Publicité
Publicité
Format du document : text/plain
Prévisualisation
# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Version : 11.048
# Database : 2021.10.06
# Contact : https://www.usb-antivirus.com/contact
# ----------------------------------------------------
# Scan type : Full
# User : pc (Administrator)
# Device : DESKTOP-IUI5T6N
# Started : 24/02/2022 21:43:03
# ----------------------------------------------------
------------ | Analyzed disks |
C:\ NTFS (209GB/28GB) [Fixed]
D:\ FAT32 (20GB/20GB) [Removable]
------------ | Infected elements |
------------ | Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\WINDOWS\SYSWOW64\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\WINDOWS\System32\Userinit.exe,
04 - HKCU\..\Run : [MicrosoftEdgeAutoLaunch_72FC07CE8FBC282A90F28F3BD5668C8E] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
04 - HKCU\..\RunOnce : [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
04 - HKCU\..\RunOnce : [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
04 - HKCU\..\RunOnce : [Uninstall 22.002.0103.0004] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\22.002.0103.0004"
04 - HKLM\..\Run : [Everything] "C:\Program Files (x86)\Everything\Everything.exe" -startup
04 - HKLM\..\Run : [Immunet Protect] "C:\Program Files\Immunet\3.1.13\iptray.exe"
04 - [x64] HKLM\..\Run : [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
04 - [x64] HKLM\..\Run : [rfagent] "D:\Program Files\RFA 11\rfagent64.exe"
04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-21-120822950-1225855894-879144086-1001\..\Run : [MicrosoftEdgeAutoLaunch_72FC07CE8FBC282A90F28F3BD5668C8E] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
04 - HKU\S-1-5-21-120822950-1225855894-879144086-1001\..\RunOnce : [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
04 - HKU\S-1-5-21-120822950-1225855894-879144086-1001\..\RunOnce : [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
04 - HKU\S-1-5-21-120822950-1225855894-879144086-1001\..\RunOnce : [Uninstall 22.002.0103.0004] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\22.002.0103.0004"
------------ | Tasks |
Task - CreateExplorerShellUnelevatedTask --> C:\WINDOWS\Explorer.exe /NOUACCHECK
Task - EPSON XP-710 Series Invitation {9D10E9E5-7FD9-4BFF-83FA-951772CB2824} --> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE /EXE:"{9D10E9E5-7FD9-4BFF-83FA-951772CB2824}" /F:"Invitation"
Task - EPSON XP-710 Series Update {9D10E9E5-7FD9-4BFF-83FA-951772CB2824} --> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE /EXE:"{9D10E9E5-7FD9-4BFF-83FA-951772CB2824}" /F:"Update"
Task - MicrosoftEdgeUpdateTaskMachineCore --> C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
Task - MicrosoftEdgeUpdateTaskMachineUA --> C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
Task - OneDrive Reporting Task-S-1-5-21-120822950-1225855894-879144086-1001 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
Task - OneDrive Standalone Update Task v2 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - OneDrive Standalone Update Task-S-1-5-21-120822950-1225855894-879144086-1001 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - UsbFix Monitor --> "C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe"
Task - User_Feed_Synchronization-{E08EDB29-CD7B-4FBF-8971-4AAE2577D114} --> C:\WINDOWS\system32\msfeedssync.exe sync
------------ | C:\ %SystemDrive% - Fixed drive (NTFS) |
[24/02/2022 - 20:56:32 | ASH | 403904 Ko] - hiberfil.sys
[24/02/2022 - 20:56:54 | ASH | 4038656 Ko] - pagefile.sys
[24/02/2022 - 20:56:54 | ASH | 16384 Ko] - swapfile.sys
[29/01/2022 - 20:52:14 | SHD] - $Recycle.Bin
[07/12/2019 - 11:22:55 | HD] - $WINDOWS.~BT
[12/04/2018 - 00:38:20 | SD] - PerfLogs
[26/05/2018 - 05:18:30 | SDC] - Intel
[04/08/2020 - 17:54:13 | SHDC] - Recovery
[04/08/2020 - 18:43:19 | D] - TEST_TOOL
[28/09/2020 - 14:17:57 | SD] - Documents and Settings
[22/05/2021 - 12:02:58 | RD] - Users
[31/05/2021 - 14:29:44 | D] - SearcherBar
[31/05/2021 - 14:33:18 | D] - Chrone
[31/05/2021 - 16:42:29 | D] - tenorshare
[28/01/2022 - 13:16:46 | D] - $WinREAgent
[06/02/2022 - 22:20:18 | D] - Windows
[08/02/2022 - 13:46:11 | RD] - Program Files
[08/02/2022 - 20:03:23 | D] - AdwCleaner
[24/02/2022 - 21:02:51 | D] - Windows10Upgrade
[24/02/2022 - 21:05:14 | HD] - $GetCurrent
[24/02/2022 - 21:25:06 | HD] - ProgramData
[24/02/2022 - 21:42:02 | RD] - Program Files (x86)
------------ | D:\ - Removable drive (FAT32) |
[24/02/2022 - 21:15:02 | A | 2 Ko] - TRANS.TBL
[24/02/2022 - 21:15:02 | RASH | 37 Ko] - ldlinux.sys
[24/02/2022 - 21:15:02 | A | 0 Ko] - syslinux.cfg
[24/02/2022 - 21:15:02 | D] - efi
[24/02/2022 - 21:25:08 | D] - Program Files
Infected elements : 1
Restored Data 0 Mo
Analyzed elements : 61959 in 00h 01m 07s
# UsbFix-Report-01.txt [5823B]
------------ | E.O.F |
# UsbFix Antivirus Free
# ----------------------------------------------------
# Version : 11.048
# Database : 2021.10.06
# Contact : https://www.usb-antivirus.com/contact
# ----------------------------------------------------
# Scan type : Full
# User : pc (Administrator)
# Device : DESKTOP-IUI5T6N
# Started : 24/02/2022 21:43:03
# ----------------------------------------------------
------------ | Analyzed disks |
C:\ NTFS (209GB/28GB) [Fixed]
D:\ FAT32 (20GB/20GB) [Removable]
------------ | Infected elements |
------------ | Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\WINDOWS\SYSWOW64\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\WINDOWS\System32\Userinit.exe,
04 - HKCU\..\Run : [MicrosoftEdgeAutoLaunch_72FC07CE8FBC282A90F28F3BD5668C8E] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
04 - HKCU\..\RunOnce : [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
04 - HKCU\..\RunOnce : [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
04 - HKCU\..\RunOnce : [Uninstall 22.002.0103.0004] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\22.002.0103.0004"
04 - HKLM\..\Run : [Everything] "C:\Program Files (x86)\Everything\Everything.exe" -startup
04 - HKLM\..\Run : [Immunet Protect] "C:\Program Files\Immunet\3.1.13\iptray.exe"
04 - [x64] HKLM\..\Run : [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
04 - [x64] HKLM\..\Run : [rfagent] "D:\Program Files\RFA 11\rfagent64.exe"
04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-21-120822950-1225855894-879144086-1001\..\Run : [MicrosoftEdgeAutoLaunch_72FC07CE8FBC282A90F28F3BD5668C8E] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
04 - HKU\S-1-5-21-120822950-1225855894-879144086-1001\..\RunOnce : [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
04 - HKU\S-1-5-21-120822950-1225855894-879144086-1001\..\RunOnce : [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
04 - HKU\S-1-5-21-120822950-1225855894-879144086-1001\..\RunOnce : [Uninstall 22.002.0103.0004] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\pc\AppData\Local\Microsoft\OneDrive\22.002.0103.0004"
------------ | Tasks |
Task - CreateExplorerShellUnelevatedTask --> C:\WINDOWS\Explorer.exe /NOUACCHECK
Task - EPSON XP-710 Series Invitation {9D10E9E5-7FD9-4BFF-83FA-951772CB2824} --> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE /EXE:"{9D10E9E5-7FD9-4BFF-83FA-951772CB2824}" /F:"Invitation"
Task - EPSON XP-710 Series Update {9D10E9E5-7FD9-4BFF-83FA-951772CB2824} --> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE /EXE:"{9D10E9E5-7FD9-4BFF-83FA-951772CB2824}" /F:"Update"
Task - MicrosoftEdgeUpdateTaskMachineCore --> C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
Task - MicrosoftEdgeUpdateTaskMachineUA --> C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
Task - OneDrive Reporting Task-S-1-5-21-120822950-1225855894-879144086-1001 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
Task - OneDrive Standalone Update Task v2 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - OneDrive Standalone Update Task-S-1-5-21-120822950-1225855894-879144086-1001 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - UsbFix Monitor --> "C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe"
Task - User_Feed_Synchronization-{E08EDB29-CD7B-4FBF-8971-4AAE2577D114} --> C:\WINDOWS\system32\msfeedssync.exe sync
------------ | C:\ %SystemDrive% - Fixed drive (NTFS) |
[24/02/2022 - 20:56:32 | ASH | 403904 Ko] - hiberfil.sys
[24/02/2022 - 20:56:54 | ASH | 4038656 Ko] - pagefile.sys
[24/02/2022 - 20:56:54 | ASH | 16384 Ko] - swapfile.sys
[29/01/2022 - 20:52:14 | SHD] - $Recycle.Bin
[07/12/2019 - 11:22:55 | HD] - $WINDOWS.~BT
[12/04/2018 - 00:38:20 | SD] - PerfLogs
[26/05/2018 - 05:18:30 | SDC] - Intel
[04/08/2020 - 17:54:13 | SHDC] - Recovery
[04/08/2020 - 18:43:19 | D] - TEST_TOOL
[28/09/2020 - 14:17:57 | SD] - Documents and Settings
[22/05/2021 - 12:02:58 | RD] - Users
[31/05/2021 - 14:29:44 | D] - SearcherBar
[31/05/2021 - 14:33:18 | D] - Chrone
[31/05/2021 - 16:42:29 | D] - tenorshare
[28/01/2022 - 13:16:46 | D] - $WinREAgent
[06/02/2022 - 22:20:18 | D] - Windows
[08/02/2022 - 13:46:11 | RD] - Program Files
[08/02/2022 - 20:03:23 | D] - AdwCleaner
[24/02/2022 - 21:02:51 | D] - Windows10Upgrade
[24/02/2022 - 21:05:14 | HD] - $GetCurrent
[24/02/2022 - 21:25:06 | HD] - ProgramData
[24/02/2022 - 21:42:02 | RD] - Program Files (x86)
------------ | D:\ - Removable drive (FAT32) |
[24/02/2022 - 21:15:02 | A | 2 Ko] - TRANS.TBL
[24/02/2022 - 21:15:02 | RASH | 37 Ko] - ldlinux.sys
[24/02/2022 - 21:15:02 | A | 0 Ko] - syslinux.cfg
[24/02/2022 - 21:15:02 | D] - efi
[24/02/2022 - 21:25:08 | D] - Program Files
Infected elements : 1
Restored Data 0 Mo
Analyzed elements : 61959 in 00h 01m 07s
# UsbFix-Report-01.txt [5823B]
------------ | E.O.F |