[b]############################## | UsbFix V 8.

156 | [Clean][/b]

User: Rohit (Administrator) # ROHIT-PC

Updated 01/12/2015 by SosVirus
Started at 10:17:12 | 19/06/2017

Website : [url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url]
Tutorial : [url=http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-
scan/]http://www.pt.usbfix.net/2014/03/tutorial-do-usbfix-scan/[/url]
Support : [url=http://www.sos-virus.net/]http://www.sos-virus.net/[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]
Contact : [url=http://www.en.usbfix.net/contact/]http://www.en.usbfix.net/contact/
[/url]

[b]################## | System information |[/b]

MB: Dell Inc. (061W4M)

CPU: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
GC: Intel(R) HD Graphics 3000
RAM -> [Total : 3494 Mo | Free : 2551 Mo]
Bios: Dell Inc.
Boot: Normal boot

OS: Microsoft Windows 7 Ultimate (6.1.7601 32-Bit) Service Pack 1

WB: Internet Explorer : 8.00.7600.16385
WB: Google Chrome : 58.0.3029.110
WB: Mozilla Firefox : 53.0.3

[b]################## | Security Information |[/b]

AS: Windows Defender [Enabled |[b](!) Outdated[/b]]

FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

[b]################## | Disk Information |[/b]

C:\ (%SystemDrive%) -> Fixed disk # 58 Gb (7 Gb free - 12%) [Local Drive] # NTFS
D:\ -> Fixed disk # 173 Gb (15 Gb free - 9%) [Document Drive] # NTFS
E:\ -> Fixed disk # 234 Gb (122 Gb free - 52%) [Media Drive] # NTFS
G:\ -> Removable disk # 15 Gb (15 Gb free - 100%) [] # FAT32
H:\ -> Fixed disk # 100 Mb (32 Mb free - 32%) [Internal Drive] # NTFS

[b]################## | Generic Research |[/b]

Deleted! G:\ .scr

Deleted! C:\Windows\system32\X05778go\desktop.ini
Deleted! C:\Windows\system32\X05778go\McAfee Security Scan Plus.lnk
Deleted! C:\Windows\system32\X05778go
Deleted! G:\Recycler\S-8-2-42-6721512504-5534105618-868825523-1252\ZIsTiheh.exe
Deleted! G:\Recycler\S-8-2-42-6721512504-5534105618-868825523-1252\NcQRlnkE.cpl
Deleted! G:\Recycler\S-8-2-42-6721512504-5534105618-868825523-1252\hSuZfFLZ.exe
Deleted! G:\Recycler\S-8-2-42-6721512504-5534105618-868825523-1252\iwIQIOtg.cpl
Deleted! G:\Recycler\S-8-2-42-6721512504-5534105618-868825523-1252\hnNYKsJv.exe
Deleted! G:\Recycler\S-8-2-42-6721512504-5534105618-868825523-1252\mbQFdPoE.cpl
Deleted! G:\Recycler\S-8-2-42-6721512504-5534105618-868825523-1252
Deleted! G:\Copy of Shortcut to (1).lnk
Deleted! G:\Copy of Shortcut to (2).lnk
Deleted! G:\Copy of Shortcut to (3).lnk
Deleted! G:\Copy of Shortcut to (4).lnk
Deleted! C:\Program Files\rmuyauld\asmlkurq.exe
Deleted! C:\Users\Rohit\AppData\Local\Google\Chrome\User Data\Default\Pepper
Data\Shockwave Flash\WritableRoot\#SharedObjects\RaHasIA
.exe
Deleted! C:\Users\Rohit\AppData\Local\Microsoft\Device
Metadata\dmrccache\downloads\Love Song
.scr
Deleted! C:\Users\Rohit\AppData\Local\SHAREit Technologies\SHAREit\Gallery
.scr
Deleted! C:\Users\Rohit\AppData\Local\VirtualStore\Program Files\Adobe\Adobe
Dreamweaver CS3\configuration\Connections\Shared\Blink 182
.exe
Deleted! C:\Users\Rohit\AppData\Local\VirtualStore\Program Files\Adobe\Adobe
Dreamweaver CS3\configuration\ServerBehaviors\Shared\Titip Folder Jangan DiHapus
.exe
Deleted! C:\Users\Rohit\AppData\Local\VirtualStore\Program Files\Adobe\Adobe
Dreamweaver CS3\configuration\Shared\Norman virus Control 5.18
.exe
Deleted! C:\Users\Rohit\AppData\Local\VirtualStore\Program
Files\Macromedia\Dreamweaver 8\Configuration\Connections\Shared\RaHasIA
.exe
Deleted! C:\Users\Rohit\AppData\Local\VirtualStore\Program
Files\Macromedia\Dreamweaver 8\Configuration\ServerBehaviors\Shared\Love Song
.scr
Deleted! C:\Users\Rohit\AppData\Local\VirtualStore\Program
Files\Macromedia\Dreamweaver 8\Configuration\Shared\Lagu - Server
.scr
Deleted! C:\Users\Rohit\AppData\Roaming\Macromedia\Flash
Player\#SharedObjects\Titip Folder Jangan DiHapus
.exe
Deleted! C:\Users\Rohit\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\asmlkurq.exe
Deleted! C:\Users\Rohit\AppData\Roaming\uTorrent\share\Titip Folder Jangan DiHapus
.exe
Deleted! G:\ \SanDisk SecureAccess .scr
Deleted! G:\ \ .scr
Deleted! G:\ \New Folder(2).exe
Deleted! G:\gfhj Porn.exe
Restored! [D] G:\
Restored! [N] G:\autorun.inf
Restored! G:\ \SanDiskSecureAccessV3_win.exe -> G:\SanDiskSecureAccessV3_win.exe
Restored! G:\ \SanDisk SecureAccess\DownloadForMac_SanDiskSecureAccessV3.0.pdf ->
G:\SanDisk SecureAccess\DownloadForMac_SanDiskSecureAccessV3.0.pdf
Restored! G:\ \SanDisk SecureAccess\SanDisk_SecureAccessV3.0_QSG.pdf -> G:\SanDisk
SecureAccess\SanDisk_SecureAccessV3.0_QSG.pdf
Restored! G:\ \pneumatics test.txt -> G:\pneumatics test.txt
Restored! G:\ \Feedback form Sample.docx -> G:\Feedback form Sample.docx
Restored! G:\ \losumuwyfjvixbfvsmcmrnajfa.plc -> G:\losumuwyfjvixbfvsmcmrnajfa.plc
Restored! G:\ \desktop.ini -> G:\desktop.ini
Restored! G:\ \S7-1200 Question Paper.docx -> G:\S7-1200 Question Paper.docx
Restored! G:\ \IndexerVolumeGuid -> G:\IndexerVolumeGuid

(!) Temporary files deleted. (24.0113801956177 MB)

[b]################## | Startup |[/b]

F2 - HKLM\..\Winlogon : [Shell] explorer.exe,

"C:\Users\Rohit\AppData\Roaming\Microsoft\Windows\Templates\O64747Z\TuxO64747Z.exe"
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe ,
"C:\Windows\M46830\Ja67831bLay.com",C:\Program Files\rmuyauld\asmlkurq.exe
04 - HKCU\..\Run : [T1468388TT4] C:\Windows\system32\227487655073l.exe
04 - HKLM\..\Run : [Apoint] C:\Program Files\DellTPad\Apoint.exe
04 - HKLM\..\Run : [IgfxTray] "C:\Windows\system32\igfxtray.exe"
04 - HKLM\..\Run : [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
04 - HKLM\..\Run : [Persistence] "C:\Windows\system32\igfxpers.exe"
04 - HKLM\..\Run : [S7UB Start] "C:\Program Files\Common
Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
04 - HKU\S-1-5-19\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
/autoRun
04 - HKU\S-1-5-21-2477152695-1694337231-205870712-1000\..\Run : [T1468388TT4]
C:\Windows\system32\227487655073l.exe
04 - HKU\S-1-5-19\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe
04 - HKU\S-1-5-20\..\RunOnce : [mctadmin] C:\Windows\System32\mctadmin.exe

[b]################## | UsbFix - Information |[/b]

Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]How to remove shortcut

virus on flash disk (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Shortcut
virus on flash disk, What is it ?[/url]
Live detection : [url=http://how-to-remove.us/]http://how-to-remove.us/[/url]

[b]################## | C:\ %SystemDrive% - Fixed drive (NTFS) |[/b]

[11/06/2009 - 03:12:20 | A | 0 Ko] - C:\config.sys

[30/07/2012 - 02:23:36 | RASH | 0 Ko] - C:\MSDOS.SYS
[30/07/2012 - 02:23:36 | RASH | 0 Ko] - C:\IO.SYS
[19/06/2017 - 10:14:57 | ASH | 2683596 Ko] - C:\hiberfil.sys
[19/06/2017 - 10:15:03 | ASH | 3578132 Ko] - C:\pagefile.sys
[09/06/2017 - 10:28:55 | D] - C:\Config.Msi
[14/03/2014 - 20:51:09 | SHD] - C:\$Recycle.Bin
[14/07/2009 - 08:07:05 | D] - C:\PerfLogs
[14/07/2009 - 10:23:55 | SHD] - C:\Documents and Settings
[26/07/2012 - 09:14:30 | RASH | 389 Ko] - C:\bootmgr
[30/07/2012 - 02:09:20 | D] - C:\Intel
[14/03/2014 - 18:00:50 | D] - C:\dell
[14/03/2014 - 20:50:52 | SHD] - C:\Recovery
[19/07/2014 - 23:25:20 | RD] - C:\Users
[02/03/2015 - 16:01:20 | RHD] - C:\MSOCache
[10/04/2017 - 11:04:15 | D] - C:\AX NF ZZ
[17/05/2017 - 15:34:17 | D] - C:\UsbFix
[08/06/2017 - 15:47:18 | D] - C:\Windows
[09/06/2017 - 16:25:59 | D] - C:\Program Files
[09/06/2017 - 16:56:47 | HD] - C:\ProgramData
[19/06/2017 - 10:17:18 | D] - C:\Temp

[b]################## | D:\ - Fixed drive (NTFS) |[/b]

[28/05/2017 - 21:18:47 | A | 11 Ko] - D:\password stick.docx

[14/03/2014 - 20:51:09 | SHD] - D:\$RECYCLE.BIN
[08/02/2016 - 18:00:12 | D] - D:\dell inspiron driveres
[03/02/2017 - 17:13:34 | D] - D:\ME
[22/02/2017 - 17:12:41 | D] - D:\dust bin
[23/03/2017 - 14:45:00 | D] - D:\queries
[09/04/2017 - 21:55:30 | D] - D:\camtasia
[24/05/2017 - 23:55:34 | RD] - D:\stuff
[25/05/2017 - 00:02:44 | RD] - D:\WORK
[02/06/2017 - 15:33:04 | D] - D:\RECORDS
[05/06/2017 - 22:50:04 | RD] - D:\ece btech
[08/06/2017 - 15:25:41 | D] - D:\Automation Full Package
[08/06/2017 - 16:48:15 | D] - D:\AUTOMATION

[b]################## | E:\ - Fixed drive (NTFS) |[/b]

[17/06/2016 - 18:54:10 | A | 11413 Ko] - E:\Sim_EKB_Install_2015_03_29.zip

[02/04/2017 - 08:44:00 | A | 1666 Ko] - E:\multirom_uninstaller.zip
[02/04/2017 - 13:02:02 | A | 924002 Ko] -
E:\XT1550_OSPREY_RETASIA_DS_2GB_6.0.1_MPI24.107-55-2_cid7_subsidy-
DEFAULT_CFC.xml.zip
[25/05/2017 - 12:48:04 | N | 9822 Ko] - E:\Sim_EKB_Install_2016_10_10_TIA14.zip
[17/05/2017 - 11:00:07 | A | 27710 Ko] - E:\Working_with_WinCC_V7.3.pdf
[28/05/2017 - 17:58:19 | A | 0 Ko] - E:\Local Disk (D) - Shortcut.lnk
[14/03/2014 - 20:51:09 | SHD] - E:\$RECYCLE.BIN
[12/07/2016 - 15:25:36 | D] - E:\Practice Mock Tests For SBI PO 2015 Preparation
[12/07/2016 - 15:36:23 | D] - E:\english
[10/12/2016 - 14:17:39 | RD] - E:\downloads
[03/02/2017 - 12:38:57 | D] - E:\exel
[03/02/2017 - 17:10:42 | D] - E:\plc softwarer
[21/03/2017 - 16:36:29 | D] - E:\Sim_EKB_Install_2015_03_29
[21/03/2017 - 16:53:09 | D] - E:\basics
[21/03/2017 - 16:53:10 | D] - E:\drive basics matr
[29/04/2017 - 22:32:14 | D] - E:\movies
[11/05/2017 - 13:16:40 | D] - E:\sci ficseries
[24/05/2017 - 23:38:01 | RD] - E:\radha soami
[25/05/2017 - 12:49:03 | D] - E:\DCIM
[03/06/2017 - 22:45:23 | D] - E:\learning t
[08/06/2017 - 15:23:02 | D] - E:\Program Files
[09/06/2017 - 08:13:20 | D] - E:\siemens

[b]################## | G:\ - Removable drive (FAT32) |[/b]

[16/06/2017 - 15:05:20 | D] - G:\

[29/05/2017 - 14:21:54 | A | 22 Ko] - G:\PLC S7-1200 Test.docx
[19/06/2017 - 10:16:40 | D] - G:\RECYCLER
[19/06/2017 - 10:17:00 | N | 0 Ko] - G:\autorun.inf
[21/04/2015 - 17:04:08 | N | 15649 Ko] - G:\SanDiskSecureAccessV3_win.exe
[19/06/2017 - 10:21:36 | D] - G:\SanDisk SecureAccess
[01/01/2005 - 00:23:10 | N | 0 Ko] - G:\pneumatics test.txt
[30/05/2017 - 12:21:34 | N | 14 Ko] - G:\Feedback form Sample.docx
[16/06/2017 - 16:01:38 | N | 25296 Ko] - G:\losumuwyfjvixbfvsmcmrnajfa.plc
[16/06/2017 - 16:01:38 | N | 0 Ko] - G:\desktop.ini
[06/08/2016 - 05:42:20 | N | 20 Ko] - G:\S7-1200 Question Paper.docx
[16/06/2017 - 16:01:38 | N | 599 Ko] - G:\IndexerVolumeGuid
[16/06/2015 - 14:58:30 | SHD] - G:\ \SanDisk SecureAccess
[21/04/2015 - 17:03:50 | N | 347 Ko] - G:\SanDisk
SecureAccess\DownloadForMac_SanDiskSecureAccessV3.0.pdf
[21/04/2015 - 17:03:50 | N | 2614 Ko] - G:\SanDisk
SecureAccess\SanDisk_SecureAccessV3.0_QSG.pdf

[b]################## | H:\ - Fixed drive (NTFS) |[/b]

[14/03/2014 - 20:51:09 | SHD] - H:\$RECYCLE.BIN

[15/03/2014 - 10:10:04 | RASH | 8 Ko] - H:\BOOTSECT.BAK
[02/06/2012 - 20:00:55 | N | 0 Ko] - H:\BOOTNXT
[20/09/2012 - 11:57:51 | RASH | 389 Ko] - H:\bootmgr
[18/03/2014 - 07:36:00 | N | 200 Ko] - H:\GRLDR
[09/01/2017 - 22:04:26 | SHD] - H:\Boot

[b]################## | Vaccin |[/b]

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

[b]Analysed in 263.5 seconds[/b]

[b]################## | E.O.F |
[url=http://www.sosvirus.net/]http://www.sosvirus.net/[/url] |
[url=http://www.en.usbfix.net/]http://www.en.usbfix.net/[/url] |[/b]