UsbFix Report

############################## | UsbFix V 7.
169 | [Supresin]
Usuario: ivan osorio (Administrador) # HPPAVILION
Actualizado el 08/05/2014 por El Desaparecido - Team SosVirus
Comenz a 00:32:09 | 08/06/2014
Sitio web : http://www.es.usbfix.net/
Changelog : http://www.usbfix.net/maj/
Support : http://es.kioskea.net/forum/virus-seguridad-7
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contacto : http://www.es.usbfix.net/contacto/
PC: Hewlett-Packard (183B)
CPU: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
RAM -> [Total : 8084 Mo| Free : 6203 Mo]
Bios: Insyde
Boot: Normal boot
OS: Microsoft Windows 8 Single Language (6.2.9200 64-Bit)
WB: Windows Internet Explorer : 10.0.9200.16899
WB: Mozilla Firefox : 29.0.1
SC:
WU:
AV:
AV:
AS:
AS:
FW:
Security Center [Enabled]

Windows Update [Enabled]
Windows Defender [(!) Disabled | Updated]
Norton AntiVirus [Enabled | Updated]
Norton AntiVirus [Enabled | Updated]
Windows Defender [(!) Disabled | Updated]
Windows FireWall [Enabled]
C:\
D:\
E:\
F:\
(%systemdrive%) -> Disco fijo # 448 Gb (237 Mb libre(s) - 53%) [] # NTFS

-> Disco fijo # 250 Gb (197 Mb libre(s) - 79%) [ARCHIVOS] # NTFS
-> CD-ROM
-> Disco extrable # 2 Gb (586 Mb libre(s) - 31%) [JAVIXO 2] # FAT32
################## | Procesos Activos |

C:\Windows\system32\csrss.exe (ID: 544 |ParentID: 532)
C:\Windows\system32\csrss.exe (ID: 604 |ParentID: 596)
C:\Windows\system32\wininit.exe (ID: 616 |ParentID: 532)
C:\Windows\system32\winlogon.exe (ID: 640 |ParentID: 596)
C:\Windows\system32\services.exe (ID: 696 |ParentID: 616)
C:\Windows\system32\lsass.exe (ID: 704 |ParentID: 616)
C:\Windows\system32\svchost.exe (ID: 812 |ParentID: 696)
C:\Windows\System32\svchost.exe (ID: 912 |ParentID: 696)
C:\Windows\system32\dwm.exe (ID: 956 |ParentID: 640)
C:\Program Files (x86)\iSafe\iSafeSvc.exe (ID: 972 |ParentID: 696)
C:\Program Files (x86)\iSafe\iSafeSvc2.exe (ID: 532 |ParentID: 972)
C:\Windows\System32\svchost.exe (ID: 1084 |ParentID: 696)
C:\Program Files\IDT\WDM\STacSV64.exe (ID: 1120 |ParentID: 696)
C:\Windows\system32\Hpservice.exe (ID: 1244 |ParentID: 696)
C:\Windows\System32\spoolsv.exe (ID: 1544 |ParentID: 696)
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ID: 1772 |ParentID
: 696)
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.ex

e (ID: 1812 |ParentID: 696)
C:\Program Files\Bonjour\mDNSResponder.exe (ID: 1884 |ParentID: 696)
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (ID: 1916 |ParentID:
696)
C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (ID: 2012 |ParentID: 696
)
C:\Windows\SysWOW64\ezSharedSvcHost.exe (ID: 1284 |ParentID: 696)
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (ID: 1572
|ParentID: 696)
C:\Windows\system32\dashost.exe (ID: 1760 |ParentID: 1084)
C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (ID: 1700 |Pare
ntID: 696)
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (ID: 2044 |P
arentID: 696)
C:\Program Files\Intel\iCLS Client\HeciServer.exe (ID: 2036 |ParentID: 696)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_servi
ce.exe (ID: 1268 |ParentID: 696)
C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\NAV.exe (ID: 2064 |Pare
ntID: 696)
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe (ID:
2116 |ParentID: 696)
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (I
D: 2176 |ParentID: 696)
C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\
WinNT\spnsrvnt.exe (ID: 2292 |ParentID: 696)
C:\Program Files (x86)\BlueStacks\HD-Service.exe (ID: 2372 |ParentID: 696)
C:\Program Files (x86)\BlueStacks\HD-Network.exe (ID: 2528 |ParentID: 2372)
C:\Windows\system32\conhost.exe (ID: 2572 |ParentID: 2528)
C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (ID: 2624 |ParentID: 2372)
C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (ID: 2744 |ParentID: 2372)
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (I
D: 2928 |ParentID: 696)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 3288 |ParentID: 812)
C:\Windows\System32\WUDFHost.exe (ID: 3884 |ParentID: 1084)
C:\Windows\system32\SearchIndexer.exe (ID: 4212 |ParentID: 696)
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe (ID:
4964 |ParentID: 2116)
C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\NAV.exe (ID: 4972 |Pare
ntID: 2064)
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (ID: 4980 |ParentID: 696)
C:\Windows\system32\taskhostex.exe (ID: 5032 |ParentID: 696)
C:\Windows\Explorer.EXE (ID: 3480 |ParentID: 5064)
C:\Windows\system32\runonce.exe (ID: 4492 |ParentID: 3480)
C:\Windows\SysWOW64\runonce.exe (ID: 4520 |ParentID: 4492)
C:\Program Files (x86)\iSafe\iSafeTray.exe (ID: 4636 |ParentID: 972)
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (ID: 3992 |ParentID: 5020)
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (ID: 2488 |ParentID: 696)
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (ID: 3040 |ParentID:
696)
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (ID
: 4408 |ParentID: 696)
C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteServ
ice.exe (ID: 3184 |ParentID: 696)
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.
exe (ID: 3332 |ParentID: 696)

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (ID: 3024 |
ParentID: 696)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\Int
elMeFWService.exe (ID: 3864 |ParentID: 696)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (
ID: 4920 |ParentID: 696)
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (
ID: 4224 |ParentID: 696)
C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser
.exe (ID: 4396 |ParentID: 3184)
C:\Windows\system32\SearchProtocolHost.exe (ID: 1784 |ParentID: 4212)
C:\Windows\system32\SearchFilterHost.exe (ID: 4432 |ParentID: 4212)
################## | Bsqueda genrica |
Suprimido ! F:\JAVIXO 2 (2GB).lnk
(!) Archivos temporales suprimido.
################## | Registro |
################## | Regedit Run |
F2 - HKLM\..\Winlogon : [Shell] Explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [GarenaPlus] "C:\Garena Plus\GarenaMessenger.exe" -autolaunch
04 - HKCU\..\Run : [Google Update] "C:\Users\ivan osorio\AppData\Local\Google\Up
date\GoogleUpdate.exe" /c
04 - HKLM\..\Run : [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bl
uetooth Stack\BtTray.exe"
04 - HKLM\..\Run : [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\
ezRecover.exe
04 - HKLM\..\Run : [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD1
0\PDVD10Serv.exe"
04 - HKLM\..\Run : [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Q
uick Launch\HPMSGSVC.exe
04 - HKLM\..\Run : [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP Cool
Sense\CoolSense.exe -byrunkey
04 - HKLM\..\Run : [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.
0\AdobeARM.exe"
04 - HKLM\..\Run : [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPer
fect Office X5\Programs\QFSCHD150.EXE"
04 - HKLM\..\Run : [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent
.exe
04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
04 - [x64] HKLM\..\Run : [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
04 - [x64] HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKU\S-1-5-21-3441420833-3709240768-807823134-1001\..\Run : [GarenaPlus] "C:
\Garena Plus\GarenaMessenger.exe" -autolaunch
04 - HKU\S-1-5-21-3441420833-3709240768-807823134-1001\..\Run : [Google Update]
"C:\Users\ivan osorio\AppData\Local\Google\Update\GoogleUpdate.exe" /c
################## | Listing |
[04/06/2014 - 23:56:08 | SHD] - C:\$RECYCLE.BIN
[28/10/2013 - 15:32:55 | D] - C:\$SysReset
[21/08/2013 - 11:06:44 | N | 0 Ko] - C:\1AC47A3CA2D9

[10/07/2013 - 10:01:38 | D] - C:\Archivos de programa
[27/04/2014 - 15:29:12 | D] - C:\Autocad 2011 64BITS
[21/02/2014 - 13:14:54 | N | 0 Ko] - C:\AVScanner.ini
[03/08/2012 - 18:21:36 | SHD] - C:\Boot
[25/07/2012 - 22:44:30 | RASH | 389 Ko] - C:\bootmgr
[02/06/2012 - 09:30:55 | N | 0 Ko] - C:\BOOTNXT
[08/06/2014 - 00:13:39 | D] - C:\Config.Msi
[17/04/2014 - 10:58:07 | D] - C:\EQWin
[06/07/2013 - 12:20:52 | D] - C:\Fraps
[01/05/2014 - 13:28:12 | D] - C:\FSTool
[02/06/2014 - 12:09:26 | D] - C:\g3
[23/12/2013 - 17:06:53 | D] - C:\Garena Plus
[17/04/2014 - 11:11:05 | D] - C:\gemcom
[10/07/2013 - 10:49:17 | D] - C:\Half-Life
[08/06/2014 - 00:26:47 | ASH | 6622636 Ko] - C:\hiberfil.sys
[08/07/2013 - 00:59:49 | D] - C:\HP
[01/05/2014 - 13:28:06 | N | 6 Ko] - C:\IFS.log
[29/04/2014 - 09:46:48 | N | 6 Ko] - C:\IFS_Movido_Previo_a_Nueva_Ejecucin el Da_0
1-05-2014_a_las_13h.20m.03s.log
[03/08/2012 - 17:39:51 | D] - C:\inetpub
[28/12/2012 - 15:13:28 | D] - C:\Intel
[30/09/2013 - 13:34:29 | D] - C:\Kpcms
[01/10/2013 - 12:16:32 | D] - C:\MineSight
[30/09/2013 - 12:37:00 | RHD] - C:\MSOCache
[02/07/2013 - 22:27:39 | D] - C:\Need for Speed Most Wanted
[08/06/2014 - 00:26:48 | ASH | 1245184 Ko] - C:\pagefile.sys
[26/07/2012 - 02:33:46 | D] - C:\PerfLogs
[05/05/2014 - 00:28:03 | D] - C:\Program Files
[16/05/2014 - 11:36:31 | D] - C:\Program Files (x86)
[16/05/2014 - 11:36:31 | HD] - C:\ProgramData
[06/07/2013 - 15:29:45 | D] - C:\Root
[15/01/2014 - 19:42:40 | N | 594 Ko | ECFA4E7350DE3BB49AE671A9A3382A35] - C:\Sec
urityScanner.dll
[08/06/2014 - 00:26:49 | ASH | 262144 Ko] - C:\swapfile.sys
[29/12/2012 - 01:04:20 | D] - C:\SWSetup
[08/06/2014 - 00:26:37 | SHD] - C:\System Volume Information
[02/07/2013 - 19:46:27 | D] - C:\SYSTEM.SAV
[17/04/2014 - 11:11:12 | N | 24 Ko] - C:\sysupdate.log
[18/05/2014 - 22:13:57 | D] - C:\UsbFix
[17/05/2014 - 04:03:17 | N | 12 Ko | 10A283FD835346F588A3657D86B277E1] - C:\UsbF
ix [Clean 10] HPPAVILION.txt
[08/06/2014 - 00:32:50 | A | 11 Ko | 52E42F1C1250DDCC5AC9832E4AD1E270] - C:\UsbF
[17/05/2014 - 00:37:57 | N | 25 Ko | C486CE696A7870EB75C5212ECA44113F] - C:\UsbF
[17/05/2014 - 00:52:50 | N | 17 Ko | CBC915B766DABE9FBB91E778011B2C79] - C:\UsbF
[17/05/2014 - 03:55:59 | N | 16 Ko | 99B8836C9466CD14B9C383455DB97987] - C:\UsbF
[17/05/2014 - 03:59:42 | N | 13 Ko | 5B098B41074B7491D16B120476D934CE] - C:\UsbF
[22/12/2013 - 10:43:08 | D] - C:\Users
[22/03/2014 - 16:07:44 | D] - C:\Warcraft III
[14/05/2014 - 06:58:58 | D] - C:\Windows
[06/07/2013 - 10:07:41 | D] - C:\wow cataclysm
[02/04/2014 - 13:37:12 | N | 3 Ko] - C:\{34395C5B-425A-430C-AF18-3CFC07E3E01F}
[12/02/2014 - 22:44:41 | N | 2 Ko] - C:\{58F32DCF-BD29-41F0-93AA-73034B58F1F7}
[04/03/2014 - 09:59:53 | N | 2 Ko] - C:\{70E97178-2026-439A-9AE2-9F6D79D2E994}
[02/04/2014 - 13:49:38 | N | 3 Ko] - C:\{7D2DA872-5FFC-49B0-B3A8-08C129C83C08}
[02/04/2014 - 12:54:21 | N | 3 Ko] - C:\{93C12AAE-4C8B-49CA-A2F3-CF4A1E62AB7B}

[20/01/2014 - 14:57:53 | N | 2 Ko] - C:\{A0949321-26BD-4C1C-A1F2-51769CFF3162}
[22/03/2014 - 11:02:50 | SHD] - D:\$RECYCLE.BIN
[22/03/2014 - 11:04:46 | D] - D:\--FL.St--dio.10-Full
[24/12/2013 - 00:37:42 | N | 0 Ko] - D:\1AC47A3CA2D9
[10/07/2013 - 16:56:46 | N | 120614 Ko] - D:\Adobe Photoshop CS6 Portable Esp.ra
r
[22/03/2014 - 11:03:27 | D] - D:\Adobe Photoshop CS6.v13.0_luidm
[17/07/2013 - 15:33:14 | N | 11521 Ko | 4606517C53F8BBCBA10DA50445F3646B] - D:\a
TubeCatcher.exe
[22/03/2014 - 11:04:21 | D] - D:\camtasia
[22/03/2014 - 11:04:22 | D] - D:\clases de el senati
[22/03/2014 - 11:04:26 | D] - D:\Dreamweaver
[11/06/2013 - 10:57:10 | N | 1242 Ko | 06050EB132F1FFE733A368933C765E04] - D:\Fr
eemakeVideoDownloaderSetup.exe
[06/06/2014 - 00:12:27 | D] - D:\JAVIER
[22/03/2014 - 11:04:53 | D] - D:\norton 2013 espaol actualizador
[22/03/2014 - 11:05:05 | D] - D:\Photoshop_CS4_por_Paolitaaa
[22/03/2014 - 11:05:32 | D] - D:\PlantsVsZombies instaldor
[08/06/2014 - 00:26:44 | SHD] - D:\System Volume Information
[22/03/2014 - 11:05:41 | D] - D:\virtual dj pro 7 + skink + efectos y sampler ke
nv
[08/05/2014 - 17:27:18 | N | 76 Ko] - D:\VirtualDJ Local Database v6.xml
[01/01/2008 - 02:59:28 | RASH | 3 Ko] - F:\desktop.ini
[01/01/2008 - 02:59:30 | RASH | 524 Ko] - F:\Thumbs.db
[01/01/2008 - 02:59:06 | D] - F:\
################## | Vaccin |
D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
F:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
################## | E.O.F | http://www.es.usbfix.net/ - http://www.sosvirus.net
|

UsbFix Report

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

UsbFix Report

Transféré par

Droits d'auteur :

Formats disponibles

############################## | UsbFix V 7.

Security Center [Enabled]

(%systemdrive%) -> Disco fijo # 448 Gb (237 Mb libre(s) - 53%) [] # NTFS

################## | Procesos Activos |

C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.ex

exe (ID: 3332 |ParentID: 696)

[21/08/2013 - 11:06:44 | N | 0 Ko] - C:\1AC47A3CA2D9

[02/04/2014 - 12:54:21 | N | 3 Ko] - C:\{93C12AAE-4C8B-49CA-A2F3-CF4A1E62AB7B}

Vous aimerez peut-être aussi