############################## | UsbFix V 7.162 | [Research] User: RADHIA (Administrator) # Updated 27/01/2014 by El Desaparecido - Team SosVirus Started at 20:14:04 | 29/01/2014 Website : http://www.en.usbfix.net Changelog : http://www.usbfix.net/maj/ Support : http://www.sosvirus.net/ Upload Malware : http://www.sosvirus.net/upload_malware.php Contact : http://www.en.usbfix.net/contact/ PC: Hewlett-Packard (30C0) CPU: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz RAM -> [Total : 1015 Mo| Free : 406 Mo] Bios: Hewlett-Packard Boot: Normal boot OS: Microsoft Windows 8 Professionnel (6.1.7600 32-Bit) WB: Windows Internet Explorer : 10.0.9200.16750 WB: Google Chrome : 32.0.1700.76 SC: Security Center [Enabled] WU: Windows Update [Enabled] AV: Windows Defender [(!) Disabled | Updated] AV: Bitdefender Antivirus [(!) Disabled | Updated] AS: Windows Defender [(!) Disabled | Updated] AS: Bitdefender Antispyware [(!) Disabled | Updated] FW: Bitdefender Pare-feu [Enabled] FW: Windows FireWall [(!) Disabled] C:\ (%systemdrive%) -> Fixed drive # 66 Gb (11 Mb free - 17%) [WINDOWS 8] # NTFS D:\ -> Fixed drive # 466 Gb (230 Mb free - 49%) [PS3 TOSHIBA] # FAT32 E:\ -> Fixed drive # 36 Gb (33 Mb free - 91%) [] # NTFS F:\ -> CD-ROM J:\ -> Fixed drive # 466 Gb (6 Mb free - 1%) [WESTERN.DIGITAL] # NTFS ################## | Active Processes | C:\Windows\system32\csrss.exe (ID: 532 |ParentID: 524) C:\Windows\system32\csrss.exe (ID: 600 |ParentID: 592) C:\Windows\system32\wininit.exe (ID: 608 |ParentID: 524) C:\Windows\system32\winlogon.exe (ID: 664 |ParentID: 592) C:\Windows\system32\services.exe (ID: 688 |ParentID: 608) C:\Windows\system32\lsass.exe (ID: 696 |ParentID: 608) C:\Windows\system32\svchost.exe (ID: 804 |ParentID: 688) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe (ID: 836 |ParentID: 688) C:\Windows\system32\svchost.exe (ID: 1072 |ParentID: 688) C:\Windows\System32\svchost.exe (ID: 1192 |ParentID: 688) C:\Windows\system32\dwm.exe (ID: 1212 |ParentID: 664) C:\Windows\system32\svchost.exe (ID: 1252 |ParentID: 688) C:\Windows\system32\svchost.exe (ID: 1384 |ParentID: 688) C:\Windows\System32\svchost.exe (ID: 1464 |ParentID: 688) C:\Windows\system32\svchost.exe (ID: 1636 |ParentID: 688) C:\Windows\System32\spoolsv.exe (ID: 1852 |ParentID: 688) C:\Windows\system32\svchost.exe (ID: 1880 |ParentID: 688) C:\Windows\system32\AEADISRV.EXE (ID: 2036 |ParentID: 688) C:\Program Files\LSI SoftModem\agrsmsvc.exe (ID: 308 |ParentID: 688) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ID: 496 |ParentID: 688) C:\Program Files\Bonjour\mDNSResponder.exe (ID: 700 |ParentID: 688) C:\Windows\system32\dashost.exe (ID: 1480 |ParentID: 1464) C:\Program Files\ma-config.com\MaConfigAgent.exe (ID: 1248 |ParentID: 688) C:\Windows\system32\svchost.exe (ID: 2124 |ParentID: 688) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe (ID: 2184 |ParentID: 688) C:\Windows\system32\svchost.exe (ID: 2940 |ParentID: 688) C:\Windows\system32\svchost.exe (ID: 3448 |ParentID: 688) C:\Windows\system32\taskhostex.exe (ID: 2936 |ParentID: 688) C:\Windows\system32\taskhost.exe (ID: 1764 |ParentID: 688) C:\Windows\Explorer.EXE (ID: 3872 |ParentID: 3700) C:\Windows\System32\svchost.exe (ID: 3916 |ParentID: 688) C:\Windows\system32\SearchIndexer.exe (ID: 3364 |ParentID: 688) C:\Windows\system32\DllHost.exe (ID: 4300 |ParentID: 804) C:\Program Files\Hercules\Dualpix HD\XtrCtrlEx.exe (ID: 4876 |ParentID: 3872) C:\Program Files\Glary Utilities 4\Integrator.exe (ID: 5384 |ParentID: 3888) C:\Program Files\Common Files\Java\Java Update\jusched.exe (ID: 6076 |ParentID: 3872) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe (ID: 4220 |ParentID: 3872) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (ID: 4408 |ParentID: 3872) C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe (ID: 4664 |ParentID: 3872) C:\Windows\system32\taskeng.exe (ID: 5308 |ParentID: 1252) C:\Program Files\Windows Media Player\wmpnetwk.exe (ID: 3948 |ParentID: 688) C:\Program Files\Bitdefender\Bitdefender\seccenter.exe (ID: 4008 |ParentID: 4220) C:\Windows\system32\SearchProtocolHost.exe (ID: 684 |ParentID: 3364) C:\Windows\system32\SearchFilterHost.exe (ID: 3808 |ParentID: 3364) C:\Windows\System32\WUDFHost.exe (ID: 2928 |ParentID: 1464) C:\Windows\system32\wbem\wmiprvse.exe (ID: 4960 |ParentID: 804) ################## | Regedit Run | 04 - HKCU\..\Run : [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe 04 - HKCU\..\Run : [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload 04 - HKCU\..\Run : [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" 04 - HKCU\..\Run : [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard 04 - HKCU\..\Run : [Bitdefender Agent de l'application Wallet] "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe" 04 - HKLM\..\Run : [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe 04 - HKLM\..\Run : [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start 04 - HKLM\..\Run : [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe 04 - HKLM\..\Run : [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe 04 - HKLM\..\Run : [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" 04 - HKLM\..\Run : [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" 04 - HKLM\..\Run : [CamserviceHD] C:\Program Files\Hercules\Dualpix HD\XtrCtrlEx.exe /startup 04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" 04 - HKLM\..\Run : [Bdagent] "C:\Program Files\Bitdefender\Bitdefender\bdagent.exe" 04 - HKLM\..\RunOnce : [] 04 - HKU\S-1-5-21-3359259920-559966978-3810291053-1001\..\Run : [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe 04 - HKU\S-1-5-21-3359259920-559966978-3810291053-1001\..\Run : [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload 04 - HKU\S-1-5-21-3359259920-559966978-3810291053-1001\..\Run : [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" 04 - HKU\S-1-5-21-3359259920-559966978-3810291053-1001\..\Run : [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard 04 - HKU\S-1-5-21-3359259920-559966978-3810291053-1001\..\Run : [Bitdefender Agent de l'application Wallet] "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe" 04 - HKU\S-1-5-18\..\Run : [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" 04 - HKU\S-1-5-18\..\Run : [Bitdefender Wallet] "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard 04 - HKU\S-1-5-18\..\Run : [Bitdefender Agent de l'application Wallet] "C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe" ################## | Generic Research | ################## | Registry | ################## | Vaccin | D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) J:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido) ################## | E.O.F | http://www.usbfix.net - http://www.sosvirus.net |