You are on page 1of 2

[b]############################## | UsbFix V 7.

805 | [Clean][/b]
User: asdwe (Administrator) # ASDWE-PC
Updated 27/11/2014 by El Desaparecido - SosVirus
Started at 03:47:54 | 13/07/2015
Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Changelog : [url=http://www.en.usbfix.net/changelog/]http://www.en.usbfix.net/ch
angelog/[/url]
Support : [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosv
irus.net/upload_malware.php[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contac
t/[/url]
[b]################## | System information |[/b]
MB: LENOVO (7735DB6)
CPU: Intel(R) Core(TM)2 Duo CPU
T5270 @ 1.40GHz
GC: Mobile Intel(R) 965 Express Chipset Family (Microsoft Corporation - WDDM 1.1
)
RAM -> [Total : 2006 Mo | Free : 1404 Mo]
Bios: LENOVO
Boot: Normal boot
OS:
WB:
WB:
WB:

Microsoft Windows 7 Professional (6.1.7600 32-Bit)


Internet Explorer : 8.00.7600.16385
Google Chrome : 43.0.2357.132
Mozilla Firefox : 39.0

[b]################## | Security Information |[/b]


FW: Windows Firewall [Enabled]
SC: Security Center [[b](!) Disabled[/b]]
WU: Windows Update [[b](!) Disabled[/b]]
[b]################## | Disk Information |[/b]
C:\ (%SystemDrive%) -> Fixed disk # 37 Gb (15 Gb free - 39%) [OS] # NTFS
D:\ -> Fixed disk # 37 Gb (20 Gb free - 55%) [Workspace] # NTFS
F:\ -> Removable disk # 2 Gb (2 Gb free - 100%) [DAOSSOFT] # FAT32
[b]################## | Generic Research |[/b]
Deleted!
Deleted!
Deleted!
Deleted!
Deleted!
Deleted!
Deleted!

C:\Users\asdwe\AppData\Roaming\c731200
C:\Users\asdwe\AppData\Local\Temp\Adobe\Reader_sl.exe
C:\Users\asdwe\AppData\Local\Temp\c731200
C:\Users\asdwe\AppData\Roaming\Identities\Kujqja.exe
F:\Buku_Program_HAC_2015_Yang_Baru.pub.lnk
F:\System_Volume_Information.lnk
F:\RkoCVSn.exe

(!) Temporary files deleted. (3.50487518310547 MB)


[b]################## | Registry |[/b]
Deleted! HKU\S-1-5-21-961467987-2763481353-2281409634-1001\Software\Microsoft\Wi
ndows\CurrentVersion\Run|Kujqja
Deleted! HKU\S-1-5-21-961467987-2763481353-2281409634-1001\Software\Microsoft\Wi

ndows\CurrentVersion\Run|Adobe System Incorporated


[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [apphide] C:\Program Files\baidu\baidu.exe
04 - HKLM\..\Run : [LaunchYTLCM] C:\Program Files\Yes\Connect\Connect.exe
04 - HKLM\..\Run : [MCT5001] C:\Windows\system32\mct5001.exe
04 - HKLM\..\Run : [mctudll] C:\Windows\system32\mctudll.exe
04 - HKLM\..\Policies\Explorer\run : [525529896] C:\ProgramData\msmrn.exe
04 - HKLM\..\Policies\Explorer\run : [1776712409] C:\ProgramData\mskbsifbs.exe
04 - HKLM\..\Policies\Explorer\run : [31614815] C:\ProgramData\msnnnvo.exe
04 - HKLM\..\Policies\Explorer\run : [791969077] C:\ProgramData\mshzvr.exe
04 - HKLM\..\Policies\Explorer\run : [670313509] C:\ProgramData\mstbgriu.exe
04 - HKLM\..\Policies\Explorer\run : [728222242] C:\ProgramData\mswzlirdc.exe
04 - HKLM\..\Policies\Explorer\run : [1621773036] C:\ProgramData\msyacfczr.exe
04 - HKLM\..\Policies\Explorer\run : [542447748] C:\ProgramData\msbohnf.exe
04 - HKLM\..\Policies\Explorer\run : [842790588] C:\ProgramData\msulq.exe
04 - HKLM\..\Policies\Explorer\run : [1916561182] C:\ProgramData\msjmqlp.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-21-961467987-2763481353-2281409634-1001\..\Run : [apphide] C:\Pro
gram Files\baidu\baidu.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
[b]################## | UsbFix - Information |[/b]
UsbFix has detected on your computer, an infection which a Keylogger function.
After cleaning with UsbFix, please modify all your passwords.
If you made purchases on Internet,
please contact your bank to enviseager an opposition on your bank card.
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut v
irus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut
virus on flash disk, What is it ?[/url]
[b]################## | Hijack |[/b]
Restored! [N] F:\Buku_Program_HAC_2015_Yang_Baru.pub
Restored! [D] F:\System_Volume_Information
[b]################## | Vaccin |[/b]
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)