Publicité
Publicité
Format du document : text/plain
Prévisualisation
���������� | Shortcut_Module | g3n-h@ckm@n | 14.03.2014.4
����� XP | Vista | 7 | 8 - 32/64 bits ����� - Start 13:37:52 - 14/03/2014
Mis � jour le : 14/03/2014 | 14.20 par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Boot : Normal
Syst�me : Windows 7 Professional (32 bits) Professional Service Pack 1
M�moire RAM = Total (MB) : 3060 | Libre (MB) : 1681
Pagefile = Total (MB) : 6118 | Libre (MB) : 4280
Virtuelle = Total (MB) : 2097 | Libre (MB) : 1959
Registre sauvegard� , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe
���������� | Mises � jour Windows
Derni�re(s) d�tection(s) : 2014-03-14 11:01:56
Derni�res T�l�charg�es : 2014-03-13 01:21:13
Derni�res install�es : 2014-03-14 03:05:03
Prochaine recherche : 2014-03-15 08:27:19
���������� | Navigateurs
IE : 11.0.9600.16521 (� Microsoft Corporation. Tous droits r�serv�s.)
FF : 27.0.1.5156 (�Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 31.0.1650.63 (Copyright 2012 Google Inc. All rights reserved.)
���������� | Processus tu�s
824 | C:\Windows\system32\nvvsvc.exe (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 320.49.) - (8.17.13.2049) -> "C:\Windows\system32\nvvsvc.exe"
848 | C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.2049) -> "C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
1352 | C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.41) -> "C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe"
1392 | C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.136) -> "C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe" /SRSPS
1640 | C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.2049) -> "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
1648 | C:\Windows\system32\nvvsvc.exe (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 320.49.) - (8.17.13.2049) -> C:\Windows\system32\nvvsvc.exe -session -first
1704 | C:\Windows\system32\WLANExt.exe (.Microsoft Corporation - Infrastructure d�extensibilit� pour les services r�seau Windows sans fil 802.11.) - (6.1.7600.16385) -> C:\Windows\system32\WLANExt.exe 28424280
1776 | C:\Windows\System32\spoolsv.exe (.Microsoft Corporation - Application sous-syst�me spouleur.) - (6.1.7601.17777) -> C:\Windows\System32\spoolsv.exe
1892 | C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - (1.0.32.10) -> "C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe"
1924 | C:\Program Files\Intel\WiFi\bin\EvtEng.exe (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (14.1.1.7) -> "C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
492 | C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - (4.11.9.1) -> "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
440 | C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - (14.1.1.0) -> "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
1440 | C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - (4.50.906.503) -> "C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe"
2516 | C:\Windows\system32\taskhost.exe (.Microsoft Corporation - Processus h�te pour T�ches Windows.) - (6.1.7601.18010) -> "taskhost.exe"
2608 | C:\Windows\System32\rundll32.exe (.Microsoft Corporation - Processus h�te Windows (Rundll32).) - (6.1.7600.16385) -> C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
2640 | C:\Windows\Explorer.EXE (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) -> C:\Windows\Explorer.EXE
3224 | C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) - (14.1.1.0) -> "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
3380 | C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.2049) -> "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
3516 | C:\Windows\system32\wbem\unsecapp.exe (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) -> C:\Windows\system32\wbem\unsecapp.exe -Embedding
3736 | C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (.Microsoft Corporation - GrooveMonitor Utility.) - (12.0.6500.5000) -> "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
3772 | C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (.Renesas Electronics Corporation - USB 3.0 Monitor.) - (2.1.26.0) -> "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
3864 | C:\Windows\System32\hkcmd.exe (.Intel Corporation - hkcmd Module.) - (8.15.10.2932) -> "C:\Windows\System32\hkcmd.exe"
3872 | C:\Windows\System32\igfxpers.exe (.Intel Corporation - persistence Module.) - (8.15.10.2932) -> "C:\Windows\System32\igfxpers.exe"
3920 | C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (.NVIDIA Corporation - NVIDIA NvTmru Application.) - (4.11.9.1) -> "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
3948 | C:\Program Files\Microsoft Security Client\msseces.exe (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.4.304.0) -> "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
3996 | C:\Program Files\Common Files\Java\Java Update\jusched.exe (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.9.8) -> "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
4008 | C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE (.CANON INC. - Canon Advanced Printing Technology Printer Status Window Launcher.) - (4.1.1.3) -> "C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE"
4040 | C:\Users\HDELL\AppData\Local\Akamai\netsession_win.exe (.Akamai Technologies, Inc. - Akamai NetSession Client.) - (1.8.9.2) -> "C:\Users\HDELL\AppData\Local\Akamai\netsession_win.exe"
4076 | C:\Program Files\Windows Sidebar\sidebar.exe (.Microsoft Corporation - Gadgets du Bureau Windows.) - (6.1.7601.17514) -> "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
792 | C:\Program Files\Skype\Phone\Skype.exe (.Skype Technologies S.A. - Skype .) - (6.14.0.104) -> "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
2480 | C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) - (12.0.6500.5000) -> "C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
2604 | C:\Users\HDELL\AppData\Local\Akamai\netsession_win.exe (.Akamai Technologies, Inc. - Akamai NetSession Client.) - (1.8.9.2) -> "C:/Users/HDELL/AppData/Local/Akamai/netsession_win.exe" --client
3088 | C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE (.CANON INC. - Canon Advanced Printing Technology Printer Status Window.) - (4.3.3.4) -> C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE !hide Canon LBP3010/LBP3018/LBP3050
2648 | C:\Windows\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) -> C:\Windows\system32\SearchIndexer.exe /Embedding
3752 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage r�seau du Lecteur Windows Media.) - (12.0.7601.17514) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe"
2892 | C:\Program Files\Mozilla Firefox\firefox.exe (.Mozilla Corporation - Firefox.) - (27.0.1.5156) -> "C:\Program Files\Mozilla Firefox\firefox.exe"
4272 | C:\Windows\system32\wbem\unsecapp.exe (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) -> C:\Windows\system32\wbem\unsecapp.exe -Embedding
6032 | C:\Program Files\Google\Update\GoogleUpdate.exe (.Google Inc. - Programme d'installation de Google.) - (1.3.21.103) -> "C:\Program Files\Google\Update\GoogleUpdate.exe" /c
4824 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de t�ches.) - (6.1.7601.17514) -> taskeng.exe {15A90179-A2CC-4C57-9940-83E713AF0C28}
���������� | Processus d�marr�s
[16/06/2013 10:55:23] - 288 | C:\Windows\System32\smss.exe (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.18113) -> \SystemRoot\System32\smss.exe [69632 Ko]
[13/07/2009 23:11:09] - 472 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d�ex�cution client-serveur.) - (6.1.7600.16385) -> %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 [6144 Ko]
[13/07/2009 23:36:49] - 544 | C:\Windows\system32\wininit.exe (.Microsoft Corporation - Application de d�marrage de Windows.) - (6.1.7600.16385) -> wininit.exe [96256 Ko]
[13/07/2009 23:11:09] - 552 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d�ex�cution client-serveur.) - (6.1.7600.16385) -> %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 [6144 Ko]
[13/07/2009 23:11:26] - 596 | C:\Windows\system32\services.exe (.Microsoft Corporation - Applications Services et Contr�leur.) - (6.1.7600.16385) -> C:\Windows\system32\services.exe [259072 Ko]
[17/06/2013 15:11:08] - 628 | C:\Windows\system32\winlogon.exe (.Microsoft Corporation - Application d�ouverture de session Windows.) - (6.1.7601.17514) -> winlogon.exe [286720 Ko]
[14/11/2013 00:24:45] - 656 | C:\Windows\system32\lsass.exe (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.18270) -> C:\Windows\system32\lsass.exe [22016 Ko]
[17/06/2013 15:11:06] - 676 | C:\Windows\system32\lsm.exe (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) -> C:\Windows\system32\lsm.exe [267776 Ko]
[13/07/2009 23:19:28] - 760 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k DcomLaunch [20992 Ko]
[13/07/2009 23:19:28] - 892 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k RPCSS [20992 Ko]
[23/10/2013 15:01:10] - 964 | C:\Program Files\Microsoft Security Client\MsMpEng.exe (.Microsoft Corporation - Antimalware Service Executable.) - (4.4.304.0) -> "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22208 Ko]
[13/07/2009 23:19:28] - 1044 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 Ko]
[13/07/2009 23:19:28] - 1076 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [20992 Ko]
[13/07/2009 23:19:28] - 1116 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k LocalService [20992 Ko]
[13/07/2009 23:19:28] - 1140 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k netsvcs [20992 Ko]
[13/07/2009 23:19:28] - 1480 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k NetworkService [20992 Ko]
[13/07/2009 23:19:28] - 1804 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork [20992 Ko]
[13/07/2009 23:19:28] - 2188 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k bthsvcs [20992 Ko]
[13/07/2009 23:19:28] - 2368 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted [20992 Ko]
[13/07/2009 23:24:23] - 2580 | C:\Windows\system32\Dwm.exe (.Microsoft Corporation - Gestionnaire de fen�tres du Bureau.) - (6.1.7600.16385) -> "C:\Windows\system32\Dwm.exe" [92672 Ko]
[17/06/2013 15:11:06] - 3596 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) -> C:\Windows\system32\wbem\wmiprvse.exe [257536 Ko]
[13/07/2009 23:19:28] - 4016 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [20992 Ko]
[13/07/2009 23:19:28] - 4204 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\System32\svchost.exe -k LocalServicePeerNet [20992 Ko]
[14/03/2014 11:14:47] - 6000 | C:\Users\HDELL\Desktop\Shortcut_Module.exe (. - Shortcut_Module.) - (14.3.2014.4) -> "C:\Users\HDELL\Desktop\Shortcut_Module.exe" [2161152 Ko]
[17/06/2013 15:11:06] - 1372 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) -> C:\Windows\system32\wbem\wmiprvse.exe [257536 Ko]
���������� | Services
���������� | Hosts
C:\Windows\System32\Drivers\etc\hosts : Remis a z�ro avec succ�s
���������� | Registre
���������� | IFEO
���������� | Dossiers
���������� | D�tournements de raccourcis
���������� | Proxy
R�par� : [HKU\S-1-5-21-2997919262-3707446486-516683171-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[ProxyOverride] : *.local; -> *.local
R�par� : [HKU\S-1-5-21-2997919262-3707446486-516683171-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1
���������� | D�tournement internet Explorer
���������� | D�tournement Google Chrome
���������� | D�tournement Firefox
���������� | D�tournement des cl�s StartMenuInternet
���������� | AppInit_DLLs
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1
���������� | D�tournement Javascript
���������� | Firewall
���������� | Fichiers temporaires
[All Users] Fichiers temporaires Supprim�s : 0 Ko
[Default User] Fichiers temporaires Supprim�s : 0 Ko
[Default] Fichiers temporaires Supprim�s : 0 Ko
[Public] Fichiers temporaires Supprim�s : 0 Ko
[HDELL] Fichiers temporaires Supprim�s : 19791 Ko
[UpdatusUser] Fichiers temporaires Supprim�s : 0 Ko
Autre rapport
C:\Shortcut_Module_14_03_2014_12_38_47.txt
���������� |EOF| ���������� | 13:50:02
����� XP | Vista | 7 | 8 - 32/64 bits ����� - Start 13:37:52 - 14/03/2014
Mis � jour le : 14/03/2014 | 14.20 par g3n-h@ckm@n
Contact : http://www.sosvirus.net
Boot : Normal
Syst�me : Windows 7 Professional (32 bits) Professional Service Pack 1
M�moire RAM = Total (MB) : 3060 | Libre (MB) : 1681
Pagefile = Total (MB) : 6118 | Libre (MB) : 4280
Virtuelle = Total (MB) : 2097 | Libre (MB) : 1959
Registre sauvegard� , pour restaurer : C:\Shortcut_Module\Save\Clean\ERDNT.exe
���������� | Mises � jour Windows
Derni�re(s) d�tection(s) : 2014-03-14 11:01:56
Derni�res T�l�charg�es : 2014-03-13 01:21:13
Derni�res install�es : 2014-03-14 03:05:03
Prochaine recherche : 2014-03-15 08:27:19
���������� | Navigateurs
IE : 11.0.9600.16521 (� Microsoft Corporation. Tous droits r�serv�s.)
FF : 27.0.1.5156 (�Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 31.0.1650.63 (Copyright 2012 Google Inc. All rights reserved.)
���������� | Processus tu�s
824 | C:\Windows\system32\nvvsvc.exe (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 320.49.) - (8.17.13.2049) -> "C:\Windows\system32\nvvsvc.exe"
848 | C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.2049) -> "C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
1352 | C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.41) -> "C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe"
1392 | C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.136) -> "C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe" /SRSPS
1640 | C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.2049) -> "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
1648 | C:\Windows\system32\nvvsvc.exe (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 320.49.) - (8.17.13.2049) -> C:\Windows\system32\nvvsvc.exe -session -first
1704 | C:\Windows\system32\WLANExt.exe (.Microsoft Corporation - Infrastructure d�extensibilit� pour les services r�seau Windows sans fil 802.11.) - (6.1.7600.16385) -> C:\Windows\system32\WLANExt.exe 28424280
1776 | C:\Windows\System32\spoolsv.exe (.Microsoft Corporation - Application sous-syst�me spouleur.) - (6.1.7601.17777) -> C:\Windows\System32\spoolsv.exe
1892 | C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - (1.0.32.10) -> "C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe"
1924 | C:\Program Files\Intel\WiFi\bin\EvtEng.exe (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (14.1.1.7) -> "C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
492 | C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - (4.11.9.1) -> "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
440 | C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - (14.1.1.0) -> "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
1440 | C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - (4.50.906.503) -> "C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe"
2516 | C:\Windows\system32\taskhost.exe (.Microsoft Corporation - Processus h�te pour T�ches Windows.) - (6.1.7601.18010) -> "taskhost.exe"
2608 | C:\Windows\System32\rundll32.exe (.Microsoft Corporation - Processus h�te Windows (Rundll32).) - (6.1.7600.16385) -> C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
2640 | C:\Windows\Explorer.EXE (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) -> C:\Windows\Explorer.EXE
3224 | C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) - (14.1.1.0) -> "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
3380 | C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.2049) -> "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
3516 | C:\Windows\system32\wbem\unsecapp.exe (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) -> C:\Windows\system32\wbem\unsecapp.exe -Embedding
3736 | C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (.Microsoft Corporation - GrooveMonitor Utility.) - (12.0.6500.5000) -> "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
3772 | C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (.Renesas Electronics Corporation - USB 3.0 Monitor.) - (2.1.26.0) -> "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
3864 | C:\Windows\System32\hkcmd.exe (.Intel Corporation - hkcmd Module.) - (8.15.10.2932) -> "C:\Windows\System32\hkcmd.exe"
3872 | C:\Windows\System32\igfxpers.exe (.Intel Corporation - persistence Module.) - (8.15.10.2932) -> "C:\Windows\System32\igfxpers.exe"
3920 | C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (.NVIDIA Corporation - NVIDIA NvTmru Application.) - (4.11.9.1) -> "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe"
3948 | C:\Program Files\Microsoft Security Client\msseces.exe (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.4.304.0) -> "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
3996 | C:\Program Files\Common Files\Java\Java Update\jusched.exe (.Oracle Corporation - Java(TM) Update Scheduler.) - (2.1.9.8) -> "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
4008 | C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE (.CANON INC. - Canon Advanced Printing Technology Printer Status Window Launcher.) - (4.1.1.3) -> "C:\Windows\System32\spool\drivers\w32x86\3\CNAP2LAK.EXE"
4040 | C:\Users\HDELL\AppData\Local\Akamai\netsession_win.exe (.Akamai Technologies, Inc. - Akamai NetSession Client.) - (1.8.9.2) -> "C:\Users\HDELL\AppData\Local\Akamai\netsession_win.exe"
4076 | C:\Program Files\Windows Sidebar\sidebar.exe (.Microsoft Corporation - Gadgets du Bureau Windows.) - (6.1.7601.17514) -> "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
792 | C:\Program Files\Skype\Phone\Skype.exe (.Skype Technologies S.A. - Skype .) - (6.14.0.104) -> "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
2480 | C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) - (12.0.6500.5000) -> "C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
2604 | C:\Users\HDELL\AppData\Local\Akamai\netsession_win.exe (.Akamai Technologies, Inc. - Akamai NetSession Client.) - (1.8.9.2) -> "C:/Users/HDELL/AppData/Local/Akamai/netsession_win.exe" --client
3088 | C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE (.CANON INC. - Canon Advanced Printing Technology Printer Status Window.) - (4.3.3.4) -> C:\Windows\system32\spool\DRIVERS\W32X86\3\CNAB8SWK.EXE !hide Canon LBP3010/LBP3018/LBP3050
2648 | C:\Windows\system32\SearchIndexer.exe (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) -> C:\Windows\system32\SearchIndexer.exe /Embedding
3752 | C:\Program Files\Windows Media Player\wmpnetwk.exe (.Microsoft Corporation - Service Partage r�seau du Lecteur Windows Media.) - (12.0.7601.17514) -> "C:\Program Files\Windows Media Player\wmpnetwk.exe"
2892 | C:\Program Files\Mozilla Firefox\firefox.exe (.Mozilla Corporation - Firefox.) - (27.0.1.5156) -> "C:\Program Files\Mozilla Firefox\firefox.exe"
4272 | C:\Windows\system32\wbem\unsecapp.exe (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) -> C:\Windows\system32\wbem\unsecapp.exe -Embedding
6032 | C:\Program Files\Google\Update\GoogleUpdate.exe (.Google Inc. - Programme d'installation de Google.) - (1.3.21.103) -> "C:\Program Files\Google\Update\GoogleUpdate.exe" /c
4824 | C:\Windows\system32\taskeng.exe (.Microsoft Corporation - Moteur du Planificateur de t�ches.) - (6.1.7601.17514) -> taskeng.exe {15A90179-A2CC-4C57-9940-83E713AF0C28}
���������� | Processus d�marr�s
[16/06/2013 10:55:23] - 288 | C:\Windows\System32\smss.exe (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.18113) -> \SystemRoot\System32\smss.exe [69632 Ko]
[13/07/2009 23:11:09] - 472 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d�ex�cution client-serveur.) - (6.1.7600.16385) -> %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 [6144 Ko]
[13/07/2009 23:36:49] - 544 | C:\Windows\system32\wininit.exe (.Microsoft Corporation - Application de d�marrage de Windows.) - (6.1.7600.16385) -> wininit.exe [96256 Ko]
[13/07/2009 23:11:09] - 552 | C:\Windows\system32\csrss.exe (.Microsoft Corporation - Processus d�ex�cution client-serveur.) - (6.1.7600.16385) -> %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 [6144 Ko]
[13/07/2009 23:11:26] - 596 | C:\Windows\system32\services.exe (.Microsoft Corporation - Applications Services et Contr�leur.) - (6.1.7600.16385) -> C:\Windows\system32\services.exe [259072 Ko]
[17/06/2013 15:11:08] - 628 | C:\Windows\system32\winlogon.exe (.Microsoft Corporation - Application d�ouverture de session Windows.) - (6.1.7601.17514) -> winlogon.exe [286720 Ko]
[14/11/2013 00:24:45] - 656 | C:\Windows\system32\lsass.exe (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.18270) -> C:\Windows\system32\lsass.exe [22016 Ko]
[17/06/2013 15:11:06] - 676 | C:\Windows\system32\lsm.exe (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) -> C:\Windows\system32\lsm.exe [267776 Ko]
[13/07/2009 23:19:28] - 760 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k DcomLaunch [20992 Ko]
[13/07/2009 23:19:28] - 892 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k RPCSS [20992 Ko]
[23/10/2013 15:01:10] - 964 | C:\Program Files\Microsoft Security Client\MsMpEng.exe (.Microsoft Corporation - Antimalware Service Executable.) - (4.4.304.0) -> "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [22208 Ko]
[13/07/2009 23:19:28] - 1044 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 Ko]
[13/07/2009 23:19:28] - 1076 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [20992 Ko]
[13/07/2009 23:19:28] - 1116 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k LocalService [20992 Ko]
[13/07/2009 23:19:28] - 1140 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k netsvcs [20992 Ko]
[13/07/2009 23:19:28] - 1480 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k NetworkService [20992 Ko]
[13/07/2009 23:19:28] - 1804 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork [20992 Ko]
[13/07/2009 23:19:28] - 2188 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k bthsvcs [20992 Ko]
[13/07/2009 23:19:28] - 2368 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted [20992 Ko]
[13/07/2009 23:24:23] - 2580 | C:\Windows\system32\Dwm.exe (.Microsoft Corporation - Gestionnaire de fen�tres du Bureau.) - (6.1.7600.16385) -> "C:\Windows\system32\Dwm.exe" [92672 Ko]
[17/06/2013 15:11:06] - 3596 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) -> C:\Windows\system32\wbem\wmiprvse.exe [257536 Ko]
[13/07/2009 23:19:28] - 4016 | C:\Windows\system32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [20992 Ko]
[13/07/2009 23:19:28] - 4204 | C:\Windows\System32\svchost.exe (.Microsoft Corporation - Processus h�te pour les services Windows.) - (6.1.7600.16385) -> C:\Windows\System32\svchost.exe -k LocalServicePeerNet [20992 Ko]
[14/03/2014 11:14:47] - 6000 | C:\Users\HDELL\Desktop\Shortcut_Module.exe (. - Shortcut_Module.) - (14.3.2014.4) -> "C:\Users\HDELL\Desktop\Shortcut_Module.exe" [2161152 Ko]
[17/06/2013 15:11:06] - 1372 | C:\Windows\system32\wbem\wmiprvse.exe (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) -> C:\Windows\system32\wbem\wmiprvse.exe [257536 Ko]
���������� | Services
���������� | Hosts
C:\Windows\System32\Drivers\etc\hosts : Remis a z�ro avec succ�s
���������� | Registre
���������� | IFEO
���������� | Dossiers
���������� | D�tournements de raccourcis
���������� | Proxy
R�par� : [HKU\S-1-5-21-2997919262-3707446486-516683171-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[ProxyOverride] : *.local;
R�par� : [HKU\S-1-5-21-2997919262-3707446486-516683171-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]|[WarnonZoneCrossing] : 0 -> 1
���������� | D�tournement internet Explorer
���������� | D�tournement Google Chrome
���������� | D�tournement Firefox
���������� | D�tournement des cl�s StartMenuInternet
���������� | AppInit_DLLs
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]|[LoadAppInit_DLLs] : 1
���������� | D�tournement Javascript
���������� | Firewall
���������� | Fichiers temporaires
[All Users] Fichiers temporaires Supprim�s : 0 Ko
[Default User] Fichiers temporaires Supprim�s : 0 Ko
[Default] Fichiers temporaires Supprim�s : 0 Ko
[Public] Fichiers temporaires Supprim�s : 0 Ko
[HDELL] Fichiers temporaires Supprim�s : 19791 Ko
[UpdatusUser] Fichiers temporaires Supprim�s : 0 Ko
Autre rapport
C:\Shortcut_Module_14_03_2014_12_38_47.txt
���������� |EOF| ���������� | 13:50:02