[b]############################## | UsbFix V 7.

184 | [Clean][/b]
User: Minu (Administrator) # ICEAGE
Updated 20/10/2014 by El Desaparecido - SosVirus
Started at 18:04:02 | 01/11/2014
Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Changelog : [url=http://www.en.usbfix.net/changelog/]http://www.en.usbfix.net/ch
angelog/[/url]
Support : [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosv
irus.net/upload_malware.php[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contac
t/[/url]
[b]################## | System information |[/b]
MB: Hewlett-Packard (1671)
CPU: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
RAM -> [Total : 4044 Mo | Free : 890 Mo]
Bios: Hewlett-Packard
Boot: Normal boot
OS: Microsoft Windows 7 Home Premium (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 9.00.8112.16421
WB: Google Chrome : 38.0.2125.111
[b]################## | Security Information |[/b]
AV:
AV:
AV:
AS:
AS:
AS:
AS:
FW:
AS:
FW:
SC:
WU:

AVG AntiVirus Free Edition 2015 [[b](!) Disabled[/b] |Updated]

Norton Internet Security [[b](!) Disabled[/b] |[b](!) Outdated[/b]]
Baidu Antivirus [Enabled |Updated]
Windows Defender [[b](!) Disabled[/b] |Updated]
Baidu Antivirus [Enabled |Updated]
AVG AntiVirus Free Edition 2015 [[b](!) Disabled[/b] |Updated]
Norton Internet Security [[b](!) Disabled[/b] |[b](!) Outdated[/b]]
Norton Internet Security [[b](!) Disabled[/b]]
Malwarebytes Anti-Malware : 2.0.3.1025
Windows Firewall [Enabled]
Security Center [Enabled]
Windows Update [Enabled]

[b]################## | Disk Information |[/b]

C:\
D:\
E:\
F:\
H:\
J:\

(%SystemDrive%) -> Fixed disk # 446 Gb (368 Gb free - 82%) [] # NTFS

-> Fixed disk # 15 Gb (2 Gb free - 11%) [RD] # NTFS
-> Fixed disk # 4 Gb (1 Gb free - 27%) [HP] # FAT32
-> CD-ROM # 3 Gb (0 Mb free - 0%) [Windows_7_Ultimate_64_Bit] # UDF
-> Fixed disk # 1863 Gb (629 Gb free - 34%) [LDD] # NTFS
-> CD-ROM # 2 Gb (0 Mb free - 0%) [S8_Producer] # CDFS

[b]################## | Generic Research |[/b]

Deleted! C:\Users\Minu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sta
rtup\31793.js
Deleted! C:\Users\Minu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sta
rtup\347.js
Deleted! C:\Users\Minu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sta
rtup\3679.js

Deleted! C:\Users\Minu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sta

rtup\3779.js
Deleted! C:\Users\Minu\AppData\Roaming\722\643.js
Deleted! C:\Users\Minu\AppData\Roaming\722
Deleted! H:\$RECYCLE.BIN.lnk
Deleted! H:\1.lnk
Deleted! H:\2.lnk
Deleted! H:\2013_07_11.lnk
Deleted! H:\Biblioteca filosfico-poltica.lnk
Deleted! H:\Cakewalk Content.lnk
Deleted! H:\Canciones y demas.lnk
Deleted! H:\Cosas dante.lnk
Deleted! H:\early sessions DEMO.lnk
Deleted! H:\Family.Guy.S10.lnk
Deleted! H:\Foto.lnk
Deleted! H:\iZotope iDrum v1.7.3 VSTi RTAS By Adrian Dennis.lnk
Deleted! H:\Julian Casablancas + The Voidz.lnk
Deleted! H:\julieta_1_1.lnk
Deleted! H:\julieta_2_1.lnk
Deleted! H:\julieta_2_2.lnk
Deleted! H:\julieta_3_1.lnk
Deleted! H:\julieta_3_2.lnk
Deleted! H:\julieta_3_ret.lnk
Deleted! H:\ME.lnk
Deleted! H:\Minu.lnk
Deleted! H:\Musica.lnk
Deleted! H:\Passport.lnk
Deleted! H:\Pelculas.lnk
Deleted! H:\Salddaysdemoo.lnk
Deleted! H:\Seagate.lnk
Deleted! H:\sonidos dante.lnk
Deleted! H:\System Volume Information.lnk
Deleted! H:\The Wire Season 1, 2, 3, 4 & 5 Complete Collection DVD Box Set HDTV
+ Extras (Interviews, Commentaries, Bonus Features etc.).lnk
Deleted! H:\wives.lnk
Deleted! H:\Autorun.inf
Deleted! C:\Users\Minu\AppData\Local\Temp\2a23.js
Deleted! H:\727\g633.js
Deleted! H:\727\i6f6f.js
(!) Temporary files deleted. (1799.21363925934 MB)
[b]################## | Registry |[/b]
Deleted! HKU\S-1-5-21-859214785-3996694635-2519113943-1001\Software\Microsoft\Wi
ndows\CurrentVersion\Run|643
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [uTorrent] "C:\Users\Minu\AppData\Roaming\uTorrent\uTorrent.e
xe" /MINIMIZED
04 - HKCU\..\Run : [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite
\DTLite.exe" -autorun
04 - HKCU\..\Run : [Facebook Update] "C:\Users\Minu\AppData\Local\Facebook\Updat
e\FacebookUpdate.exe" /c /nocrashserver
04 - HKLM\..\Run : [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Stor

age Technology\IAStorIcon.exe
04 - HKLM\..\Run : [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP
QuickWeb\hpqwutils.exe"
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Q
uick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\R
eader 10.0\Reader\Reader_sl.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.
0\AdobeARM.exe"
04 - HKLM\..\Run : [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen D
isplay\HPOSD.exe
04 - HKLM\..\Run : [Baidu Antivirus] "C:\Program Files (x86)\Baidu-Security-2014
-4.4.4.82804\Baidu Antivirus\BavTray.exe" -auto
04 - HKLM\..\Run : [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAY
ONLY
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Jav
a\Java Update\jusched.exe"
04 - HKLM\..\Run : [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\
Updater\TBNotifier.exe"
04 - HKLM\..\Run : [M-Audio Panel Launcher] C:\PROGRA~2\M-Audio\M-Track\MAPanel.
exe 0
04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - [x64] HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
04 - [x64] HKLM\..\Run : [SetDefault] C:\Program Files\Hewlett-Packard\HP Launch
Box\SetDefault.exe
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-21-859214785-3996694635-2519113943-1001\..\Run : [uTorrent] "C:\U
sers\Minu\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
04 - HKU\S-1-5-21-859214785-3996694635-2519113943-1001\..\Run : [DAEMON Tools Li
te] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
04 - HKU\S-1-5-21-859214785-3996694635-2519113943-1001\..\Run : [Facebook Update
] "C:\Users\Minu\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashse
rver
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
[b]################## | UsbFix - Information |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut v
irus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut
virus on flash disk, What is it ?[/url]
[b]################## | Hijack |[/b]
[b]################## | C:\ %SystemDrive% - Fixed drive (NTFS) |[/b]
[02/11/2014
[02/11/2014
[16/10/2014
[27/10/2014
[16/10/2014
[13/07/2009

16:21:57
16:21:59
03:08:25
03:43:36
03:10:33
20:20:08

|
|
|
|
|
|

ASH | 3105684 Ko] - C:\hiberfil.sys

ASH | 4140912 Ko] - C:\pagefile.sys
D] - C:\SYSTEM.SAV
D] - C:\Config.Msi
SHD] - C:\$Recycle.Bin
D] - C:\PerfLogs

[13/07/2009
[20/11/2010
[16/07/2011
[25/03/2012
[25/03/2012
[16/10/2014
[16/10/2014
[16/10/2014
[18/10/2014
[22/10/2014
[22/10/2014
[22/10/2014
[22/10/2014
[25/10/2014
[25/10/2014
[27/10/2014
[27/10/2014
[27/10/2014
[29/10/2014
[01/11/2014
[01/11/2014

22:08:56
20:23:51
00:03:14
01:28:04
01:46:37
03:08:19
03:10:25
04:39:22
04:49:25
16:14:42
21:38:23
21:38:42
22:31:33
03:39:57
16:14:18
03:24:20
03:43:37
03:54:51
14:57:19
10:50:22
18:02:38

|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|

SHD] - C:\Documents and Settings

RASH | 375 Ko] - C:\bootmgr
SHD] - C:\boot
D] - C:\Intel
D] - C:\HP
SHD] - C:\Recovery
D] - C:\SWSetup
D] - C:\$AVG
D] - C:\afc74149851d0eadc1067fd806fc81fe
D] - C:\soulseek-downloads
RD] - C:\Users
D] - C:\postgreSQL
D] - C:\HM2Archive
D] - C:\Cakewalk Projects
D] - C:\733d
RD] - C:\Program Files
HD] - C:\ProgramData
SHD] - C:\System Volume Information
RD] - C:\Program Files (x86)
D] - C:\Windows
D] - C:\UsbFix

[b]################## | D:\ - Fixed drive (NTFS) |[/b]

[09/10/2011
[23/05/2010
[09/10/2011
[16/10/2014
[14/07/2009
[09/10/2011
[09/10/2011
[09/10/2011
[09/10/2011
[09/10/2011
[16/10/2014
[16/10/2014

15:22:00
05:55:46
14:49:24
03:10:33
11:39:00
14:49:31
14:49:31
14:49:31
14:49:32
14:49:32
03:08:25
14:07:10

|
|
|
|
|
|
|
|
|
|
|
|

N | 0 Ko] - D:\HPSF_Rep.txt
RASH | 0 Ko] - D:\Desktop.ini
N | 0 Ko] - D:\HP_WSD.dat
SHD] - D:\$RECYCLE.BIN
RASH | 375 Ko] - D:\bootmgr
D] - D:\hp
RASHD] - D:\boot
RSHD] - D:\preload
D] - D:\RM_Reserve
D] - D:\FactoryUpdate
RSD] - D:\recovery
SHD] - D:\System Volume Information

[b]################## | E:\ - Fixed drive (FAT32) |[/b]

[09/10/2011
[17/11/2011
[17/11/2011
[17/11/2011
[17/11/2011
[25/03/2012
[17/11/2011

15:22:02
03:39:00
04:03:46
04:03:46
04:03:46
01:53:30
04:04:02

|
|
|
|
|
|
|

A | 0 Ko] - E:\HPSF_Rep.txt
A | 0 Ko] - E:\HP_WSD.dat
A | 2304 Ko] - E:\screen002.bmp
A | 2304 Ko] - E:\screen001.bmp
A | 2304 Ko] - E:\screen003.bmp
SHD] - E:\$RECYCLE.BIN
AD] - E:\Hewlett-Packard

[b]################## | H:\ - Fixed drive (NTFS) |[/b]

[27/10/2014 v5.1.1.zip
[31/01/2014 [04/04/2014 [29/09/2014 [29/09/2014 [25/10/2007 id.2.pass.srt
[13/10/2014 [06/03/2013 [04/09/2012 -

03:21:35 | A | 617367 Ko] - H:\Native Instruments Guitar Rig 5 Pro

03:49:16
12:36:10
18:29:11
19:41:05
12:54:26

|
|
|
|
|

A
A
A
A
A

|
|
|
|
|

70308 Ko] - H:\Summer.wav

32614 Ko] - H:\How could you.wav
2 Ko] - H:\Clases de Alemn.txt
0 Ko] - H:\Anotaciones sobre Teora Esttica.txt
96 Ko] - H:\Suspicion.-.Hitchcock.(1941).-.Eng.-.xv

00:01:40 | D] - H:\Family.Guy.S10
05:17:26 | A | 122 Ko] - H:\El No-Autor de la Modernidad.pdf
17:26:39 | A | 36406 Ko] - H:\ORO.mp4

[02/02/2013
[01/02/2014
[14/11/2013
[15/12/2013
(Proxy).mov
[25/08/2014
[25/08/2014
[25/08/2014
[25/08/2014
[25/08/2014
[25/08/2014
[27/04/2012
[01/12/2006
[02/11/2014
[13/10/2014
[21/07/2014
ion DVD Box
[19/04/2013
[03/12/2013
[03/02/2014
[24/06/2014
[30/09/2014
[30/09/2014
[30/09/2014
[30/09/2014
[30/09/2014
[30/09/2014
[03/10/2014
[03/10/2014
[08/10/2014
[08/10/2014
[12/10/2014
[12/10/2014
[12/10/2014
[12/10/2014
[12/10/2014
[13/10/2014
[13/10/2014
[14/10/2014
[16/10/2014
[16/10/2014
[30/10/2014
[30/10/2014
[01/11/2014

13:32:35
23:18:33
11:49:18
18:21:47

- 10:58:28
- 14:39:44
- 15:02:03
- 15:20:12
- 17:50:19
- 19:07:59
- 15:54:02
- 23:37:14
- 03:54:42
- 00:00:44
- 20:07:26
Set HDTV +
- 04:10:23
- 13:51:13
- 21:47:09
- 20:48:24
- 02:52:29
- 04:55:04
- 07:50:08
- 08:09:07
- 08:24:17
- 10:25:18
- 01:03:24
- 01:06:11
- 01:40:45
- 01:41:53
- 23:07:50
- 23:35:49
- 23:49:51
- 23:49:57
- 23:54:06
- 00:00:49
- 00:01:51
- 21:34:02
- 03:19:43
- 14:04:20
- 19:27:29
- 20:32:55
- 18:07:52

|
|
|
|

A
A
A
A

|
|
|
|

820737 Ko] - H:\Das de Feria prueba.mp4

1599 Ko] - H:\Summer.mp3
35352112 Ko] - H:\JULIETA SE QUEDO.mov
4567215 Ko] - H:\JULIETA SE QUEDO-Apple ProRes 422

| A | 1057583 Ko] - H:\julieta_1_1.mov

| A | 1546999 Ko] - H:\julieta_2_1.mov
| A | 0 Ko] - H:\julieta_2_2.mov
| A | 0 Ko] - H:\julieta_3_1.mov
| A | 1066765 Ko] - H:\julieta_3_2.mov
| A | 525039 Ko] - H:\julieta_3_ret.mov
| A | 1606 Ko] - H:\BackupPlusDeskIcon.ico
| A | 884 Ko] - H:\msdia80.dll
| SHD] - H:\$RECYCLE.BIN
| D] - H:\iZotope iDrum v1.7.3 VSTi RTAS By Adrian Dennis
| D] - H:\The Wire Season 1, 2, 3, 4 & 5 Complete Collect
Extras (Interviews, Commentaries, Bonus Features etc.)
| D] - H:\Seagate
| D] - H:\sonidos dante
| D] - H:\2013_07_11
| D] - H:\Passport
| D] - H:\julieta_3_ret
| D] - H:\julieta_1_1
| D] - H:\julieta_2_1
| D] - H:\julieta_2_2
| D] - H:\julieta_3_1
| D] - H:\julieta_3_2
| D] - H:\Cosas dante
| D] - H:\Biblioteca filosfico-poltica
| D] - H:\2
| D] - H:\Cakewalk Content
| D] - H:\Canciones y demas
| D] - H:\wives
| D] - H:\ME
| D] - H:\Minu
| D] - H:\Foto
| D] - H:\early sessions DEMO
| D] - H:\Salddaysdemoo
| D] - H:\Pelculas
| D] - H:\Julian Casablancas + The Voidz
| SHD] - H:\System Volume Information
| D] - H:\1
| D] - H:\Musica
| D] - H:\727

[b]################## | Vaccin |[/b]

C:\Autorun.inf
D:\Autorun.inf
E:\Autorun.inf
H:\Autorun.inf

->
->
->
->

Vaccine
Vaccine
Vaccine
Vaccine

created
created
created
created

by
by
by
by

UsbFix
UsbFix
UsbFix
UsbFix

(El
(El
(El
(El

Desaparecido)
Desaparecido)
Desaparecido)
Desaparecido)

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosviru

s.net/[/url] | [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[
/b]