cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

���������� | Shortcut_Module | g3n-h@ckm@n | 20.07.2014.6

����� Vista | 7 | 8 | 8.1 - 32/64 bits ����� - Start 21:02:50 - 20/07/2014

Mis � jour le : 20/07/2014 | 18.25 par g3n-h@ckm@n

Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html

Boot: Normal boot

[admin (Administrator)] - [ADMIN-PC] - (france [040C])
SID = S-1-5-21-1265139957-2719780358-2567772835-1000

Syst�me : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1

M�moire RAM = Total (MB) : 4159 | Libre (MB) : 2359
Pagefile = Total (MB) : 8316 | Libre (MB) : 6553
Virtuelle = Total (MB) : 4194 | Libre (MB) : 4036


Registre sauvegard� , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe

���������� | Mises � jour Windows

Aucune mise � jour d�tect�e !!!

���������� | Navigateurs

IE : 11.0.9600.17207 (� Microsoft Corporation. Tous droits r�serv�s.)
FF : 30.0.0.5269 (�Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 35.0.1916.153 (Copyright 2012 Google Inc. All rights reserved.)

���������� | Security

AV :
AS : Windows Defender Enabled
AM : Malwarebytes' Anti-Malware (1.0.0.532) []
FW : ZoneAlarm Free Firewall Firewall Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Arr�t�
AS: Windows Defender [Auto(2)] = Arr�t�
FW: Windows FireWall Service [Auto(2)] = Arr�t�

Mise en veille supprim�e !


���������� | FlashPlayer

ActiveX : 14.0.0.145
Plugin : 14.0.0.145

���������� | Processus tu�s

1116 | [Owner : Syst�me |Parent : 460] - (.Microsoft Corporation - Application sous-syst�me spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1236 | [Owner : Syst�me |Parent : 460] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.701.3.3014) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1272 | [Owner : Syst�me |Parent : 460] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.24) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1372 | [Owner : Syst�me |Parent : 460] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (3.0.2.0) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
1544 | [Owner : Syst�me |Parent : 460] - (.Check Point Software Technologies, Ltd. - ZAPrivacyService.) - (1.0.0.0) = C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
2008 | [Owner : SERVICE LOCAL |Parent : 888] - (.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe
1784 | [Owner : admin |Parent : 460] - (.Microsoft Corporation - Processus h�te pour T�ches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
880 | [Owner : admin |Parent : 1456] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.0.0.532) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
2056 | [Owner : admin |Parent : 1992] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) = C:\Windows\explorer.exe
2720 | [Owner : admin |Parent : 2056] - (.Intel Corporation - igfxTray Module.) - (8.15.10.2202) = C:\Windows\System32\igfxtray.exe
2736 | [Owner : admin |Parent : 2056] - (.Intel Corporation - hkcmd Module.) - (8.15.10.2202) = C:\Windows\System32\hkcmd.exe
2752 | [Owner : admin |Parent : 2056] - (.Intel Corporation - persistence Module.) - (8.15.10.2202) = C:\Windows\System32\igfxpers.exe
2208 | [Owner : Syst�me |Parent : 948] - (.Microsoft Corporation - Moteur du Planificateur de t�ches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
3016 | [Owner : admin |Parent : 2840] - (.Research In Motion Limited - Launch Agent Service.) - (4.2.0.14) = C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
2120 | [Owner : admin |Parent : 2840] - (.Apple Inc. - iTunesHelper.) - (11.2.0.115) = C:\Program Files (x86)\iTunes\iTunesHelper.exe
2344 | [Owner : Syst�me |Parent : 460] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
3068 | [Owner : Syst�me |Parent : 460] - (.Apple Inc. - iPodService Module (64-bit).) - (11.2.0.115) = C:\Program Files\iPod\bin\iPodService.exe
2480 | [Owner : admin |Parent : 2056] - (.Mozilla Corporation - Firefox.) - (30.0.0.5269) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2976 | [Owner : SERVICE R�SEAU |Parent : 460] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe
744 | [Owner : Syst�me |Parent : 460] - (.Microsoft Corporation - Programme d�installation pour les modules Windows.) - (6.1.7601.17514) = C:\Windows\servicing\TrustedInstaller.exe
400 | [Owner : Syst�me |Parent : 2344] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
2000 | [Owner : Syst�me |Parent : 2344] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe
2532 | [Owner : SERVICE LOCAL |Parent : 888] - (.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe
2776 | [Owner : admin |Parent : 652] - (.Microsoft Corporation - Processus h�te Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe

���������� | RUN

04 - HKLM\..\Run : [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
04 - HKLM64\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1265139957-2719780358-2567772835-1000\..\Run : [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

���������� | Services


Service en fonctionnement : WINDEFEND
Service stopp� : WINDEFEND
Service en fonctionnement : MMCSS
Service en fonctionnement : Dhcp
Service en fonctionnement : TcpIp
Service en fonctionnement : WinHttpAutoProxysvc
Service stopp� : WinHttpAutoProxysvc
Service en fonctionnement : MPSSvc
Service stopp� : MPSSvc
Service en fonctionnement : LanmanServer
Service stopp� : LanmanServer
Service en fonctionnement : DNScache
Service stopp� : DNScache

���������� | Hosts

C:\Windows\System32\Drivers\etc\hosts : Remis a z�ro avec succ�s

���������� | Registre

Supprim� avec succ�s : HKU\S-1-5-21-1265139957-2719780358-2567772835-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.livelyrics00.live-lyrics.com
Supprim� avec succ�s : HKLM\Software\Microsoft\Tracing\updateToggleMark_RASMANCS

���������� | Offsets


���������� | reparsepoint



���������� | Dossiers | Fichiers

���������� | Shortcut_Module | g3n-h@ckm@n | 21.07.2014.1

����� Vista | 7 | 8 | 8.1 - 32/64 bits ����� - Start 01:15:15 - 21/07/2014

Mis � jour le : 21/07/2014 | 00.45 par g3n-h@ckm@n

Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html

Boot: Normal boot

[admin (Administrator)] - [ADMIN-PC] - (france [040C])
SID = S-1-5-21-1265139957-2719780358-2567772835-1000

Syst�me : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1

M�moire RAM = Total (MB) : 4159 | Libre (MB) : 2943
Pagefile = Total (MB) : 8316 | Libre (MB) : 7101
Virtuelle = Total (MB) : 4194 | Libre (MB) : 4036


Registre sauvegard� , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe

���������� | Mises � jour Windows

Aucune mise � jour d�tect�e !!!

���������� | Navigateurs

IE : 11.0.9600.17207 (� Microsoft Corporation. Tous droits r�serv�s.)
FF : 30.0.0.5269 (�Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 35.0.1916.153 (Copyright 2012 Google Inc. All rights reserved.)

���������� | Security

AV :
AS : Windows Defender Disabled
AM : Malwarebytes' Anti-Malware (1.0.0.532) []
FW : ZoneAlarm Free Firewall Firewall Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Arr�t�
AS: Windows Defender [Auto(2)] = Arr�t�
FW: Windows FireWall Service [Auto(2)] = Arr�t�

Mise en veille supprim�e !


���������� | FlashPlayer

ActiveX : 14.0.0.145
Plugin : 14.0.0.145

���������� | Processus tu�s

1712 | [Owner : SERVICE LOCAL |Parent : 888] - (.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe
2692 | [Owner : Syst�me |Parent : 460] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
2488 | [Owner : Syst�me |Parent : 460] - (.Microsoft Corporation - Application sous-syst�me spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
856 | [Owner : Syst�me |Parent : 460] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.24) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
3020 | [Owner : Syst�me |Parent : 460] - (.Check Point Software Technologies, Ltd. - ZAPrivacyService.) - (1.0.0.0) = C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
1332 | [Owner : admin |Parent : 1068] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) = C:\Windows\explorer.exe
1616 | [Owner : admin |Parent : 1332] - (.Intel Corporation - igfxTray Module.) - (8.15.10.2202) = C:\Windows\System32\igfxtray.exe
2660 | [Owner : admin |Parent : 1332] - (.Intel Corporation - hkcmd Module.) - (8.15.10.2202) = C:\Windows\System32\hkcmd.exe
708 | [Owner : admin |Parent : 1332] - (.Intel Corporation - persistence Module.) - (8.15.10.2202) = C:\Windows\System32\igfxpers.exe
1284 | [Owner : admin |Parent : 3000] - (.Research In Motion Limited - Launch Agent Service.) - (4.2.0.14) = C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
2908 | [Owner : admin |Parent : 3000] - (.Apple Inc. - iTunesHelper.) - (11.2.0.115) = C:\Program Files (x86)\iTunes\iTunesHelper.exe
2280 | [Owner : Syst�me |Parent : 460] - (.Apple Inc. - iPodService Module (64-bit).) - (11.2.0.115) = C:\Program Files\iPod\bin\iPodService.exe
1860 | [Owner : admin |Parent : 1456] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.0.0.532) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
2236 | [Owner : admin |Parent : 460] - (.Microsoft Corporation - Processus h�te pour T�ches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
452 | [Owner : Syst�me |Parent : 460] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (3.0.2.0) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
1484 | [Owner : Syst�me |Parent : 948] - (.Microsoft Corporation - Moteur du Planificateur de t�ches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe
1172 | [Owner : admin |Parent : 652] - (.Microsoft Corporation - Processus h�te Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe
2332 | [Owner : SERVICE LOCAL |Parent : 888] - (.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe

���������� | RUN

04 - HKLM\..\Run : [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
04 - HKLM64\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1265139957-2719780358-2567772835-1000\..\Run : [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

���������� | Services


Service en fonctionnement : MMCSS
Service en fonctionnement : Dhcp
Service stopp� : Dhcp
Service en fonctionnement : TcpIp
Service en fonctionnement : DNScache
Service stopp� : DNScache

���������� | Hosts

C:\Windows\System32\Drivers\etc\hosts : Remis a z�ro avec succ�s

���������� | Registre


���������� | Offsets


���������� | reparsepoint



���������� | Dossiers | Fichiers

���������� | Shortcut_Module | g3n-h@ckm@n | 21.07.2014.2

����� Vista | 7 | 8 | 8.1 - 32/64 bits ����� - Start 10:49:11 - 21/07/2014

Mis � jour le : 21/07/2014 | 05.00 par g3n-h@ckm@n

Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html

Boot: Normal boot

[admin (Administrator)] - [ADMIN-PC] - (france [040C])
SID = S-1-5-21-1265139957-2719780358-2567772835-1000

Syst�me : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1

M�moire RAM = Total (MB) : 4159 | Libre (MB) : 2773
Pagefile = Total (MB) : 8316 | Libre (MB) : 6845
Virtuelle = Total (MB) : 4194 | Libre (MB) : 4036


Registre sauvegard� , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe

���������� | Mises � jour Windows

Aucune mise � jour d�tect�e !!!

���������� | Navigateurs

IE : 11.0.9600.17207 (� Microsoft Corporation. Tous droits r�serv�s.)
FF : 30.0.0.5269 (�Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 35.0.1916.153 (Copyright 2012 Google Inc. All rights reserved.)

���������� | Security

AV :
AS : Windows Defender Enabled
AM : Malwarebytes' Anti-Malware (1.0.0.532) []
FW : ZoneAlarm Free Firewall Firewall Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Arr�t�
AS: Windows Defender [Auto(2)] = Arr�t�
FW: Windows FireWall Service [Auto(2)] = Arr�t�

Mise en veille supprim�e !


���������� | FlashPlayer

ActiveX : 14.0.0.145
Plugin : 14.0.0.145

���������� | Processus tu�s

1104 | [Owner : Syst�me |Parent : 460] - (.Microsoft Corporation - Application sous-syst�me spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1224 | [Owner : Syst�me |Parent : 460] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.701.3.3014) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1268 | [Owner : Syst�me |Parent : 460] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.24) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1368 | [Owner : Syst�me |Parent : 460] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (3.0.2.0) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
1592 | [Owner : Syst�me |Parent : 460] - (.Check Point Software Technologies, Ltd. - ZAPrivacyService.) - (1.0.0.0) = C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
1160 | [Owner : SERVICE LOCAL |Parent : 840] - (.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe
2032 | [Owner : admin |Parent : 460] - (.Microsoft Corporation - Processus h�te pour T�ches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
2028 | [Owner : admin |Parent : 1456] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.0.0.532) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
2116 | [Owner : admin |Parent : 1824] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) = C:\Windows\explorer.exe
2672 | [Owner : admin |Parent : 2116] - (.Intel Corporation - igfxTray Module.) - (8.15.10.2202) = C:\Windows\System32\igfxtray.exe
2692 | [Owner : admin |Parent : 2116] - (.Intel Corporation - hkcmd Module.) - (8.15.10.2202) = C:\Windows\System32\hkcmd.exe
2868 | [Owner : admin |Parent : 2116] - (.Intel Corporation - persistence Module.) - (8.15.10.2202) = C:\Windows\System32\igfxpers.exe
2328 | [Owner : admin |Parent : 2888] - (.Research In Motion Limited - Launch Agent Service.) - (4.2.0.14) = C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
2472 | [Owner : admin |Parent : 2888] - (.Apple Inc. - iTunesHelper.) - (11.2.0.115) = C:\Program Files (x86)\iTunes\iTunesHelper.exe
2188 | [Owner : Syst�me |Parent : 460] - (.Apple Inc. - iPodService Module (64-bit).) - (11.2.0.115) = C:\Program Files\iPod\bin\iPodService.exe
2416 | [Owner : Syst�me |Parent : 460] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
1708 | [Owner : SERVICE R�SEAU |Parent : 460] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe
2948 | [Owner : admin |Parent : 2116] - (.Mozilla Corporation - Firefox.) - (30.0.0.5269) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2976 | [Owner : Syst�me |Parent : 2416] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
2492 | [Owner : admin |Parent : 628] - (.Microsoft Corporation - Processus h�te Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe
1872 | [Owner : SERVICE LOCAL |Parent : 840] - (.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe

���������� | RUN

04 - HKLM\..\Run : [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
04 - HKLM64\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1265139957-2719780358-2567772835-1000\..\Run : [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

���������� | Services


Service en fonctionnement : WINDEFEND
Service stopp� : WINDEFEND
Service en fonctionnement : MMCSS
Service en fonctionnement : Dhcp
Service en fonctionnement : TcpIp
Service en fonctionnement : WinHttpAutoProxysvc
Service stopp� : WinHttpAutoProxysvc
Service en fonctionnement : MPSSvc
Service stopp� : MPSSvc
Service en fonctionnement : LanmanServer
Service stopp� : LanmanServer
Service en fonctionnement : DNScache
Service stopp� : DNScache

���������� | Hosts

C:\Windows\System32\Drivers\etc\hosts : Remis a z�ro avec succ�s

���������� | Registre

Supprim� avec succ�s : HKLM\Software\Classes\CLSID\{0DF44EAA-FF21-4412-828E-260A8728E7F1} : Taskbar and Start Menu
Supprim� avec succ�s : HKLM\Software\Classes\Interface\{3EDCB28E-E026-4D7B-BF1B-4C200268FD3B} : IDownloadBar
Supprim� avec succ�s : HKLM\Software\Classes\Interface\{56FDF342-FD6D-11D0-958A-006097C9A090} : ITaskbarList
Supprim� avec succ�s : HKLM\Software\Classes\Interface\{602D4995-B13A-429B-A66E-1935E44F4317} : ITaskbarList2
Supprim� avec succ�s : HKLM\Software\Classes\Interface\{8AD2BB74-1382-4C5E-99BA-6485A56D9D54} : ICommandBarStateSnapshot
Supprim� avec succ�s : HKLM\Software\Classes\Interface\{C43DC798-95D1-4BEA-9030-BB99E2983A1A} : ITaskbarList4
Supprim� avec succ�s : HKLM\Software\Classes\Interface\{EA1AFB91-9E28-4B86-90E9-9E9F8A5EEFAF} : ITaskbarList3
Supprim� avec succ�s : HKLM64\Software\Classes\Interface\{3EDCB28E-E026-4D7B-BF1B-4C200268FD3B} : IDownloadBar
Supprim� avec succ�s : HKLM64\Software\Classes\Interface\{56FDF342-FD6D-11D0-958A-006097C9A090} : ITaskbarList
Supprim� avec succ�s : HKLM64\Software\Classes\Interface\{602D4995-B13A-429B-A66E-1935E44F4317} : ITaskbarList2
Supprim� avec succ�s : HKLM64\Software\Classes\Interface\{8AD2BB74-1382-4C5E-99BA-6485A56D9D54} : ICommandBarStateSnapshot
Supprim� avec succ�s : HKLM64\Software\Classes\Interface\{C43DC798-95D1-4BEA-9030-BB99E2983A1A} : ITaskbarList4
Supprim� avec succ�s : HKLM64\Software\Classes\Interface\{EA1AFB91-9E28-4B86-90E9-9E9F8A5EEFAF} : ITaskbarList3
Supprim� avec succ�s : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3EB9C349-7473-48AC-A59B-42F31751974B} : TomahawkBar.dll
Supprim� avec succ�s : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B21-F830-49DE-A31B-5BB9D7F6B407} : askBar.dll;ajBar.dll
Supprim� avec succ�s : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{7778AA60-698A-41D9-9BF0-7AB41045AA7F} : yndbar.dll
Supprim� avec succ�s : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{91397D20-1446-11D4-8AF4-0040CA1127B6} : yndbar.dll;yndbar.dll
Supprim� avec succ�s : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0} : askbarAB.dll;askbarAC.dll
Supprim� avec succ�s : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407} : askBar.dll;ajBar.dll
Supprim� avec succ�s : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3EB9C349-7473-48AC-A59B-42F31751974B}
Supprim� avec succ�s : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B21-F830-49DE-A31B-5BB9D7F6B407}
Supprim� avec succ�s : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{7778AA60-698A-41D9-9BF0-7AB41045AA7F}
Supprim� avec succ�s : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{91397D20-1446-11D4-8AF4-0040CA1127B6}
Supprim� avec succ�s : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Supprim� avec succ�s : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}

���������� | Offsets


���������� | reparsepoint



���������� | Dossiers | Fichiers

Supprim� avec succ�s : C:\Windows\System32\igcompkrng500.bin (.- .)
���������� | Shortcut_Module | g3n-h@ckm@n | 21.07.2014.4

����� Vista | 7 | 8 | 8.1 - 32/64 bits ����� - Start 14:33:02 - 21/07/2014

Mis � jour le : 21/07/2014 | 14.15 par g3n-h@ckm@n

Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html

Boot: Normal boot

[admin (Administrator)] - [ADMIN-PC] - (france [040C])
SID = S-1-5-21-1265139957-2719780358-2567772835-1000

Syst�me : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1

M�moire RAM = Total (MB) : 4159 | Libre (MB) : 3117
Pagefile = Total (MB) : 8316 | Libre (MB) : 7121
Virtuelle = Total (MB) : 4194 | Libre (MB) : 4036


Registre sauvegard� , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe

���������� | Mises � jour Windows

Aucune mise � jour d�tect�e !!!

���������� | Navigateurs

IE : 11.0.9600.17207 (� Microsoft Corporation. Tous droits r�serv�s.)
FF : 30.0.0.5269 (�Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 35.0.1916.153 (Copyright 2012 Google Inc. All rights reserved.)

���������� | Security

AV :
AS : Windows Defender Enabled
AM : Malwarebytes' Anti-Malware (1.0.0.532) []
FW : ZoneAlarm Free Firewall Firewall Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Arr�t�
AS: Windows Defender [Auto(2)] = Arr�t�
FW: Windows FireWall Service [Auto(2)] = Arr�t�

Mise en veille supprim�e !


���������� | FlashPlayer

ActiveX : 14.0.0.145
Plugin : 14.0.0.145

���������� | Processus tu�s

1100 | [Owner : Syst�me |Parent : 460] - (.Microsoft Corporation - Application sous-syst�me spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe
1204 | [Owner : Syst�me |Parent : 460] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.701.3.3014) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1256 | [Owner : Syst�me |Parent : 460] - (.Apple Inc. - YSLoader.exe.) - (17.327.4.24) = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1356 | [Owner : Syst�me |Parent : 460] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (3.0.2.0) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
1584 | [Owner : Syst�me |Parent : 460] - (.Check Point Software Technologies, Ltd. - ZAPrivacyService.) - (1.0.0.0) = C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
1264 | [Owner : SERVICE LOCAL |Parent : 852] - (.Microsoft Corporation - Windows Driver Foundation - Processus h�te de l�infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe
984 | [Owner : admin |Parent : 460] - (.Microsoft Corporation - Processus h�te pour T�ches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe
1808 | [Owner : admin |Parent : 1440] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.0.0.532) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
2284 | [Owner : admin |Parent : 2080] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) = C:\Windows\explorer.exe
2796 | [Owner : admin |Parent : 2284] - (.Intel Corporation - igfxTray Module.) - (8.15.10.2202) = C:\Windows\System32\igfxtray.exe
2816 | [Owner : admin |Parent : 2284] - (.Intel Corporation - hkcmd Module.) - (8.15.10.2202) = C:\Windows\System32\hkcmd.exe
2932 | [Owner : admin |Parent : 2284] - (.Intel Corporation - persistence Module.) - (8.15.10.2202) = C:\Windows\System32\igfxpers.exe
2456 | [Owner : admin |Parent : 2960] - (.Research In Motion Limited - Launch Agent Service.) - (4.2.0.14) = C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
2524 | [Owner : admin |Parent : 2960] - (.Apple Inc. - iTunesHelper.) - (11.2.0.115) = C:\Program Files (x86)\iTunes\iTunesHelper.exe
3044 | [Owner : Syst�me |Parent : 460] - (.Apple Inc. - iPodService Module (64-bit).) - (11.2.0.115) = C:\Program Files\iPod\bin\iPodService.exe
2444 | [Owner : Syst�me |Parent : 460] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe
1780 | [Owner : Syst�me |Parent : 2444] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchProtocolHost.exe
828 | [Owner : Syst�me |Parent : 2444] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe
828 | [Owner : Syst�me |Parent : 2444] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.7601.17610) = C:\Windows\System32\SearchFilterHost.exe

���������� | RUN

04 - HKLM\..\Run : [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
04 - HKLM64\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1265139957-2719780358-2567772835-1000\..\Run : [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

���������� | Services


Service en fonctionnement : WINDEFEND
Service stopp� : WINDEFEND
Service en fonctionnement : MMCSS
Service en fonctionnement : Dhcp
Service stopp� : Dhcp
Service en fonctionnement : TcpIp
Service en fonctionnement : MPSSvc
Service stopp� : MPSSvc
Service en fonctionnement : LanmanServer
Service stopp� : LanmanServer
Service en fonctionnement : DNScache
Service stopp� : DNScache

���������� | Hosts

C:\Windows\System32\Drivers\etc\hosts : Remis a z�ro avec succ�s

���������� | Registre


���������� | Offsets


���������� | reparsepoint



���������� | Dossiers | Fichiers


���������� | .LNK


���������� | Ouverture extension inconnue


���������� | Proxy

Supprim� avec succ�s : S-1-5-18 : Proxyserver -> http=127.0.0.1:52384;https=127.0.0.1:52384


���������� | Internet Explorer


���������� | Google Chrome

[admin] Remis a z�ro avec succ�s : Preferences
[Nina] Remis a z�ro avec succ�s : Preferences


���������� | Firefox

[admin] Supprim� avec succ�s : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\0jtnbenq.default\sessionstore.js
[Nina] Supprim� avec succ�s : user_pref("extensions.fkTK29Jg7ud9.url", "http://jpisyncer.info/sync2/?q=hfZ9oeh7h7sMCyVUojaMg708BNmGWj8ykShGheDUojw9rdCFpdwGqjw8qShIC7n0rjnEqHw4rjaEqjsGtNhVCT94tMVKhd98rTr6rHgEqTsHqHkHqTg8rTC7tNqHhd9FqjgErjk7rTs9rHY7rHw5qTCEpch5BMxJhj8iB7tLk7xehelGtMZPhd9FrjnHqdwGqdn7qjk6rTgEqTk7qchLC7VUojgErihPBNq9ojgMgNr0rn%3D%3D;http://downloadusaweb.info/sync2/?q=hfZ9oeh7h7sMCyVUojaMg708BNmGWj8ykShGheDUojw9rdCFpdwGqjw8qShIC7n0rjnEqHw4rjaEqjsGtNhVCT94tMVKhd98rTr6rHgEqTsHqHkHqTg8rTC7tNqHhd9FqjgErjk7rTs9rHY7rHw5qTCEpch5BMxJhj8iB7tLk7xehelGtMZPhd9FrjnHqdwGqdn7qjk6rTgEqTk7qchLC7VUojgErihPBNq9ojgMgNr0rn%3D%3D;http://syncer-jpi.info/sync2/?q=hfZ9oeh7h7sMCyVUojaMg708BNmGWj8ykShGheDUojw9rdCFpdwGqjw8qShIC7n0rjnEqHw4rjaEqjsGtNhVCT94tMVKhd98rTr6rHgEqTsHqHkHqTg8rTC7tNqHhd9FqjgErjk7rTs9rHY7rHw5qTCEpch5BMxJhj8iB7tLk7xehelGtMZPhd9FrjnHqdwGqdn7qjk6rTgEqTk7qchLC7VUojgErihPBNq9ojgMgNr0rn%3D%3D;http://toolkitfree.us/sync2/?q=hfZ9oeh7h7sMCyVUojaMg708BNmGWj8ykShGheDUojw9rdCFpdwGqjw8qShIC7n0rjnEqHw4rjaEqjsGtNhVCT94tMVKhd98rTr6rHgEqTsHqHkHqTg8rTC7tNqHhd9FqjgErjk7rTs9rHY7rHw5qTCEpch5BMxJhj8iB7tLk7xehelGtMZPhd9FrjnHqdwGqdn7qjk6rTgEqTk7qchLC7VUojgErihPBNq9ojgMgNr0rn%3D%3D;http://firstblue.eu/sync2/?q=hfZ9oeh7h7sMCyVUojaMg708BNmGWj8ykShGheDUojw9rdCFpdwGqjw8qShIC7n0rjnEqHw4rjaEqjsGtNhVCT94tMVKhd98rTr6rHgEqTsHqHkHqTg8rTC7tNqHhd9FqjgErjk7rTs9rHY7rHw5qTCEpch5BMxJhj8iB7tLk7xehelGtMZPhd9FrjnHqdwGqdn7qjk6rTgEqTk7qchLC7VUojgErihPBNq9ojgMgNr0rn%3D%3D;http://jobfirstnet.in/sync2/?q=hfZ9oeh7h7sMCyVUojaMg708BNmGWj8ykShGheDUojw9rdCFpdwGqjw8qShIC7n0rjnEqHw4rjaEqjsGtNhVCT94tMVKhd98rTr6rHgEqTsHqHkHqTg8rTC7tNqHhd9FqjgErjk7rTs9rHY7rHw5qTCEpch5BMxJhj8iB7tLk7xehelGtMZPhd9FrjnHqdwGqdn7qjk6rTgEqTk7qchLC7VUojgErihPBNq9ojgMgNr0rn%3D%3D;http://gethexnow.com/sync2/?q=hfZ9oeh7h7sMCyVUojaMg708BNmGWj8ykShGheDUojw9rdCFpdwGqjw8qShIC7n0rjnEqHw4rjaEqjsGtNhVCT94tMVKhd98rTr6rHgEqTsHqHkHqTg8rTC7tNqHhd9FqjgErjk7rTs9rHY7rHw5qTCEpch5BMxJhj8iB7tLk7xehelGtMZPhd9FrjnHqdwGqdn7qjk6rTgEqTk7qchLC7VUojgErihPBNq9ojgMgNr0rn%3D%3D;http://couponbluemy.us/sync2/?q=hfZ9oeh7h7sMCyVUojaMg708BNmGWj8ykShGheDUojw9rdCFpdwGqjw8qShIC7n0rjnEqHw4rjaEqjsGtNhVCT94tMVKhd98rTr6rHgEqTsHqHkHqTg8rTC7tNqHhd9FqjgErjk7rTs9rHY7rHw5qTCEpch5BMxJhj8iB7tLk7xehelGtMZPhd9FrjnHqdwGqdn7qjk6rTgEqTk7qchLC7VUojgErihPBNq9ojgMgNr0rn%3D%3D;http://skyfunnjobbest.info/sync2/?q=hfZ9oeh7h7sMCyVUojaMg708BNmGWj8ykShGheDUojw9rdCFpdwGqjw8qShIC7n0rjnEqHw4rjaEqjsGtNhVCT94tMVKhd98rTr6rHgEqTsHqHkHqTg8rTC7tNqHhd9FqjgErjk7rTs9rHY7rHw5qTCEpch5BMxJhj8iB7tLk7xehelGtMZPhd9FrjnHqdwGqdn7qjk6rTgEqTk7qchLC7VUojgErihPBNq9ojgMgNr0rn%3D%3D");

[admin] : aomrgla@mfnrbfa.com : - -

���������� | Opera


���������� | StartMenuInternet


���������� | AppCertDlls | AppInit_DLLs


���������� | Javascript


���������� | Firewall

Supprim� avec succ�s : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]|[UDP Query User{82C5B485-377D-41E6-AB30-8857FF443EDD}C:\users\admin\appdata\roaming\cacaoweb\cacaoweb.exe] : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\admin\appdata\roaming\cacaoweb\cacaoweb.exe|Name=cacaoweb.exe|Desc=cacaoweb.exe|Defer=User|

���������� | ADS

���������� | Fichiers temporaires

[admin] Fichiers temporaires Supprim�s : 1189 Ko
[Administrateur] Fichiers temporaires Supprim�s : 0 Ko
[All Users] Fichiers temporaires Supprim�s : 0 Ko
[Default] Fichiers temporaires Supprim�s : 0 Ko
[Default User] Fichiers temporaires Supprim�s : 0 Ko
[Invit�] Fichiers temporaires Supprim�s : 0 Ko
[Nina] Fichiers temporaires Supprim�s : 0 Ko
[Public] Fichiers temporaires Supprim�s : 0 Ko
[C:\Windows\Temp] Fichiers temporaires Supprim�s : 747 Ko
[C:\Temp] Fichiers temporaires Supprim�s : 0 Ko

Service Red�marr� : Dhcp
Service Red�marr� : LanmanServer
Service Red�marr� : MPSsvc

Autre rapport

C:\Shortcut_Module_20_07_2014_14_51_56.txt[37922 o]

Mise en veille restaur�e

���������� | Listing


���������� | C:\Program Files (x86)

[05/05/2014 09:00:17] - |D| - C:\Program Files (x86)\Adobe
[30/05/2014 15:05:46] - |D| - C:\Program Files (x86)\Adobe Download Assistant
[29/05/2014 11:12:56] - |D| - C:\Program Files (x86)\AVG
[30/05/2014 08:41:44] - |D| - C:\Program Files (x86)\CheckPoint
[14/07/2009 05:20:08] - |D| - C:\Program Files (x86)\Common Files
[14/07/2009 06:54:24] - |ASH| - C:\Program Files (x86)\desktop.ini
[07/05/2014 18:16:08] - |D| - C:\Program Files (x86)\Electronic Arts
[30/04/2014 11:05:21] - |D| - C:\Program Files (x86)\Google
[15/04/2014 22:24:24] - |HD| - C:\Program Files (x86)\InstallShield Installation Information
[15/04/2014 23:17:04] - |D| - C:\Program Files (x86)\Intel
[14/07/2009 05:20:08] - |D| - C:\Program Files (x86)\Internet Explorer
[28/05/2014 08:14:56] - |D| - C:\Program Files (x86)\iTunes
[19/07/2014 13:18:43] - |D| - C:\Program Files (x86)\Malwarebytes Anti-Malware
[15/04/2014 22:18:07] - |D| - C:\Program Files (x86)\Microsoft Office
[15/04/2014 22:16:15] - |D| - C:\Program Files (x86)\Microsoft Works
[07/05/2014 18:37:32] - |D| - C:\Program Files (x86)\Microsoft WSE
[16/04/2014 08:28:07] - |D| - C:\Program Files (x86)\Microsoft.NET
[17/05/2014 14:13:38] - |D| - C:\Program Files (x86)\MonAlbumPhoto
[10/06/2014 21:08:02] - |D| - C:\Program Files (x86)\Mozilla Firefox
[05/05/2014 08:59:20] - |D| - C:\Program Files (x86)\Mozilla Maintenance Service
[14/07/2009 07:32:38] - |D| - C:\Program Files (x86)\MSBuild
[17/04/2014 03:34:38] - |D| - C:\Program Files (x86)\MSXML 4.0
[18/05/2014 19:19:53] - |D| - C:\Program Files (x86)\MyPaint
[16/04/2014 17:43:37] - |D| - C:\Program Files (x86)\OpenOffice 4
[27/06/2014 18:02:59] - |D| - C:\Program Files (x86)\PhotoFiltre 7
[14/07/2009 07:32:38] - |D| - C:\Program Files (x86)\Reference Assemblies
[01/05/2014 21:36:41] - |D| - C:\Program Files (x86)\Research In Motion
[30/05/2014 08:41:43] - |D| - C:\Program Files (x86)\SiteLookup
[15/04/2014 22:24:27] - |D| - C:\Program Files (x86)\Sony
[20/07/2014 11:15:25] - |D| - C:\Program Files (x86)\Spybot - Search & Destroy 2
[14/07/2009 06:57:06] - |HD| - C:\Program Files (x86)\Uninstall Information
[16/06/2014 18:02:08] - |D| - C:\Program Files (x86)\VideoLAN
[14/07/2009 07:32:38] - |D| - C:\Program Files (x86)\Windows Defender
[14/07/2009 05:20:08] - |D| - C:\Program Files (x86)\Windows Mail
[14/07/2009 07:32:38] - |D| - C:\Program Files (x86)\Windows Media Player
[14/07/2009 05:20:08] - |D| - C:\Program Files (x86)\Windows NT
[14/07/2009 07:32:38] - |D| - C:\Program Files (x86)\Windows Photo Viewer
[14/07/2009 07:32:38] - |D| - C:\Program Files (x86)\Windows Portable Devices
[14/07/2009 07:32:38] - |D| - C:\Program Files (x86)\Windows Sidebar
[07/05/2014 20:35:35] - |D| - C:\Program Files (x86)\WinRAR

���������� | C:\Program Files

[01/07/2014 22:05:08] - |D| - C:\Program Files\Blender Foundation
[14/07/2009 05:20:08] - |D| - C:\Program Files\Common Files
[14/07/2009 06:54:24] - |ASH| - C:\Program Files\desktop.ini
[14/07/2009 07:32:38] - |D| - C:\Program Files\DVD Maker
[15/04/2014 13:11:42] - |SHD| - C:\Program Files\Fichiers communs
[14/07/2009 05:20:08] - |D| - C:\Program Files\Internet Explorer
[28/05/2014 08:14:56] - |D| - C:\Program Files\iPod
[28/05/2014 08:14:56] - |D| - C:\Program Files\iTunes
[20/07/2014 11:15:13] - |D| - C:\Program Files\Lavasoft
[14/07/2009 07:32:38] - |D| - C:\Program Files\Microsoft Games
[14/07/2009 07:32:38] - |D| - C:\Program Files\MSBuild
[04/07/2014 11:03:41] - |D| - C:\Program Files\paint.net
[14/07/2009 07:32:38] - |D| - C:\Program Files\Reference Assemblies
[12/05/2014 08:09:26] - |D| - C:\Program Files\Sweet Home 3D
[14/07/2009 07:09:26] - |HD| - C:\Program Files\Uninstall Information
[14/07/2009 07:32:38] - |D| - C:\Program Files\Windows Defender
[21/11/2010 08:29:46] - |D| - C:\Program Files\Windows Journal
[14/07/2009 05:20:08] - |D| - C:\Program Files\Windows Mail
[14/07/2009 07:32:38] - |D| - C:\Program Files\Windows Media Player
[14/07/2009 05:20:08] - |D| - C:\Program Files\Windows NT
[14/07/2009 07:32:38] - |D| - C:\Program Files\Windows Photo Viewer
[14/07/2009 07:32:38] - |D| - C:\Program Files\Windows Portable Devices
[14/07/2009 07:32:38] - |D| - C:\Program Files\Windows Sidebar

���������� | C:\Program Files (x86)\Common Files

[05/05/2014 09:00:17] - |D| - C:\Program Files (x86)\Common Files\Adobe
[30/05/2014 15:05:45] - |D| - C:\Program Files (x86)\Common Files\Adobe AIR
[28/05/2014 08:12:54] - |D| - C:\Program Files (x86)\Common Files\Apple
[14/07/2009 05:20:08] - |D| - C:\Program Files (x86)\Common Files\microsoft shared
[01/05/2014 21:36:41] - |D| - C:\Program Files (x86)\Common Files\Research In Motion
[14/07/2009 05:20:08] - |D| - C:\Program Files (x86)\Common Files\Services
[14/07/2009 05:20:08] - |D| - C:\Program Files (x86)\Common Files\SpeechEngines
[14/07/2009 05:20:08] - |D| - C:\Program Files (x86)\Common Files\System

���������� | C:\Program Files\Common Files

[28/05/2014 08:13:11] - |D| - C:\Program Files\Common Files\Apple
[14/07/2009 05:20:08] - |D| - C:\Program Files\Common Files\Microsoft Shared
[14/07/2009 05:20:08] - |D| - C:\Program Files\Common Files\Services
[14/07/2009 05:20:08] - |D| - C:\Program Files\Common Files\SpeechEngines
[14/07/2009 05:20:08] - |D| - C:\Program Files\Common Files\System

���������� | C:\Users\admin\AppData\Roaming

[16/04/2014 08:43:04] - |D| - C:\Users\admin\AppData\Roaming\Adobe
[02/06/2014 09:00:33] - |D| - C:\Users\admin\AppData\Roaming\Ambient Design
[28/05/2014 08:15:20] - |D| - C:\Users\admin\AppData\Roaming\Apple Computer
[29/05/2014 11:13:08] - |D| - C:\Users\admin\AppData\Roaming\AVG
[30/05/2014 15:05:48] - |D| - C:\Users\admin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[15/04/2014 13:14:49] - |D| - C:\Users\admin\AppData\Roaming\dg
[12/05/2014 08:13:20] - |D| - C:\Users\admin\AppData\Roaming\eTeks
[15/04/2014 13:12:04] - |D| - C:\Users\admin\AppData\Roaming\Identities
[15/04/2014 22:24:06] - |D| - C:\Users\admin\AppData\Roaming\InstallShield
[20/07/2014 11:16:36] - |D| - C:\Users\admin\AppData\Roaming\LavasoftStatistics
[15/04/2014 22:25:20] - |D| - C:\Users\admin\AppData\Roaming\Macromedia
[15/04/2014 13:11:49] - |D| - C:\Users\admin\AppData\Roaming\Media Center Programs
[15/04/2014 13:11:49] - |SD| - C:\Users\admin\AppData\Roaming\Microsoft
[05/05/2014 08:59:28] - |D| - C:\Users\admin\AppData\Roaming\Mozilla
[16/04/2014 17:44:14] - |D| - C:\Users\admin\AppData\Roaming\OpenOffice
[28/06/2014 10:57:51] - |D| - C:\Users\admin\AppData\Roaming\PhotoFiltre 7
[29/05/2014 10:58:20] - |D| - C:\Users\admin\AppData\Roaming\SYSTEMAX Software Development
[16/04/2014 14:37:50] - |D| - C:\Users\admin\AppData\Roaming\Template
[29/05/2014 11:14:09] - |D| - C:\Users\admin\AppData\Roaming\vlc
[18/05/2014 11:38:01] - |A| - C:\Users\admin\AppData\Roaming\WB.CFG
[07/05/2014 20:36:39] - |D| - C:\Users\admin\AppData\Roaming\WinRAR
[16/04/2014 14:37:49] - |A| - C:\Users\admin\AppData\Roaming\wklnhst.dat

���������� | C:\Users\admin\AppData\Local

[05/05/2014 08:59:30] - |D| - C:\Users\admin\AppData\Local\Adobe
[28/05/2014 08:13:25] - |D| - C:\Users\admin\AppData\Local\Apple
[28/05/2014 08:15:21] - |D| - C:\Users\admin\AppData\Local\Apple Computer
[15/04/2014 13:11:49] - |SHD| - C:\Users\admin\AppData\Local\Application Data
[30/04/2014 11:04:43] - |D| - C:\Users\admin\AppData\Local\Apps
[29/05/2014 11:13:08] - |D| - C:\Users\admin\AppData\Local\AVG
[01/07/2014 12:41:25] - |D| - C:\Users\admin\AppData\Local\Comodo
[30/04/2014 11:04:42] - |D| - C:\Users\admin\AppData\Local\Deployment
[04/07/2014 17:30:00] - |D| - C:\Users\admin\AppData\Local\Diagnostics
[16/04/2014 09:16:12] - |D| - C:\Users\admin\AppData\Local\ElevatedDiagnostics
[01/05/2014 08:09:05] - |SHD| - C:\Users\admin\AppData\Local\EmieSiteList
[01/05/2014 08:09:05] - |SHD| - C:\Users\admin\AppData\Local\EmieUserList
[15/04/2014 22:33:32] - |A| - C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT
[30/04/2014 11:05:17] - |D| - C:\Users\admin\AppData\Local\Google
[15/04/2014 13:11:49] - |SHD| - C:\Users\admin\AppData\Local\Historique
[15/04/2014 13:21:13] - |AH| - C:\Users\admin\AppData\Local\IconCache.db
[10/05/2014 21:00:55] - |D| - C:\Users\admin\AppData\Local\Macromedia
[15/04/2014 13:11:49] - |D| - C:\Users\admin\AppData\Local\Microsoft
[05/05/2014 08:59:28] - |D| - C:\Users\admin\AppData\Local\Mozilla
[18/05/2014 19:20:38] - |D| - C:\Users\admin\AppData\Local\mypaint
[16/06/2014 16:42:43] - |A| - C:\Users\admin\AppData\Local\nsh665E.tmp
[01/07/2014 12:41:31] - |D| - C:\Users\admin\AppData\Local\Packages
[12/05/2014 08:09:25] - |D| - C:\Users\admin\AppData\Local\Programs
[15/04/2014 13:11:49] - |D| - C:\Users\admin\AppData\Local\Temp
[15/04/2014 13:11:49] - |SHD| - C:\Users\admin\AppData\Local\Temporary Internet Files
[15/04/2014 13:12:00] - |D| - C:\Users\admin\AppData\Local\VirtualStore

���������� | C:\ProgramData

[05/05/2014 09:00:07] - |D| - C:\ProgramData\Adobe
[17/05/2014 14:13:38] - |D| - C:\ProgramData\albumphoto
[28/05/2014 08:12:54] - |D| - C:\ProgramData\Apple
[28/05/2014 08:14:56] - |D| - C:\ProgramData\Apple Computer
[14/07/2009 07:08:56] - |SHD| - C:\ProgramData\Application Data
[29/05/2014 11:12:34] - |D| - C:\ProgramData\AVG
[20/07/2014 11:32:15] - |D| - C:\ProgramData\BitDefender
[15/04/2014 13:11:42] - |SHD| - C:\ProgramData\Bureau
[29/05/2014 10:58:00] - |D| - C:\ProgramData\CheckPoint
[29/05/2014 11:12:30] - |HD| - C:\ProgramData\Common Files
[14/07/2009 07:08:56] - |SHD| - C:\ProgramData\Desktop
[14/07/2009 07:08:56] - |SHD| - C:\ProgramData\Documents
[07/05/2014 18:40:49] - |D| - C:\ProgramData\Electronic Arts
[15/04/2014 13:11:42] - |SHD| - C:\ProgramData\Favoris
[14/07/2009 07:08:56] - |SHD| - C:\ProgramData\Favorites
[15/04/2014 21:39:29] - |A| - C:\ProgramData\hpzinstall.log
[20/07/2014 11:14:00] - |D| - C:\ProgramData\Lavasoft
[19/07/2014 13:18:43] - |D| - C:\ProgramData\Malwarebytes
[10/05/2014 20:59:47] - |D| - C:\ProgramData\McAfee
[15/04/2014 13:11:42] - |SHD| - C:\ProgramData\Menu D�marrer
[14/07/2009 05:20:08] - |SD| - C:\ProgramData\Microsoft
[15/04/2014 13:11:42] - |SHD| - C:\ProgramData\Mod�les
[05/05/2014 08:59:20] - |D| - C:\ProgramData\Mozilla
[16/06/2014 16:46:54] - |RASH| - C:\ProgramData\ntuser.pol
[15/04/2014 22:24:28] - |D| - C:\ProgramData\Sony Corporation
[20/07/2014 11:15:31] - |D| - C:\ProgramData\Spybot - Search & Destroy
[14/07/2009 07:08:56] - |SHD| - C:\ProgramData\Start Menu
[30/05/2014 08:41:45] - |D| - C:\ProgramData\SYSTEMAX Software Development
[14/07/2009 07:08:56] - |SHD| - C:\ProgramData\Templates

[X] : [3424 Ko]

El�ments analys�s : 181700 | Modifi�s : 0 | Infect�s : 10

���������� |EOF| ���������� | 19:28:14 | [44 Ko]

Publicité


Signaler le contenu de ce document

Publicité