Format du document : text/plain
Prévisualisation
# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Version : 11.010
# Base de données : 2018.11.28
# Contact : https://www.usb-antivirus.com/fr/contact
# ----------------------------------------------------
# Type de scan : Full
# Utilisateur : Coralie (Administrateur)
# Appareil : DESKTOP-9S9FA0I
# Lancé : 27/01/2019 16:35:22
# ----------------------------------------------------
------------ | Disques analysés |
C:\ NTFS (174GB/237GB) [Fixed]
D:\ FAT32 (24GB/29GB) [Removable]
E:\ exFAT (118GB/118GB) [Removable]
------------ | Elément(s) détecté(s) |
Restauré! D:\A IMPRIMER
Restauré! D:\COURS
Restauré! D:\DOCS A IMPRIMER
Restauré! D:\GROS LOT 2017 - S1
Restauré! D:\LORENA
Restauré! D:\Prezi.portable-v309
Restauré! E:\clement
Restauré! D:\DCIM.JPG
Restauré! E:\DCIM.JPG
Supprimé! D:\.Spotlight-V100.lnk
Supprimé! D:\.TemporaryItems.lnk
Supprimé! D:\.Trashes.lnk
Supprimé! D:\A IMPRIMER.lnk
Supprimé! D:\autorun.inf.lnk
Supprimé! D:\COURS.lnk
Supprimé! D:\DCIM.lnk
Supprimé! D:\DOCS A IMPRIMER.lnk
Supprimé! D:\GROS LOT 2017 - S1.lnk
Supprimé! D:\LORENA.lnk
Supprimé! D:\Nouveau Dossier.lnk
Supprimé! D:\Photo Family.lnk
Supprimé! D:\Prezi.portable-v309.lnk
Supprimé! D:\System Volume Information.lnk
Supprimé! D:\Video.lnk
Supprimé! E:\autorun.inf.lnk
Supprimé! E:\clement.lnk
Supprimé! E:\DCIM.lnk
Supprimé! E:\Nouveau Dossier.lnk
Supprimé! E:\Photo Family.lnk
Supprimé! E:\System Volume Information.lnk
Supprimé! E:\Video.lnk
------------ | Run |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\windows\system32\userinit.exe,
04 - HKCU\..\Run : [OneDrive] "C:\Users\Coralie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKCU\..\Run : [cacaoweb] "C:\Users\Coralie\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
04 - HKCU\..\Run : [Visionneuse de Photos Windows] "C:\Users\Coralie\PerfLogs\csrss.pif" /e:Vbscript.Encode "C:\Users\Coralie\PerfLogs\DCIM.JPG" /MINIMIZED
04 - HKCU\..\RunOnce : [Application Restart #0] C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe --no-displaying-insecure-content --disable-devtools --disable-raf-throttling --user-data-dir="C:\Users\Coralie\AppData\Local\ASUS GIFTBOX\User Data" --no-sandbox --flag-switches-begin --flag-switches-end --nwapp="C:\Program Files (x86)\ASUS\Giftbox" --restore-last-session
04 - HKLM\..\Run : [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe
04 - HKLM\..\Run : [USB Security] C:\Program Files (x86)\USB Disk Security\USBGuard.exe
04 - HKLM\..\Run : [AutoTransfer PC] C:\Program Files (x86)\USB Disk Security\backupmaster.exe
04 - [x64] HKLM\..\Run : [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-21-2045806124-4226723144-2188369647-1001\..\Run : [OneDrive] "C:\Users\Coralie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-2045806124-4226723144-2188369647-1001\..\Run : [cacaoweb] "C:\Users\Coralie\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
04 - HKU\S-1-5-21-2045806124-4226723144-2188369647-1001\..\Run : [Visionneuse de Photos Windows] "C:\Users\Coralie\PerfLogs\csrss.pif" /e:Vbscript.Encode "C:\Users\Coralie\PerfLogs\DCIM.JPG" /MINIMIZED
04 - HKU\S-1-5-21-2045806124-4226723144-2188369647-1001\..\RunOnce : [Application Restart #0] C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe --no-displaying-insecure-content --disable-devtools --disable-raf-throttling --user-data-dir="C:\Users\Coralie\AppData\Local\ASUS GIFTBOX\User Data" --no-sandbox --flag-switches-begin --flag-switches-end --nwapp="C:\Program Files (x86)\ASUS\Giftbox" --restore-last-session
------------ | Tasks |
Task - ASUS Splendid ACMON --> C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
Task - ASUS USB Charger Plus --> "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
Task - ATK Package 36D18D69AFC3 --> "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" -CancelShutdown
Task - ATK Package A22126881260 --> "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"
Task - DropboxOEM --> "%ProgramFiles(x86)%\Dropbox\DropboxOEM\DropboxOEM.exe" auto
Task - DropboxUpdateTaskMachineCore --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Task - DropboxUpdateTaskMachineUA --> C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Task - Intel PTT EK Recertification --> "C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe"
Task - IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec --> "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
Task - IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon --> "C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
Task - IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 --> C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic
Task - OneDrive Standalone Update Task-S-1-5-21-2045806124-4226723144-2188369647-1001 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - RtHDVBg_ListenToDevice --> "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
Task - RTKCPL --> "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
Task - WpsNotifyTask_Administrator --> C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe -from=task
Task - WpsUpdateTask_Administrator --> C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe -from=task
------------ | C:\ %SystemDrive% - Disque Fixe (NTFS) |
[31/08/2016 - 13:24:06 | AH | 12 Ko] - devlist.txt
[25/01/2019 - 01:19:25 | ASH | 3145728 Ko] - pagefile.sys
[25/01/2019 - 01:19:25 | ASH | 16384 Ko] - swapfile.sys
[27/01/2019 - 13:07:11 | ASH | 3312920 Ko] - hiberfil.sys
[25/01/2019 - 01:24:00 | SHD] - Config.Msi
[31/08/2016 - 13:24:06 | AH | 0 Ko] - Finish.log
[25/01/2019 - 01:19:31 | RH | 5 Ko] - farstone_pe.letter
[25/01/2019 - 01:10:58 | D] - autorun.inf
[15/10/2016 - 00:29:41 | SHD] - $Recycle.Bin
[30/10/2015 - 08:18:34 | ASH | 0 Ko] - BOOTNXT
[30/10/2015 - 08:18:34 | RASH | 391 Ko] - bootmgr
[24/03/2016 - 13:14:46 | SHD] - Boot
[31/08/2016 - 13:07:38 | D] - eSupport
[31/08/2016 - 13:12:55 | SHD] - dcboot
[31/08/2016 - 13:12:55 | SHD] - farston
[15/10/2016 - 22:48:12 | SHD] - Documents and Settings
[15/10/2016 - 23:19:06 | HD] - $SysReset
[12/09/2017 - 08:53:33 | HD] - Intel
[12/04/2018 - 00:38:20 | D] - PerfLogs
[27/10/2018 - 13:47:11 | SHD] - Recovery
[27/10/2018 - 13:48:34 | RD] - Users
[25/01/2019 - 01:21:01 | D] - Windows
[27/01/2019 - 15:19:23 | RD] - Program Files
[27/01/2019 - 15:19:23 | HD] - ProgramData
[27/01/2019 - 15:37:19 | RD] - Program Files (x86)
------------ | D:\ - Disque USB (FAT32) |
[07/10/2016 - 08:48:34 | SHD] - .Trashes
[07/10/2016 - 08:48:34 | AH | 4 Ko] - ._.Trashes
[11/01/2019 - 10:03:36 | SHD] - .TemporaryItems
[11/01/2019 - 10:03:36 | AH | 4 Ko] - ._.TemporaryItems
[07/10/2016 - 08:48:34 | SHD] - .Spotlight-V100
[11/01/2019 - 09:57:30 | SHD] - Prezi.portable-v309
[11/01/2019 - 09:57:32 | N | 4 Ko] - ._Prezi.portable-v309
[03/02/2017 - 06:50:44 | A | 3661 Ko] - Cible d'action des médicaments partie 1.pdf
[03/02/2017 - 07:01:58 | A | 8423 Ko] - Les médicaments biologiques.pdf
[10/02/2017 - 07:44:40 | A | 9544 Ko] - L'inconscient.pdf
[14/02/2017 - 07:42:06 | A | 1138 Ko] - Convention bred .pdf
[11/01/2019 - 10:03:36 | A | 810 Ko] - UE8 présentation.pdf
[11/01/2019 - 10:03:36 | N | 4 Ko] - ._UE8 présentation.pdf
[27/01/2019 - 16:35:58 | A | 1 Ko] - COURS.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer COURS&Call&Call&Call&exit
[27/01/2019 - 16:35:58 | A | 1 Ko] - Prezi.portable-v309.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer Prezi.portable-v309&Call&Call&Call&exit
[27/01/2019 - 16:35:58 | A | 1 Ko] - A IMPRIMER.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer A" "IMPRIMER&Call&Call&Call&exit
[27/01/2019 - 16:35:58 | A | 1 Ko] - .Trashes.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer .Trashes&Call&Call&Call&exit
[27/01/2019 - 16:35:58 | A | 1 Ko] - .TemporaryItems.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer .TemporaryItems&Call&Call&Call&exit
[27/01/2019 - 16:35:58 | A | 1 Ko] - GROS LOT 2017 - S1.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer GROS" "LOT" "2017" "-" "S1&Call&Call&Call&exit
[27/01/2019 - 16:35:58 | A | 1 Ko] - DOCS A IMPRIMER.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer DOCS" "A" "IMPRIMER&Call&Call&Call&exit
[27/01/2019 - 16:35:58 | A | 1 Ko] - autorun.inf.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer autorun.inf&Call&Call&Call&exit
[27/01/2019 - 16:35:58 | A | 1 Ko] - Nouveau Dossier.lnk --> C:\WINDOWS\system32\Wscript.exe/e:Vbscript.Encode DCIM.JPG
[27/01/2019 - 16:35:58 | A | 1 Ko] - LORENA.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer LORENA&Call&Call&Call&exit
[27/01/2019 - 16:35:58 | A | 1 Ko] - .Spotlight-V100.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer .Spotlight-V100&Call&Call&Call&exit
[27/01/2019 - 16:35:58 | A | 1 Ko] - DCIM.lnk --> C:\WINDOWS\system32\Wscript.exe/e:Vbscript.Encode DCIM.JPG
[27/01/2019 - 16:35:58 | A | 1 Ko] - Photo Family.lnk --> C:\WINDOWS\system32\Wscript.exe/e:Vbscript.Encode DCIM.JPG
[27/01/2019 - 16:35:58 | A | 1 Ko] - Video.lnk --> C:\WINDOWS\system32\Wscript.exe/e:Vbscript.Encode DCIM.JPG
[07/11/2015 - 13:35:54 | SH | 23 Ko] - DCIM.JPG
[25/01/2019 - 01:11:00 | SHD] - autorun.inf
[19/02/2014 - 15:00:12 | N | 7 Ko] - EMTEC.ico
[19/02/2014 - 15:00:08 | N | 143 Ko] - EMTEC.icns
[08/01/2017 - 19:17:54 | A | 14 Ko] - CV.docx
[12/02/2017 - 11:47:02 | A | 13 Ko] - lettre de motivation plessis trevise.docx
[30/04/2017 - 09:23:08 | A | 15 Ko] - Le soin, une éthique de l'attention.docx
[01/05/2017 - 22:03:26 | A | 16 Ko] - La Bioéthique.docx
[17/09/2018 - 17:13:42 | A | 114 Ko] - Généralité en rhumatologie..docx
[22/09/2018 - 16:44:40 | A | 37 Ko] - UE5 - ED1.docx
[29/10/2018 - 20:59:22 | A | 2714 Ko] - UE5 - Approche sémiologique dans le CMS.docx
[03/11/2018 - 16:24:42 | A | 24 Ko] - UE5 - Initiation à la démarche kinésithérapique en traumatologie.docx
[03/11/2018 - 17:45:16 | A | 116 Ko] - UE5 - Contextualisation de la sémiologie.docx
[18/12/2018 - 12:55:10 | N | 4 Ko] - ._Généralité en rhumatologie..docx
[17/01/2019 - 10:31:08 | A | 1936 Ko] - rapport de stage.docx
[06/09/2016 - 15:37:26 | SHD] - GROS LOT 2017 - S1
[26/12/2016 - 12:21:16 | SHD] - LORENA
[24/09/2017 - 19:56:44 | SHD] - A IMPRIMER
[15/01/2019 - 21:33:36 | SHD] - COURS
[18/01/2019 - 10:25:24 | SHD] - DOCS A IMPRIMER
------------ | E:\ - Disque USB (exFAT) |
[27/01/2019 - 16:35:58 | A | 1 Ko] - autorun.inf.lnk --> C:\WINDOWS\system32\Cmd.exe/c Start Wscript.exe /e:Vbscript.Encode DCIM.JPG&Call&Call&Call&start explorer autorun.inf&Call&Call&Call&exit
[07/11/2015 - 13:35:54 | SH | 23 Ko] - DCIM.JPG
[25/01/2019 - 01:31:48 | SHD] - autorun.inf
[25/01/2019 - 02:18:28 | SHD] - clement
Elément(s) détecté(s) : 31
Elément(s) analysé(s) : 74534 en 00h 00m 07s
# UsbFix-Report-01.txt [12442B]
------------ | E.O.F |