Répondre à : infection tout les fichier sont des .exe dans ma clé usb et carte mémoire appareil photo 2016-09-08T13:42:31+00:00
etizaza
Participant
Nombre d'articles : 2

############################## | UsbFix V 7.171 | [Nettoyage]

Utilisateur: etienne (Administrateur) # GÉNIALO_2000
Mis à jour le 18/05/2014 par El Desaparecido – SosVirus
Lancé à 15:11:38 | 23/05/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: Hewlett-Packard (3577)
CPU: AMD E-350 Processor
RAM -> [Total : 3691 Mo| Free : 1394 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17105
WB: Mozilla Firefox : 28.0

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: avast! Antivirus [Enabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
FW: Windows FireWall [(!) Disabled]

C: (%SystemDrive%) -> Disque fixe # 438 Go (80 Go libre(s) – 18%) [] # NTFS
D: -> Disque fixe # 15 Go (2 Go libre(s) – 12%) [RECOVERY] # NTFS
E: -> CD-ROM
F: -> Disque amovible # 15 Go (9 Go libre(s) – 62%) [] # FAT32
H: -> Disque amovible # 15 Go (5 Go libre(s) – 33%) [ETIZAN-16GO] # FAT32

################## | Processus Stoppés |

C:WindowsSystem32atiesrxx.exe (ID: 904|ParentID: 584)
C:WindowsSystem32atieclxx.exe (ID: 1164|ParentID: 904)
C:Windowsexplorer.exe (ID: 1348|ParentID: 1316|etienne)
C:WindowsSystem32spoolsv.exe (ID: 1576|ParentID: 584|Système)
C:WindowsSystem32taskhost.exe (ID: 1600|ParentID: 584|etienne)
C:Program Files (x86)ABBYY FineReader 11NetworkLicenseServer.exe (ID: 1812|ParentID: 584|Système)
C:Program FilesRealtekAudioHDAAERTSr64.exe (ID: 1964|ParentID: 584|Système)
C:Program FilesATI TechnologiesATI.ACEReservation ManagerAMD Reservation Manager.exe (ID: 1988|ParentID: 584|Système)
C:Program Files (x86)BonjourmDNSResponder.exe (ID: 2012|ParentID: 584|Système)
C:Program Files (x86)Common FilesNuancedgnsvc.exe (ID: 1044|ParentID: 584|Système)
C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe (ID: 1404|ParentID: 584|Système)
C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPWMISVC.exe (ID: 1452|ParentID: 584|Système)
C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe (ID: 1704|ParentID: 584|Système)
C:Program Files (x86)RealNetworksRealDownloaderrndlresolversvc.exe (ID: 2060|ParentID: 584|Système)
C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 2304|ParentID: 584|Système)
C:Program FilesATI TechnologiesATI.ACEFuelFuel.Service.exe (ID: 2384|ParentID: 584|Système)
C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 2456|ParentID: 584|Système)
C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE (ID: 476|ParentID: 584|Système)
C:WindowsservicingTrustedInstaller.exe (ID: 3384|ParentID: 584|Système)
C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 4080|ParentID: 1348|etienne)
C:Program FilesRealtekAudioHDARtkNGUI64.exe (ID: 788|ParentID: 1348|etienne)
C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 3624|ParentID: 4080|etienne)
C:ProgramDataFLEXnetConnect11ISUSPM.exe (ID: 1460|ParentID: 1348|etienne)
C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe (ID: 3456|ParentID: 2076|etienne)
C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe (ID: 3520|ParentID: 2076|etienne)
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID: 2744|ParentID: 2076|etienne)
C:Program Files (x86)Browny02BrotherBrStMonW.exe (ID: 1732|ParentID: 2076|etienne)
C:Program Files (x86)Browny02BrYNSvc.exe (ID: 1276|ParentID: 584|Système)
C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSA_Service.exe (ID: 4220|ParentID: 584|Système)
C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe (ID: 4252|ParentID: 584|Système)
C:Program FilesInternet Exploreriexplore.exe (ID: 2276|ParentID: 3332|etienne)
C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Service.exe (ID: 3396|ParentID: 584|Système)
C:Program Files (x86)Internet Exploreriexplore.exe (ID: 2408|ParentID: 2276|etienne)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3444|ParentID: 584|SERVICE RÉSEAU)
C:Program Files (x86)OpenOffice 4programswriter.exe (ID: 3448|ParentID: 1348|etienne)
C:WindowsSystem32taskhost.exe (ID: 364|ParentID: 584|etienne)
C:Program Files (x86)OpenOffice 4programsoffice.exe (ID: 1408|ParentID: 3448|etienne)
C:Program Files (x86)OpenOffice 4programsoffice.bin (ID: 3660|ParentID: 1408|etienne)
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 5844|ParentID: 584|Système)
C:WindowsSystem32SearchIndexer.exe (ID: 4564|ParentID: 584|Système)
C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVH.EXE (ID: 6516|ParentID: 1348|etienne)
C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (ID: 2324|ParentID: 584|SERVICE RÉSEAU)
C:Program Files (x86)SpeedFanspeedfan.exe (ID: 6524|ParentID: 1348|etienne)
C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe (ID: 7256|ParentID: 584|SERVICE LOCAL)
C:WindowsSystem32WUDFHost.exe (ID: 20116|ParentID: 240|SERVICE LOCAL)
C:WindowsSystem32wuauclt.exe (ID: 209904|ParentID: 444|etienne)
C:WindowsSystem32calc.exe (ID: 275468|ParentID: 1348|etienne)
C:Program Files (x86)RealRealPlayerUpdaterealsched.exe (ID: 287848|ParentID: 34004|etienne)
C:UsersetienneAppDataLocalGoogleChromeApplicationchrome.exe (ID: 311168|ParentID: 1348|etienne)
C:UsersetienneAppDataLocalGoogleChromeApplicationchrome.exe (ID: 311040|ParentID: 311168|etienne)
C:UsersetienneAppDataLocalGoogleChromeApplicationchrome.exe (ID: 311324|ParentID: 311168|etienne)
C:UsersetienneAppDataLocalGoogleChromeApplicationchrome.exe (ID: 312108|ParentID: 311168|etienne)
C:UsersetienneAppDataLocalGoogleUpdateInstall{A235A7D6-72A8-4559-8CA5-68321691F261}35.0.1916.114_34.0.1847.137_chrome_updater.exe (ID: 312336|ParentID: 246700|etienne)
C:UsersetienneAppDataLocalTempCR_42D0C.tmpsetup.exe (ID: 310704|ParentID: 312336|etienne)
C:UsersetienneAppDataLocalGoogleChromeApplicationchrome.exe (ID: 311596|ParentID: 311168|etienne)
C:UsersetienneAppDataLocalGoogleChromeApplicationchrome.exe (ID: 312764|ParentID: 311168|etienne)
C:Program Files (x86)ZHPDiagZHPDiag.exe (ID: 317136|ParentID: 317096|etienne)
C:Program Files (x86)LucasArtsROGUERogueSquadron.exe (ID: 311640|ParentID: 1348|etienne)

################## | Autorun |

F:_disk_id.lnk -> F:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
F:FACEDAT.lnk -> F:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
F:DATABASE.lnk -> F:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
F:DCIM.lnk -> F:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:We will look at two different articles about the crash on November 4 in the M5.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:vil19171017.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Documentaire – Tuez-Les Tous – Genocide Rwanda – 1of2 – (Alt.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:la fin de la civilisation selon la NASA.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:8 questions pour en finir avec les clichés sur la théorie de l’évolution .lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Guerre d’Espagne l’Espoir trahit.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Juin 36 – Le Grand Tournant.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:HP4-Birnbaum-PDF.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:lettre motivation école doctorale.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Dette mondiale – Chine – Japon.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Les Insurgés.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Procédure-contrats-doctoraux-2014.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Loi sur les ROP 1910.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Poisons industriels et maladies professionnelles.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:14-15-dossier candidature- contrat- doctoral ED SHS.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Programme du colloque.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:carte d’identité etienne zannis.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:attestation sur l’honneur.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:plan détaillé révolution coloninal.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:compte rendu.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:rédaction révolution colonial 2.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:.fseventsd.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:mémoire M2.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Allemagne 1918-1919.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Le cauchemar de Darwin.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:Viva.Zapata.1952-[E.Kazan]-vostfr-M.Brando.A.Quinn_pik.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:pour kevin.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:.Trashes.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:.Spotlight-V100.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)
H:.TemporaryItems.lnk -> H:SergeLeLama.vbs – (SHA1: 1704DDD0358E25D4231B8E52B4F59DA5C31116DB)

################## | Recherche générique |

Supprimé! C:UsersetienneAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupSergeLeLama.vbs
Supprimé! F:SergeLeLama.vbs
Supprimé! H:SergeLeLama.vbs
Supprimé! C:UsersetienneAppDataLocalTempSergeLeLama.vbs
Supprimé! F:FACEDAT.lnk
Supprimé! F:_disk_id.lnk
Supprimé! F:DCIM.lnk
Supprimé! F:DATABASE.lnk
Supprimé! H:We will look at two different articles about the crash on November 4 in the M5.lnk
Supprimé! H:lettre motivation école doctorale.lnk
Supprimé! H:vil19171017.lnk
Supprimé! H:Dette mondiale – Chine – Japon.lnk
Supprimé! H:la fin de la civilisation selon la NASA.lnk
Supprimé! H:8 questions pour en finir avec les clichés sur la théorie de l’évolution .lnk
Supprimé! H:Les Insurgés.lnk
Supprimé! H:HP4-Birnbaum-PDF.lnk
Supprimé! H:Guerre d’Espagne l’Espoir trahit.lnk
Supprimé! H:Juin 36 – Le Grand Tournant.lnk
Supprimé! H:Documentaire – Tuez-Les Tous – Genocide Rwanda – 1of2 – (Alt.lnk
Supprimé! H:plan détaillé révolution coloninal.lnk
Supprimé! H:Poisons industriels et maladies professionnelles.lnk
Supprimé! H:Loi sur les ROP 1910.lnk
Supprimé! H:Procédure-contrats-doctoraux-2014.lnk
Supprimé! H:14-15-dossier candidature- contrat- doctoral ED SHS.lnk
Supprimé! H:Programme du colloque.lnk
Supprimé! H:rédaction révolution colonial 2.lnk
Supprimé! H:attestation sur l’honneur.lnk
Supprimé! H:carte d’identité etienne zannis.lnk
Supprimé! H:compte rendu.lnk
Supprimé! H:mémoire M2.lnk
Supprimé! H:Allemagne 1918-1919.lnk
Supprimé! H:Le cauchemar de Darwin.lnk
Supprimé! H:Viva.Zapata.1952-[E.Kazan]-vostfr-M.Brando.A.Quinn_pik.lnk
Supprimé! H:.lnk
Supprimé! H:.fseventsd.lnk
Supprimé! H:.Trashes.lnk
Supprimé! H:.Spotlight-V100.lnk
Supprimé! H:.TemporaryItems.lnk
Supprimé! H:pour kevin.lnk

(!) Fichiers temporaires supprimés.

################## | Registre |

Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|EnableShellExecuteHooks -> 0
Supprimé! HKUS-1-5-21-2102277192-1199250871-659516258-1001SoftwareMicrosoftWindowsCurrentVersionRun|SergeLeLama

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [msnmsgr] ~”C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
04 – HKCU..Run : [Google Update] “C:UsersetienneAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKCU..Run : [Facebook Update] “C:UsersetienneAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKCU..Run : [ISUSPM] C:ProgramDataFLEXnetConnect11ISUSPM.exe -scheduler
04 – HKLM..Run : [StartCCC] “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
04 – HKLM..Run : [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe
04 – HKLM..Run : [avast] “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
04 – HKLM..Run : [Adobe Reader Speed Launcher] “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [SweetIM] C:Program Files (x86)SweetIMMessengerSweetIM.exe
04 – HKLM..Run : [TkBellExe] “C:Program Files (x86)RealRealPlayerUpdaterealsched.exe” -osboot
04 – HKLM..Run : [Bonus.SSR.FR11] “C:Program Files (x86)ABBYY FineReader 11Bonus.ScreenshotReader.exe” /autorun
04 – HKLM..Run : [HP Quick Launch] C:Program Files (x86)Hewlett-PackardHP Quick LaunchHPMSGSVC.exe
04 – HKLM..Run : [HPOSD] C:Program Files (x86)Hewlett-PackardHP On Screen DisplayHPOSD.exe
04 – HKLM..Run : [DNS7reminder] “C:Program Files (x86)NuanceNaturallySpeaking11EregEreg.exe” -r “C:ProgramDataNuanceNaturallySpeaking11Ereg.ini
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLM..Run : [BrStsMon00] C:Program Files (x86)Browny02BrotherBrStMonW.exe /AUTORUN
04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
04 – [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARtkNGUI64.exe -s
04 – [x64] HKLM..RunOnce : [NCPluginUpdater] “c:program files (x86)hewlett-packardhp health checkactivecheckproduct_lineNCPluginUpdater.exe” Update
04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
04 – HKUS-1-5-21-2102277192-1199250871-659516258-1001..Run : [msnmsgr] ~”C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
04 – HKUS-1-5-21-2102277192-1199250871-659516258-1001..Run : [Google Update] “C:UsersetienneAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
04 – HKUS-1-5-21-2102277192-1199250871-659516258-1001..Run : [Facebook Update] “C:UsersetienneAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
04 – HKUS-1-5-21-2102277192-1199250871-659516258-1001..Run : [ISUSPM] C:ProgramDataFLEXnetConnect11ISUSPM.exe -scheduler
04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[19/05/2014 – 08:35:55 | ASH | 2834616 Ko] – C:hiberfil.sys
[19/05/2014 – 08:36:01 | ASH | 3779488 Ko] – C:pagefile.sys
[05/09/2011 – 10:43:40 | D] – C:SYSTEM.SAV
[02/10/2011 – 14:35:19 | N | 900 Ko] – C:img2-001.raw
[19/05/2014 – 09:10:21 | D] – C:Config.Msi
[06/09/2011 – 23:41:41 | SHD] – C:$Recycle.Bin
[23/05/2014 – 15:07:11 | N | 1 Ko] – C:PhysicalDisk0_MBR.bin
[14/07/2009 – 05:20:08 | D] – C:PerfLogs
[14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
[21/11/2010 – 05:23:51 | RASH | 375 Ko] – C:bootmgr
[27/04/2011 – 02:08:19 | SHD] – C:boot
[17/06/2011 – 03:52:43 | D] – C:HP
[05/09/2011 – 10:42:21 | D] – C:Users
[05/09/2011 – 10:43:33 | SHD] – C:Recovery
[21/02/2012 – 21:45:13 | D] – C:ubuntu
[05/04/2012 – 22:53:03 | D] – C:NST
[05/04/2012 – 22:53:03 | N | 265 Ko] – C:ANG0
[11/10/2012 – 10:41:22 | RHD] – C:MSOCache
[04/12/2012 – 00:13:48 | D] – C:FFOutput
[19/01/2013 – 13:24:11 | D] – C:Administrator’s Guide
[11/12/2013 – 15:15:09 | D] – C:340b0327f23bef17f03ffc0ef2
[16/12/2013 – 08:44:27 | D] – C:31135f6482274c5d0aec
[16/12/2013 – 08:54:59 | D] – C:Brother
[19/03/2014 – 13:07:10 | D] – C:Windows
[19/03/2014 – 14:29:30 | D] – C:temp
[25/03/2014 – 21:36:20 | D] – C:Program Files
[26/03/2014 – 18:17:10 | D] – C:SWSetup
[26/03/2014 – 18:24:12 | HD] – C:ProgramData
[19/05/2014 – 09:03:26 | SHD] – C:System Volume Information
[23/05/2014 – 13:54:24 | D] – C:UsbFix
[23/05/2014 – 14:45:56 | D] – C:Program Files (x86)

################## | D: – Disque Fixe (NTFS) |

[12/10/2011 – 12:54:08 | N | 0 Ko] – D:HPSF_Rep.txt
[23/05/2010 – 14:55:46 | RASH | 0 Ko] – D:Desktop.ini
[16/04/2013 – 15:23:21 | N | 0 Ko] – D:HP_WSD.dat
[05/09/2011 – 10:49:34 | SHD] – D:$RECYCLE.BIN
[14/07/2009 – 20:39:00 | RASH | 375 Ko] – D:bootmgr
[05/09/2011 – 10:49:27 | D] – D:hp
[05/09/2011 – 10:49:27 | RASHD] – D:boot
[05/09/2011 – 10:49:27 | RSHD] – D:preload
[05/09/2011 – 10:49:27 | D] – D:RM_Reserve
[05/09/2011 – 10:49:27 | D] – D:FactoryUpdate
[09/09/2011 – 11:02:24 | SHD] – D:System Volume Information
[19/05/2014 – 18:35:18 | RSD] – D:recovery

################## | F: – Disque USB (FAT32) |

[28/05/2013 – 17:46:24 | N | 0 Ko] – F:_disk_id.pod
[01/01/1980 – 00:00:00 | N | 69 Ko] – F:FACEDAT.BIN
[01/01/1980 – 00:00:00 | D] – F:DATABASE
[01/01/1980 – 00:00:00 | D] – F:DCIM

################## | H: – Disque USB (FAT32) |

[21/05/2014 – 16:01:00 | SHD] – H:.Trashes
[21/05/2014 – 16:01:00 | SH | 4 Ko] – H:._.Trashes
[21/05/2014 – 16:08:44 | SH | 4 Ko] – H:._.TemporaryItems
[21/05/2014 – 16:08:44 | SHD] – H:.TemporaryItems
[21/05/2014 – 16:01:00 | SHD] – H:.Spotlight-V100
[13/01/2014 – 22:48:14 | N | 4 Ko] – H:We will look at two different articles about the crash on November 4 in the M5.rtf
[16/03/2014 – 18:08:18 | D] – H:Viva.Zapata.1952-[E.Kazan]-vostfr-M.Brando.A.Quinn_pik
[22/05/2014 – 08:46:34 | N | 887 Ko] – H:attestation sur l’honneur.png
[26/04/2006 – 17:51:36 | N | 107 Ko] – H:vil19171017.pdf
[19/03/2014 – 11:35:02 | N | 9 Ko] – H:Dette mondiale – Chine – Japon.pdf
[21/03/2014 – 11:43:10 | N | 50 Ko] – H:la fin de la civilisation selon la NASA.pdf
[21/03/2014 – 11:45:20 | N | 183 Ko] – H:8 questions pour en finir avec les clichés sur la théorie de l’évolution .pdf
[27/03/2014 – 10:51:22 | N | 157 Ko] – H:HP4-Birnbaum-PDF.pdf
[11/05/2014 – 13:38:52 | N | 158 Ko] – H:Loi sur les ROP 1910.pdf
[11/05/2014 – 13:38:56 | N | 154 Ko] – H:Poisons industriels et maladies professionnelles.pdf
[11/05/2014 – 13:41:10 | N | 348 Ko] – H:Procédure-contrats-doctoraux-2014.pdf
[10/04/2014 – 12:41:08 | N | 0 Ko] – H:.~lock.Topo fac avril 2014 le communisme.odt#
[12/05/2014 – 10:29:58 | N | 40 Ko] – H:plan détaillé révolution coloninal.odt
[14/05/2014 – 16:12:30 | N | 41 Ko] – H:rédaction révolution colonial 2.odt
[23/05/2014 – 11:46:42 | N | 34 Ko] – H:compte rendu. article DEVINCK.odt
[21/05/2014 – 11:14:18 | N | 241 Ko] – H:carte d’identité etienne zannis.jpg
[21/05/2014 – 16:00:58 | SHD] – H:.fseventsd
[11/05/2014 – 13:42:00 | N | 4623 Ko] – H:Programme du colloque.docx
[10/05/2014 – 13:52:50 | N | 30 Ko] – H:plan détaillé révolution coloninal.doc
[11/05/2014 – 13:41:00 | N | 154 Ko] – H:14-15-dossier candidature- contrat- doctoral ED SHS.doc
[21/05/2014 – 16:08:44 | N | 4 Ko] – H:._lettre motivation école doctorale.doc
[22/05/2014 – 18:48:10 | N | 20 Ko] – H:lettre motivation école doctorale.doc
[11/11/2006 – 20:36:46 | N | 417710 Ko] – H:Documentaire – Tuez-Les Tous – Genocide Rwanda – 1of2 – (Alt.avi
[13/11/2009 – 23:51:34 | N | 1366466 Ko] – H:Guerre d’Espagne l’Espoir trahit.avi
[13/11/2009 – 23:54:46 | N | 634418 Ko] – H:Juin 36 – Le Grand Tournant.avi
[16/08/2010 – 11:15:00 | N | 715052 Ko] – H:Les Insurgés.avi
[09/01/2012 – 17:19:12 | D] – H:Allemagne 1918-1919
[31/03/2012 – 09:57:14 | D] – H:Le cauchemar de Darwin
[27/03/2014 – 11:36:14 | D] – H:mémoire M2
[16/05/2014 – 09:00:16 | D] – H:pour kevin

################## | Vaccin |

D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net/ |