############################## | UsbFix V 7.111 | [Research] User: Marek (Administrator) # MAREK-KOMPUTER Updated 26/02/2013 by El Desaparecido Started at 02:15:31 | 27/02/2013 Website: http://sosvirus.org/index.php Contact: contact@sosvirus.org PC: System manufacturer (System Product Name) (x64-based PC) CPU: AMD FX(tm)-6100 Six-Core Processor (3300) RAM -> [Total : 7918 | Free : 6173] BIOS: BIOS Date: 11/30/11 15:28:23 Ver: 08.01 BOOT: Normal boot OS: Microsoft Windows 7 Professional (6.1.7600 64-Bit) # WB: Windows Internet Explorer 8.0.7600.16385 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: ESET NOD32 Antivirus 6.0 [Enabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 149 Gb (90 Mb free - 60%) [] # NTFS D:\ -> CD-ROM F:\ -> Fixed drive # 452 Gb (408 Mb free - 90%) [LaCie] # NTFS G:\ -> Fixed drive # 14 Gb (10 Mb free - 74%) [LACIE SHARE] # FAT32 ################## | Active Processes | C:\Windows\system32\csrss.exe (448) C:\Windows\system32\wininit.exe (512) C:\Windows\system32\csrss.exe (536) C:\Windows\system32\services.exe (572) C:\Windows\system32\lsass.exe (596) C:\Windows\system32\lsm.exe (604) C:\Windows\system32\winlogon.exe (660) C:\Windows\system32\svchost.exe (748) C:\Windows\system32\svchost.exe (824) C:\Windows\system32\atiesrxx.exe (912) C:\Windows\System32\svchost.exe (948) C:\Windows\System32\svchost.exe (984) C:\Windows\system32\svchost.exe (1012) C:\Windows\system32\svchost.exe (524) C:\Windows\system32\svchost.exe (1108) C:\Windows\system32\atieclxx.exe (1320) C:\Windows\System32\spoolsv.exe (1348) C:\Windows\system32\svchost.exe (1416) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (1536) C:\Program Files\LaCie\Desktop Manager\lacie_dm_service.exe (1604) C:\Windows\system32\svchost.exe (1664) C:\Windows\system32\svchost.exe (1688) C:\Windows\system32\taskhost.exe (1240) C:\Windows\system32\sppsvc.exe (2432) C:\Windows\system32\Dwm.exe (2728) C:\Windows\Explorer.EXE (2752) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (2880) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (2908) C:\Program Files\LaCie\Desktop Manager\LaCieDesktopManagerStatusItem.exe (2928) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (3028) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (2656) C:\Windows\system32\SearchIndexer.exe (2840) C:\Program Files\Windows Media Player\wmpnetwk.exe (2972) C:\Windows\System32\svchost.exe (3276) C:\Windows\System32\svchost.exe (2796) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (3016) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (1612) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (2680) C:\Users\Marek\Desktop\OTL.exe (2560) C:\Windows\system32\wbem\wmiprvse.exe (140) C:\Windows\system32\taskhost.exe (3096) C:\Windows\system32\SearchProtocolHost.exe (712) C:\Windows\system32\SearchFilterHost.exe (2688) C:\UsbFix\Go.exe (3308) C:\Windows\system32\wbem\wmiprvse.exe (1568) ################## | Files # Infected Folders | Found ! F:\._autorun.inf Found ! F:\autorun.inf Found ! F:\RECYCLER\0xA25D5DBD.exe Found ! G:\._autorun.inf Found ! G:\autorun.inf ################## | Registry | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{bddec3e7-46e5-11e2-a3a3-806e6f6e6963} Shell\AutoRun\Command = D:\Bin\ASSETUP.exe ################## | Vaccin | (!) This computer is not vaccinated! ################## | E.O.F | http://sosvirus.org |