UsbFix [Scan 3] HALFAYA

  • ·
  • 2,833
  • ·
  • 40
Hey, not a member of Up2Share yet? Sign up, it unlocks many cool features! 
############################## | UsbFix V 7.162 | [Research]

User: RADHIA (Administrator) # 
Updated 27/01/2014 by El Desaparecido - Team SosVirus
Started at 20:14:04 | 29/01/2014

Website : http://www.en.usbfix.net
Changelog : http://www.usbfix.net/maj/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/

PC: Hewlett-Packard (30C0)
CPU: Intel(R) Core(TM)2 Duo CPU     T7500  @ 2.20GHz
RAM -> [Total : 1015 Mo| Free : 406 Mo]
Bios: Hewlett-Packard
Boot: Normal boot

OS: Microsoft Windows 8 Professionnel (6.1.7600 32-Bit) 
WB: Windows Internet Explorer : 10.0.9200.16750
WB: Google Chrome : 32.0.1700.76

SC: Security Center [Enabled]
WU: Windows Update [Enabled]
AV: Windows Defender [(!) Disabled | Updated]
AV: Bitdefender Antivirus [(!) Disabled | Updated]
AS: Windows Defender [(!) Disabled | Updated]
AS: Bitdefender Antispyware [(!) Disabled | Updated]
FW: Bitdefender Pare-feu [Enabled]
FW: Windows FireWall [(!) Disabled]

C:\ (%systemdrive%) -> Fixed drive # 66 Gb (11 Mb free - 17%) [WINDOWS 8] # NTFS
D:\ -> Fixed drive # 466 Gb (230 Mb free - 49%) [PS3 TOSHIBA] # FAT32
E:\ -> Fixed drive # 36 Gb (33 Mb free - 91%) [] # NTFS
F:\ -> CD-ROM
J:\ -> Fixed drive # 466 Gb (6 Mb free - 1%) [WESTERN.DIGITAL] # NTFS

################## | Active Processes |

C:\Windows\system32\csrss.exe (ID: 532 |ParentID: 524)
C:\Windows\system32\csrss.exe (ID: 600 |ParentID: 592)
C:\Windows\system32\wininit.exe (ID: 608 |ParentID: 524)
C:\Windows\system32\winlogon.exe (ID: 664 |ParentID: 592)
C:\Windows\system32\services.exe (ID: 688 |ParentID: 608)
C:\Windows\system32\lsass.exe (ID: 696 |ParentID: 608)
C:\Windows\system32\svchost.exe (ID: 804 |ParentID: 688)
C:\Program Files\Bitdefender\Bitdefender\vsserv.exe (ID: 836 |ParentID: 688)
C:\Windows\system32\svchost.exe (ID: 1072 |ParentID: 688)
C:\Windows\System32\svchost.exe (ID: 1192 |ParentID: 688)
C:\Windows\system32\dwm.exe (ID: 1212 |ParentID: 664)
C:\Windows\system32\svchost.exe (ID: 1252 |ParentID: 688)
C:\Windows\system32\svchost.exe (ID: 1384 |ParentID: 688)
C:\Windows\System32\svchost.exe (ID: 1464 |ParentID: 688)
C:\Windows\system32\svchost.exe (ID: 1636 |ParentID: 688)
C:\Windows\System32\spoolsv.exe (ID: 1852 |ParentID: 688)
C:\Windows\system32\svchost.exe (ID: 1880 |ParentID: 688)
C:\Windows\system32\AEADISRV.EXE (ID: 2036 |ParentID: 688)
C:\Program Files\LSI SoftModem\agrsmsvc.exe (ID: 308 |ParentID: 688)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 496 |ParentID: 688)
C:\Program Files\Bonjour\mDNSResponder.exe (ID: 700 |ParentID: 688)
C:\Windows\system32\dashost.exe (ID: 1480 |ParentID: 1464)
C:\Program Files\ma-config.com\MaConfigAgent.exe (ID: 1248 |ParentID: 688)
C:\Windows\system32\svchost.exe (ID: 2124 |ParentID: 688)
C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe (ID: 2184 |ParentID: 688)
C:\Windows\system32\svchost.exe (ID: 2940 |ParentID: 688)
C:\Windows\system32\svchost.exe (ID: 3448 |ParentID: 688)
C:\Windows\system32\taskhostex.exe (ID: 2936 |ParentID: 688)
C:\Windows\system32\taskhost.exe (ID: 1764 |ParentID: 688)
C:\Windows\Explorer.EXE (ID: 3872 |ParentID: 3700)
C:\Windows\System32\svchost.exe (ID: 3916 |ParentID: 688)
C:\Windows\system32\SearchIndexer.exe (ID: 3364 |ParentID: 688)
C:\Windows\system32\DllHost.exe (ID: 4300 |ParentID: 804)
C:\Program Files\Hercules\Dualpix HD\XtrCtrlEx.exe (ID: 4876 |ParentID: 3872)
C:\Program Files\Glary Utilities 4\Integrator.exe (ID: 5384 |ParentID: 3888)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 6076 |ParentID: 3872)
C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (ID: 4220 |ParentID: 3872)
C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (ID: 4408 |ParentID: 3872)
C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe (ID: 4664 |ParentID: 3872)
C:\Windows\system32\taskeng.exe (ID: 5308 |ParentID: 1252)
C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3948 |ParentID: 688)
C:\Program Files\Bitdefender\Bitdefender\seccenter.exe (ID: 4008 |ParentID: 4220)
C:\Windows\system32\SearchProtocolHost.exe (ID: 684 |ParentID: 3364)
C:\Windows\system32\SearchFilterHost.exe (ID: 3808 |ParentID: 3364)
C:\Windows\System32\WUDFHost.exe (ID: 2928 |ParentID: 1464)
C:\Windows\system32\wbem\wmiprvse.exe (ID: 4960 |ParentID: 804)

################## | Regedit Run |

04 - HKCU\..\Run : [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
04 - HKCU\..\Run : [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
04 - HKCU\..\Run : [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
04 - HKCU\..\Run : [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
04 - HKCU\..\Run : [Bitdefender Agent de l'application Wallet] "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"
04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
04 - HKLM\..\Run : [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
04 - HKLM\..\Run : [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
04 - HKLM\..\Run : [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
04 - HKLM\..\Run : [CamserviceHD] C:\Program Files\Hercules\Dualpix HD\XtrCtrlEx.exe /startup
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
04 - HKLM\..\RunOnce : [] 
04 - HKU\S-1-5-21-3359259920-559966978-3810291053-1001\..\Run : [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
04 - HKU\S-1-5-21-3359259920-559966978-3810291053-1001\..\Run : [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
04 - HKU\S-1-5-21-3359259920-559966978-3810291053-1001\..\Run : [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
04 - HKU\S-1-5-21-3359259920-559966978-3810291053-1001\..\Run : [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
04 - HKU\S-1-5-21-3359259920-559966978-3810291053-1001\..\Run : [Bitdefender Agent de l'application Wallet] "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"
04 - HKU\S-1-5-18\..\Run : [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
04 - HKU\S-1-5-18\..\Run : [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
04 - HKU\S-1-5-18\..\Run : [Bitdefender Agent de l'application Wallet] "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"

################## | Generic Research |


################## | Registry |


################## | Vaccin |

D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |
Size 7.2 KiB
Extension txt
More
0 Comments