# ----------------------------------------------------
# UsbFix Antivirus Free
# ----------------------------------------------------
# Version : 11.048
# Base de données :
# Contact : https://www.usb-antivirus.com/fr/contact
# ----------------------------------------------------
# Type de scan : USB
# Utilisateur : salhi1 (Administrateur)
# Appareil : DESKTOP-38ETJSN
# Lancé : 16/06/2022 18:35:32
# ----------------------------------------------------

------------ | Disques analysés |

E:\ FAT32 (28GB/28GB) [Removable]

------------ | Elément(s) détecté(s) |

~ Aucun élément détecté ~

------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [OneDrive] "C:\Users\salhi1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKCU\..\Run : [NordVPN] C:\Program Files\NordVPN\NordVPN.exe
04 - HKCU\..\Run : [uTorrent] "C:\Users\salhi1\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKCU\..\Run : [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
04 - HKCU\..\Run : [Windscribe] "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
04 - HKCU\..\Run : [GoogleDriveFS] "C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe" --startup_mode
04 - HKCU\..\RunOnce : [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\salhi1\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
04 - HKCU\..\RunOnce : [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\salhi1\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
04 - HKCU\..\RunOnce : [Uninstall 22.099.0508.0001] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\salhi1\AppData\Local\Microsoft\OneDrive\22.099.0508.0001"
04 - HKLM\..\Run : [CK550_CK552] "C:\Program Files (x86)\Cooler Master\CK550_CK552\CK550_CK552 HID.exe"
04 - [x64] HKLM\..\Run : [SecurityHealth] %windir%\system32\SecurityHealthSystray.exe
04 - [x64] HKLM\..\Run : [AvastUI.exe] "C:\Program Files\Avast Software\Avast\AvLaunch.exe" /gui
04 - [x64] HKLM\..\Run : [RtkAudUService] "C:\WINDOWS\System32\RtkAudUService64.exe" -background
04 - [x64] HKLM\..\Run : [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-19\..\Run : [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe --startup_mode
04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-20\..\Run : [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe --startup_mode
04 - HKU\S-1-5-21-1280661116-970770358-385692439-1001\..\Run : [OneDrive] "C:\Users\salhi1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-1280661116-970770358-385692439-1001\..\Run : [NordVPN] C:\Program Files\NordVPN\NordVPN.exe
04 - HKU\S-1-5-21-1280661116-970770358-385692439-1001\..\Run : [uTorrent] "C:\Users\salhi1\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKU\S-1-5-21-1280661116-970770358-385692439-1001\..\Run : [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
04 - HKU\S-1-5-21-1280661116-970770358-385692439-1001\..\Run : [Windscribe] "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
04 - HKU\S-1-5-21-1280661116-970770358-385692439-1001\..\Run : [GoogleDriveFS] "C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe" --startup_mode
04 - HKU\S-1-5-21-1280661116-970770358-385692439-1001_Classes\..\Run : [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe --startup_mode
04 - HKU\S-1-5-18\..\Run : [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe --startup_mode
04 - HKU\S-1-5-19\..\RunOnce : [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade
04 - HKU\S-1-5-20\..\RunOnce : [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade
04 - HKU\S-1-5-21-1280661116-970770358-385692439-1001\..\RunOnce : [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\salhi1\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
04 - HKU\S-1-5-21-1280661116-970770358-385692439-1001\..\RunOnce : [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\salhi1\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
04 - HKU\S-1-5-21-1280661116-970770358-385692439-1001\..\RunOnce : [Uninstall 22.099.0508.0001] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\salhi1\AppData\Local\Microsoft\OneDrive\22.099.0508.0001"
04GS - Envoyer à OneNote.lnk : C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
04GS - eInstruction Device Manager.lnk : C:\Program Files (x86)\eInstruction\Device Manager\Launch.exe

------------ | Tasks |

Task - Adobe Acrobat Update Task --> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task - AMDInstallLauncher --> C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
Task - AMDLinkUpdate --> C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
Task - AMDRyzenMasterSDKTask --> "C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe"
Task - Avast Emergency Update --> C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
Task - Go to RoboForm Install page --> C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMJMLJNMHMJJHMLMPMCNJMLMKMJMCNLMJJNJNJCNOJGMLJOJCNIMNJNMMMMJOMJJNJJMLJMJOJJNJICMJMCNOMPMCNOMFMGMCNOMOMCNNMNMPMPMPMFMJMCNNMCNGMNMPMPMCNNMJNPICMLMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMMIOJDJHJGJOMJNKJCMJNNICMJNDJCMJJNI"
Task - GoogleUpdateTaskMachineCore --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Task - GoogleUpdateTaskMachineUA --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Task - MicrosoftEdgeUpdateTaskMachineCore --> C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
Task - MicrosoftEdgeUpdateTaskMachineCore1d813b8ad9c887a --> C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
Task - MicrosoftEdgeUpdateTaskMachineUA --> C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
Task - OneDrive Reporting Task-S-1-5-21-1280661116-970770358-385692439-1001 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
Task - OneDrive Standalone Update Task-S-1-5-21-1280661116-970770358-385692439-1001 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - OneDrive Standalone Update Task-S-1-5-21-1280661116-970770358-385692439-500 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - OneDrive Standalone Update Task-S-1-5-21-2151219860-756516231-1909577323-500 --> %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task - Opera scheduled assistant Autoupdate 1617648728 --> C:\Users\salhi1\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\salhi1\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task - Opera scheduled Autoupdate 1617648718 --> C:\Users\salhi1\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
Task - Run RoboForm TaskBar Icon --> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task - StartCN --> "C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay
Task - StartDVR --> "C:\Program Files\AMD\CNext\CNext\RSServCmd.exe"
Task - UsbFix Monitor --> "C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe"

------------ | E:\ - Disque USB (FAT32) |

[08/05/2022 - 22:53:50 | A | 1820 Ko] - Accéder aux fichiers du TRANSCEND (E).exe
[16/06/2022 - 18:33:34 | D] - Winfiles
[16/06/2022 - 18:33:50 | D] - usbfiles

Elément(s) détecté(s) : 0
Restored Data 1 Mo
Elément(s) analysé(s) : 49633 en 00h 00m 03s

# UsbFix-Report-04.txt [8267B]

------------ | E.O.F |