Publicité
Publicité
Format du document : text/plain
Prévisualisation
���������� | Shortcut_Module 03.12.2013.1 - g3n-h@ckm@n
11:20:12 - 12/12/2013
(936) -- TrueSuiteService.exe
(384) -- atiesrxx.exe
(1140) -- stacsv64.exe
(1528) -- hpservice.exe
(1584) -- WUDFHost.exe
(1896) -- spoolsv.exe
(1652) -- armsvc.exe
(1376) -- AESTSr64.exe
(1980) -- AppleMobileDeviceService.exe
(2084) -- devmgrsrv.exe
(2120) -- mDNSResponder.exe
(2160) -- ezSharedSvcHost.exe
(2256) -- HPClientServices.exe
(2296) -- HPWMISVC.exe
(2632) -- sftvsa.exe
(2668) -- c2c_service.exe
(2800) -- WLIDSVC.EXE
(2852) -- obexsrv.exe
(2924) -- sftlist.exe
(3112) -- CVHSVC.EXE
(3264) -- FNPLicensingService64.exe
(3984) -- atieclxx.exe
(3380) -- IAStorDataMgrSvc.exe
(3396) -- GoogleUpdate.exe
(244) -- LMS.exe
(3524) -- wmpnetwk.exe
(2008) -- SearchIndexer.exe
(2968) -- UNS.exe
(1908) -- SeaPort.EXE
(252) -- taskhost.exe
(1100) -- hkcmd.exe
(4112) -- igfxpers.exe
(4260) -- TouchControl.exe
(4300) -- sttray64.exe
(4352) -- BioMonitor.exe
(4428) -- SynTPEnh.exe
(4668) -- FacebookUpdate.exe
(4780) -- SynTPHelper.exe
(4840) -- Skype.exe
(4868) -- audiosrv.exe
(4980) -- IAStorIcon.exe
(184) -- nusb3mon.exe
(556) -- HPMSGSVC.exe
(4684) -- HPConnectionManager.exe
(4828) -- HPOSD.exe
(5488) -- jusched.exe
(5804) -- hpqWmiEx.exe
(5900) -- mdhpSUN.exe
(6184) -- hpCMSrv.exe
(6728) -- taskeng.exe
(6772) -- YCMMirage.exe
(6164) -- MOM.exe
(4660) -- CCC.exe
(1252) -- PresentationFontCache.exe
(6864) -- explorer.exe
(4292) -- chrome.exe
(4540) -- chrome.exe
(2476) -- chrome.exe
(3444) -- chrome.exe
(6984) -- chrome.exe
(5268) -- chrome.exe
(3728) -- chrome.exe
(5588) -- chrome.exe
���������� | Hijack Links
Disinfected : C:\Users\Public\Desktop\Snapfish.lnk : C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe (hxxp://www.snapfish.com/hp_notebook_desktopicon_2011_fr)
���������� | Hijack Internet Explorer
Repaired : [HKU\S-1-5-21-2705007725-928501924-1483706147-1001\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.bing.com -> http://www.google.com/
Repaired : [HKU\S-1-5-21-2705007725-928501924-1483706147-1001\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-21-2705007725-928501924-1483706147-1001\Software\Microsoft\Internet Explorer\Main]|[Search Page] : http://go.microsoft.com/fwlink/?LinkId=54896 -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKLM\Software\Microsoft\Internet Explorer\AboutURLs]|[Tabs] : http://www.google.com -> res://ieframe.dll/tabswelcome.htm
Repaired : [HKU\S-1-5-21-2705007725-928501924-1483706147-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1
���������� | Hijack Google Chrome
[mustapha] Successfull reset : SearchURL
[mustapha] Successfull reset : Preferences
���������� | Hijack Firefox
[mustapha] Replaced : user_pref("browser.startup.homepage", "http://www.golsearch.com/?babsrc=HP_ss_Btisdt6&mntrId=8AE19439E52C12EB&affID=123702&tsp=4983"); -> user_pref("browser.startup.homepage", "http://www.google.fr");
���������� | Hijack StartMenuInternet
Repaired : [HKLM\Software\Clients\StartMenuInternet\Firefox.exe\shell\open\command] : C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"
Repaired : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
���������� | TEMP Files
[All Users] TEMP Files deleted : 0 Ko
[Default User] TEMP Files deleted : 0 Ko
[Default] TEMP Files deleted : 0 Ko
[Public] TEMP Files deleted : 0 Ko
[mustapha] TEMP Files deleted : 926658 Ko
���������� |EOF| ����������
11:20:12 - 12/12/2013
(936) -- TrueSuiteService.exe
(384) -- atiesrxx.exe
(1140) -- stacsv64.exe
(1528) -- hpservice.exe
(1584) -- WUDFHost.exe
(1896) -- spoolsv.exe
(1652) -- armsvc.exe
(1376) -- AESTSr64.exe
(1980) -- AppleMobileDeviceService.exe
(2084) -- devmgrsrv.exe
(2120) -- mDNSResponder.exe
(2160) -- ezSharedSvcHost.exe
(2256) -- HPClientServices.exe
(2296) -- HPWMISVC.exe
(2632) -- sftvsa.exe
(2668) -- c2c_service.exe
(2800) -- WLIDSVC.EXE
(2852) -- obexsrv.exe
(2924) -- sftlist.exe
(3112) -- CVHSVC.EXE
(3264) -- FNPLicensingService64.exe
(3984) -- atieclxx.exe
(3380) -- IAStorDataMgrSvc.exe
(3396) -- GoogleUpdate.exe
(244) -- LMS.exe
(3524) -- wmpnetwk.exe
(2008) -- SearchIndexer.exe
(2968) -- UNS.exe
(1908) -- SeaPort.EXE
(252) -- taskhost.exe
(1100) -- hkcmd.exe
(4112) -- igfxpers.exe
(4260) -- TouchControl.exe
(4300) -- sttray64.exe
(4352) -- BioMonitor.exe
(4428) -- SynTPEnh.exe
(4668) -- FacebookUpdate.exe
(4780) -- SynTPHelper.exe
(4840) -- Skype.exe
(4868) -- audiosrv.exe
(4980) -- IAStorIcon.exe
(184) -- nusb3mon.exe
(556) -- HPMSGSVC.exe
(4684) -- HPConnectionManager.exe
(4828) -- HPOSD.exe
(5488) -- jusched.exe
(5804) -- hpqWmiEx.exe
(5900) -- mdhpSUN.exe
(6184) -- hpCMSrv.exe
(6728) -- taskeng.exe
(6772) -- YCMMirage.exe
(6164) -- MOM.exe
(4660) -- CCC.exe
(1252) -- PresentationFontCache.exe
(6864) -- explorer.exe
(4292) -- chrome.exe
(4540) -- chrome.exe
(2476) -- chrome.exe
(3444) -- chrome.exe
(6984) -- chrome.exe
(5268) -- chrome.exe
(3728) -- chrome.exe
(5588) -- chrome.exe
���������� | Hijack Links
Disinfected : C:\Users\Public\Desktop\Snapfish.lnk : C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe (hxxp://www.snapfish.com/hp_notebook_desktopicon_2011_fr)
���������� | Hijack Internet Explorer
Repaired : [HKU\S-1-5-21-2705007725-928501924-1483706147-1001\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://www.bing.com -> http://www.google.com/
Repaired : [HKU\S-1-5-21-2705007725-928501924-1483706147-1001\Software\Microsoft\Internet Explorer\Main]|[Local Page] : C:\Windows\system32\blank.htm -> C:\Windows\SysWOW64\blank.htm
Repaired : [HKU\S-1-5-21-2705007725-928501924-1483706147-1001\Software\Microsoft\Internet Explorer\Main]|[Search Page] : http://go.microsoft.com/fwlink/?LinkId=54896 -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Start Page] : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKLM\Software\Microsoft\Internet Explorer\Main]|[Default_Page_URL] : http://go.microsoft.com/fwlink/p/?LinkId=255141 -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKLM\Software\Microsoft\Internet Explorer\AboutURLs]|[Tabs] : http://www.google.com -> res://ieframe.dll/tabswelcome.htm
Repaired : [HKU\S-1-5-21-2705007725-928501924-1483706147-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1
���������� | Hijack Google Chrome
[mustapha] Successfull reset : SearchURL
[mustapha] Successfull reset : Preferences
���������� | Hijack Firefox
[mustapha] Replaced : user_pref("browser.startup.homepage", "http://www.golsearch.com/?babsrc=HP_ss_Btisdt6&mntrId=8AE19439E52C12EB&affID=123702&tsp=4983"); -> user_pref("browser.startup.homepage", "http://www.google.fr");
���������� | Hijack StartMenuInternet
Repaired : [HKLM\Software\Clients\StartMenuInternet\Firefox.exe\shell\open\command] : C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> "C:\Program Files (x86)\Mozilla Firefox\Firefox.exe"
Repaired : [HKLM\Software\Clients\StartMenuInternet\IExplore.exe\shell\open\command] : C:\Program Files\Internet Explorer\iexplore.exe -> "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
���������� | TEMP Files
[All Users] TEMP Files deleted : 0 Ko
[Default User] TEMP Files deleted : 0 Ko
[Default] TEMP Files deleted : 0 Ko
[Public] TEMP Files deleted : 0 Ko
[mustapha] TEMP Files deleted : 926658 Ko
���������� |EOF| ����������