Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ############################## | UsbFix V 7.161 | [Deletion]
- User: Fedycki (Administrator) # FEDYCKI-KOMPUTE
- Updated 15/01/2014 by El Desaparecido - Team SosVirus
- Started at 15:58:18 | 26/01/2014
- Website : http://www.en.usbfix.net
- Changelog : http://www.usbfix.net/maj/
- Support : http://www.sosvirus.net/
- Upload Malware : http://www.sosvirus.net/upload_malware.php
- Contact : http://www.en.usbfix.net/contact/
- PC: ASUSTeK Computer INC. (P5G41T-M LX)
- CPU: Pentium(R) Dual-Core CPU E6700 @ 3.20GHz
- RAM -> [Total : 2047 Mo| Free : 843 Mo]
- Bios: American Megatrends Inc.
- Boot: Normal boot
- OS: Microsoft Windows 7 Professional (6.1.7601 64-Bit) Service Pack 1
- WB: Windows Internet Explorer : 8.0.7601.17514
- WB: Google Chrome : 31.0.1650.63
- SC: Security Center Service [(!) Disabled]
- WU: Windows Update Service [(!) Disabled]
- AV: Microsoft Security Essentials [Enabled | Updated]
- AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
- FW: Windows FireWall Service [(!) Disabled]
- C:\ (%systemdrive%) -> Fixed drive # 146 Gb (98 Mb free - 67%) [Zastrzeżone przez system] # NTFS
- D:\ -> Fixed drive # 146 Gb (80 Mb free - 54%) [Programy] # NTFS
- E:\ -> Fixed drive # 173 Gb (140 Mb free - 81%) [GRY] # NTFS
- F:\ -> CD-ROM
- ################## | Stopped processes |
- Stopped! C:\Windows\Explorer.EXE (ID: 2444 |ParentID: 2376)
- Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (ID: 4728 |ParentID: 496)
- Stopped! C:\Windows\system32\SearchIndexer.exe (ID: 4660 |ParentID: 496)
- Stopped! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (ID: 4612 |ParentID: 4728)
- Stopped! C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (ID: 2068 |ParentID: 496)
- Stopped! C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (ID: 940 |ParentID: 496)
- Stopped! C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3564 |ParentID: 496)
- Stopped! C:\Windows\System32\spoolsv.exe (ID: 4616 |ParentID: 496)
- Stopped! C:\Windows\system32\SearchProtocolHost.exe (ID: 2544 |ParentID: 4660)
- Stopped! C:\Windows\system32\SearchFilterHost.exe (ID: 1132 |ParentID: 4660)
- ################## | Regedit Run |
- 04 - HKLM\..\Run : [OrderReminder] C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
- 04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
- 04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
- 04 - HKLM\..\Run : [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
- 04 - HKLM\..\Run : [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
- 04 - HKLM\..\Run : [KiesTrayAgent] E:\Kies\KiesTrayAgent.exe
- 04 - HKLM\..\Run : [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
- 04 - HKLM64\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
- 04 - HKLM64\..\Run : [MouseDriver] TiltWheelMouse.exe
- 04 - HKLM64\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
- 04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
- 04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
- 04 - HKU\S-1-5-21-1345903610-1416389592-3977813581-1000\..\Run : [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun
- 04 - HKU\S-1-5-21-1345903610-1416389592-3977813581-1000\..\Run : [KiesPreload] E:\Kies\Kies.exe /preload
- 04 - HKU\S-1-5-21-1345903610-1416389592-3977813581-1000\..\Run : [] E:\Kies\External\FirmwareUpdate\KiesPDLR.exe
- 04 - HKU\S-1-5-21-1345903610-1416389592-3977813581-1000\..\Run : [eRclient] "C:\Users\Fedycki\AppData\Roaming\eRclient\eRclient.exe"
- 04 - HKU\S-1-5-21-1345903610-1416389592-3977813581-1000\..\Run : [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
- 04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
- 04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
- ################## | Generic Research |
- Deleted ! C:\Users\Fedycki\AppData\Roaming\003CD0D6.exe
- Deleted ! E:\The Banner Saga — skrót.lnk
- Deleted ! C:\_OTL\MovedFiles\01262014_152523\C_ProgramData\msankaydb.exe
- Deleted ! C:\_OTL\MovedFiles\01262014_152523\C_ProgramData\msroxqa.exe
- Deleted ! C:\_OTL\MovedFiles\01262014_152523\C_Users\Fedycki\AppData\Roaming\0005666F.exe
- Deleted ! C:\_OTL\MovedFiles\01262014_152523\C_Users\Fedycki\AppData\Roaming\0005CDC9.exe
- Deleted ! C:\_OTL\MovedFiles\01262014_152523\C_Users\Fedycki\AppData\Roaming\0020ACF1.exe
- Deleted ! C:\_OTL\MovedFiles\01262014_152523\C_Users\Fedycki\AppData\Roaming\0057A42C.exe
- (!) Temporary files deleted.
- ################## | Registry |
- Repaired ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|EnableLUA -> 1
- Repaired ! HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyGames -> 1
- Deleted ! HKU\S-1-5-21-1345903610-1416389592-3977813581-1000\Software\.\.\.\.\Mountpoints2\{4164822c-4398-11e2-a02f-0023481c491b}
- Deleted ! HKU\S-1-5-21-1345903610-1416389592-3977813581-1000\Software\.\.\.\.\Mountpoints2\{b4239810-694a-11e2-a3c1-0023481c491b}
- ################## | Listing |
- [18/12/2013 - 21:11:04 | SHD] - C:\$Recycle.Bin
- [13/06/2012 - 19:23:16 | D] - C:\16c32dfb7f1f6d8038b10a78fe9966
- [26/01/2014 - 13:59:58 | D] - C:\AdwCleaner
- [24/11/2013 - 13:45:23 | D] - C:\AMD
- [11/12/2011 - 19:48:42 | D] - C:\ATI
- [17/11/2011 - 17:47:54 | SHD] - C:\Boot
- [20/11/2010 - 13:40:07 | RASH | 375 Ko] - C:\bootmgr
- [14/05/2011 - 21:28:40 | N | 8 Ko] - C:\BOOTSECT.BAK
- [14/07/2009 - 06:08:56 | SHD] - C:\Documents and Settings
- [26/01/2014 - 15:28:59 | ASH | 1572184 Ko] - C:\hiberfil.sys
- [21/02/2012 - 16:17:31 | RHD] - C:\MSOCache
- [26/01/2014 - 15:29:01 | ASH | 2096248 Ko] - C:\pagefile.sys
- [14/07/2009 - 04:20:08 | D] - C:\PerfLogs
- [13/11/2012 - 13:21:07 | D] - C:\Plugins
- [28/07/2013 - 17:21:20 | D] - C:\Program Files
- [26/01/2014 - 13:59:22 | D] - C:\Program Files (x86)
- [26/01/2014 - 15:25:27 | HD] - C:\ProgramData
- [14/05/2011 - 14:35:01 | SHD] - C:\Recovery
- [25/01/2014 - 13:59:35 | SHD] - C:\System Volume Information
- [26/01/2014 - 15:58:19 | D] - C:\UsbFix
- [26/01/2014 - 16:01:07 | A | 6 Ko | 9F1DB1BBDD1E8101009F71C6BA7921B1] - C:\UsbFix [Clean 1] FEDYCKI-KOMPUTE.txt
- [26/01/2014 - 15:41:29 | N | 9 Ko | E9531F15A5E728619F5C4102FA18A5BA] - C:\UsbFix [Scan 1] FEDYCKI-KOMPUTE.txt
- [26/01/2014 - 15:57:50 | N | 7 Ko | D1428C220A744A34B4546481049D2BEA] - C:\UsbFix [Scan 2] FEDYCKI-KOMPUTE.txt
- [14/05/2011 - 14:35:05 | D] - C:\Users
- [26/02/2013 - 18:55:03 | D] - C:\video_output
- [26/01/2014 - 15:27:35 | D] - C:\Windows
- [26/01/2014 - 15:25:23 | D] - C:\_OTL
- [14/05/2011 - 15:06:35 | SHD] - D:\$RECYCLE.BIN
- [06/07/2013 - 19:11:45 | D] - D:\Config.Msi
- [16/05/2012 - 16:45:34 | D] - D:\DAEMON Tools Lite
- [31/07/2013 - 16:27:58 | D] - D:\EVEREST Home Edition
- [12/01/2014 - 14:03:32 | D] - D:\Filmy
- [11/01/2014 - 20:24:58 | D] - D:\foobar2000
- [17/12/2013 - 09:47:25 | D] - D:\Game Booster 3
- [11/01/2014 - 20:29:38 | D] - D:\Last.fm
- [19/12/2012 - 17:51:08 | D] - D:\LOLReplay
- [06/01/2014 - 13:15:05 | D] - D:\Mesajah.Jestem.Stad.2012.320kbps
- [29/04/2012 - 18:58:25 | D] - D:\Microsoft Visual C++
- [06/09/2013 - 17:30:05 | D] - D:\muzyka
- [18/02/2013 - 16:43:55 | D] - D:\NapiProjekt
- [06/04/2013 - 15:51:25 | D] - D:\PDFCreator
- [13/09/2013 - 17:58:44 | D] - D:\Photoshop
- [11/03/2012 - 14:35:22 | D] - D:\PITy
- [10/01/2014 - 21:08:54 | D] - D:\playlists
- [22/01/2014 - 12:47:25 | D] - D:\POBRANE
- [12/05/2013 - 16:10:04 | D] - D:\Program Files (x86)
- [12/01/2014 - 14:16:26 | D] - D:\RegCleaner
- [21/12/2012 - 21:27:50 | D] - D:\Samsung
- [12/01/2014 - 13:59:07 | D] - D:\SpeedFan
- [14/05/2011 - 15:25:13 | SHD] - D:\System Volume Information
- [21/12/2012 - 21:22:59 | D] - D:\USB Drivers
- [15/03/2013 - 18:46:16 | N | 0 Ko | 5BE710676E567F00BA6935D08CF3E6CB] - D:\ValveUnhandledExceptionFilter.txt
- [06/01/2014 - 13:14:56 | D] - D:\vavamuffin - vabang!-DW-Ryszardes-02-04-13
- [06/01/2014 - 13:14:58 | D] - D:\Vavamuffin.Solresol.2013
- [12/02/2013 - 17:30:45 | D] - D:\VLC
- [14/05/2011 - 15:29:00 | SHD] - E:\$RECYCLE.BIN
- [06/01/2014 - 13:12:27 | D] - E:\Artur
- [23/01/2014 - 16:59:24 | D] - E:\Battle.net
- [17/01/2014 - 19:40:24 | D] - E:\Config.Msi
- [06/01/2014 - 13:43:24 | D] - E:\Gadu-Gadu 10
- [12/01/2014 - 13:49:49 | D] - E:\Gierki
- [14/09/2013 - 12:13:25 | D] - E:\Kies
- [19/01/2014 - 15:22:29 | D] - E:\King's Bounty - Warriors of the North
- [06/01/2014 - 13:13:02 | D] - E:\KRÓLIKI
- [14/05/2011 - 17:45:48 | D] - E:\LeagueofLegends
- [06/01/2014 - 13:12:58 | D] - E:\Rooney
- [14/05/2011 - 15:25:13 | SHD] - E:\System Volume Information
- [16/01/2014 - 17:36:00 | D] - E:\The Banner Saga
- [11/01/2014 - 21:48:02 | D] - E:\Winamp
- ################## | Vaccin |
- D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
- E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
- ################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
