Répondre à : USB et PC infectés 2016-09-08T13:09:11+00:00
Photo du profil de milymily
Participant
Nombre d'articles : 7

Merci beaucoup !

Voici le rapport

[spoiler:6azd6lhp]############################## | UsbFix V 7.144 | [Recherche]

Utilisateur: Emilie (Administrateur) # EMILIE-PC
Mis à jour le 08/10/2013 par El Desaparecido – Team SosVirus
Lancé à 22:16:10 | 13/10/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Hewlett-Packard (1425)
CPU: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
RAM -> [Total : 3894 | Free : 1490]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 453 Go (371 Go libre(s) – 82%) [] # NTFS
D: -> Disque fixe # 13 Go (2 Go libre(s) – 17%) [RECOVERY] # NTFS
E: -> Disque fixe # 99 Mo (92 Mo libre(s) – 93%) [HP_TOOLS] # FAT32
F: -> CD-ROM
G: -> Disque amovible # 7 Go (6 Go libre(s) – 76%) [NUMERICLE91] # FAT32
H: -> Disque amovible # 2 Go (2 Go libre(s) – 95%) [] # FAT

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID 548 |ParentID 540)
C:Windowssystem32wininit.exe (ID 636 |ParentID 540)
C:Windowssystem32csrss.exe (ID 660 |ParentID 648)
C:Windowssystem32services.exe (ID 704 |ParentID 636)
C:Windowssystem32lsass.exe (ID 720 |ParentID 636)
C:Windowssystem32lsm.exe (ID 732 |ParentID 636)
C:Windowssystem32svchost.exe (ID 836 |ParentID 704)
C:Windowssystem32svchost.exe (ID 936 |ParentID 704)
C:WindowsSystem32svchost.exe (ID 996 |ParentID 704)
C:WindowsSystem32svchost.exe (ID 124 |ParentID 704)
C:Windowssystem32svchost.exe (ID 460 |ParentID 704)
C:Windowssystem32winlogon.exe (ID 468 |ParentID 648)
C:Windowssystem32svchost.exe (ID 500 |ParentID 704)
C:Windowssystem32svchost.exe (ID 1064 |ParentID 704)
C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID 1168 |ParentID 704)
C:WindowsSystem32spoolsv.exe (ID 1416 |ParentID 704)
C:Windowssystem32svchost.exe (ID 1452 |ParentID 704)
C:Program FilesRealtekAudioHDAAERTSr64.exe (ID 1544 |ParentID 704)
C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID 1568 |ParentID 704)
C:Program FilesBonjourmDNSResponder.exe (ID 1608 |ParentID 704)
C:WindowsSysWOW64svchost.exe (ID 1648 |ParentID 704)
C:Windowssystem32svchost.exe (ID 1708 |ParentID 704)
C:Program Files (x86)Common FilesLightScribeLSSrvc.exe (ID 1768 |ParentID 704)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID 1800 |ParentID 704)
C:Program Files (x86)CyberLinkShared filesRichVideo.exe (ID 1884 |ParentID 704)
C:Windowssystem32svchost.exe (ID 2024 |ParentID 704)
C:Program Files (x86)WajamUpdaterWajamUpdater.exe (ID 1640 |ParentID 704)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID 2072 |ParentID 704)
C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID 2388 |ParentID 2072)
C:Windowssystem32svchost.exe (ID 3040 |ParentID 704)
C:Windowssystem32taskhost.exe (ID 2368 |ParentID 704)
C:Windowssystem32taskeng.exe (ID 1248 |ParentID 460)
C:Windowssystem32Dwm.exe (ID 1208 |ParentID 124)
C:WindowsExplorer.EXE (ID 3012 |ParentID 2400)
C:Program Files (x86)GoogleUpdateGoogleUpdate.exe (ID 2580 |ParentID 1248)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID 3752 |ParentID 704)
C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID 3876 |ParentID 3012)
C:Windowssystem32wbemwmiprvse.exe (ID 3284 |ParentID 836)
C:Program FilesSynapticsSynTPSynTPEnh.exe (ID 3524 |ParentID 3012)
C:Program FilesRealtekAudioHDARtkNGUI64.exe (ID 3164 |ParentID 3012)
C:WindowsSystem32svchost.exe (ID 3152 |ParentID 704)
C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe (ID 3268 |ParentID 3012)
C:Program FilesJavajre6binjusched.exe (ID 3352 |ParentID 3012)
C:WindowsSystem32igfxtray.exe (ID 2400 |ParentID 3012)
C:WindowsSystem32hkcmd.exe (ID 3556 |ParentID 3012)
C:WindowsSystem32igfxpers.exe (ID 3696 |ParentID 3012)
C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe (ID 3924 |ParentID 3012)
C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe (ID 3732 |ParentID 3012)
C:Program FilesSynapticsSynTPSynTPHelper.exe (ID 3664 |ParentID 3524)
C:Program Files (x86)KONICA MINOLTAmagicolor 4690MFLinkMagic for magicolor 4690MFlmmc4690.exe (ID 4104 |ParentID 3012)
C:Program Files (x86)Common FilesInstallShieldUpdateServiceISUSPM.exe (ID 4140 |ParentID 3012)
C:Program Files (x86)Windows Sidebarsidebar.exe (ID 4376 |ParentID 3012)
C:WindowsSystem32wscript.exe (ID 4392 |ParentID 3012)
C:Windowssystem32wbemwmiprvse.exe (ID 4592 |ParentID 836)
C:Program Files (x86)iTunesiTunes.exe (ID 4928 |ParentID 3012)
C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQLBCtrl.exe (ID 4964 |ParentID 4884)
C:Program Files (x86)HpHP Software Updatehpwuschd2.exe (ID 5044 |ParentID 4884)
C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe (ID 5052 |ParentID 4884)
C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe (ID 844 |ParentID 4884)
C:Windowssystem32DllHost.exe (ID 1264 |ParentID 836)
C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe (ID 2536 |ParentID 704)
C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID 956 |ParentID 4884)
C:WindowsSysWOW64explorer.exe (ID 2892 |ParentID 804)
C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe (ID 4852 |ParentID 704)
C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe (ID 5084 |ParentID 4884)
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID 4892 |ParentID 4884)
C:UsersPublicIntel(R)TCP.exe (ID 4988 |ParentID 804)
C:Program Files (x86)BoxoreBoxoreClientboxore.exe (ID 5036 |ParentID 4884)
C:Program Files (x86)iTunesiTunesHelper.exe (ID 1032 |ParentID 4884)
C:Program Files (x86)BoxoreBoxoreClientboxore.exe (ID 5144 |ParentID 5036)
C:Program FilesiPodbiniPodService.exe (ID 5224 |ParentID 704)
C:UsersEmilieAppDataRoamingMicrosoftNotification de cadeaux MSNlsnfier.exe (ID 5300 |ParentID 3012)
C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceHelper.exe (ID 5332 |ParentID 4928)
C:Windowssystem32conhost.exe (ID 5376 |ParentID 660)
C:Program Files (x86)Common FilesAppleApple Application Supportdistnoted.exe (ID 5412 |ParentID 5332)
C:Windowssystem32conhost.exe (ID 5420 |ParentID 660)
C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID 6008 |ParentID 704)
C:Program Files (x86)Hewlett-PackardSharedhpqToaster.exe (ID 4952 |ParentID 836)
C:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe (ID 6076 |ParentID 704)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID 5388 |ParentID 704)
C:WindowsSystem32svchost.exe (ID 4996 |ParentID 704)
C:Windowssystem32wuauclt.exe (ID 4092 |ParentID 460)
C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID 6824 |ParentID 3012)
C:Program Files (x86)Mozilla Firefoxplugin-container.exe (ID 6628 |ParentID 6824)
C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID 1284 |ParentID 6628)
C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID 6032 |ParentID 1284)
C:Windowssystem32taskhost.exe (ID 5448 |ParentID 704)
C:UsersPublicIntel(R)TCP.exe (ID 2704 |ParentID 580)
C:UsersPublicIntel(R)TCP.exe (ID 3172 |ParentID 6120)
C:UsersPublicIntel(R)TCP.exe (ID 5112 |ParentID 6932)
C:Program Files (x86)OracleJavaFX 2.1 Runtimebinjp2launcher.exe (ID 5260 |ParentID 6824)
C:Program Files (x86)Javajre7binjava.exe (ID 4524 |ParentID 5260)
C:Windowssystem32conhost.exe (ID 7032 |ParentID 660)
C:Program FilesSUPERAntiSpywareSASCORE64.EXE (ID 6760 |ParentID 704)
C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe (ID 4132 |ParentID 6412)
C:Windowssystem32taskeng.exe (ID 6248 |ParentID 460)
C:UsbFixGo.exe (ID 4252 |ParentID 3988)
C:WindowsSystem32WUDFHost.exe (ID 5292 |ParentID 124)
\?C:Windowssystem32wbemWMIADAP.EXE (ID 5804 |ParentID 460)

################## | Regedit Run |

HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
HKLMSOFTWARE | Run : [QlbCtrl.exe] – C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
HKLMSOFTWARE | Run : [NortonOnlineBackupReminder] – “C:Program Files (x86)SymantecNorton Online BackupActivationNobuActivation.exe” UNATTENDED
HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
HKLMSOFTWARE | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
HKLMSOFTWARE | Run : [WirelessAssistant] – C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe
HKLMSOFTWARE | Run : [SSBkgdUpdate] – “C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe” -Embedding -boot
HKLMSOFTWARE | Run : [PaperPort PTD] – “C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe”
HKLMSOFTWARE | Run : [IndexSearch] – “C:Program Files (x86)ScanSoftPaperPortIndexSearch.exe”
HKLMSOFTWARE | Run : [PPort11reminder] – “C:Program Files (x86)ScanSoftPaperPortEregEreg.exe” -r “C:ProgramDataScanSoftPaperPort11ConfigEregEreg.ini”
HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | Run : [AppleSyncNotifier] – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exe
HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
HKLMSOFTWARE | Run : [HTC Sync Loader] – “C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe” -startup
HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWARE | Run : [Boxore Client] – C:Program Files (x86)BoxoreBoxoreClientboxore.exe
HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
HKLMSOFTWAREwow6432Node | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
HKLMSOFTWAREwow6432Node | Run : [QlbCtrl.exe] – C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
HKLMSOFTWAREwow6432Node | Run : [NortonOnlineBackupReminder] – “C:Program Files (x86)SymantecNorton Online BackupActivationNobuActivation.exe” UNATTENDED
HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
HKLMSOFTWAREwow6432Node | Run : [WirelessAssistant] – C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe
HKLMSOFTWAREwow6432Node | Run : [SSBkgdUpdate] – “C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe” -Embedding -boot
HKLMSOFTWAREwow6432Node | Run : [PaperPort PTD] – “C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe”
HKLMSOFTWAREwow6432Node | Run : [IndexSearch] – “C:Program Files (x86)ScanSoftPaperPortIndexSearch.exe”
HKLMSOFTWAREwow6432Node | Run : [PPort11reminder] – “C:Program Files (x86)ScanSoftPaperPortEregEreg.exe” -r “C:ProgramDataScanSoftPaperPort11ConfigEregEreg.ini”
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWAREwow6432Node | Run : [AppleSyncNotifier] – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exe
HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
HKLMSOFTWAREwow6432Node | Run : [HTC Sync Loader] – “C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe” -startup
HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWAREwow6432Node | Run : [Boxore Client] – C:Program Files (x86)BoxoreBoxoreClientboxore.exe
HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [LightScribe Control Panel] – C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [HPADVISOR] – C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe view=DOCKVIEW
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [msnmsgr] – “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [LinkMagic for magicolor 4690MF] – C:Program Files (x86)KONICA MINOLTAmagicolor 4690MFLinkMagic for magicolor 4690MFlmmc4690.exe -startup
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [ISUSPM] – “C:Program Files (x86)Common FilesInstallShieldUpdateServiceISUSPM.exe” -scheduler
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [Facebook Update] – “C:UsersEmilieAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [EA Core] – “C:Program Files (x86)Electronic ArtsEADMCore.exe” -silent
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [Sidebar] – C:Program Files (x86)Windows Sidebarsidebar.exe /autoRun
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [jvNKRBkG] – wscript.exe //B “C:UsersEmilieAppDataLocalTempjvNKRBkG.vbs”
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [Intel(R)TCP] – C:UsersPublicIntel(R)TCP.exe
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [SUPERAntiSpyware] – C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Éléments infectieux |

Présent! C:UsersEmilieAppDataRoamingSUPERAntiSpyware.com
Présent! C:ProgramDataSUPERAntiSpyware.com
Présent! G:jvNKRBkG.vbs
Présent! H:jvNKRBkG.vbs
Présent! C:UsersEmilieAppDataLocalTempjvNKRBkG.vbs
Présent! C:UsersEmilieAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupIntel(R)TCP.exe
Présent! C:UsersEmilieAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupjvNKRBkG.vbs
Présent! C:UsersEmilieAppDataRoamingC2191E4ak.tmp
Présent! C:UsersEmilieAppDataRoamingC2191E4
Présent! G:THOMAS.lnk
Présent! G:EMILIE.lnk
Présent! H:~WRL0355.lnk
Présent! H:Doc 1.lnk
Présent! H:EMILIE.lnk
Présent! H:PLAN DU MEMOIRE.lnk
Présent! H:.lnk
Présent! H:etude de quartier.lnk
Présent! H:plu expo 15 panneaux juin 2012.lnk
Présent! H:DOSSIER ES1.lnk
Présent! H:DOSSIER ES2.lnk
Présent! H:DOSSIER L1 SESS.lnk
Présent! H:ETE.lnk
Présent! H:AMENDE.lnk
Présent! H:.Trashes.lnk
Présent! H:palenta.lnk
Présent! H:.Spotlight-V100.lnk
Présent! H:.TemporaryItems.lnk
Présent! H:DOSSIER ES3.lnk
Présent! H:Lettre officier ministere public.lnk
Présent! H:Lette centre contestation.lnk
Présent! H:Lettre hussier.lnk
Présent! C:UsersPublic4zz.VBE
Présent! C:UsersPublic7zz.VBE
Présent! C:UsersPublic9eizmmD.vbe
Présent! C:UsersPublic9stziemD.VBE
Présent! C:UsersPublicIntel(R)TCP.exe
Présent! C:UsersPublicIntel(TM)SD.exe
Présent! C:UsersEmilieAppDataRoamingEmilie-wchelper.dll
Présent! C:UsersEmilieAppDataLocalTempEmilie7
Présent! C:UsersEmilieAppDataLocalTempEmilie8
Présent! C:UsersEmilieAppDataLocalTempflashmemory.vbe
Présent! C:UsersEmilieAppDataLocalTemp97d.hta
Présent! C:UsersEmilieAppDataLocalTempd8gn.hta
Présent! C:UsersEmilieAppDataLocalTempdf4.hta
Présent! C:UsersEmilieAppDataLocalTempv00d.hta

################## | Registre |

Présent! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|SUPERAntiSpyware
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|SUPERAntiSpyware
Présent! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|SUPERAntiSpyware
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|SUPERAntiSpyware
Présent! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|jvNKRBkG
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|jvNKRBkG
Présent! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|jvNKRBkG
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|jvNKRBkG
Présent! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|jvNKRBkG
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|jvNKRBkG
Présent! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|Intel(R)TCP
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|Intel(R)TCP
Présent! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|jvNKRBkG
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|jvNKRBkG
HKCU….ExplorerMountPoints2G
ShellAutoRunCommand = G:HTC_Sync_Manager_PC.exe

HKCU….ExplorerMountPoints2{92995e7b-fd39-11e2-a9c1-c80aa92db478}
ShellAutoRunCommand = G:HTC_Sync_Manager_PC.exe

################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:6azd6lhp]