############################## | UsbFix V 7.107 | [Suppression] Utilisateur: Ak-Style (Administrateur) # AK-NETBOOK Mis à jour le 18/02/2013 par El Desaparecido Lancé à 21:15:35 | 19/02/2013 Site Web: http://sosvirus.org/index.php Contact: contact@sosvirus.org PC: Hewlett-Packard (HP Pavilion dm1 Notebook PC) (x64-based PC) CPU: AMD E-450 APU with Radeon(tm) HD Graphics (1650) RAM -> [Total : 3689 | Free : 2244] BIOS: InsydeH2O Version CCB.03.61.30F.13 BOOT: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [(!) Disabled] WU: Windows Update Service [(!) Disabled] AV: Avira Desktop [Enabled | Updated] FW: Windows FireWall Service [(!) Disabled] C:\ (%systemdrive%) -> Disque fixe # 438 Go (218 Go libre(s) - 50%) [] # NTFS D:\ -> Disque fixe # 23 Go (2 Go libre(s) - 10%) [Recovery] # NTFS E:\ -> Disque fixe # 4 Go (1 Go libre(s) - 29%) [HP_TOOLS] # FAT32 F:\ -> CD-ROM H:\ -> Disque amovible # 4 Go (3 Go libre(s) - 67%) [EMTEC] # FAT32 ################## | Processus Stoppés | Stoppé! C:\Windows\system32\atiesrxx.exe (824) Stoppé! C:\Program Files\IDT\WDM\STacSV64.exe (240) Stoppé! C:\Windows\system32\Hpservice.exe (1232) Stoppé! C:\Windows\system32\atieclxx.exe (1288) Stoppé! C:\Windows\system32\WLANExt.exe (1436) Stoppé! C:\Windows\System32\spoolsv.exe (1528) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1560) Stoppé! C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1808) Stoppé! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1836) Stoppé! C:\Program Files\IDT\WDM\AESTSr64.exe (1856) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1880) Stoppé! C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (1908) Stoppé! C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (1976) Stoppé! C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (1284) Stoppé! C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (1088) Stoppé! C:\Windows\SysWOW64\ezSharedSvcHost.exe (1684) Stoppé! C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (1696) Stoppé! C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (1160) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (2052) Stoppé! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (2104) Stoppé! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (2132) Stoppé! C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (2168) Stoppé! C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (2412) Stoppé! C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2512) Stoppé! C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (2556) Stoppé! C:\Windows\system32\taskeng.exe (2652) Stoppé! C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (2768) Stoppé! C:\Windows\system32\taskhost.exe (2860) Stoppé! C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (2488) Stoppé! C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (2900) Stoppé! C:\Windows\system32\taskeng.exe (2680) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (2160) Stoppé! C:\Windows\system32\conhost.exe (2296) Stoppé! C:\Windows\system32\taskeng.exe (3140) Stoppé! C:\Windows\System32\WUDFHost.exe (3188) Stoppé! C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (924) Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3228) Stoppé! C:\Program Files\IDT\WDM\sttray64.exe (3348) Stoppé! C:\Users\Ak-Style\AppData\Roaming\cacaoweb\cacaoweb.exe (1672) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (3100) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (1864) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (4032) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (2312) Stoppé! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3772) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (3504) Stoppé! C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (736) Stoppé! C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (3448) Stoppé! C:\Windows\system32\SearchIndexer.exe (3168) Stoppé! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3272) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (3136) Stoppé! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (4220) Stoppé! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (4464) Stoppé! C:\Program Files (x86)\Skype\Phone\skype.exe (4444) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (5104) Stoppé! C:\Users\Ak-Style\AppData\Roaming\Kouk\usve.exe (5096) Stoppé! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (4648) ################## | Éléments infectieux | ############################## | UsbFix V 7.107 | [Suppression] Utilisateur: Ak-Style (Administrateur) # AK-NETBOOK Mis à jour le 18/02/2013 par El Desaparecido Lancé à 21:15:27 | 20/02/2013 Site Web: http://sosvirus.org/index.php Contact: contact@sosvirus.org PC: Hewlett-Packard (HP Pavilion dm1 Notebook PC) (x64-based PC) CPU: AMD E-450 APU with Radeon(tm) HD Graphics (1650) RAM -> [Total : 3689 | Free : 2485] BIOS: InsydeH2O Version CCB.03.61.30F.13 BOOT: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [(!) Disabled] WU: Windows Update Service [(!) Disabled] AV: Avira Desktop [Enabled | Updated] FW: Windows FireWall Service [(!) Disabled] C:\ (%systemdrive%) -> Disque fixe # 438 Go (233 Go libre(s) - 53%) [] # NTFS D:\ -> Disque fixe # 23 Go (2 Go libre(s) - 10%) [Recovery] # NTFS E:\ -> Disque fixe # 4 Go (1 Go libre(s) - 29%) [HP_TOOLS] # FAT32 F:\ -> CD-ROM G:\ -> Disque fixe # 298 Go (38 Go libre(s) - 13%) [Iomega HDD] # NTFS H:\ -> Disque amovible # 4 Go (3 Go libre(s) - 67%) [EMTEC] # FAT32 ################## | Processus Stoppés | Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1568) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1864) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (2996) Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (3820) Stoppé! C:\Windows\System32\rundll32.exe (5736) Stoppé! C:\Windows\System32\WUDFHost.exe (2460) Stoppé! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (4272) Stoppé! C:\Windows\system32\taskeng.exe (3932) Stoppé! C:\Windows\system32\SearchIndexer.exe (4024) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (4032) Stoppé! C:\Windows\System32\spoolsv.exe (4836) Stoppé! C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (3352) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (4348) Stoppé! c:\users\ak-style\appdata\roaming\ihguo\kamyu.exe (4420) Stoppé! C:\Windows\System32\rundll32.exe (4644) Stoppé! C:\Windows\System32\WUDFHost.exe (5360) Stoppé! C:\Windows\system32\DeviceDisplayObjectProvider.exe (3260) Stoppé! C:\Windows\system32\DXPServer.exe (5616) ################## | Éléments infectieux | Non supprimé ! F:\autorun.inf (!) Fichiers temporaires supprimés. ################## | Registre | ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{e5d02247-d888-11e1-a68e-7ce9d3d188d8} ################## | Listing | [18/02/2013 - 23:47:46 | SHD ] C:\$Recycle.Bin [20/02/2013 - 19:47:26 | N | 26560] C:\AdwCleaner[R1].txt [20/02/2013 - 20:26:15 | N | 26731] C:\AdwCleaner[S1].txt [20/02/2013 - 20:55:27 | RASHD ] C:\Autorun.inf [22/11/2012 - 13:56:24 | N | 44701] C:\bdlog.txt [23/10/2011 - 21:22:23 | SHD ] C:\boot [21/11/2010 - 04:23:51 | RASH | 383786] C:\bootmgr [14/07/2009 - 06:08:56 | SHD ] C:\Documents and Settings [20/11/2012 - 00:19:52 | D ] C:\Down [26/12/2012 - 12:26:39 | D ] C:\Downloads [11/04/2008 - 09:07:18 | N | 3820] C:\eula.1028.txt [11/04/2008 - 09:07:18 | N | 15428] C:\eula.1031.txt [11/04/2008 - 09:07:18 | N | 10058] C:\eula.1033.txt [11/04/2008 - 09:07:18 | N | 12246] C:\eula.1036.txt [11/04/2008 - 09:07:18 | N | 13912] C:\eula.1040.txt [11/04/2008 - 09:07:18 | N | 5868] C:\eula.1041.txt [11/04/2008 - 09:07:18 | N | 5970] C:\eula.1042.txt [11/04/2008 - 09:07:18 | N | 10134] C:\eula.1049.txt [11/04/2008 - 09:07:18 | N | 3814] C:\eula.2052.txt [11/04/2008 - 09:07:18 | N | 12936] C:\eula.3082.txt [11/12/2012 - 18:27:40 | D ] C:\Games [11/04/2008 - 09:07:18 | N | 1110] C:\globdata.ini [14/08/2012 - 07:07:12 | D ] C:\gPotato.eu [20/02/2013 - 20:27:32 | ASH | 2901467136] C:\hiberfil.sys [20/03/2012 - 00:59:45 | D ] C:\HP [11/04/2008 - 09:07:18 | N | 843] C:\install.ini [11/04/2008 - 07:03:48 | N | 76304] C:\install.res.1028.dll [11/04/2008 - 07:03:48 | N | 96272] C:\install.res.1031.dll [11/04/2008 - 07:03:48 | N | 91152] C:\install.res.1033.dll [11/04/2008 - 07:03:48 | N | 97296] C:\install.res.1036.dll [11/04/2008 - 07:03:48 | N | 95248] C:\install.res.1040.dll [11/04/2008 - 07:03:48 | N | 81424] C:\install.res.1041.dll [11/04/2008 - 07:03:48 | N | 79888] C:\install.res.1042.dll [11/04/2008 - 09:09:24 | N | 93200] C:\install.res.1049.dll [11/04/2008 - 07:03:48 | N | 75792] C:\install.res.2052.dll [11/04/2008 - 07:03:48 | N | 96272] C:\install.res.3082.dll [24/07/2012 - 14:11:12 | RHD ] C:\MSOCache [20/02/2013 - 20:27:32 | ASH | 3868622848] C:\pagefile.sys [14/07/2009 - 04:20:08 | D ] C:\PerfLogs [20/02/2013 - 13:41:28 | N | 512] C:\PhysicalDisk0_MBR.bin [11/02/2013 - 15:40:52 | D ] C:\Program Files [20/02/2013 - 20:25:15 | D ] C:\Program Files (x86) [20/02/2013 - 20:25:14 | HD ] C:\ProgramData [12/11/2012 - 01:17:07 | D ] C:\PWE [16/07/2012 - 10:19:14 | SHD ] C:\Recovery [15/10/2012 - 23:29:41 | D ] C:\Riot Games [20/11/2012 - 18:24:29 | D ] C:\SWSetup [20/02/2013 - 18:01:52 | SHD ] C:\System Volume Information [16/07/2012 - 10:19:20 | D ] C:\SYSTEM.SAV [20/02/2013 - 21:16:41 | D ] C:\UsbFix [20/02/2013 - 20:55:31 | N | 12070] C:\UsbFix [Clean 1] AK-NETBOOK.txt [20/02/2013 - 21:17:01 | A | 10635] C:\UsbFix [Clean 2] AK-NETBOOK.txt [19/02/2013 - 20:54:40 | N | 7182] C:\UsbFix [Scan 1] AK-NETBOOK.txt [19/02/2013 - 21:37:01 | N | 6946] C:\UsbFix [Scan 2] AK-NETBOOK.txt [16/07/2012 - 10:17:33 | D ] C:\Users [11/04/2008 - 09:07:18 | N | 5686] C:\vcredist.bmp [11/04/2008 - 09:09:38 | N | 3797292] C:\VC_RED.cab [11/04/2008 - 09:11:40 | N | 233472] C:\VC_RED.MSI [03/04/2010 - 19:33:31 | N | 2088501] C:\VS_EXPBSLN_x64_fra.CAB [03/04/2010 - 19:35:56 | N | 555008] C:\VS_EXPBSLN_x64_fra.MSI [20/02/2013 - 20:25:13 | D ] C:\Windows [20/02/2013 - 13:41:30 | D ] C:\ZHP [16/07/2012 - 10:25:26 | SHD ] D:\$RECYCLE.BIN [20/02/2013 - 20:55:27 | RASHD ] D:\Autorun.inf [16/07/2012 - 10:25:18 | RASHD ] D:\boot [14/07/2009 - 19:39:00 | RASH | 383562] D:\bootmgr [23/05/2010 - 13:55:46 | RASH | 67] D:\Desktop.ini [16/07/2012 - 10:25:18 | D ] D:\FactoryUpdate [16/07/2012 - 10:25:18 | D ] D:\hp [16/07/2012 - 10:26:30 | N | 21] D:\HPSF_Rep.txt [16/07/2012 - 10:21:23 | N | 8] D:\HP_WSD.dat [16/07/2012 - 10:25:18 | RSHD ] D:\preload [16/07/2012 - 10:25:18 | RSD ] D:\recovery [16/07/2012 - 10:25:18 | D ] D:\RM_Reserve [19/09/2012 - 17:36:54 | SHD ] D:\System Volume Information [20/02/2013 - 20:55:28 | RASHD ] E:\Autorun.inf [20/03/2012 - 00:44:42 | D ] E:\Hewlett-Packard [20/03/2012 - 01:07:22 | SHD ] E:\$RECYCLE.BIN [15/10/2012 - 18:43:46 | N | 8] E:\HP_WSD.dat [16/07/2012 - 11:26:32 | N | 21] E:\HPSF_Rep.txt [16/11/2006 - 10:51:39 | R | 159] F:\autorun.inf [16/11/2006 - 12:26:52 | R | 1095224] F:\LaunchU3.exe [02/02/2007 - 12:06:33 | R | 3375339] F:\LaunchPad.zip [16/07/2012 - 14:29:11 | SHD ] G:\$RECYCLE.BIN [19/08/2012 - 13:53:35 | D ] G:\107MSDCF [19/08/2012 - 13:48:50 | D ] G:\Alimentation [20/02/2013 - 20:55:27 | RASHD ] G:\Autorun.inf [19/06/2012 - 18:57:59 | D ] G:\COURCY 05 2012 vieux PC [14/12/2009 - 17:12:45 | SH | 57] G:\desktop.ini [20/07/2012 - 20:30:02 | D ] G:\EPSON (D) [19/08/2012 - 13:48:50 | D ] G:\Fonts [26/12/2012 - 14:27:26 | D ] G:\MON PETIT ANGE [16/07/2012 - 23:50:49 | D ] G:\Movies [16/07/2012 - 15:11:25 | D ] G:\Nouveau dossier [18/07/2012 - 09:50:26 | D ] G:\OFFICE11 (D) [28/07/2012 - 14:53:40 | D ] G:\Photoshop 7.0 [28/07/2012 - 14:12:29 | SHD ] G:\RECYCLER [09/03/2012 - 16:00:38 | D ] G:\Sauvegarde 09 03 2012 [26/12/2012 - 14:28:13 | D ] G:\Sauvegarde 26¤12¤2012 [19/06/2012 - 18:47:07 | SHD ] G:\System Volume Information [10/04/2012 - 23:39:40 | D ] H:\Cours EMA [26/06/2012 - 22:32:20 | D ] H:\Équitation [21/04/2012 - 23:09:38 | D ] H:\Dana [07/06/2012 - 21:43:36 | D ] H:\Filou [25/05/2012 - 17:29:54 | D ] H:\Dessin [18/06/2009 - 10:49:58 | RSHD ] H:\RECYCLER [09/02/2013 - 00:17:56 | N | 153406] H:\CV Vendeur H&M.pdf [20/02/2013 - 20:55:30 | RASHD ] H:\Autorun.inf [26/11/2007 - 00:28:08 | HD ] H:\System [22/01/2012 - 13:36:24 | D ] H:\Twin [22/01/2012 - 13:36:34 | D ] H:\Twinny ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) H:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | E.O.F | http://sosvirus.org |