[b]############################## | UsbFix V 7.

183 | [Clean][/b]
User: USER (Administrator) # DSP8
Updated 30/09/2014 by El Desaparecido - SosVirus
Started at 14:17:40 | 04/12/2014
Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Changelog : [url=http://www.en.usbfix.net/changelog/]http://www.en.usbfix.net/ch
angelog/[/url]
Support : [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosv
irus.net/upload_malware.php[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contac
t/[/url]
[b]################## | System information |[/b]
CPU: Intel(R) Core(TM)2 Duo CPU
E4500 @ 2.20GHz
RAM -> [Total : 1013 Mo | Free : 294 Mo]
Boot: Normal boot
OS:
WB:
WB:
WB:
WB:

Microsoft Windows XP (5.1.2600 32-Bit) Service Pack 3

Internet Explorer : 8.00.6001.18702
Google Chrome : 41.0.2236.0
Mozilla Firefox : 11.0
Opera : 25.0.1614.63

[b]################## | Security Information |[/b]

FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
[b]################## | Disk Information |[/b]
C:\
D:\
E:\
F:\
H:\

(%SystemDrive%) -> Fixed disk # 39 Gb (16 Gb free - 40%) [XP] # NTFS

-> Fixed disk # 39 Gb (33 Gb free - 84%) [] # NTFS
-> Fixed disk # 39 Gb (22 Gb free - 57%) [] # NTFS
-> Fixed disk # 32 Gb (24 Gb free - 74%) [] # NTFS
-> Removable disk # 7 Gb (3 Gb free - 46%) [PENDRIVE] # FAT32

[b]################## | Generic Research |[/b]

Deleted! H:\4#NVAOIQNLFPBEAIKM.ini
Deleted! H:\Thumbs.db
(!) Temporary files deleted. (57.0206995010376 MB)
[b]################## | Registry |[/b]
Repaired ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Taskman ("
")
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - HKLM\..\Winlogon : [TaskMan] C:\Documents and Settings\USER\Application Dat
a\xcjv.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\WINDOWS\system32\userinit.exe,

04 - HKCU\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

04 - HKCU\..\Run : [NIRegistrationWizard] C:\Program Files\National Instruments\
Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfN
oneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1033
04 - HKCU\..\Run : [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe
/onboot
04 - HKCU\..\Run : [BitTorrent] "C:\Documents and Settings\USER\Application Data
\BitTorrent\BitTorrent.exe" /MINIMIZED
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader
8.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.e
xe
04 - HKLM\..\Run : [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
04 - HKLM\..\Run : [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
04 - HKLM\..\Run : [Persistence] C:\WINDOWS\system32\igfxpers.exe
04 - HKLM\..\Run : [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\G
rooveMonitor.exe"
04 - HKLM\..\Run : [USB Security] C:\Program Files\USB Disk Security\USBGuard.ex
e
04 - HKLM\..\Run : [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome
\TrueImageMonitor.exe
04 - HKLM\..\Run : [Acronis Scheduler2 Service] "C:\Program Files\Common Files\A
cronis\Schedule2\schedhlp.exe"
04 - HKLM\..\Run : [NI Update Service] "C:\Program Files\National Instruments\Sh
ared\Update Service\NIUpdateService.exe" -startupTask
04 - HKLM\..\Run : [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startu
p
04 - HKU\S-1-5-21-1220945662-299502267-1417001333-1003\..\Run : [ctfmon.exe] C:\
WINDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-21-1220945662-299502267-1417001333-1003\..\Run : [NIRegistrationW
izard] C:\Program Files\National Instruments\Shared\RegistrationWizard\Bin\Regis
trationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions
1 -sleepIfNoneFound 0 -locale 1033
04 - HKU\S-1-5-21-1220945662-299502267-1417001333-1003\..\Run : [IDMan] C:\Progr
am Files\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-21-1220945662-299502267-1417001333-1003\..\Run : [BitTorrent] "C:
\Documents and Settings\USER\Application Data\BitTorrent\BitTorrent.exe" /MINIM
IZED
04 - HKU\S-1-5-18\..\Run : [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW
\dwtrig20.exe" -t
[b]################## | UsbFix - Information |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut v
irus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut
virus on flash disk, What is it ?[/url]
[b]################## | Hijack |[/b]
Restored! [D] H:\
[b]################## | C:\ %SystemDrive% - Fixed drive (NTFS) |[/b]
[28/08/2014
[17/08/2008
[17/08/2008
[17/08/2008
[04/12/2014
[19/10/2014

13:28:11
23:48:48
23:48:48
23:48:48
10:37:36
09:59:57

|
|
|
|
|
|

A | 0 Ko] - C:\ztrace.txt
RASH | 0 Ko] - C:\IO.SYS
RASH | 0 Ko] - C:\MSDOS.SYS
A | 0 Ko] - C:\CONFIG.SYS
ASH | 761856 Ko] - C:\pagefile.sys
D] - C:\Config.Msi

[22/09/2014 - 14:41:34 | A | 1 Ko] - C:\ConfigFileReader.log

[17/08/2008 - 23:43:48 | SH | 0 Ko] - [[url=https://www.virustotal.com/file/69c6
eaa43ec6b89a61e0c6294be8ea88447efa011b3d266de9213e45336d6118/analysis/1416515592
/]VirusTotal[/url] - (0/55)] - C:\boot.ini
[13/04/2008 - 22:13:04 | N | 46 Ko] - [[url=https://www.virustotal.com/file/8f71
86a71684dd114e89cc908ed9400192bc3a47fb288cce4c5c27d0f5d3afa4/analysis/1417600496
/]VirusTotal[/url] - (0/55)] - C:\NTDETECT.COM
[17/08/2008 - 23:48:48 | A | 0 Ko] - C:\AUTOEXEC.BAT
[14/04/2008 - 00:01:44 | RASH | 244 Ko] - C:\ntldr
[17/08/2008 - 23:54:11 | D] - C:\Documents and Settings
[18/08/2008 - 00:02:22 | D] - C:\Intel
[10/05/2012 - 01:14:46 | RHD] - C:\MSOCache
[04/08/2012 - 10:18:07 | D] - C:\Keil
[11/07/2014 - 14:00:50 | SHD] - C:\RECYCLER
[25/08/2014 - 09:50:11 | D] - C:\National Instruments Downloads
[19/10/2014 - 09:17:21 | SHD] - C:\System Volume Information
[20/10/2014 - 14:10:13 | D] - C:\MSI
[01/11/2014 - 10:26:58 | D] - C:\WINDOWS
[18/11/2014 - 15:50:25 | RD] - C:\Program Files
[04/12/2014 - 14:16:55 | D] - C:\UsbFix
[b]################## | D:\ - Fixed drive (NTFS) |[/b]
[03/08/2010
[24/01/2014
[25/01/2014
[04/09/2014
[02/09/2014
[29/03/2010
[14/07/2014
[14/07/2014
[14/07/2014
[14/07/2014
[18/07/2014
[19/07/2014
[28/08/2014
[03/09/2014
[22/09/2014
[22/09/2014
[22/09/2014

23:34:34
17:12:14
13:55:56
09:59:44
08:55:14
20:04:54
10:08:27
10:10:41
10:15:02
10:17:22
09:43:16
15:43:20
08:18:09
10:09:13
09:14:02
09:14:02
09:23:27

|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|

A | 0 Ko] - D:\Torrent downloaded from Demonoid.com.txt

A | 1371769 Ko] - D:\2013LV-WinEng.exe
A | 667429 Ko] - D:\NIMODulationTooLV434.exe
A | 219 Ko] - D:\M.tech lab-1.docx
D] - D:\Active.Password.Changer.Professional.v5.0-DOA
SHD] - D:\System Volume Information
SHD] - D:\RECYCLER
D] - D:\Tanner (Lipun_NIT)
D] - D:\Matlab 2007a
D] - D:\TrueImage2010_s_en_5055
D] - D:\Ankita
D] - D:\Media Downloader
AD] - D:\IE3D v12
D] - D:\optisystem
D] - D:\enterpreneurship dev note
D] - D:\act notes
D] - D:\quickheal updates

[b]################## | E:\ - Fixed drive (NTFS) |[/b]

[07/11/2007 - 08:00:40 | A | 17 Ko] - E:\eula.1028.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - E:\eula.1031.txt
[07/11/2007 - 08:00:40 | A | 10 Ko] - E:\eula.1033.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - E:\eula.1036.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - E:\eula.1040.txt
[07/11/2007 - 08:00:40 | A | 0 Ko] - E:\eula.1041.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - E:\eula.1042.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - E:\eula.2052.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - E:\eula.3082.txt
[31/10/2014 - 15:34:12 | A | 6002 Ko] - E:\IDM 6.21 (Full Version).rar
[07/11/2007 - 08:12:28 | A | 228 Ko] - E:\VC_RED.MSI
[07/11/2007 - 08:00:40 | A | 1 Ko] - [[url=https://www.virustotal.com/file/7912e
3fcf2698cf4f8625e563cd8215c6668739cae18bd6f27af2d25bec5c951/analysis/1417366715/
]VirusTotal[/url] - (0/55)] - E:\globdata.ini
[07/11/2007 - 08:00:40 | A | 1 Ko] - [[url=https://www.virustotal.com/file/67262
1b056188f8d3fa5ab8cd3df4f95530c962af9bb11cf7c9bd1127b3c3605/analysis/1416286728/
]VirusTotal[/url] - (0/55)] - E:\install.ini

[07/11/2007 - 08:03:18 | A | 550 Ko] - [[url=https://www.virustotal.com/file/089

66ce743aa1cbed0874933e104ef7b913188ecd8f0c679f7d8378516c51da2/analysis/141755663
4/]VirusTotal[/url] - (0/55)] - E:\install.exe
[07/11/2007 - 08:03:18 | A | 78 Ko] - [[url=https://www.virustotal.com/file/7d86
f3ba0232c2ac4b4fce96e4cebb23700312a032d5d0db988ec6b358be1686/analysis/1416286712
/]VirusTotal[/url] - (0/55)] - E:\install.res.1042.dll
[07/11/2007 - 08:03:18 | A | 75 Ko] - [[url=https://www.virustotal.com/file/5847
5a90250c6818f73763775eea6379e06da6c38e8d2cf0f54eb6112a0a6aee/analysis/1416286729
/]VirusTotal[/url] - (0/55)] - E:\install.res.1028.dll
[07/11/2007 - 08:03:18 | A | 94 Ko] - [[url=https://www.virustotal.com/file/320c
305177ab4ec6e00883a2cf0886019b5d36557219e4a188cf9df3768f157f/analysis/1416286715
/]VirusTotal[/url] - (0/55)] - E:\install.res.3082.dll
[07/11/2007 - 08:03:18 | A | 89 Ko] - [[url=https://www.virustotal.com/file/9bf7
026a47daab7bb2948fd23e8cf42c06dd2e19ef8cdea0af7367453674a8f9/analysis/1416343310
/]VirusTotal[/url] - (0/55)] - E:\install.res.1033.dll
[07/11/2007 - 08:03:18 | A | 95 Ko] - [[url=https://www.virustotal.com/file/2d1c
0a1b17266cff3be7d46cf3020b176e4a058fd7fc57f7b6b97e0760cc45db/analysis/1416286712
/]VirusTotal[/url] - (0/55)] - E:\install.res.1036.dll
[07/11/2007 - 08:03:18 | A | 93 Ko] - [[url=https://www.virustotal.com/file/7774
f2436c96a70b0cdc8176883ee7a4614353f17ad61bfbd5a8d7a1906483d3/analysis/1416286712
/]VirusTotal[/url] - (0/55)] - E:\install.res.1040.dll
[07/11/2007 - 08:03:18 | A | 80 Ko] - [[url=https://www.virustotal.com/file/6183
324fe24006bc3d8928029dcaccbdae517eb09727f5dd47ea5aaeed3ee26d/analysis/1416286712
/]VirusTotal[/url] - (0/55)] - E:\install.res.1041.dll
[07/11/2007 - 08:03:18 | A | 94 Ko] - [[url=https://www.virustotal.com/file/5e49
c21b9a15c3a0fddde7ddc32fda220302ee57b8aff66f4f78b370e049410d/analysis/1416286714
/]VirusTotal[/url] - (0/55)] - E:\install.res.1031.dll
[07/11/2007 - 08:03:18 | A | 74 Ko] - [[url=https://www.virustotal.com/file/f7aa
6ebf1413a6e4816bcad5b77c47b6bbe0cfc05cafde4aa872abe3fbd5e62b/analysis/1416426497
/]VirusTotal[/url] - (0/55)] - E:\install.res.2052.dll
[07/11/2007 - 08:09:22 | A | 1409 Ko] - E:\VC_RED.cab
[07/11/2007 - 08:00:40 | A | 6 Ko] - E:\vcredist.bmp
[31/10/2014 - 16:27:09 | D] - E:\IDM 6.21 (Full Version)
[03/08/2012 - 14:19:46 | SHD] - E:\System Volume Information
[04/08/2012 - 10:13:38 | D] - E:\PROTEUS SOFTWARE
[14/07/2014 - 10:08:27 | SHD] - E:\RECYCLER
[20/10/2014 - 14:21:01 | D] - E:\My Backups
[30/10/2014 - 16:00:15 | D] - E:\Flash Player
[30/10/2014 - 17:06:46 | D] - E:\Matlab 2007a
[b]################## | F:\ - Fixed drive (NTFS) |[/b]
[22/11/2014 - 16:53:29 | D] - F:\The.Flash.2014.S01E06.HDTV.x264-LOL[ettv]
[29/03/2010 - 20:04:56 | SHD] - F:\System Volume Information
[14/07/2014 - 10:08:27 | SHD] - F:\RECYCLER
[26/08/2014 - 08:12:46 | D] - F:\EEE B 28
[01/11/2014 - 13:54:06 | D] - F:\BT5R3-GNOME-32
[20/11/2014 - 17:35:59 | D] - F:\Matrix
[25/11/2014 - 14:31:48 | D] - F:\Cast Away (2000)
[25/11/2014 - 14:31:48 | D] - F:\Falcon Rising (2014)
[25/11/2014 - 14:31:48 | D] - F:\Catch Me If You Can (2002) 720p BRRip x264 [Dua
l-Audio] [Eng-Hindi]--[CooL GuY] {{a2zRG}}
[b]################## | H:\ - Removable drive (FAT32) |[/b]
[24/11/2014
[23/11/2013
[03/12/2014
[03/12/2014
[22/09/2013

08:55:14
12:29:48
16:03:34
16:43:22
15:44:12

|
|
|
|
|

A | 348 Ko] - H:\Introduction to MATLAB.ppt

RASH | 3 Ko] - H:\desktop.ini
A | 75 Ko] - H:\POmatrix1_new chnged.docx
A | 76 Ko] - H:\POmatrix1_new chnged1.docx
D] - H:\

[03/12/2014 - 17:34:50 | D] - H:\Pomatrix

[b]################## | Vaccin |[/b]
C:\Autorun.inf
D:\Autorun.inf
E:\Autorun.inf
F:\Autorun.inf
H:\Autorun.inf

->
->
->
->
->

Vaccine
Vaccine
Vaccine
Vaccine
Vaccine

created
created
created
created
created

by
by
by
by
by

UsbFix
UsbFix
UsbFix
UsbFix
UsbFix

(El
(El
(El
(El
(El

Desaparecido)
Desaparecido)
Desaparecido)
Desaparecido)
Desaparecido)

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosviru

s.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[
/b]