Johanna
Nombre d'articles : 0

Voilà voilà ! Merci :)

############################## | UsbFix V 7.153 | [Recherche]

Utilisateur: Johanna (Administrateur) # BOLDERIZ
Mis à jour le 09/12/2013 par El Desaparecido – Team SosVirus
Lancé à 21:15:46 | 10/12/2013

Site Web : http://www.usbfix.net” onclick=”window.open(this.href);return false;
Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
Upload Malware : upload_malware.php
Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

PC: Acer (Aspire X3950)
CPU: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
RAM -> [Total : 4023 | Free : 1613]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 10.0.9200.16736
WB: Google Chrome : 31.0.1650.63

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
AS: Malwarebytes’ Anti-Malware : 1.60.0061
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 226 Go (22 Go libre(s) – 10%) [Acer] # NTFS
D: -> Disque fixe # 226 Go (34 Go libre(s) – 15%) [Data] # NTFS
E: -> CD-ROM
G: -> CD-ROM
H: -> Disque amovible # 15 Go (9 Go libre(s) – 63%) [EOS_DIGITAL] # FAT32
L: -> Disque amovible # 4 Go (3 Go libre(s) – 92%) [] # FAT32

################## | Processus Actif |

C:Windowssystem32csrss.exe (ID: 472 |ParentID: 464)
C:Windowssystem32wininit.exe (ID: 540 |ParentID: 464)
C:Windowssystem32csrss.exe (ID: 564 |ParentID: 548)
C:Windowssystem32services.exe (ID: 600 |ParentID: 540)
C:Windowssystem32lsass.exe (ID: 616 |ParentID: 540)
C:Windowssystem32lsm.exe (ID: 624 |ParentID: 540)
C:Windowssystem32svchost.exe (ID: 736 |ParentID: 600)
C:Windowssystem32svchost.exe (ID: 832 |ParentID: 600)
C:Windowssystem32atiesrxx.exe (ID: 892 |ParentID: 600)
C:Windowssystem32winlogon.exe (ID: 940 |ParentID: 548)
C:WindowsSystem32svchost.exe (ID: 984 |ParentID: 600)
C:WindowsSystem32svchost.exe (ID: 124 |ParentID: 600)
C:Windowssystem32svchost.exe (ID: 388 |ParentID: 600)
C:Windowssystem32svchost.exe (ID: 468 |ParentID: 600)
C:Windowssystem32svchost.exe (ID: 1212 |ParentID: 600)
C:Windowssystem32atieclxx.exe (ID: 1344 |ParentID: 892)
C:Program FilesAlwil SoftwareAvast5AvastSvc.exe (ID: 1432 |ParentID: 600)
C:WindowsSystem32spoolsv.exe (ID: 1792 |ParentID: 600)
C:Windowssystem32taskeng.exe (ID: 1820 |ParentID: 468)
C:Windowssystem32svchost.exe (ID: 1832 |ParentID: 600)
C:Windowssystem32svchost.exe (ID: 1868 |ParentID: 600)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1968 |ParentID: 600)
C:WindowsSysWOW64ANIWConnService.exe (ID: 2020 |ParentID: 600)
C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 2044 |ParentID: 600)
C:Program FilesBonjourmDNSResponder.exe (ID: 1192 |ParentID: 600)
C:Program Files (x86)AcerRegistrationGregHSRW.exe (ID: 1200 |ParentID: 600)
C:Program Files (x86)CyberlinkShared filesRichVideo.exe (ID: 1196 |ParentID: 600)
C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 2280 |ParentID: 600)
C:Windowssystem32svchost.exe (ID: 2368 |ParentID: 600)
C:Program FilesAcerAcer UpdaterUpdaterService.exe (ID: 2420 |ParentID: 600)
C:OEMUSBDECTIONUSBS3S4Detection.exe (ID: 2464 |ParentID: 600)
C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 2520 |ParentID: 600)
C:Windowssystem32taskhost.exe (ID: 2728 |ParentID: 600)
C:Windowssystem32Dwm.exe (ID: 2844 |ParentID: 124)
C:WindowsExplorer.EXE (ID: 2892 |ParentID: 2836)
C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (ID: 3136 |ParentID: 600)
C:WindowsservicingTrustedInstaller.exe (ID: 3468 |ParentID: 600)
C:Program Files (x86)EgisTec MyWinLockerx86mwlDaemon.exe (ID: 3528 |ParentID: 2892)
C:WindowsSystem32WUDFHost.exe (ID: 3772 |ParentID: 124)
C:Program FilesRealtekAudioHDARAVCpl64.exe (ID: 3824 |ParentID: 2892)
C:Program FilesWindows Sidebarsidebar.exe (ID: 3864 |ParentID: 2892)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3876 |ParentID: 2892)
C:Program Files (x86)SamsungKiesKies.exe (ID: 3900 |ParentID: 2892)
C:Program Files (x86)SamsungKiesExternalFirmwareUpdateKiesPDLR.exe (ID: 3908 |ParentID: 2892)
C:WindowsSystem32wscript.exe (ID: 3976 |ParentID: 2892)
C:Windowssystem32spoolDRIVERSx643HP1006MC.EXE (ID: 2664 |ParentID: 736)
C:Program Files (x86)EgisTec IPSPmmUpdate.exe (ID: 2636 |ParentID: 3988)
C:Program Files (x86)AcerHotkey UtilityHotkeyUtility.exe (ID: 2800 |ParentID: 3988)
C:Windowssystem32SearchIndexer.exe (ID: 3192 |ParentID: 600)
C:Program Files (x86)AcerHotkey UtilityHotkeyUI.exe (ID: 3464 |ParentID: 2800)
C:Program Files (x86)Acer Arcade DeluxeArcade MovieArcadeMovieService.exe (ID: 552 |ParentID: 3988)
C:Program Files (x86)ANIANIWZCS2 ServiceWZCSLDR2.exe (ID: 1172 |ParentID: 3988)
C:Program Files (x86)D-LinkDWL-G122_DWA-110AirGCFG.exe (ID: 3920 |ParentID: 3988)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3840 |ParentID: 600)
C:Program FilesAlwil SoftwareAvast5AvastUI.exe (ID: 3612 |ParentID: 3988)
C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer.exe (ID: 3604 |ParentID: 3988)
C:Program Files (x86)Belgium Identity Cardbeid35gui.exe (ID: 3936 |ParentID: 3988)
C:Program Files (x86)NikonNikon Message Center 2NkMC2.exe (ID: 3952 |ParentID: 3988)
C:Program Files (x86)SamsungKiesKiesTrayAgent.exe (ID: 4132 |ParentID: 3988)
C:Program Files (x86)iTunesiTunesHelper.exe (ID: 4232 |ParentID: 3988)
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID: 4248 |ParentID: 3988)
C:UsersJohannaAppDataRoamingDropboxbinDropbox.exe (ID: 4344 |ParentID: 2892)
C:Windowssystem32wbemwmiprvse.exe (ID: 4496 |ParentID: 736)
C:Windowssplwow64.exe (ID: 4504 |ParentID: 3936)
C:Program FilesiPodbiniPodService.exe (ID: 4600 |ParentID: 600)
C:Windowssystem32SearchProtocolHost.exe (ID: 4636 |ParentID: 3192)
C:Windowssystem32SearchFilterHost.exe (ID: 5068 |ParentID: 3192)
C:Program Files (x86)EgisTec IPSEgisUpdate.exe (ID: 4148 |ParentID: 4092)
C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 6076 |ParentID: 3832)
C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 4092 |ParentID: 6076)
C:Windowssystem32wbemwmiprvse.exe (ID: 5124 |ParentID: 736)
C:Windowssystem32sppsvc.exe (ID: 1944 |ParentID: 600)
C:WindowsSystem32svchost.exe (ID: 3392 |ParentID: 600)
C:UsbFixGo.exe (ID: 6140 |ParentID: 3964)
C:Windowssystem32taskhost.exe (ID: 3956 |ParentID: 600)

################## | Regedit Run |

04 – HKLMSOFTWARE | Run : [SuiteTray] – “C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe”
04 – HKLMSOFTWARE | Run : [EgisUpdate] – “C:Program Files (x86)EgisTec IPSEgisUpdate.exe” -d
04 – HKLMSOFTWARE | Run : [EgisTecPMMUpdate] – “C:Program Files (x86)EgisTec IPSPmmUpdate.exe”
04 – HKLMSOFTWARE | Run : [Hotkey Utility] – C:Program Files (x86)AcerHotkey UtilityHotkeyUtility.exe
04 – HKLMSOFTWARE | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
04 – HKLMSOFTWARE | Run : [MDS_Menu] – “C:Program Files (x86)Acer Arcade DeluxeMediaShow EspressoMUITransfer

MUIStartMenu.exe” “C:Program Files (x86)Acer Arcade DeluxeMediaShow Espresso” UpdateWithCreateOnce “SoftwareCyberLink

MediaShow Espresso5.6″
04 – HKLMSOFTWARE | Run : [ArcadeMovieService] – “C:Program Files (x86)Acer Arcade DeluxeArcade MovieArcadeMovieService.exe”
04 – HKLMSOFTWARE | Run : [ANIWZCS2Service] – C:Program Files (x86)ANIANIWZCS2 ServiceWZCSLDR2.exe
04 – HKLMSOFTWARE | Run : [D-Link D-Link Wireless G DWL-G122_DWA-110] – C:Program Files (x86)D-LinkDWL-G122_DWA-110AirGCFG.exe
04 – HKLMSOFTWARE | Run : [WZCSLDR2] – C:Program Files (x86)D-LinkDWL-G122_DWA-110WZCSLDR2.exe
04 – HKLMSOFTWARE | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
04 – HKLMSOFTWARE | Run : [DivX Download Manager] – “C:Program Files (x86)DivXDivX Plus Web PlayerDDmService.exe” start
04 – HKLMSOFTWARE | Run : [NokiaMServer] – C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer /watchfiles startup
04 – HKLMSOFTWARE | Run : [beid] – “C:Program Files (x86)Belgium Identity Cardbeid35gui.exe” /startup
04 – HKLMSOFTWARE | Run : [Nikon Message Center 2] – C:Program Files (x86)NikonNikon Message Center 2NkMC2.exe -s
04 – HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWARE | Run : [KiesTrayAgent] – C:Program Files (x86)SamsungKiesKiesTrayAgent.exe
04 – HKLMSOFTWARE | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLMSOFTWARE | Run : [AdobeCS5.5ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS5.5ServiceManager

CS5.5ServiceManager.exe” -launchedbylogin
04 – HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [SuiteTray] – “C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [EgisUpdate] – “C:Program Files (x86)EgisTec IPSEgisUpdate.exe” -d
04 – HKLMSOFTWAREwow6432Node | Run : [EgisTecPMMUpdate] – “C:Program Files (x86)EgisTec IPSPmmUpdate.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Hotkey Utility] – C:Program Files (x86)AcerHotkey UtilityHotkeyUtility.exe
04 – HKLMSOFTWAREwow6432Node | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
04 – HKLMSOFTWAREwow6432Node | Run : [MDS_Menu] – “C:Program Files (x86)Acer Arcade DeluxeMediaShow EspressoMUITransfer

MUIStartMenu.exe” “C:Program Files (x86)Acer Arcade DeluxeMediaShow Espresso” UpdateWithCreateOnce “SoftwareCyberLink

MediaShow Espresso5.6″
04 – HKLMSOFTWAREwow6432Node | Run : [ArcadeMovieService] – “C:Program Files (x86)Acer Arcade DeluxeArcade Movie

ArcadeMovieService.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [ANIWZCS2Service] – C:Program Files (x86)ANIANIWZCS2 ServiceWZCSLDR2.exe
04 – HKLMSOFTWAREwow6432Node | Run : [D-Link D-Link Wireless G DWL-G122_DWA-110] – C:Program Files (x86)D-LinkDWL-G122_DWA-

110AirGCFG.exe
04 – HKLMSOFTWAREwow6432Node | Run : [WZCSLDR2] – C:Program Files (x86)D-LinkDWL-G122_DWA-110WZCSLDR2.exe
04 – HKLMSOFTWAREwow6432Node | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
04 – HKLMSOFTWAREwow6432Node | Run : [DivX Download Manager] – “C:Program Files (x86)DivXDivX Plus Web PlayerDDmService.exe”

start
04 – HKLMSOFTWAREwow6432Node | Run : [NokiaMServer] – C:Program Files (x86)Common FilesNokiaMPlatformNokiaMServer

/watchfiles startup
04 – HKLMSOFTWAREwow6432Node | Run : [beid] – “C:Program Files (x86)Belgium Identity Cardbeid35gui.exe” /startup
04 – HKLMSOFTWAREwow6432Node | Run : [Nikon Message Center 2] – C:Program Files (x86)NikonNikon Message Center 2NkMC2.exe -s
04 – HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application Support

APSDaemon.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [KiesTrayAgent] – C:Program Files (x86)SamsungKiesKiesTrayAgent.exe
04 – HKLMSOFTWAREwow6432Node | Run : [SwitchBoard] – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
04 – HKLMSOFTWAREwow6432Node | Run : [AdobeCS5.5ServiceManager] – “C:Program Files (x86)Common FilesAdobe

CS5.5ServiceManagerCS5.5ServiceManager.exe” -launchedbylogin
04 – HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
04 – HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLMSOFTWARE | RunOnce : [] –
04 – HKLMSOFTWAREwow6432Node | RunOnce : [] –
04 – HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe

/autoRun
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [] –
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [6523C50143549A54528E11B50D9843DEF8ACBEE2._service_run] –

“C:Program Files (x86)GoogleChromeApplicationchrome.exe” –type=service
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [Facebook Update] – “C:UsersJohannaAppDataLocal

FacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [KiesPreload] – C:Program Files (x86)SamsungKiesKies.exe

/preload
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [KiesAirMessage] – C:Program Files (x86)SamsungKies

KiesAirMessage.exe -startup
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [KiesPDLR] – C:Program Files (x86)SamsungKiesExternal

FirmwareUpdateKiesPDLR.exe
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [AlcoholAutomount] – “C:Program Files (x86)Alcohol Soft

Alcohol 120AxAutoMntSrv.exe” -automount
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [AdobeBridge] –
04 – HKUS-1-5-21-2410170964-28622760-4243927499-1000SOFTWARE | Run : [SURVIVAL] – wscript.exe //B “C:UsersJohannaAppDataLocal

TempSURVIVAL.vbe”
04 – HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-18SOFTWARE | RunOnce : [SPReview] – “C:WindowsSystem32SPReviewSPReview.exe” /sp:1

/errorfwlink:”http://go.microsoft.com/fwlink/?LinkID=122915″ /build:7601

################## | Recherche générique |

Présent! C:UsersJohannaAppDataLocalTempSURVIVAL.vbe
Présent! C:UsersJohannaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupSURVIVAL.vbe
Présent! H:SURVIVAL.vbe
Présent! L:SURVIVAL.vbe
Présent! H:MISC.lnk
Présent! H:Autorun.inf.lnk
Présent! H:DCIM.lnk
Présent! L:IMPRIMER.lnk
Présent! L:.lnk
Présent! L:MEGE approche anthropologique cours 4 A RELIRE.lnk
Présent! L:.Trashes.lnk
Présent! L:Queen – Greatest Hits 1974-1980 – 1981.lnk
Présent! L:Rejoicing In The Hands.lnk
Présent! L:MEGE 1er cours clinique relu.lnk
Présent! L:MEGE approche anthropologique cours 3 Hypnose en anesthésie RELU.lnk
Présent! L:MEGE approche anthropologique cours 5 A RELIRE.lnk
Présent! L:MEGE approche anthropologique cours 6 A RELIRE.lnk
Présent! L:Modalite´ d’examen pour la partie CAM.lnk
Présent! L:MEGE 1er cours annexe violences conjuguales fiche pratique.lnk
Présent! L:MEGE 1er cours introduction.lnk
Présent! L:MEGE 2ème cours clinique relu.lnk
Présent! L:MEGE 3ème cours clinique relu.lnk
Présent! L:MEGE 4ème cours clinique relu.lnk
Présent! L:MEGE 5ème cours clinique A RELIRE .lnk
Présent! L:MEGE 6e`me cours clinique A RELIRE.lnk
Présent! L:MEGE 7e`me cours clinique A RELIRE.lnk
Présent! L:MEGE 7ème cours clinique.lnk
Présent! L:MEGE approche anthropologique cours 1 relu.lnk
Présent! L:MEGE approche anthropologique cours 2 relu.lnk
Présent! L:.fseventsd.lnk
Présent! L:.Spotlight-V100.lnk
Présent! L:TETE ET COU.lnk
Présent! L:Autorun.inf.lnk
Présent! L:System Volume Information.lnk
Présent! C:UsersJohannaAppDataLocalTemprad0230F.tmp
Présent! C:UsersJohannaAppDataLocalTemp0000000009.pif
Présent! C:UsersJohannaAppDataLocalTemp0010.pif
Présent! C:UsersJohannaAppDataLocalTemp5s5s.pif
Présent! C:UsersJohannaAppDataLocalTemp5s5s20.pif
Présent! C:UsersJohannaAppDataLocalTemp999z.pif
Présent! C:UsersJohannaAppDataLocalTempetilqs_7OoXdBUc14ideje.pif

################## | Référence de comparaison MD5 |

Md5 : 840C8EC64C07B9DF93713CEC43D7639C -> C:UsersJohannaAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup

SURVIVAL.vbe
Md5 : 840C8EC64C07B9DF93713CEC43D7639C -> C:UsersJohannaAppDataLocalTempSURVIVAL.vbe
Md5 : 840C8EC64C07B9DF93713CEC43D7639C -> H:SURVIVAL.vbe
Md5 : EAE788E9190EF52EEDC929F50DCE300A -> L:SURVIVAL.vbe

################## | Comparaison MD5 |

Présent! Md5 : 840C8EC64C07B9DF93713CEC43D7639C -> C:UsersJohannaAppDataLocalTempSURVIVAL.vbe
Présent! Md5 : 840C8EC64C07B9DF93713CEC43D7639C -> C:UsersJohannaAppDataRoamingMicrosoftWindowsStart MenuPrograms

StartupSURVIVAL.vbe
Présent! Md5 : 840C8EC64C07B9DF93713CEC43D7639C -> H:SURVIVAL.vbe
Présent! Md5 : EAE788E9190EF52EEDC929F50DCE300A -> L:SURVIVAL.vbe

################## | Registre |

Présent! HKUS-1-5-21-2410170964-28622760-4243927499-1000SoftwareMicrosoftWindowsCurrentVersionRun|SURVIVAL
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|SURVIVAL
Présent! HKUS-1-5-21-2410170964-28622760-4243927499-1000SoftwareMicrosoftWindowsCurrentVersionRun|SURVIVAL
Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|SURVIVAL

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
L:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |