mily
Participant
Nombre d'articles : 8

Voici le rapport après le mode supprimé[spoiler:32cxsun8]############################## | UsbFix V 7.144 | [Suppression]

Utilisateur: Emilie (Administrateur) # EMILIE-PC
Mis à jour le 08/10/2013 par El Desaparecido – Team SosVirus
Lancé à 23:42:35 | 13/10/2013

Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware: upload_malware.php
Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Hewlett-Packard (1425)
CPU: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
RAM -> [Total : 3894 | Free : 1077]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7600 64-Bit) #
WB: Windows Internet Explorer 8.0.7600.16385

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 453 Go (371 Go libre(s) – 82%) [] # NTFS
D: -> Disque fixe # 13 Go (2 Go libre(s) – 17%) [RECOVERY] # NTFS
E: -> Disque fixe # 99 Mo (92 Mo libre(s) – 93%) [HP_TOOLS] # FAT32
F: -> CD-ROM
G: -> Disque amovible # 7 Go (5 Go libre(s) – 75%) [NUMERICLE91] # FAT32
H: -> Disque amovible # 2 Go (2 Go libre(s) – 92%) [] # FAT

################## | Regedit Run |

HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
HKLMSOFTWARE | Run : [QlbCtrl.exe] – C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
HKLMSOFTWARE | Run : [NortonOnlineBackupReminder] – “C:Program Files (x86)SymantecNorton Online BackupActivationNobuActivation.exe” UNATTENDED
HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
HKLMSOFTWARE | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
HKLMSOFTWARE | Run : [WirelessAssistant] – C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe
HKLMSOFTWARE | Run : [SSBkgdUpdate] – “C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe” -Embedding -boot
HKLMSOFTWARE | Run : [PaperPort PTD] – “C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe”
HKLMSOFTWARE | Run : [IndexSearch] – “C:Program Files (x86)ScanSoftPaperPortIndexSearch.exe”
HKLMSOFTWARE | Run : [PPort11reminder] – “C:Program Files (x86)ScanSoftPaperPortEregEreg.exe” -r “C:ProgramDataScanSoftPaperPort11ConfigEregEreg.ini”
HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | Run : [AppleSyncNotifier] – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exe
HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
HKLMSOFTWARE | Run : [HTC Sync Loader] – “C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe” -startup
HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWARE | Run : [Boxore Client] – C:Program Files (x86)BoxoreBoxoreClientboxore.exe
HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
HKLMSOFTWAREwow6432Node | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
HKLMSOFTWAREwow6432Node | Run : [QlbCtrl.exe] – C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
HKLMSOFTWAREwow6432Node | Run : [NortonOnlineBackupReminder] – “C:Program Files (x86)SymantecNorton Online BackupActivationNobuActivation.exe” UNATTENDED
HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
HKLMSOFTWAREwow6432Node | Run : [WirelessAssistant] – C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe
HKLMSOFTWAREwow6432Node | Run : [SSBkgdUpdate] – “C:Program Files (x86)Common FilesScansoft SharedSSBkgdUpdateSSBkgdupdate.exe” -Embedding -boot
HKLMSOFTWAREwow6432Node | Run : [PaperPort PTD] – “C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe”
HKLMSOFTWAREwow6432Node | Run : [IndexSearch] – “C:Program Files (x86)ScanSoftPaperPortIndexSearch.exe”
HKLMSOFTWAREwow6432Node | Run : [PPort11reminder] – “C:Program Files (x86)ScanSoftPaperPortEregEreg.exe” -r “C:ProgramDataScanSoftPaperPort11ConfigEregEreg.ini”
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWAREwow6432Node | Run : [AppleSyncNotifier] – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleSyncNotifier.exe
HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
HKLMSOFTWAREwow6432Node | Run : [HTC Sync Loader] – “C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe” -startup
HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
HKLMSOFTWAREwow6432Node | Run : [Boxore Client] – C:Program Files (x86)BoxoreBoxoreClientboxore.exe
HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [LightScribe Control Panel] – C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [HPADVISOR] – C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe view=DOCKVIEW
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [msnmsgr] – “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [LinkMagic for magicolor 4690MF] – C:Program Files (x86)KONICA MINOLTAmagicolor 4690MFLinkMagic for magicolor 4690MFlmmc4690.exe -startup
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [ISUSPM] – “C:Program Files (x86)Common FilesInstallShieldUpdateServiceISUSPM.exe” -scheduler
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [Facebook Update] – “C:UsersEmilieAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [EA Core] – “C:Program Files (x86)Electronic ArtsEADMCore.exe” -silent
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [Sidebar] – C:Program Files (x86)Windows Sidebarsidebar.exe /autoRun
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [jvNKRBkG] – wscript.exe //B “C:UsersEmilieAppDataLocalTempjvNKRBkG.vbs”
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [Intel(R)TCP] – C:UsersPublicIntel(R)TCP.exe
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [SUPERAntiSpyware] – C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
HKUS-1-5-21-1281313582-996477143-535513155-1001SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersEmilieAppDataLocalTempiTunesHelper.vbe”
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Processus Stoppés |

Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID 1168 |ParentID 704)
Stoppé! C:WindowsSystem32spoolsv.exe (ID 1416 |ParentID 704)
Stoppé! C:Program FilesRealtekAudioHDAAERTSr64.exe (ID 1544 |ParentID 704)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID 1568 |ParentID 704)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (ID 1608 |ParentID 704)
Stoppé! C:Program Files (x86)Common FilesLightScribeLSSrvc.exe (ID 1768 |ParentID 704)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID 1800 |ParentID 704)
Stoppé! C:Program Files (x86)CyberLinkShared filesRichVideo.exe (ID 1884 |ParentID 704)
Stoppé! C:Program Files (x86)WajamUpdaterWajamUpdater.exe (ID 1640 |ParentID 704)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID 2072 |ParentID 704)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID 2388 |ParentID 2072)
Stoppé! C:Windowssystem32taskhost.exe (ID 2368 |ParentID 704)
Stoppé! C:Windowssystem32taskeng.exe (ID 1248 |ParentID 460)
Stoppé! C:Program Files (x86)GoogleUpdateGoogleUpdate.exe (ID 2580 |ParentID 1248)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID 3752 |ParentID 704)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID 3876 |ParentID 3012)
Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (ID 3524 |ParentID 3012)
Stoppé! C:Program FilesRealtekAudioHDARtkNGUI64.exe (ID 3164 |ParentID 3012)
Stoppé! C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe (ID 3268 |ParentID 3012)
Stoppé! C:Program FilesJavajre6binjusched.exe (ID 3352 |ParentID 3012)
Stoppé! C:WindowsSystem32igfxtray.exe (ID 2400 |ParentID 3012)
Stoppé! C:WindowsSystem32hkcmd.exe (ID 3556 |ParentID 3012)
Stoppé! C:WindowsSystem32igfxpers.exe (ID 3696 |ParentID 3012)
Stoppé! C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe (ID 3924 |ParentID 3012)
Stoppé! C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe (ID 3732 |ParentID 3012)
Stoppé! C:Program FilesSynapticsSynTPSynTPHelper.exe (ID 3664 |ParentID 3524)
Stoppé! C:Program Files (x86)KONICA MINOLTAmagicolor 4690MFLinkMagic for magicolor 4690MFlmmc4690.exe (ID 4104 |ParentID 3012)
Stoppé! C:Program Files (x86)Common FilesInstallShieldUpdateServiceISUSPM.exe (ID 4140 |ParentID 3012)
Stoppé! C:Program Files (x86)Windows Sidebarsidebar.exe (ID 4376 |ParentID 3012)
Stoppé! C:WindowsSystem32wscript.exe (ID 4392 |ParentID 3012)
Stoppé! C:Program Files (x86)iTunesiTunes.exe (ID 4928 |ParentID 3012)
Stoppé! C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQLBCtrl.exe (ID 4964 |ParentID 4884)
Stoppé! C:Program Files (x86)HpHP Software Updatehpwuschd2.exe (ID 5044 |ParentID 4884)
Stoppé! C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe (ID 5052 |ParentID 4884)
Stoppé! C:Program Files (x86)ScanSoftPaperPortpptd40nt.exe (ID 844 |ParentID 4884)
Stoppé! C:Windowssystem32DllHost.exe (ID 1264 |ParentID 836)
Stoppé! C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe (ID 2536 |ParentID 704)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID 956 |ParentID 4884)
Stoppé! C:WindowsSysWOW64explorer.exe (ID 2892 |ParentID 804)
Stoppé! C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe (ID 4852 |ParentID 704)
Stoppé! C:Program Files (x86)HTCHTC Sync 3.0htcUPCTLoader.exe (ID 5084 |ParentID 4884)
Stoppé! C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID 4892 |ParentID 4884)
Stoppé! C:UsersPublicIntel(R)TCP.exe (ID 4988 |ParentID 804)
Stoppé! C:Program Files (x86)BoxoreBoxoreClientboxore.exe (ID 5036 |ParentID 4884)
Stoppé! C:Program Files (x86)iTunesiTunesHelper.exe (ID 1032 |ParentID 4884)
Stoppé! C:Program Files (x86)BoxoreBoxoreClientboxore.exe (ID 5144 |ParentID 5036)
Stoppé! C:Program FilesiPodbiniPodService.exe (ID 5224 |ParentID 704)
Stoppé! C:UsersEmilieAppDataRoamingMicrosoftNotification de cadeaux MSNlsnfier.exe (ID 5300 |ParentID 3012)
Stoppé! C:Program Files (x86)Common FilesAppleApple Application Supportdistnoted.exe (ID 5412 |ParentID 5332)
Stoppé! C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID 6008 |ParentID 704)
Stoppé! C:Program Files (x86)Hewlett-PackardSharedhpqToaster.exe (ID 4952 |ParentID 836)
Stoppé! C:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe (ID 6076 |ParentID 704)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID 5388 |ParentID 704)
Stoppé! C:Windowssystem32wuauclt.exe (ID 4092 |ParentID 460)
Stoppé! C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID 6824 |ParentID 3012)
Stoppé! C:Program Files (x86)Mozilla Firefoxplugin-container.exe (ID 6628 |ParentID 6824)
Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID 6032 |ParentID 1284)
Stoppé! C:Windowssystem32taskhost.exe (ID 5448 |ParentID 704)
Stoppé! C:UsersPublicIntel(R)TCP.exe (ID 2704 |ParentID 580)
Stoppé! C:UsersPublicIntel(R)TCP.exe (ID 3172 |ParentID 6120)
Stoppé! C:UsersPublicIntel(R)TCP.exe (ID 5112 |ParentID 6932)
Stoppé! C:Program FilesSUPERAntiSpywareSASCORE64.EXE (ID 6760 |ParentID 704)
Stoppé! C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe (ID 4132 |ParentID 6412)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID 5292 |ParentID 124)
Stoppé! C:WindowsSysWOW64NOTEPAD.EXE (ID 4216 |ParentID 4252)
Stoppé! C:WindowsSysWOW64WScript.exe (ID 4468 |ParentID 7000)

################## | Éléments infectieux |

Supprimé! C:UsersEmilieAppDataRoamingSUPERAntiSpyware.com
Supprimé! C:ProgramDataSUPERAntiSpyware.com
Supprimé! G:jvNKRBkG.vbs
Supprimé! G:iTunesHelper.vbe
Supprimé! H:jvNKRBkG.vbs
Supprimé! H:iTunesHelper.vbe
Supprimé! C:UsersEmilieAppDataLocalTempiTunesHelper.vbe
Supprimé! C:UsersEmilieAppDataLocalTempjvNKRBkG.vbs
Supprimé! C:UsersEmilieAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupIntel(R)TCP.exe
Supprimé! C:UsersEmilieAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Supprimé! C:UsersEmilieAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupjvNKRBkG.vbs
Supprimé! C:UsersEmilieAppDataRoamingC2191E4ak.tmp
Supprimé! C:UsersEmilieAppDataRoamingC2191E4
Supprimé! G:THOMAS.lnk
Supprimé! G:EMILIE.lnk
Supprimé! G:jvNKRBkG.lnk
Supprimé! G:iTunesHelper.lnk
Supprimé! H:~WRL0355.lnk
Supprimé! H:Doc 1.lnk
Supprimé! H:EMILIE.lnk
Supprimé! H:PLAN DU MEMOIRE.lnk
Supprimé! H:.lnk
Supprimé! H:etude de quartier.lnk
Supprimé! H:plu expo 15 panneaux juin 2012.lnk
Supprimé! H:DOSSIER ES1.lnk
Supprimé! H:DOSSIER ES2.lnk
Supprimé! H:DOSSIER L1 SESS.lnk
Supprimé! H:ETE.lnk
Supprimé! H:AMENDE.lnk
Supprimé! H:.Trashes.lnk
Supprimé! H:palenta.lnk
Supprimé! H:.Spotlight-V100.lnk
Supprimé! H:.TemporaryItems.lnk
Supprimé! H:DOSSIER ES3.lnk
Supprimé! H:Lettre officier ministere public.lnk
Supprimé! H:Lette centre contestation.lnk
Supprimé! H:Lettre hussier.lnk
Supprimé! H:iTunesHelper.lnk
Supprimé! H:jvNKRBkG.lnk
Supprimé! C:UsersPublic4zz.VBE
Supprimé! C:UsersPublic7zz.VBE
Supprimé! C:UsersPublic9eizmmD.vbe
Supprimé! C:UsersPublic9stziemD.VBE
Supprimé! C:UsersPublicIntel(R)TCP.exe
Supprimé! C:UsersPublicIntel(TM)SD.exe
Supprimé! C:UsersEmilieAppDataRoamingEmilie-wchelper.dll
Supprimé! C:UsersEmilieAppDataLocalTempEmilie7
Supprimé! C:UsersEmilieAppDataLocalTempMusiques.pif
Supprimé! C:UsersEmilieAppDataLocalTempflashmemory.vbe
Supprimé! C:UsersEmilieAppDataLocalTemp97d.hta
Supprimé! C:UsersEmilieAppDataLocalTempd8gn.hta
Supprimé! C:UsersEmilieAppDataLocalTempdf4.hta
Supprimé! C:UsersEmilieAppDataLocalTempv00d.hta

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|SUPERAntiSpyware
Supprimé! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|jvNKRBkG
Supprimé! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKUS-1-5-21-1281313582-996477143-535513155-1001SoftwareMicrosoftWindowsCurrentVersionRun|Intel(R)TCP
Supprimé! HKCU….ExplorerMountPoints2G
Supprimé! HKCU….ExplorerMountPoints2{92995e7b-fd39-11e2-a9c1-c80aa92db478}

################## | Listing |

[03/01/2011 – 02:19:21 | SHD ] C:$Recycle.Bin
[07/10/2013 – 23:32:32 | D ] C:3e6fdcf6c0e68205bb707d0e7bcc32
[11/08/2011 – 03:02:18 | D ] C:42cb723b5451843676216d
[01/10/2013 – 00:26:55 | D ] C:8f0b5e2eb13d410b26e47028172fa088
[20/05/2013 – 01:56:24 | D ] C:a3a51686c6e4721e3a148dcc
[10/03/2012 – 18:19:47 | D ] C:Boonty
[24/01/2010 – 03:18:08 | SHD ] C:boot
[14/07/2009 – 03:38:58 | RASH | 383562] C:bootmgr
[04/06/2013 – 00:10:57 | D ] C:c32a23c48edcf7d380e9ad5b
[08/10/2013 – 23:18:47 | SHD ] C:Config.Msi
[14/07/2009 – 07:08:56 | SHD ] C:Documents and Settings
[25/09/2013 – 18:37:58 | N | 0] C:END
[24/09/2013 – 23:45:59 | D ] C:f353ee22a3f483e50a3a7939
[27/06/2012 – 04:25:26 | D ] C:found.000
[30/06/2012 – 23:35:24 | D ] C:found.001
[22/12/2011 – 11:08:33 | D ] C:found.002
[13/10/2013 – 11:14:55 | ASH | 3062255616] C:hiberfil.sys
[11/02/2010 – 02:41:15 | D ] C:HP
[02/12/2006 – 00:37:14 | N | 904704] C:msdia80.dll
[23/01/2010 – 15:55:49 | RHD ] C:MSOCache
[13/10/2013 – 11:16:12 | ASH | 4083007488] C:pagefile.sys
[02/02/2011 – 17:02:39 | D ] C:Passmark
[14/07/2009 – 05:20:08 | D ] C:PerfLogs
[13/10/2013 – 22:09:53 | D ] C:Program Files
[13/10/2013 – 22:11:32 | D ] C:Program Files (x86)
[13/10/2013 – 23:55:22 | HD ] C:ProgramData
[24/12/2010 – 20:57:35 | SHD ] C:Recovery
[24/12/2010 – 21:05:48 | D ] C:SwSetup
[13/10/2013 – 02:51:15 | SHD ] C:System Volume Information
[24/12/2010 – 20:57:38 | D ] C:SYSTEM.SAV
[13/10/2013 – 23:55:41 | D ] C:UsbFix
[13/10/2013 – 23:57:11 | A | 18725] C:UsbFix [Clean 2] EMILIE-PC.txt
[13/10/2013 – 22:42:18 | N | 19022] C:UsbFix [Scan 1] EMILIE-PC.txt
[25/03/2012 – 18:21:59 | N | 237] C:user.js
[24/12/2010 – 20:56:35 | RD ] C:Users
[11/10/2013 – 18:54:50 | D ] C:Windows
[24/12/2010 – 21:05:54 | SHD ] D:$RECYCLE.BIN
[24/12/2010 – 21:05:50 | SHD ] D:boot
[14/07/2009 – 20:39:00 | ASH | 383562] D:bootmgr
[24/12/2010 – 21:05:50 | N | 0] D:BT_HP.FLG
[11/02/2010 – 12:14:14 | N | 483] D:CSP.DAT
[11/02/2010 – 12:20:46 | N | 12036] D:DeployRp.log
[24/12/2010 – 21:05:50 | D ] D:hp
[24/12/2010 – 21:05:50 | N | 22] D:language.ini
[24/12/2010 – 21:05:50 | SHD ] D:preload
[24/12/2010 – 21:05:50 | SD ] D:Recovery
[11/02/2010 – 12:20:41 | N | 0] D:RPCONFIG.LOG
[13/05/2011 – 21:38:45 | SHD ] D:System Volume Information
[24/12/2010 – 21:05:50 | D ] D:system.sav
[11/02/2010 – 01:26:16 | D ] E:Hewlett-Packard
[24/12/2010 – 20:05:56 | SHD ] E:$RECYCLE.BIN
[01/09/2013 – 23:47:34 | D ] G:THOMAS
[01/09/2013 – 23:47:54 | D ] G:EMILIE
[21/10/2012 – 15:55:50 | N | 784661] H:Doc 1.pdf
[01/09/2013 – 23:47:54 | D ] H:EMILIE
[23/02/2013 – 20:28:38 | D ] H:DOSSIER ES1
[23/02/2013 – 20:28:40 | D ] H:DOSSIER ES2
[23/02/2013 – 20:28:42 | D ] H:DOSSIER L1 SESS
[23/02/2013 – 20:28:42 | D ] H:ETE
[25/01/2013 – 16:39:52 | N | 32222] H:~WRL0355.tmp
[08/10/2013 – 16:11:00 | N | 28672] H:PLAN DU MEMOIRE.doc
[10/05/2013 – 18:41:48 | SH | 4096] H:._.Trashes
[29/05/2013 – 14:21:36 | N | 493568] H:etude de quartier.doc
[10/05/2013 – 17:50:22 | D ] H:AMENDE
[10/05/2013 – 18:41:48 | SHD ] H:.Trashes
[10/05/2013 – 18:41:54 | SHD ] H:.Spotlight-V100
[10/05/2013 – 18:49:36 | SHD ] H:.TemporaryItems
[10/05/2013 – 18:49:36 | SH | 4096] H:._.TemporaryItems
[29/05/2013 – 13:44:44 | N | 12009338] H:plu expo 15 panneaux juin 2012.pdf
[09/07/2013 – 09:40:42 | D ] H:DOSSIER ES3
[10/05/2013 – 18:51:34 | N | 16707] H:Lettre officier ministere public.docx
[10/05/2013 – 18:49:36 | N | 16728] H:Lette centre contestation.docx
[10/05/2013 – 18:49:52 | N | 16827] H:Lettre hussier.docx
[08/12/2010 – 16:11:06 | D ] H:palenta

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:32cxsun8]