Répondre à : Création de raccourcis involontaire 2016-09-08T13:40:40+00:00
Remi
Participant
Post count: 1

merci beaucoup voila le rapport:
Lancé à 13:21:18 | 14/05/2014

Site Web : http://www.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Assistance : https://www.sosvirus.net/aide-nettoyage-pc/
Upload Malware : https://www.sosvirus.net/upload_malware.php
Contact : http://www.usbfix.net/contact/

PC: Sony Corporation (VAIO)
CPU: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
RAM -> [Total : 3973 Mo| Free : 1773 Mo]
Bios: Insyde Corp.
Boot: Normal boot

OS: Microsoft Windows 8.1 (6.3.9600 64-Bit)
WB: Windows Internet Explorer : 11.0.9600.17105
WB: Google Chrome : 34.0.1847.131

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [(!) Disabled | Updated]
AV: avast! Antivirus [Enabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall [Enabled]

C: (%SystemDrive%) -> Disque fixe # 436 Go (97 Go libre(s) – 22%) [] # NTFS
D: -> CD-ROM
E: -> Disque amovible # 4 Go (3 Go libre(s) – 94%) [BUREAU IDF] # FAT32

################## | Processus Stoppés |

C:WindowsSystem32spoolsv.exe (ID: 1428|ParentID: 744|Système)
C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (ID: 1576|ParentID: 744|Système)
C:Program Files (x86)Bluetooth SuiteAdminService.exe (ID: 1664|ParentID: 744|Système)
C:Program FilesBonjourmDNSResponder.exe (ID: 1696|ParentID: 744|Système)
C:Program FilesInteliCLS ClientHeciServer.exe (ID: 1728|ParentID: 744|Système)
C:WindowsSystem32dasHost.exe (ID: 1740|ParentID: 1032|SERVICE LOCAL)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALJhi_service.exe (ID: 1768|ParentID: 744|Système)
C:Program Files (x86)SonyPlayMemories HomePMBDeviceInfoProvider.exe (ID: 1864|ParentID: 744|Système)
C:Program Files (x86)RealNetworksRealDownloaderrndlresolversvc.exe (ID: 2008|ParentID: 744|Système)
C:Program Files (x86)Common FilesResearch In MotionTunnel ManagermDNSResponder.exe (ID: 2040|ParentID: 744|Système)
C:Program Files (x86)SonyVAIO Control CenterVESMgr.exe (ID: 1584|ParentID: 744|Système)
C:Program Files (x86)WajamUpdaterWajamUpdater.exe (ID: 2116|ParentID: 744|Système)
C:Program Files (x86)Bluetooth SuiteAth_CoexAgent.exe (ID: 2160|ParentID: 744|Système)
C:Program Files (x86)SonyVAIO Control CenterVESMgrSub.exe (ID: 2168|ParentID: 1584|Système)
C:Program Files (x86)Common FilesResearch In MotionTunnel Managertunmgr.exe (ID: 2308|ParentID: 744|Système)
C:Program Files (x86)Common FilesResearch In MotionUSB DriversBbDevMgr.exe (ID: 3372|ParentID: 744|Système)
C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe (ID: 1832|ParentID: 744|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe (ID: 3196|ParentID: 744|Système)
C:WindowsSystem32SearchIndexer.exe (ID: 3136|ParentID: 744|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2992|ParentID: 744|Système)
C:WindowsSystem32taskhost.exe (ID: 4340|ParentID: 372|SERVICE LOCAL)
C:Program FilesSonyVAIO CareVCPerfService.exe (ID: 4572|ParentID: 744|Système)
C:Program FilesiPodbiniPodService.exe (ID: 4468|ParentID: 744|Système)
C:Program FilesSonyVAIO Improvementvim.exe (ID: 5816|ParentID: 372|Système)
C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 2284|ParentID: 744|Système)
C:Program FilesSonyVAIO UpdateVUAgent.exe (ID: 5928|ParentID: 744|Système)
C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 5924|ParentID: 744|SERVICE RÉSEAU)
C:Program FilesCommon Filesmicrosoft sharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (ID: 4976|ParentID: 744|SERVICE RÉSEAU)
C:Program FilesSonyVAIO CareVCService.exe (ID: 5280|ParentID: 744|Système)
C:Program FilesSonyVAIO CareVCAgent.exe (ID: 5552|ParentID: 5280|Système)
C:WindowsSystem32vds.exe (ID: 5512|ParentID: 744|Système)
C:WindowsSystem32taskhost.exe (ID: 180|ParentID: 372|Système)
C:Program Files (x86)SonyVAIO Control CenterVESMgrSub.exe (ID: 3220|ParentID: 1584|Système)
C:WindowsSystem32taskhostex.exe (ID: 6564|ParentID: 372|Lucie)
C:Windowsexplorer.exe (ID: 3548|ParentID: 4444|Lucie)
C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 1216|ParentID: 372|Lucie)
C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwelivecomm.exe (ID: 5248|ParentID: 812|Lucie)
C:WindowsSystem32SkyDrive.exe (ID: 3308|ParentID: 812|Lucie)
C:Program Files (x86)SonyVAIO Control CenterNetworkSettingNetworkClient.exe (ID: 5084|ParentID: 372|Lucie)
C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 7548|ParentID: 2768|Lucie)
C:Program FilesRealtekAudioHDARAVBg64.exe (ID: 7764|ParentID: 3548|Lucie)
C:Program Files (x86)Bluetooth SuiteBtTray.exe (ID: 6364|ParentID: 3548|Lucie)
C:Program Files (x86)Bluetooth SuiteBtvStack.exe (ID: 3744|ParentID: 3548|Lucie)
C:WindowsSystem32igfxtray.exe (ID: 5772|ParentID: 3548|Lucie)
C:WindowsSystem32hkcmd.exe (ID: 2820|ParentID: 3548|Lucie)
C:WindowsSystem32igfxpers.exe (ID: 6948|ParentID: 3548|Lucie)
C:Program FilesSonyVAIO Carelistener.exe (ID: 8040|ParentID: 4572|Lucie)
C:WindowsSystem32RuntimeBroker.exe (ID: 3904|ParentID: 812|Lucie)
C:UsersLucie.BAppDataRoamingcacaowebcacaoweb.exe (ID: 6800|ParentID: 3548|Lucie)
C:Program Files (x86)SkypePhoneSkype.exe (ID: 5452|ParentID: 3548|Lucie)
C:WindowsSystem32SettingSyncHost.exe (ID: 2924|ParentID: 812|Lucie)
C:Program Files (x86)SonyISB UtilityISBMgr.exe (ID: 5456|ParentID: 7448|Lucie)
C:Program Files (x86)SonyPlayMemories HomePMBVolumeWatcher.exe (ID: 6560|ParentID: 7448|Lucie)
C:Program Files (x86)iTunesiTunesHelper.exe (ID: 5908|ParentID: 7448|Lucie)
C:Program Files (x86)Common FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe (ID: 7552|ParentID: 7448|Lucie)
C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID: 7932|ParentID: 7448|Lucie)
C:Program Files (x86)Common FilesResearch In MotionTunnel ManagerPeerManager.exe (ID: 4956|ParentID: 7448|Lucie)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 5776|ParentID: 6884|Lucie)
C:Program Files (x86)CyberLinkPower2Go8CLMLSvc_P2G8.exe (ID: 5588|ParentID: 372|Lucie)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3600|ParentID: 5776|Lucie)
C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3472|ParentID: 5776|Lucie)
C:Program Files (x86)Common FilesResearch In Motionnginxnginx.exe (ID: 7800|ParentID: 4956|Lucie)
C:Program Files (x86)Common FilesResearch In Motionnginxnginx.exe (ID: 4208|ParentID: 7800|Lucie)
C:Program FilesSonyVAIO CareVCSystemTray.exe (ID: 7492|ParentID: 372|Lucie)
C:Program FilesSonyVAIO UpdateVAIOUpdt.exe (ID: 3336|ParentID: 372|Lucie)
C:WindowsSystem32WWAHost.exe (ID: 6864|ParentID: 812|Lucie)
C:Program FilesSonyVAIO Improvementvim.exe (ID: 1172|ParentID: 372|Lucie)
C:WindowsSystem32WUDFHost.exe (ID: 6236|ParentID: 1032|SERVICE LOCAL)
C:WindowsSysWOW64WWAHost.exe (ID: 4568|ParentID: 812|Lucie)

################## | Autorun |

E:UsbFix.lnk -> E:
E:bare2.lnk -> E:mhH5Vwcp.vbs

################## | Recherche générique |

Supprimé! E:UsbFix.lnk
Supprimé! E:bare2.lnk
Supprimé! E:Accueilpro.lnk
Supprimé! E:Accueil_pro.lnk
Supprimé! E:diapo projet.lnk
Supprimé! E:npp.lnk
Supprimé! E:DM Les pépinières Fauliet.lnk
Supprimé! E:CV.lnk
Supprimé! E:LM.lnk
Supprimé! E:6.lnk
Supprimé! E:bare.lnk
Supprimé! E:stylebare.lnk
Supprimé! E:stylebare3.lnk
Supprimé! E:bare3.lnk
Supprimé! E:background.lnk
Supprimé! E:bg-menu.lnk
Supprimé! E:bare4.lnk
Supprimé! E:stylebare4.lnk
Supprimé! E:bare5.lnk
Supprimé! E:stylebare5.lnk
Supprimé! E:Chargement.lnk
Supprimé! E:load.lnk
Supprimé! E:bare7.lnk
Supprimé! E:bare8.lnk
Supprimé! E:titre.lnk
Supprimé! E:Autorun.inf.lnk
Supprimé! E:Site AE.lnk
Supprimé! E:diapo.lnk
Supprimé! E:Nouveau dossier.lnk
Supprimé! E:EasyPHP-5.3.8.1.lnk
Supprimé! E:Projet bac.lnk
Supprimé! E:APB.lnk
Supprimé! E:bare6.lnk

(!) Fichiers temporaires supprimés.

################## | Registre |

Supprimé! HKUS-1-5-21-4188971344-1466325124-3754091441-1001Software….Mountpoints2{5301b9d0-76b7-11e3-bf02-083e8eb5aa64}

################## | Regedit Run |

F2 – HKLM..Winlogon : [Shell] explorer.exe
F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
F2 – HKLM..Winlogon : [Userinit] userinit.exe
F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
04 – HKCU..Run : [cacaoweb] “C:UsersLucie.BAppDataRoamingcacaowebcacaoweb.exe” -noplayer
04 – HKCU..Run : [Skype] “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
04 – HKLM..Run : [ISBMgr.exe] “C:Program Files (x86)SonyISB UtilityISBMgr.exe”
04 – HKLM..Run : [PMBVolumeWatcher] C:Program Files (x86)SonyPlayMemories HomePMBVolumeWatcher.exe
04 – HKLM..Run : [Adobe Reader Speed Launcher] “c:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
04 – HKLM..Run : [Adobe ARM] “c:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
04 – HKLM..Run : [Intel AppUp(SM) center] “C:Program Files (x86)IntelIntelAppStorebinismagent.exe” –domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
04 – HKLM..Run : [APSDaemon] “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
04 – HKLM..Run : [iTunesHelper] “C:Program Files (x86)iTunesiTunesHelper.exe”
04 – HKLM..Run : [RIMBBLaunchAgent.exe] C:Program Files (x86)Common FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe
04 – HKLM..Run : [AvastUI.exe] “C:Program FilesAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
04 – HKLM..Run : [RIM PeerManager] “C:Program Files (x86)Common FilesResearch In MotionTunnel ManagerPeerManager.exe”
04 – HKLM..Run : [mobilegeni daemon] C:Program Files (x86)MobogenieDaemonProcess.exe
04 – [x64] HKLM..Run : [RtHDVBg] C:Program FilesRealtekAudioHDARAVBg64.exe /SONYAPO
04 – [x64] HKLM..Run : [BtTray] “C:Program Files (x86)Bluetooth SuiteBtTray.exe”
04 – [x64] HKLM..Run : [BtvStack] “C:Program Files (x86)Bluetooth SuiteBtvStack.exe”
04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
04 – [x64] HKLM..Run : [IgfxTray] “C:WINDOWSsystem32igfxtray.exe”
04 – [x64] HKLM..Run : [HotKeysCmds] “C:WINDOWSsystem32hkcmd.exe”
04 – [x64] HKLM..Run : [Persistence] “C:WINDOWSsystem32igfxpers.exe”
04 – HKUS-1-5-21-4188971344-1466325124-3754091441-1001..Run : [cacaoweb] “C:UsersLucie.BAppDataRoamingcacaowebcacaoweb.exe” -noplayer
04 – HKUS-1-5-21-4188971344-1466325124-3754091441-1001..Run : [Skype] “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun

################## | C: %SystemDrive% – Disque Fixe (NTFS) |

[12/05/2014 – 17:19:12 | ASH | 3254908 Ko] – C:hiberfil.sys
[12/05/2014 – 17:19:26 | ASH | 720896 Ko] – C:pagefile.sys
[12/05/2014 – 22:13:57 | ASH | 393216 Ko] – C:swapfile.sys
[05/10/2012 – 03:37:33 | N | 2 Ko] – C:RHDSetup.log
[05/10/2012 – 04:12:26 | N | 120 Ko] – C:firecore.log
[21/01/2014 – 22:38:22 | SHD] – C:$Recycle.Bin
[05/09/2013 – 17:56:16 | D] – C:found.000
[26/07/2012 – 05:44:30 | RASH | 389 Ko] – C:bootmgr
[05/10/2012 – 03:32:15 | D] – C:Intel
[05/10/2012 – 04:04:04 | D] – C:Documentation
[05/10/2012 – 04:23:13 | D] – C:sources
[04/01/2013 – 10:14:34 | RHD] – C:MSOCache
[18/06/2013 – 14:18:29 | N | 0 Ko] – C:BOOTNXT
[22/08/2013 – 16:45:52 | SHD] – C:Documents and Settings
[22/08/2013 – 17:22:35 | D] – C:PerfLogs
[24/12/2013 – 17:59:31 | D] – C:Recovery
[24/12/2013 – 18:07:55 | D] – C:Users
[10/01/2014 – 22:14:58 | HD] – C:ProgramData
[10/01/2014 – 22:30:14 | D] – C:Program Files
[11/04/2014 – 20:54:11 | N | 0 Ko] – C:end
[07/05/2014 – 19:20:32 | D] – C:Program Files (x86)
[10/05/2014 – 10:55:59 | D] – C:Windows
[12/05/2014 – 21:29:27 | SHD] – C:System Volume Information
[14/05/2014 – 13:20:51 | D] – C:UsbFix

################## | E: – Disque USB (FAT32) |

[13/05/2014 – 21:37:18 | N | 1786 Ko] – E:diapo projet.ppt
[08/06/2011 – 17:40:06 | N | 1 Ko] – E:bg-menu.png
[08/06/2011 – 18:03:40 | N | 111 Ko] – E:background.jpg
[28/04/2014 – 16:29:34 | N | 42 Ko] – E:6.jpg
[13/05/2014 – 15:50:54 | N | 29 Ko] – E:Accueilpro.JPG
[13/05/2014 – 15:52:40 | N | 28 Ko] – E:Accueil_pro.JPG
[30/04/2014 – 09:57:50 | N | 1 Ko] – E:Chargement.html
[30/04/2014 – 13:26:52 | N | 0 Ko] – E:bare.html
[30/04/2014 – 13:28:14 | N | 2 Ko] – E:bare8.html
[30/04/2014 – 13:28:28 | N | 2 Ko] – E:bare3.html
[30/04/2014 – 13:28:36 | N | 2 Ko] – E:bare4.html
[30/04/2014 – 13:28:42 | N | 0 Ko] – E:bare5.html
[30/04/2014 – 13:28:48 | N | 1 Ko] – E:bare7.html
[30/04/2014 – 13:32:16 | N | 0 Ko] – E:titre.html
[06/05/2014 – 15:05:54 | N | 2 Ko] – E:bare2.html
[14/01/2014 – 22:57:12 | N | 7421 Ko | VirusTotal – (0/48)] – E:npp.6.5.3.Installer.exe
[05/03/2014 – 18:51:38 | N | 15 Ko] – E:DM Les pépinières Fauliet.docx
[30/03/2014 – 15:38:12 | N | 42 Ko] – E:CV.doc
[30/03/2014 – 15:59:16 | N | 23 Ko] – E:LM.doc
[29/04/2014 – 16:17:56 | N | 2 Ko] – E:stylebare.css
[29/04/2014 – 21:35:36 | N | 2 Ko] – E:stylebare3.css
[29/04/2014 – 21:42:50 | N | 3 Ko] – E:stylebare4.css
[29/04/2014 – 21:52:38 | N | 3 Ko] – E:stylebare5.css
[30/04/2014 – 09:58:46 | N | 3 Ko] – E:load.css
[30/04/2014 – 10:04:14 | N | 3 Ko] – E:bare7.css
[30/04/2014 – 10:16:10 | N | 2 Ko] – E:bare8.css
[30/04/2014 – 10:42:52 | N | 1 Ko] – E:titre.css
[14/11/2013 – 11:23:54 | D] – E:EasyPHP-5.3.8.1
[18/06/2012 – 15:40:10 | D] – E:bare6
[26/11/2013 – 08:09:42 | D] – E:Projet bac
[03/03/2014 – 18:14:52 | D] – E:APB
[05/05/2014 – 18:51:40 | D] – E:Site AE
[13/05/2014 – 15:38:48 | D] – E:Nouveau dossier
[13/05/2014 – 15:38:58 | D] – E:diapo
[14/05/2014 – 13:19:36 | SHD] – E:System Volume Information

################## | Vaccin |

E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

################## | E.O.F | https://www.sosvirus.net/ | http://www.usbfix.net