คคคคคคคคคค | Shortcut_Module | g3n-h@ckm@n | 22.03.2014.8

คคคคค XP | Vista | 7 | 8 - 32/64 bits คคคคค - Start 23:56:57 - 22/03/2014

Mis เ jour le : 22/03/2014 | 23.00 par g3n-h@ckm@n

Contact : http://www.sosvirus.net

Boot : Normal  

Syst่me : Windows 8.1 Pro (64 bits) Professional 

M้moire RAM = Total (MB) : 16726 | Libre (MB) : 15085
Pagefile = Total (MB) : 19216 | Libre (MB) : 17512
Virtuelle = Total (MB) : 4194 | Libre (MB) : 3995


Registre sauvegard้ , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe

คคคคคคคคคค | Mises เ jour Windows

Aucune mise เ jour d้tect้e !!! 

คคคคคคคคคค | Navigateurs

IE : 11.0.9600.16518     (ฉ Microsoft Corporation. Tous droits r้serv้s.)

คคคคคคคคคค | Processus tu้s

952 | C:\WINDOWS\system32\atiesrxx.exe (.AMD - AMD External Events Service Module.) - (6.14.11.1164) -> C:\WINDOWS\system32\atiesrxx.exe
416 | C:\WINDOWS\system32\atieclxx.exe (.AMD - AMD External Events Client Module.) - (6.14.11.1164) -> atieclxx
1376 | C:\WINDOWS\System32\spoolsv.exe (.Microsoft Corporation - Application sous-syst่me spouleur.) - (6.3.9600.16384) -> C:\WINDOWS\System32\spoolsv.exe
1600 | C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.701.3.3014) -> "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
1712 | C:\WINDOWS\system32\taskhostex.exe (.Microsoft Corporation - Processus h๔te pour Tโches Windows.) - (6.3.9600.16384) -> taskhostex.exe 
1752 | C:\Program Files\Intel\iCLS Client\HeciServer.exe (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) -> "C:\Program Files\Intel\iCLS Client\HeciServer.exe"
1764 | C:\WINDOWS\system32\dashost.exe (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.16384) -> dashost.exe {366d979b-f423-47a3-aece1a6da20e9de3}
1804 | C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (. - ISCT Agent Application.) - (4.1.40.2143) -> "C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe" 
1912 | C:\Program Files\ma-config.com\MaConfigAgent.exe (.CybelSoft - Service de d้tection mat้riel.) - (7.1.2.4) -> "C:\Program Files\ma-config.com\MaConfigAgent.exe"
1936 | C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (2.0.23.0) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
960 | C:\WINDOWS\Explorer.EXE (.Microsoft Corporation - Explorateur Windows.) - (6.3.9600.16441) -> C:\WINDOWS\Explorer.EXE
2120 | C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (.Microsoft Corporation - Machine Debug Manager.) - (7.0.9466.0) -> "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
2228 | C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (.Sony Corporation - Device Information Provider.) - (8.1.1.3120) -> "C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
2444 | C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.0.0.495) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
3548 | C:\WINDOWS\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.9600.16384) -> C:\WINDOWS\system32\SearchIndexer.exe /Embedding
4284 | C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.328) -> "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
4388 | C:\Program Files (x86)\RocketDock\RocketDock.exe (. - .) - (0.0.0.0) -> "C:\Program Files (x86)\RocketDock\RocketDock.exe" 
4760 | C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (.Sony Corporation - Media Check Tool.) - (8.1.1.3120) -> "C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" 
4776 | C:\Program Files\Windows Sidebar\sidebar.exe (.Microsoft Corporation - Gadgets du Bureau Windows.) - (6.2.8400.0) -> "C:\Program Files\Windows Sidebar\sidebar.exe" 
4968 | C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (.Sony Corporation - Sony Digital Media Server.) - (3.3.4.1170) -> "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe"
4020 | E:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (.Sony Corporation - VAIO Entertainment Common Service.) - (1.3.0.9090) -> "E:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe"
1244 | C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.5.12.1682) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
2400 | C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (.Intel Corporation - Intel(R) Local Management Service.) - (9.5.10.1628) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
1680 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage r้seau du Lecteur Windows Media.) - (12.0.9600.16384) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe"

คคคคคคคคคค | Processus d้marr้s


[22/08/2013 03:48:05] - 832 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k DcomLaunch   [31552 Ko]
[22/08/2013 03:48:05] - 864 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k RPCSS   [31552 Ko]
[22/08/2013 03:48:05] - 1016 | C:\WINDOWS\System32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted   [31552 Ko]
[22/08/2013 03:48:05] - 104 | C:\WINDOWS\System32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted   [31552 Ko]
[22/08/2013 03:48:05] - 428 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k netsvcs   [31552 Ko]
[22/08/2013 03:48:05] - 584 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k LocalService   [31552 Ko]
[22/08/2013 03:48:05] - 1140 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k NetworkService   [31552 Ko]
[22/08/2013 03:48:05] - 1400 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork   [31552 Ko]
[14/03/2014 17:41:23] - 2060 | C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (2.1.9.0) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"   [857912 Ko]
[22/08/2013 03:48:05] - 2292 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k imgsvc   [31552 Ko]
[22/08/2013 03:48:05] - 2700 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted   [31552 Ko]
[22/08/2013 03:48:05] - 2756 | C:\WINDOWS\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation   [31552 Ko]
[22/08/2013 03:48:05] - 3092 | C:\WINDOWS\System32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.3.9600.16384) -> C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet   [31552 Ko]
[22/08/2013 03:47:24] - 4628 | C:\WINDOWS\system32\DllHost.exe (.Microsoft Corporation - COM Surrogate.) - (6.3.9600.16384) -> C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}   [17760 Ko]
[22/03/2014 23:54:18] - 3840 | E:\Firefox 26\Telechargements\Shortcut_Module(2).exe (. - Shortcut_Module.) - (22.3.2014.8) -> "E:\Firefox 26\Telechargements\Shortcut_Module(2).exe"    [2211840 Ko]
[22/08/2013 05:17:05] - 3708 | C:\WINDOWS\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.16384) -> C:\WINDOWS\system32\wbem\wmiprvse.exe   [374784 Ko]
[27/08/2013 14:32:14] - 212 | C:\Program Files\Intel\iCLS Client\HeciServer.exe (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) -> "C:\Program Files\Intel\iCLS Client\HeciServer.exe"   [747520 Ko]
[21/12/2013 23:11:33] - 2244 | C:\WINDOWS\explorer.exe (.Microsoft Corporation - Explorateur Windows.) - (6.3.9600.16441) -> explorer.exe   [2328872 Ko]

คคคคคคคคคค | Argument de recherche

Akamai

คคคคคคคคคค | Services


คคคคคคคคคค | Hosts

C:\WINDOWS\System32\Drivers\etc\hosts : Remis a z้ro avec succ่s

คคคคคคคคคค | Registre

Supprim้ avec succ่s : [64]HKLM\Software\Microsoft\Tracing\PerformanceOptimizer_RASMANCS

คคคคคคคคคค | IFEO


คคคคคคคคคค | Dossiers


คคคคคคคคคค | D้tournements de raccourcis


คคคคคคคคคค | Proxy


คคคคคคคคคค | D้tournement internet Explorer


คคคคคคคคคค | D้tournement Google Chrome


คคคคคคคคคค | D้tournement Firefox

[Mike] Supprim้ avec succ่s : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\jinpoww2.default\sessionstore.js
[Mike] Supprim้ avec succ่s : user_pref("noscript.untrusted", "adorika.net clickvideodownload.com infolinks.com softvipdownload.com http://adorika.net http://clickvideodownload.com http://infolinks.com http://softvipdownload.com https://adorika.net https://clickvideodownload.com https://infolinks.com https://softvipdownload.com");
[Mike] Supprim้ avec succ่s : user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
[Mike] Supprim้ avec succ่s : user_pref("weboftrust.search.dogpile.prestyle", ".paidSearchResult [ATTR] { display: none ! important; } .searchResultsPane { max-width: 44.08em; } [ATTR] { position: absolute; visibility: hidden; }");
[Mike] Supprim้ avec succ่s : user_pref("weboftrust.search.facebook.ign", "^http(s)?\\:\\/\\/([\\w\\-]+\\.)*(facebook\\.(com|net)|fbcdn\\.net|bing\\.com|akamaihd\\.net|4sq\\.com|feedly\\.com|foursquare\\.com|quora\\.com|pinterest\\.com|tripit\\.com|twitter\\.com|yelp\\.com|youtube\\.com|youtu\\.be|(.+\\.)?nike\\.com|(.+\\.)?runkeeper\\.com)(\\/|$)");

คคคคคคคคคค | D้tournement des cl้s StartMenuInternet


คคคคคคคคคค | AppInit_DLLs



[64][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1
[32][HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1

คคคคคคคคคค | D้tournement Javascript


คคคคคคคคคค | Firewall

Supprim้ avec succ่s : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]|[{3D74BD0B-6A8F-46E9-9FDE-C5D522BF2EDC}] : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\GoforFiles\goforfilesdl.exe|Name=GoforFiles|

คคคคคคคคคค | Fichiers temporaires

[All Users] Fichiers temporaires Supprim้s : 0 Ko
[Default User] Fichiers temporaires Supprim้s : 0 Ko
[Public] Fichiers temporaires Supprim้s : 0 Ko
[Default] Fichiers temporaires Supprim้s : 0 Ko
[surf] Fichiers temporaires Supprim้s : 0 Ko
[Mike] Fichiers temporaires Supprim้s : 3132 Ko

Autre rapport

C:\Shortcut_Module_22_03_2014_10_00_00.txt      [45210 o]

[X] : 588756

คคคคคคคคคค |EOF| คคคคคคคคคค | 00:05:14 | [12049]