: weborama.fr\orange
  204. TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
  205. DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
  206. FF - ProfilePath - c:\users\Err0r\AppData\Roaming\Mozilla\Firefox\Profiles\576ayv1h.default\
  207. FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search
  208. FF - prefs.js: browser.startup.homepage - hxxps://www.google.fr/
  209. .
  210. - - - - ORPHELINS SUPPRIMES - - - -
  211. .
  212. SafeBoot-WudfPf
  213. SafeBoot-WudfRd
  214. MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe
  215. .
  216. .
  217. .
  218. **************************************************************************
  219. .
  220. catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
  221. Rootkit scan 2014-11-01 23:12
  222. Windows 6.0.6002 Service Pack 2 NTFS
  223. .
  224. Recherche de processus cachés ...
  225. .
  226. Recherche d'éléments en démarrage automatique cachés ...
  227. .
  228. Recherche de fichiers cachés ...
  229. .
  230. Scan terminé avec succès
  231. Fichiers cachés: 0
  232. .
  233. **************************************************************************
  234. .
  235. --------------------- CLES DE REGISTRE BLOQUEES ---------------------
  236. .
  237. [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
  238. @Denied: (2) (LocalSystem)
  239. "{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"=hex:51,66,7a,6c,4c,1d,38,12,34,14,09,
  240. c8,69,aa,83,04,dc,1a,8a,f1,d2,fe,84,3b
  241. "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
  242. 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
  243. "{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
  244. 8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
  245. "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
  246. 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
  247. "{CA6319C0-31B7-401E-A518-A07C3DB8F777}"=hex:51,66,7a,6c,4c,1d,38,12,ae,1a,70,
  248. ce,85,7f,70,05,da,0e,e3,3c,38,e6,b3,63
  249. "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
  250. df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
  251. .
  252. [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
  253. @Denied: (2) (LocalSystem)
  254. "Timestamp"=hex:53,60,a8,6d,11,28,cf,01
  255. .
  256. [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
  257. @Denied: (2) (LocalSystem)
  258. "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
  259. d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5f,de,75,9f,bb,72,2a,40,bb,5f,69,\
  260. "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
  261. d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,5f,de,75,9f,bb,72,2a,40,bb,5f,69,\
  262. .
  263. [HKEY_USERS\S-1-5-21-2957423914-35575658-2526966217-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
  264. "??"=hex:b3,b1,f5,4b,98,05,88,f7,33,e6,72,7f,98,29,36,24,3e,da,d0,14,c6,45,7b,
  265. 88,0e,ca,7e,66,3a,c8,da,bf,10,f7,15,9c,19,03,15,ec,9c,b6,d0,33,57,da,dd,37,\
  266. "??"=hex:d7,12,dd,f9,61,65,54,86,1f,34,0a,36,d5,04,02,53
  267. .
  268. [HKEY_USERS\S-1-5-21-2957423914-35575658-2526966217-1000\Software\SecuROM\License information*]
  269. "datasecu"=hex:93,c7,2c,a8,47,cd,e3,af,e7,e2,e4,c3,94,b1,32,24,57,69,89,6f,2e,
  270. a2,91,a1,65,1a,7b,84,40,48,9d,1e,78,98,4a,db,9d,dc,62,ed,7e,61,42,26,e2,fa,\
  271. "rkeysecu"=hex:04,43,45,70,0e,c7,0f,49,15,34,7e,21,68,f1,68,3e
  272. .
  273. [HKEY_USERS\S-1-5-21-2957423914-35575658-2526966217-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
  274. @Denied: (Full) (Everyone)
  275. @Allowed: (Read) (RestrictedCode)
  276. "scansk"=hex(0):8d,2c,07,7f,19,56,bb,cf,2f,af,ae,ce,42,4e,e6,ad,8e,df,64,f7,2e,
  277. 44,bd,03,a8,56,8c,24,2a,c5,af,9d,a4,7e,66,90,52,8f,46,ff,00,00,00,00,00,00,\
  278. .
  279. [HKEY_USERS\S-1-5-21-2957423914-35575658-2526966217-1000_Classes\CLSID\{8020d527-b821-4525-bd7e-ef0f270059c1}]
  280. @Denied: (Full) (Everyone)
  281. @Allowed: (Read) (RestrictedCode)
  282. "Model"=dword:00000164
  283. "Therad"=dword:0000001e
  284. "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
  285. 38,95,44,93,f9,e9,8c,ec,50,16,fc,fd,6d,36,59,93,06,a4,50,8f,f6,f5,79,b4,ba,\
  286. .
  287. [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  288. @Denied: (A 2) (Everyone)
  289. @="FlashBroker"
  290. "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe,-101"
  291. .
  292. [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
  293. "Enabled"=dword:00000001
  294. .
  295. [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
  296. @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe"
  297. .
  298. [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
  299. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  300. .
  301. [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  302. @Denied: (A 2) (Everyone)
  303. @="IFlashBroker5"
  304. .
  305. [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
  306. @="{00020424-0000-0000-C000-000000000046}"
  307. .
  308. [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
  309. @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  310. "Version"="1.0"
  311. .
  312. [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  313. @Denied: (A) (Users)
  314. @Denied: (A) (Everyone)
  315. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  316. "BlindDial"=dword:00000000
  317. .
  318. ------------------------ Autres processus actifs ------------------------
  319. .
  320. c:\windows\system32\nvvsvc.exe
  321. c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
  322. c:\windows\system32\nvvsvc.exe
  323. c:\program files\AVAST Software\Avast\AvastSvc.exe
  324. c:\windows\system32\conime.exe
  325. c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
  326. c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  327. c:\program files\FolderSize\FolderSizeSvc.exe
  328. c:\windows\system32\libusbd-nt.exe
  329. c:\program files\Microsoft LifeCam\MSCamS32.exe
  330. c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe
  331. c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe
  332. c:\program files\TeamViewer\Version9\TeamViewer_Service.exe
  333. c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
  334. c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
  335. c:\windows\System32\WUDFHost.exe
  336. c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe
  337. c:\windows\system32\wbem\unsecapp.exe
  338. .
  339. **************************************************************************
  340. .
  341. Heure de fin: 2014-11-01 23:24:02 - La machine a redémarré
  342. ComboFix-quarantined-files.txt 2014-11-01 22:23
  343. ComboFix2.txt 2014-06-13 02:31
  344. .
  345. Avant-CF: 13 941 882 880 octets libres
  346. Après-CF: 13 760 827 392 octets libres
  347. .
  348. - - End Of File - - 180274220AA808CE3CDB8BE2D24FFD32
  349. 5C616939100B85E558DA92B899A0FC36
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!