virus
Posté : jeu. 10 avr. 2014 15:55
bonjour
mon pc viens d etre infecter par un virus du nom TROJAN.LNK.GEN .je vous envois un rapport fait par usbfix
############################## | UsbFix V 7.169 | [Suppression]
Utilisateur: user (Administrateur) # USER-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 12:24:59 | 10/04/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: TOSHIBA (Portable PC)
CPU: Intel(R) Celeron(R) CPU 900 @ 2.20GHz
RAM - [Total : 2940 Mo| Free : 809 Mo]
Bios: INSYDE
Boot: Normal boot
OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Google Chrome : 34.0.1847.116
WB: Mozilla Firefox : 27.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
AV: F-Secure Client Security 9.11 [Enabled | Updated]
AS: F-Secure Client Security 9.11 [Enabled | Updated]
AS: Windows Defender [(!) Disabled | (!) Outdated]
AS: Microsoft Security Essentials [Enabled | Updated]
FW: F-Secure Client Security 9.11 [Enabled]
FW: Windows FireWall [Enabled]
C:\ (%systemdrive%) - Disque fixe # 298 Go (183 Go libre(s) - 61%) [] # NTFS
D:\ - CD-ROM
E:\ - Disque fixe # 466 Go (39 Go libre(s) - 8%) [Moussa Ndoye ] # NTFS
G:\ - Disque amovible # 15 Go (15 Go libre(s) - 100%) [] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 360 |ParentID: 344)
C:\Windows\system32\wininit.exe (ID: 412 |ParentID: 344)
C:\Windows\system32\csrss.exe (ID: 420 |ParentID: 404)
C:\Windows\system32\winlogon.exe (ID: 476 |ParentID: 404)
C:\Windows\system32\services.exe (ID: 496 |ParentID: 412)
C:\Windows\system32\lsass.exe (ID: 520 |ParentID: 412)
C:\Windows\system32\lsm.exe (ID: 528 |ParentID: 412)
C:\Windows\system32\svchost.exe (ID: 656 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 724 |ParentID: 496)
c:\Program Files\Microsoft Security Client\MsMpEng.exe (ID: 860 |ParentID: 496)
C:\Windows\System32\svchost.exe (ID: 908 |ParentID: 496)
C:\Windows\System32\svchost.exe (ID: 944 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 988 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 1024 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 1280 |ParentID: 496)
C:\Windows\System32\spoolsv.exe (ID: 1408 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 1444 |ParentID: 496)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1516 |ParentID: 496)
C:\Program Files\Bonjour\mDNSResponder.exe (ID: 1552 |ParentID: 496)
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (ID: 1576 |ParentID: 496)
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ID: 1600 |ParentID: 496)
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe (ID: 1684 |ParentID: 496)
C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe (ID: 1728 |ParentID: 496)
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE (ID: 1752 |ParentID: 1684)
C:\Program Files\F-Secure\Common\FSMA32.EXE (ID: 1768 |ParentID: 496)
C:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe (ID: 1804 |ParentID: 496)
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (ID: 1916 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 1988 |ParentID: 496)
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe (ID: 2100 |ParentID: 1752)
C:\Windows\System32\WUDFHost.exe (ID: 2228 |ParentID: 944)
c:\Program Files\Microsoft Security Client\NisSrv.exe (ID: 2644 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 2836 |ParentID: 496)
C:\Windows\system32\taskhost.exe (ID: 2040 |ParentID: 496)
C:\Windows\system32\Dwm.exe (ID: 3820 |ParentID: 944)
C:\Windows\Explorer.EXE (ID: 3996 |ParentID: 1948)
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (ID: 2020 |ParentID: 3996)
C:\Program Files\Microsoft Security Client\msseces.exe (ID: 3788 |ParentID: 3996)
C:\Program Files\Real\RealPlayer\Update\realsched.exe (ID: 2288 |ParentID: 3996)
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (ID: 2220 |ParentID: 3996)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 3468 |ParentID: 3996)
C:\Program Files\SuperCopier2\SuperCopier2.exe (ID: 3580 |ParentID: 3996)
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (ID: 3608 |ParentID: 3996)
C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe (ID: 3984 |ParentID: 3996)
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (ID: 1256 |ParentID: 496)
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (ID: 3320 |ParentID: 3996)
C:\Program Files\Samsung\Kies\Kies.exe (ID: 2200 |ParentID: 3996)
C:\Program Files\Skype\Phone\Skype.exe (ID: 1200 |ParentID: 3996)
C:\Windows\System32\wscript.exe (ID: 3716 |ParentID: 3996)
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (ID: 2420 |ParentID: 656)
C:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe (ID: 1912 |ParentID: 3996)
C:\Program Files\OpenOffice.org 3\program\soffice.exe (ID: 2724 |ParentID: 2472)
C:\Program Files\OpenOffice.org 3\program\soffice.bin (ID: 2968 |ParentID: 2724)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4268 |ParentID: 656)
C:\Windows\system32\svchost.exe (ID: 6072 |ParentID: 496)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3028 |ParentID: 496)
C:\Program Files\Mozilla Firefox\firefox.exe (ID: 5440 |ParentID: 3996)
C:\Program Files\Mozilla Firefox\plugin-container.exe (ID: 5588 |ParentID: 5440)
C:\Windows\system32\wuauclt.exe (ID: 4880 |ParentID: 1024)
C:\Windows\system32\UI0Detect.exe (ID: 4080 |ParentID: 496)
C:\Program Files\F-Secure\common\FSM32.EXE (ID: 3252 |ParentID: 2856)
C:\Program Files\F-Secure\Common\FSHDLL32.EXE (ID: 5836 |ParentID: 1768)
C:\Program Files\F-Secure\Common\FNRB32.EXE (ID: 2444 |ParentID: 496)
C:\Program Files\F-Secure\ORSP Client\fsorsp.exe (ID: 5060 |ParentID: 496)
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe (ID: 4472 |ParentID: 496)
C:\Program Files\F-Secure\Common\FIH32.EXE (ID: 4984 |ParentID: 1768)
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe (ID: 4100 |ParentID: 1752)
C:\Windows\servicing\TrustedInstaller.exe (ID: 2224 |ParentID: 496)
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (ID: 5436 |ParentID: 496)
C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe (ID: 5168 |ParentID: 3440)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 1616 |ParentID: 1540)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5748 |ParentID: 1616)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 4940 |ParentID: 1616)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 4916 |ParentID: 1616)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5884 |ParentID: 1616)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 504 |ParentID: 1616)
C:\Windows\system32\SearchIndexer.exe (ID: 2864 |ParentID: 496)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5616 |ParentID: 1616)
C:\Windows\system32\SearchProtocolHost.exe (ID: 596 |ParentID: 2864)
C:\Windows\system32\SearchFilterHost.exe (ID: 2340 |ParentID: 2864)
################## | Recherche générique |
Supprimé! C:\Users\user\AppData\Roaming\168816984_MicrosoftUpdate.vbe
Supprimé! C:\Users\user\AppData\Local\Temp\ADMIN.vbe
Supprimé! G:\168816984_MicrosoftUpdate.vbe
Supprimé! C:\Users\user\AppData\Local\Temp\BTLive.exe
Supprimé! C:\Users\user\AppData\Local\Temp\CPBA.bat
(!) Fichiers temporaires supprimés.
################## | Registre |
Supprimé! HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\Software\Microsoft\Windows\CurrentVersion\Run|168816984_MicrosoftUpdate
Supprimé! HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\Software\Microsoft\Windows\CurrentVersion\Run|BTLive
Supprimé! HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\Software\.\.\.\.\Mountpoints2\{60c0d3e2-3fc1-11e2-90d5-b7caff1d2ea4}
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
04 - HKCU\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
04 - HKCU\..\Run : [uTorrent] "C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKCU\..\Run : [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
04 - HKCU\..\Run : [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
04 - HKCU\..\Run : [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\Run : [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
04 - HKLM\..\Run : [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
04 - HKLM\..\Run : [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
04 - HKLM\..\Run : [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [uTorrent] "C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Listing |
[07/03/2013 - 16:13:40 | SHD] - C:\$Recycle.Bin
[15/12/2012 - 13:06:45 | N | 10 Ko | 376FAE31C41FB32A364B0CDF62D2F4BA] - C:\AdwCleaner[S2].txt
[10/06/2009 - 21:42:20 | A | 0 Ko] - C:\autoexec.bat
[10/04/2014 - 12:03:52 | D] - C:\Config.Msi
[10/06/2009 - 21:42:20 | N | 0 Ko] - C:\config.sys
[27/01/2014 - 19:08:38 | D] - C:\Daum
[06/12/2012 - 22:33:35 | D] - C:\DEMFITEC
[14/07/2009 - 04:53:55 | SHD] - C:\Documents and Settings
[06/02/2014 - 11:23:45 | N | 0 Ko] - C:\END
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10 Ko | 99C22D4A31F4EAD4351B71D6F4E5F6A1] - C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 0 Ko | 9B15A3A055CC6E67EA191A1B7885649A] - C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.3082.txt
[28/01/2014 - 12:22:31 | D] - C:\FFOutput
[07/11/2007 - 08:00:40 | N | 1 Ko] - C:\globdata.ini
[09/04/2014 - 21:39:48 | ASH | 2257900 Ko] - C:\hiberfil.sys
[07/11/2007 - 08:03:18 | N | 550 Ko | 520A6D1CBCC9CF642C625FE814C93C58] - C:\install.exe
[07/11/2007 - 08:00:40 | N | 1 Ko] - C:\install.ini
[07/11/2007 - 08:03:18 | N | 75 Ko | 4151A4D07640863783F837E588235837] - C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 94 Ko | 3B8A82E04238655EAEF97E074FB29911] - C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 89 Ko | 9EDEB8B1C5C0A4CD3A3016B85108127D] - C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 95 Ko | 5B6FF470CFA7087690E61F87E81EF78A] - C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 93 Ko | 6310AB8FC9E3DBEE80592FC453A34FEE] - C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 80 Ko | 13ED4517152203DE4BC52ACC0255D952] - C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 78 Ko | 0D4FB4095EA49C1EC89B9E8DB0B936A3] - C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 74 Ko | D7366B34E8AFB605C39EF56E2201FE85] - C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 94 Ko | 41BB37A347121F3E5E88D85100638B79] - C:\install.res.3082.dll
[06/12/2012 - 22:18:40 | RASH | 0 Ko] - C:\IO.SYS
[08/06/2013 - 12:52:35 | D] - C:\leg
[06/12/2012 - 22:18:40 | RASH | 0 Ko] - C:\MSDOS.SYS
[29/11/2012 - 20:52:49 | RHD] - C:\MSOCache
[09/04/2014 - 21:39:50 | ASH | 3010536 Ko] - C:\pagefile.sys
[14/07/2009 - 02:37:05 | D] - C:\PerfLogs
[10/04/2014 - 11:55:05 | D] - C:\Program Files
[01/03/2014 - 17:24:18 | HD] - C:\ProgramData
[29/11/2012 - 13:43:22 | SHD] - C:\Recovery
[10/04/2014 - 11:35:48 | SHD] - C:\System Volume Information
[10/04/2014 - 11:55:09 | D] - C:\UsbFix
[10/04/2014 - 12:29:52 | A | 14 Ko | 20CD6A197E5039F4D400851607050AB5] - C:\UsbFix [Clean 2] USER-PC.txt
[10/04/2014 - 12:18:54 | N | 12 Ko | 0D53A795463B4BA13F7FED542C49B945] - C:\UsbFix [Scan 1] USER-PC.txt
[07/03/2013 - 16:13:27 | D] - C:\Users
[07/11/2007 - 08:00:40 | N | 6 Ko] - C:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1409 Ko] - C:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 228 Ko] - C:\VC_RED.MSI
[09/04/2014 - 21:37:47 | D] - C:\Windows
[17/01/2014 - 15:20:53 | SHD] - E:\$RECYCLE.BIN
[18/06/2013 - 15:19:10 | D] - E:\AUDIO_TS
[28/06/2013 - 11:41:00 | N | 677 Ko] - E:\bon de livraison.pdf
[14/05/2013 - 11:07:54 | N | 35 Ko] - E:\COMMANDE BAIE.pdf
[13/05/2013 - 00:01:52 | N | 549 Ko] - E:\COMMANDE BOUTIQUE.pdf
[17/06/2013 - 10:39:40 | N | 29 Ko] - E:\Commande coffret PISTE PETROSEN.pdf
[13/05/2013 - 13:49:15 | N | 553 Ko] - E:\commande inverseur.pdf
[12/05/2013 - 13:01:51 | N | 567 Ko] - E:\commande piste petrosen.pdf
[05/03/2013 - 12:24:04 | D] - E:\cour electrique
[04/12/2012 - 01:11:01 | D] - E:\DEMFITEC
[28/05/2013 - 13:40:13 | N | 599 Ko] - E:\devis coffret bel aire.pdf
[17/07/2013 - 02:37:05 | N | 162 Ko] - E:\Document2.pdf
[06/11/2013 - 13:53:45 | D] - E:\dossier confidenciel
[25/02/2014 - 11:04:09 | D] - E:\dossier de travail
[29/11/2012 - 16:16:23 | D] - E:\eMule
[08/01/2014 - 15:09:27 | N | 131 Ko] - E:\facture entracom 2014.pdf
[10/06/2013 - 13:19:36 | N | 131 Ko] - E:\facture entracom nouv.pdf
[13/05/2013 - 13:40:21 | N | 71 Ko] - E:\facture H et D.pdf
[30/10/2013 - 23:55:01 | N | 104 Ko] - E:\facture materiel entracom.docx
[30/10/2013 - 23:55:29 | N | 136 Ko] - E:\facture materiel entracom.pdf
[03/02/2014 - 18:23:23 | D] - E:\FILM
[25/02/2013 - 15:50:04 | D] - E:\flash huawai
[13/03/2013 - 18:28:10 | D] - E:\Gran Theft Auto San Andreas
[16/03/2014 - 18:27:56 | D] - E:\image ndoye
[26/09/2013 - 01:09:01 | D] - E:\IMAGE PETROSEN
[06/09/2013 - 14:07:01 | D] - E:\le 28 mai
[10/01/2014 - 10:01:16 | D] - E:\le 28 mai doc music
[28/05/2013 - 20:06:38 | D] - E:\le 28 mai video
[31/01/2013 - 15:13:55 | D] - E:\logiciel
[27/01/2014 - 14:17:24 | N | 1 Ko] - E:\MediaID.bin
[27/11/2012 - 13:26:09 | N | 132 Ko] - E:\meuble 3.JPG
[27/11/2012 - 13:19:24 | N | 21 Ko] - E:\meuble tv 2.JPG
[27/11/2012 - 13:27:44 | N | 19 Ko] - E:\meuble tv 3.JPG
[27/11/2012 - 13:14:43 | N | 441 Ko] - E:\meuble tv.jpg
[18/09/2013 - 12:12:47 | N | 11 Ko] - E:\Monsieur.docx
[15/03/2013 - 13:23:23 | D] - E:\msdownld.tmp
[25/12/2012 - 21:51:49 | D] - E:\Music
[24/11/2012 - 22:45:06 | D] - E:\music et video
[17/08/2013 - 01:25:27 | D] - E:\photo
[27/11/2012 - 14:49:13 | SHD] - E:\RECYCLER
[13/03/2013 - 18:03:51 | D] - E:\Sample Pictures
[23/11/2012 - 11:15:55 | D] - E:\schemas electrique
[18/01/2014 - 15:07:29 | SHD] - E:\System Volume Information
[11/12/2012 - 22:28:36 | N | 68 Ko] - E:\tapiserie21.pdf
[13/03/2013 - 18:03:51 | ASH | 17 Ko] - E:\Thumbs.db
[23/09/2013 - 00:19:01 | D] - E:\USER-PC
[19/04/2012 - 01:14:57 | D] - E:\UserGuides
[18/06/2013 - 15:36:21 | D] - E:\VIDEO_TS
[06/12/2012 - 21:59:59 | D] - E:\WindowsImageBackup
[10/04/2014 - 10:03:58 | N | 131 Ko] - G:\facture entracom nouv avril.pdf
[10/04/2014 - 11:23:30 | N | 24 Ko] - G:\mode echec.docx
################## | Vaccin |
E:\Autorun.inf - Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf - Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |
aider moi a suprimer se virus
mon pc viens d etre infecter par un virus du nom TROJAN.LNK.GEN .je vous envois un rapport fait par usbfix
############################## | UsbFix V 7.169 | [Suppression]
Utilisateur: user (Administrateur) # USER-PC
Mis à jour le 31/03/2014 par El Desaparecido - Team SosVirus
Lancé à 12:24:59 | 10/04/2014
Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/forum-virus-securite.html
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/
PC: TOSHIBA (Portable PC)
CPU: Intel(R) Celeron(R) CPU 900 @ 2.20GHz
RAM - [Total : 2940 Mo| Free : 809 Mo]
Bios: INSYDE
Boot: Normal boot
OS: Microsoft Windows 7 Édition Intégrale (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.16521
WB: Google Chrome : 34.0.1847.116
WB: Mozilla Firefox : 27.0.1
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Microsoft Security Essentials [Enabled | Updated]
AV: F-Secure Client Security 9.11 [Enabled | Updated]
AS: F-Secure Client Security 9.11 [Enabled | Updated]
AS: Windows Defender [(!) Disabled | (!) Outdated]
AS: Microsoft Security Essentials [Enabled | Updated]
FW: F-Secure Client Security 9.11 [Enabled]
FW: Windows FireWall [Enabled]
C:\ (%systemdrive%) - Disque fixe # 298 Go (183 Go libre(s) - 61%) [] # NTFS
D:\ - CD-ROM
E:\ - Disque fixe # 466 Go (39 Go libre(s) - 8%) [Moussa Ndoye ] # NTFS
G:\ - Disque amovible # 15 Go (15 Go libre(s) - 100%) [] # FAT32
################## | Processus Actif |
C:\Windows\system32\csrss.exe (ID: 360 |ParentID: 344)
C:\Windows\system32\wininit.exe (ID: 412 |ParentID: 344)
C:\Windows\system32\csrss.exe (ID: 420 |ParentID: 404)
C:\Windows\system32\winlogon.exe (ID: 476 |ParentID: 404)
C:\Windows\system32\services.exe (ID: 496 |ParentID: 412)
C:\Windows\system32\lsass.exe (ID: 520 |ParentID: 412)
C:\Windows\system32\lsm.exe (ID: 528 |ParentID: 412)
C:\Windows\system32\svchost.exe (ID: 656 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 724 |ParentID: 496)
c:\Program Files\Microsoft Security Client\MsMpEng.exe (ID: 860 |ParentID: 496)
C:\Windows\System32\svchost.exe (ID: 908 |ParentID: 496)
C:\Windows\System32\svchost.exe (ID: 944 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 988 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 1024 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 1280 |ParentID: 496)
C:\Windows\System32\spoolsv.exe (ID: 1408 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 1444 |ParentID: 496)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1516 |ParentID: 496)
C:\Program Files\Bonjour\mDNSResponder.exe (ID: 1552 |ParentID: 496)
C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (ID: 1576 |ParentID: 496)
C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ID: 1600 |ParentID: 496)
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe (ID: 1684 |ParentID: 496)
C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe (ID: 1728 |ParentID: 496)
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE (ID: 1752 |ParentID: 1684)
C:\Program Files\F-Secure\Common\FSMA32.EXE (ID: 1768 |ParentID: 496)
C:\Program Files\InternetEverywhere\InternetEverywhere_Service.exe (ID: 1804 |ParentID: 496)
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (ID: 1916 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 1988 |ParentID: 496)
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe (ID: 2100 |ParentID: 1752)
C:\Windows\System32\WUDFHost.exe (ID: 2228 |ParentID: 944)
c:\Program Files\Microsoft Security Client\NisSrv.exe (ID: 2644 |ParentID: 496)
C:\Windows\system32\svchost.exe (ID: 2836 |ParentID: 496)
C:\Windows\system32\taskhost.exe (ID: 2040 |ParentID: 496)
C:\Windows\system32\Dwm.exe (ID: 3820 |ParentID: 944)
C:\Windows\Explorer.EXE (ID: 3996 |ParentID: 1948)
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (ID: 2020 |ParentID: 3996)
C:\Program Files\Microsoft Security Client\msseces.exe (ID: 3788 |ParentID: 3996)
C:\Program Files\Real\RealPlayer\Update\realsched.exe (ID: 2288 |ParentID: 3996)
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (ID: 2220 |ParentID: 3996)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 3468 |ParentID: 3996)
C:\Program Files\SuperCopier2\SuperCopier2.exe (ID: 3580 |ParentID: 3996)
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (ID: 3608 |ParentID: 3996)
C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe (ID: 3984 |ParentID: 3996)
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (ID: 1256 |ParentID: 496)
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (ID: 3320 |ParentID: 3996)
C:\Program Files\Samsung\Kies\Kies.exe (ID: 2200 |ParentID: 3996)
C:\Program Files\Skype\Phone\Skype.exe (ID: 1200 |ParentID: 3996)
C:\Windows\System32\wscript.exe (ID: 3716 |ParentID: 3996)
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (ID: 2420 |ParentID: 656)
C:\Program Files\InternetEverywhere\InternetEverywhere_Launcher.exe (ID: 1912 |ParentID: 3996)
C:\Program Files\OpenOffice.org 3\program\soffice.exe (ID: 2724 |ParentID: 2472)
C:\Program Files\OpenOffice.org 3\program\soffice.bin (ID: 2968 |ParentID: 2724)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4268 |ParentID: 656)
C:\Windows\system32\svchost.exe (ID: 6072 |ParentID: 496)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3028 |ParentID: 496)
C:\Program Files\Mozilla Firefox\firefox.exe (ID: 5440 |ParentID: 3996)
C:\Program Files\Mozilla Firefox\plugin-container.exe (ID: 5588 |ParentID: 5440)
C:\Windows\system32\wuauclt.exe (ID: 4880 |ParentID: 1024)
C:\Windows\system32\UI0Detect.exe (ID: 4080 |ParentID: 496)
C:\Program Files\F-Secure\common\FSM32.EXE (ID: 3252 |ParentID: 2856)
C:\Program Files\F-Secure\Common\FSHDLL32.EXE (ID: 5836 |ParentID: 1768)
C:\Program Files\F-Secure\Common\FNRB32.EXE (ID: 2444 |ParentID: 496)
C:\Program Files\F-Secure\ORSP Client\fsorsp.exe (ID: 5060 |ParentID: 496)
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe (ID: 4472 |ParentID: 496)
C:\Program Files\F-Secure\Common\FIH32.EXE (ID: 4984 |ParentID: 1768)
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe (ID: 4100 |ParentID: 1752)
C:\Windows\servicing\TrustedInstaller.exe (ID: 2224 |ParentID: 496)
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (ID: 5436 |ParentID: 496)
C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe (ID: 5168 |ParentID: 3440)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 1616 |ParentID: 1540)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5748 |ParentID: 1616)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 4940 |ParentID: 1616)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 4916 |ParentID: 1616)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5884 |ParentID: 1616)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 504 |ParentID: 1616)
C:\Windows\system32\SearchIndexer.exe (ID: 2864 |ParentID: 496)
C:\Program Files\Google\Chrome\Application\chrome.exe (ID: 5616 |ParentID: 1616)
C:\Windows\system32\SearchProtocolHost.exe (ID: 596 |ParentID: 2864)
C:\Windows\system32\SearchFilterHost.exe (ID: 2340 |ParentID: 2864)
################## | Recherche générique |
Supprimé! C:\Users\user\AppData\Roaming\168816984_MicrosoftUpdate.vbe
Supprimé! C:\Users\user\AppData\Local\Temp\ADMIN.vbe
Supprimé! G:\168816984_MicrosoftUpdate.vbe
Supprimé! C:\Users\user\AppData\Local\Temp\BTLive.exe
Supprimé! C:\Users\user\AppData\Local\Temp\CPBA.bat
(!) Fichiers temporaires supprimés.
################## | Registre |
Supprimé! HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\Software\Microsoft\Windows\CurrentVersion\Run|168816984_MicrosoftUpdate
Supprimé! HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\Software\Microsoft\Windows\CurrentVersion\Run|BTLive
Supprimé! HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\Software\.\.\.\.\Mountpoints2\{60c0d3e2-3fc1-11e2-90d5-b7caff1d2ea4}
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
04 - HKCU\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
04 - HKCU\..\Run : [uTorrent] "C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKCU\..\Run : [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
04 - HKCU\..\Run : [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
04 - HKCU\..\Run : [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
04 - HKCU\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
04 - HKLM\..\Run : [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
04 - HKLM\..\Run : [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
04 - HKLM\..\Run : [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
04 - HKLM\..\Run : [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot
04 - HKLM\..\Run : [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\RunOnce : []
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [uTorrent] "C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
04 - HKU\S-1-5-21-3821414966-3041221367-2492712872-1000\..\Run : [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
################## | Listing |
[07/03/2013 - 16:13:40 | SHD] - C:\$Recycle.Bin
[15/12/2012 - 13:06:45 | N | 10 Ko | 376FAE31C41FB32A364B0CDF62D2F4BA] - C:\AdwCleaner[S2].txt
[10/06/2009 - 21:42:20 | A | 0 Ko] - C:\autoexec.bat
[10/04/2014 - 12:03:52 | D] - C:\Config.Msi
[10/06/2009 - 21:42:20 | N | 0 Ko] - C:\config.sys
[27/01/2014 - 19:08:38 | D] - C:\Daum
[06/12/2012 - 22:33:35 | D] - C:\DEMFITEC
[14/07/2009 - 04:53:55 | SHD] - C:\Documents and Settings
[06/02/2014 - 11:23:45 | N | 0 Ko] - C:\END
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10 Ko | 99C22D4A31F4EAD4351B71D6F4E5F6A1] - C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 0 Ko | 9B15A3A055CC6E67EA191A1B7885649A] - C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] - C:\eula.3082.txt
[28/01/2014 - 12:22:31 | D] - C:\FFOutput
[07/11/2007 - 08:00:40 | N | 1 Ko] - C:\globdata.ini
[09/04/2014 - 21:39:48 | ASH | 2257900 Ko] - C:\hiberfil.sys
[07/11/2007 - 08:03:18 | N | 550 Ko | 520A6D1CBCC9CF642C625FE814C93C58] - C:\install.exe
[07/11/2007 - 08:00:40 | N | 1 Ko] - C:\install.ini
[07/11/2007 - 08:03:18 | N | 75 Ko | 4151A4D07640863783F837E588235837] - C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 94 Ko | 3B8A82E04238655EAEF97E074FB29911] - C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 89 Ko | 9EDEB8B1C5C0A4CD3A3016B85108127D] - C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 95 Ko | 5B6FF470CFA7087690E61F87E81EF78A] - C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 93 Ko | 6310AB8FC9E3DBEE80592FC453A34FEE] - C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 80 Ko | 13ED4517152203DE4BC52ACC0255D952] - C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 78 Ko | 0D4FB4095EA49C1EC89B9E8DB0B936A3] - C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 74 Ko | D7366B34E8AFB605C39EF56E2201FE85] - C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 94 Ko | 41BB37A347121F3E5E88D85100638B79] - C:\install.res.3082.dll
[06/12/2012 - 22:18:40 | RASH | 0 Ko] - C:\IO.SYS
[08/06/2013 - 12:52:35 | D] - C:\leg
[06/12/2012 - 22:18:40 | RASH | 0 Ko] - C:\MSDOS.SYS
[29/11/2012 - 20:52:49 | RHD] - C:\MSOCache
[09/04/2014 - 21:39:50 | ASH | 3010536 Ko] - C:\pagefile.sys
[14/07/2009 - 02:37:05 | D] - C:\PerfLogs
[10/04/2014 - 11:55:05 | D] - C:\Program Files
[01/03/2014 - 17:24:18 | HD] - C:\ProgramData
[29/11/2012 - 13:43:22 | SHD] - C:\Recovery
[10/04/2014 - 11:35:48 | SHD] - C:\System Volume Information
[10/04/2014 - 11:55:09 | D] - C:\UsbFix
[10/04/2014 - 12:29:52 | A | 14 Ko | 20CD6A197E5039F4D400851607050AB5] - C:\UsbFix [Clean 2] USER-PC.txt
[10/04/2014 - 12:18:54 | N | 12 Ko | 0D53A795463B4BA13F7FED542C49B945] - C:\UsbFix [Scan 1] USER-PC.txt
[07/03/2013 - 16:13:27 | D] - C:\Users
[07/11/2007 - 08:00:40 | N | 6 Ko] - C:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1409 Ko] - C:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 228 Ko] - C:\VC_RED.MSI
[09/04/2014 - 21:37:47 | D] - C:\Windows
[17/01/2014 - 15:20:53 | SHD] - E:\$RECYCLE.BIN
[18/06/2013 - 15:19:10 | D] - E:\AUDIO_TS
[28/06/2013 - 11:41:00 | N | 677 Ko] - E:\bon de livraison.pdf
[14/05/2013 - 11:07:54 | N | 35 Ko] - E:\COMMANDE BAIE.pdf
[13/05/2013 - 00:01:52 | N | 549 Ko] - E:\COMMANDE BOUTIQUE.pdf
[17/06/2013 - 10:39:40 | N | 29 Ko] - E:\Commande coffret PISTE PETROSEN.pdf
[13/05/2013 - 13:49:15 | N | 553 Ko] - E:\commande inverseur.pdf
[12/05/2013 - 13:01:51 | N | 567 Ko] - E:\commande piste petrosen.pdf
[05/03/2013 - 12:24:04 | D] - E:\cour electrique
[04/12/2012 - 01:11:01 | D] - E:\DEMFITEC
[28/05/2013 - 13:40:13 | N | 599 Ko] - E:\devis coffret bel aire.pdf
[17/07/2013 - 02:37:05 | N | 162 Ko] - E:\Document2.pdf
[06/11/2013 - 13:53:45 | D] - E:\dossier confidenciel
[25/02/2014 - 11:04:09 | D] - E:\dossier de travail
[29/11/2012 - 16:16:23 | D] - E:\eMule
[08/01/2014 - 15:09:27 | N | 131 Ko] - E:\facture entracom 2014.pdf
[10/06/2013 - 13:19:36 | N | 131 Ko] - E:\facture entracom nouv.pdf
[13/05/2013 - 13:40:21 | N | 71 Ko] - E:\facture H et D.pdf
[30/10/2013 - 23:55:01 | N | 104 Ko] - E:\facture materiel entracom.docx
[30/10/2013 - 23:55:29 | N | 136 Ko] - E:\facture materiel entracom.pdf
[03/02/2014 - 18:23:23 | D] - E:\FILM
[25/02/2013 - 15:50:04 | D] - E:\flash huawai
[13/03/2013 - 18:28:10 | D] - E:\Gran Theft Auto San Andreas
[16/03/2014 - 18:27:56 | D] - E:\image ndoye
[26/09/2013 - 01:09:01 | D] - E:\IMAGE PETROSEN
[06/09/2013 - 14:07:01 | D] - E:\le 28 mai
[10/01/2014 - 10:01:16 | D] - E:\le 28 mai doc music
[28/05/2013 - 20:06:38 | D] - E:\le 28 mai video
[31/01/2013 - 15:13:55 | D] - E:\logiciel
[27/01/2014 - 14:17:24 | N | 1 Ko] - E:\MediaID.bin
[27/11/2012 - 13:26:09 | N | 132 Ko] - E:\meuble 3.JPG
[27/11/2012 - 13:19:24 | N | 21 Ko] - E:\meuble tv 2.JPG
[27/11/2012 - 13:27:44 | N | 19 Ko] - E:\meuble tv 3.JPG
[27/11/2012 - 13:14:43 | N | 441 Ko] - E:\meuble tv.jpg
[18/09/2013 - 12:12:47 | N | 11 Ko] - E:\Monsieur.docx
[15/03/2013 - 13:23:23 | D] - E:\msdownld.tmp
[25/12/2012 - 21:51:49 | D] - E:\Music
[24/11/2012 - 22:45:06 | D] - E:\music et video
[17/08/2013 - 01:25:27 | D] - E:\photo
[27/11/2012 - 14:49:13 | SHD] - E:\RECYCLER
[13/03/2013 - 18:03:51 | D] - E:\Sample Pictures
[23/11/2012 - 11:15:55 | D] - E:\schemas electrique
[18/01/2014 - 15:07:29 | SHD] - E:\System Volume Information
[11/12/2012 - 22:28:36 | N | 68 Ko] - E:\tapiserie21.pdf
[13/03/2013 - 18:03:51 | ASH | 17 Ko] - E:\Thumbs.db
[23/09/2013 - 00:19:01 | D] - E:\USER-PC
[19/04/2012 - 01:14:57 | D] - E:\UserGuides
[18/06/2013 - 15:36:21 | D] - E:\VIDEO_TS
[06/12/2012 - 21:59:59 | D] - E:\WindowsImageBackup
[10/04/2014 - 10:03:58 | N | 131 Ko] - G:\facture entracom nouv avril.pdf
[10/04/2014 - 11:23:30 | N | 24 Ko] - G:\mode echec.docx
################## | Vaccin |
E:\Autorun.inf - Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf - Vaccin créé par UsbFix (El Desaparecido)
################## | E.O.F | http://www.usbfix.net/ - http://www.sosvirus.net |
aider moi a suprimer se virus
Bonjour,