API tools faq
paste
Advertisement
Guest User

USB FIX SCAN

a guest
Apr 30th, 2014
283
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.88 KB | None | 0 0
raw download clone embed print report
  1. ############################## | UsbFix V 7.169 | [Research]
  2.  
  3. User: PC (Administrator) # XEGANTHY
  4. Updated 31/03/2014 by El Desaparecido - Team SosVirus
  5. Started at 19:22:29 | 30/04/2014
  6.  
  7. Website : http://www.en.usbfix.net/
  8. Changelog : http://www.en.usbfix.net/changelog/
  9. Support : http://en.kioskea.net/forum/viruses-security-7
  10. Upload Malware : http://www.sosvirus.net/upload_malware.php
  11. Contact : http://www.en.usbfix.net/contact/
  12.  
  13. PC: ASRock (990FX Extreme3)
  14. CPU: AMD FX(tm)-6100 Six-Core Processor
  15. RAM -> [Total : 3046 Mo| Free : 1708 Mo]
  16. Bios: American Megatrends Inc.
  17. Boot: Normal boot
  18.  
  19. OS: Microsoft Windows 7 Ultimate (6.1.7600 32-Bit)
  20. WB: Windows Internet Explorer : 8.0.7600.16385
  21. WB: Mozilla Firefox : 28.0
  22.  
  23. SC: Security Center [Enabled]
  24. WU: Windows Update [(!) Disabled]
  25. AV: avast! Antivirus [Enabled | (!) Outdated]
  26. AS: avast! Antivirus [Enabled | (!) Outdated]
  27. AS: Windows Defender [Enabled | (!) Outdated]
  28. FW: Windows FireWall [(!) Disabled]
  29.  
  30. C:\ (%systemdrive%) -> Fixed drive # 233 Gb (23 Mb free - 0%) [] # NTFS
  31. D:\ -> CD-ROM
  32. E:\ -> Fixed drive # 233 Gb (4 Mb free - 2%) [] # NTFS
  33. F:\ -> CD-ROM
  34. G:\ -> Removable drive # 4 Gb (591 Mb free - 16%) [IUSB] # FAT32
  35. Z:\ -> Fixed drive # 100 Mb (70 Mb free - 70%) [System Reserved] # NTFS
  36.  
  37. ################## | Active Processes |
  38.  
  39. C:\Windows\system32\csrss.exe (ID: 576 |ParentID: 444)
  40. C:\Windows\system32\wininit.exe (ID: 660 |ParentID: 444)
  41. C:\Windows\system32\csrss.exe (ID: 668 |ParentID: 652)
  42. C:\Windows\system32\services.exe (ID: 736 |ParentID: 660)
  43. C:\Windows\system32\lsass.exe (ID: 752 |ParentID: 660)
  44. C:\Windows\system32\lsm.exe (ID: 764 |ParentID: 660)
  45. C:\Windows\system32\winlogon.exe (ID: 808 |ParentID: 652)
  46. C:\Windows\system32\svchost.exe (ID: 892 |ParentID: 736)
  47. C:\Windows\system32\svchost.exe (ID: 984 |ParentID: 736)
  48. C:\Windows\System32\svchost.exe (ID: 1068 |ParentID: 736)
  49. C:\Windows\System32\svchost.exe (ID: 1124 |ParentID: 736)
  50. C:\Windows\system32\svchost.exe (ID: 1164 |ParentID: 736)
  51. C:\Windows\system32\svchost.exe (ID: 1324 |ParentID: 736)
  52. C:\Windows\system32\svchost.exe (ID: 1448 |ParentID: 736)
  53. C:\Program Files\AVAST Software\Avast\AvastSvc.exe (ID: 1516 |ParentID: 736)
  54. C:\Windows\system32\Dwm.exe (ID: 1692 |ParentID: 1124)
  55. C:\Windows\Explorer.EXE (ID: 1716 |ParentID: 1684)
  56. C:\Windows\System32\spoolsv.exe (ID: 1740 |ParentID: 736)
  57. C:\Windows\system32\svchost.exe (ID: 1784 |ParentID: 736)
  58. C:\Windows\system32\taskhost.exe (ID: 1928 |ParentID: 736)
  59. C:\Windows\system32\taskeng.exe (ID: 128 |ParentID: 1164)
  60. C:\Program Files\ASRock\XFast LAN\spd.exe (ID: 384 |ParentID: 736)
  61. C:\Program Files\Garena Plus\ggdllhost.exe (ID: 672 |ParentID: 128)
  62. C:\Windows\system32\svchost.exe (ID: 1904 |ParentID: 736)
  63. C:\Windows\system32\svchost.exe (ID: 2548 |ParentID: 736)
  64. C:\Windows\system32\SearchIndexer.exe (ID: 2796 |ParentID: 736)
  65. C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (ID: 2852 |ParentID: 1716)
  66. C:\Program Files\AVAST Software\Avast\AvastUI.exe (ID: 2876 |ParentID: 1716)
  67. C:\Program Files\Garena Plus\GarenaMessenger.exe (ID: 3124 |ParentID: 1716)
  68. C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (ID: 3140 |ParentID: 1716)
  69. C:\Windows\System32\wscript.exe (ID: 3164 |ParentID: 1716)
  70. C:\Windows\system32\SearchProtocolHost.exe (ID: 3708 |ParentID: 2796)
  71. C:\Windows\system32\SearchFilterHost.exe (ID: 3728 |ParentID: 2796)
  72. C:\Windows\system32\svchost.exe (ID: 3884 |ParentID: 736)
  73. C:\Program Files\Mozilla Firefox\firefox.exe (ID: 4084 |ParentID: 1716)
  74. C:\Windows\system32\wbem\wmiprvse.exe (ID: 3064 |ParentID: 892)
  75. C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe (ID: 3988 |ParentID: 3340)
  76. C:\Program Files\Steam\Steam.exe (ID: 3416 |ParentID: 3104)
  77. \\?\C:\Windows\system32\wbem\WMIADAP.EXE (ID: 1684 |ParentID: 1164)
  78. C:\Windows\system32\wbem\wmiprvse.exe (ID: 3948 |ParentID: 892)
  79. C:\Windows\system32\sppsvc.exe (ID: 1076 |ParentID: 736)
  80. C:\Windows\System32\svchost.exe (ID: 4064 |ParentID: 736)
  81. C:\Windows\system32\WUDFHost.exe (ID: 5508 |ParentID: 1124)
  82. C:\Program Files\Mozilla Firefox\plugin-container.exe (ID: 3980 |ParentID: 4084)
  83.  
  84. ################## | Regedit Run |
  85.  
  86. F2 - HKLM\..\Winlogon : [Shell] explorer.exe
  87. F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
  88. F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
  89. F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
  90. F3 - HKCU\..\Winlogon : [Shell] explorer.exe
  91. 04 - HKCU\..\Run : [ASRockXTU]
  92. 04 - HKCU\..\Run : [zASRockInstantBoot]
  93. 04 - HKCU\..\Run : [Steam] "C:\Program Files\Steam\steam.exe" -silent
  94. 04 - HKCU\..\Run : [uTorrent] "C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
  95. 04 - HKCU\..\Run : [GarenaPlus] "C:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch
  96. 04 - HKCU\..\Run : [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
  97. 04 - HKCU\..\Run : [kpcgrhynko] wscript.exe //B "C:\Users\PC\AppData\Roaming\kpcgrhynko..vbs"
  98. 04 - HKLM\..\Run : [XFast LAN] C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
  99. 04 - HKLM\..\Run : [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
  100. 04 - HKLM\..\Run : [kpcgrhynko] wscript.exe //B "C:\Users\PC\AppData\Roaming\kpcgrhynko..vbs"
  101. 04 - HKLM\..\RunOnce : []
  102. 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
  103. 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
  104. 04 - HKU\S-1-5-21-3038131283-417028895-3252822844-1000\..\Run : [ASRockXTU]
  105. 04 - HKU\S-1-5-21-3038131283-417028895-3252822844-1000\..\Run : [zASRockInstantBoot]
  106. 04 - HKU\S-1-5-21-3038131283-417028895-3252822844-1000\..\Run : [Steam] "C:\Program Files\Steam\steam.exe" -silent
  107. 04 - HKU\S-1-5-21-3038131283-417028895-3252822844-1000\..\Run : [uTorrent] "C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
  108. 04 - HKU\S-1-5-21-3038131283-417028895-3252822844-1000\..\Run : [GarenaPlus] "C:\Program Files\Garena Plus\GarenaMessenger.exe" -autolaunch
  109. 04 - HKU\S-1-5-21-3038131283-417028895-3252822844-1000\..\Run : [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
  110. 04 - HKU\S-1-5-21-3038131283-417028895-3252822844-1000\..\Run : [kpcgrhynko] wscript.exe //B "C:\Users\PC\AppData\Roaming\kpcgrhynko..vbs"
  111. 04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
  112. 04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
  113.  
  114. ################## | Generic Research |
  115.  
  116. Found ! C:\Users\PC\AppData\Roaming\kpcgrhynko..vbs
  117. Found ! C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kpcgrhynko..vbs
  118. Found ! G:\kpcgrhynko..vbs
  119. Found ! G:\[DeadFish] Fairy Tail (2014) - 03 [720p][AAC].lnk
  120. Found ! G:\[DeadFish] Black Bullet - 03v2 [720p][AAC].lnk
  121. Found ! G:\[DeadFish] Fairy Tail (2014) - 02 [720p][AAC].lnk
  122. Found ! G:\[DeadFish] Ping Pong The Animation - 03 [720p][AAC].lnk
  123. Found ! G:\[DeadFish] Sidonia no Kishi - 03 [720p][AAC].lnk
  124. Found ! G:\[DeadFish] Haikyuu!! - 03 [720p][AAC].lnk
  125. Found ! G:\[DeadFish] Soredemo Sekai wa Utsukushii - 03 [720p][AAC].lnk
  126. Found ! G:\[DeadFish] Haikyuu!! - 02 [720p][AAC].lnk
  127. Found ! G:\[DeadFish] Haikyuu!! - 01 [720p][AAC].lnk
  128. Found ! G:\[DeadFish] No Game No Life - 03 [720p][AAC].lnk
  129. Found ! G:\[DeadFish] Bokura wa Minna Kawaisou - 04 [720p][AAC].lnk
  130. Found ! G:\[DeadFish] Hitsugi no Chaika - 03 [720p][AAC].lnk
  131. Found ! G:\Ram Resume.lnk
  132. Found ! G:\letter.lnk
  133. Found ! G:\Increase credit limit.lnk
  134. Found ! G:\[DeadFish] Mangaka-san to Assistant-san to - 03 [720p][AAC].lnk
  135.  
  136. ################## | Registry |
  137.  
  138. Found ! HKU\S-1-5-21-3038131283-417028895-3252822844-1000\Software\Microsoft\Windows\CurrentVersion\Run|kpcgrhynko
  139. Found ! [x64] HKLM\Software\Microsoft\Windows\CurrentVersion\Run|kpcgrhynko
  140. Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|kpcgrhynko
  141. Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|kpcgrhynko
  142.  
  143. ################## | E.O.F | http://www.en.usbfix.net/ - http://www.sosvirus.net |
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!