############################## | UsbFix V 7.107 | [Recherche] Utilisateur: Ak-Style (Administrateur) # AK-NETBOOK Mis à jour le 18/02/2013 par El Desaparecido Lancé à 21:23:08 | 19/02/2013 Site Web: http://sosvirus.org/index.php Contact: contact@sosvirus.org PC: Hewlett-Packard (HP Pavilion dm1 Notebook PC) (x64-based PC) CPU: AMD E-450 APU with Radeon(tm) HD Graphics (1650) RAM -> [Total : 3689 | Free : 2289] BIOS: InsydeH2O Version CCB.03.61.30F.13 BOOT: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [(!) Disabled] WU: Windows Update Service [(!) Disabled] AV: Avira Desktop [Enabled | Updated] FW: Windows FireWall Service [(!) Disabled] C:\ (%systemdrive%) -> Disque fixe # 438 Go (218 Go libre(s) - 50%) [] # NTFS D:\ -> Disque fixe # 23 Go (2 Go libre(s) - 10%) [Recovery] # NTFS E:\ -> Disque fixe # 4 Go (1 Go libre(s) - 29%) [HP_TOOLS] # FAT32 F:\ -> CD-ROM H:\ -> Disque amovible # 4 Go (3 Go libre(s) - 67%) [EMTEC] # FAT32 ################## | Processus Actif | C:\Windows\system32\csrss.exe (388) C:\Windows\system32\wininit.exe (456) C:\Windows\system32\csrss.exe (468) C:\Windows\system32\services.exe (516) C:\Windows\system32\lsass.exe (532) C:\Windows\system32\lsm.exe (540) C:\Windows\system32\winlogon.exe (572) C:\Windows\system32\svchost.exe (692) C:\Windows\system32\svchost.exe (776) C:\Windows\system32\atiesrxx.exe (832) C:\Windows\System32\svchost.exe (892) C:\Windows\System32\svchost.exe (952) C:\Windows\system32\svchost.exe (980) C:\Program Files\IDT\WDM\STacSV64.exe (1012) C:\Windows\system32\svchost.exe (1060) C:\Windows\system32\Hpservice.exe (1124) C:\Windows\system32\atieclxx.exe (1140) C:\Windows\system32\svchost.exe (1200) C:\Windows\system32\WLANExt.exe (1376) C:\Windows\system32\conhost.exe (1388) C:\Windows\System32\spoolsv.exe (1468) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (1512) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (1704) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1736) C:\Program Files\IDT\WDM\AESTSr64.exe (1756) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (1780) C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (1812) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (1888) C:\Windows\System32\svchost.exe (1984) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (2028) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (1092) C:\Windows\SysWOW64\ezSharedSvcHost.exe (1220) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (1592) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (1584) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (1636) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (1968) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (1904) C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (2052) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (2328) C:\Windows\system32\svchost.exe (2380) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (2428) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe (2516) C:\Windows\system32\taskhost.exe (2592) C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (2684) C:\Windows\system32\Dwm.exe (2732) C:\Windows\Explorer.EXE (2740) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (2768) C:\Windows\system32\taskeng.exe (2808) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (3060) C:\Windows\system32\taskeng.exe (2944) C:\Windows\system32\taskeng.exe (2404) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (3584) C:\Windows\system32\conhost.exe (3600) C:\Windows\System32\WUDFHost.exe (3180) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (2896) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (2668) C:\Program Files\IDT\WDM\sttray64.exe (3604) C:\Users\Ak-Style\AppData\Roaming\cacaoweb\cacaoweb.exe (3896) C:\Users\Ak-Style\AppData\Roaming\Kouk\usve.exe (4024) C:\Windows\system32\SearchIndexer.exe (3360) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (3628) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (880) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (3092) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (2624) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (3704) C:\Windows\system32\svchost.exe (1724) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (1612) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (1156) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (3940) C:\Windows\system32\wbem\wmiprvse.exe (3104) C:\Windows\system32\SearchProtocolHost.exe (112) C:\Windows\system32\SearchFilterHost.exe (4236) C:\Windows\system32\svchost.exe (4940) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (5112) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (4632) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (3116) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (3128) C:\Windows\system32\sppsvc.exe (3320) C:\Program Files\Windows Media Player\wmpnetwk.exe (4912) C:\UsbFix\Go.exe (2508) C:\Windows\system32\wbem\wmiprvse.exe (4176) C:\Program Files (x86)\Internet Explorer\iexplore.exe (3108) C:\Program Files (x86)\Internet Explorer\iexplore.exe (4592) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe (1208) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (3340) ################## | Éléments infectieux | Présent! C:\Users\Ak-Style\AppData\Roaming\kb3.exe Présent! C:\Users\Ak-Style\AppData\Local\Temp\54205.exe Présent! C:\Users\Ak-Style\AppData\Local\Temp\81988.exe Présent! C:\Users\Ak-Style\AppData\Local\Temp\99664.exe Présent! F:\autorun.inf Présent! H:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665 ################## | Registre | Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\F Shell\AutoRun\Command = F:\LaunchU3.exe -a HKCU\.\.\.\.\Explorer\MountPoints2\{c5741c35-3097-11e2-a1fd-7ce9d3d188d8} Shell\AutoRun\Command = F:\Startme.exe HKCU\.\.\.\.\Explorer\MountPoints2\{e5d02247-d888-11e1-a68e-7ce9d3d188d8} Shell\AutoRun\Command = F:\LaunchU3.exe -a ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F | http://sosvirus.org |