############################## | UsbFix V 7.106 | [Recherche] Utilisateur: Marie (Administrateur) # PC-DE-MARIE Mis à jour le 12/02/2013 par El Desaparecido Lancé à 23:51:28 | 15/02/2013 Site Web: http://sosvirus.org/index.php Contact: contact@sosvirus.org PC: TOSHIBA (Satellite L350) (X86-based PC) CPU: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz (2000) RAM -> [Total : 1915 | Free : 706] BIOS: InsydeH2O Version 1.30 BOOT: Normal boot OS: Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6002 32-Bit) # Service Pack 2 WB: Windows Internet Explorer 8.0.6001.19400 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: Microsoft Security Essentials [(!) Disabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 56 Go (11 Go libre(s) - 20%) [Vista] # NTFS D:\ -> Disque fixe # 466 Go (456 Go libre(s) - 98%) [] # NTFS E:\ -> Disque fixe # 55 Go (50 Go libre(s) - 91%) [Data] # NTFS F:\ -> CD-ROM ################## | Processus Actif | C:\Windows\system32\csrss.exe (604) C:\Windows\system32\wininit.exe (648) C:\Windows\system32\csrss.exe (656) C:\Windows\system32\services.exe (696) C:\Windows\system32\lsass.exe (708) C:\Windows\system32\lsm.exe (716) C:\Windows\system32\winlogon.exe (764) C:\Windows\system32\svchost.exe (916) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (964) C:\Windows\system32\svchost.exe (1012) C:\Program Files\Microsoft Security Client\MsMpEng.exe (1104) C:\Windows\System32\svchost.exe (1196) C:\Windows\System32\svchost.exe (1236) C:\Windows\system32\svchost.exe (1272) C:\Windows\system32\svchost.exe (1352) C:\Windows\system32\SLsvc.exe (1372) C:\Windows\system32\svchost.exe (1440) C:\Windows\system32\svchost.exe (1616) C:\Windows\System32\spoolsv.exe (1872) C:\Windows\system32\svchost.exe (1900) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (232) C:\Windows\system32\agrsmsvc.exe (320) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (340) C:\Windows\System32\svchost.exe (668) C:\Windows\System32\svchost.exe (1068) C:\Windows\system32\svchost.exe (1152) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (1264) C:\Windows\system32\svchost.exe (1112) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (2164) C:\Windows\system32\TODDSrv.exe (2276) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (2304) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (2336) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (2424) C:\Windows\System32\svchost.exe (2452) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2468) C:\Windows\system32\SearchIndexer.exe (2512) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2640) C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe (2648) C:\Windows\system32\taskeng.exe (3060) C:\Windows\system32\Dwm.exe (3220) C:\Windows\Explorer.EXE (3276) C:\Windows\system32\taskeng.exe (3296) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3624) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (3648) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (3664) C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (3700) C:\Windows\System32\igfxtray.exe (3740) C:\Windows\System32\hkcmd.exe (3748) C:\Windows\System32\igfxpers.exe (3756) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (3764) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (3788) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (3800) C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (3840) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (3852) C:\Program Files\Toshiba TEMPRO\TemproTray.exe (3904) C:\Program Files\Microsoft Security Client\msseces.exe (3968) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (3984) C:\Program Files\Common Files\Java\Java Update\jusched.exe (3996) C:\Windows\system32\igfxsrvc.exe (4092) C:\Program Files\SFR\Kit\9props.exe (2236) C:\Program Files\Windows Sidebar\sidebar.exe (2224) C:\Program Files\Skype\Phone\Skype.exe (2272) C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe (3140) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (1388) C:\Windows\system32\igfxext.exe (3876) C:\Program Files\Windows Media Player\wmpnscfg.exe (4864) C:\Program Files\Windows Media Player\wmpnetwk.exe (5056) C:\Windows\system32\svchost.exe (5244) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (5616) C:\Windows\system32\conime.exe (1524) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_168_ActiveX.exe (2912) C:\Windows\system32\msiexec.exe (6104) C:\Program Files\Internet Explorer\iexplore.exe (15104) C:\Program Files\Internet Explorer\iexplore.exe (15148) C:\Windows\system32\wbem\wmiprvse.exe (4456) C:\UsbFix\Go.exe (4500) C:\Windows\system32\SearchProtocolHost.exe (2104) C:\Windows\system32\SearchFilterHost.exe (4700) ################## | Éléments infectieux | Présent! C:\Users\Marie\AppData\Local\Temp\old7751.tmp ################## | Registre | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\G Shell\AutoRun\Command = G:\AutoRun.exe HKCU\.\.\.\.\Explorer\MountPoints2\{18770fd3-5440-11e2-a339-001e337ee58f} Shell\AutoRun\Command = G:\AutoRun.exe HKCU\.\.\.\.\Explorer\MountPoints2\{18770fdf-5440-11e2-a339-001e337ee58f} Shell\AutoRun\Command = G:\AutoRun.exe HKCU\.\.\.\.\Explorer\MountPoints2\{23aa70f7-3d70-11e2-96f2-001e101f859f} Shell\AutoRun\Command = G:\AutoRun.exe HKCU\.\.\.\.\Explorer\MountPoints2\{46ef685a-3aad-11e2-960e-001e101fb681} Shell\AutoRun\Command = G:\AutoRun.exe HKCU\.\.\.\.\Explorer\MountPoints2\{b1f0ec78-3be2-11e2-942e-001e101fb4df} Shell\AutoRun\Command = G:\AutoRun.exe HKCU\.\.\.\.\Explorer\MountPoints2\{df5a6f65-3aea-11e2-a7f3-001e101f4da1} Shell\AutoRun\Command = G:\AutoRun.exe ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F | http://sosvirus.org |