Répondre à : Pour yoyo1962 2016-09-08T13:00:06+00:00
yoyo1962
Participant
Nombre d'articles : 10

Au demarrage wssetup.exe veux s’installer

UsbFix
[spoiler:uyzlkpcs]############################## | UsbFix V 7.127 | [Suppression]

Utilisateur: lionel (Administrateur) # LIONEL-PC
Mis à jour le 05/06/2013 par El Desaparecido
Lancé à 22:07:39 | 14/06/2013

Site Web: http://sosvirus.org/” onclick=”window.open(this.href);return false;
Upload Malware: http://upload.sosvirus.org/” onclick=”window.open(this.href);return false;
Contact: contact@sosvirus.org

PC: Packard Bell (imedia S2870) (x64-based PC)
CPU: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz (3300)
RAM -> [Total : 4022 | Free : 2131]
BIOS: BIOS Date: 05/18/12 18:05:13 Ver: 04.06.05
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
WB: Windows Internet Explorer 10.0.9200.16614

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C: (%systemdrive%) -> Disque fixe # 456 Go (397 Go libre(s) – 87%) [Packard Bell] # NTFS
D: -> Disque fixe # 457 Go (457 Go libre(s) – 100%) [DATA] # NTFS
E: -> CD-ROM
G: -> Disque amovible # 962 Mo (700 Mo libre(s) – 73%) [PKBACK# 001] # FAT

################## | El Desaparecido Section |

HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWARE | Run : [Hotkey Utility] – C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe
HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
HKLMSOFTWARE | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
HKLMSOFTWARE | Run : [] –
HKLMSOFTWARE | Run : [BCSSync] – “C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe” /DelayServices
HKLMSOFTWARE | Run : [Sweetpacks Communicator] – C:Program Files (x86)SweetIMCommunicatorSweetPacksUpdateManager.exe
HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWARE | Run : [Wondershare Helper Compact.exe] – C:Program Files (x86)Common FilesWondershareWondershare Helper CompactWSHelper.exe
HKLMSOFTWARE | Run : [BrowserPlugInHelper] – C:Program Files (x86)WondershareAllMyTubeBrowserPlugInHelper.exe
HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
HKLMSOFTWAREwow6432Node | Run : [Hotkey Utility] – C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe
HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
HKLMSOFTWAREwow6432Node | Run : [HP Software Update] – C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
HKLMSOFTWAREwow6432Node | Run : [] –
HKLMSOFTWAREwow6432Node | Run : [BCSSync] – “C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe” /DelayServices
HKLMSOFTWAREwow6432Node | Run : [Sweetpacks Communicator] – C:Program Files (x86)SweetIMCommunicatorSweetPacksUpdateManager.exe
HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
HKLMSOFTWAREwow6432Node | Run : [Wondershare Helper Compact.exe] – C:Program Files (x86)Common FilesWondershareWondershare Helper CompactWSHelper.exe
HKLMSOFTWAREwow6432Node | Run : [BrowserPlugInHelper] – C:Program Files (x86)WondershareAllMyTubeBrowserPlugInHelper.exe
HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
HKLMSOFTWARE | RunOnce : [] –
HKLMSOFTWAREwow6432Node | RunOnce : [] –
HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

################## | Processus Stoppés |

Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (1168)
Stoppé! C:WindowsSystem32spoolsv.exe (1404)
Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (1528)
Stoppé! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (1568)
Stoppé! C:Program FilesBonjourmDNSResponder.exe (1632)
Stoppé! C:Program Files (x86)Packard BellRegistrationGREGsvc.exe (1724)
Stoppé! C:Program FilesInteliCLS ClientHeciServer.exe (1764)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe (1816)
Stoppé! C:Program FilesPackard BellPackard Bell UpdaterUpdaterService.exe (1852)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (2284)
Stoppé! C:WindowsSystem32WUDFHost.exe (2588)
Stoppé! C:Windowssystem32taskhost.exe (1204)
Stoppé! C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe (3480)
Stoppé! C:WindowsSystem32igfxtray.exe (3600)
Stoppé! C:WindowsSystem32hkcmd.exe (3612)
Stoppé! C:WindowsSystem32igfxpers.exe (3620)
Stoppé! C:Program FilesRealtekAudioHDARAVCpl64.exe (3716)
Stoppé! C:Windowssystem32RunDll32.exe (3732)
Stoppé! C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe (3984)
Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (4000)
Stoppé! C:Program Files (x86)HPHP Software Updatehpwuschd2.exe (4016)
Stoppé! C:Program Files (x86)SweetIMCommunicatorSweetPacksUpdateManager.exe (4052)
Stoppé! C:Program Files (x86)iTunesiTunesHelper.exe (4068)
Stoppé! C:Vega5EpsiService.exe (4088)
Stoppé! C:Windowssystem32SearchIndexer.exe (3292)
Stoppé! C:Program FilesiPodbiniPodService.exe (3840)
Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (2836)
Stoppé! C:Windowssystem32DllHost.exe (4624)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (5012)
Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (4312)
Stoppé! C:Program Files (x86)IntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe (3684)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (2996)
Stoppé! C:Program Files (x86)NeroUpdateNASvc.exe (4736)
Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (2412)
Stoppé! C:Program FilesInternet Exploreriexplore.exe (2432)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (4640)
Stoppé! C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbarUser_32.exe (1872)
Stoppé! C:Windowssystem32MacromedFlashFlashUtil64_11_7_700_224_ActiveX.exe (3872)
Stoppé! C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (2368)
Stoppé! C:Windowssystem32SearchProtocolHost.exe (5292)
Stoppé! C:Windowssystem32taskhost.exe (5808)

################## | Éléments infectieux |

(!) Fichiers temporaires supprimés.

################## | Registre |

################## | Mountpoints2 |

################## | Listing |

[22/11/2012 – 15:18:21 | SHD ] C:$Recycle.Bin
[14/06/2013 – 20:40:29 | N | 0] C:autoexec.bat
[29/06/2012 – 11:38:00 | D ] C:book
[29/03/2012 – 13:46:52 | N | 8192] C:BOOTSECT.BAK
[14/06/2013 – 21:38:43 | D ] C:Config.Msi
[14/07/2009 – 07:08:56 | SHD ] C:Documents and Settings
[18/04/2013 – 16:24:12 | D ] C:Epsilog
[14/06/2013 – 21:38:43 | ASH | 3163365376] C:hiberfil.sys
[29/06/2012 – 11:33:07 | D ] C:Intel
[08/11/2012 – 10:38:26 | RHD ] C:MSOCache
[07/11/2012 – 18:25:55 | D ] C:OEM
[14/06/2013 – 21:38:46 | ASH | 4217823232] C:pagefile.sys
[14/07/2009 – 05:20:08 | D ] C:PerfLogs
[14/06/2013 – 21:45:15 | D ] C:Program Files
[14/06/2013 – 21:44:53 | D ] C:Program Files (x86)
[11/06/2013 – 14:40:15 | HD ] C:ProgramData
[07/11/2012 – 18:23:56 | SHD ] C:Recovery
[07/11/2012 – 19:10:08 | D ] C:sesam
[14/06/2013 – 21:24:41 | SHD ] C:System Volume Information
[14/06/2013 – 22:08:01 | D ] C:UsbFix
[14/06/2013 – 22:08:08 | A | 8083] C:UsbFix [Clean 1] LIONEL-PC.txt
[14/06/2013 – 21:52:45 | N | 7895] C:UsbFix [Scan 1] LIONEL-PC.txt
[07/11/2012 – 18:24:03 | D ] C:Users
[14/06/2013 – 21:39:21 | D ] C:Vega5
[14/06/2013 – 21:39:57 | D ] C:Vega5maj
[14/06/2013 – 21:39:25 | D ] C:Windows
[07/11/2012 – 18:25:59 | SHD ] D:$RECYCLE.BIN
[07/11/2012 – 19:51:25 | SHD ] D:System Volume Information
[06/09/2012 – 19:12:26 | D ] G:Vega5
[25/07/2011 – 19:13:58 | N | 4096] G:._P1060793.JPG
[25/07/2011 – 19:14:00 | N | 4096] G:._P1060796.JPG
[22/11/2009 – 14:51:14 | N | 4096] G:._.Trashes
[22/11/2009 – 14:51:14 | HD ] G:.Trashes
[22/11/2009 – 14:51:16 | D ] G:.Spotlight-V100
[25/07/2011 – 19:14:02 | N | 4096] G:._P1060798.JPG
[25/07/2011 – 19:14:04 | N | 4096] G:._P1060799.JPG
[25/07/2011 – 19:14:06 | N | 4096] G:._P1060801.JPG
[25/07/2011 – 19:14:08 | N | 4096] G:._P1060802.JPG
[25/07/2011 – 19:14:10 | N | 4096] G:._P1060803.JPG
[23/09/2010 – 20:14:58 | D ] G:.TemporaryItems
[23/09/2010 – 20:14:58 | N | 4096] G:._.TemporaryItems
[25/07/2011 – 19:14:12 | N | 4096] G:._P1060804.JPG
[25/07/2011 – 19:14:14 | N | 4096] G:._P1060805.JPG
[25/07/2011 – 19:14:16 | N | 4096] G:._P1060807.JPG
[25/07/2011 – 19:14:18 | N | 4096] G:._P1060810.JPG
[25/07/2011 – 19:14:18 | N | 4096] G:._P1060816.JPG
[25/07/2011 – 19:14:20 | N | 4096] G:._P1060818.JPG
[25/07/2011 – 19:14:22 | N | 4096] G:._P1060819.JPG
[25/07/2011 – 19:14:22 | N | 4096] G:._P1060822.JPG
[25/07/2011 – 19:14:24 | N | 4096] G:._P1060824.JPG
[25/07/2011 – 19:14:26 | N | 4096] G:._P1060826.JPG
[25/07/2011 – 19:14:26 | N | 4096] G:._P1060830.jpg
[25/07/2011 – 19:14:28 | N | 4096] G:._P1060834.jpg
[25/07/2011 – 19:14:30 | N | 4096] G:._P1060835.jpg
[25/07/2011 – 19:14:30 | N | 4096] G:._P1060836.JPG
[25/07/2011 – 19:14:32 | N | 4096] G:._P1060837.JPG
[25/07/2011 – 19:14:32 | N | 4096] G:._P1060841.JPG
[25/07/2011 – 19:14:34 | N | 4096] G:._P1060845.JPG
[25/07/2011 – 19:14:36 | N | 4096] G:._P1060850.JPG
[25/07/2011 – 19:14:36 | N | 4096] G:._P1060856.JPG
[25/07/2011 – 19:14:38 | N | 4096] G:._P1060862.JPG
[25/07/2011 – 19:14:40 | N | 4096] G:._P1060864.JPG
[25/07/2011 – 19:14:40 | N | 4096] G:._P1060866.jpg
[25/07/2011 – 19:14:42 | N | 4096] G:._P1060873.JPG
[25/07/2011 – 19:14:44 | N | 4096] G:._P1060876.JPG
[25/07/2011 – 19:14:44 | N | 4096] G:._P1060878.JPG
[25/07/2011 – 19:14:46 | N | 4096] G:._P1060880.JPG
[25/07/2011 – 19:14:46 | N | 4096] G:._P1060881.JPG
[25/07/2011 – 19:14:48 | N | 4096] G:._P1060884.jpg
[25/07/2011 – 19:14:48 | N | 4096] G:._P1060890.JPG
[25/07/2011 – 19:14:50 | N | 4096] G:._P1060895.jpg
[25/07/2011 – 19:14:50 | N | 4096] G:._P1060899.JPG
[25/07/2011 – 19:14:52 | N | 4096] G:._P1060902.jpg
[25/07/2011 – 19:14:54 | N | 4096] G:._P1060792.JPG

################## | Vaccin |

C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.usb-antivirus.com/fr/ |[/spoiler:uyzlkpcs]