You are on page 1of 3

[b]############################## | UsbFix V 7.

171 | [Clean][/b]
User: Personal (Administrator) # PERSONAL-PC
Updated 09/06/2014 by El Desaparecido - SosVirus
Started at 15:54:07 | 13/01/2015
Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Changelog : [url=http://www.en.usbfix.net/changelog/]http://www.en.usbfix.net/ch
angelog/[/url]
Support : [url=http://en.kioskea.net/forum/viruses-security-7]http://en.kioskea.
net/forum/viruses-security-7[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosv
irus.net/upload_malware.php[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contac
t/[/url]
PC: Dell Inc. (0M863N)
CPU: Intel(R) Core(TM)2 Duo CPU
E8400 @ 3.00GHz
RAM -> [Total : 1980 Mo| Free : 1406 Mo]
Bios: Dell Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Professional (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17207
SC:
WU:
AS:
FW:

Security Center [Enabled]


Windows Update [Enabled]
Windows Defender [Enabled | (!) Outdated]
Windows FireWall [(!) Disabled]

C:\ (%SystemDrive%) -> Fixed drive # 149 Gb (127 Mb free - 85%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Removable drive # 29 Gb (10 Mb free - 34%) [S3-L] # NTFS
[b]################## | Stopped processes |[/b]
C:\Windows\System32\spoolsv.exe (ID: 1304|ParentID: 456)
C:\Windows\explorer.exe (ID: 1484|ParentID: 1448|Personal)
C:\Windows\System32\taskhost.exe (ID: 1896|ParentID: 456|Personal)
C:\Program Files\Analog Devices\Core\smax4pnp.exe (ID: 1832|ParentID: 1484|Perso
nal)
C:\ (PCcloseDown) \iCloseDown.exe (ID: 576|ParentID: 1484|Personal)
C:\Windows\System32\SearchIndexer.exe (ID: 888|ParentID: 456|SYSTEM)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 848|ParentID: 456|NETWOR
K SERVICE)
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (ID: 2648|ParentID: 4
56|SYSTEM)
C:\Program Files\Intel\AMT\LMS.exe (ID: 2688|ParentID: 456|SYSTEM)
C:\Windows\System32\sppsvc.exe (ID: 2764|ParentID: 456|NETWORK SERVICE)
C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe (ID: 2860|ParentID:
456|SYSTEM)
C:\Windows\System32\WUDFHost.exe (ID: 3152|ParentID: 856|LOCAL SERVICE)
C:\Windows\System32\SearchProtocolHost.exe (ID: 3556|ParentID: 888|SYSTEM)
[b]################## | Autorun |[/b]
[b]################## | Generic Research |[/b]
Not deleted ! E:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.

vmx
Not deleted ! E:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665
(!) Temporary files deleted.
[b]################## | Registry |[/b]
Deleted ! HKU\S-1-5-21-3756019719-1034529236-289154046-1000\Software\.\.\.\.\Mou
ntpoints2\{eae7574c-6b7a-11e2-947c-806e6f6e6963}
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKLM\..\Run : [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.e
xe
04 - HKLM\..\Run : [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PIc
onStartup.exe" -startup
04 - HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync
.exe" /DelayServices
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
[b]################## | C:\ %SystemDrive% - Fixed drive (NTFS) |[/b]
[11/06/2009
[13/01/2015
[13/01/2015
[13/01/2015
[31/01/2013
[21/09/2012
[11/06/2009
[22/09/2012
[14/07/2009
[14/07/2009
[21/11/2010
[21/09/2012
[21/09/2012
[21/09/2012
[22/09/2012
[22/09/2012
[22/09/2012
[25/09/2012
[25/09/2012
[31/01/2013
[20/06/2014
[13/01/2015
[13/01/2015
[13/01/2015
[13/01/2015
[13/01/2015
[13/01/2015

05:42:20
15:51:13
15:51:17
15:51:13
15:52:23
14:23:45
05:42:20
03:28:10
10:37:05
12:53:55
05:29:06
05:31:28
14:23:30
14:23:35
03:27:56
03:27:56
03:28:09
11:53:32
14:41:33
15:52:11
14:18:47
14:52:50
15:01:45
15:01:48
15:03:41
15:04:05
15:53:59

|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|

N | 0 Ko] - C:\config.sys
ASH | 1520340 Ko] - C:\hiberfil.sys
ASH | 2027124 Ko] - C:\pagefile.sys
D] - C:\Config.Msi
N | 0 Ko] - C:\winx.ld
SHD] - C:\$Recycle.Bin
A | 0 Ko] - C:\autoexec.bat
RASH | 8 Ko] - C:\BOOTSECT.BAK
D] - C:\PerfLogs
SHD] - C:\Documents and Settings
RASH | 375 Ko] - C:\bootmgr
D] - C:\New Folder
SHD] - C:\Recovery
D] - C:\Users
D] - C:\Hotfix
D] - C:\Drivers
SHD] - C:\Boot
D] - C:\dell
D] - C:\Intel
N | 199 Ko] - C:\grldr
D] - C:\ (PCcloseDown)
HD] - C:\ProgramData
SHD] - C:\System Volume Information
RHD] - C:\MSOCache
D] - C:\Windows
D] - C:\Program Files
D] - C:\UsbFix

[b]################## | E:\ - Removable drive (NTFS) |[/b]


[27/06/2014 - 08:45:05 | N | 2008 Ko] - E:\cpu-z_1.69-en (standalone).zip

[13/12/2014 - 11:49:07 | N | 0 Ko] - E:\Visual C++ 6.0.txt


[06/11/2014 - 14:14:19 | N | 2 Ko] - E:\PBS 2014.lnk
[08/07/2014 - 17:45:08 | N | 7281 Ko | [url=https://www.virustotal.com/file/b094
53424cfca987b30d665628c328ce62e2e06418ca55e070fc1bba1d823749/analysis/1420569863
/]VirusTotal[/url] - (0/56)] - E:\TeamViewer_Setup.exe
[05/12/2014 - 16:08:56 | D] - E:\found.000
[20/06/2014 - 09:05:04 | D] - E:\XP_OEM
[05/12/2014 - 14:15:45 | D] - E:\WinRAR
[05/12/2014 - 15:28:45 | D] - E:\Lanstar
[05/12/2014 - 15:28:53 | D] - E:\Antivirus
[05/12/2014 - 15:28:59 | D] - E:\CCleaner
[05/12/2014 - 15:29:02 | D] - E:\Chinese Typing Software
[05/12/2014 - 15:29:04 | D] - E:\Codec Pack
[05/12/2014 - 15:59:42 | D] - E:\Deep Freeze
[05/12/2014 - 15:59:45 | D] - E:\GGhost
[05/12/2014 - 16:04:11 | D] - E:\Cust Files
[05/12/2014 - 16:04:11 | D] - E:\eBook
[05/12/2014 - 16:04:12 | D] - E:\Flash Player
[05/12/2014 - 16:04:12 | D] - E:\Fonts
[05/12/2014 - 16:04:13 | D] - E:\Hard Drive Tools
[05/12/2014 - 16:04:13 | D] - E:\ISO
[05/12/2014 - 16:04:14 | D] - E:\Java
[05/12/2014 - 16:04:14 | D] - E:\LED
[05/12/2014 - 16:04:15 | D] - E:\MP3
[05/12/2014 - 16:04:16 | D] - E:\Nero_10lite
[05/12/2014 - 16:04:16 | D] - E:\Paragon
[05/12/2014 - 16:04:17 | D] - E:\PowerLed
[05/12/2014 - 16:04:18 | D] - E:\School Files
[05/12/2014 - 16:04:18 | D] - E:\SkyDrvSxp
[05/12/2014 - 16:04:18 | D] - E:\TMK
[05/12/2014 - 16:04:19 | D] - E:\Web Browser
[05/12/2014 - 16:04:19 | D] - E:\Win 7
[05/12/2014 - 16:04:20 | D] - E:\Wireless Card
[12/12/2014 - 15:53:22 | SHD] - E:\System Volume Information
[13/12/2014 - 11:59:46 | D] - E:\Microsoft Office
[13/12/2014 - 12:41:32 | D] - E:\Adware Cleaner
[16/12/2014 - 11:50:42 | D] - E:\Adobe
[18/12/2014 - 11:07:58 | D] - E:\Printer
[23/12/2014 - 15:02:48 | D] - E:\Microsoft Fix It
[23/12/2014 - 15:07:53 | D] - E:\Win XP
[24/12/2014 - 01:01:28 | D] - E:\ms2013
[30/12/2014 - 14:10:36 | D] - E:\Warcraft III
[30/12/2014 - 15:46:05 | D] - E:\Customized Calibration
[08/01/2015 - 13:12:29 | D] - E:\Kindergaten Software
[09/01/2015 - 15:44:13 | D] - E:\L210_x86_153UsHomeExportAsiaML_MP
[13/01/2015 - 15:23:21 | RSHD] - E:\RECYCLER
[b]################## | Vaccin |[/b]
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosviru
s.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[
/b]

You might also like