[b]############################## | UsbFix V 7.

183 | [Limpiar][/b]
Usuario: Javicho (Administrador) # JAVICHO-PC
Actualizado el 30/09/2014 por El Desaparecido - SosVirus
Comenz a 13:53:48 | 06/11/2014
Sitio web : [url=http://www.es.usbfix.net/]http://www.es.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Asistencia : [url=http://www.forospyware.com/foro-de-virus-y-spywares/]http://ww
w.forospyware.com/foro-de-virus-y-spywares/[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosv
irus.net/upload_malware.php[/url]
Dtection en directo : [url=http://como-eliminar.net/]http://como-eliminar.net/[/u
rl]
Contacto : [url=http://www.es.usbfix.net/contacto/]http://www.es.usbfix.net/cont
acto/[/url]
[b]################## | System information |[/b]
MB: Gigabyte Technology Co., Ltd. (GA-870A-UD3)
CPU: AMD Phenom(tm) II X6 1055T Processor
GC: NVIDIA GeForce GT 220
RAM -> [Total : 3070 Mo | Free : 2179 Mo]
Bios: Award Software International, Inc.
Boot: Normal boot
OS: Microsoft Windows 7 Ultimate (6.1.7601 32-Bit) Service Pack 1
WB: Google Chrome : 36.0.1985.125
WB: Mozilla Firefox : 32.0.2
[b]################## | Security Information |[/b]
AV:
AS:
AS:
FW:
SC:
WU:

Microsoft Security Essentials [Activado |Actualizado]

Microsoft Security Essentials [Activado |Actualizado]
Windows Defender [[b](!) Desactivado[/b] |[b](!) No actualizado[/b]]
Windows Firewall [Activado]
Security Center [Activado]
Windows Update [Activado]

[b]################## | Disk Information |[/b]

C:\
D:\
E:\
G:\

(%SystemDrive%) -> Disco fijo # 195 Gb (71 Gb libre(s) - 37%) [] # NTFS

-> Disco fijo # 146 Gb (57 Gb libre(s) - 39%) [] # NTFS
-> Disco fijo # 124 Gb (92 Gb libre(s) - 74%) [] # NTFS
-> Disco extrable # 2 Gb (2 Gb libre(s) - 86%) [JAVIXO 2] # FAT32

[b]################## | Bsqueda genrica |[/b]

(!) Archivos temporales suprimido. (78.969331741333 MB)
[b]################## | Registro |[/b]
[b]################## | Regedit Run |[/b]
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoR
un

04 - HKCU\..\Run : [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield

\UpdateService\ISUSPM.exe" -startup
04 - HKCU\..\Run : [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.ex
e" /background
04 - HKCU\..\Run : [ABBYY Screenshot Reader Bonus] "C:\Program Files\ABBYY FineR
eader 9.0 Sprint\Bonus.ScreenshotReader.exe" -autorun
04 - HKCU\..\Run : [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office
14\MSOSYNC.EXE"
04 - HKCU\..\Run : [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.ex
e"
04 - HKCU\..\Run : [GarenaPlus] "E:\musica de ivan no tocar\todo sobre ivan\G
arena Plus\GarenaMessenger.exe" -autolaunch
04 - HKCU\..\Run : [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
04 - HKCU\..\Run : [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage
.exe -startup
04 - HKCU\..\Run : [AVG-Secure-Search-Update_0814tb] "C:\Program Files\AVG Secur
ity Toolbar\AVG-Secure-Search-Update_0814tb.exe" /PROMPT /CMPID=0814tb
04 - HKCU\..\Run : [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVE
RS\W32X86\3\E_FATIHJB.EXE /EPT "EPLTarget\P0000000000000000" /M "TX133 TX135" /E
F "HKCU"
04 - HKCU\..\RunOnce : [Application Restart #3] C:\Program Files\Google\Chrome\A
pplication\chrome.exe --extensions-on-chrome-urls --test-type --load-extension=
"c:\Program Files\Google\Chrome\Application\Extensions\chrome\app" --load-compon
ent-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\man"
--flag-switches-begin --flag-switches-end --restore-last-session
04 - HKLM\..\Run : [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\
UpdateService\issch.exe" -start
04 - HKLM\..\Run : [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
04 - HKLM\..\Run : [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync
.exe" /DelayServices
04 - HKLM\..\Run : [EEventManager] "C:\Program Files\Epson Software\Event Manage
r\EEventManager.exe"
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\Adob
eARM.exe"
04 - HKLM\..\Run : [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSyn
c.exe
04 - HKLM\..\Run : [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsche
d.exe" -osboot
04 - HKLM\..\Run : [QuickFinder Scheduler] "c:\Program Files\Corel\WordPerfect O
ffice X5\Programs\QFSCHD150.EXE"
04 - HKLM\..\Run : [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
04 - HKLM\..\Run : [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe
" -hide -runkey
04 - HKLM\..\Run : [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.e
xe
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java
Update\jusched.exe"
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [Sidebar] C:\Prog
ram Files\Windows Sidebar\sidebar.exe /autoRun
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [ISUSPM Startup]
"C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [msnmsgr] "C:\Pro
gram Files\Windows Live\Messenger\msnmsgr.exe" /background
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [ABBYY Screenshot
Reader Bonus] "C:\Program Files\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotRea
der.exe" -autorun

04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [OfficeSyncProces
s] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [Vidalia] "C:\Pro
gram Files\Vidalia Bundle\Vidalia\vidalia.exe"
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [GarenaPlus] "E:\
musica de ivan no tocar\todo sobre ivan\Garena Plus\GarenaMessenger.exe" -aut
olaunch
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [KiesPreload] C:\
Program Files\Samsung\Kies\Kies.exe /preload
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [KiesAirMessage]
C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [AVG-Secure-Searc
h-Update_0814tb] "C:\Program Files\AVG Security Toolbar\AVG-Secure-Search-Update
_0814tb.exe" /PROMPT /CMPID=0814tb
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\Run : [EPLTarget\P00000
00000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE /EPT "EPLT
arget\P0000000000000000" /M "TX133 TX135" /EF "HKCU"
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-21-549295623-3115610240-351994922-1000\..\RunOnce : [Application
Restart #3] C:\Program Files\Google\Chrome\Application\chrome.exe --extensionson-chrome-urls --test-type --load-extension="c:\Program Files\Google\Chrome\Appl
ication\Extensions\chrome\app" --load-component-extension="c:\Program Files\Goog
le\Chrome\Application\Extensions\chrome\man" --flag-switches-begin --flag-switch
es-end --restore-last-session
[b]################## | UsbFix - Informacin |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Cmo eliminar el virus de a
cceso directo en el disco flash ? (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Virus de
acceso directo en el disco flash, Qu es?[/url]
[b]################## | Hijack |[/b]
Restorado!
Restorado!
Restorado!
Restorado!
Restorado!
Restorado!
Restorado!
Restorado!
Restorado!
Restorado!

[N]
[N]
[N]
[N]
[N]
[N]
[N]
[N]
[N]
[N]

G:\Solicitud Quinto superior.docx

G:\IMG_20141011_135206500.jpg
G:\COMER PC5.pptx
G:\final exp voladura.pptx
G:\proyecto-olpc.ppt
G:\Alan Garca y El Zambo Cavero Y se llama Per.mp3
G:\Criollo Y se llama Peru Karaoke.mp3
G:\lectura 15.doc
G:\lectura 16.doc
G:\DECLOGO DE PREGUNTAS.docx

[b]################## | C:\ %SystemDrive% - Disco fijo (NTFS) |[/b]

[10/06/2009
[06/05/2013
[06/05/2013
[06/11/2014
[06/11/2014
[16/10/2014
[06/05/2013
[02/02/2012
[10/06/2009
[02/02/2012
[13/07/2009
[13/07/2009

16:42:20
19:31:05
19:31:05
11:08:31
11:08:33
01:26:26
19:37:33
11:15:27
16:42:20
05:06:48
21:37:05
23:53:55

|
|
|
|
|
|
|
|
|
|
|
|

A | 0 Ko] - C:\config.sys
RASH | 0 Ko] - C:\MSDOS.SYS
RASH | 0 Ko] - C:\IO.SYS
ASH | 2357416 Ko] - C:\hiberfil.sys
ASH | 3143224 Ko] - C:\pagefile.sys
D] - C:\Config.Msi
A | 24 Ko] - C:\sysupdate.log
SHD] - C:\$Recycle.Bin
A | 0 Ko] - C:\autoexec.bat
RASH | 8 Ko] - C:\BOOTSECT.BAK
D] - C:\PerfLogs
SHD] - C:\Documents and Settings

[08/10/2009
[25/05/2010
[20/11/2010
[02/02/2012
[02/02/2012
[02/02/2012
[02/02/2012
[03/02/2012
[10/04/2012
[19/02/2013
[18/04/2013
[06/05/2013
[20/06/2013
[02/09/2013
[15/09/2013
[20/04/2014
[01/06/2014
[01/06/2014
[05/06/2014
[15/06/2014
[27/07/2014
[26/09/2014
[01/10/2014
[25/10/2014
[05/11/2014
[06/11/2014

21:48:10
19:16:50
16:29:06
05:06:47
11:14:36
11:14:37
14:43:39
20:32:54
16:41:15
13:05:26
00:02:13
21:44:40
14:10:48
00:17:12
12:46:51
16:58:26
22:36:53
22:37:07
22:42:29
13:51:15
15:29:01
23:51:20
20:57:02
21:46:30
11:12:16
13:53:27

|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|

N | 0 Ko] - C:\7Emuldr
N | 202 Ko] - C:\grldr
RASH | 375 Ko] - C:\bootmgr
SHD] - C:\Boot
D] - C:\Archivos de programa
SHD] - C:\Recovery
D] - C:\Samsung
RHD] - C:\MSOCache
D] - C:\Autocad 2011 64BITS
D] - C:\BetCris
D] - C:\TMP
D] - C:\GCDBDB
D] - C:\Kpcms
D] - C:\Acrobat3
D] - C:\Drivers
D] - C:\MineSight
D] - C:\gemcom
D] - C:\GCDBSR
N | 0 Ko] - C:\0402C43FB786
D] - C:\Dev-Cpp
RD] - C:\Users
D] - C:\Windows
RD] - C:\Program Files
HD] - C:\ProgramData
SHD] - C:\System Volume Information
D] - C:\UsbFix

[b]################## | D:\ - Disco fijo (NTFS) |[/b]

[07/11/2007
[04/02/2014
[06/06/2012
[07/11/2007
[07/11/2007
[27/07/2013
[04/02/2014
[25/10/2011
[19/10/2012
[07/10/2013
[02/11/2014

08:12:28
12:00:40
00:52:14
08:09:22
08:00:40
18:07:05
12:00:35
16:07:52
17:26:29
11:15:57
00:16:55

|
|
|
|
|
|
|
|
|
|
|

A | 228 Ko] - D:\VC_RED.MSI

A | 5 Ko] - D:\INSTALL.LOG
A | 1 Ko] - D:\JAVIER - Acceso directo.lnk
A | 1409 Ko] - D:\VC_RED.cab
A | 6 Ko] - D:\vcredist.bmp
SHD] - D:\$RECYCLE.BIN
D] - D:\Dr. Software
SHD] - D:\RECYCLER
D] - D:\programas
SHD] - D:\System Volume Information
D] - D:\JAVIER

[b]################## | E:\ - Disco fijo (NTFS) |[/b]

[22/01/2008
[24/12/2012
[02/02/2012
[25/10/2011
[25/10/2011
[23/11/2011
[02/02/2012
[14/07/2012
[14/07/2012
[07/10/2013
[05/06/2014
[06/06/2014
[16/10/2014

08:28:50
11:53:11
11:15:27
14:08:10
16:07:52
10:37:44
11:45:46
16:09:31
16:12:03
11:16:05
22:40:25
00:22:05
13:28:20

|
|
|
|
|
|
|
|
|
|
|
|
|

A | 13 Ko] - E:\LicenseUK.txt
A | 1 Ko] - E:\francisca - Acceso directo.lnk
SHD] - E:\$RECYCLE.BIN
D] - E:\JAVIER
SHD] - E:\RECYCLER
D] - E:\ANGEL
D] - E:\Fondos de pantalla
RD] - E:\Pictures
RD] - E:\Videos
SHD] - E:\System Volume Information
D] - E:\musica de ivan no tocar
D] - E:\Adobe Photoshop CS6 Portable Esp
D] - E:\francisca

[b]################## | G:\ - Disco extrable (FAT32) |[/b]

[13/09/2013 - 03:01:56 | N | 45332 Ko] - G:\Expert.Choice.v11.Cracked.WinAll-CPY

.rar
[30/06/2014 - 13:01:18
[02/07/2014 - 13:19:34
[01/08/2013 - 19:11:02
[02/10/2014 - 18:05:28
[17/04/2014 - 12:40:32
g BRADY BROWN.pdf
[21/04/2014 - 15:12:52
_Hard_Rock.pdf
[12/08/2014 - 09:45:36
[11/09/2014 - 12:04:22
pdf
[02/10/2014 - 10:53:38
PIT-v1-0.pdf
[03/07/2014 - 20:54:26
ama Per.mp3
[03/07/2014 - 21:09:26
p3
[11/10/2014 - 13:59:24
[12/03/2014 - 10:02:14
[30/06/2014 - 11:40:08
[26/08/2014 - 10:38:08
[25/09/2014 - 19:13:02
[20/10/2014 - 09:46:12
PIT-v1-0.docx
[21/10/2014 - 14:09:36
[31/10/2014 - 12:27:00
[05/11/2014 - 12:27:46
[29/10/2014 - 17:01:18
[31/10/2014 - 08:58:28
[31/10/2014 - 09:55:24
[01/01/2008 - 02:59:06
[13/10/2014 - 16:25:54
[20/10/2014 - 14:22:40
[22/10/2014 - 07:10:50
[31/10/2014 - 12:33:04
[04/11/2014 - 11:51:06

|
|
|
|
|

N
N
A
N
N

|
|
|
|
|

5298 Ko] - G:\final exp voladura.pptx

2274 Ko] - G:\COMER PC5.pptx
1085 Ko] - G:\GER-PROY POW-POINT RVDO 3 10 2012.ppt
911 Ko] - G:\proyecto-olpc.ppt
26609 Ko] - G:\rock-mechanics_for-underground-minin

| N | 4823 Ko] - G:\Support_of_Underground_Excavations_in

| N | 2911 Ko] - G:\CAMARAS Y PILARES OSORIO BAZAN.pdf
| N | 14096 Ko] - G:\METODOLOGIA DE TRABAJOS CIENTIFICOS.
| N | 5800 Ko] - G:\MANUAL-MODELAMIENTO-Y-DISENO-EN-OPEN| N | 5745 Ko] - G:\Alan Garca y El Zambo Cavero
| N | 8077 Ko] - G:\Criollo
|
|
|
|
|
|

Y se llama Peru

Y se ll

Karaoke.m

|
|
|
|
|
|

N
N
N
N
N
N

1026 Ko] - G:\IMG_20141011_135206500.jpg

91 Ko] - G:\Comandos Bsicos de AUTOCAD.docx
191 Ko] - G:\FORMULARIOS.docx
14 Ko] - G:\Solicitud Quinto superior.docx
221 Ko] - G:\proyectt.docx
8365 Ko] - G:\MANUAL-MODELAMIENTO-Y-DISENO-EN-OPEN-

|
|
|
|
|
|
|
|
|
|
|
|

N | 121 Ko] - G:\INFORME 4.docx

N | 15 Ko] - G:\DECLOGO DE PREGUNTAS.docx
A | 15543 Ko] - G:\minesiht.osorio.docx
N | 238 Ko] - G:\CV.JAVIER_OSORIO_BAZAN.octubre.doc
N | 31 Ko] - G:\lectura 15.doc
N | 30 Ko] - G:\lectura 16.doc
D] - G:\
D] - G:\PROYECTO MINESIGHT
D] - G:\CLASES MINESIGHT GEOLOGOS
SHD] - G:\System Volume Information
D] - G:\temp
D] - G:\fomu 4-11-2014

[b]################## | Vaccin |[/b]

C:\Autorun.inf
D:\Autorun.inf
E:\Autorun.inf
G:\Autorun.inf

->
->
->
->

Vacuna
Vacuna
Vacuna
Vacuna

creada
creada
creada
creada

por
por
por
por

UsbFix
UsbFix
UsbFix
UsbFix

(El
(El
(El
(El

Desaparecido)
Desaparecido)
Desaparecido)
Desaparecido)

[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosviru

s.net/[/url] | [url=http://www.es.usbfix.net/]http://www.es.usbfix.net/[/url] |[
/b]