UsbFix Report

[b]############################## | UsbFix V 7.
171 | [Clean][/b]
User: Dell (Administrator) # QAQC1
Updated 09/06/2014 by El Desaparecido - SosVirus
Started at 15:02:39 | 21/06/2014
Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Changelog : [url=http://www.en.usbfix.net/changelog/]http://www.en.usbfix.net/ch
angelog/[/url]
Support : [url=http://en.kioskea.net/forum/viruses-security-7]http://en.kioskea.
net/forum/viruses-security-7[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosv
irus.net/upload_malware.php[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contac
t/[/url]
PC: Dell Inc. (0M5DCD)
CPU: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
RAM -> [Total : 3241 Mo| Free : 1416 Mo]
Bios: Dell Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Professional (6.1.7601 32-Bit) Service Pack 1
WB: Windows Internet Explorer : 11.0.9600.17126
WB: Mozilla Firefox : 30.0
SC:
WU:
AV:
AS:
AS:
FW:
FW:
Security Center [Enabled]

Windows Update [Enabled]
Symantec Endpoint Protection [Enabled | Updated]
Windows Defender [(!) Disabled | Updated]
Symantec Endpoint Protection [Enabled | Updated]
Symantec Endpoint Protection [(!) Disabled]
Windows FireWall [(!) Disabled]
C:\
D:\
E:\
F:\
G:\
(%SystemDrive%) -> Fixed drive # 100

-> Fixed drive # 195 Gb (195 Mb free
-> Fixed drive # 168 Gb (168 Mb free
-> CD-ROM
-> Removable drive # 8 Gb (7 Mb free
Gb (23 Mb free - 23%) [] # NTFS

- 100%) [Data] # NTFS
- 100%) [Backup] # NTFS
- 89%) [] # FAT32
[b]################## | Stopped processes |[/b]

C:\Windows\System32\spoolsv.exe (ID: 1404|ParentID: 564)
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe (ID: 1596|ParentID: 564|SY
STEM)
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (ID: 1628|
ParentID: 564|SYSTEM)
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe (ID: 1700|ParentID:
564|SYSTEM)
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (ID: 1832|Paren
tID: 564|SYSTEM)
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccS
vcHst.exe (ID: 1900|ParentID: 564|SYSTEM)
C:\Windows\System32\taskhost.exe (ID: 2916|ParentID: 564|Dell)
C:\Windows\System32\taskeng.exe (ID: 2972|ParentID: 1012|Dell)
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\ccS
vcHst.exe (ID: 2980|ParentID: 1900|Dell)
C:\Program Files\360\360Desktop\Bin\360AppCore.exe (ID: 3160|ParentID: 2972|Dell
)
C:\Windows\explorer.exe (ID: 3212|ParentID: 2996|Dell)
C:\Windows\System32\wbem\unsecapp.exe (ID: 3352|ParentID: 680|SYSTEM)

C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe (ID: 3376|ParentID: 3212|Dell)
C:\Windows\System32\igfxtray.exe (ID: 3428|ParentID: 3212|Dell)
C:\Windows\System32\hkcmd.exe (ID: 3552|ParentID: 3212|Dell)
C:\Windows\System32\igfxpers.exe (ID: 3560|ParentID: 3212|Dell)
C:\Program Files\HP\HP Software Update\hpwuschd2.exe (ID: 3744|ParentID: 3212|De
ll)
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (ID: 3756|ParentID: 3212
|Dell)
C:\Windows\System32\StikyNot.exe (ID: 3792|ParentID: 3212|Dell)
C:\Windows\System32\SearchIndexer.exe (ID: 3940|ParentID: 564|SYSTEM)
C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.exe (ID: 3992|ParentID: 3212|Del
l)
C:\Program Files\Internet Download Manager\IDMan.exe (ID: 4080|ParentID: 3212|De
ll)
C:\Program Files\Internet Download Manager\IEMonitor.exe (ID: 2320|ParentID: 408
0|Dell)
C:\Windows\System32\sppsvc.exe (ID: 5848|ParentID: 564|NETWORK SERVICE)
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (ID: 4508|ParentID: 464
8|Dell)
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe (ID: 712|ParentID: 3212|D
ell)
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingS
ervice.exe (ID: 3616|ParentID: 564|SYSTEM)
C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.671.4971.105\Bin\Sav
UI.exe (ID: 1320|ParentID: 680|Dell)
C:\Windows\System32\WUDFHost.exe (ID: 3884|ParentID: 940|LOCAL SERVICE)
C:\Users\Dell\AppData\Local\Google\Chrome\Application\chrome.exe (ID: 4468|Paren
tID: 3212|Dell)
tID: 4468|Dell)
tID: 4468|Dell)
tID: 4468|Dell)
tID: 4468|Dell)
tID: 4468|Dell)
tID: 4468|Dell)
tID: 4468|Dell)
tID: 4468|Dell)
C:\Windows\System32\taskhost.exe (ID: 4892|ParentID: 564|LOCAL SERVICE)
[b]################## | Autorun |[/b]
[b]################## | Generic Research |[/b]
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
!
!
!
!
!
!
!
!
G:\debug.lnk
G:\IMG_1502.lnk
G:\IMG_1503.lnk
G:\IMG_1504.lnk
G:\emails.lnk
G:\Koala.lnk
G:\Michael Jackson.lnk
G:\sidney_timesheet.lnk
Deleted
5.lnk
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
nk
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
Deleted
! G:\Barbie-Groom-Glam-Pups-barbie-and-disney-princess-3-29090820-500-37
!
!
!
!
!
!
!
!
!
!
!
!
!
!
G:\ASME2010 VIII division 1.lnk

G:\ASME IX-2007.lnk
G:\Chrysanthemum.lnk
G:\ASME V.lnk
G:\Lighthouse.lnk
G:\ASME B31.lnk
G:\Hydrangeas.lnk
G:\ASME IX.lnk
G:\sidney_overtimesheets.lnk
G:\cert 2.lnk
G:\cert 1.lnk
G:\Scan3.lnk
G:\ASME B36.lnk
G:\002-2011074-GPGG-00-EMPI-SPDS-0001 Piping Class Specification D03.l
!
!
!
!
!
!
!
G:\cert 3.lnk
G:\attendance.lnk
G:\CURRICULUM VITAE Mr.lnk
G:\cert 4.lnk
G:\sidney_scan.lnk
G:\Ghana Gas Welding Map for GPP ZPYJ-20140326.lnk
G:\debug.txt
(!) Temporary files deleted.

[b]################## | Registry |[/b]
Deleted ! HKU\S-1-5-21-3696240868-292382803-1327247122-1000\Software\.\.\.\.\Mou
ntpoints2\G
Deleted ! HKU\S-1-5-21-3696240868-292382803-1327247122-1000\Software\.\.\.\.\Mou
ntpoints2\{f8fa0b4a-6ed2-11e2-a39b-d4bed9d42e7e}
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [QQIntl] "C:\Program Files\Tencent\QQIntl\Bin\QQ.exe" /backgr
ound
04 - HKCU\..\Run : [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
04 - HKCU\..\Run : [uTorrent] "C:\Users\Dell\AppData\Roaming\uTorrent\uTorrent.e
xe" /MINIMIZED
04 - HKCU\..\Run : [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe
/onboot
04 - HKLM\..\Run : [ToolboxFX] "C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe"
/enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
04 - HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files\Hp\HP Software Update\H
PWuSchd2.exe
04 - HKLM\..\Run : [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\A
crobat\Acrotray.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-21-3696240868-292382803-1327247122-1000\..\Run : [QQIntl] "C:\Pro
gram Files\Tencent\QQIntl\Bin\QQ.exe" /background
04 - HKU\S-1-5-21-3696240868-292382803-1327247122-1000\..\Run : [RESTART_STICKY_
NOTES] C:\Windows\System32\StikyNot.exe
04 - HKU\S-1-5-21-3696240868-292382803-1327247122-1000\..\Run : [uTorrent] "C:\U
sers\Dell\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKU\S-1-5-21-3696240868-292382803-1327247122-1000\..\Run : [IDMan] C:\Progr
am Files\Internet Download Manager\IDMan.exe /onboot
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
[b]################## | C:\ %SystemDrive% - Fixed drive (NTFS) |[/b]
[10/06/2009 - 21:42:20 | N | 0 Ko] - C:\config.sys
[21/06/2014 - 08:12:07 | ASH | 2489040 Ko] - C:\hiberfil.sys
[21/06/2014 - 08:12:09 | ASH | 3318724 Ko] - C:\pagefile.sys
[02/09/2012 - 16:01:45 | N | 0 Ko] - C:\ftnstat.stat
[03/07/2012 - 11:56:42 | N | 0 Ko] - C:\user.js
[14/02/2014 - 08:14:09 | N | 0 Ko] - C:\AVScanner.ini
[16/01/2014 - 00:40:14 | N | 476 Ko | SHA1: 29CB8B4FE0DC6E0358621AECE118B45F292F
C2BB] - C:\SecurityScanner.dll
[22/01/2013 - 07:19:44 | SHD] - C:\$Recycle.Bin
[10/06/2009 - 21:42:20 | A | 0 Ko] - C:\autoexec.bat
[10/12/2012 - 16:43:50 | D] - C:\found.000
[14/07/2009 - 02:37:05 | D] - C:\PerfLogs
[14/07/2009 - 04:53:55 | SHD] - C:\Documents and Settings
[28/06/2012 - 23:56:42 | SHD] - C:\Recovery
[28/06/2012 - 23:58:21 | D] - C:\dell
[28/06/2012 - 23:58:23 | D] - C:\Intel
[29/06/2012 - 16:51:54 | RHD] - C:\MSOCache
[22/01/2013 - 07:19:29 | D] - C:\Users
[22/04/2013 - 14:01:04 | D] - C:\M1530_MFP_Series_Basic_Solution
[16/10/2013 - 19:03:04 | D] - C:\_AcroTemp
[09/05/2014 - 09:02:02 | D] - C:\Windows
[01/06/2014 - 19:21:08 | HD] - C:\ProgramData
[04/06/2014 - 15:10:48 | D] - C:\$360Section
[18/06/2014 - 14:02:58 | D] - C:\Program Files
[21/06/2014 - 08:11:58 | SHD] - C:\System Volume Information
[21/06/2014 - 14:56:37 | D] - C:\UsbFix
[b]################## | D:\ - Fixed drive (NTFS) |[/b]
[02/02/2011 - 04:48:38 | N | 37585 Ko | SHA1: 092C09FD6E1D820A3535C56A7A2058D463
F35839] - D:\QQ2011Beta1.exe
[02/09/2012 - 16:15:20 | D] - D:\QQVideo.Cache
[22/01/2013 - 07:19:44 | SHD] - D:\$RECYCLE.BIN
[21/11/2012 - 15:40:34 | D] - D:\360Apps
[23/04/2014 - 22:14:19 | D] - D:\Program Files
[11/06/2014 - 11:04:27 | D] - D:\360Downloads
[21/06/2014 - 08:12:04 | SHD] - D:\System Volume Information
[b]################## | E:\ - Fixed drive (NTFS) |[/b]
[18/03/2004 - 22:50:44
879CE3] - E:\Setup.exe
[22/01/2013 - 07:19:44
[07/08/2012 - 12:58:17
[21/06/2014 - 08:12:05
| N | 54210 Ko | SHA1: FAB7F22EA8FF758118F50731BFBB882EB1

| SHD] - E:\$RECYCLE.BIN
| D] - E:\HP1536
| SHD] - E:\System Volume Information
[b]################## | G:\ - Removable drive (FAT32) |[/b]

[09/05/2014 - 11:37:44 | N | 958 Ko] - G:\Ghana Gas Welding Map for GPP ZPYJ-201
40326.xlsx
[09/05/2014 - 11:51:16 | N | 67 Ko] - G:\2014.04.04welding log at AIS02-AT01.xls
[26/03/2014 - 08:23:04 | N | 0 Ko] - G:\emails.txt
[24/07/2007 - 06:26:16 | N | 446 Ko] - G:\ASME B36.19M-2004_????.pdf
[21/09/2008 - 21:45:26 | N | 764 Ko] - G:\API 1104-welding of pipelines and rela
ted facilities-99?.pdf
[03/07/2009 - 16:14:26 | N | 6862 Ko] - G:\API 5L-2007 ??? ??????.pdf
[27/08/2010 - 17:11:08 | N | 4297 Ko] - G:\ASME B31.8-2010 ???????????.pdf
[18/04/2013 - 08:06:30 | N | 3543 Ko] - G:\ASME B31.3-2012.PDF
[26/03/2014 - 08:06:56 | N | 320 Ko] - G:\sidney_timesheet.pdf
[26/03/2014 - 08:09:06 | N | 2066 Ko] - G:\sidney_overtimesheets.pdf
[25/04/2014 - 11:54:12 | N | 2312 Ko] - G:\attendance.pdf
[23/05/2014 - 11:24:04 | N | 2054 Ko] - G:\sidney_scan.pdf
[01/06/2014 - 14:15:10 | N | 426 Ko] - G:\002-2011074-GPGG-00-EMPI-SPDS-0001 Pip
ing Class Specification D03.pdf
[01/06/2014 - 14:16:40 | N | 4375 Ko] - G:\ASME IX.pdf
[01/06/2014 - 14:17:04 | N | 4362 Ko] - G:\ASME IX-2007.pdf
[01/06/2014 - 14:17:34 | N | 51518 Ko] - G:\ASME V.pdf
[01/06/2014 - 14:18:00 | N | 20994 Ko] - G:\ASME2010 VIII division 1.pdf
[19/06/2014 - 16:06:40 | N | 0 Ko] - G:\2014.lnk
[14/07/2009 - 04:52:26 | N | 859 Ko] - G:\Chrysanthemum.jpg
[14/07/2009 - 04:52:26 | N | 763 Ko] - G:\Koala.jpg
[14/07/2009 - 04:52:26 | N | 548 Ko] - G:\Lighthouse.jpg
[14/07/2009 - 04:52:26 | N | 581 Ko] - G:\Hydrangeas.jpg
[13/10/2013 - 17:06:02 | N | 67 Ko] - G:\Barbie-Groom-Glam-Pups-barbie-and-disne
y-princess-3-29090820-500-375.jpg
[25/03/2014 - 08:33:16 | N | 1781 Ko] - G:\IMG_1503.JPG
[25/03/2014 - 08:33:16 | N | 1696 Ko] - G:\IMG_1504.JPG
[25/03/2014 - 08:33:16 | N | 1715 Ko] - G:\IMG_1502.JPG
[01/04/2014 - 08:14:58 | N | 14 Ko] - G:\Scan3.jpg
[24/05/2014 - 17:11:56 | N | 657 Ko] - G:\cert 4.jpg
[02/06/2014 - 08:29:58 | N | 490 Ko] - G:\cert 2.jpg
[02/06/2014 - 08:30:06 | N | 535 Ko] - G:\cert 1.jpg
[02/06/2014 - 08:30:16 | N | 580 Ko] - G:\cert 3.jpg
[01/06/2014 - 14:27:00 | N | 18 Ko] - G:\CURRICULUM VITAE Mr. Aggrey.docx
[16/02/2014 - 15:04:44 | D] - G:\WPS & WQT & Welder Certificates for Onshore Mai
n Pipeline
[16/02/2014 - 15:05:40 | D] - G:\WPS & WQT & Welder Certificates for Station Pip
ing
[14/03/2014 - 19:56:36 | D] - G:\photos
[14/03/2014 - 20:09:50 | D] - G:\New folder (2)
[04/04/2014 - 17:56:20 | D] - G:\$AVG
[28/04/2014 - 17:48:28 | D] - G:\wedding
[30/04/2014 - 21:15:58 | D] - G:\NOD32
[b]################## | Vaccin |[/b]
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosviru
s.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[
/b]

UsbFix Report

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

UsbFix Report

Hochgeladen von

Copyright:

Verfügbare Formate

[b]############################## | UsbFix V 7.

Security Center [Enabled]

(%SystemDrive%) -> Fixed drive # 100

Gb (23 Mb free - 23%) [] # NTFS

[b]################## | Stopped processes |[/b]

C:\Windows\System32\wbem\unsecapp.exe (ID: 3352|ParentID: 680|SYSTEM)

G:\ASME2010 VIII division 1.lnk

(!) Temporary files deleted.

| N | 54210 Ko | SHA1: FAB7F22EA8FF758118F50731BFBB882EB1

[b]################## | G:\ - Removable drive (FAT32) |[/b]

Das könnte Ihnen auch gefallen