# ----------------------------------------------------

# UsbFix Antivirus Premium

# ----------------------------------------------------
# Version : 11.029
# Database :
# Contact : https://www.usb-antivirus.com/contact
# ----------------------------------------------------
# Scan type : Windows [Auto Scan]
# User : peyman (Administrator)
# Device : PEYMANXPS15
# Started : 09/07/2023 09:28:50
# ----------------------------------------------------

------------ | Analyzed disks |

C:\ NTFS (39GB/952GB) [Fixed]

------------ | Infected elements |

~ No element detected ~

------------ | Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe

F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [IDMan] C:\Program Files (x86)\Internet Download Manager\
IDMan.exe /onboot
04 - HKCU\..\Run : [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe"
/autostart
04 - HKCU\..\Run : [EPSDNMON] "C:\Program Files (x86)\Epson Software\Download
Navigator\EPSDNMON.EXE"
04 - HKCU\..\Run : [EPSON Stylus Photo 1410 Series] C:\WINDOWS\system32\spool\
DRIVERS\x64\3\E_IATIBUP.EXE /FU "C:\WINDOWS\TEMP\E_S17DB.tmp" /EF "HKCU"
04 - HKCU\..\Run : [MicrosoftEdgeAutoLaunch_93B7EAE0101A6A75531E30A06C0EDDF3] "C:\
Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --
win-session-start /prefetch:5
04 - HKCU\..\Run : [com.squirrel.Teams.Teams] C:\Users\peyman\AppData\Local\
Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--
system-initiated"
04 - HKCU\..\Run : [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for
Desktop\Skype.exe
04 - HKCU\..\Run : [Lantern] "C:\Users\peyman\AppData\Roaming\Lantern\lantern.exe"
-startup
04 - HKLM\..\Run : [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\
hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
04 - HKLM\..\Run : [DriverPack Notifier] C:\Program Files (x86)\DriverPack
Notifier\DriverPackNotifier.exe --run startup
04 - HKLM\..\Run : [Codec Settings UAC Manager] "C:\WINDOWS\system32\Codecs\
CodecUACManager.exe"
04 - HKLM\..\Run : [ArcSoft Connection Service] C:\Program Files (x86)\Common
Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
04 - HKLM\..\Run : [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories
Home\PMBVolumeWatcher.exe /SysAutoRun
04 - HKLM\..\Run : [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program
Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
04 - [x64] HKLM\..\Run : [SecurityHealth] %windir%\system32\
SecurityHealthSystray.exe
04 - [x64] HKLM\..\Run : [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid
Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid
Storage Technology\IAStorIcon.exe" 60
04 - [x64] HKLM\..\Run : [PremierColor] "C:\Program Files\Portrait Displays\Dell
PremierColor\PremierColor.exe" startup_folder
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common
Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - [x64] HKLM\..\Run : [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\
RtkNGUI64.exe" -s
04 - [x64] HKLM\..\Run : [RtHDVBg_MAXX6] "C:\Program Files\Realtek\Audio\HDA\
RAVBg64.exe" /MAXX6
04 - [x64] HKLM\..\Run : [RtHDVBg_PushButton] "C:\Program Files\Realtek\Audio\HDA\
RAVBg64.exe" /IM
04 - [x64] HKLM\..\Run : [WavesSvc] "C:\Program Files\Waves\MaxxAudio\
WavesSvc64.exe"
04 - [x64] HKLM\..\Run : [ElcMouse] C:\Program Files\ELECOM_Mouse_Driver\
ElcMouseApl.exe
04 - [x64] HKLM\..\Run : [SoftEther VPN Client UI Helper] "C:\Program Files\
SoftEther VPN Client\vpnclient_x64.exe" /uihelp
04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe
/thfirstsetup
04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe
/thfirstsetup
04 - HKU\S-1-5-21-3148141197-3380157705-1096941062-1002\..\Run : [IDMan] C:\Program
Files (x86)\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-3148141197-3380157705-1096941062-1002\..\Run : [DU Meter] "C:\
Program Files (x86)\DU Meter\DUMeter.exe" /autostart
04 - HKU\S-1-5-21-3148141197-3380157705-1096941062-1002\..\Run : [EPSDNMON] "C:\
Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE"
04 - HKU\S-1-5-21-3148141197-3380157705-1096941062-1002\..\Run : [EPSON Stylus
Photo 1410 Series] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIBUP.EXE /FU "C:\
WINDOWS\TEMP\E_S17DB.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-3148141197-3380157705-1096941062-1002\..\Run :
[MicrosoftEdgeAutoLaunch_93B7EAE0101A6A75531E30A06C0EDDF3] "C:\Program Files (x86)\
Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
/prefetch:5
04 - HKU\S-1-5-21-3148141197-3380157705-1096941062-1002\..\Run :
[com.squirrel.Teams.Teams] C:\Users\peyman\AppData\Local\Microsoft\Teams\Update.exe
--processStart "Teams.exe" --process-start-args "--system-initiated"
04 - HKU\S-1-5-21-3148141197-3380157705-1096941062-1002\..\Run : [Skype for
Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
04 - HKU\S-1-5-21-3148141197-3380157705-1096941062-1002\..\Run : [Lantern] "C:\
Users\peyman\AppData\Roaming\Lantern\lantern.exe" -startup
04GS - Sidebar957.lnk : C:\Program Files (x86)\Windows Sidebar\sidebar.exe
04GS - AnyDesk.lnk : C:\Program Files (x86)\AnyDesk\AnyDesk.exe
04GS - SoftEther VPN Client Manager Startup.lnk : C:\Program Files\SoftEther VPN
Client\vpncmgr_x64.exe
04GS - WSAndroidAppHelper.lnk : C:\Program Files (x86)\Wondershare\Dr.Fone\Addins\
SocialApps\WSAndroidAppHelper.exe
04GS - WSAppHelper.lnk : C:\Program Files (x86)\Wondershare\Dr.Fone\Addins\
SocialApps\WSAppHelper.exe

------------ | Tasks |

Task - Adobe Flash Player NPAPI Notifier --> C:\WINDOWS\SysWOW64\Macromed\Flash\

FlashUtil32_32_0_0_321_Plugin.exe -check plugin
Task - AdobeAAMUpdater-1.0-LAPTOP-LT2FGP8U-peyman --> C:\Program Files (x86)\Common
Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Task - CLToast --> "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" -
UpdateSchedule
Task - CLToastRun --> "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" -
UpdateScheduleRun
Task - DriverPack Notifier --> "C:\Program Files (x86)\DriverPack Notifier\
DriverPackNotifier.exe"
Task - GoogleUpdateTaskMachineCore --> "C:\Program Files (x86)\Google\Update\
GoogleUpdate.exe" /c
Task - GoogleUpdateTaskMachineUA --> "C:\Program Files (x86)\Google\Update\
GoogleUpdate.exe" /ua /installsource scheduler
Task - Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} --> C:\
Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
Task - klcp_update --> "C:\Program Files (x86)\K-Lite Codec Pack\Tools\
CodecTweakTool.exe" /verysilent /update /freq=30
Task - MicrosoftEdgeUpdateTaskMachineCore --> C:\Program Files (x86)\Microsoft\
EdgeUpdate\MicrosoftEdgeUpdate.exe /c
Task - MicrosoftEdgeUpdateTaskMachineUA --> C:\Program Files (x86)\Microsoft\
EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
Task - NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\
Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\
NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\
NvContainerBatteryBoostCheck.log
Task - NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\
Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\
NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\
NvContainerDriverUpdateCheck.log
Task - NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
--> "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce
Experience.exe"
Task - NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program Files
(x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
Task - NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program
Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task - NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\
Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Task - NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program
Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task - NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program
Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task - NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program
Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task - NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} --> C:\Program
Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
Task - OneDrive Per-Machine Standalone Update Task --> C:\Program Files\Microsoft
OneDrive\OneDriveStandaloneUpdater.exe
Task - OneDrive Reporting Task-S-1-5-21-3148141197-3380157705-1096941062-1002 -->
C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting
Task - PowerDirectorStyleAgent --> C:\Program Files (x86)\CyberLink\Shared files\
PDStyleAgent\PDStyleAgent.exe
Task - UsbFix Boot Scan --> "C:\ProgramData\SosVirus\UsbFix\UsbFix.exe" -
scanonstart
Task - UsbFix Monitor --> "C:\ProgramData\SosVirus\UsbFix\Modules\
UsbFixMonitor.exe"
Task - User_Feed_Synchronization-{5E5A6E79-1DD4-4337-9AEE-CB3A4BC0E58D} --> C:\
WINDOWS\system32\msfeedssync.exe sync

------------ | C:\ %SystemDrive% - Fixed drive (NTFS) |

[14/05/2021 - 21:14:57 | A | 10 Ko] - alcohol mixing.xlsx

[18/11/2018 - 01:23:39 | A | 0 Ko] - Recovery.txt
[09/07/2023 - 09:28:21 | ASH | 8 Ko] - DumpStack.log.tmp
[09/07/2023 - 09:28:14 | ASH | 9992388 Ko] - hiberfil.sys
[09/07/2023 - 09:28:21 | ASH | 3670016 Ko] - pagefile.sys
[09/07/2023 - 09:28:21 | ASH | 16384 Ko] - swapfile.sys
[28/06/2023 - 08:26:09 | ASH | 8 Ko] - DumpStack.log
[15/11/2017 - 00:47:43 | A | 0 Ko] - NET.INI
[19/11/2020 - 23:14:13 | A | 8 Ko] - errlog.dat
[05/06/2023 - 01:21:33 | SHD] - $RECYCLE.BIN
[24/09/2021 - 00:33:29 | HD] - $WINDOWS.~BT
[04/06/2000 - 11:37:15 | D] - ECsamples
[27/03/2017 - 21:14:28 | HDC] - Apps
[27/03/2017 - 21:21:01 | SHD] - Documents and Settings
[05/08/2017 - 22:19:10 | HDC] - Dell
[26/08/2017 - 21:30:14 | RHD] - MSOCache
[23/11/2017 - 08:37:27 | D] - PHA-Pro 7 Documents
[10/05/2018 - 11:57:44 | D] - LJP1100_P1560_P1600_Full_Solution
[18/11/2018 - 01:54:22 | HD] - $SysReset
[21/11/2018 - 01:49:45 | DC] - Drivers
[26/11/2018 - 12:13:39 | D] - PDFToExcelConverter
[26/11/2018 - 12:14:38 | D] - output
[16/05/2019 - 13:28:09 | D] - tmp
[31/07/2019 - 20:55:15 | D] - LocalStorage
[12/10/2019 - 10:45:38 | D] - iVMS-4200
[13/10/2019 - 14:58:08 | D] - SadpLog
[07/12/2019 - 12:44:52 | D] - PerfLogs
[18/04/2020 - 10:47:35 | D] - Shatel
[09/08/2020 - 23:54:19 | HDC] - Recovery
[18/10/2020 - 23:14:51 | D] - Telegram desktop
[21/11/2020 - 13:42:02 | D] - swsetup
[30/01/2021 - 13:13:02 | HD] - OneDriveTemp
[11/07/2021 - 16:57:36 | D] - Adjustment Program
[04/11/2021 - 16:45:41 | D] - __backuptrans_iosbk_temp
[10/02/2022 - 11:06:59 | D] - temp
[13/03/2022 - 14:37:58 | RD] - my company
[24/12/2022 - 23:53:39 | HD] - ProgramData
[09/05/2023 - 10:28:33 | RD] - Program Files
[05/06/2023 - 01:23:31 | RD] - Users
[16/06/2023 - 00:40:44 | RD] - Program Files (x86)
[21/06/2023 - 23:41:05 | RD] - my work
[01/07/2023 - 11:45:57 | HD] - $WinREAgent
[01/07/2023 - 23:04:56 | D] - Windows
[05/07/2023 - 13:49:30 | RD] - ‫پروپوزال ها‬
[09/07/2023 - 09:28:24 | HDC] - Intel

Infected elements : 0
Analyzed elements : 64197 in 00h 00m 16s

# UsbFix-Report-1515.txt [11680B]

------------ | E.O.F |