Remove AntiShortCut AntiUsbShortCut

New USB Worm AntiUsbShortCut.zip !

It installs in the system root folder:

C:AntiShortCutAntiUsb.exe
C:AntiShortCutAntiUsbShortCut.zip

Create autostart files:

%USERSTARTUP%AntiShortCutUpdate.lnK
%USERSTARTUP%AntiUsbShortCutUpdate.lnK

It makes persistent with windows registry/h4>

04 – HKCU..Run : C:AntiShortCutAntiUsb.exe “C:AntiShortCutAntiUsbShortCut.zip”
04 – HKCU..Run : C:WINDOWSsystem32cmd.exe /c start C:AntiShortCutAntiUsb.exe “C:AntiShortCutAntiUsbShortCut.zip” & exit

Propagation

The infection will then spread on removable media by trapping its contents in order to deceive you and to spread to other computers.

Solution :

UsbFix Our software will get rid of this infection. UsbFix can also restore your data become inaccessible. Download UsbFix.

Malware USB, What is it ?

Read More ..

Download USBFix.

Download

Example USBFIX Report

################## | Startup |

F2 – HKLM..Winlogon : Explorer.exe
F2 – HKLM..Winlogon : C:WINDOWSsystem32userinit.exe,
04 – HKCU..Run : C:WINDOWSsystem32ctfmon.exe
04 – HKCU..Run : C:AntiShortCutAntiUsb.exe “C:AntiShortCutAntiUsbShortCut.zip”
04 – HKCU..Run : C:WINDOWSsystem32cmd.exe /c start C:AntiShortCutAntiUsb.exe “C:AntiShortCutAntiUsbShortCut.zip” & exit
04 – HKLM..Run : “C:Archivos de programaAVAST SoftwareAvastAvastUI.exe” /nogui
04 – HKLM..Run : RTHDCPL.EXE
04 – HKLM..Run : C:AntiShortCutAntiUsb.exe “C:AntiShortCutAntiUsbShortCut.zip”
04 – HKLM..Run : C:WINDOWSsystem32cmd.exe /c start C:AntiShortCutAntiUsb.exe “C:AntiShortCutAntiUsbShortCut.zip” & exit
04 – HKUS-1-5-19..Run : C:WINDOWSsystem32CTFMON.EXE
04 – HKUS-1-5-20..Run : C:WINDOWSsystem32CTFMON.EXE
04 – HKUS-1-5-21-329068152-1960408961-839522115-1009..Run : C:WINDOWSsystem32ctfmon.exe
04 – HKUS-1-5-21-329068152-1960408961-839522115-1009..Run : C:AntiShortCutAntiUsb.exe “C:AntiShortCutAntiUsbShortCut.zip”
04 – HKUS-1-5-21-329068152-1960408961-839522115-1009..Run : C:WINDOWSsystem32cmd.exe /c start C:AntiShortCutAntiUsb.exe “C:AntiShortCutAntiUsbShortCut.zip” & exit
04 – HKUS-1-5-18..Run : C:WINDOWSsystem32CTFMON.EXE
04 – HKUS-1-5-19..RunOnce : [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
04 – HKUS-1-5-20..RunOnce : [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
04 – HKUS-1-5-18..RunOnce : [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
04GS – AntiShortCutUpdate.lnk : C:AntiShortCutAntiUsb.exe C:AntiShortCutAntiUsbShortCut.zip &
04GS – AntiUsbShortCutUpdate.lnk : C:AntiShortCutAntiUsbShortCut.zip

################## | C: %SystemDrive% – Disco fijo (NTFS) |

– C:MSDOS.SYS
– C:CONFIG.SYS
– C:IO.SYS
– C:pagefile.sys
– C:Config.Msi
– C:P1005.log
– C:1020.log
– C:INSTPDTLOG_9-17-2015_11-51-24.LOG
– C:INSTPDTLOG_9-28-2015_11-24-12.LOG
– C:boot.ini
– C:USB Show.exe
– C:msvcr71.dll
– C:NTDETECT.COM
– C:Bootfont.bin
– C:$RECYCLE.BIN
– C:AUTOEXEC.BAT
– C:ntldr
– C:DESCARTES
– C:Documents and Settings
– C:hp_LJ1018_Full_Solution
– C:Instalar
– C:Intel
– C:MSOCache
– C:RECYCLER
– C:spoolerlogs
– C:SUNATPDT
– C:AntiUsbShortCut
– C:AntiShortCut
– C:Archivos de programa
– C:UsbFix
– C:WINDOWS

################## | F: – Disco fijo (NTFS) |

– F:AntiUsbShortCut
– F:RECYCLER

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top