chloe17
Nombre d'articles : 0

Voici le rapport suite à la recherche :
[spoiler:klrjdsfu]############################## | UsbFix V 7.145 | [Recherche]

Utilisateur: fabienne (Administrateur) # FABIENNE-TOSH
Mis à jour le 17/10/2013 par El Desaparecido – Team SosVirus
Lancé à 21:22:15 | 26/10/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: TOSHIBA (NDU10)
CPU: Intel(R) Pentium(R) CPU U5400 @ 1.20GHz
RAM -> [Total : 2931 | Free : 1206]
Bios: TOSHIBA
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: F-Secure Client Security 9.01 [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 149 Go (85 Go libre(s) – 57%) [WINDOWS] # NTFS
D: -> Disque fixe # 149 Go (141 Go libre(s) – 95%) [Data] # NTFS
E: -> Disque amovible # 7 Go (5 Go libre(s) – 61%) [] # FAT32

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID 472 |ParentID 464)
C:Windowssystem32wininit.exe (ID 536 |ParentID 464)
C:Windowssystem32csrss.exe (ID 556 |ParentID 528)
C:Windowssystem32services.exe (ID 588 |ParentID 536)
C:Windowssystem32lsass.exe (ID 604 |ParentID 536)
C:Windowssystem32lsm.exe (ID 612 |ParentID 536)
C:Windowssystem32svchost.exe (ID 732 |ParentID 588)
C:Windowssystem32svchost.exe (ID 796 |ParentID 588)
C:WindowsSystem32svchost.exe (ID 848 |ParentID 588)
C:WindowsSystem32svchost.exe (ID 900 |ParentID 588)
C:Windowssystem32svchost.exe (ID 940 |ParentID 588)
C:Windowssystem32winlogon.exe (ID 992 |ParentID 528)
C:Windowssystem32svchost.exe (ID 380 |ParentID 588)
C:Windowssystem32svchost.exe (ID 528 |ParentID 588)
C:WindowsSystem32spoolsv.exe (ID 1264 |ParentID 588)
C:Windowssystem32svchost.exe (ID 1292 |ParentID 588)
C:Windowssystem32svchost.exe (ID 1344 |ParentID 588)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID 1452 |ParentID 588)
C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID 1516 |ParentID 588)
C:Program FilesBonjourmDNSResponder.exe (ID 1540 |ParentID 588)
C:Program Files (x86)F-SecureAnti-Virusfsgk32st.exe (ID 1620 |ParentID 588)
C:Program Files (x86)F-SecureAnti-VirusFSGK32.EXE (ID 1648 |ParentID 1620)
C:Program Files (x86)F-SecureCommonFSMA32.EXE (ID 1656 |ParentID 588)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID 1692 |ParentID 588)
C:Program Files (x86)F-SecureCommonFSHDLL32.EXE (ID 1744 |ParentID 1656)
C:Program Files (x86)Common FilesMicrosoft SharedVS7DEBUGmdm.exe (ID 1808 |ParentID 588)
C:PROGRA~2MYFUNC~2bar1.bin5mbarsvc.exe (ID 1836 |ParentID 588)
c:Program Files (x86)Common FilesNeroNero BackItUp 4NBService.exe (ID 1856 |ParentID 588)
C:Program Files (x86)MicrosoftBingBarSeaPort.EXE (ID 2004 |ParentID 588)
C:Windowssystem32svchost.exe (ID 1468 |ParentID 588)
C:Windowssystem32ThpSrv.exe (ID 1400 |ParentID 588)
C:Windowssystem32TODDSrv.exe (ID 2080 |ParentID 588)
C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe (ID 2108 |ParentID 588)
C:Program FilesTOSHIBAPower SaverTosCoSrv.exe (ID 2132 |ParentID 588)
C:Program FilesTOSHIBATECOTecoService.exe (ID 2160 |ParentID 588)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID 2360 |ParentID 588)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID 2424 |ParentID 2360)
C:Program Files (x86)F-SecureFWESProgramfsdfwd.exe (ID 2708 |ParentID 588)
C:Program Files (x86)F-SecureORSP Clientfsorsp.exe (ID 2812 |ParentID 588)
C:Program Files (x86)F-SecureAnti-Virusfssm32.exe (ID 2884 |ParentID 1648)
C:Windowssystem32svchost.exe (ID 2972 |ParentID 588)
C:Program Files (x86)F-SecureCommonFNRB32.EXE (ID 3008 |ParentID 588)
C:Program Files (x86)F-SecureCommonFIH32.EXE (ID 2264 |ParentID 1656)
C:Program Files (x86)F-SecureAnti-Virusfsav32.exe (ID 3080 |ParentID 1648)
C:Windowssystem32taskhost.exe (ID 3416 |ParentID 588)
C:Windowssystem32Dwm.exe (ID 3544 |ParentID 900)
C:WindowsExplorer.EXE (ID 3560 |ParentID 3524)
C:Program Files (x86)Toshiba TEMPROTemproTray.exe (ID 3756 |ParentID 3560)
C:WindowsSystem32ThpSrv.exe (ID 3780 |ParentID 3560)
C:Program FilesRealtekAudioHDARAVCpl64.exe (ID 3792 |ParentID 3560)
C:Program FilesRealtekAudioHDARAVBg64.exe (ID 3932 |ParentID 3560)
C:WindowsSystem32igfxpers.exe (ID 3940 |ParentID 3560)
C:Program FilesMicrosoft IntelliPointipoint.exe (ID 3948 |ParentID 3560)
C:WindowsSystem32igfxtray.exe (ID 3964 |ParentID 3560)
C:WindowsSystem32hkcmd.exe (ID 3972 |ParentID 3560)
C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe (ID 3100 |ParentID 3560)
C:Program FilesWindows Sidebarsidebar.exe (ID 2408 |ParentID 3560)
C:WindowsSystem32StikyNot.exe (ID 3180 |ParentID 3560)
C:Program Files (x86)MyTomTom 3MyTomTomSA.exe (ID 3320 |ParentID 3560)
C:Program Files (x86)MyFunCards_5mbar1.bin5mbrmon.exe (ID 4100 |ParentID 3896)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID 4176 |ParentID 588)
C:Program FilesiPodbiniPodService.exe (ID 5032 |ParentID 588)
C:Program Files (x86)TOSHIBAConfigFreeCFIWmxSvcs64.exe (ID 4368 |ParentID 588)
C:Program Files (x86)TOSHIBAConfigFreeCFSvcs.exe (ID 648 |ParentID 588)
C:WindowsSystem32svchost.exe (ID 864 |ParentID 588)
C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe (ID 5312 |ParentID 588)
C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe (ID 5792 |ParentID 588)
C:Windowssystem32DllHost.exe (ID 6048 |ParentID 732)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID 5064 |ParentID 588)
C:WindowsSystem32svchost.exe (ID 5136 |ParentID 588)
C:Windowssystem32svchost.exe (ID 3236 |ParentID 588)
C:Program Files (x86)Internet ExplorerIELowutil.exe (ID 6932 |ParentID 5468)
C:Windowssystem32taskhost.exe (ID 7120 |ParentID 588)
C:Program Files (x86)GoogleUpdate1.3.21.165GoogleCrashHandler.exe (ID 7548 |ParentID 6488)
C:Program Files (x86)GoogleUpdate1.3.21.165GoogleCrashHandler64.exe (ID 4480 |ParentID 6488)
C:Windowssystem32SearchIndexer.exe (ID 8112 |ParentID 588)
C:Program Files (x86)SkypePhoneSkype.exe (ID 4468 |ParentID 3560)
C:Windowssystem32taskeng.exe (ID 5612 |ParentID 940)
C:Program Files (x86)NeroNero BackItUp & BurnNero BackItUpNBAgent.exe (ID 4996 |ParentID 5612)
C:UsersfabienneAppDataLocalGoogleChromeApplicationchrome.exe (ID 9980 |ParentID 3560)
C:UsersfabienneAppDataLocalGoogleChromeApplicationchrome.exe (ID 6668 |ParentID 9980)
C:UsersfabienneAppDataLocalGoogleChromeApplicationchrome.exe (ID 6660 |ParentID 9980)
C:UsersfabienneAppDataLocalGoogleChromeApplicationchrome.exe (ID 9624 |ParentID 9980)
C:UsbFixGo.exe (ID 3376 |ParentID 10588)
C:Windowssystem32DeviceDisplayObjectProvider.exe (ID 9504 |ParentID 732)
C:WindowsSystem32WUDFHost.exe (ID 7236 |ParentID 900)
C:UsersfabienneAppDataLocalGoogleChromeApplicationchrome.exe (ID 8684 |ParentID 9980)
C:UsbFixGo.exe (ID 6424 |ParentID 10576)
C:Windowssystem32wbemwmiprvse.exe (ID 9432 |ParentID 732)

################## | Regedit Run |

HKLMSOFTWARE | Run : [TWebCamera] – “C:Program Files (x86)TOSHIBATOSHIBA Web Camera ApplicationTWebCamera.exe” autorun
HKLMSOFTWARE | Run : [TSleepSrv] – %ProgramFiles(x86)%TOSHIBATOSHIBA Sleep UtilityTSleepSrv.exe
HKLMSOFTWARE | Run : [ToshibaServiceStation] – “C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe” /hide:60
HKLMSOFTWARE | Run : [SVPWUTIL] – C:Program Files (x86)TOSHIBAUtilitiesSVPWUTIL.exe SVPwUTIL
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWARE | Run : [NBAgent] – “c:Program Files (x86)NeroNero BackItUp & BurnNero BackItUpNBAgent.exe” /WinStart
HKLMSOFTWARE | Run : [MyFunCards_5m Browser Plugin Loader] – C:PROGRA~2MYFUNC~2bar1.bin5mbrmon.exe
HKLMSOFTWARE | Run : [MyFunCards Search Scope Monitor] – “C:PROGRA~2MYFUNC~2bar1.bin5msrchmn.exe” /m=2 /w /h
HKLMSOFTWARE | Run : [Microsoft Default Manager] – “C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe” -resume
HKLMSOFTWARE | Run : [KeNotify] – C:Program Files (x86)TOSHIBAUtilitiesKeNotify.exe
HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
HKLMSOFTWARE | Run : [HWSetup] – C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
HKLMSOFTWARE | Run : [GrooveMonitor] – “C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe”
HKLMSOFTWARE | Run : [F-Secure TNB] – “C:Program Files (x86)F-SecureFSGUITNBUtil.exe” /CHECKALL /WAITFORSW
HKLMSOFTWARE | Run : [F-Secure Manager] – “C:Program Files (x86)F-SecureCommonFSM32.EXE” /splash
HKLMSOFTWARE | Run : [ControlCenter3] – C:Program Files (x86)BrotherControlCenter3brctrcen.exe /autorun
HKLMSOFTWARE | Run : [BrMfcWnd] – C:Program Files (x86)BrotherBrmfcmonBrMfcWnd.exe /AUTORUN
HKLMSOFTWARE | Run : [beid] – “C:Program Files (x86)Belgium Identity Cardbeid35gui.exe” /startup
HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWAREwow6432Node | Run : [TWebCamera] – “C:Program Files (x86)TOSHIBATOSHIBA Web Camera ApplicationTWebCamera.exe” autorun
HKLMSOFTWAREwow6432Node | Run : [TSleepSrv] – %ProgramFiles(x86)%TOSHIBATOSHIBA Sleep UtilityTSleepSrv.exe
HKLMSOFTWAREwow6432Node | Run : [ToshibaServiceStation] – “C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe” /hide:60
HKLMSOFTWAREwow6432Node | Run : [SVPWUTIL] – C:Program Files (x86)TOSHIBAUtilitiesSVPWUTIL.exe SVPwUTIL
HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWAREwow6432Node | Run : [NBAgent] – “c:Program Files (x86)NeroNero BackItUp & BurnNero BackItUpNBAgent.exe” /WinStart
HKLMSOFTWAREwow6432Node | Run : [MyFunCards_5m Browser Plugin Loader] – C:PROGRA~2MYFUNC~2bar1.bin5mbrmon.exe
HKLMSOFTWAREwow6432Node | Run : [MyFunCards Search Scope Monitor] – “C:PROGRA~2MYFUNC~2bar1.bin5msrchmn.exe” /m=2 /w /h
HKLMSOFTWAREwow6432Node | Run : [Microsoft Default Manager] – “C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe” -resume
HKLMSOFTWAREwow6432Node | Run : [KeNotify] – C:Program Files (x86)TOSHIBAUtilitiesKeNotify.exe
HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
HKLMSOFTWAREwow6432Node | Run : [HWSetup] – C:Program FilesTOSHIBAUtilitiesHWSetup.exe hwSetUP
HKLMSOFTWAREwow6432Node | Run : [GrooveMonitor] – “C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe”
HKLMSOFTWAREwow6432Node | Run : [F-Secure TNB] – “C:Program Files (x86)F-SecureFSGUITNBUtil.exe” /CHECKALL /WAITFORSW
HKLMSOFTWAREwow6432Node | Run : [F-Secure Manager] – “C:Program Files (x86)F-SecureCommonFSM32.EXE” /splash
HKLMSOFTWAREwow6432Node | Run : [ControlCenter3] – C:Program Files (x86)BrotherControlCenter3brctrcen.exe /autorun
HKLMSOFTWAREwow6432Node | Run : [BrMfcWnd] – C:Program Files (x86)BrotherBrmfcmonBrMfcWnd.exe /AUTORUN
HKLMSOFTWAREwow6432Node | Run : [beid] – “C:Program Files (x86)Belgium Identity Cardbeid35gui.exe” /startup
HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-21-2002910404-3860763008-3131954140-1000SOFTWARE | Run : [TomTomHOME.exe] – “C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe”
HKUS-1-5-21-2002910404-3860763008-3131954140-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
HKUS-1-5-21-2002910404-3860763008-3131954140-1000SOFTWARE | Run : [RESTART_STICKY_NOTES] – C:WindowsSystem32StikyNot.exe
HKUS-1-5-21-2002910404-3860763008-3131954140-1000SOFTWARE | Run : [MyTomTomSA.exe] – “C:Program Files (x86)MyTomTom 3MyTomTomSA.exe”
HKUS-1-5-21-2002910404-3860763008-3131954140-1000SOFTWARE | Run : [Google Update] – “C:UsersfabienneAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
HKUS-1-5-21-2002910404-3860763008-3131954140-1000SOFTWARE | Run : [AVG-Secure-Search-Update_JUNE2013_HP] – “C:Program Files (x86)AVG Secure SearchAVG-Secure-Search-Update_JUNE2013_HP.exe” /PROMPT /CMPID=JUNE2013_HP
HKUS-1-5-18SOFTWARE | Run : [TOSHIBA Online Product Information] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Éléments infectieux |

Présent! E:bijoux.lnk
Présent! E:photo.lnk
Présent! E:.lnk
Présent! E:Intouchables.lnk
Présent! E:Musique.lnk
Présent! E:Colonies.lnk
Présent! E:TIPE.lnk
Présent! E:RECYCLER.lnk
Présent! E:Ski, organisation.lnk
Présent! E:Info.lnk
Présent! E:Photos.lnk
Présent! E:.Trashes.lnk
Présent! E:Liège, Ecole Véto.lnk
Présent! E:.fseventsd.lnk
Présent! E:.Spotlight-V100.lnk
Présent! E:Larvotherapie, TPE.lnk
Présent! E:Job été.lnk
Présent! E:Larvothérapie.lnk
Présent! C:UsersfabienneAppDataLocalTempPrintPreview.hta
Présent! E:Recyclerdesktop.ini

################## | Registre |

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:klrjdsfu]
Merci d’avance pour votre aide !

Chloe17