############################## | UsbFix V 7.102 | [Deletion] User: SpectrumBX (Administrator) # LABST08 Updated 20/12/2012 by El Desaparecido Started at 07:38:18 | 10/01/2013 Website: http://sosvirus.org Contact: contact@eldesaparecido.com PC: Dell Inc. (OptiPlex 745 ) (X86-based PC CPU: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz (1862) CPU: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz (1862) RAM -> [Total : 1014 | Free : 615] BIOS: Phoenix ROM BIOS PLUS Version 1.10 2.3.1 BOOT: Normal boot OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 2 WB: Windows Internet Explorer 6.0.2900.2180 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 149 Gb (142 Mb free - 96%) [] # NTFS D:\ -> CD-ROM E:\ -> Removable drive # 4 Gb (4 Mb free - 100%) [] # FAT32 ################## | Active Processes | C:\WINDOWS\System32\smss.exe (604) C:\WINDOWS\system32\winlogon.exe (688) C:\WINDOWS\system32\services.exe (732) C:\WINDOWS\system32\lsass.exe (744) C:\WINDOWS\system32\svchost.exe (936) C:\WINDOWS\System32\svchost.exe (1100) C:\WINDOWS\system32\spoolsv.exe (1480) C:\WINDOWS\Explorer.EXE (1740) C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe (1916) C:\Program Files\ESET\ESET Endpoint Antivirus\ekrn.exe (1952) C:\WINDOWS\system32\hkcmd.exe (1440) C:\WINDOWS\system32\igfxpers.exe (1392) C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (1676) C:\Program Files\Analog Devices\Core\smax4pnp.exe (1636) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (1368) C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (1832) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (1564) C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (736) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe (1384) C:\Program Files\DellSupport\DSAgnt.exe (2072) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (2280) C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (2328) C:\UsbFix\Go.exe (3044) ################## | Stopped processes | Stopped! C:\WINDOWS\system32\spoolsv.exe (1480) Stopped! C:\WINDOWS\Explorer.EXE (1740) Stopped! C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe (1916) Stopped! C:\Program Files\ESET\ESET Endpoint Antivirus\ekrn.exe (1952) Stopped! C:\WINDOWS\system32\hkcmd.exe (1440) Stopped! C:\WINDOWS\system32\igfxpers.exe (1392) Stopped! C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe (1676) Stopped! C:\Program Files\Analog Devices\Core\smax4pnp.exe (1636) Stopped! C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (1368) Stopped! C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe (1832) Stopped! C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (1564) Stopped! C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (736) Stopped! C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe (1384) Stopped! C:\Program Files\DellSupport\DSAgnt.exe (2072) Stopped! C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (2280) Stopped! C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (2328) ################## | Files # Infected Folders | Deleted ! C:\Recycler\S-1-5-21-4259840308-3237907839-3610181021-1005 Deleted ! C:\Recycler\S-1-5-21-4259840308-3237907839-3610181021-500 Deleted ! C:\autorun.PNF (!) Temporary files deleted. ################## | Registry | ################## | Mountpoints2 | Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{7d8c35f1-2345-11de-8727-001aa0d252fa} Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{c0822392-fedf-11e0-874a-001aa0d252fa} ################## | Listing | [11/08/2004 - 16:15:00 | N | 0] C:\autoexec.001 [19/12/2007 - 13:11:24 | N | 68] C:\AUTOEXEC.BAT [04/01/2013 - 09:12:43 | D ] C:\bd_logs [19/12/2007 - 12:24:52 | N | 211] C:\boot.ini [12/10/2012 - 11:43:12 | D ] C:\ChromQuest [11/08/2004 - 16:15:00 | N | 0] C:\config.001 [10/01/2013 - 07:22:42 | D ] C:\Config.Msi [19/12/2007 - 13:11:24 | N | 36] C:\CONFIG.SYS [23/01/2008 - 11:34:06 | D ] C:\dell [13/10/2007 - 17:33:04 | N | 5823] C:\dell.sdr [19/12/2007 - 12:25:05 | D ] C:\Documents and Settings [28/08/2006 - 01:28:56 | D ] C:\drivers [10/01/2013 - 07:24:44 | ASH | 1062846464] C:\hiberfil.sys [28/08/2006 - 07:27:46 | D ] C:\i386 [19/12/2007 - 12:50:44 | N | 4128] C:\INFCACHE.1 [11/08/2004 - 16:15:00 | N | 0] C:\IO.SYS [11/08/2004 - 16:15:00 | N | 0] C:\MSDOS.SYS [04/08/2004 - 04:00:00 | N | 47564] C:\NTDETECT.COM [04/08/2004 - 04:00:00 | N | 250032] C:\ntldr [10/01/2013 - 07:24:43 | ASH | 1598029824] C:\pagefile.sys [20/12/2012 - 11:45:28 | N | 13030] C:\PDOXUSRS.NET [19/12/2007 - 13:11:08 | D ] C:\pel_apps [11/09/2008 - 10:47:04 | D ] C:\pel_data [10/01/2013 - 07:21:50 | D ] C:\Program Files [19/12/2007 - 13:11:26 | D ] C:\quant [21/05/2008 - 12:39:26 | D ] C:\radwag [10/01/2013 - 07:38:50 | SHD ] C:\RECYCLER [19/12/2007 - 12:24:55 | SHD ] C:\System Volume Information [10/01/2013 - 07:38:50 | D ] C:\UsbFix [10/01/2013 - 07:38:50 | A | 3473] C:\UsbFix.txt [10/01/2013 - 07:25:06 | D ] C:\WINDOWS [10/01/2013 - 08:32:02 | N | 237] E:\reg.txt [10/01/2013 - 08:33:02 | N | 965841] E:\UsbFix.exe ################## | Vaccin | C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | Upload | Please send the file: C:\UsbFix_Upload_Me_LABST08.zip http://eldesaparecido.com/upload.php Thank you for your contribution. ################## | E.O.F |