Scribd Logo
Carica

Benvenuto in Scribd!

  • UsbFix Report

    Caricato da

    Kevin Hess
    17 visualizzazioni4 pagine

    Copyright

    © © All Rights Reserved

    Formati disponibili

    TXT, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento

    Copyright:

    © All Rights Reserved
    Scarica in formato TXT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    17 visualizzazioni4 pagine

    UsbFix Report

    Caricato da

    Kevin Hess

    Copyright:

    © All Rights Reserved
    Scarica in formato TXT, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 4

    [b]############################## | UsbFix V 7.

    181 | [Limpar][/b]
    Usurio: rklems (Administrador) # DFP0002
    Atualizado em 31/08/2014 por El Desaparecido - SosVirus
    Comeou em 13:48:58 | 05/09/2014
    Site : [url=http://www.pt.usbfix.net/]http://www.pt.usbfix.net/[/url]
    Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
    Asistencia : [url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url]
    Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosv
    irus.net/upload_malware.php[/url]
    Contato : [url=http://www.pt.usbfix.net/contato/]http://www.pt.usbfix.net/contat
    o/[/url]
    [b]################## | System information |[/b]
    MB: LENOVO (MAHOBAY)
    CPU: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
    GC: Intel(R) HD Graphics
    RAM -> [Total : 7984 Mo | Free : 6227 Mo]
    Bios: LENOVO
    Boot: Normal boot
    OS: Microsoft Windows 7 Professional (6.1.7601 64-Bit) Service Pack 1
    WB: Internet Explorer : 11.00.9600.16428
    WB: Google Chrome : 37.0.2062.103
    [b]################## | Security Information |[/b]
    FW: Windows Firewall [[b](!) No ativo[/b]]
    SC: Security Center [[b](!) No ativo[/b]]
    WU: Windows Update [Ativo]
    [b]################## | Disk Information |[/b]
    C:\
    D:\
    F:\
    H:\
    U:\
    X:\

    (%SystemDrive%) ->
    -> Disco fixo # 12
    -> Disco de rede #
    -> Disco removvel
    -> Disco de rede #
    -> Disco de rede #

    Disco fixo # 452 Gb (395 Gb livre - 87%) [] # NTFS


    Gb (9 Gb livre - 78%) [Disco local (D:)] # NTFS
    1660 Gb (278 Gb livre - 17%) [New Volume] # NTFS
    # 15 Gb (10 Gb livre - 69%) [BLU] # FAT32
    1660 Gb (278 Gb livre - 17%) [New Volume] # NTFS
    1660 Gb (278 Gb livre - 17%) [New Volume] # NTFS

    [b]################## | Procura genrica |[/b]


    Supprimido! C:\Users\rklems\AppData\Roaming\Microsoft\Windows\Start Menu\Program
    s\Startup\86.js
    Supprimido! C:\Users\rklems\AppData\Roaming\c6\d05.js
    Supprimido! C:\Users\rklems\AppData\Roaming\c6
    Supprimido! H:\LOST.DIR.lnk
    Supprimido! H:\z7logs.lnk
    Supprimido! H:\Android.lnk
    Supprimido! H:\Attachments.lnk
    Supprimido! H:\backup.lnk
    Supprimido! H:\blackmart.lnk
    Supprimido! H:\DCIM.lnk
    Supprimido! H:\Documents.lnk
    Supprimido! H:\Download.lnk
    Supprimido! H:\Musicas.lnk
    Supprimido! H:\MyFavorite.lnk
    Supprimido! H:\NavitelContent.lnk

    Supprimido! H:\Photos.lnk
    Supprimido! H:\WhatsApp.lnk
    Supprimido! C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\86.js
    Supprimido! C:\msvcr71.dll
    Supprimido! H:\Autorun.inf
    Supprimido! C:\Program Files\d943d\d84.js
    Supprimido! C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
    \Startup\86.js
    Supprimido! C:\Users\Administrador\AppData\Roaming\c6\d05.js
    Supprimido! C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\
    Programs\Startup\86.js
    Supprimido! C:\Users\aserpe\AppData\Roaming\c6\d05.js
    Supprimido! C:\Users\aserpe\AppData\Roaming\Microsoft\Windows\Start Menu\Program
    s\Startup\86.js
    Supprimido! C:\Users\ccordeiro\AppData\Roaming\c6\d05.js
    Supprimido! C:\Users\ccordeiro\AppData\Roaming\Microsoft\Windows\Start Menu\Prog
    rams\Startup\86.js
    Supprimido! C:\Users\jcovalski\AppData\Roaming\c6\d05.js
    Supprimido! C:\Users\jcovalski\AppData\Roaming\Microsoft\Windows\Start Menu\Prog
    rams\Startup\86.js
    Supprimido! C:\Users\jcurupana\AppData\Roaming\c6\d05.js
    Supprimido! C:\Users\jcurupana\AppData\Roaming\Microsoft\Windows\Start Menu\Prog
    rams\Startup\86.js
    Supprimido! C:\Users\jhsilva.SABBKO\AppData\Roaming\Microsoft\Windows\Start Menu
    \Programs\Startup\86.js
    Supprimido! C:\Users\lalberichi\AppData\Roaming\c6\d05.js
    Supprimido! C:\Users\lalberichi\AppData\Roaming\Microsoft\Windows\Start Menu\Pro
    grams\Startup\86.js
    Supprimido! C:\Users\lmorais\AppData\Roaming\Microsoft\Windows\Start Menu\Progra
    ms\Startup\86.js
    Supprimido! C:\Users\mdsantos\AppData\Roaming\c6\d05.js
    Supprimido! C:\Users\mdsantos\AppData\Roaming\Microsoft\Windows\Start Menu\Progr
    ams\Startup\86.js
    Supprimido! C:\Users\omendes.SABBKO\AppData\Roaming\Microsoft\Windows\Start Menu
    \Programs\Startup\86.js
    Supprimido! C:\Users\pszwarc\AppData\Roaming\c6\d05.js
    Supprimido! C:\Users\pszwarc\AppData\Roaming\Microsoft\Windows\Start Menu\Progra
    ms\Startup\86.js
    Supprimido! C:\Users\rodvaz\AppData\Roaming\c6\d05.js
    Supprimido! C:\Users\rodvaz\AppData\Roaming\Microsoft\Windows\Start Menu\Program
    s\Startup\86.js
    Supprimido! C:\Users\thiagomj.terc\AppData\Roaming\Microsoft\Windows\Start Menu\
    Programs\Startup\86.js
    Supprimido! H:\c6c\idbdbd.js
    Supprimido! H:\c6c\gd75fd.js
    (!) Ficheiros temporrios suprimido. (77.2431802749634 MB)
    [b]################## | Registro |[/b]
    Reparado ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoCo
    ntrolPanel -> 0
    Reparado ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoFo
    lderOptions -> 0
    Reparado ! HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore|DisableConf
    ig -> 0
    Supprimido! [x64] HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\d05
    Supprimido! HKU\S-1-5-21-1397690052-2149890184-2988539930-25110\Software\Microso
    ft\Windows\CurrentVersion\Run|d05
    Supprimido! HKU\S-1-5-21-1397690052-2149890184-2988539930-9825\Software\Microsof

    t\Windows\CurrentVersion\Run|d05
    Supprimido! HKU\S-1-5-21-1397690052-2149890184-2988539930-9995\Software\Microsof
    t\Windows\CurrentVersion\Run|d05
    [b]################## | Regedit Run |[/b]
    F2 - HKLM\..\Winlogon : [Shell] explorer.exe
    F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
    F2 - HKLM\..\Winlogon : [Userinit] userinit.exe
    F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
    04 - HKCU\..\Run : [Symprex Mail Signature Manager Sign] "C:\Program Files (x86)
    \Symprex\Mail Signature Manager Sign\sign.exe"
    04 - [x64] HKLM\..\Run : [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.
    exe -s
    04 - [x64] HKLM\..\Run : [IgfxTray] C:\Windows\system32\igfxtray.exe
    04 - [x64] HKLM\..\Run : [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    04 - [x64] HKLM\..\Run : [Persistence] C:\Windows\system32\igfxpers.exe
    04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
    /autoRun
    04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
    /autoRun
    04 - HKU\S-1-5-21-1397690052-2149890184-2988539930-9995\..\Run : [Symprex Mail S
    ignature Manager Sign] "C:\Program Files (x86)\Symprex\Mail Signature Manager Si
    gn\sign.exe"
    04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
    04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
    [b]################## | UsbFix - Informao |[/b]
    Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Como remover o vrus do at
    alho no disco flash (Vdeo)[/url]
    Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Atalho vr
    us no disco flash, que isso?[/url]
    [b]################## | Hijack |[/b]
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!
    Restorado!

    [D]
    [D]
    [D]
    [D]
    [D]
    [D]
    [D]
    [D]
    [D]
    [D]
    [D]
    [D]
    [D]
    [D]
    [D]

    H:\LOST.DIR
    H:\z7logs
    H:\Android
    H:\Attachments
    H:\backup
    H:\blackmart
    H:\DCIM
    H:\Documents
    H:\Download
    H:\Musicas
    H:\MyFavorite
    H:\NavitelContent
    H:\Photos
    H:\WhatsApp
    H:\c6c

    [b]################## | C:\ %SystemDrive% - Disco fixo (NTFS) |[/b]


    [17/01/2014
    [05/09/2014
    [05/09/2014
    [17/01/2014
    [04/09/2014
    [04/09/2014

    13:31:53
    07:07:00
    07:07:01
    13:30:36
    09:53:59
    09:29:55

    |
    |
    |
    |
    |
    |

    N |
    ASH
    ASH
    N |
    A |
    A |

    0
    |
    |
    0
    1
    1

    Ko] - C:\asrcinst.txt
    6131588 Ko] - C:\hiberfil.sys
    8175452 Ko] - C:\pagefile.sys
    Ko] - C:\asuinstall.log
    Ko] - C:\CoreServer.err
    Ko] - C:\CoreServer.er-

    [26/08/2014
    [14/07/2009
    [14/07/2009
    [16/01/2014
    [16/01/2014
    [16/01/2014
    [17/01/2014
    [17/01/2014
    [17/01/2014
    [14/04/2014
    [10/06/2014
    [26/08/2014
    [26/08/2014
    [04/09/2014
    [04/09/2014
    [04/09/2014
    [04/09/2014
    [05/09/2014

    09:40:08
    00:20:08
    02:08:56
    10:48:23
    10:48:23
    11:27:45
    07:57:20
    08:02:57
    13:40:16
    15:26:10
    12:17:54
    09:39:18
    09:39:42
    11:00:11
    11:00:39
    11:18:27
    17:09:24
    13:48:47

    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |

    SHD] - C:\$Recycle.Bin
    D] - C:\PerfLogs
    SHD] - C:\Documents and Settings
    D] - C:\Arquivos de Programas
    SHD] - C:\Recovery
    D] - C:\ldiag
    D] - C:\SWTOOLS
    D] - C:\Intel
    RHD] - C:\MSOCache
    D] - C:\c75
    N | 622 Ko] - C:\%
    D] - C:\Program Files
    D] - C:\Users
    D] - C:\Windows
    SHD] - C:\System Volume Information
    D] - C:\Program Files (x86)
    HD] - C:\ProgramData
    D] - C:\UsbFix

    [b]################## | D:\ - Disco fixo (NTFS) |[/b]


    [02/09/2014
    [25/01/2014
    [30/08/2014
    [01/09/2014
    [01/09/2014

    16:17:07
    10:47:13
    08:46:46
    07:36:53
    07:43:11

    |
    |
    |
    |
    |

    SHD]
    SHD]
    D] D] D] -

    - D:\$RECYCLE.BIN
    - D:\System Volume Information
    D:\Nova pasta (2)
    D:\DESKTOP LEO
    D:\Fotos

    [b]################## | H:\ - Disco removvel (FAT32) |[/b]


    [02/09/2014
    [02/09/2014
    [03/09/2014
    [29/08/2014
    [02/09/2014
    [02/09/2014
    [02/09/2014
    [02/09/2014
    [02/09/2014
    [02/09/2014
    [02/09/2014
    [02/09/2014
    [02/09/2014
    [02/09/2014
    [03/09/2014
    [04/09/2014
    [04/09/2014

    08:12:30
    07:31:18
    06:03:46
    23:43:38
    07:31:18
    07:31:26
    07:31:26
    07:31:28
    07:31:28
    07:34:10
    07:35:06
    07:35:40
    07:35:56
    09:04:36
    04:00:00
    20:42:26
    20:42:28

    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |
    |

    D] - H:\LOST.DIR
    D] - H:\.android_secure
    A | 0 Ko] - H:\.adups
    D] - H:\Documents
    D] - H:\Android
    D] - H:\blackmart
    D] - H:\Attachments
    D] - H:\DCIM
    D] - H:\Download
    D] - H:\Musicas
    D] - H:\MyFavorite
    D] - H:\NavitelContent
    D] - H:\Photos
    D] - H:\c6c
    D] - H:\WhatsApp
    D] - H:\z7logs
    D] - H:\backup

    [b]################## | Vaccin |[/b]


    C:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
    D:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
    H:\Autorun.inf -> Vacina criada por UsbFix (El Desaparecido)
    [b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosviru
    s.net/[/url] | [url=http://www.pt.usbfix.net/]http://www.pt.usbfix.net/[/url] |[
    /b]

    Potrebbero piacerti anche