############################## | UsbFix V 7.093 | [Research] User: jaraczk (Administrator) # JARACZK-6335B5B Updated 08/07/2012 by El Desaparecido Started at 11:01:47 | 17/07/2012 Website: http://eldesaparecido.com Forum: http://forum.eldesaparecido.com Suspicious file ? : http://eldesaparecido.com/upload.php Contact: contact@eldesaparecido.com PC: INTEL_ (DQ965GF_) (X86-based PC) # Desktop Computer CPU: Intel(R) Core(TM)2 CPU 4400 @ 2.00GHz (1998) RAM -> [Total : 3326 | Free : 2615] BIOS: Default System BIOS BOOT: Normal boot OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3 WB: Windows Internet Explorer 8.0.6001.18702 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Fixed drive # 149 Gb (111 Mb free - 74%) [SYSTEM] # NTFS D:\ -> Fixed drive # 233 Gb (110 Mb free - 47%) [DYSK D] # NTFS E:\ -> Fixed drive # 233 Gb (22 Mb free - 9%) [BLACK BOX] # NTFS F:\ -> CD-ROM J:\ -> Fixed drive # 149 Gb (32 Mb free - 22%) [ICY BOX] # NTFS ################## | Active Processes | C:\WINDOWS\System32\smss.exe (628) C:\WINDOWS\system32\winlogon.exe (744) C:\WINDOWS\system32\services.exe (788) C:\WINDOWS\system32\lsass.exe (800) C:\WINDOWS\system32\Ati2evxx.exe (972) C:\WINDOWS\system32\svchost.exe (992) C:\WINDOWS\System32\svchost.exe (1204) C:\WINDOWS\system32\svchost.exe (1240) C:\WINDOWS\system32\Ati2evxx.exe (1468) C:\WINDOWS\system32\spoolsv.exe (1656) C:\WINDOWS\Explorer.EXE (1932) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (232) C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe (316) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (380) C:\Program Files\Intel\AMT\atchksrv.exe (560) C:\Program Files\Wave Systems Corp\Common\DataServer.exe (396) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (932) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (1012) C:\Program Files\Intel\AMT\atchk.exe (1464) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (1508) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (860) C:\Program Files\Java\jre6\bin\jqs.exe (1740) C:\WINDOWS\system32\ctfmon.exe (1796) C:\Documents and Settings\jaraczk\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe (1816) C:\Program Files\DAEMON Tools Lite\DTLite.exe (1836) C:\Program Files\Intel\AMT\LMS.exe (1864) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (1952) C:\WINDOWS\system32\HPZipm12.exe (1696) C:\WINDOWS\system32\svchost.exe (524) C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v1.05\bin\tcsd_win32.exe (692) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (1172) C:\WINDOWS\system32\SearchIndexer.exe (336) C:\WINDOWS\system32\wuauclt.exe (2188) C:\WINDOWS\system32\wuauclt.exe (2208) C:\Documents and Settings\jaraczk\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (3900) C:\WINDOWS\system32\SearchProtocolHost.exe (4072) C:\Documents and Settings\jaraczk\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (2204) C:\Documents and Settings\jaraczk\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (2540) d:\Moje dokumenty\Downloads\OTL (2).exe (2952) d:\Moje dokumenty\Downloads\SystemLook.exe (3192) C:\UsbFix\Go.exe (2736) ################## | Files # Infected Folders | Found ! E:\autorun.inf Found ! J:\Recycler\desktop.ini Found ! J:\MUZYKA ################## | Registry | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{169fe25a-2661-11e0-a19f-0019d191f6d7} Shell\AutoRun\Command = H:\Install_Nokia_Ovi_Suite.exe ################## | Vaccin | (!) This computer is not vaccinated! ################## | E.O.F |