cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

���������� | Shortcut_Module | g3n-h@ckm@n | 26.07.2014.2

����� Vista | 7 | 8 | 8.1 - 32/64 bits ����� - Start 20:36:35 - 26/07/2014

Mis � jour le : 26/07/2014 | 20.05 par g3n-h@ckm@n

Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html

Boot: Normal boot

[assam (Administrator)] - [ASSAM-PC] - ([040C])
SID = S-1-5-21-2258393482-314468573-483701409-1000

Syst�me : Windows 7 Ultimate (32 bits) Ultimate Service Pack 1

M�moire RAM = Total (MB) : 1039 | Libre (MB) : 377
Pagefile = Total (MB) : 2087 | Libre (MB) : 1185
Virtuelle = Total (MB) : 2097 | Libre (MB) : 1938


Registre sauvegard� , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe

���������� | Mises � jour Windows

Prochaine recherche : 2014-07-26 20:52:13

���������� | Navigateurs

IE : 8.0.7601.17514 (� Microsoft Corporation. Tous droits r�serv�s.)
FF : 30.0.0.5269 (�Firefox and Mozilla Developers; available under the MPL 2 license.)

���������� | Security

AV : Kaspersky Small Office Security 3 Disabled
AS : Windows Defender Enabled
AM : Malwarebytes' Anti-Malware (1.0.0.495) []
FW : Kaspersky Small Office Security 3 Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Arr�t�
AS: Windows Defender [Auto(2)] = Arr�t�
FW: Windows FireWall Service [Auto(2)] = Arr�t�

Mise en veille supprim�e !


���������� | FlashPlayer

ActiveX : 13.0.0.214
Plugin : 13.0.0.214

���������� | Processus tu�s

1468 | [Owner : Syst�me |Parent : 652] - (.Microsoft Corporation - Application sous-syst�me spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe
1624 | [Owner : Syst�me |Parent : 652] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - (13.0.4.233) = C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 3\avp.exe
1644 | [Owner : Syst�me |Parent : 652] - (.cFos Software GmbH - cFosSpeed Service.) - (9.62.2135.0) = C:\Program Files\cFosSpeed\spd.exe
1684 | [Owner : Syst�me |Parent : 652] - (.Infowatch - InfoWatch CryptoStorage Protected objects controller service.) - (2.0.201.0) = C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
1908 | [Owner : assam |Parent : 1096] - (.Microsoft Corporation - Moteur du Planificateur de t�ches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
1948 | [Owner : assam |Parent : 652] - (.Microsoft Corporation - Processus h�te pour T�ches Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe
1984 | [Owner : assam |Parent : 1908] - (.Smadsoft - Smadav USB Antivirus & Additional Protection.) - (4.97.0.1) = C:\Program Files\SMADAV\SM?RTP.exe
2040 | [Owner : assam |Parent : 1892] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17514) = C:\Windows\explorer.exe
2060 | [Owner : Syst�me |Parent : 652] - (.Baidu Inc. - spark.) - (26.5.9999.3141) = C:\Program Files\baidu\Spark\sparkservice.exe
2132 | [Owner : Syst�me |Parent : 652] - (. - .) - (0.0.0.0) = C:\Program Files\Mobiconnect\AssistantServices.exe
2560 | [Owner : SERVICE LOCAL |Parent : 1052] - (.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes en mode utilisateur.) - (6.1.7601.17514) = C:\Windows\System32\WUDFHost.exe
2964 | [Owner : assam |Parent : 2040] - (. - .) - (1.0.0.1) = C:\Program Files\Mobiconnect\CancelAutoPlay_byt.exe
3312 | [Owner : assam |Parent : 2040] - (. - .) - (0.0.0.0) = C:\Program Files\Mobiconnect\UIExec.exe
3464 | [Owner : assam |Parent : 2040] - (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) - (8.0.0.0) = C:\Program Files\Adobe\Reader 8.0\Reader\Reader_SL.exe
3544 | [Owner : assam |Parent : 2040] - (.cFos Software GmbH - cFosSpeed Window.) - (9.62.2135.0) = C:\Program Files\cFosSpeed\cfosspeed.exe
3588 | [Owner : assam |Parent : 2040] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - (13.0.4.233) = C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 3\avp.exe
3656 | [Owner : assam |Parent : 2040] - (.Microsoft Corporation - Gadgets du Bureau Windows.) - (6.1.7601.17514) = C:\Program Files\Windows Sidebar\sidebar.exe
3732 | [Owner : assam |Parent : 2040] - (.Tonec Inc. - Internet Download Manager (IDM).) - (6.7.3.1) = C:\Program Files\Internet Download Manager\IDMan.exe
4036 | [Owner : assam |Parent : 2040] - (.Eslam---Eid (tm) - Your Free Net .) - (4.5.0.4) = C:\Program Files\Your Free net\Your Free Net.exe
2948 | [Owner : assam |Parent : 3312] - (. - .) - (1.0.0.1) = C:\Program Files\Mobiconnect\UIMain.exe
3644 | [Owner : assam |Parent : 3732] - (.Tonec Inc. - Internet Download Manager agent for click monitoring in IE-based browsers.) - (5.19.3.1) = C:\Program Files\Internet Download Manager\IEMonitor.exe
1800 | [Owner : Syst�me |Parent : 652] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7600.16385) = C:\Windows\System32\SearchIndexer.exe
3728 | [Owner : Syst�me |Parent : 1800] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7600.16385) = C:\Windows\System32\SearchProtocolHost.exe
3308 | [Owner : assam |Parent : 2948] - (. - .) - (1.0.0.1) = C:\Program Files\Mobiconnect\CMUpdater.exe
2320 | [Owner : SERVICE R�SEAU |Parent : 652] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe
688 | [Owner : assam |Parent : 1800] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7600.16385) = C:\Windows\System32\SearchProtocolHost.exe
3356 | [Owner : Syst�me |Parent : 1800] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7600.16385) = C:\Windows\System32\SearchFilterHost.exe
1624 | [Owner : Syst�me |Parent : 652] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - (13.0.4.233) = C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 3\avp.exe
3588 | [Owner : assam |Parent : 2040] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - (13.0.4.233) = C:\Program Files\Kaspersky Lab\Kaspersky Small Office Security 3\avp.exe
1800 | [Owner : Syst�me |Parent : 652] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7600.16385) = C:\Windows\System32\SearchIndexer.exe
1480 | [Owner : assam |Parent : 828] - (.Microsoft Corporation - Processus h�te Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe

���������� | RUN

04 - HKLM\..\Run : [CancelAutoPlay_byt] "C:\Program Files\Mobiconnect\CancelAutoPlay_byt.exe" run
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-2258393482-314468573-483701409-1000\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

���������� | Services


Service en fonctionnement : WINDEFEND
Service stopp� : WINDEFEND
Service en fonctionnement : MMCSS
Service en fonctionnement : Dhcp
Service stopp� : Dhcp
Service en fonctionnement : TcpIp
Service en fonctionnement : MPSSvc
Service stopp� : MPSSvc
Service en fonctionnement : Rasman
Service stopp� : Rasman
Service en fonctionnement : LanmanServer
Service en fonctionnement : DNScache
Service stopp� : DNScache

���������� | Hosts

C:\Windows\System32\Drivers\etc\hosts : Remis a z�ro avec succ�s

���������� | Registre


���������� | Offsets


���������� | reparsepoint



���������� | Dossiers | Fichiers


���������� | .LNK


���������� | Ouverture extension inconnue


���������� | Proxy


���������� | Internet Explorer


���������� | Google Chrome



���������� | Firefox

[assam] Supprim� avec succ�s : C:\Users\assam\AppData\Roaming\Mozilla\Firefox\Profiles\s33svgnm.default\sessionstore.js


���������� | SeaMonkey



���������� | Pale moon



���������� | Opera


���������� | StartMenuInternet


���������� | AppCertDlls | AppInit_DLLs


���������� | Javascript


���������� | Firewall


���������� | ADS

���������� | Fichiers temporaires

[All Users] Fichiers temporaires Supprim�s : 0 Ko
[assam] Fichiers temporaires Supprim�s : 0 Ko
[Default] Fichiers temporaires Supprim�s : 0 Ko
[Default User] Fichiers temporaires Supprim�s : 0 Ko
[Public] Fichiers temporaires Supprim�s : 0 Ko
[C:\Windows\Temp] Fichiers temporaires Supprim�s : 50 Ko
[C:\Temp] Fichiers temporaires Supprim�s : 0 Ko

Service Red�marr� : Dhcp
Service Red�marr� : MPSsvc

Autre rapport

C:\Shortcut_Module_26_07_2014_20_23_39.txt[18567 o]

Mise en veille restaur�e

���������� | Listing


���������� | C:\Program Files

[16/06/2014 19:13:38] - |D| - C:\Program Files\Adobe
[16/06/2014 18:26:09] - |D| - C:\Program Files\baidu
[20/06/2014 16:34:33] - |D| - C:\Program Files\CCleaner
[20/06/2014 22:40:32] - |D| - C:\Program Files\cFosSpeed
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files
[14/07/2009 06:41:57] - |ASH| - C:\Program Files\desktop.ini
[14/07/2009 06:52:30] - |D| - C:\Program Files\DVD Maker
[16/06/2014 18:03:38] - |SHD| - C:\Program Files\Fichiers communs
[23/06/2014 17:48:48] - |D| - C:\Program Files\Foxit Reader
[16/06/2014 18:19:31] - |HD| - C:\Program Files\InstallShield Installation Information
[16/06/2014 18:07:18] - |D| - C:\Program Files\Intel
[16/06/2014 19:12:21] - |D| - C:\Program Files\Internet Download Manager
[14/07/2009 04:37:05] - |D| - C:\Program Files\Internet Explorer
[26/07/2014 01:15:51] - |D| - C:\Program Files\Kaspersky Lab
[25/07/2014 23:50:53] - |D| - C:\Program Files\Malwarebytes Anti-Malware
[16/06/2014 19:25:57] - |D| - C:\Program Files\Microsoft Analysis Services
[14/07/2009 06:52:30] - |D| - C:\Program Files\Microsoft Games
[16/06/2014 19:24:49] - |D| - C:\Program Files\Microsoft Office
[16/06/2014 19:27:24] - |D| - C:\Program Files\Microsoft SQL Server Compact Edition
[16/06/2014 19:27:24] - |D| - C:\Program Files\Microsoft Sync Framework
[16/06/2014 19:26:24] - |D| - C:\Program Files\Microsoft Visual Studio 8
[16/06/2014 19:17:09] - |D| - C:\Program Files\Microsoft.NET
[16/06/2014 18:19:31] - |D| - C:\Program Files\Mobiconnect
[16/06/2014 18:28:15] - |D| - C:\Program Files\Mozilla Firefox
[17/06/2014 19:26:40] - |D| - C:\Program Files\Mozilla Maintenance Service
[14/07/2009 06:52:30] - |D| - C:\Program Files\MSBuild
[16/06/2014 18:43:16] - |D| - C:\Program Files\Opera 10.10 Beta
[27/06/2014 14:35:05] - |D| - C:\Program Files\Opera Next
[28/06/2014 13:30:31] - |D| - C:\Program Files\PrOm!Sr
[14/07/2009 06:52:30] - |D| - C:\Program Files\Reference Assemblies
[26/07/2014 15:55:44] - |D| - C:\Program Files\SMADAV
[16/06/2014 18:27:40] - |D| - C:\Program Files\SuperCopier2
[16/06/2014 18:19:32] - |D| - C:\Program Files\SupportAppCB
[16/06/2014 18:32:57] - |D| - C:\Program Files\Tencent
[14/07/2009 06:53:23] - |HD| - C:\Program Files\Uninstall Information
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Defender
[21/11/2010 02:46:57] - |D| - C:\Program Files\Windows Journal
[14/07/2009 04:37:05] - |D| - C:\Program Files\Windows Mail
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Media Player
[14/07/2009 04:37:05] - |D| - C:\Program Files\Windows NT
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Photo Viewer
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Portable Devices
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Sidebar
[16/06/2014 18:30:53] - |D| - C:\Program Files\WinRAR
[16/06/2014 19:16:32] - |D| - C:\Program Files\Your Free net

���������� | C:\Program Files\Common Files

[16/06/2014 19:13:38] - |D| - C:\Program Files\Common Files\Adobe
[26/07/2014 01:15:53] - |D| - C:\Program Files\Common Files\InfoWatch
[16/06/2014 18:09:12] - |D| - C:\Program Files\Common Files\InstallShield
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\microsoft shared
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\Services
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\SpeechEngines
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\System

���������� | C:\Users\assam\AppData\Roaming

[16/06/2014 18:42:03] - |D| - C:\Users\assam\AppData\Roaming\Adobe
[16/06/2014 18:26:11] - |D| - C:\Users\assam\AppData\Roaming\Baidu
[16/06/2014 19:12:24] - |D| - C:\Users\assam\AppData\Roaming\DMCache
[19/06/2014 20:14:03] - |D| - C:\Users\assam\AppData\Roaming\ESET
[16/06/2014 18:04:18] - |D| - C:\Users\assam\AppData\Roaming\Identities
[16/06/2014 19:12:25] - |D| - C:\Users\assam\AppData\Roaming\IDM
[17/06/2014 22:35:28] - |D| - C:\Users\assam\AppData\Roaming\Leadertech
[17/06/2014 19:47:00] - |D| - C:\Users\assam\AppData\Roaming\Macromedia
[16/06/2014 18:04:07] - |D| - C:\Users\assam\AppData\Roaming\Media Center Programs
[16/06/2014 18:04:07] - |D| - C:\Users\assam\AppData\Roaming\Microsoft
[16/06/2014 18:33:18] - |D| - C:\Users\assam\AppData\Roaming\Mozilla
[16/06/2014 18:43:20] - |D| - C:\Users\assam\AppData\Roaming\Opera
[27/06/2014 14:35:18] - |D| - C:\Users\assam\AppData\Roaming\Opera Software
[16/06/2014 18:33:02] - |D| - C:\Users\assam\AppData\Roaming\Tencent
[16/06/2014 18:30:55] - |D| - C:\Users\assam\AppData\Roaming\WinRAR

���������� | C:\Users\assam\AppData\Local

[16/06/2014 19:13:47] - |D| - C:\Users\assam\AppData\Local\Adobe
[16/06/2014 18:04:08] - |SHD| - C:\Users\assam\AppData\Local\Application Data
[20/06/2014 22:39:58] - |D| - C:\Users\assam\AppData\Local\cFos
[17/06/2014 16:56:30] - |D| - C:\Users\assam\AppData\Local\Diagnostics
[19/06/2014 20:14:03] - |D| - C:\Users\assam\AppData\Local\ESET
[16/06/2014 19:31:25] - |A| - C:\Users\assam\AppData\Local\GDIPFONTCACHEV1.DAT
[16/06/2014 18:04:08] - |SHD| - C:\Users\assam\AppData\Local\Historique
[16/06/2014 18:05:04] - |AH| - C:\Users\assam\AppData\Local\IconCache.db
[17/06/2014 20:08:56] - |D| - C:\Users\assam\AppData\Local\Macromedia
[16/06/2014 18:04:07] - |D| - C:\Users\assam\AppData\Local\Microsoft
[16/06/2014 19:32:03] - |D| - C:\Users\assam\AppData\Local\Microsoft Games
[16/06/2014 19:24:55] - |D| - C:\Users\assam\AppData\Local\Microsoft Help
[16/06/2014 18:33:18] - |D| - C:\Users\assam\AppData\Local\Mozilla
[16/06/2014 18:43:20] - |D| - C:\Users\assam\AppData\Local\Opera
[27/06/2014 14:35:23] - |D| - C:\Users\assam\AppData\Local\Opera Software
[25/07/2014 23:50:30] - |D| - C:\Users\assam\AppData\Local\Programs
[16/06/2014 18:04:07] - |D| - C:\Users\assam\AppData\Local\Temp
[16/06/2014 18:04:08] - |SHD| - C:\Users\assam\AppData\Local\Temporary Internet Files
[16/06/2014 18:04:11] - |D| - C:\Users\assam\AppData\Local\VirtualStore

���������� | C:\ProgramData

[16/06/2014 19:13:41] - |D| - C:\ProgramData\Adobe
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Application Data
[16/06/2014 18:26:16] - |D| - C:\ProgramData\Baidu
[16/06/2014 18:03:38] - |SHD| - C:\ProgramData\Bureau
[20/06/2014 22:39:58] - |D| - C:\ProgramData\cFos
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Desktop
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Documents
[16/06/2014 18:03:38] - |SHD| - C:\ProgramData\Favoris
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Favorites
[16/06/2014 19:12:25] - |D| - C:\ProgramData\IDM
[26/07/2014 01:15:51] - |D| - C:\ProgramData\Kaspersky Lab
[25/07/2014 23:50:53] - |D| - C:\ProgramData\Malwarebytes
[21/06/2014 16:02:46] - |D| - C:\ProgramData\MDMA
[16/06/2014 18:03:38] - |SHD| - C:\ProgramData\Menu D�marrer
[14/07/2009 04:37:05] - |SD| - C:\ProgramData\Microsoft
[16/06/2014 19:24:49] - |D| - C:\ProgramData\Microsoft Help
[16/06/2014 18:03:38] - |SHD| - C:\ProgramData\Mod�les
[16/06/2014 19:38:06] - |D| - C:\ProgramData\Mozilla
[20/06/2014 22:14:36] - |RASH| - C:\ProgramData\ntuser.pol
[17/06/2014 16:52:41] - |D| - C:\ProgramData\PreventPlay
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Start Menu
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Templates
[27/06/2014 16:35:40] - |D| - C:\ProgramData\Tencent

El�ments analys�s : 69940 | Modifi�s : 0 | Infect�s : 3

���������� |EOF| ���������� | 20:59:19 | [16 Ko]

Publicité


Signaler le contenu de ce document

Publicité