usbfix_report.txt

Document joint : DCruZa5fBMD_usbfix_report.txt

Cliquez pour partager vos propres fichiers

Format du document : text/plain

Prévisualisation

############################## | UsbFix V 7.167 | [Recherche]

Utilisateur: jeremy (Administrateur) # PC-DE-JEREMY
Mis � jour le 13/03/2014 par El Desaparecido - Team SosVirus
Lanc� � 20:48:15 | 17/03/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: TOSHIBA (ISRAA)
CPU: Intel(R) Pentium(R) Dual CPU T2310 @ 1.46GHz
RAM -> [Total : 2038 Mo| Free : 901 Mo]
Bios: TOSHIBA
Boot: Normal boot

OS: Microsoft� Windows Vista� �dition Familiale Premium (6.0.6002 32-Bit) Service Pack 2
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Mozilla Firefox : 27.0.1

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: Microsoft Security Essentials [Enabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.75.0001

C:\ (%systemdrive%) -> Disque fixe # 75 Go (16 Go libre(s) - 22%) [Vista] # NTFS
E:\ -> Disque fixe # 73 Go (62 Go libre(s) - 84%) [Data] # NTFS
F:\ -> CD-ROM

################## | Processus Actif |

C:\Windows\system32\csrss.exe (ID: 652 |ParentID: 640)
C:\Windows\system32\csrss.exe (ID: 696 |ParentID: 688)
C:\Windows\system32\wininit.exe (ID: 704 |ParentID: 640)
C:\Windows\system32\services.exe (ID: 748 |ParentID: 704)
C:\Windows\system32\lsass.exe (ID: 776 |ParentID: 704)
C:\Windows\system32\lsm.exe (ID: 784 |ParentID: 704)
C:\Windows\system32\winlogon.exe (ID: 812 |ParentID: 688)
C:\Windows\system32\svchost.exe (ID: 952 |ParentID: 748)
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (ID: 996 |ParentID: 748)
C:\Windows\system32\svchost.exe (ID: 1044 |ParentID: 748)
C:\Program Files\Microsoft Security Client\MsMpEng.exe (ID: 1080 |ParentID: 748)
C:\Windows\System32\svchost.exe (ID: 1212 |ParentID: 748)
C:\Windows\System32\svchost.exe (ID: 1240 |ParentID: 748)
C:\Windows\system32\svchost.exe (ID: 1252 |ParentID: 748)
C:\Windows\system32\svchost.exe (ID: 1420 |ParentID: 748)
C:\Windows\system32\SLsvc.exe (ID: 1440 |ParentID: 748)
C:\Windows\system32\svchost.exe (ID: 1488 |ParentID: 748)
C:\Windows\system32\svchost.exe (ID: 1796 |ParentID: 748)
C:\Windows\system32\Dwm.exe (ID: 1996 |ParentID: 1240)
C:\Windows\Explorer.EXE (ID: 300 |ParentID: 1980)
C:\Windows\System32\spoolsv.exe (ID: 320 |ParentID: 748)
C:\Windows\system32\svchost.exe (ID: 340 |ParentID: 748)
C:\Windows\system32\taskeng.exe (ID: 528 |ParentID: 1252)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1136 |ParentID: 748)
C:\Windows\system32\agrsmsvc.exe (ID: 1660 |ParentID: 748)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 716 |ParentID: 748)
C:\Program Files\Bonjour\mDNSResponder.exe (ID: 744 |ParentID: 748)
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (ID: 1904 |ParentID: 748)
C:\Program Files\Microsoft Security Client\msseces.exe (ID: 948 |ParentID: 300)
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (ID: 2188 |ParentID: 748)
C:\Windows\system32\svchost.exe (ID: 2368 |ParentID: 748)
C:\Windows\system32\svchost.exe (ID: 2440 |ParentID: 748)
C:\TeklaStructures\License\Server\lmgrd.exe (ID: 2528 |ParentID: 748)
C:\TeklaStructures\License\Server\lmgrd.exe (ID: 2572 |ParentID: 2528)
C:\Windows\system32\TODDSrv.exe (ID: 2604 |ParentID: 748)
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (ID: 2628 |ParentID: 748)
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (ID: 2684 |ParentID: 748)
C:\Windows\System32\svchost.exe (ID: 2708 |ParentID: 748)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 2760 |ParentID: 748)
C:\TeklaStructures\License\Server\tekla.exe (ID: 2768 |ParentID: 2572)
C:\Windows\system32\SearchIndexer.exe (ID: 2796 |ParentID: 748)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 2940 |ParentID: 2760)
C:\Program Files\Microsoft Security Client\NisSrv.exe (ID: 3044 |ParentID: 748)
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (ID: 3132 |ParentID: 748)
C:\Windows\system32\wbem\unsecapp.exe (ID: 3476 |ParentID: 952)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3540 |ParentID: 952)
C:\Windows\system32\svchost.exe (ID: 3168 |ParentID: 748)
C:\Program Files\Mozilla Firefox\firefox.exe (ID: 3516 |ParentID: 300)
C:\Windows\system32\SearchProtocolHost.exe (ID: 2272 |ParentID: 2796)
C:\Windows\system32\SearchFilterHost.exe (ID: 4068 |ParentID: 2796)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 1316 |ParentID: 952)

################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [64bit] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [64bit] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\RunOnce : []

################## | Recherche g�n�rique |

################## | Registre |

Pr�sent! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 0

################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |

Signaler le contenu de ce document