Scribd
Upload
170 views4 pages

UsbFix Report

This document is a log file from UsbFix virus cleaning software. It summarizes the system configuration, installed software, security programs, disks, processes, autorun entries and files. It finds no malware after cleaning and provides links to the UsbFix and SosVirus websites for more information.

Uploaded by

Ruben Ganchozo F
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
170 views4 pages

UsbFix Report

This document is a log file from UsbFix virus cleaning software. It summarizes the system configuration, installed software, security programs, disks, processes, autorun entries and files. It finds no malware after cleaning and provides links to the UsbFix and SosVirus websites for more information.

Uploaded by

Ruben Ganchozo F
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

[b]############################## | UsbFix V 7.

175 | [Limpiar][/b]
Usuario: SERVIDOR (Administrador) # SERVIDOR-PC
Actualizado el 11/07/2014 por El Desaparecido - SosVirus
Comenz a 16:35:32 | 29/08/2014
Sitio web : [url=http://www.es.usbfix.net/]http://www.es.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Asistencia : [url=http://es.kioskea.net/forum/virus-seguridad-7]http://es.kioske
a.net/forum/virus-seguridad-7[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosv
irus.net/upload_malware.php[/url]
Contacto : [url=http://www.es.usbfix.net/contacto/]http://www.es.usbfix.net/cont
acto/[/url]
[b]################## | System information |[/b]
MB: PEGATRON CORPORATION (1492h)
CPU: Intel(R) Atom(TM) CPU D510 @ 1.66GHz
GC: Intel(R) Graphics Media Accelerator 3150
RAM -> [Total : 3574 Mo | Free : 2573 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot
OS:
WB:
WB:
WB:

Microsoft Windows 7 Ultimate (6.1.7600 32-Bit)


Internet Explorer : 8.00.7600.16385
Google Chrome : 36.0.1985.143
Mozilla Firefox : 31.0

[b]################## | Security Information |[/b]


AV:
AS:
AS:
FW:
FW:
SC:
WU:

Avira Desktop [Activado |Actualizado]


Avira Desktop [Activado |Actualizado]
Windows Defender [[b](!) Desactivado[/b] |Actualizado]
FireWall [Activado]
Windows Firewall [[b](!) Desactivado[/b]]
Security Center [Activado]
Windows Update [Activado]

[b]################## | Disk Information |[/b]


C:\ (%SystemDrive%) -> Disco fijo # 289 Gb (225 Mb libre(s) - 78%) [COMPAQ] # NT
FS
D:\ -> Disco fijo # 9 Gb (1 Mb libre(s) - 13%) [FACTORY_IMAGE] # NTFS
F:\ -> Disco extrable # 7 Gb (5 Mb libre(s) - 75%) [MARLON] # FAT32
[b]################## | Procesos Parados |[/b]
C:\Windows\System32\rundll32.exe (ID: 7632|ParentID: 716|SERVIDOR)
C:\Windows\System32\WUDFHost.exe (ID: 8688|ParentID: 928|SERVICIO LOCAL)
C:\Windows\System32\spoolsv.exe (ID: 8788|ParentID: 536|SYSTEM)
C:\Windows\System32\rundll32.exe (ID: 8868|ParentID: 716|SERVIDOR)
C:\Windows\System32\SearchIndexer.exe (ID: 8956|ParentID: 536|SYSTEM)
C:\Windows\System32\SearchProtocolHost.exe (ID: 7528|ParentID: 8956|SYSTEM)
C:\Windows\System32\SearchFilterHost.exe (ID: 5044|ParentID: 8956|SYSTEM)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 8452|ParentID: 536|Servi
cio de red)
[b]################## | Autorun |[/b]

[b]################## | Bsqueda genrica |[/b]


(!) Archivos temporales suprimido.
[b]################## | Registro |[/b]
Suprimido ! HKU\S-1-5-21-2336980230-236494076-3420967810-1000\Software\.\.\.\.\M
ountpoints2\{d4eae2f4-fbe0-11e3-90e0-7071bc68dba8}
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\System32\Userinit.exe,
04 - HKCU\..\Run : [EPSON L200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\
3\E_FATIGUL.EXE /FU "C:\Windows\TEMP\E_SF3DF.tmp" /EF "HKCU"
04 - HKCU\..\Run : [Facebook Update] "C:\Users\SERVIDOR\AppData\Local\Facebook\U
pdate\FacebookUpdate.exe" /c /nocrashserver
04 - HKCU\..\Run : [EPSON PictureMate PM 225] C:\Windows\system32\spool\DRIVERS\
W32X86\3\E_FATIFOA.EXE /FU "C:\Windows\TEMP\E_SD627.tmp" /EF "HKCU"
04 - HKCU\..\Run : [EPLTarget\P0000000000000002] C:\Windows\system32\spool\DRIVE
RS\W32X86\3\E_TATII4E.EXE /EPT "EPLTarget\P0000000000000002" /M "L355 Series"
04 - HKLM\..\Run : [Buttons & OSDs control application gen3] c:\Program Files\He
wlett-Packard\Yan_Button & OSD\FastUserSwitching.exe
04 - HKLM\..\Run : [D-Link D-Link DWA-125] C:\Program Files\D-Link\DWA-125 revA\
AirNCFG.exe
04 - HKLM\..\Run : [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /m
in
04 - HKLM\..\Run : [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research
In Motion\USB Drivers\RIMBBLaunchAgent.exe
04 - HKLM\..\Run : [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\A
crobat\Acrotray.exe"
04 - HKLM\..\Run : [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\b
in\VERSIO~2.EXE
04 - HKLM\..\Run : [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Update
r\TBNotifier.exe"
04 - HKLM\..\Run : [VNT] "C:\Program Files\VNT\vntldr.exe"
04 - HKLM\..\Run : [EEventManager] "C:\Program Files\Epson Software\Event Manage
r\EEventManager.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-21-2336980230-236494076-3420967810-1000\..\Run : [EPSON L200 Seri
es] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGUL.EXE /FU "C:\Windows\TEM
P\E_SF3DF.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-2336980230-236494076-3420967810-1000\..\Run : [Facebook Update
] "C:\Users\SERVIDOR\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocra
shserver
04 - HKU\S-1-5-21-2336980230-236494076-3420967810-1000\..\Run : [EPSON PictureMa
te PM 225] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFOA.EXE /FU "C:\Wind
ows\TEMP\E_SD627.tmp" /EF "HKCU"
04 - HKU\S-1-5-21-2336980230-236494076-3420967810-1000\..\Run : [EPLTarget\P0000
000000000002] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII4E.EXE /EPT "EPL
Target\P0000000000000002" /M "L355 Series"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
[b]################## | C:\ %SystemDrive% - Disco fijo (NTFS) |[/b]

[10/06/2009 - 16:42:20 | N | 0 Ko] - C:\config.sys


[26/08/2014 - 19:05:19 | RASH | 0 Ko] - C:\MSDOS.SYS
[26/08/2014 - 19:05:19 | RASH | 0 Ko] - C:\IO.SYS
[29/08/2014 - 08:57:54 | ASH | 2744968 Ko] - C:\hiberfil.sys
[29/08/2014 - 08:57:55 | ASH | 3659960 Ko] - C:\pagefile.sys
[28/11/2010 - 00:30:30 | N | 1696 Ko | [url=https://www.virustotal.com/file/f7d3
80fe1107d8fcc825bae0722da16293aabac259f49f1463fd8926be6dd353/analysis/1400730556
/]VirusTotal[/url] - ([color=#FF0000]1[/color]/[color=#FF0000]52[/color])] - C:\
winvnc.exe
[24/06/2014 - 15:12:24 | SHD] - C:\$Recycle.Bin
[10/06/2009 - 16:42:20 | A | 0 Ko] - C:\autoexec.bat
[29/07/2014 - 10:16:49 | N | 13 Ko] - C:\ads_err.adt
[29/07/2014 - 10:10:19 | N | 4 Ko] - C:\ads_err.adm
[29/07/2014 - 10:10:19 | N | 3 Ko] - C:\ads_err.adi
[24/06/2014 - 21:03:48 | D] - C:\testdisk-6.11.3
[13/07/2009 - 21:37:05 | D] - C:\PerfLogs
[13/07/2009 - 23:53:55 | SHD] - C:\Documents and Settings
[24/06/2014 - 15:09:54 | D] - C:\Archivos de programa
[24/06/2014 - 15:10:05 | D] - C:\Users
[24/06/2014 - 15:31:32 | D] - C:\hp
[24/06/2014 - 15:50:19 | RHD] - C:\MSOCache
[30/06/2014 - 18:38:47 | D] - C:\Adjustment Program
[23/07/2014 - 14:12:46 | D] - C:\Temp
[18/08/2014 - 22:01:51 | D] - C:\SRI-DIMM
[20/08/2014 - 19:28:02 | D] - C:\ATI
[26/08/2014 - 18:11:26 | D] - C:\Program Files
[27/08/2014 - 18:48:25 | SHD] - C:\System Volume Information
[28/08/2014 - 21:34:13 | D] - C:\Ultimo_Backup_CyberPlanet
[29/08/2014 - 08:58:15 | HD] - C:\ProgramData
[29/08/2014 - 08:58:19 | D] - C:\Windows
[29/08/2014 - 09:01:07 | D] - C:\BackUp CyberPlanet
[29/08/2014 - 16:29:44 | D] - C:\UsbFix
[b]################## | D:\ - Disco fijo (NTFS) |[/b]
[11/04/2010
[11/04/2010
[28/12/2010
[03/11/2013
[26/01/2014
[24/06/2014
[24/06/2014
[11/04/2010
[27/09/2011
[24/06/2014
[13/07/2009
[29/12/2010
[29/12/2010
[29/12/2010
[13/07/2012
[09/07/2013
[24/06/2014

02:30:19
02:30:20
10:01:13
09:59:46
11:06:37
15:12:18
15:12:18
02:15:03
09:24:36
15:12:24
12:39:00
11:23:54
11:23:54
11:23:54
20:14:40
23:28:58
15:06:06

|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|

N | 0 Ko] - D:\RPCONFIG.LOG
N | 15 Ko] - D:\DeployRp.log
N | 2 Ko] - D:\kav-v8-v9-v11.key
N | 2803 Ko] - D:\IMG_0452.JPG
N | 346 Ko] - D:\IMG0389.jpg
N | 0 Ko] - D:\language.ini
N | 0 Ko] - D:\BT_COMPAQ.FLG
N | 0 Ko] - D:\CSP.DAT
N | 0 Ko] - D:\HP_WSD.dat
SHD] - D:\$RECYCLE.BIN
ASH | 375 Ko] - D:\bootmgr
SHD] - D:\boot
D] - D:\hp
SHD] - D:\preload
D] - D:\RUBEN
SHD] - D:\System Volume Information
SD] - D:\Recovery

[b]################## | Vaccin |[/b]


D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosviru
s.net/[/url] | [url=http://www.es.usbfix.net/]http://www.es.usbfix.net/[/url] |[

/b]

You might also like