Répondre à : Clé USB + ordi infectés 2016-09-08T13:23:18+00:00
Clem31400
Nombre d'articles : 0

voilà le rapport :

############################## | UsbFix V 7.152 | [Suppression]

Utilisateur: Clémence (Administrateur) # CLÉMENCE-PC
Mis à jour le 20/11/2013 par El Desaparecido – Team SosVirus
Lancé à 16:23:36 | 04/12/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Quanta (3636)
CPU: AMD Athlon(tm) II Dual-Core M300
RAM -> [Total : 4092 | Free : 1266]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Mozilla Firefox : 19.0.2

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 452 Go (331 Go libre(s) – 73%) [] # NTFS
D: -> Disque fixe # 13 Go (2 Go libre(s) – 17%) [RECOVERY] # NTFS
E: -> CD-ROM
G: -> Disque amovible # 8 Go (5 Go libre(s) – 67%) [USB20FD] # FAT32

################## | Processus Stoppés |

Stoppé! C:Windowssystem32atiesrxx.exe (ID: 920 |ParentID: 644)
Stoppé! C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_ccf0dd3cb081af84STacSV64.exe (ID: 1032 |ParentID: 644)
Stoppé! C:Windowssystem32atieclxx.exe (ID: 1280 |ParentID: 920)
Stoppé! C:Windowssystem32Hpservice.exe (ID: 1296 |ParentID: 644)
Stoppé! C:Windowssystem32WLANExt.exe (ID: 1476 |ParentID: 364)
Stoppé! C:Program FilesAlwil SoftwareAvast5AvastSvc.exe (ID: 1484 |ParentID: 644)
Stoppé! C:Program FilesAlwil SoftwareAvast5afwServ.exe (ID: 1548 |ParentID: 644)
Stoppé! C:WindowsExplorer.EXE (ID: 1696 |ParentID: 1664)
Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1944 |ParentID: 644)
Stoppé! C:Windowssystem32taskhost.exe (ID: 1952 |ParentID: 644)
Stoppé! C:Windowssystem32taskeng.exe (ID: 484 |ParentID: 716)
Stoppé! C:Program Files (x86)GoogleUpdate1.3.21.165GoogleCrashHandler.exe (ID: 1692 |ParentID: 1432)
Stoppé! C:Program Files (x86)GoogleUpdate1.3.21.165GoogleCrashHandler64.exe (ID: 1740 |ParentID: 1432)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 2388 |ParentID: 644)
Stoppé! C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_amd64_neutral_ccf0dd3cb081af84AESTSr64.exe (ID: 2484 |ParentID: 644)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 2512 |ParentID: 644)
Stoppé! C:Program Files (x86)BonjourmDNSResponder.exe (ID: 2580 |ParentID: 644)
Stoppé! C:ProgramDataEPSONEPW!3 SSRPE_S40STB.EXE (ID: 2652 |ParentID: 644)
Stoppé! C:ProgramDataEPSONEPW!3 SSRPE_S40RPB.EXE (ID: 2688 |ParentID: 644)
Stoppé! c:Program Files (x86)Hewlett-PackardMediaDVDDVDAgent.exe (ID: 2772 |ParentID: 484)
Stoppé! C:Program Files (x86)Common FilesLightScribeLSSrvc.exe (ID: 2800 |ParentID: 644)
Stoppé! C:Program Files (x86)Norton Internet SecurityEngine16.8.3.6ccSvcHst.exe (ID: 2856 |ParentID: 644)
Stoppé! C:Program Files (x86)RealNetworksRealDownloaderrndlresolversvc.exe (ID: 2904 |ParentID: 644)
Stoppé! C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe (ID: 3024 |ParentID: 644)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 3060 |ParentID: 644)
Stoppé! c:Program Files (x86)Hewlett-PackardTouchSmartMediaKernelCLMLCLMLSvc.exe (ID: 2444 |ParentID: 484)
Stoppé! C:Program Files (x86)Norton Internet SecurityEngine16.8.3.6ccSvcHst.exe (ID: 3828 |ParentID: 2856)
Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3476 |ParentID: 1696)
Stoppé! C:Program FilesIDTWDMsttray64.exe (ID: 824 |ParentID: 1696)
Stoppé! C:Program FilesHewlett-PackardHP MediaSmartSmartMenu.exe (ID: 3752 |ParentID: 1696)
Stoppé! C:Program FilesJavajre6binjusched.exe (ID: 4032 |ParentID: 1696)
Stoppé! C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe (ID: 3928 |ParentID: 1696)
Stoppé! C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 3296 |ParentID: 3476)
Stoppé! C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe (ID: 3888 |ParentID: 1696)
Stoppé! C:Program Files (x86)SamsungSamsung New PC StudioNPSAgent.exe (ID: 472 |ParentID: 1696)
Stoppé! C:WindowsSystem32StikyNot.exe (ID: 3524 |ParentID: 1696)
Stoppé! C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe (ID: 4156 |ParentID: 1696)
Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 4204 |ParentID: 644)
Stoppé! C:Program Files (x86)Pando NetworksMedia BoosterPMB.exe (ID: 4260 |ParentID: 1696)
Stoppé! C:WindowsSystem32wscript.exe (ID: 4276 |ParentID: 1696)
Stoppé! C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQLBCTRL.exe (ID: 4448 |ParentID: 4320)
Stoppé! C:Program Files (x86)HpHP Software Updatehpwuschd2.exe (ID: 4744 |ParentID: 4320)
Stoppé! C:UsersClémenceAppDataRoamingDropboxbinDropbox.exe (ID: 4784 |ParentID: 1696)
Stoppé! C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe (ID: 4800 |ParentID: 4320)
Stoppé! C:Program Files (x86)Microsoft OfficeOffice14ONENOTEM.EXE (ID: 4820 |ParentID: 1696)
Stoppé! C:Program Files (x86)Javajre6binjusched.exe (ID: 4848 |ParentID: 4320)
Stoppé! C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe (ID: 4912 |ParentID: 644)
Stoppé! C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe (ID: 4920 |ParentID: 4320)
Stoppé! C:Program Files (x86)iTunesiTunesHelper.exe (ID: 4948 |ParentID: 4320)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID: 4976 |ParentID: 4320)
Stoppé! C:Program FilesAlwil SoftwareAvast5AvastUI.exe (ID: 4992 |ParentID: 4320)
Stoppé! C:Program Files (x86)RealRealPlayerUpdaterealsched.exe (ID: 4600 |ParentID: 4320)
Stoppé! C:Program Files (x86)AdobeAcrobat 11.0Acrobatacrotray.exe (ID: 4396 |ParentID: 4320)
Stoppé! C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID: 5036 |ParentID: 644)
Stoppé! C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe (ID: 5048 |ParentID: 4320)
Stoppé! C:Program Files (x86)USB Disk SecurityUSBGuard.exe (ID: 2412 |ParentID: 4320)
Stoppé! C:Program Files (x86)Common FilesAdobeCEPServiceManager4CEPServiceManager.exe (ID: 2492 |ParentID: 5048)
Stoppé! C:Program FilesiPodbiniPodService.exe (ID: 5356 |ParentID: 644)
Stoppé! C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsCom4QLBEx.exe (ID: 5804 |ParentID: 644)
Stoppé! C:Program Files (x86)Hewlett-PackardSharedhpqToaster.exe (ID: 6020 |ParentID: 776)
Stoppé! C:Windowssystem32DllHost.exe (ID: 1668 |ParentID: 776)
Stoppé! C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncCoreSync.exe (ID: 2916 |ParentID: 5048)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4988 |ParentID: 644)
Stoppé! C:Program Files (x86)AdobeAdobe Creative CloudHEXAdobe CEF Helper.exe (ID: 6560 |ParentID: 5048)
Stoppé! C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe (ID: 7088 |ParentID: 644)
Stoppé! C:Windowssystem32sppsvc.exe (ID: 7160 |ParentID: 644)
Stoppé! C:Windowssystem32taskeng.exe (ID: 6976 |ParentID: 716)
Stoppé! C:Windowssystem32wuauclt.exe (ID: 3936 |ParentID: 716)
Stoppé! \?C:Windowssystem32wbemWMIADAP.EXE (ID: 4296 |ParentID: 716)
Stoppé! C:WindowsservicingTrustedInstaller.exe (ID: 5304 |ParentID: 644)
Stoppé! C:WindowsSystem32WUDFHost.exe (ID: 3084 |ParentID: 364)
Stoppé! C:UsersClémenceAppDataLocalGoogleChromeApplicationchrome.exe (ID: 4184 |ParentID: 1696)
Stoppé! C:UsersClémenceAppDataLocalGoogleChromeApplicationchrome.exe (ID: 656 |ParentID: 4184)
Stoppé! C:UsersClémenceAppDataLocalGoogleChromeApplicationchrome.exe (ID: 2640 |ParentID: 4184)
Stoppé! C:UsersClémenceAppDataLocalGoogleChromeApplicationchrome.exe (ID: 1688 |ParentID: 4184)
Stoppé! C:UsersClémenceAppDataLocalGoogleChromeApplicationchrome.exe (ID: 3508 |ParentID: 4184)
Stoppé! C:UsersClémenceAppDataLocalGoogleChromeApplicationchrome.exe (ID: 3896 |ParentID: 4184)
Stoppé! C:Windowssystem32consent.exe (ID: 7348 |ParentID: 716)
Stoppé! C:UsersClémenceAppDataLocalGoogleChromeApplicationchrome.exe (ID: 7844 |ParentID: 4184)
Stoppé! C:UsersClémenceAppDataLocalGoogleChromeApplicationchrome.exe (ID: 7648 |ParentID: 4184)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [HPCam_Menu] – “c:Program Files (x86)Hewlett-PackardMediaWebcamMUITransferMUIStartMenu.exe” “c:Program Files (x86)Hewlett-PackardMediaWebcam” UpdateWithCreateOnce “SoftwareHewlett-PackardMediaWebcam”
04 – HKLMSOFTWARE | Run : [QlbCtrl.exe] – C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
04 – HKLMSOFTWARE | Run : [NortonOnlineBackupReminder] – “C:Program Files (x86)SymantecNorton Online BackupActivationNobuActivation.exe” UNATTENDED
04 – HKLMSOFTWARE | Run : [UpdatePRCShortCut] – “C:Program Files (x86)Hewlett-PackardRecoveryMUITransferMUIStartMenu.exe” “C:Program Files (x86)Hewlett-PackardRecovery” UpdateWithCreateOnce “SoftwareCyberLinkPowerRecover”
04 – HKLMSOFTWARE | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
04 – HKLMSOFTWARE | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWARE | Run : [WirelessAssistant] – C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Javajre6binjusched.exe”
04 – HKLMSOFTWARE | Run : [NPSStartup] –
04 – HKLMSOFTWARE | Run : [EEventManager] – C:PROGRA~2EPSONS~1EVENTM~1EEventManager.exe
04 – HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [avast] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
04 – HKLMSOFTWARE | Run : [TkBellExe] – “C:Program Files (x86)RealRealPlayerUpdaterealsched.exe” -osboot
04 – HKLMSOFTWARE | Run : [AdobeCS6ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
04 – HKLMSOFTWARE | Run : [] –
04 – HKLMSOFTWARE | Run : [Acrobat Assistant 8.0] – “C:Program Files (x86)AdobeAcrobat 11.0AcrobatAcrotray.exe”
04 – HKLMSOFTWARE | Run : [tuto4pc_fr_62] –
04 – HKLMSOFTWARE | Run : [Adobe Creative Cloud] – “C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe” –showwindow=false –onOSstartup=true
04 – HKLMSOFTWARE | Run : [USB Security] – C:Program Files (x86)USB Disk SecurityUSBGuard.exe
04 – HKLMSOFTWAREwow6432Node | Run : [HPCam_Menu] – “c:Program Files (x86)Hewlett-PackardMediaWebcamMUITransferMUIStartMenu.exe” “c:Program Files (x86)Hewlett-PackardMediaWebcam” UpdateWithCreateOnce “SoftwareHewlett-PackardMediaWebcam”
04 – HKLMSOFTWAREwow6432Node | Run : [QlbCtrl.exe] – C:Program Files (x86)Hewlett-PackardHP Quick Launch ButtonsQlbCtrl.exe /Start
04 – HKLMSOFTWAREwow6432Node | Run : [NortonOnlineBackupReminder] – “C:Program Files (x86)SymantecNorton Online BackupActivationNobuActivation.exe” UNATTENDED
04 – HKLMSOFTWAREwow6432Node | Run : [UpdatePRCShortCut] – “C:Program Files (x86)Hewlett-PackardRecoveryMUITransferMUIStartMenu.exe” “C:Program Files (x86)Hewlett-PackardRecovery” UpdateWithCreateOnce “SoftwareCyberLinkPowerRecover”
04 – HKLMSOFTWAREwow6432Node | Run : [Easybits Recovery] – C:Program Files (x86)EasyBits For KidsezRecover.exe
04 – HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
04 – HKLMSOFTWAREwow6432Node | Run : [WirelessAssistant] – C:Program Files (x86)Hewlett-PackardHP Wireless AssistantHPWAMain.exe
04 – HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Javajre6binjusched.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [NPSStartup] –
04 – HKLMSOFTWAREwow6432Node | Run : [EEventManager] – C:PROGRA~2EPSONS~1EVENTM~1EEventManager.exe
04 – HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
04 – HKLMSOFTWAREwow6432Node | Run : [TkBellExe] – “C:Program Files (x86)RealRealPlayerUpdaterealsched.exe” -osboot
04 – HKLMSOFTWAREwow6432Node | Run : [AdobeCS6ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
04 – HKLMSOFTWAREwow6432Node | Run : [] –
04 – HKLMSOFTWAREwow6432Node | Run : [Acrobat Assistant 8.0] – “C:Program Files (x86)AdobeAcrobat 11.0AcrobatAcrotray.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [tuto4pc_fr_62] –
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe Creative Cloud] – “C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe” –showwindow=false –onOSstartup=true
04 – HKLMSOFTWAREwow6432Node | Run : [USB Security] – C:Program Files (x86)USB Disk SecurityUSBGuard.exe
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [HPADVISOR] – C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe view=DOCKVIEW
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [LightScribe Control Panel] – C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [msnmsgr] – ~”C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [AutoStartNPSAgent] – C:Program Files (x86)SamsungSamsung New PC StudioNPSAgent.exe
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [COM+ Manager] – “C:UsersClémence.COMMgrcomplmgr.exe”
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [EPSON SX110 Series] – C:Windowssystem32spoolDRIVERSx643E_IATIFBE.EXE /FU “C:WindowsTEMPE_SFB9.tmp” /EF “HKCU”
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [RESTART_STICKY_NOTES] – C:WindowsSystem32StikyNot.exe
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [Google Update] – “C:UsersClémenceAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [TomTomHOME.exe] – “C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe”
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [AdobeBridge] –
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [Pando Media Booster] – C:Program Files (x86)Pando NetworksMedia BoosterPMB.exe
04 – HKUS-1-5-21-2314335537-1940973523-1338421818-1000SOFTWARE | Run : [iTunesHelper] – wscript.exe //B “C:UsersCLMENC~1AppDataLocalTempiTunesHelper.vbe”
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-18SOFTWARE | RunOnce : [SPReview] – “C:WindowsSystem32SPReviewSPReview.exe” /sp:1 /errorfwlink:”http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

################## | Recherche générique |

Supprimé! C:UsersCLMENC~1AppDataLocalTempiTunesHelper.vbe
Supprimé! C:UsersClémenceAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Supprimé! G:iTunesHelper.vbe
Supprimé! G:plan.lnk
Supprimé! G:Fiche de poste.lnk
Supprimé! G:video weio clemence.lnk
Supprimé! G:PaymentConfirmation.lnk
Supprimé! G:Formations PCS.lnk
Supprimé! G:TOULOUSE_MATABIAU-PARIS_MONTPARNASSE_1_ET_2_10-10-13_DEVOUCOUX_CLEMENCE_SQBFZG_xGeGbhLFfZNeg48dGQBf.lnk
Supprimé! G:Fiche justificatifs transports semaine fneo.lnk
Supprimé! G:Justificatif_TOULOUSE_MATABIAU-PARIS_AUSTERLITZ_28-08-13_DEVOUCOUX_CLEMENCE_UTUAKL_K1xpqPbx5Z64bM5GeTBK.lnk
Supprimé! G:PARIS_GARE_DE_LYON-NICE_VILLE_11-10-13_DEVOUCOUX_CLEMENCE_SRUIIY_TSoUsCj0hma2mbAb0ewX.lnk
Supprimé! G:PCS 2011-2012.lnk
Supprimé! G:PCS 2012-2013.lnk
Supprimé! C:WindowsSysWOW64update.exe

(!) Fichiers temporaires supprimés.

################## | Référence de comparaison MD5 |

Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersClémenceAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe
Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersCLMENC~1AppDataLocalTempiTunesHelper.vbe
Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> G:iTunesHelper.vbe
Md5 : 32BEF3BB4B558ADE6CF41113628FC86D -> C:UsersClémenceAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupiTunesHelper.vbe

################## | Comparaison MD5 |

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
Supprimé! HKUS-1-5-21-2314335537-1940973523-1338421818-1000SoftwareMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionRun|iTunesHelper
Supprimé! HKUS-1-5-21-2314335537-1940973523-1338421818-1000Software….Mountpoints2{113d9f35-6759-11e0-958d-00269e9fcf3e}

################## | Listing |

[19/02/2010 – 17:47:03 | SHD ] C:$Recycle.Bin
[11/10/2010 – 18:22:21 | D ] C:474cde2ad869e9be39c3d2ba269ac518
[21/03/2012 – 12:44:17 | D ] C:5f47f37c25116b45751ddef4f8fc3054
[15/11/2012 – 11:57:58 | D ] C:685871fb14ef6278cf
[04/12/2013 – 16:14:05 | D ] C:AdwCleaner
[27/08/2009 – 02:53:12 | SHD ] C:boot
[14/07/2009 – 02:38:58 | RASH | 383562] C:bootmgr
[16/11/2012 – 17:49:54 | D ] C:c114e0b253b2a003efd8
[15/09/2013 – 22:14:18 | D ] C:decauto
[14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
[04/12/2013 – 16:15:55 | ASH | 3218235392] C:hiberfil.sys
[23/11/2009 – 01:07:42 | D ] C:HP
[26/08/2009 – 14:40:56 | RHD ] C:MSOCache
[04/12/2013 – 16:15:59 | ASH | 4290981888] C:pagefile.sys
[14/07/2009 – 04:20:08 | D ] C:PerfLogs
[04/12/2013 – 16:13:40 | D ] C:Program Files
[04/12/2013 – 16:13:47 | D ] C:Program Files (x86)
[04/12/2013 – 16:17:35 | HD ] C:ProgramData
[22/01/2010 – 17:01:45 | SHD ] C:Recovery
[27/11/2013 – 11:33:33 | N | 184] C:setup.log
[27/11/2013 – 11:32:20 | D ] C:SwSetup
[04/12/2013 – 12:09:13 | SHD ] C:System Volume Information
[22/01/2010 – 17:01:55 | D ] C:SYSTEM.SAV
[04/12/2013 – 16:37:01 | D ] C:UsbFix
[04/12/2013 – 16:05:39 | N | 12980] C:UsbFix [Clean 2] CLÉMENCE-PC.txt
[04/12/2013 – 16:37:12 | A | 19900] C:UsbFix [Clean 4] CLÉMENCE-PC.txt
[04/12/2013 – 15:52:25 | N | 18818] C:UsbFix [Scan 1] CLÉMENCE-PC.txt
[22/01/2010 – 17:00:24 | RD ] C:Users
[04/12/2013 – 10:28:55 | D ] C:Windows
[22/01/2010 – 17:07:11 | SHD ] D:$RECYCLE.BIN
[22/01/2010 – 17:07:08 | SHD ] D:boot
[14/07/2009 – 19:39:00 | ASH | 383562] D:bootmgr
[22/01/2010 – 17:07:08 | N | 0] D:BT_HP.FLG
[23/11/2009 – 00:36:00 | N | 453] D:CSP.DAT
[23/11/2009 – 00:47:12 | N | 11423] D:DeployRp.log
[22/01/2010 – 17:07:08 | D ] D:hp
[22/01/2010 – 18:40:42 | N | 0] D:hpdrcu.prc
[12/01/2011 – 10:32:02 | N | 21] D:HPSF_Rep.txt
[22/01/2010 – 17:06:58 | N | 8] D:HP_WSD.dat
[22/01/2010 – 17:07:08 | N | 22] D:language.ini
[22/01/2010 – 17:07:08 | SHD ] D:preload
[22/01/2010 – 17:07:08 | SD ] D:Recovery
[23/11/2009 – 00:47:08 | N | 0] D:RPCONFIG.LOG
[17/09/2011 – 17:25:00 | SHD ] D:System Volume Information
[22/01/2010 – 17:07:08 | D ] D:system.sav
[21/11/2013 – 21:00:38 | N | 18254] G:plan.docx
[28/11/2013 – 12:25:44 | D ] G:LOST.DIR
[24/09/2013 – 20:04:52 | N | 2187574] G:signature.jpg
[27/11/2013 – 15:46:20 | D ] G:Subventions
[19/09/2013 – 17:54:40 | N | 15781] G:Fiche de poste.docx
[29/11/2013 – 13:07:20 | N | 113346726] G:Mon film.wmv
[19/11/2013 – 15:08:16 | N | 4] G:_disk_id.pod
[27/11/2013 – 15:45:18 | D ] G:Formations PCS
[13/06/2013 – 13:08:22 | N | 9917] G:45306970.pdf
[04/12/2013 – 15:32:32 | SHD ] G:AUTORUN.INF
[03/09/2012 – 15:52:14 | D ] G:Démographie
[10/12/2012 – 15:16:06 | D ] G:Coordonnées
[03/09/2012 – 15:52:34 | D ] G:Graine d’orthophonie
[03/09/2012 – 15:52:36 | D ] G:Newletters
[27/11/2013 – 20:31:26 | N | 14115] G:tour de réseau 27-11-13.docx
[23/11/2013 – 20:05:14 | N | 752110] G:etp_-_guide_version_finale_2_pdf.pdf
[23/11/2013 – 20:03:52 | N | 16925] G:criteres_de_qualite_dune_education_therapeutique_du_patient_web.pdf
[23/11/2013 – 20:04:42 | N | 77175] G:etp_grille_aide_evaluation_autorisation_programme_ars_web.pdf
[24/11/2013 – 17:13:28 | N | 84264] G:vidéo weio.wlmp
[24/11/2013 – 16:47:16 | N | 302736] G:PPT type.pptx
[20/11/2013 – 16:08:48 | N | 17897393] G:video weio clemence.wmv
[19/10/2013 – 16:37:36 | N | 155648] G:Fiche justificatifs transports wer nice.doc
[09/10/2013 – 17:31:58 | N | 154059] G:TOULOUSE_MATABIAU-PARIS_MONTPARNASSE_1_ET_2_10-10-13_DEVOUCOUX_CLEMENCE_SQBFZG_xGeGbhLFfZNeg48dGQBf.pdf
[20/11/2013 – 11:57:18 | N | 156672] G:Fiche justificatifs transports WEIO.doc
[19/10/2013 – 16:19:36 | N | 52624] G:Fiche_de_remboursement_FAGE.xlsx
[14/10/2013 – 20:56:24 | N | 155648] G:Fiche justificatifs transports semaine fneo.doc
[14/10/2013 – 20:50:34 | N | 122074] G:billet idtgv.pdf
[14/10/2013 – 20:49:22 | N | 68698] G:Justificatif_TOULOUSE_MATABIAU-PARIS_AUSTERLITZ_28-08-13_DEVOUCOUX_CLEMENCE_UTUAKL_K1xpqPbx5Z64bM5GeTBK.pdf
[09/10/2013 – 17:32:22 | N | 153276] G:PARIS_GARE_DE_LYON-NICE_VILLE_11-10-13_DEVOUCOUX_CLEMENCE_SRUIIY_TSoUsCj0hma2mbAb0ewX.pdf
[30/04/2013 – 10:15:10 | N | 782461] G:PaymentConfirmation.pdf
[25/04/2013 – 20:41:44 | N | 240523] G:BoardingPass.pdf
[24/11/2013 – 17:14:16 | N | 10147353] G:vidéo weio.wmv
[13/06/2013 – 19:47:28 | D ] G:PCS 2011-2012
[13/06/2013 – 18:36:58 | D ] G:PCS 2012-2013

################## | Vaccin |

(!) Cet ordinateur n’est pas vacciné!

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |