Está en la página 1de 5

[b]############################## | UsbFix V 7.

184 | [Limpiar][/b]
Usuario: ZR (Administrador) # PC-ZR
Actualizado el 20/10/2014 por El Desaparecido - SosVirus
Comenz a 21:51:54 | 02/11/2014
Sitio web : [url=http://www.es.usbfix.net/]http://www.es.usbfix.net/[/url]
Changelog : [url=http://www.usbfix.net/maj/]http://www.usbfix.net/maj/[/url]
Asistencia : [url=http://www.forospyware.com/foro-de-virus-y-spywares/]http://ww
w.forospyware.com/foro-de-virus-y-spywares/[/url]
Upload Malware : [url=http://www.sosvirus.net/upload_malware.php]http://www.sosv
irus.net/upload_malware.php[/url]
Dtection en directo : [url=http://como-eliminar.net/]http://como-eliminar.net/[/u
rl]
Contacto : [url=http://www.es.usbfix.net/contacto/]http://www.es.usbfix.net/cont
acto/[/url]
[b]################## | System information |[/b]
CPU: AMD Phenom(tm) II X3 720 Processor
RAM -> [Total : 3327 Mo | Free : 2396 Mo]
Boot: Normal boot
OS:
WB:
WB:
WB:

Microsoft Windows XP (5.1.2600 32-Bit) Service Pack 3


Internet Explorer : 8.00.6001.18702
Google Chrome : 38.0.2125.111
Mozilla Firefox : 32.0.3

[b]################## | Security Information |[/b]


AS:
FW:
SC:
WU:

Malwarebytes Anti-Malware : 2.0.3.1025


Windows Firewall [Activado]
Security Center [Activado]
Windows Update [Activado]

[b]################## | Disk Information |[/b]


C:\
E:\
F:\
G:\
L:\

(%SystemDrive%) ->
-> Disco fijo # 78
-> Disco fijo # 78
-> Disco fijo # 64
-> Disco extrable

Disco fijo # 78 Gb (16 Gb libre(s) - 20%) [] # NTFS


Gb (3 Gb libre(s) - 4%) [Nuevo vol] # NTFS
Gb (4 Gb libre(s) - 4%) [Nuevo vol] # NTFS
Gb (2 Gb libre(s) - 3%) [Nuevo vol] # NTFS
# 15 Gb (6 Gb libre(s) - 40%) [HP V210W] # FAT32

[b]################## | Bsqueda genrica |[/b]


Borrado! L:\carpeta\FISICA 3 AVANCE PROYECTO BOMBA HIDRAULICA.docx
Borrado! L:\carpeta\tamizado y molienda.docx
Borrado! L:\carpeta\Thumbs.db
Borrado! L:\carpeta\Fisica-III-lab 2 final.docx
Borrado! L:\carpeta\INFORME 2-OPU.docx
Borrado! L:\carpeta
No suprimido ! ... Tentative au redmarrage... L:\Autorun.inf
(!) Archivos temporales suprimido. (13.602445602417 MB)
[b]################## | Registro |[/b]
[b]################## | Regedit Run |[/b]

F2 - HKLM\..\Winlogon : [Shell] Explorer.exe


F2 - HKLM\..\Winlogon : [Userinit] C:\WINDOWS\system32\userinit.exe,
04 - HKCU\..\Run : [Copy] "C:\Documents and Settings\ZR\Datos de programa\Copy\C
opyAgent.exe"
04 - HKCU\..\Run : [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
04 - HKLM\..\Run : [RTHDCPL] RTHDCPL.EXE
04 - HKLM\..\Run : [StartCCC] "C:\Archivos de programa\ATI Technologies\ATI.ACE\
Core-Static\CLIStart.exe" MSRun
04 - HKLM\..\Run : [Adobe ARM] "C:\Archivos de programa\Archivos comunes\Adobe\A
RM\1.0\AdobeARM.exe"
04 - HKLM\..\Run : [AvastUI.exe] "C:\Archivos de programa\AVAST Software\Avast\A
vastUI.exe" /nogui
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Archivos de programa\Archivos comune
s\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [KiesTrayAgent] C:\Archivos de programa\Samsung\Kies\KiesTray
Agent.exe
04 - HKU\S-1-5-21-1078081533-688789844-839522115-1003\..\Run : [Copy] "C:\Docume
nts and Settings\ZR\Datos de programa\Copy\CopyAgent.exe"
04 - HKU\S-1-5-21-1078081533-688789844-839522115-1003\..\Run : [ctfmon.exe] C:\W
INDOWS\system32\ctfmon.exe
04 - HKU\S-1-5-18\..\Run : [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
[b]################## | UsbFix - Informacin |[/b]
Info : [url=https://www.youtube.com/watch?v=vUZYYASd7FE]Cmo eliminar el virus de a
cceso directo en el disco flash ? (Video)[/url]
Info : [url=http://www.en.usbfix.net/2014/03/remove-shortcut-virus-usb/]Virus de
acceso directo en el disco flash, Qu es?[/url]
[b]################## | Hijack |[/b]
Restorado! [H] L:\AUTORUN.INF
[b]################## | C:\ %SystemDrive% - Disco fijo (NTFS) |[/b]
[09/10/2014 - 12:48:28 | A | 917 Ko] - C:\imprimir.zip
[08/06/2014 - 20:30:30 | A | 16 Ko] - C:\AT-Destroyer.txt
[08/06/2014 - 22:03:21 | A | 22 Ko] - C:\ComboFix.txt
[08/10/2013 - 12:49:53 | RASH | 0 Ko] - C:\IO.SYS
[08/10/2013 - 12:49:53 | RASH | 0 Ko] - C:\MSDOS.SYS
[08/10/2013 - 12:49:53 | A | 0 Ko] - C:\CONFIG.SYS
[02/11/2014 - 21:33:47 | ASH | 2095104 Ko] - C:\pagefile.sys
[14/08/2014 - 22:09:28 | A | 28382 Ko] - C:\Image.sub
[08/10/2013 - 12:45:40 | SH | 0 Ko] - [[url=https://www.virustotal.com/file/69c6
eaa43ec6b89a61e0c6294be8ea88447efa011b3d266de9213e45336d6118/analysis/1414651236
/]VirusTotal[/url] - (0/54)] - C:\boot.ini
[14/08/2014 - 22:09:28 | A | 695354 Ko] - C:\Image.img
[15/06/2014 - 16:43:31 | A | 2 Ko] - C:\WILSON LOPEZ-965-916061.CUE
[03/08/2004 - 22:38:34 | N | 46 Ko] - [[url=https://www.virustotal.com/file/8f71
86a71684dd114e89cc908ed9400192bc3a47fb288cce4c5c27d0f5d3afa4/analysis/1414913095
/]VirusTotal[/url] - (0/53)] - C:\NTDETECT.COM
[15/06/2014 - 16:43:31 | A | 1 Ko] - C:\WILSON LOPEZ-965-916061.CDT
[14/08/2014 - 22:09:22 | A | 8 Ko] - C:\Image.ccd
[24/08/2001 - 05:00:00 | N | 5 Ko] - C:\Bootfont.bin
[15/06/2014 - 16:43:30 | A | 769210 Ko] - C:\WILSON LOPEZ-965-916061.BIN
[08/08/2014 - 22:59:28 | A | 695354 Ko] - C:\Image.bin
[08/10/2013 - 12:49:53 | A | 0 Ko] - C:\AUTOEXEC.BAT
[08/10/2013 - 12:52:31 | SHD] - C:\System Volume Information
[08/10/2013 - 13:01:37 | D] - C:\Documents and Settings
[08/10/2013 - 13:45:11 | A | 1 Ko] - C:\AT-Cuarentena

[08/10/2013
[08/10/2013
[31/03/2014
[31/03/2014
[03/04/2014
[08/06/2014
[08/06/2014
[11/06/2014
[21/06/2014
[22/06/2014
[09/10/2014
[25/10/2014
[01/11/2014
[01/11/2014
[02/11/2014
[02/11/2014

14:23:16
15:51:23
14:19:59
20:43:08
23:06:53
20:27:53
22:03:24
23:59:16
18:13:50
12:54:04
12:48:56
22:55:58
17:40:35
17:40:50
21:35:23
21:50:41

|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|

RD] - C:\MSOCache
D] - C:\AMD
D] - C:\Program Files
D] - C:\DCIM
RD] - C:\Copy
D] - C:\_AT-Destroyer
D] - C:\Qoobox
SHD] - C:\RECYCLER
RASH | 245 Ko] - C:\ntldr
D] - C:\f88cfa2d0805123313
D] - C:\imprimir
D] - C:\AdwCleaner
D] - C:\UpdateChromeLinksLogs
D] - C:\Archivos de programa
D] - C:\WINDOWS
D] - C:\UsbFix

[b]################## | E:\ - Disco fijo (NTFS) |[/b]


[03/10/2013
2.zip
[07/10/2013
[15/11/2009
[30/10/2010
[02/12/2010
[24/12/2010
[06/08/2011
[09/05/2012
[10/05/2012
[30/12/2012
[17/02/2013
[17/02/2013
[24/05/2013
[15/07/2013
[08/08/2013
[19/08/2013
[08/10/2013
[24/11/2013

- 19:42:37 | A | 21698 Ko] - E:\DriverMaxBackup - 2013.10.03.19.41.1


-

21:13:00
13:43:36
12:41:00
11:03:52
11:39:16
02:04:41
22:25:04
00:36:33
16:28:36
10:28:11
10:35:48
00:48:36
09:01:36
15:24:23
15:01:36
14:18:13
13:49:54

|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|

A | 18 Ko] - E:\install.txt
D] - E:\Kairos (medicina)
D] - E:\Alcira
SHD] - E:\System Volume Information
D] - E:\ring
D] - E:\HZP
D] - E:\Autopista al Cielo
D] - E:\Consolidado de Backups
D] - E:\CRZR
D] - E:\Software
D] - E:\radio san borja
D] - E:\Grabaciones
D] - E:\Marcos_
D] - E:\Marcos
D] - E:\Downloads
SHD] - E:\RECYCLER
D] - E:\Carlos

[b]################## | F:\ - Disco fijo (NTFS) |[/b]


[16/10/2012 - 08:41:36 | N | 56782 Ko] - F:\USB ale 7-10-12.rar
[28/12/2011 - 20:17:39 | N | 4 Ko] - F:\Image.mds
[28/12/2011 - 20:17:39 | N | 2539264 Ko] - F:\Image.iso
[14/12/2012 - 12:59:26 | N | 164828 Ko] - F:\ATUX1200.ISO
[15/11/2011 - 14:58:48 | N | 1550 Ko] - [[url=https://www.virustotal.com/file/d1
6f1f4be908a4ee0f3ad693906a6f631fac33056482bcae9d6564a797677b00/analysis/14146260
25/]VirusTotal[/url] - (0/54)] - F:\SetupVirtualCloneDrive5450.exe
[02/12/2010 - 11:03:54 | SHD] - F:\System Volume Information
[03/07/2011 - 09:52:14 | D] - F:\MUSICA DE PELICULAS
[05/08/2011 - 22:26:18 | D] - F:\memoria 1
[12/02/2012 - 20:32:45 | D] - F:\HZP
[13/05/2012 - 10:22:39 | D] - F:\Animes
[16/05/2012 - 23:21:19 | D] - F:\ultimos tarjetas
[15/07/2012 - 10:52:28 | D] - F:\Temp
[30/09/2012 - 14:44:52 | D] - F:\mame
[16/10/2012 - 08:40:44 | D] - F:\USB ale 7-10-12
[06/01/2013 - 12:37:37 | D] - F:\Downloads
[18/04/2013 - 12:11:02 | D] - F:\psp jack
[08/10/2013 - 14:18:13 | SHD] - F:\RECYCLER

[b]################## | G:\ - Disco fijo (NTFS) |[/b]


[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[27/08/2013
[16/07/2010
[07/05/2011
[11/02/2012
[16/09/2012
[12/11/2012
[02/12/2010
[21/06/2011
[20/11/2012
[07/10/2013
[08/10/2013
[17/03/2014

16:30:51
16:30:51
16:30:51
16:30:51
16:31:18
16:31:26
16:31:37
16:31:43
16:31:46
16:32:16
16:32:19
16:32:31
16:32:33
16:32:41
16:32:41
21:53:07
14:05:38
11:44:10
14:19:57
09:01:34
11:03:55
23:31:46
16:25:03
22:26:05
14:18:13
19:16:32

|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|

N | 17255 Ko] - G:\VR0006.WAV


N | 77 Ko] - G:\VR0007.WAV
N | 94 Ko] - G:\VR0008.WAV
N | 169 Ko] - G:\VR0009.WAV
N | 174554 Ko] - G:\VR0010.WAV
N | 56318 Ko] - G:\VR0011.WAV
N | 67873 Ko] - G:\VR0012.WAV
N | 42083 Ko] - G:\VR0013.WAV
N | 17677 Ko] - G:\VR0014.WAV
N | 186675 Ko] - G:\VR0015.WAV
N | 23133 Ko] - G:\VR0001.WAV
N | 72910 Ko] - G:\VR0002.WAV
N | 14068 Ko] - G:\VR0003.WAV
N | 49649 Ko] - G:\VR0004.WAV
N | 5673 Ko] - G:\VR0005.WAV
N | 680532 Ko] - G:\wifiway-1-final.iso
N | 510198 Ko] - G:\wifiway-2.0.2.iso
N | 503538 Ko] - G:\wifiway-2.0.3-finall.iso
N | 502156 Ko] - G:\wifiway-3.4.iso
N | 518144 Ko] - G:\ophcrack-vista-livecd-3.4.0.iso
SHD] - G:\System Volume Information
D] - G:\autocad
D] - G:\DETECTADOS
D] - G:\JDownloader
SHD] - G:\RECYCLER
RD] - G:\Fotos y Videos ZR

[b]################## | L:\ - Disco extrable (FAT32) |[/b]


[04/09/2014 - 00:01:18 | A | 77890 Ko] - L:\Google.Sketchup.Pro.v8.0.3117.Incl.K
eygen-MESMERiZE (1).rar
[14/11/2013 - 18:19:34 | N | 4362 Ko] - L:\Top Gear.pkg
[30/10/2014 - 09:35:08 | A | 33 Ko] - L:\art03.pdf
[20/04/2013 - 15:53:54 | H | 0 Ko] - L:\AUTORUN.INF
[02/11/2014 - 09:59:06 | A | 16690 Ko] - [[url=https://www.virustotal.com/file/1
151279303fd6c6259206e072dfea9f553735a151122997b5a0d7289d6f1dd25/analysis/1414974
179/]VirusTotal[/url] - (2/53)] - L:\aTube_Catcher_7986.exe
[04/09/2014 - 10:58:06 | A | 186 Ko] - L:\ergo.docx
[26/09/2014 - 18:01:10 | A | 6022 Ko] - L:\aaa_marcos - angel INFORME OPU 4.docx
[11/10/2014 - 18:18:44 | A | 84 Ko] - L:\carrito final.docx
[30/10/2014 - 08:47:12 | A | 508 Ko] - L:\carrito sanguchero.docx
[17/10/2014 - 15:08:24 | A | 33028 Ko] - L:\Asu Mare! 1.0.5 [Sector-apk.blogspot
.com].apk.apk
[14/04/2013 - 23:42:06 | D] - L:\antivirus usb
[25/05/2013 - 07:43:22 | D] - L:\Nueva carpetaaa
[14/02/2014 - 20:24:38 | D] - L:\chamba-marcos
[27/02/2014 - 16:26:26 | D] - L:\Nueva carpeta (3)
[05/08/2014 - 23:16:20 | D] - L:\VIDEOS
[30/09/2014 - 18:02:48 | D] - L:\OT
[04/10/2014 - 13:48:52 | D] - L:\a-Economia
[22/10/2014 - 18:07:40 | D] - L:\Nueva carpeta
[02/11/2014 - 17:53:06 | D] - L:\videos OPU
[b]################## | Vaccin |[/b]
C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
E:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

F:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)


G:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
L:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
[b]################## | E.O.F | [url=http://www.sosvirus.net/]http://www.sosviru
s.net/[/url] | [url=http://www.es.usbfix.net/]http://www.es.usbfix.net/[/url] |[
/b]