############################## | UsbFix V 7.108 | [Suppression]

Utilisateur: Ak-Style (Administrateur) # AK-NETBOOK
Mis à jour le 20/02/2013 par El Desaparecido
Lancé à 20:48:31 | 20/02/2013

Site Web: http://sosvirus.org/index.php
Contact: contact@sosvirus.org

PC: Hewlett-Packard (HP Pavilion dm1 Notebook PC) (x64-based PC)
CPU: AMD E-450 APU with Radeon(tm) HD Graphics (1650)
RAM -> [Total : 3689 | Free : 2219]
BIOS: InsydeH2O Version CCB.03.61.30F.13
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium  (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [(!) Disabled]
AV: Avira Desktop [Enabled | Updated]
FW: Windows FireWall Service [(!) Disabled]

C:\ (%systemdrive%) -> Disque fixe # 438 Go (233 Go libre(s) - 53%) [] # NTFS
D:\ -> Disque fixe # 23 Go (2 Go libre(s) - 10%) [Recovery] # NTFS
E:\ -> Disque fixe # 4 Go (1 Go libre(s) - 29%) [HP_TOOLS] # FAT32
F:\ -> CD-ROM
G:\ -> Disque fixe # 298 Go (37 Go libre(s) - 12%) [Iomega HDD] # NTFS
H:\ -> Disque amovible # 4 Go (3 Go libre(s) - 67%) [EMTEC] # FAT32

################## | Processus Stoppés |

Stoppé! C:\Windows\system32\atiesrxx.exe (836)
Stoppé! C:\Program Files\IDT\WDM\STacSV64.exe (276)
Stoppé! C:\Windows\system32\Hpservice.exe (1220)
Stoppé! C:\Windows\system32\atieclxx.exe (1340)
Stoppé! C:\Windows\system32\WLANExt.exe (1368)
Stoppé! C:\Windows\System32\spoolsv.exe (1508)
Stoppé! C:\Windows\system32\taskeng.exe (1552)
Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1568)
Stoppé! C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1800)
Stoppé! C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1824)
Stoppé! C:\Program Files\IDT\WDM\AESTSr64.exe (1844)
Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1864)
Stoppé! C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (1896)
Stoppé! C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (2028)
Stoppé! C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (1068)
Stoppé! C:\Windows\SysWOW64\ezSharedSvcHost.exe (1380)
Stoppé! C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (1136)
Stoppé! C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (2052)
Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (2136)
Stoppé! C:\Windows\system32\taskhost.exe (2144)
Stoppé! C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (2268)
Stoppé! C:\Windows\system32\taskeng.exe (2300)
Stoppé! C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (2564)
Stoppé! C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2812)
Stoppé! C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (2256)
Stoppé! C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3024)
Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (2996)
Stoppé! C:\Windows\system32\conhost.exe (2992)
Stoppé! C:\Windows\System32\WUDFHost.exe (4064)
Stoppé! C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (1996)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (3508)
Stoppé! C:\Program Files\IDT\WDM\sttray64.exe (3596)
Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (3144)
Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (3548)
Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (2496)
Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (3864)
Stoppé! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3752)
Stoppé! C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (3820)
Stoppé! C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (3848)
Stoppé! C:\Windows\system32\SearchIndexer.exe (2216)
Stoppé! C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (4028)
Stoppé! C:\Program Files (x86)\Internet Explorer\iexplore.exe (1812)
Stoppé! C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (3200)
Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (3988)
Stoppé! C:\Program Files (x86)\Internet Explorer\iexplore.exe (2500)
Stoppé! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (4952)
Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (4388)
Stoppé! C:\Program Files (x86)\Internet Explorer\iexplore.exe (4556)
Stoppé! C:\Program Files (x86)\Internet Explorer\iexplore.exe (4664)
Stoppé! C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe (4288)
Stoppé! C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (4576)
Stoppé! C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_149_ActiveX.exe (4596)
Stoppé! C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (5044)
Stoppé! C:\Users\Ak-Style\AppData\Roaming\Kouk\usve.exe (1604)
Stoppé! C:\Windows\system32\taskeng.exe (5476)
Stoppé! C:\Windows\system32\SearchProtocolHost.exe (5160)
Stoppé! C:\Windows\system32\SearchFilterHost.exe (5024)
Stoppé! \\?\C:\Windows\system32\wbem\WMIADAP.EXE (2840)

################## | Éléments infectieux |

Supprimé! C:\Users\Ak-Style\AppData\Roaming\kb3.exe
Supprimé! C:\Users\Ak-Style\AppData\Roaming\Kouk\usve.exe
Supprimé! C:\Users\Ak-Style\AppData\Local\Temp\54205.exe
Supprimé! C:\Users\Ak-Style\AppData\Local\Temp\81988.exe
Supprimé! C:\Users\Ak-Style\AppData\Local\Temp\99664.exe
Supprimé! C:\install.exe
Non supprimé ! F:\LaunchU3.exe
Non supprimé ! F:\autorun.inf
Supprimé! H:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Maxyfa

################## | Mountpoints2 |

Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\F
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{c5741c35-3097-11e2-a1fd-7ce9d3d188d8}

################## | Listing |

[18/02/2013 - 23:47:46 | SHD ] 	C:\$Recycle.Bin
[20/02/2013 - 19:47:26 | N | 26560] 	C:\AdwCleaner[R1].txt
[20/02/2013 - 20:26:15 | N | 26731] 	C:\AdwCleaner[S1].txt
[22/11/2012 - 13:56:24 | N | 44701] 	C:\bdlog.txt
[23/10/2011 - 21:22:23 | SHD ] 	C:\boot
[21/11/2010 - 04:23:51 | RASH | 383786] 	C:\bootmgr
[14/07/2009 - 06:08:56 | SHD ] 	C:\Documents and Settings
[20/11/2012 - 00:19:52 | D ] 	C:\Down
[26/12/2012 - 12:26:39 | D ] 	C:\Downloads
[11/04/2008 - 09:07:18 | N | 3820] 	C:\eula.1028.txt
[11/04/2008 - 09:07:18 | N | 15428] 	C:\eula.1031.txt
[11/04/2008 - 09:07:18 | N | 10058] 	C:\eula.1033.txt
[11/04/2008 - 09:07:18 | N | 12246] 	C:\eula.1036.txt
[11/04/2008 - 09:07:18 | N | 13912] 	C:\eula.1040.txt
[11/04/2008 - 09:07:18 | N | 5868] 	C:\eula.1041.txt
[11/04/2008 - 09:07:18 | N | 5970] 	C:\eula.1042.txt
[11/04/2008 - 09:07:18 | N | 10134] 	C:\eula.1049.txt
[11/04/2008 - 09:07:18 | N | 3814] 	C:\eula.2052.txt
[11/04/2008 - 09:07:18 | N | 12936] 	C:\eula.3082.txt
[11/12/2012 - 18:27:40 | D ] 	C:\Games
[11/04/2008 - 09:07:18 | N | 1110] 	C:\globdata.ini
[14/08/2012 - 07:07:12 | D ] 	C:\gPotato.eu
[20/02/2013 - 20:27:32 | ASH | 2901467136] 	C:\hiberfil.sys
[20/03/2012 - 00:59:45 | D ] 	C:\HP
[11/04/2008 - 09:07:18 | N | 843] 	C:\install.ini
[11/04/2008 - 07:03:48 | N | 76304] 	C:\install.res.1028.dll
[11/04/2008 - 07:03:48 | N | 96272] 	C:\install.res.1031.dll
[11/04/2008 - 07:03:48 | N | 91152] 	C:\install.res.1033.dll
[11/04/2008 - 07:03:48 | N | 97296] 	C:\install.res.1036.dll
[11/04/2008 - 07:03:48 | N | 95248] 	C:\install.res.1040.dll
[11/04/2008 - 07:03:48 | N | 81424] 	C:\install.res.1041.dll
[11/04/2008 - 07:03:48 | N | 79888] 	C:\install.res.1042.dll
[11/04/2008 - 09:09:24 | N | 93200] 	C:\install.res.1049.dll
[11/04/2008 - 07:03:48 | N | 75792] 	C:\install.res.2052.dll
[11/04/2008 - 07:03:48 | N | 96272] 	C:\install.res.3082.dll
[24/07/2012 - 14:11:12 | RHD ] 	C:\MSOCache
[20/02/2013 - 20:27:32 | ASH | 3868622848] 	C:\pagefile.sys
[14/07/2009 - 04:20:08 | D ] 	C:\PerfLogs
[20/02/2013 - 13:41:28 | N | 512] 	C:\PhysicalDisk0_MBR.bin
[11/02/2013 - 15:40:52 | D ] 	C:\Program Files
[20/02/2013 - 20:25:15 | D ] 	C:\Program Files (x86)
[20/02/2013 - 20:25:14 | HD ] 	C:\ProgramData
[12/11/2012 - 01:17:07 | D ] 	C:\PWE
[16/07/2012 - 10:19:14 | SHD ] 	C:\Recovery
[15/10/2012 - 23:29:41 | D ] 	C:\Riot Games
[20/11/2012 - 18:24:29 | D ] 	C:\SWSetup
[20/02/2013 - 18:01:52 | SHD ] 	C:\System Volume Information
[16/07/2012 - 10:19:20 | D ] 	C:\SYSTEM.SAV
[20/02/2013 - 20:55:01 | D ] 	C:\UsbFix
[20/02/2013 - 20:55:27 | A | 8819] 	C:\UsbFix [Clean 1] AK-NETBOOK.txt
[19/02/2013 - 21:15:44 | N | 5251] 	C:\UsbFix [Clean 2] AK-NETBOOK.txt
[19/02/2013 - 20:54:40 | N | 7182] 	C:\UsbFix [Scan 1] AK-NETBOOK.txt
[19/02/2013 - 21:37:01 | N | 6946] 	C:\UsbFix [Scan 2] AK-NETBOOK.txt
[16/07/2012 - 10:17:33 | D ] 	C:\Users
[11/04/2008 - 09:07:18 | N | 5686] 	C:\vcredist.bmp
[11/04/2008 - 09:09:38 | N | 3797292] 	C:\VC_RED.cab
[11/04/2008 - 09:11:40 | N | 233472] 	C:\VC_RED.MSI
[03/04/2010 - 19:33:31 | N | 2088501] 	C:\VS_EXPBSLN_x64_fra.CAB
[03/04/2010 - 19:35:56 | N | 555008] 	C:\VS_EXPBSLN_x64_fra.MSI
[20/02/2013 - 20:25:13 | D ] 	C:\Windows
[20/02/2013 - 13:41:30 | D ] 	C:\ZHP
[16/07/2012 - 10:25:26 | SHD ] 	D:\$RECYCLE.BIN
[16/07/2012 - 10:25:18 | RASHD ] 	D:\boot
[14/07/2009 - 19:39:00 | RASH | 383562] 	D:\bootmgr
[23/05/2010 - 13:55:46 | RASH | 67] 	D:\Desktop.ini
[16/07/2012 - 10:25:18 | D ] 	D:\FactoryUpdate
[16/07/2012 - 10:25:18 | D ] 	D:\hp
[16/07/2012 - 10:26:30 | N | 21] 	D:\HPSF_Rep.txt
[16/07/2012 - 10:21:23 | N | 8] 	D:\HP_WSD.dat
[16/07/2012 - 10:25:18 | RSHD ] 	D:\preload
[16/07/2012 - 10:25:18 | RSD ] 	D:\recovery
[16/07/2012 - 10:25:18 | D ] 	D:\RM_Reserve
[19/09/2012 - 17:36:54 | SHD ] 	D:\System Volume Information
[20/03/2012 - 00:44:42 | D ] 	E:\Hewlett-Packard
[20/03/2012 - 01:07:22 | SHD ] 	E:\$RECYCLE.BIN
[15/10/2012 - 18:43:46 | N | 8] 	E:\HP_WSD.dat
[16/07/2012 - 11:26:32 | N | 21] 	E:\HPSF_Rep.txt
[16/11/2006 - 10:51:39 | R | 159] 	F:\autorun.inf
[16/11/2006 - 12:26:52 | R | 1095224] 	F:\LaunchU3.exe
[02/02/2007 - 12:06:33 | R | 3375339] 	F:\LaunchPad.zip
[16/07/2012 - 14:29:11 | SHD ] 	G:\$RECYCLE.BIN
[19/08/2012 - 13:53:35 | D ] 	G:\107MSDCF
[19/08/2012 - 13:48:50 | D ] 	G:\Alimentation
[19/06/2012 - 18:57:59 | D ] 	G:\COURCY 05 2012 vieux PC
[14/12/2009 - 17:12:45 | SH | 57] 	G:\desktop.ini
[20/07/2012 - 20:30:02 | D ] 	G:\EPSON (D)
[19/08/2012 - 13:48:50 | D ] 	G:\Fonts
[26/12/2012 - 14:27:26 | D ] 	G:\MON PETIT ANGE
[16/07/2012 - 23:50:49 | D ] 	G:\Movies
[16/07/2012 - 15:11:25 | D ] 	G:\Nouveau dossier
[18/07/2012 - 09:50:26 | D ] 	G:\OFFICE11 (D)
[28/07/2012 - 14:53:40 | D ] 	G:\Photoshop 7.0
[28/07/2012 - 14:12:29 | SHD ] 	G:\RECYCLER
[09/03/2012 - 16:00:38 | D ] 	G:\Sauvegarde 09 03 2012
[26/12/2012 - 14:28:13 | D ] 	G:\Sauvegarde 26¤12¤2012
[19/06/2012 - 18:47:07 | SHD ] 	G:\System Volume Information
[10/04/2012 - 23:39:40 | D ] 	H:\Cours EMA
[26/06/2012 - 22:32:20 | D ] 	H:\Équitation
[21/04/2012 - 23:09:38 | D ] 	H:\Dana
[07/06/2012 - 21:43:36 | D ] 	H:\Filou
[25/05/2012 - 17:29:54 | D ] 	H:\Dessin
[18/06/2009 - 10:49:58 | RSHD ] 	H:\RECYCLER
[09/02/2013 - 00:17:56 | N | 153406] 	H:\CV Vendeur H&M.pdf
[26/11/2007 - 00:28:08 | HD ] 	H:\System
[22/01/2012 - 13:36:24 | D ] 	H:\Twin
[22/01/2012 - 13:36:34 | D ] 	H:\Twinny

################## | Vaccin |

C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | http://sosvirus.org |