u############################## | UsbFix V 7.087 | [Research]

User: Acer3000 (Administrator) # XXX-BDAFF4C6ACA
Updated 05/04/2012 by El Desaparecido
Started at 15:44:08 | 10/04/2012

Website: http://eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.html
Contact: contact@eldesaparecido.com

PC: Acer, inc. (Aspire 3000     ) (X86-based PC) # Desktop Computer
CPU: Mobile AMD Sempron(tm) Processor 3000+ (1800)
RAM -> [ Total : 190 | Free : 21 ]
BIOS: Phoenix NoteBIOS 4.0 Release 6.0     
BOOT: Normal boot

OS: Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Dodatek Service Pack 3
WB: Windows Internet Explorer 8.0.6001.18702

SC: Security Center Service [ Enabled ]
WU: Windows Update Service [ Enabled ]
FW: Windows FireWall Service [ Enabled ]

C:\ (%systemdrive%) -> Fixed drive # 30 Gb (23 Mb free - 77%) [] # NTFS
D:\ -> Fixed drive # 7 Gb (5 Mb free - 75%) [] # NTFS
E:\ -> CD-ROM
G:\ -> Removable drive # 4 Gb (3 Mb free - 83%) [DISC] # FAT32
H:\ -> Removable drive # 7 Gb (3 Mb free - 44%) [SANDISK] # FAT32
I:\ -> Removable drive # 949 Mb (948 Mb free - 100%) [URBANWAVE] # FAT

################## | Active Processes |

C:\WINDOWS\System32\smss.exe (636)
C:\WINDOWS\system32\winlogon.exe (712)
C:\WINDOWS\system32\services.exe (756)
C:\WINDOWS\system32\lsass.exe (768)
C:\WINDOWS\system32\svchost.exe (924)
C:\WINDOWS\System32\svchost.exe (1176)
C:\WINDOWS\Explorer.EXE (1540)
C:\WINDOWS\system32\spoolsv.exe (1676)
C:\WINDOWS\SOUNDMAN.EXE (1928)
C:\WINDOWS\AGRSMMSG.exe (1936)
C:\WINDOWS\system32\Rundll32.exe (1944)
C:\WINDOWS\system32\keyhook.exe (1956)
C:\Program Files\ESET\ESET Smart Security\egui.exe (1964)
C:\WINDOWS\system32\ctfmon.exe (1972)
C:\WINDOWS\system32\sistray.exe (2012)
C:\Program Files\ESET\ESET Smart Security\ekrn.exe (212)
C:\Program Files\Mozilla Firefox\firefox.exe (2224)
C:\WINDOWS\system32\wscntfy.exe (3116)
C:\Program Files\Windows Live\Messenger\msnmsgr.exe (3356)
C:\Program Files\Windows Live\Contacts\wlcomm.exe (3560)
C:\UsbFix\Go.exe (1808)

################## | Files # Infected Folders |

Found ! H:\Stery Aspire 3000s.lnk
Found ! H:\8585485

################## | Registry |


################## | Mountpoints2 |



################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F |