Bonsoir,
Mes supports amovibles ont été infectés par un virus qui transforme mes dossiers en raccourcis lors d'une connexion sur un PC tiers.
Je vous fais parvenir le rapport de USBfix.
Pourriez vous m'aider?
Je vous en remercie,
Cordialement
Jade
############################## | UsbFix V 7.162 | [Research]
User: Jade (Administrator) # PC-DE-JADE
Updated 27/01/2014 by El Desaparecido - Team SosVirus
Started at 22:23:54 | 29/01/2014
Website : http://www.en.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/
PC: Intel Corporation (CAPELL VALLEY(NAPA) CRB)
CPU: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
RAM -> [Total : 2045 Mo| Free : 981 Mo]
Bios: Phoenix Technologies LTD
Boot: Normal boot
OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) Service Pack 2
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Mozilla Firefox : 26.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AS: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.62.0087
A:\ -> Removable drive # 1 Mb (1 Mb free - 99%) [] # FAT
C:\ (%systemdrive%) -> Fixed drive # 148 Gb (87 Mb free - 59%) [Vista] # NTFS
D:\ -> Removable drive # 4 Gb (1 Mb free - 30%) [JADE] # FAT32
E:\ -> CD-ROM
F:\ -> Removable drive # 3 Gb (3 Mb free - 96%) [KOBOeReader] # FAT32
G:\ -> Removable drive # 4 Gb (1007 Mb free - 26%) [USBDISKPRO] # FAT32
################## | Active Processes |
C:\Windows\system32\csrss.exe (ID: 556 |ParentID: 544)
C:\Windows\system32\wininit.exe (ID: 612 |ParentID: 544)
C:\Windows\system32\csrss.exe (ID: 620 |ParentID: 604)
C:\Windows\system32\services.exe (ID: 660 |ParentID: 612)
C:\Windows\system32\lsass.exe (ID: 672 |ParentID: 612)
C:\Windows\system32\lsm.exe (ID: 680 |ParentID: 612)
C:\Windows\system32\winlogon.exe (ID: 788 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 872 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 940 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 1084 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 1116 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1148 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1264 |ParentID: 660)
C:\Windows\system32\SLsvc.exe (ID: 1288 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1340 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1524 |ParentID: 660)
C:\Windows\System32\spoolsv.exe (ID: 1696 |ParentID: 660)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (ID: 1720 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1736 |ParentID: 660)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1920 |ParentID: 660)
C:\Windows\system32\agrsmsvc.exe (ID: 1956 |ParentID: 660)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (ID: 1972 |ParentID: 660)
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (ID: 1988 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 2032 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 124 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 320 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 460 |ParentID: 660)
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (ID: 568 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1368 |ParentID: 660)
C:\Windows\system32\TODDSrv.exe (ID: 1516 |ParentID: 660)
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (ID: 1916 |ParentID: 660)
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (ID: 2068 |ParentID: 660)
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (ID: 2136 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 2172 |ParentID: 660)
C:\Windows\system32\SearchIndexer.exe (ID: 2192 |ParentID: 660)
C:\Windows\system32\taskeng.exe (ID: 2704 |ParentID: 1148)
C:\Windows\system32\Dwm.exe (ID: 2808 |ParentID: 1116)
C:\Windows\Explorer.EXE (ID: 2832 |ParentID: 2792)
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (ID: 3008 |ParentID: 2832)
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (ID: 3024 |ParentID: 2832)
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (ID: 3036 |ParentID: 2832)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 3052 |ParentID: 2832)
C:\Windows\RtHDVCpl.exe (ID: 3060 |ParentID: 2832)
C:\Program Files\ltmoh\ltmoh.exe (ID: 3076 |ParentID: 2832)
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (ID: 3088 |ParentID: 2832)
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ID: 3120 |ParentID: 2832)
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID: 3208 |ParentID: 2832)
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (ID: 3220 |ParentID: 2832)
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (ID: 3228 |ParentID: 2832)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 3236 |ParentID: 2832)
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (ID: 3244 |ParentID: 2832)
C:\Program Files\SFR\Kit\9props.exe (ID: 3256 |ParentID: 2832)
C:\Windows\ehome\ehtray.exe (ID: 3284 |ParentID: 2832)
C:\Program Files\Skype\Phone\Skype.exe (ID: 3292 |ParentID: 2832)
C:\Windows\System32\wscript.exe (ID: 3324 |ParentID: 2832)
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe (ID: 3336 |ParentID: 2832)
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (ID: 3344 |ParentID: 2832)
C:\Program Files\Synaptics\SynTP\SynToshiba.exe (ID: 3440 |ParentID: 3052)
C:\Windows\System32\rundll32.exe (ID: 3756 |ParentID: 3140)
C:\Windows\ehome\ehmsas.exe (ID: 3864 |ParentID: 872)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4056 |ParentID: 872)
C:\Windows\system32\taskeng.exe (ID: 2644 |ParentID: 1148)
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (ID: 2640 |ParentID: 1972)
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe (ID: 2452 |ParentID: 3088)
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (ID: 3276 |ParentID: 3344)
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (ID: 3016 |ParentID: 3052)
C:\Windows\system32\msiexec.exe (ID: 3540 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 3604 |ParentID: 660)
C:\Users\Jade\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (ID: 4256 |ParentID: 3904)
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (ID: 4372 |ParentID: 660)
C:\Program Files\Mozilla Firefox\firefox.exe (ID: 5528 |ParentID: 2832)
C:\Program Files\Mozilla Firefox\plugin-container.exe (ID: 5824 |ParentID: 5528)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 5704 |ParentID: 5824)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (ID: 1980 |ParentID: 5704)
C:\Windows\System32\WUDFHost.exe (ID: 4612 |ParentID: 1116)
C:\Windows\System32\mobsync.exe (ID: 5664 |ParentID: 872)
################## | Regedit Run |
04 - HKCU\..\Run : [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
04 - HKCU\..\Run : [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
04 - HKCU\..\Run : [ehTray.exe] C:\Windows\ehome\ehTray.exe
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [Spotify] "C:\Users\Jade\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
04 - HKCU\..\Run : [Spotify Web Helper] "C:\Users\Jade\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
04 - HKCU\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\Jade\AppData\Local\Temp\SURVIVAL.vbe"
04 - HKLM\..\Run : [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
04 - HKLM\..\Run : [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
04 - HKLM\..\Run : [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
04 - HKLM\..\Run : [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
04 - HKLM\..\Run : [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
04 - HKLM\..\Run : [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [RtHDVCpl] RtHDVCpl.exe
04 - HKLM\..\Run : [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
04 - HKLM\..\Run : [NDSTray.exe] NDSTray.exe
04 - HKLM\..\Run : [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
04 - HKLM\..\Run : [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
04 - HKLM\..\Run : [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
04 - HKLM\..\Run : [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
04 - HKLM\..\Run : [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
04 - HKLM\..\Run : [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
04 - HKLM\..\Run : [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [ehTray.exe] C:\Windows\ehome\ehTray.exe
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [Spotify] "C:\Users\Jade\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [Spotify Web Helper] "C:\Users\Jade\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\Jade\AppData\Local\Temp\SURVIVAL.vbe"
################## | Generic Research |
Found ! C:\Users\Jade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SURVIVAL.vbe
Found ! C:\Users\Jade\AppData\Local\Temp\SURVIVAL.vbe
Found ! D:\SURVIVAL.vbe
Found ! F:\SURVIVAL.vbe
Found ! G:\SURVIVAL.vbe
Found ! A:\.lnk
Found ! A:\.Trashes.lnk
Found ! A:\.fseventsd.lnk
Found ! D:\.lnk
Found ! D:\SOMMAIRE.lnk
Found ! D:\~WRL2968.lnk
Found ! D:\TRANCHE.lnk
Found ! D:\plan initial.lnk
Found ! D:\F.lnk
Found ! D:\RCP.lnk
Found ! D:\fin mémoire.lnk
Found ! D:\mercredi.lnk
Found ! D:\5 transfert personnalisé.lnk
Found ! D:\DESMBD.lnk
Found ! D:\innervation.lnk
Found ! D:\anatomie-du-crane-humain.lnk
Found ! D:\textes et shemas emd et lpa ducpc 2013.lnk
Found ! D:\DUI III-2B.lnk
Found ! D:\DUI III-1A.lnk
Found ! D:\nerf maxillaire.lnk
Found ! D:\Mémoire DU1.lnk
Found ! D:\BIBLIOGRAPHIE Jade MEMOIRE DU1.lnk
Found ! D:\Piliers en prothèse implantaire TAVITIAN.lnk
Found ! D:\Diaporama DUPC.lnk
Found ! D:\Mémoire Anais.lnk
Found ! D:\20131108143942.lnk
Found ! D:\Froge_Colette.lnk
Found ! D:\Cas clinique DU de Parodontologie clinique [Enregistrement automatique].lnk
Found ! D:\Cas clinique DU de Parodontologie clinique Last version.lnk
Found ! D:\00implandavarpana.lnk
Found ! D:\DUI Marilena.lnk
Found ! D:\endothèse.lnk
Found ! D:\amberto.lnk
Found ! D:\gab.lnk
Found ! D:\ventoso.lnk
Found ! D:\Photos.lnk
Found ! D:\.Trashes.lnk
Found ! D:\.Spotlight-V100.lnk
Found ! D:\mémoire fin.lnk
Found ! D:\mémoire dui.lnk
Found ! D:\des lyon.lnk
Found ! D:\U3ROM.lnk
Found ! D:\gab frénectomie.lnk
Found ! D:\Barioz.lnk
Found ! D:\.TemporaryItems.lnk
Found ! D:\eBook - SF & Fantasy - A2Y- FP - Noel 2013.lnk
Found ! D:\George R.R. Martin.lnk
Found ! F:\autorun.lnk
Found ! F:\.kobo.lnk
Found ! F:\.adobe-digital-editions.lnk
Found ! F:\.kobo-images.lnk
Found ! F:\Digital Editions.lnk
Found ! F:\U3ROM.lnk
Found ! F:\George R.R. Martin.lnk
Found ! F:\Robin Hobb.lnk
Found ! G:\DESMBD.lnk
Found ! G:\~WRL0003.lnk
Found ! G:\~WRL3893.lnk
Found ! G:\.lnk
Found ! G:\~WRL1346.lnk
Found ! G:\DUI.lnk
Found ! G:\ppt biom.lnk
Found ! G:\DES.lnk
Found ! G:\vannieri.lnk
Found ! G:\LSF.lnk
Found ! G:\Thumbs.lnk
Found ! G:\cours.lnk
Found ! G:\biom.lnk
Found ! G:\ppt compatible.lnk
Found ! G:\Thumbs .lnk
Found ! G:\QCM BLANC BIOM.lnk
Found ! G:\FICHE ANALYTIQUE ARTICLE.lnk
Found ! G:\histologie et physiologie osseuse.lnk
Found ! G:\UDPv268.lnk
Found ! G:\20140110122632.lnk
Found ! G:\USB Disk Pro v2.lnk
Found ! G:\hemato DESCO 24 jan 2013.lnk
Found ! G:\Modeling neolithic dispersal in central Europe.lnk
Found ! G:\CANCERO DESCO 2013 - Copie.lnk
Found ! G:\ceramiques_DUORE_2010_FILEminimizer_.lnk
Found ! G:\WMPInfo.lnk
Found ! G:\fiche_de_lecture_dose-response.lnk
Found ! G:\.Trashes.lnk
Found ! G:\.fseventsd.lnk
Found ! G:\Treatment of periodontal disease for glycaemic control in.lnk
Found ! G:\Perotti jeanne.lnk
Found ! G:\.Spotlight-V100.lnk
Found ! G:\cours TAVITIAN.lnk
Found ! G:\DUSSILLOL roland.lnk
Found ! G:\photo Guadeloupe.lnk
Found ! G:\IMPRESSION MEMOIRE DUI.lnk
Found ! G:\connectique interne externe.lnk
Found ! G:\Autorun.inf.lnk
Found ! G:\maladie de Heck.lnk
Found ! G:\.TemporaryItems.lnk
Found ! G:\articles csct.lnk
Found ! G:\Thèse Raphaelle.lnk
Found ! G:\statut m mozerys.lnk
Found ! G:\OrdersDir.lnk
Found ! G:\Logiciels Shape.lnk
Found ! G:\Thumbs .db
Found ! G:\Thumbs.com
Found ! D:\U3ROM
Found ! F:\U3ROM
################## | Registry |
Found ! HKU\S-1-5-21-733754882-2014061590-3818953739-1000\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
Found ! HKU\S-1-5-21-733754882-2014061590-3818953739-1000\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
################## | Vaccin |
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
[infection] USB dossiers en raccourcis
Modérateurs : Mods Windows, Helper
- Messages : 2385
- Inscription : 10 mai 2008 13:45
- Localisation : NANCY
Re: [infection] USB dossiers en raccourcis
Bonjour
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir
Passe USBfix en mode suppression
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir
Passe USBfix en mode suppression
Re: [infection] USB dossiers en raccourcis
Bonsoir,
Merci de votre aide. Voici le rapport:
############################## | UsbFix V 7.162 | [Deletion]
User: Jade (Administrator) # PC-DE-JADE
Updated 27/01/2014 by El Desaparecido - Team SosVirus
Started at 21:17:50 | 30/01/2014
Website : http://www.en.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/
PC: Intel Corporation (CAPELL VALLEY(NAPA) CRB)
CPU: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
RAM -> [Total : 2045 Mo| Free : 1407 Mo]
Bios: Phoenix Technologies LTD
Boot: Normal boot
OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) Service Pack 2
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Mozilla Firefox : 26.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AS: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.62.0087
A:\ -> Removable drive # 1 Mb (1 Mb free - 99%) [] # FAT
C:\ (%systemdrive%) -> Fixed drive # 148 Gb (87 Mb free - 59%) [Vista] # NTFS
D:\ -> Removable drive # 4 Gb (1 Mb free - 30%) [JADE] # FAT32
E:\ -> CD-ROM
F:\ -> Removable drive # 3 Gb (3 Mb free - 96%) [KOBOeReader] # FAT32
G:\ -> Removable drive # 4 Gb (1007 Mb free - 26%) [USBDISKPRO] # FAT32
################## | Active Processes |
C:\Windows\system32\csrss.exe (ID: 556 |ParentID: 544)
C:\Windows\system32\csrss.exe (ID: 612 |ParentID: 604)
C:\Windows\system32\wininit.exe (ID: 620 |ParentID: 544)
C:\Windows\system32\services.exe (ID: 660 |ParentID: 620)
C:\Windows\system32\lsass.exe (ID: 672 |ParentID: 620)
C:\Windows\system32\lsm.exe (ID: 680 |ParentID: 620)
C:\Windows\system32\winlogon.exe (ID: 724 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 872 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 940 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 1080 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 1108 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1140 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1260 |ParentID: 660)
C:\Windows\system32\SLsvc.exe (ID: 1288 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1368 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1500 |ParentID: 660)
C:\Windows\System32\spoolsv.exe (ID: 1684 |ParentID: 660)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (ID: 1708 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1728 |ParentID: 660)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1920 |ParentID: 660)
C:\Windows\system32\agrsmsvc.exe (ID: 1936 |ParentID: 660)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (ID: 1964 |ParentID: 660)
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (ID: 1984 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 2032 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 328 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 524 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 560 |ParentID: 660)
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (ID: 480 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1572 |ParentID: 660)
C:\Windows\system32\TODDSrv.exe (ID: 1932 |ParentID: 660)
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (ID: 1392 |ParentID: 660)
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (ID: 504 |ParentID: 660)
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (ID: 2120 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 2172 |ParentID: 660)
C:\Windows\system32\SearchIndexer.exe (ID: 2204 |ParentID: 660)
C:\Windows\System32\WUDFHost.exe (ID: 2536 |ParentID: 1108)
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (ID: 2892 |ParentID: 1964)
C:\Windows\system32\taskeng.exe (ID: 3040 |ParentID: 1140)
C:\Windows\system32\taskeng.exe (ID: 3828 |ParentID: 1140)
C:\Windows\system32\Dwm.exe (ID: 3880 |ParentID: 1108)
C:\Windows\Explorer.EXE (ID: 3896 |ParentID: 3860)
C:\Windows\system32\runonce.exe (ID: 4024 |ParentID: 3896)
C:\Windows\system32\svchost.exe (ID: 4080 |ParentID: 660)
C:\Windows\system32\PresentationSettings.exe (ID: 1424 |ParentID: 3828)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 1564 |ParentID: 872)
################## | Regedit Run |
04 - HKCU\..\Run : [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
04 - HKCU\..\Run : [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
04 - HKCU\..\Run : [ehTray.exe] C:\Windows\ehome\ehTray.exe
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\Jade\AppData\Local\Temp\SURVIVAL.vbe"
04 - HKLM\..\Run : [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
04 - HKLM\..\Run : [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
04 - HKLM\..\Run : [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
04 - HKLM\..\Run : [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
04 - HKLM\..\Run : [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
04 - HKLM\..\Run : [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [RtHDVCpl] RtHDVCpl.exe
04 - HKLM\..\Run : [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
04 - HKLM\..\Run : [NDSTray.exe] NDSTray.exe
04 - HKLM\..\Run : [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
04 - HKLM\..\Run : [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
04 - HKLM\..\Run : [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
04 - HKLM\..\Run : [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
04 - HKLM\..\Run : [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
04 - HKLM\..\Run : [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
04 - HKLM\..\Run : [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [ehTray.exe] C:\Windows\ehome\ehTray.exe
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\Jade\AppData\Local\Temp\SURVIVAL.vbe"
################## | Generic Research |
Deleted ! C:\Users\Jade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SURVIVAL.vbe
Deleted ! C:\Users\Jade\AppData\Local\Temp\SURVIVAL.vbe
Deleted ! D:\SURVIVAL.vbe
Deleted ! F:\SURVIVAL.vbe
Deleted ! G:\SURVIVAL.vbe
Deleted ! A:\.lnk
Deleted ! A:\.Trashes.lnk
Deleted ! A:\.fseventsd.lnk
Deleted ! D:\.lnk
Deleted ! D:\SOMMAIRE.lnk
Deleted ! D:\~WRL2968.lnk
Deleted ! D:\TRANCHE.lnk
Deleted ! D:\plan initial.lnk
Deleted ! D:\F.lnk
Deleted ! D:\RCP.lnk
Deleted ! D:\fin mémoire.lnk
Deleted ! D:\mercredi.lnk
Deleted ! D:\5 transfert personnalisé.lnk
Deleted ! D:\DESMBD.lnk
Deleted ! D:\innervation.lnk
Deleted ! D:\anatomie-du-crane-humain.lnk
Deleted ! D:\textes et shemas emd et lpa ducpc 2013.lnk
Deleted ! D:\DUI III-2B.lnk
Deleted ! D:\DUI III-1A.lnk
Deleted ! D:\nerf maxillaire.lnk
Deleted ! D:\Mémoire DU1.lnk
Deleted ! D:\BIBLIOGRAPHIE Jade MEMOIRE DU1.lnk
Deleted ! D:\Piliers en prothèse implantaire TAVITIAN.lnk
Deleted ! D:\Diaporama DUPC.lnk
Deleted ! D:\Mémoire Anais.lnk
Deleted ! D:\20131108143942.lnk
Deleted ! D:\Froge_Colette.lnk
Deleted ! D:\Cas clinique DU de Parodontologie clinique [Enregistrement automatique].lnk
Deleted ! D:\Cas clinique DU de Parodontologie clinique Last version.lnk
Deleted ! D:\00implandavarpana.lnk
Deleted ! D:\DUI Marilena.lnk
Deleted ! D:\endothèse.lnk
Deleted ! D:\amberto.lnk
Deleted ! D:\gab.lnk
Deleted ! D:\ventoso.lnk
Deleted ! D:\Photos.lnk
Deleted ! D:\.Trashes.lnk
Deleted ! D:\.Spotlight-V100.lnk
Deleted ! D:\mémoire fin.lnk
Deleted ! D:\mémoire dui.lnk
Deleted ! D:\des lyon.lnk
Deleted ! D:\U3ROM.lnk
Deleted ! D:\gab frénectomie.lnk
Deleted ! D:\Barioz.lnk
Deleted ! D:\.TemporaryItems.lnk
Deleted ! D:\eBook - SF & Fantasy - A2Y- FP - Noel 2013.lnk
Deleted ! D:\George R.R. Martin.lnk
Deleted ! F:\autorun.lnk
Deleted ! F:\.kobo.lnk
Deleted ! F:\.adobe-digital-editions.lnk
Deleted ! F:\.kobo-images.lnk
Deleted ! F:\Digital Editions.lnk
Deleted ! F:\U3ROM.lnk
Deleted ! F:\George R.R. Martin.lnk
Deleted ! F:\Robin Hobb.lnk
Deleted ! G:\DESMBD.lnk
Deleted ! G:\~WRL0003.lnk
Deleted ! G:\~WRL3893.lnk
Deleted ! G:\.lnk
Deleted ! G:\~WRL1346.lnk
Deleted ! G:\DUI.lnk
Deleted ! G:\ppt biom.lnk
Deleted ! G:\DES.lnk
Deleted ! G:\vannieri.lnk
Deleted ! G:\LSF.lnk
Deleted ! G:\Thumbs.lnk
Deleted ! G:\cours.lnk
Deleted ! G:\biom.lnk
Deleted ! G:\ppt compatible.lnk
Deleted ! G:\Thumbs .lnk
Deleted ! G:\QCM BLANC BIOM.lnk
Deleted ! G:\FICHE ANALYTIQUE ARTICLE.lnk
Deleted ! G:\histologie et physiologie osseuse.lnk
Deleted ! G:\UDPv268.lnk
Deleted ! G:\20140110122632.lnk
Deleted ! G:\USB Disk Pro v2.lnk
Deleted ! G:\hemato DESCO 24 jan 2013.lnk
Deleted ! G:\Modeling neolithic dispersal in central Europe.lnk
Deleted ! G:\CANCERO DESCO 2013 - Copie.lnk
Deleted ! G:\ceramiques_DUORE_2010_FILEminimizer_.lnk
Deleted ! G:\WMPInfo.lnk
Deleted ! G:\fiche_de_lecture_dose-response.lnk
Deleted ! G:\.Trashes.lnk
Deleted ! G:\.fseventsd.lnk
Deleted ! G:\Treatment of periodontal disease for glycaemic control in.lnk
Deleted ! G:\Perotti jeanne.lnk
Deleted ! G:\.Spotlight-V100.lnk
Deleted ! G:\cours TAVITIAN.lnk
Deleted ! G:\DUSSILLOL roland.lnk
Deleted ! G:\photo Guadeloupe.lnk
Deleted ! G:\IMPRESSION MEMOIRE DUI.lnk
Deleted ! G:\connectique interne externe.lnk
Deleted ! G:\Autorun.inf.lnk
Deleted ! G:\maladie de Heck.lnk
Deleted ! G:\.TemporaryItems.lnk
Deleted ! G:\articles csct.lnk
Deleted ! G:\Thèse Raphaelle.lnk
Deleted ! G:\statut m mozerys.lnk
Deleted ! G:\OrdersDir.lnk
Deleted ! G:\Logiciels Shape.lnk
Deleted ! G:\Thumbs .db
Not deleted ! G:\Thumbs.com
Deleted ! D:\U3ROM
Deleted ! F:\U3ROM
(!) Temporary files deleted.
################## | Registry |
Repaired ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
Repaired ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Deleted ! HKU\S-1-5-21-733754882-2014061590-3818953739-1000\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
################## | Listing |
[30/09/2008 - 19:25:20 | SH | 4 Ko] - A:\._.Trashes
[30/09/2008 - 19:25:20 | SHD] - A:\.Trashes
[15/02/2010 - 19:59:36 | SH | 6 Ko] - A:\.DS_Store
[18/06/2013 - 17:37:18 | SHD] - A:\.fseventsd
[01/11/2010 - 15:02:32 | SHD] - C:\$Recycle.Bin
[09/09/2012 - 14:10:27 | N | 10 Ko | 9F407EA9D38754896A5DE68716D56313] - C:\AdwCleaner[R1].txt
[09/09/2012 - 14:10:55 | N | 11 Ko | 5A222651C03290BD73DC9BFF49FB58D3] - C:\AdwCleaner[S1].txt
[18/09/2006 - 22:43:36 | A | 0 Ko] - C:\autoexec.bat
[07/11/2010 - 18:43:07 | SHD] - C:\Boot
[11/04/2009 - 07:36:36 | RASH | 325 Ko] - C:\bootmgr
[18/12/2006 - 08:01:27 | RAS | 8 Ko] - C:\BOOTSECT.BAK
[20/01/2014 - 19:34:36 | D] - C:\Config.Msi
[18/09/2006 - 22:43:37 | N | 0 Ko] - C:\config.sys
[18/03/2013 - 11:03:04 | D] - C:\DentalData
[02/11/2006 - 14:02:03 | SHD] - C:\Documents and Settings
[30/01/2014 - 21:13:41 | ASH | 2095160 Ko] - C:\hiberfil.sys
[02/05/2007 - 11:03:15 | N | 262 Ko | F0679DBF271A905E28C4E9FFCD253D97] - C:\hpzids01.dll
[01/11/2010 - 16:00:23 | RHD] - C:\MSOCache
[30/01/2014 - 21:13:38 | ASH | 2401600 Ko] - C:\pagefile.sys
[07/11/2010 - 15:20:29 | D] - C:\PerfLogs
[15/01/2014 - 20:44:26 | D] - C:\Program Files
[20/10/2013 - 20:59:41 | HD] - C:\ProgramData
[05/11/2010 - 22:29:13 | D] - C:\rsit
[21/12/2006 - 09:52:52 | N | 0 Ko | 30C71AFB9895A640EC44451C85A667F6] - C:\SWSTAMP.TXT
[20/01/2014 - 19:29:50 | SHD] - C:\System Volume Information
[05/11/2010 - 22:28:48 | N | 54 Ko | B4A9EE28C4C55F6C0797093C2B0F8BEE] - C:\TDSSKiller.2.4.6.0_05.11.2010_22.03.49_log.txt
[01/11/2010 - 15:02:25 | D] - C:\Toshiba
[29/01/2014 - 22:22:17 | D] - C:\UsbFix
[30/01/2014 - 21:38:11 | A | 13 Ko | 037042652516819F049E3A299C6B55CB] - C:\UsbFix [Clean 2] PC-DE-JADE.txt
[29/01/2014 - 23:15:51 | N | 14 Ko | 8A1B0569AE1A7C77843EE72E37179EE8] - C:\UsbFix [Scan 1] PC-DE-JADE.txt
[01/11/2010 - 15:01:40 | D] - C:\Users
[18/12/2006 - 10:30:41 | N | 464 Ko] - C:\vcredist_x86.log
[13/12/2013 - 19:21:28 | D] - C:\Windows
[21/12/2006 - 09:37:12 | T | 21 Ko] - C:\_wdsuef.dmp
[14/05/2013 - 12:49:46 | D] - D:\DUI Marilena
[11/10/2013 - 00:59:52 | D] - D:\endothèse
[22/06/2013 - 15:39:12 | N | 4 Ko] - D:\._Froge_Colette.ppt
[22/06/2013 - 15:39:48 | N | 4 Ko] - D:\._histologie et physiologie osseuse CATHERINE.ppt
[31/07/2013 - 09:07:10 | D] - D:\amberto
[31/07/2013 - 08:59:20 | D] - D:\gab
[31/07/2013 - 09:05:10 | D] - D:\ventoso
[22/06/2013 - 15:40:22 | D] - D:\Photos
[01/09/2013 - 12:16:48 | N | 34 Ko] - D:\SOMMAIRE.doc
[30/08/2013 - 11:38:06 | N | 19 Ko] - D:\~WRL2968.tmp
[02/09/2013 - 00:40:58 | N | 45 Ko] - D:\TRANCHE.doc
[14/01/2013 - 10:40:26 | SH | 4 Ko] - D:\._.Trashes
[14/01/2013 - 10:40:26 | SHD] - D:\.Trashes
[14/01/2013 - 10:40:26 | SHD] - D:\.Spotlight-V100
[02/09/2013 - 00:47:18 | D] - D:\mémoire fin
[14/01/2013 - 10:41:06 | N | 4 Ko] - D:\._histologie et physiologie osseuse.ppt
[30/08/2013 - 11:37:32 | N | 14 Ko] - D:\plan initial.docx
[02/09/2013 - 00:45:34 | N | 120277 Ko] - D:\fin mémoire.doc
[31/08/2013 - 16:16:44 | N | 7737 Ko] - D:\5 transfert personnalisé.pdf
[31/08/2013 - 20:48:12 | N | 33 Ko] - D:\anatomie-du-crane-humain.jpg
[31/08/2013 - 20:56:14 | N | 18 Ko] - D:\innervation.jpg
[05/02/2013 - 20:37:28 | N | 43916 Ko] - D:\textes et shemas emd et lpa ducpc 2013.pptx
[12/02/2013 - 21:32:48 | N | 80 Ko] - D:\DUI III-2B.docx
[05/09/2013 - 21:20:00 | D] - D:\mémoire dui
[08/02/2013 - 11:41:38 | N | 3890 Ko] - D:\F. Louise éléménts DUPC sém 2 2013.pptx
[12/02/2013 - 21:36:02 | N | 4 Ko] - D:\._DUI III-2B.docx
[11/02/2013 - 11:48:04 | N | 148 Ko] - D:\DUI III-1A.docx
[12/02/2013 - 21:37:32 | N | 4 Ko] - D:\._DUI III-1A.docx
[31/08/2013 - 20:57:36 | N | 129 Ko] - D:\nerf maxillaire.png
[01/09/2013 - 16:25:40 | N | 120253 Ko] - D:\Mémoire DU1.doc
[12/02/2013 - 22:28:44 | D] - D:\des lyon
[01/09/2013 - 16:47:02 | N | 33 Ko] - D:\BIBLIOGRAPHIE Jade MEMOIRE DU1.doc
[01/05/2013 - 13:01:28 | N | 4221 Ko] - D:\Piliers en prothèse implantaire TAVITIAN.pdf
[10/09/2013 - 21:02:50 | D] - D:\gab frénectomie
[18/09/2013 - 08:04:20 | N | 38104 Ko] - D:\Diaporama DUPC.pps
[07/05/2013 - 17:35:02 | N | 3920 Ko] - D:\Mémoire Anais.pdf
[08/11/2013 - 14:39:46 | N | 335 Ko] - D:\20131108143942.pdf
[29/05/2013 - 17:59:18 | N | 65186 Ko] - D:\Froge_Colette.ppt
[13/09/2013 - 20:09:18 | N | 15352 Ko] - D:\Cas clinique DU de Parodontologie clinique [Enregistrement automatique].ppt
[18/09/2013 - 06:55:28 | N | 38109 Ko] - D:\Cas clinique DU de Parodontologie clinique Last version.ppt
[17/09/2013 - 14:48:48 | N | 4 Ko] - D:\._Cas clinique DU de Parodontologie clinique Last version.ppt
[12/12/2013 - 10:20:24 | N | 183 Ko] - D:\RCP.pdf
[05/12/2013 - 12:24:34 | D] - D:\Barioz
[11/12/2013 - 01:11:22 | N | 13727 Ko] - D:\mercredi.pptx
[16/12/2013 - 19:15:18 | N | 4 Ko] - D:\._DESMBD.ppt
[16/12/2013 - 18:52:54 | SHD] - D:\.TemporaryItems
[16/12/2013 - 18:52:54 | SH | 4 Ko] - D:\._.TemporaryItems
[18/04/2010 - 12:49:40 | N | 109187 Ko] - D:\00implandavarpana.pdf
[17/12/2013 - 00:43:56 | N | 50610 Ko] - D:\DESMBD.ppt
[01/01/2014 - 21:34:30 | D] - D:\eBook - SF & Fantasy - A2Y- FP - Noel 2013
[01/01/2014 - 22:34:38 | D] - D:\George R.R. Martin
[30/01/2014 - 20:11:00 | D] - F:\.kobo
[13/07/2013 - 16:04:54 | D] - F:\.adobe-digital-editions
[01/01/2014 - 21:37:12 | D] - F:\.kobo-images
[25/12/2013 - 15:50:20 | D] - F:\Digital Editions
[01/01/2014 - 22:38:14 | N | 1 Ko] - F:\autorun.inf
[01/01/2014 - 22:36:46 | D] - F:\George R.R. Martin
[01/01/2014 - 22:37:50 | D] - F:\Robin Hobb
[18/04/2012 - 23:07:48 | N | 80420 Ko] - G:\.HPIMAGE.VFS
[26/05/2012 - 20:24:42 | N | 93 Ko] - G:\ppt biom.pptx
[14/01/2013 - 19:48:12 | D] - G:\DUI
[01/04/2011 - 16:13:22 | N | 4 Ko] - G:\._Etio générales crs 2 cycle.doc
[18/06/2013 - 17:37:16 | SHD] - G:\.fseventsd
[27/01/2012 - 18:44:20 | D] - G:\DES
[19/09/2012 - 17:28:00 | D] - G:\vannieri
[20/01/2014 - 07:57:50 | N | 50610 Ko] - G:\DESMBD.ppt
[30/09/2008 - 19:25:12 | SHD] - G:\.Trashes
[20/02/2012 - 17:22:50 | D] - G:\Perotti jeanne
[30/09/2008 - 19:25:12 | SH | 4 Ko] - G:\._.Trashes
[25/03/2008 - 16:33:18 | N | 75230 Ko] - G:\~WRL0003.tmp
[23/03/2008 - 18:56:02 | N | 71498 Ko] - G:\~WRL3893.tmp
[22/03/2008 - 16:20:12 | N | 12419 Ko] - G:\~WRL1346.tmp
[30/09/2008 - 19:25:14 | SHD] - G:\.Spotlight-V100
[29/01/2009 - 09:51:38 | N | 4 Ko] - G:\._cours neuro D1.ppt
[31/01/2011 - 20:00:02 | D] - G:\LSF
[30/09/2008 - 19:25:26 | N | 4 Ko] - G:\._terrain_part.ppt
[01/04/2011 - 16:13:22 | N | 4 Ko] - G:\._FACTEURS DE RISQUES 2006.doc
[29/05/2012 - 14:44:00 | N | 565 Ko] - G:\ppt compatible.ppt
[01/10/2008 - 16:55:28 | N | 0 Ko] - G:\._inflammation cours.doc
[24/05/2012 - 16:47:14 | N | 2435 Ko] - G:\QCM BLANC BIOM.doc
[12/11/2008 - 15:42:58 | N | 4 Ko] - G:\._12-11-2008_antalgiques_dentaires_KL - copie.pdf
[18/06/2013 - 17:37:36 | D] - G:\cours TAVITIAN
[02/03/2012 - 11:05:06 | D] - G:\DUSSILLOL roland
[17/04/2012 - 00:16:48 | N | 43 Ko] - G:\FICHE ANALYTIQUE ARTICLE.doc
[06/01/2014 - 22:48:50 | D] - G:\photo Guadeloupe
[03/12/2012 - 15:45:58 | N | 168556 Ko] - G:\histologie et physiologie osseuse.ppt
[26/01/2011 - 11:55:20 | N | 93 Ko] - G:\._NO NAME
[24/01/2013 - 15:44:24 | N | 2066 Ko] - G:\hemato DESCO 24 jan 2013.pdf
[26/01/2011 - 11:55:24 | N | 93 Ko] - G:\._NO NAME alias
[26/01/2011 - 11:55:34 | N | 4 Ko] - G:\._Plan .docx
[30/05/2012 - 23:21:42 | N | 149 Ko] - G:\Modeling neolithic dispersal in central Europe.pptx
[26/01/2011 - 11:55:36 | N | 4 Ko] - G:\._mémoire.docx
[15/02/2010 - 20:01:20 | SH | 6 Ko] - G:\.DS_Store
[24/01/2013 - 15:49:42 | N | 3817 Ko] - G:\CANCERO DESCO 2013 - Copie.pdf
[24/02/2013 - 19:30:16 | D] - G:\connectique interne externe
[10/02/2010 - 16:52:46 | N | 4 Ko] - G:\._chir pré prothétique D2 2008.pdf
[06/09/2013 - 03:44:42 | D] - G:\IMPRESSION MEMOIRE DUI
[15/02/2010 - 20:00:42 | N | 0 Ko] - G:\._2009 EXTRAC 8.ppt
[31/01/2011 - 12:01:50 | N | 4 Ko] - G:\._questions internat-2.pdf
[16/03/2011 - 20:15:08 | N | 4 Ko] - G:\._Internat ODF.key
[01/04/2011 - 16:12:22 | N | 4 Ko] - G:\._P2.jpg
[01/04/2011 - 16:12:24 | N | 4 Ko] - G:\._P4.jpg
[16/03/2009 - 21:46:40 | N | 40 Ko | D41D8CD98F00B204E9800998ECF8427E] - G:\Thumbs.com
[01/04/2011 - 16:12:24 | N | 4 Ko] - G:\._P5.jpg
[10/01/2014 - 12:26:42 | N | 71 Ko] - G:\20140110122632.pdf
[01/04/2011 - 16:12:24 | N | 4 Ko] - G:\._P6.jpg
[01/04/2011 - 16:12:26 | N | 4 Ko] - G:\._P7.jpg
[01/04/2011 - 16:12:26 | N | 4 Ko] - G:\._P8.jpg
[01/04/2011 - 16:12:26 | N | 4 Ko] - G:\._P9.jpg
[01/04/2011 - 16:12:26 | N | 4 Ko] - G:\._P10-1.jpg
[01/04/2011 - 16:12:40 | N | 4 Ko] - G:\._CAS 7.jpg
[12/02/2013 - 22:22:18 | N | 9903 Ko] - G:\ceramiques_DUORE_2010_FILEminimizer_.ppt
[01/04/2011 - 16:12:44 | N | 4 Ko] - G:\._CAS 8.jpg
[01/04/2011 - 16:13:20 | N | 4 Ko] - G:\._2008-11 ALetAG POG.ppt
[18/04/2011 - 11:28:16 | D] - G:\maladie de Heck
[01/04/2011 - 16:13:22 | N | 4 Ko] - G:\._Histo- Physiologie du parodonte 2.doc
[12/10/2006 - 16:00:16 | N | 196 Ko | 976F2355AEB9920F57C63F2CE31674A9] - G:\UDPv268.exe
[30/05/2005 - 18:26:08 | N | 350 Ko] - G:\USB Disk Pro v2.55.pdf
[01/04/2011 - 17:44:02 | N | 4 Ko] - G:\._CAS 8.docx
[13/04/2011 - 18:06:06 | SHD] - G:\.TemporaryItems
[12/04/2011 - 09:29:30 | D] - G:\articles csct
[13/04/2011 - 18:06:06 | SH | 4 Ko] - G:\._.TemporaryItems
[13/04/2011 - 18:18:04 | N | 4 Ko] - G:\._Internat ODF.pdf
[14/10/2008 - 00:09:34 | D] - G:\cours
[23/04/2011 - 14:04:42 | N | 4 Ko] - G:\._TBBT_0418_VOSTFR.avi
[01/11/2008 - 12:43:02 | N | 0 Ko] - G:\WMPInfo.xml
[23/04/2011 - 14:05:36 | N | 4 Ko] - G:\._The.Big.Bang.Theory.S04E17.FASTSUB.VOSTFR.HDTV.XviD-RAW.WWW.SERIES-DDL.COM.avi
[23/04/2011 - 14:06:26 | N | 4 Ko] - G:\._the.big.bang.theory.S04E19.vostfr.mass.avi
[23/04/2011 - 14:07:18 | N | 4 Ko] - G:\._The.Big.Bang.Theory.S04E20.PROPER.VOSTFR.HDTV.XviD-SSL.avi
[11/11/2011 - 16:03:50 | N | 4 Ko] - G:\._MARSEILLE_SAINT_CHARLES-TOULOUSE_MATABIAU_17-11-11_NITUSGAU_JADE_QMRLVA_4XaiXJTVCvmUPuYnGfsC.pdf
[06/11/2011 - 22:36:54 | D] - G:\Thèse Raphaelle
[03/01/2012 - 17:53:30 | D] - G:\statut m mozerys
[19/04/2012 - 00:00:12 | N | 58 Ko] - G:\fiche_de_lecture_dose-response.doc
[19/04/2012 - 08:31:44 | N | 100 Ko] - G:\Treatment of periodontal disease for glycaemic control in.pptx
[11/05/2012 - 09:31:38 | D] - G:\OrdersDir
[11/05/2012 - 09:35:30 | D] - G:\Logiciels Shape
[17/05/2012 - 20:18:10 | D] - G:\biom
################## | Vaccin |
A:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
Merci de votre aide. Voici le rapport:
############################## | UsbFix V 7.162 | [Deletion]
User: Jade (Administrator) # PC-DE-JADE
Updated 27/01/2014 by El Desaparecido - Team SosVirus
Started at 21:17:50 | 30/01/2014
Website : http://www.en.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/
PC: Intel Corporation (CAPELL VALLEY(NAPA) CRB)
CPU: Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz
RAM -> [Total : 2045 Mo| Free : 1407 Mo]
Bios: Phoenix Technologies LTD
Boot: Normal boot
OS: Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-Bit) Service Pack 2
WB: Windows Internet Explorer : 9.0.8112.16421
WB: Mozilla Firefox : 26.0
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Avira Desktop [(!) Disabled | Updated]
AS: Avira Desktop [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
FW: Windows FireWall [(!) Disabled]
AS: Malwarebytes' Anti-Malware : 1.62.0087
A:\ -> Removable drive # 1 Mb (1 Mb free - 99%) [] # FAT
C:\ (%systemdrive%) -> Fixed drive # 148 Gb (87 Mb free - 59%) [Vista] # NTFS
D:\ -> Removable drive # 4 Gb (1 Mb free - 30%) [JADE] # FAT32
E:\ -> CD-ROM
F:\ -> Removable drive # 3 Gb (3 Mb free - 96%) [KOBOeReader] # FAT32
G:\ -> Removable drive # 4 Gb (1007 Mb free - 26%) [USBDISKPRO] # FAT32
################## | Active Processes |
C:\Windows\system32\csrss.exe (ID: 556 |ParentID: 544)
C:\Windows\system32\csrss.exe (ID: 612 |ParentID: 604)
C:\Windows\system32\wininit.exe (ID: 620 |ParentID: 544)
C:\Windows\system32\services.exe (ID: 660 |ParentID: 620)
C:\Windows\system32\lsass.exe (ID: 672 |ParentID: 620)
C:\Windows\system32\lsm.exe (ID: 680 |ParentID: 620)
C:\Windows\system32\winlogon.exe (ID: 724 |ParentID: 604)
C:\Windows\system32\svchost.exe (ID: 872 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 940 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 1080 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 1108 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1140 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1260 |ParentID: 660)
C:\Windows\system32\SLsvc.exe (ID: 1288 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1368 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1500 |ParentID: 660)
C:\Windows\System32\spoolsv.exe (ID: 1684 |ParentID: 660)
C:\Program Files\Avira\AntiVir Desktop\sched.exe (ID: 1708 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1728 |ParentID: 660)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1920 |ParentID: 660)
C:\Windows\system32\agrsmsvc.exe (ID: 1936 |ParentID: 660)
C:\Program Files\Avira\AntiVir Desktop\avguard.exe (ID: 1964 |ParentID: 660)
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (ID: 1984 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 2032 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 328 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 524 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 560 |ParentID: 660)
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (ID: 480 |ParentID: 660)
C:\Windows\system32\svchost.exe (ID: 1572 |ParentID: 660)
C:\Windows\system32\TODDSrv.exe (ID: 1932 |ParentID: 660)
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (ID: 1392 |ParentID: 660)
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (ID: 504 |ParentID: 660)
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (ID: 2120 |ParentID: 660)
C:\Windows\System32\svchost.exe (ID: 2172 |ParentID: 660)
C:\Windows\system32\SearchIndexer.exe (ID: 2204 |ParentID: 660)
C:\Windows\System32\WUDFHost.exe (ID: 2536 |ParentID: 1108)
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (ID: 2892 |ParentID: 1964)
C:\Windows\system32\taskeng.exe (ID: 3040 |ParentID: 1140)
C:\Windows\system32\taskeng.exe (ID: 3828 |ParentID: 1140)
C:\Windows\system32\Dwm.exe (ID: 3880 |ParentID: 1108)
C:\Windows\Explorer.EXE (ID: 3896 |ParentID: 3860)
C:\Windows\system32\runonce.exe (ID: 4024 |ParentID: 3896)
C:\Windows\system32\svchost.exe (ID: 4080 |ParentID: 660)
C:\Windows\system32\PresentationSettings.exe (ID: 1424 |ParentID: 3828)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 1564 |ParentID: 872)
################## | Regedit Run |
04 - HKCU\..\Run : [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
04 - HKCU\..\Run : [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
04 - HKCU\..\Run : [ehTray.exe] C:\Windows\ehome\ehTray.exe
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\Jade\AppData\Local\Temp\SURVIVAL.vbe"
04 - HKLM\..\Run : [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
04 - HKLM\..\Run : [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
04 - HKLM\..\Run : [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
04 - HKLM\..\Run : [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
04 - HKLM\..\Run : [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
04 - HKLM\..\Run : [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [RtHDVCpl] RtHDVCpl.exe
04 - HKLM\..\Run : [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
04 - HKLM\..\Run : [NDSTray.exe] NDSTray.exe
04 - HKLM\..\Run : [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
04 - HKLM\..\Run : [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
04 - HKLM\..\Run : [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
04 - HKLM\..\Run : [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
04 - HKLM\..\Run : [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
04 - HKLM\..\Run : [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
04 - HKLM\..\Run : [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-19\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
04 - HKU\S-1-5-20\..\Run : [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [Connexion SFR 9props.exe] "C:\Program Files\SFR\Kit\9props.exe" /trayicon
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [ehTray.exe] C:\Windows\ehome\ehTray.exe
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-733754882-2014061590-3818953739-1000\..\Run : [SURVIVAL] wscript.exe //B "C:\Users\Jade\AppData\Local\Temp\SURVIVAL.vbe"
################## | Generic Research |
Deleted ! C:\Users\Jade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SURVIVAL.vbe
Deleted ! C:\Users\Jade\AppData\Local\Temp\SURVIVAL.vbe
Deleted ! D:\SURVIVAL.vbe
Deleted ! F:\SURVIVAL.vbe
Deleted ! G:\SURVIVAL.vbe
Deleted ! A:\.lnk
Deleted ! A:\.Trashes.lnk
Deleted ! A:\.fseventsd.lnk
Deleted ! D:\.lnk
Deleted ! D:\SOMMAIRE.lnk
Deleted ! D:\~WRL2968.lnk
Deleted ! D:\TRANCHE.lnk
Deleted ! D:\plan initial.lnk
Deleted ! D:\F.lnk
Deleted ! D:\RCP.lnk
Deleted ! D:\fin mémoire.lnk
Deleted ! D:\mercredi.lnk
Deleted ! D:\5 transfert personnalisé.lnk
Deleted ! D:\DESMBD.lnk
Deleted ! D:\innervation.lnk
Deleted ! D:\anatomie-du-crane-humain.lnk
Deleted ! D:\textes et shemas emd et lpa ducpc 2013.lnk
Deleted ! D:\DUI III-2B.lnk
Deleted ! D:\DUI III-1A.lnk
Deleted ! D:\nerf maxillaire.lnk
Deleted ! D:\Mémoire DU1.lnk
Deleted ! D:\BIBLIOGRAPHIE Jade MEMOIRE DU1.lnk
Deleted ! D:\Piliers en prothèse implantaire TAVITIAN.lnk
Deleted ! D:\Diaporama DUPC.lnk
Deleted ! D:\Mémoire Anais.lnk
Deleted ! D:\20131108143942.lnk
Deleted ! D:\Froge_Colette.lnk
Deleted ! D:\Cas clinique DU de Parodontologie clinique [Enregistrement automatique].lnk
Deleted ! D:\Cas clinique DU de Parodontologie clinique Last version.lnk
Deleted ! D:\00implandavarpana.lnk
Deleted ! D:\DUI Marilena.lnk
Deleted ! D:\endothèse.lnk
Deleted ! D:\amberto.lnk
Deleted ! D:\gab.lnk
Deleted ! D:\ventoso.lnk
Deleted ! D:\Photos.lnk
Deleted ! D:\.Trashes.lnk
Deleted ! D:\.Spotlight-V100.lnk
Deleted ! D:\mémoire fin.lnk
Deleted ! D:\mémoire dui.lnk
Deleted ! D:\des lyon.lnk
Deleted ! D:\U3ROM.lnk
Deleted ! D:\gab frénectomie.lnk
Deleted ! D:\Barioz.lnk
Deleted ! D:\.TemporaryItems.lnk
Deleted ! D:\eBook - SF & Fantasy - A2Y- FP - Noel 2013.lnk
Deleted ! D:\George R.R. Martin.lnk
Deleted ! F:\autorun.lnk
Deleted ! F:\.kobo.lnk
Deleted ! F:\.adobe-digital-editions.lnk
Deleted ! F:\.kobo-images.lnk
Deleted ! F:\Digital Editions.lnk
Deleted ! F:\U3ROM.lnk
Deleted ! F:\George R.R. Martin.lnk
Deleted ! F:\Robin Hobb.lnk
Deleted ! G:\DESMBD.lnk
Deleted ! G:\~WRL0003.lnk
Deleted ! G:\~WRL3893.lnk
Deleted ! G:\.lnk
Deleted ! G:\~WRL1346.lnk
Deleted ! G:\DUI.lnk
Deleted ! G:\ppt biom.lnk
Deleted ! G:\DES.lnk
Deleted ! G:\vannieri.lnk
Deleted ! G:\LSF.lnk
Deleted ! G:\Thumbs.lnk
Deleted ! G:\cours.lnk
Deleted ! G:\biom.lnk
Deleted ! G:\ppt compatible.lnk
Deleted ! G:\Thumbs .lnk
Deleted ! G:\QCM BLANC BIOM.lnk
Deleted ! G:\FICHE ANALYTIQUE ARTICLE.lnk
Deleted ! G:\histologie et physiologie osseuse.lnk
Deleted ! G:\UDPv268.lnk
Deleted ! G:\20140110122632.lnk
Deleted ! G:\USB Disk Pro v2.lnk
Deleted ! G:\hemato DESCO 24 jan 2013.lnk
Deleted ! G:\Modeling neolithic dispersal in central Europe.lnk
Deleted ! G:\CANCERO DESCO 2013 - Copie.lnk
Deleted ! G:\ceramiques_DUORE_2010_FILEminimizer_.lnk
Deleted ! G:\WMPInfo.lnk
Deleted ! G:\fiche_de_lecture_dose-response.lnk
Deleted ! G:\.Trashes.lnk
Deleted ! G:\.fseventsd.lnk
Deleted ! G:\Treatment of periodontal disease for glycaemic control in.lnk
Deleted ! G:\Perotti jeanne.lnk
Deleted ! G:\.Spotlight-V100.lnk
Deleted ! G:\cours TAVITIAN.lnk
Deleted ! G:\DUSSILLOL roland.lnk
Deleted ! G:\photo Guadeloupe.lnk
Deleted ! G:\IMPRESSION MEMOIRE DUI.lnk
Deleted ! G:\connectique interne externe.lnk
Deleted ! G:\Autorun.inf.lnk
Deleted ! G:\maladie de Heck.lnk
Deleted ! G:\.TemporaryItems.lnk
Deleted ! G:\articles csct.lnk
Deleted ! G:\Thèse Raphaelle.lnk
Deleted ! G:\statut m mozerys.lnk
Deleted ! G:\OrdersDir.lnk
Deleted ! G:\Logiciels Shape.lnk
Deleted ! G:\Thumbs .db
Not deleted ! G:\Thumbs.com
Deleted ! D:\U3ROM
Deleted ! F:\U3ROM
(!) Temporary files deleted.
################## | Registry |
Repaired ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
Repaired ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -> 5
Deleted ! HKU\S-1-5-21-733754882-2014061590-3818953739-1000\Software\Microsoft\Windows\CurrentVersion\Run|SURVIVAL
################## | Listing |
[30/09/2008 - 19:25:20 | SH | 4 Ko] - A:\._.Trashes
[30/09/2008 - 19:25:20 | SHD] - A:\.Trashes
[15/02/2010 - 19:59:36 | SH | 6 Ko] - A:\.DS_Store
[18/06/2013 - 17:37:18 | SHD] - A:\.fseventsd
[01/11/2010 - 15:02:32 | SHD] - C:\$Recycle.Bin
[09/09/2012 - 14:10:27 | N | 10 Ko | 9F407EA9D38754896A5DE68716D56313] - C:\AdwCleaner[R1].txt
[09/09/2012 - 14:10:55 | N | 11 Ko | 5A222651C03290BD73DC9BFF49FB58D3] - C:\AdwCleaner[S1].txt
[18/09/2006 - 22:43:36 | A | 0 Ko] - C:\autoexec.bat
[07/11/2010 - 18:43:07 | SHD] - C:\Boot
[11/04/2009 - 07:36:36 | RASH | 325 Ko] - C:\bootmgr
[18/12/2006 - 08:01:27 | RAS | 8 Ko] - C:\BOOTSECT.BAK
[20/01/2014 - 19:34:36 | D] - C:\Config.Msi
[18/09/2006 - 22:43:37 | N | 0 Ko] - C:\config.sys
[18/03/2013 - 11:03:04 | D] - C:\DentalData
[02/11/2006 - 14:02:03 | SHD] - C:\Documents and Settings
[30/01/2014 - 21:13:41 | ASH | 2095160 Ko] - C:\hiberfil.sys
[02/05/2007 - 11:03:15 | N | 262 Ko | F0679DBF271A905E28C4E9FFCD253D97] - C:\hpzids01.dll
[01/11/2010 - 16:00:23 | RHD] - C:\MSOCache
[30/01/2014 - 21:13:38 | ASH | 2401600 Ko] - C:\pagefile.sys
[07/11/2010 - 15:20:29 | D] - C:\PerfLogs
[15/01/2014 - 20:44:26 | D] - C:\Program Files
[20/10/2013 - 20:59:41 | HD] - C:\ProgramData
[05/11/2010 - 22:29:13 | D] - C:\rsit
[21/12/2006 - 09:52:52 | N | 0 Ko | 30C71AFB9895A640EC44451C85A667F6] - C:\SWSTAMP.TXT
[20/01/2014 - 19:29:50 | SHD] - C:\System Volume Information
[05/11/2010 - 22:28:48 | N | 54 Ko | B4A9EE28C4C55F6C0797093C2B0F8BEE] - C:\TDSSKiller.2.4.6.0_05.11.2010_22.03.49_log.txt
[01/11/2010 - 15:02:25 | D] - C:\Toshiba
[29/01/2014 - 22:22:17 | D] - C:\UsbFix
[30/01/2014 - 21:38:11 | A | 13 Ko | 037042652516819F049E3A299C6B55CB] - C:\UsbFix [Clean 2] PC-DE-JADE.txt
[29/01/2014 - 23:15:51 | N | 14 Ko | 8A1B0569AE1A7C77843EE72E37179EE8] - C:\UsbFix [Scan 1] PC-DE-JADE.txt
[01/11/2010 - 15:01:40 | D] - C:\Users
[18/12/2006 - 10:30:41 | N | 464 Ko] - C:\vcredist_x86.log
[13/12/2013 - 19:21:28 | D] - C:\Windows
[21/12/2006 - 09:37:12 | T | 21 Ko] - C:\_wdsuef.dmp
[14/05/2013 - 12:49:46 | D] - D:\DUI Marilena
[11/10/2013 - 00:59:52 | D] - D:\endothèse
[22/06/2013 - 15:39:12 | N | 4 Ko] - D:\._Froge_Colette.ppt
[22/06/2013 - 15:39:48 | N | 4 Ko] - D:\._histologie et physiologie osseuse CATHERINE.ppt
[31/07/2013 - 09:07:10 | D] - D:\amberto
[31/07/2013 - 08:59:20 | D] - D:\gab
[31/07/2013 - 09:05:10 | D] - D:\ventoso
[22/06/2013 - 15:40:22 | D] - D:\Photos
[01/09/2013 - 12:16:48 | N | 34 Ko] - D:\SOMMAIRE.doc
[30/08/2013 - 11:38:06 | N | 19 Ko] - D:\~WRL2968.tmp
[02/09/2013 - 00:40:58 | N | 45 Ko] - D:\TRANCHE.doc
[14/01/2013 - 10:40:26 | SH | 4 Ko] - D:\._.Trashes
[14/01/2013 - 10:40:26 | SHD] - D:\.Trashes
[14/01/2013 - 10:40:26 | SHD] - D:\.Spotlight-V100
[02/09/2013 - 00:47:18 | D] - D:\mémoire fin
[14/01/2013 - 10:41:06 | N | 4 Ko] - D:\._histologie et physiologie osseuse.ppt
[30/08/2013 - 11:37:32 | N | 14 Ko] - D:\plan initial.docx
[02/09/2013 - 00:45:34 | N | 120277 Ko] - D:\fin mémoire.doc
[31/08/2013 - 16:16:44 | N | 7737 Ko] - D:\5 transfert personnalisé.pdf
[31/08/2013 - 20:48:12 | N | 33 Ko] - D:\anatomie-du-crane-humain.jpg
[31/08/2013 - 20:56:14 | N | 18 Ko] - D:\innervation.jpg
[05/02/2013 - 20:37:28 | N | 43916 Ko] - D:\textes et shemas emd et lpa ducpc 2013.pptx
[12/02/2013 - 21:32:48 | N | 80 Ko] - D:\DUI III-2B.docx
[05/09/2013 - 21:20:00 | D] - D:\mémoire dui
[08/02/2013 - 11:41:38 | N | 3890 Ko] - D:\F. Louise éléménts DUPC sém 2 2013.pptx
[12/02/2013 - 21:36:02 | N | 4 Ko] - D:\._DUI III-2B.docx
[11/02/2013 - 11:48:04 | N | 148 Ko] - D:\DUI III-1A.docx
[12/02/2013 - 21:37:32 | N | 4 Ko] - D:\._DUI III-1A.docx
[31/08/2013 - 20:57:36 | N | 129 Ko] - D:\nerf maxillaire.png
[01/09/2013 - 16:25:40 | N | 120253 Ko] - D:\Mémoire DU1.doc
[12/02/2013 - 22:28:44 | D] - D:\des lyon
[01/09/2013 - 16:47:02 | N | 33 Ko] - D:\BIBLIOGRAPHIE Jade MEMOIRE DU1.doc
[01/05/2013 - 13:01:28 | N | 4221 Ko] - D:\Piliers en prothèse implantaire TAVITIAN.pdf
[10/09/2013 - 21:02:50 | D] - D:\gab frénectomie
[18/09/2013 - 08:04:20 | N | 38104 Ko] - D:\Diaporama DUPC.pps
[07/05/2013 - 17:35:02 | N | 3920 Ko] - D:\Mémoire Anais.pdf
[08/11/2013 - 14:39:46 | N | 335 Ko] - D:\20131108143942.pdf
[29/05/2013 - 17:59:18 | N | 65186 Ko] - D:\Froge_Colette.ppt
[13/09/2013 - 20:09:18 | N | 15352 Ko] - D:\Cas clinique DU de Parodontologie clinique [Enregistrement automatique].ppt
[18/09/2013 - 06:55:28 | N | 38109 Ko] - D:\Cas clinique DU de Parodontologie clinique Last version.ppt
[17/09/2013 - 14:48:48 | N | 4 Ko] - D:\._Cas clinique DU de Parodontologie clinique Last version.ppt
[12/12/2013 - 10:20:24 | N | 183 Ko] - D:\RCP.pdf
[05/12/2013 - 12:24:34 | D] - D:\Barioz
[11/12/2013 - 01:11:22 | N | 13727 Ko] - D:\mercredi.pptx
[16/12/2013 - 19:15:18 | N | 4 Ko] - D:\._DESMBD.ppt
[16/12/2013 - 18:52:54 | SHD] - D:\.TemporaryItems
[16/12/2013 - 18:52:54 | SH | 4 Ko] - D:\._.TemporaryItems
[18/04/2010 - 12:49:40 | N | 109187 Ko] - D:\00implandavarpana.pdf
[17/12/2013 - 00:43:56 | N | 50610 Ko] - D:\DESMBD.ppt
[01/01/2014 - 21:34:30 | D] - D:\eBook - SF & Fantasy - A2Y- FP - Noel 2013
[01/01/2014 - 22:34:38 | D] - D:\George R.R. Martin
[30/01/2014 - 20:11:00 | D] - F:\.kobo
[13/07/2013 - 16:04:54 | D] - F:\.adobe-digital-editions
[01/01/2014 - 21:37:12 | D] - F:\.kobo-images
[25/12/2013 - 15:50:20 | D] - F:\Digital Editions
[01/01/2014 - 22:38:14 | N | 1 Ko] - F:\autorun.inf
[01/01/2014 - 22:36:46 | D] - F:\George R.R. Martin
[01/01/2014 - 22:37:50 | D] - F:\Robin Hobb
[18/04/2012 - 23:07:48 | N | 80420 Ko] - G:\.HPIMAGE.VFS
[26/05/2012 - 20:24:42 | N | 93 Ko] - G:\ppt biom.pptx
[14/01/2013 - 19:48:12 | D] - G:\DUI
[01/04/2011 - 16:13:22 | N | 4 Ko] - G:\._Etio générales crs 2 cycle.doc
[18/06/2013 - 17:37:16 | SHD] - G:\.fseventsd
[27/01/2012 - 18:44:20 | D] - G:\DES
[19/09/2012 - 17:28:00 | D] - G:\vannieri
[20/01/2014 - 07:57:50 | N | 50610 Ko] - G:\DESMBD.ppt
[30/09/2008 - 19:25:12 | SHD] - G:\.Trashes
[20/02/2012 - 17:22:50 | D] - G:\Perotti jeanne
[30/09/2008 - 19:25:12 | SH | 4 Ko] - G:\._.Trashes
[25/03/2008 - 16:33:18 | N | 75230 Ko] - G:\~WRL0003.tmp
[23/03/2008 - 18:56:02 | N | 71498 Ko] - G:\~WRL3893.tmp
[22/03/2008 - 16:20:12 | N | 12419 Ko] - G:\~WRL1346.tmp
[30/09/2008 - 19:25:14 | SHD] - G:\.Spotlight-V100
[29/01/2009 - 09:51:38 | N | 4 Ko] - G:\._cours neuro D1.ppt
[31/01/2011 - 20:00:02 | D] - G:\LSF
[30/09/2008 - 19:25:26 | N | 4 Ko] - G:\._terrain_part.ppt
[01/04/2011 - 16:13:22 | N | 4 Ko] - G:\._FACTEURS DE RISQUES 2006.doc
[29/05/2012 - 14:44:00 | N | 565 Ko] - G:\ppt compatible.ppt
[01/10/2008 - 16:55:28 | N | 0 Ko] - G:\._inflammation cours.doc
[24/05/2012 - 16:47:14 | N | 2435 Ko] - G:\QCM BLANC BIOM.doc
[12/11/2008 - 15:42:58 | N | 4 Ko] - G:\._12-11-2008_antalgiques_dentaires_KL - copie.pdf
[18/06/2013 - 17:37:36 | D] - G:\cours TAVITIAN
[02/03/2012 - 11:05:06 | D] - G:\DUSSILLOL roland
[17/04/2012 - 00:16:48 | N | 43 Ko] - G:\FICHE ANALYTIQUE ARTICLE.doc
[06/01/2014 - 22:48:50 | D] - G:\photo Guadeloupe
[03/12/2012 - 15:45:58 | N | 168556 Ko] - G:\histologie et physiologie osseuse.ppt
[26/01/2011 - 11:55:20 | N | 93 Ko] - G:\._NO NAME
[24/01/2013 - 15:44:24 | N | 2066 Ko] - G:\hemato DESCO 24 jan 2013.pdf
[26/01/2011 - 11:55:24 | N | 93 Ko] - G:\._NO NAME alias
[26/01/2011 - 11:55:34 | N | 4 Ko] - G:\._Plan .docx
[30/05/2012 - 23:21:42 | N | 149 Ko] - G:\Modeling neolithic dispersal in central Europe.pptx
[26/01/2011 - 11:55:36 | N | 4 Ko] - G:\._mémoire.docx
[15/02/2010 - 20:01:20 | SH | 6 Ko] - G:\.DS_Store
[24/01/2013 - 15:49:42 | N | 3817 Ko] - G:\CANCERO DESCO 2013 - Copie.pdf
[24/02/2013 - 19:30:16 | D] - G:\connectique interne externe
[10/02/2010 - 16:52:46 | N | 4 Ko] - G:\._chir pré prothétique D2 2008.pdf
[06/09/2013 - 03:44:42 | D] - G:\IMPRESSION MEMOIRE DUI
[15/02/2010 - 20:00:42 | N | 0 Ko] - G:\._2009 EXTRAC 8.ppt
[31/01/2011 - 12:01:50 | N | 4 Ko] - G:\._questions internat-2.pdf
[16/03/2011 - 20:15:08 | N | 4 Ko] - G:\._Internat ODF.key
[01/04/2011 - 16:12:22 | N | 4 Ko] - G:\._P2.jpg
[01/04/2011 - 16:12:24 | N | 4 Ko] - G:\._P4.jpg
[16/03/2009 - 21:46:40 | N | 40 Ko | D41D8CD98F00B204E9800998ECF8427E] - G:\Thumbs.com
[01/04/2011 - 16:12:24 | N | 4 Ko] - G:\._P5.jpg
[10/01/2014 - 12:26:42 | N | 71 Ko] - G:\20140110122632.pdf
[01/04/2011 - 16:12:24 | N | 4 Ko] - G:\._P6.jpg
[01/04/2011 - 16:12:26 | N | 4 Ko] - G:\._P7.jpg
[01/04/2011 - 16:12:26 | N | 4 Ko] - G:\._P8.jpg
[01/04/2011 - 16:12:26 | N | 4 Ko] - G:\._P9.jpg
[01/04/2011 - 16:12:26 | N | 4 Ko] - G:\._P10-1.jpg
[01/04/2011 - 16:12:40 | N | 4 Ko] - G:\._CAS 7.jpg
[12/02/2013 - 22:22:18 | N | 9903 Ko] - G:\ceramiques_DUORE_2010_FILEminimizer_.ppt
[01/04/2011 - 16:12:44 | N | 4 Ko] - G:\._CAS 8.jpg
[01/04/2011 - 16:13:20 | N | 4 Ko] - G:\._2008-11 ALetAG POG.ppt
[18/04/2011 - 11:28:16 | D] - G:\maladie de Heck
[01/04/2011 - 16:13:22 | N | 4 Ko] - G:\._Histo- Physiologie du parodonte 2.doc
[12/10/2006 - 16:00:16 | N | 196 Ko | 976F2355AEB9920F57C63F2CE31674A9] - G:\UDPv268.exe
[30/05/2005 - 18:26:08 | N | 350 Ko] - G:\USB Disk Pro v2.55.pdf
[01/04/2011 - 17:44:02 | N | 4 Ko] - G:\._CAS 8.docx
[13/04/2011 - 18:06:06 | SHD] - G:\.TemporaryItems
[12/04/2011 - 09:29:30 | D] - G:\articles csct
[13/04/2011 - 18:06:06 | SH | 4 Ko] - G:\._.TemporaryItems
[13/04/2011 - 18:18:04 | N | 4 Ko] - G:\._Internat ODF.pdf
[14/10/2008 - 00:09:34 | D] - G:\cours
[23/04/2011 - 14:04:42 | N | 4 Ko] - G:\._TBBT_0418_VOSTFR.avi
[01/11/2008 - 12:43:02 | N | 0 Ko] - G:\WMPInfo.xml
[23/04/2011 - 14:05:36 | N | 4 Ko] - G:\._The.Big.Bang.Theory.S04E17.FASTSUB.VOSTFR.HDTV.XviD-RAW.WWW.SERIES-DDL.COM.avi
[23/04/2011 - 14:06:26 | N | 4 Ko] - G:\._the.big.bang.theory.S04E19.vostfr.mass.avi
[23/04/2011 - 14:07:18 | N | 4 Ko] - G:\._The.Big.Bang.Theory.S04E20.PROPER.VOSTFR.HDTV.XviD-SSL.avi
[11/11/2011 - 16:03:50 | N | 4 Ko] - G:\._MARSEILLE_SAINT_CHARLES-TOULOUSE_MATABIAU_17-11-11_NITUSGAU_JADE_QMRLVA_4XaiXJTVCvmUPuYnGfsC.pdf
[06/11/2011 - 22:36:54 | D] - G:\Thèse Raphaelle
[03/01/2012 - 17:53:30 | D] - G:\statut m mozerys
[19/04/2012 - 00:00:12 | N | 58 Ko] - G:\fiche_de_lecture_dose-response.doc
[19/04/2012 - 08:31:44 | N | 100 Ko] - G:\Treatment of periodontal disease for glycaemic control in.pptx
[11/05/2012 - 09:31:38 | D] - G:\OrdersDir
[11/05/2012 - 09:35:30 | D] - G:\Logiciels Shape
[17/05/2012 - 20:18:10 | D] - G:\biom
################## | Vaccin |
A:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
- Messages : 2385
- Inscription : 10 mai 2008 13:45
- Localisation : NANCY
Re: [infection] USB dossiers en raccourcis
Bonjour,
Relance USBfix et clic sur désinstaller !
Relance USBfix et clic sur désinstaller !
Ca donne quoi ?Mes supports amovibles ont été infectés par un virus qui transforme mes dossiers en raccourcis
-
- Sujets similaires
- Réponses
- Vues
- Dernier message
-
- 4 Réponses
- 81 Vues
-
Dernier message par alpha-mike
-
- 3 Réponses
- 59 Vues
-
Dernier message par Parisien_entraide
-
- 5 Réponses
- 134 Vues
-
Dernier message par Parisien_entraide
-
- 12 Réponses
- 222 Vues
-
Dernier message par boulou78
-
- 1 Réponses
- 50 Vues
-
Dernier message par Malekal_morte