[b]############################## | UsbFix V 8.204 | [Clean][/b]

User: Rahma (Administrator) # DESKTOP-I8259RO
Updated 22/03/2016 by SOSVirus
Started at 22:06:02 | 22/03/2016

Website : [url=https://www.usb-antivirus.com/]https://www.usb-antivirus.com/[/url]
Tutorial : [url=https://www.usb-antivirus.com/tutorial/]https://www.usb-antivirus.com/tutorial/[/url]
Support : [url=http://www.sosvirus.org/]http://www.sosvirus.org/[/url]
Live detection : [url=http://www.sosmalware.com/usbfix/]http://www.sosmalware.com/usbfix/[/url]
Contact : [url=https://www.usb-antivirus.com/contact/]https://www.usb-antivirus.com/contact/[/url]

[b]################## | System information |[/b]

MB: ASUSTeK COMPUTER INC. (X550JX) 
CPU: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz
RAM -> [Total : 8081 Mo | Free : 5980 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft™ Windows 10 Pro (6.3.10586 64-Bit) 
WB: Internet Explorer : 11.00.10586.0
WB: Microsoft Edge : 11.00.10586.122 (th2_release_inmarket.160222-1549)
WB: Google Chrome : 49.0.2623.87

[b]################## | Security Information |[/b]

AV: Windows Defender [[b](!) Disabled[/b] |Updated]
AS: Windows Defender [[b](!) Disabled[/b] |Updated]
AS: Malwarebytes Anti-Malware : 2.2.0.1024
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Fixed disk # 537 Gb (436 Gb free - 81%) [] # NTFS
D:\ -> Fixed disk # 394 Gb (96 Gb free - 24%) [] # NTFS

[b]################## | Generic Research |[/b]


(!) Temporary files deleted. (67.3125286102295 MB)

[b]################## | Startup |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [OneDrive] "C:\Users\Rahma\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKCU\..\Run : [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
04 - HKCU\..\Run : [Microsoft Word] wscript.exe //B "C:\Users\Rahma\AppData\Roaming\Microsoft Office\\Microsoft Word.WsF"
04 - HKCU\..\Run : [GoogleChromeAutoLaunch_D028B9C29B2B99F573D78B14A40BF0B4] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
04 - HKCU\..\RunOnce : [Uninstall C:\Users\Rahma\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rahma\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
04 - HKLM\..\Run : [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
04 - HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - [x64] HKLM\..\Run : [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
04 - [x64] HKLM\..\Run : [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /c /delay:30
04 - [x64] HKLM\..\Policies\Explorer\run : [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-21-1626028712-2863914626-1744165970-1001\..\Run : [OneDrive] "C:\Users\Rahma\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKU\S-1-5-21-1626028712-2863914626-1744165970-1001\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKU\S-1-5-21-1626028712-2863914626-1744165970-1001\..\Run : [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
04 - HKU\S-1-5-21-1626028712-2863914626-1744165970-1001\..\Run : [Microsoft Word] wscript.exe //B "C:\Users\Rahma\AppData\Roaming\Microsoft Office\\Microsoft Word.WsF"
04 - HKU\S-1-5-21-1626028712-2863914626-1744165970-1001\..\Run : [GoogleChromeAutoLaunch_D028B9C29B2B99F573D78B14A40BF0B4] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
04 - HKU\S-1-5-21-1626028712-2863914626-1744165970-1001\..\RunOnce : [Uninstall C:\Users\Rahma\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rahma\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut virus on flash disk (Video)[/url]
Info : [url=http://www.usb-antivirus.com/2014/03/remove-shortcut-virus-usb/]Shortcut virus on flash disk, What is it ?[/url]
Live detection : [url=http://www.sosmalware.com/usbfix/]http://www.sosmalware.com/usbfix/[/url]

[b]################## | C:\ %SystemDrive% - Fixed drive (NTFS) |[/b]

[22/03/2016 - 21:21:14 | ASH | 3309928 Ko] - C:\hiberfil.sys
[22/03/2016 - 21:21:14 | ASH | 1310720 Ko] - C:\pagefile.sys
[22/03/2016 - 21:21:14 | ASH | 262144 Ko] - C:\swapfile.sys
[30/10/2015 - 15:05:49 | A | 0 Ko] - C:\setup.log
[28/11/2012 - 05:10:40 | A | 1 Ko] - C:\setup.iss
[09/11/2015 - 07:29:17 | SHD] - C:\$Recycle.Bin
[10/07/2015 - 12:00:31 | RASH | 386 Ko] - C:\bootmgr
[10/07/2015 - 13:21:38 | SHD] - C:\Documents and Settings
[30/10/2015 - 08:18:34 | N | 0 Ko] - C:\BOOTNXT
[30/10/2015 - 08:24:24 | D] - C:\PerfLogs
[30/10/2015 - 14:46:22 | D] - C:\Intel
[30/10/2015 - 14:51:08 | D] - C:\NVIDIA
[30/10/2015 - 15:43:14 | RHD] - C:\MSOCache
[17/12/2015 - 07:00:31 | RD] - C:\Users
[17/12/2015 - 07:14:59 | SHD] - C:\Recovery
[24/02/2016 - 11:55:01 | RD] - C:\Program Files
[22/03/2016 - 21:13:42 | HD] - C:\ProgramData
[22/03/2016 - 21:21:14 | D] - C:\Windows
[22/03/2016 - 21:49:06 | RD] - C:\Program Files (x86)
[22/03/2016 - 22:03:47 | D] - C:\UsbFix

[b]################## | D:\ - Fixed drive (NTFS) |[/b]

[30/10/2015 - 15:53:48 | SHD] - D:\$RECYCLE.BIN
[30/10/2015 - 15:44:44 | D] - D:\e
[24/02/2016 - 11:50:41 | D] - D:\Hearthstone
[16/03/2016 - 11:00:57 | D] - D:\rahma

[b]################## | Vaccin |[/b]

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

[b]Analysed in 7.659 seconds[/b]

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] | [url=https://www.usb-antivirus.com/]https://www.usb-antivirus.com/[/url] |[/b]