คคคคคคคคคค | Shortcut_Module | g3n-h@ckm@n | 14.03.2014.4

คคคคค XP | Vista | 7 | 8 - 32/64 bits คคคคค - Start 13:37:52 - 14/03/2014

Mis เ jour le : 14/03/2014 | 14.20 par g3n-h@ckm@n

Contact : http://www.sosvirus.net

Boot : Normal  

Syst่me : Windows 7 Professional (32 bits) Professional Service Pack 1

M้moire RAM = Total (MB) : 3060 | Libre (MB) : 1681
Pagefile = Total (MB) : 6118 | Libre (MB) : 4280
Virtuelle = Total (MB) : 2097 | Libre (MB) : 1959


Registre sauvegard้ , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe

คคคคคคคคคค | Mises เ jour Windows

Derni่re(s) d้tection(s) : 2014-03-14 11:01:56
Derni่res T้l้charg้es : 2014-03-13 01:21:13
Derni่res install้es : 2014-03-14 03:05:03
Prochaine recherche : 2014-03-15 08:27:19

คคคคคคคคคค | Navigateurs

IE : 11.0.9600.16521     (ฉ Microsoft Corporation. Tous droits r้serv้s.)
FF : 27.0.1.5156     (ฉFirefox and Mozilla Developers; available under the MPL 2 license.)
GC : 31.0.1650.63     (Copyright 2012 Google Inc. All rights reserved.)
คคคคคคคคคค | Processus tu้s

824 | C:\Windows\system32\nvvsvc.exe (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 320.49.) - (8.17.13.2049) -> "C:\Windows\system32\nvvsvc.exe"
848 | C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.2049) -> "C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
1352 | C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.41) -> "C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe"
1392 | C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.136) -> "C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe" /SRSPS
1640 | C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.2049) -> "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
1648 | C:\Windows\system32\nvvsvc.exe (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 320.49.) - (8.17.13.2049) -> C:\Windows\system32\nvvsvc.exe -session -first
1704 | C:\Windows\system32\WLANExt.exe (.Microsoft Corporation - Infrastructure d’extensibilit้ pour les services r้seau Windows sans fil 802.11.) - (6.1.7600.16385) -> C:\Windows\system32\WLANExt.exe 28424280
1776 | C:\Windows\System32\spoolsv.exe (.Microsoft Corporation - Application sous-syst่me spouleur.) - (6.1.7601.17777) -> C:\Windows\System32\spoolsv.exe
1892 | C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - (1.0.32.10) -> "C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe"
1924 | C:\Program Files\Intel\WiFi\bin\EvtEng.exe (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (14.1.1.7) -> "C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
492 | C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - (4.11.9.1) -> "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
440 | C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - (14.1.1.0) -> "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
1440 | C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - (4.50.906.503) -> "C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe"
2516 | C:\Windows\system32\taskhost.exe (.Microsoft Corporation - Processus h๔te pour Tโches Windows.) - (6.1.7601.18010) -> "taskhost.exe"
2608 | C:\Windows\System32\rundll32.exe (.Microsoft Corporation - Processus h๔te Windows (Rundll32).) - (6.1.7600.16385) -> C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
2640 | C:\Windows\Explorer.EXE (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) -> C:\Windows\Explorer.EXE
3224 | C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) - (14.1.1.0) -> "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
3380 | C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.2049) -> "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
3516 | C:\Windows\system32\wbem\unsecapp.exe (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) -> C:\Windows\system32\wbem\unsecapp.exe -Embedding
3736 | C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (.Microsoft Corporation - GrooveMonitor Utility.) - (12.0.6500.5000) -> "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" 
3772 | C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (.Renesas Electronics Corporation - USB 3.0 Monitor.) - (2.1.26.0) -> "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" 
3864 | C:\Windows\System32\hkcmd.exe (.Intel Corporation - hkcmd Module.) - (8.15.10.2932) -> "C:\Windows\System32\hkcmd.exe" 
3872 | C:\Windows\System32\igfxpers.exe (.Intel Corporation - persistence Module.) - (8.15.10.2932) -> "C:\Windows\System32\igfxpers.exe" 
3920 | C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (.NVIDIA Corporation - NVIDIA NvTmru Application.) - (4.11.9.1) -> "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe" 
3948 | C:\Program Files\Microsoft Security Client\msseces.exe (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.4.304.0) -> "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
3996 | C:\Program Files\Common Files\Java\Java Update\jusched.exe (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.9.8) -> "C:\Program Files\Common Files\Java\Java Update\jusched.exe" 
4008 | C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE (.CANON INC. - Canon Advanced Printing Technology Printer Status Window Launcher.) - (4.1.1.3) -> "C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE" 
4040 | C:\Users\HDELL\AppData\Local\Akamai\netsession_win.exe (.Akamai Technologies, Inc. - Akamai NetSession Client.) - (1.8.9.2) -> "C:\Users\HDELL\AppData\Local\Akamai\netsession_win.exe" 
4076 | C:\Program Files\Windows Sidebar\sidebar.exe (.Microsoft Corporation - Gadgets du Bureau Windows.) - (6.1.7601.17514) -> "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
792 | C:\Program Files\Skype\Phone\Skype.exe (.Skype Technologies S.A. - Skype .) - (6.14.0.104) -> "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
2480 | C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) - (12.0.6500.5000) -> "C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
2604 | C:\Users\HDELL\AppData\Local\Akamai\netsession_win.exe (.Akamai Technologies, Inc. - Akamai NetSession Client.) - (1.8.9.2) -> "C:/Users/HDELL/AppData/Local/Akamai/netsession_win.exe" --client
3088 | C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE (.CANON INC. - Canon Advanced Printing Technology Printer Status Window.) - (4.3.3.4) -> C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE !hide Canon LBP3010/LBP3018/LBP3050
2648 | C:\Windows\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) -> C:\Windows\system32\SearchIndexer.exe /Embedding
3752 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage r้seau du Lecteur Windows Media.) - (12.0.7601.17514) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe"
2892 | C:\Program Files\Mozilla Firefox\firefox.exe (.Mozilla Corporation - Firefox.) - (27.0.1.5156) -> "C:\Program Files\Mozilla Firefox\firefox.exe" 
4272 | C:\Windows\system32\wbem\unsecapp.exe (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) -> C:\Windows\system32\wbem\unsecapp.exe -Embedding
6032 | C:\Program Files\Google\Update\GoogleUpdate.exe (.Google Inc. - Programme d'installation de Google.) - (1.3.21.103) -> "C:\Program Files\Google\Update\GoogleUpdate.exe" /c
4824 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de tโches.) - (6.1.7601.17514) -> taskeng.exe {15A90179-A2CC-4C57-9940-83E713AF0C28}

คคคคคคคคคค | Processus d้marr้s


[16/06/2013 10:55:23] - 288 | C:\Windows\System32\smss.exe (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.18113) -> \SystemRoot\System32\smss.exe   [69632 Ko]
[13/07/2009 23:11:09] - 472 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d’ex้cution client-serveur.) - (6.1.7600.16385) -> %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16   [6144 Ko]
[13/07/2009 23:36:49] - 544 | C:\Windows\system32\wininit.exe (.Microsoft Corporation - Application de d้marrage de Windows.) - (6.1.7600.16385) -> wininit.exe   [96256 Ko]
[13/07/2009 23:11:09] - 552 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d’ex้cution client-serveur.) - (6.1.7600.16385) -> %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16   [6144 Ko]
[13/07/2009 23:11:26] - 596 | C:\Windows\system32\services.exe (.Microsoft Corporation - Applications Services et Contr๔leur.) - (6.1.7600.16385) -> C:\Windows\system32\services.exe   [259072 Ko]
[17/06/2013 15:11:08] - 628 | C:\Windows\system32\winlogon.exe (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.17514) -> winlogon.exe   [286720 Ko]
[14/11/2013 00:24:45] - 656 | C:\Windows\system32\lsass.exe (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.18270) -> C:\Windows\system32\lsass.exe   [22016 Ko]
[17/06/2013 15:11:06] - 676 | C:\Windows\system32\lsm.exe (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) -> C:\Windows\system32\lsm.exe   [267776 Ko]
[13/07/2009 23:19:28] - 760 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k DcomLaunch   [20992 Ko]
[13/07/2009 23:19:28] - 892 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k RPCSS   [20992 Ko]
[23/10/2013 15:01:10] - 964 | C:\Program Files\Microsoft Security Client\MsMpEng.exe (.Microsoft Corporation - Antimalware Service Executable.) - (4.4.304.0) -> "C:\Program Files\Microsoft Security Client\MsMpEng.exe"   [22208 Ko]
[13/07/2009 23:19:28] - 1044 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted   [20992 Ko]
[13/07/2009 23:19:28] - 1076 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted   [20992 Ko]
[13/07/2009 23:19:28] - 1116 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k LocalService   [20992 Ko]
[13/07/2009 23:19:28] - 1140 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k netsvcs   [20992 Ko]
[13/07/2009 23:19:28] - 1480 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k NetworkService   [20992 Ko]
[13/07/2009 23:19:28] - 1804 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork   [20992 Ko]
[13/07/2009 23:19:28] - 2188 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k bthsvcs   [20992 Ko]
[13/07/2009 23:19:28] - 2368 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted   [20992 Ko]
[13/07/2009 23:24:23] - 2580 | C:\Windows\system32\Dwm.exe (.Microsoft Corporation - Gestionnaire de fen๊tres du Bureau.) - (6.1.7600.16385) -> "C:\Windows\system32\Dwm.exe"   [92672 Ko]
[17/06/2013 15:11:06] - 3596 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) -> C:\Windows\system32\wbem\wmiprvse.exe   [257536 Ko]
[13/07/2009 23:19:28] - 4016 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation   [20992 Ko]
[13/07/2009 23:19:28] - 4204 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus h๔te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\System32\svchost.exe -k LocalServicePeerNet   [20992 Ko]
[14/03/2014 11:14:47] - 6000 | C:\Users\HDELL\Desktop\Shortcut_Module.exe (. - Shortcut_Module.) - (14.3.2014.4) -> "C:\Users\HDELL\Desktop\Shortcut_Module.exe"    [2161152 Ko]
[17/06/2013 15:11:06] - 1372 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) -> C:\Windows\system32\wbem\wmiprvse.exe   [257536 Ko]

คคคคคคคคคค | Services


คคคคคคคคคค | Hosts

C:\Windows\System32\Drivers\etc\hosts : Remis a z้ro avec succ่s

คคคคคคคคคค | Registre


คคคคคคคคคค | IFEO


คคคคคคคคคค | Dossiers


คคคคคคคคคค | D้tournements de raccourcis


คคคคคคคคคค | Proxy

R้par้ : [HKU\S-1-5-21-2997919262-3707446486-516683171-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[ProxyOverride] : *.local;<local> -> *.local
R้par้ : [HKU\S-1-5-21-2997919262-3707446486-516683171-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1

คคคคคคคคคค | D้tournement internet Explorer


คคคคคคคคคค | D้tournement Google Chrome


คคคคคคคคคค | D้tournement Firefox


คคคคคคคคคค | D้tournement des cl้s StartMenuInternet


คคคคคคคคคค | AppInit_DLLs


[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1

คคคคคคคคคค | D้tournement Javascript


คคคคคคคคคค | Firewall


คคคคคคคคคค | Fichiers temporaires

[All Users] Fichiers temporaires Supprim้s : 0 Ko
[Default User] Fichiers temporaires Supprim้s : 0 Ko
[Default] Fichiers temporaires Supprim้s : 0 Ko
[Public] Fichiers temporaires Supprim้s : 0 Ko
[HDELL] Fichiers temporaires Supprim้s : 19791 Ko
[UpdatusUser] Fichiers temporaires Supprim้s : 0 Ko

Autre rapport

C:\Shortcut_Module_14_03_2014_12_38_47.txt

คคคคคคคคคค |EOF| คคคคคคคคคค | 13:50:02