[Solved] Report as Requested 2016-04-11T09:55:45+00:00

Home Forums Virus, Trojan, Spyware, and Malware Removal Logs [Solved] Report as Requested

  • Author
    Posts
  • siri
    Participant
    Post count: 2
    #1664 |

    Dears, you suggest to send you this report so here it is.
    My drives are definitively infected by Trojans and worms.
    Although I had and external drive connected, I don’t see it in your report.
    Drive C and D are the same drive.
    Your suggestions are welcome.
    Thank you and best regards
    Siri
    ############################## | UsbFix V 8.215 | [Research]

    User: acer (Administrator) # ACER-PC
    Updated 07/04/2016 by SOSVirus
    Started at 15:54:42 | 11/04/2016

    Website : https://www.usb-antivirus.com/
    Tutorial : https://www.usb-antivirus.com/tutorial/
    Support : http://www.sosvirus.org/
    Live detection : http://www.sosmalware.com/usbfix/
    Contact : https://www.usb-antivirus.com/contact/

    ################## | System information |

    MB: Acer (ZQ1B)
    CPU: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
    RAM -> [Total : 7991 Mo | Free : 6233 Mo]
    Bios: INSYDE
    Boot: Normal boot

    OS: Microsoft™ Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Internet Explorer : 11.00.9600.16428
    WB: Google Chrome : 49.0.2623.110
    WB: Mozilla Firefox : 33.0.3

    ################## | Security Information |

    AV: Kaspersky Anti-Virus [(!) Disabled |Updated]
    AS: Kaspersky Anti-Virus [(!) Disabled |Updated]
    AS: Windows Defender [Enabled |(!) Outdated]
    FW: Kaspersky Anti-Virus [(!) Disabled]
    FW: Windows Firewall [Enabled]
    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]

    ################## | Disk Information |

    C: (%SystemDrive%) -> Fixed disk # 200 Gb (50 Gb free – 25%) [] # NTFS
    D: -> Fixed disk # 254 Gb (202 Gb free – 80%) [Disk D] # NTFS

    ################## | Startup |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [DAEMON Tools Lite] “C:Program FilesDAEMON Tools LiteDTLite.exe” -autorun
    04 – HKLM..Run : [LManager] C:Program Files (x86)Launch ManagerLManager.exe
    04 – HKLM..Run : [StartCCC] “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    04 – HKLM..Run : [SwitchBoard] C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
    04 – HKLM..Run : [AdobeCS6ServiceManager] “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin
    04 – HKLM..Run : [UIExec] “C:Program Files (x86)Join AirUIExec.exe”
    04 – HKLM..Run : [APSDaemon] “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    04 – HKLM..Run : [QuickTime Task] “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
    04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [PWRISOVM.EXE] C:Program FilesPowerISOPWRISOVM.EXE -startup
    04 – HKLM..Run : [WTClient] WTClient.exe
    04 – [x64] HKLM..Run : [RtHDVCpl] C:Program FilesRealtekAudioHDARAVCpl64.exe -s
    04 – [x64] HKLM..Run : [RtHDVBg] C:Program FilesRealtekAudioHDARAVBg64.exe /FORPCEE3
    04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – [x64] HKLM..Run : [AdobeAAMUpdater-1.0] “C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-3664016049-3972075310-433424926-1000..Run : [DAEMON Tools Lite] “C:Program FilesDAEMON Tools LiteDTLite.exe” -autorun
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | Generic Research |

    ################## | UsbFix – Information |

    Info : How to remove shortcut virus on flash disk (Video)
    Info : Shortcut virus on flash disk, What is it ?
    Live detection : http://www.sosmalware.com/usbfix/

    Analysed in 14.14 seconds

    ################## | E.O.F | https://www.sosvirus.net/ | https://www.usb-antivirus.com/ |

  • Anonymous
    Post count: 0

    Hi,

    Please, run usbfix and choice Listing. I need this report please in your next reply.

  • siri
    Participant
    Post count: 2

    Thank for the reply.
    I managed to make it work.
    YOUR SOFTWARE HAS FREED MY COMPUTER FROM NASTY TROJANS / WORMS where all other anti virus programs failed.
    THANK YOU.
    No more Autorun.ini and the like. No more shortcut but the real stuff when I open my external drive :)

    Of course I bought the License. Great job! Congratulation!!!

    I just noticed that I can’t rename these drives anymore though.
    I read somewhere that you will come with an improved version in the future and I probably will receive it automatically as registered user.

    Thanks again

    Best wishes

    Siri

  • Anonymous
    Post count: 0

    Hi siri,

    If you can’t rename your drives after UsbFix, please run mkv and press “supprimer la vaccination” with your drive connected.
    See here : https://www.usb-antivirus.com/fr/2014/02/la-vaccination-de-usbfix/

    Best Regards,

    Cédric

  • You must be logged in to reply to this topic.