Sie sind auf Seite 1von 3

[b]############################## | UsbFix V 8.

174 | [Research][/b]
User: Administrator (Administrator) # ADMIN-PC
Updated 26/12/2015 by SosVirus
Started at 00:40:25 | 28/12/2015
Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Tutorial : [url=http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/]http:/
/www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/[/url]
Support : [url=http://www.sos-virus.net/]http://www.sos-virus.net/[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contac
t/[/url]
[b]################## | System information |[/b]
MB: ASUSTeK Computer INC. (P5KPL-AM IN)
CPU: Pentium(R) Dual-Core CPU
E5400 @ 2.70GHz
GC: Intel(R) G33/G31 Express Chipset Family
RAM -> [Total : 2038 Mo | Free : 1060 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS:
WB:
WB:
WB:

Microsoft Windows 7 Ultimate (6.1.7601 32-Bit) Service Pack 1


Internet Explorer : 11.00.9600.16428
Google Chrome : 47.0.2526.106
Mozilla Firefox : 38.0.1

[b]################## | Security Information |[/b]


AV:
AS:
AS:
FW:
SC:
WU:

AVG AntiVirus Free Edition 2015 [Enabled |Updated]


AVG AntiVirus Free Edition 2015 [Enabled |Updated]
Malwarebytes Anti-Malware : 2.2.0.1024
Windows Firewall [Enabled]
Security Center [Enabled]
Windows Update [Enabled]

[b]################## | Disk Information |[/b]


C:\
D:\
E:\
G:\

(%SystemDrive%)
-> Fixed disk #
-> Fixed disk #
-> Fixed disk #

-> Fixed disk # 98 Gb (871 Mb free - 1%) [] # NTFS


195 Gb (260 Mb free - 0%) [] # NTFS
173 Gb (54 Gb free - 32%) [] # NTFS
931 Gb (527 Gb free - 57%) [My Passport] # NTFS

[b]################## | Startup |[/b]


F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [zpmwoautpp] wscript.exe //B "C:\Users\ADMINI~1\AppData\Local
\Temp\zpmwoautpp..vbs"
04 - HKCU\..\Run : [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe
/onboot
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe
" /MONITOR
04 - HKCU\..\Run : [Spotify Web Helper] "C:\Users\Administrator\AppData\Roaming\
Spotify\SpotifyWebHelper.exe"
04 - HKCU\..\Run : [uTorrent] "C:\Users\Administrator\AppData\Roaming\uTorrent\u
Torrent.exe" /MINIMIZED
04 - HKCU\..\Run : [GoogleChromeAutoLaunch_361C1DD22E1256C6B68316A32E8B1949] "C:
\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window

04 - HKCU\..\RunOnce : [Application Restart #2] C:\Program Files\Google\Chrome\A


pplication\chrome.exe --flag-switches-begin --enable-npapi --flag-switches-end
--restore-last-session http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_camp
aign=eXQ&utm_content=sc&from=cor&uid=ST3500514NS_9WJ1593RXXXX9WJ1593R&ts=1379431
913
04 - HKCU\..\RunOnce : [Application Restart #1] C:\Program Files\Google\Chrome\A
pplication\chrome.exe --flag-switches-begin --enable-npapi --flag-switches-end
--restore-last-session http://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_camp
aign=eXQ&utm_content=sc&from=cor&uid=ST3500514NS_9WJ1593RXXXX9WJ1593R&ts=1379431
913
04 - HKLM\..\Run : [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\G
rooveMonitor.exe"
04 - HKLM\..\Run : [zpmwoautpp] wscript.exe //B "C:\Users\ADMINI~1\AppData\Local
\Temp\zpmwoautpp..vbs"
04 - HKLM\..\Run : [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
04 - HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - HKLM\..\Run : [AvgUi] "C:\Program Files\AVG\Framework\Common\avguix.exe" /f
mw.trayonly
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1000\..\Run : [BgMonitor_{796
62E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMB
gMonitor.exe"
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1000\..\Run : [Sidebar] C:\Pr
ogram Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1000\..\Run : [googletalk] C:
\Users\admin\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1000\..\Run : [Google Update]
"C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1000\..\Run : [iCloudServices
] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1000\..\Run : [ApplePhotoStre
ams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1000\..\Run : [com.apple.dav.
bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\Bookmark
DAV_client.exe
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1000\..\Run : [uTorrent] "C:\
Users\admin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1000\..\Run : [Facebook Updat
e] "C:\Users\admin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrash
server
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1000\..\Run : [Sony PC Compan
ion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1001\..\Run : [Sony PC Compan
ion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-1002\..\Run : [zpmwoautpp] ws
cript.exe //B "C:\Users\Savita\AppData\Local\Temp\zpmwoautpp..vbs"
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-500\..\Run : [zpmwoautpp] wsc
ript.exe //B "C:\Users\ADMINI~1\AppData\Local\Temp\zpmwoautpp..vbs"
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-500\..\Run : [IDMan] C:\Progr
am Files\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-500\..\Run : [CCleaner Monito
ring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-500\..\Run : [Spotify Web Hel
per] "C:\Users\Administrator\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-500\..\Run : [uTorrent] "C:\U


sers\Administrator\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-500\..\Run : [GoogleChromeAut
oLaunch_361C1DD22E1256C6B68316A32E8B1949] "C:\Program Files\Google\Chrome\Applic
ation\chrome.exe" --no-startup-window
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-500\..\RunOnce : [Application
Restart #2] C:\Program Files\Google\Chrome\Application\chrome.exe --flag-switc
hes-begin --enable-npapi --flag-switches-end --restore-last-session http://www.q
vo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&ui
d=ST3500514NS_9WJ1593RXXXX9WJ1593R&ts=1379431913
04 - HKU\S-1-5-21-1874774099-2506090785-1779561781-500\..\RunOnce : [Application
Restart #1] C:\Program Files\Google\Chrome\Application\chrome.exe --flag-switc
hes-begin --enable-npapi --flag-switches-end --restore-last-session http://www.q
vo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&ui
d=ST3500514NS_9WJ1593RXXXX9WJ1593R&ts=1379431913
04 - HKU\S-1-5-18\..\RunOnce : [SPReview] "C:\Windows\System32\SPReview\SPReview
.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:
7601
[b]################## | Generic Research |[/b]
Found! G:\Nero StartSmart.lnk
Found! C:\RECYCLER\X-1-5-21-1960408961-725345543-839522115-1003
Found! G:\falschyng
Found! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|zpmwoautpp
Found! HKU\S-1-5-21-1874774099-2506090785-1779561781-1002\Software\Microsoft\Win
dows\CurrentVersion\Run|zpmwoautpp
Found! HKU\S-1-5-21-1874774099-2506090785-1779561781-500\Software\Microsoft\Wind
ows\CurrentVersion\Run|zpmwoautpp
Found! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|zpmwoautpp
[b]################## | UsbFix - Information |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut v
irus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut
virus on flash disk, What is it ?[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]
[b]Analysed in 8.323 seconds[/b]
[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosviru
s.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[
/b]