8 réponses
############################## | UsbFix V 7.152 | [Recherche]
Utilisateur: ordinateur (Administrateur) # ORDINATEUR-TOSH
Mis à jour le 20/11/2013 par El Desaparecido - Team SosVirus
Lancé à 14:37:27 | 27/11/2013
Site Web : https://www.usbfix.net/
Forum : https://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: TOSHIBA (NBWAA)
CPU: Intel(R) Celeron(R) CPU 900 @ 2.20GHz
RAM -> [Total : 3933 | Free : 2217]
Bios: TOSHIBA
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16428
WB: Google Chrome : 31.0.1650.57
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Trend Micro Titanium Internet Security [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 232 Go (107 Go libre(s) - 46%) [WINDOWS] # NTFS
D:\ -> Disque fixe # 233 Go (180 Go libre(s) - 77%) [Data] # NTFS
E:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 480 |ParentID: 472)
C:\Windows\system32\wininit.exe (ID: 544 |ParentID: 472)
C:\Windows\system32\csrss.exe (ID: 556 |ParentID: 536)
C:\Windows\system32\winlogon.exe (ID: 612 |ParentID: 536)
C:\Windows\system32\services.exe (ID: 648 |ParentID: 544)
C:\Windows\system32\lsass.exe (ID: 656 |ParentID: 544)
C:\Windows\system32\lsm.exe (ID: 664 |ParentID: 544)
C:\Windows\system32\svchost.exe (ID: 756 |ParentID: 648)
C:\Windows\system32\svchost.exe (ID: 824 |ParentID: 648)
C:\Windows\System32\svchost.exe (ID: 912 |ParentID: 648)
C:\Windows\System32\svchost.exe (ID: 1004 |ParentID: 648)
C:\Windows\system32\svchost.exe (ID: 368 |ParentID: 648)
C:\Windows\system32\svchost.exe (ID: 388 |ParentID: 648)
C:\Windows\system32\svchost.exe (ID: 1068 |ParentID: 648)
C:\Windows\system32\Dwm.exe (ID: 1252 |ParentID: 1004)
C:\Windows\system32\svchost.exe (ID: 1312 |ParentID: 648)
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (ID: 1392 |ParentID: 648)
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe (ID: 1592 |ParentID: 1392)
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe (ID: 1612 |ParentID: 1592)
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe (ID: 1676 |ParentID: 1392)
C:\Windows\system32\svchost.exe (ID: 1684 |ParentID: 648)
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (ID: 2104 |ParentID: 1480)
C:\Windows\System32\svchost.exe (ID: 2344 |ParentID: 648)
C:\Windows\system32\svchost.exe (ID: 1996 |ParentID: 648)
C:\Windows\explorer.exe (ID: 4172 |ParentID: 612)
C:\Windows\System32\rundll32.exe (ID: 2476 |ParentID: 756)
C:\Windows\system32\SearchIndexer.exe (ID: 4016 |ParentID: 648)
C:\Windows\system32\DllHost.exe (ID: 6420 |ParentID: 756)
C:\Windows\system32\wuauclt.exe (ID: 4040 |ParentID: 388)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 2424 |ParentID: 648)
C:\Windows\System32\spoolsv.exe (ID: 3984 |ParentID: 648)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3536 |ParentID: 4172)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6268 |ParentID: 3536)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2092 |ParentID: 3536)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2312 |ParentID: 3536)
C:\Windows\system32\DllHost.exe (ID: 3092 |ParentID: 756)
C:\Windows\system32\SearchProtocolHost.exe (ID: 2996 |ParentID: 4016)
C:\Program Files\Internet Explorer\iexplore.exe (ID: 5376 |ParentID: 4172)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (ID: 3824 |ParentID: 5376)
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe (ID: 2164 |ParentID: 756)
C:\Windows\splwow64.exe (ID: 1916 |ParentID: 1332)
C:\Windows\system32\SearchFilterHost.exe (ID: 3292 |ParentID: 4016)
C:\UsbFix\Go.exe (ID: 6524 |ParentID: 4492)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2976 |ParentID: 756)
################## | Regedit Run |
04 - HKLM\SOFTWARE | Run : [SVPWUTIL] - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
04 - HKLM\SOFTWARE | Run : [HWSetup] - "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
04 - HKLM\SOFTWARE | Run : [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
04 - HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\SOFTWARE | Run : [TWebCamera] - "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
04 - HKLM\SOFTWARE | Run : [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
04 - HKLM\SOFTWARE | Run : [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
04 - HKLM\SOFTWARE | Run : [vProt] - "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
04 - HKLM\SOFTWARE | Run : [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\7410f76e-6337-4f83-b9dd-2bb2c86e28f9.exe /check
04 - HKLM\SOFTWARE\wow6432Node | Run : [SVPWUTIL] - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
04 - HKLM\SOFTWARE\wow6432Node | Run : [HWSetup] - "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
04 - HKLM\SOFTWARE\wow6432Node | Run : [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [TWebCamera] - "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
04 - HKLM\SOFTWARE\wow6432Node | Run : [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
04 - HKLM\SOFTWARE\wow6432Node | Run : [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
04 - HKLM\SOFTWARE\wow6432Node | Run : [vProt] - "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\7410f76e-6337-4f83-b9dd-2bb2c86e28f9.exe /check
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-794507599-3352924644-2949574568-1000\SOFTWARE | Run : [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
04 - HKU\S-1-5-21-794507599-3352924644-2949574568-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-794507599-3352924644-2949574568-1000\SOFTWARE | Run : [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-18\SOFTWARE | Run : [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Recherche générique |
################## | Registre |
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktop -> 1
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktopChanges -> 1
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
Utilisateur: ordinateur (Administrateur) # ORDINATEUR-TOSH
Mis à jour le 20/11/2013 par El Desaparecido - Team SosVirus
Lancé à 14:37:27 | 27/11/2013
Site Web : https://www.usbfix.net/
Forum : https://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : https://www.usb-antivirus.com/fr/contact/
PC: TOSHIBA (NBWAA)
CPU: Intel(R) Celeron(R) CPU 900 @ 2.20GHz
RAM -> [Total : 3933 | Free : 2217]
Bios: TOSHIBA
Boot: Normal boot
OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16428
WB: Google Chrome : 31.0.1650.57
SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: Trend Micro Titanium Internet Security [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]
C:\ (%systemdrive%) -> Disque fixe # 232 Go (107 Go libre(s) - 46%) [WINDOWS] # NTFS
D:\ -> Disque fixe # 233 Go (180 Go libre(s) - 77%) [Data] # NTFS
E:\ -> CD-ROM
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 480 |ParentID: 472)
C:\Windows\system32\wininit.exe (ID: 544 |ParentID: 472)
C:\Windows\system32\csrss.exe (ID: 556 |ParentID: 536)
C:\Windows\system32\winlogon.exe (ID: 612 |ParentID: 536)
C:\Windows\system32\services.exe (ID: 648 |ParentID: 544)
C:\Windows\system32\lsass.exe (ID: 656 |ParentID: 544)
C:\Windows\system32\lsm.exe (ID: 664 |ParentID: 544)
C:\Windows\system32\svchost.exe (ID: 756 |ParentID: 648)
C:\Windows\system32\svchost.exe (ID: 824 |ParentID: 648)
C:\Windows\System32\svchost.exe (ID: 912 |ParentID: 648)
C:\Windows\System32\svchost.exe (ID: 1004 |ParentID: 648)
C:\Windows\system32\svchost.exe (ID: 368 |ParentID: 648)
C:\Windows\system32\svchost.exe (ID: 388 |ParentID: 648)
C:\Windows\system32\svchost.exe (ID: 1068 |ParentID: 648)
C:\Windows\system32\Dwm.exe (ID: 1252 |ParentID: 1004)
C:\Windows\system32\svchost.exe (ID: 1312 |ParentID: 648)
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (ID: 1392 |ParentID: 648)
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe (ID: 1592 |ParentID: 1392)
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe (ID: 1612 |ParentID: 1592)
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe (ID: 1676 |ParentID: 1392)
C:\Windows\system32\svchost.exe (ID: 1684 |ParentID: 648)
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (ID: 2104 |ParentID: 1480)
C:\Windows\System32\svchost.exe (ID: 2344 |ParentID: 648)
C:\Windows\system32\svchost.exe (ID: 1996 |ParentID: 648)
C:\Windows\explorer.exe (ID: 4172 |ParentID: 612)
C:\Windows\System32\rundll32.exe (ID: 2476 |ParentID: 756)
C:\Windows\system32\SearchIndexer.exe (ID: 4016 |ParentID: 648)
C:\Windows\system32\DllHost.exe (ID: 6420 |ParentID: 756)
C:\Windows\system32\wuauclt.exe (ID: 4040 |ParentID: 388)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 2424 |ParentID: 648)
C:\Windows\System32\spoolsv.exe (ID: 3984 |ParentID: 648)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 3536 |ParentID: 4172)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 6268 |ParentID: 3536)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2092 |ParentID: 3536)
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ID: 2312 |ParentID: 3536)
C:\Windows\system32\DllHost.exe (ID: 3092 |ParentID: 756)
C:\Windows\system32\SearchProtocolHost.exe (ID: 2996 |ParentID: 4016)
C:\Program Files\Internet Explorer\iexplore.exe (ID: 5376 |ParentID: 4172)
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (ID: 3824 |ParentID: 5376)
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe (ID: 2164 |ParentID: 756)
C:\Windows\splwow64.exe (ID: 1916 |ParentID: 1332)
C:\Windows\system32\SearchFilterHost.exe (ID: 3292 |ParentID: 4016)
C:\UsbFix\Go.exe (ID: 6524 |ParentID: 4492)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 2976 |ParentID: 756)
################## | Regedit Run |
04 - HKLM\SOFTWARE | Run : [SVPWUTIL] - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
04 - HKLM\SOFTWARE | Run : [HWSetup] - "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
04 - HKLM\SOFTWARE | Run : [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
04 - HKLM\SOFTWARE | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\SOFTWARE | Run : [TWebCamera] - "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
04 - HKLM\SOFTWARE | Run : [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
04 - HKLM\SOFTWARE | Run : [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
04 - HKLM\SOFTWARE | Run : [vProt] - "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
04 - HKLM\SOFTWARE | Run : [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\7410f76e-6337-4f83-b9dd-2bb2c86e28f9.exe /check
04 - HKLM\SOFTWARE\wow6432Node | Run : [SVPWUTIL] - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
04 - HKLM\SOFTWARE\wow6432Node | Run : [HWSetup] - "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
04 - HKLM\SOFTWARE\wow6432Node | Run : [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
04 - HKLM\SOFTWARE\wow6432Node | Run : [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [TWebCamera] - "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
04 - HKLM\SOFTWARE\wow6432Node | Run : [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
04 - HKLM\SOFTWARE\wow6432Node | Run : [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
04 - HKLM\SOFTWARE\wow6432Node | Run : [vProt] - "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
04 - HKLM\SOFTWARE\wow6432Node | Run : [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\7410f76e-6337-4f83-b9dd-2bb2c86e28f9.exe /check
04 - HKLM\SOFTWARE | RunOnce : [] -
04 - HKLM\SOFTWARE\wow6432Node | RunOnce : [] -
04 - HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-794507599-3352924644-2949574568-1000\SOFTWARE | Run : [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
04 - HKU\S-1-5-21-794507599-3352924644-2949574568-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-794507599-3352924644-2949574568-1000\SOFTWARE | Run : [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-18\SOFTWARE | Run : [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe
04 - HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-18\SOFTWARE | RunOnce : [SPReview] - "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"https://support.microsoft.com/en-us/windows/install-windows-7-service-pack-1-sp1-b3da2c0f-cdb6-0572-8596-bab972897f61" /build:7601
################## | Recherche générique |
################## | Registre |
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktop -> 1
Présent! HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoActiveDesktopChanges -> 1
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F | https://www.usbfix.net/ - https://www.sosvirus.net/ |
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Affiche les fichiers caché et systèmes : https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/
Nettoye le contenu de ta clef USB.
Nettoye le contenu de ta clef USB.
