############################## | UsbFix V 7.097 | [Deletion]

User: Matrix (Administrator) # MATRIX-C4BE90B2
Updated 02/09/2012 by El Desaparecido
Started at 12:50:37 | 05/09/2012

Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: ASUSTeK Computer Inc.  (A9Rp                ) (X86-based PC
CPU: Intel(R) Celeron(R) M CPU        420  @ 1.60GHz (1600)
RAM -> [Total : 447 | Free : 147]
BIOS: Default System BIOS
BOOT: Normal boot

OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
WB: Windows Internet Explorer 6.0.2900.5512

SC: Security Center Service [Enabled]
WU: Windows Update Service [(!) Disabled]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 29 Gb (5 Mb free - 16%) [] # FAT32
D:\ -> Fixed drive # 45 Gb (11 Mb free - 25%) [] # NTFS
F:\ -> CD-ROM
G:\ -> Removable drive # 2 Gb (1 Mb free - 63%) [KINGSTON] # FAT

################## | Active Processes |

C:\WINDOWS\System32\smss.exe (504)
C:\WINDOWS\system32\winlogon.exe (600)
C:\WINDOWS\system32\services.exe (644)
C:\WINDOWS\system32\lsass.exe (656)
C:\WINDOWS\system32\Ati2evxx.exe (812)
C:\WINDOWS\system32\svchost.exe (824)
C:\WINDOWS\System32\svchost.exe (1044)
C:\WINDOWS\system32\svchost.exe (1080)
C:\WINDOWS\system32\Ati2evxx.exe (1144)
C:\WINDOWS\system32\spoolsv.exe (1464)
C:\WINDOWS\Explorer.EXE (1700)
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (1772)
C:\WINDOWS\RTHDCPL.EXE (1780)
C:\Program Files\AVG\AVG2012\avgtray.exe (1800)
C:\WINDOWS\system32\ctfmon.exe (1808)
C:\UsbFix\Go.exe (404)
C:\Program Files\AVG\AVG2012\avgfws.exe (1064)
C:\Program Files\AVG\AVG2012\avgwdsvc.exe (1164)
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (1304)
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (1628)
C:\WINDOWS\system32\svchost.exe (1684)
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe (2076)
C:\WINDOWS\System32\svchost.exe (3748)

################## | Stopped processes |

Stopped! C:\WINDOWS\system32\Ati2evxx.exe (812)
Stopped! C:\WINDOWS\system32\Ati2evxx.exe (1144)
Stopped! C:\WINDOWS\system32\spoolsv.exe (1464)
Stopped! C:\WINDOWS\Explorer.EXE (1700)
Stopped! C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe (1772)
Stopped! C:\WINDOWS\RTHDCPL.EXE (1780)
Stopped! C:\Program Files\AVG\AVG2012\avgtray.exe (1800)
Stopped! C:\WINDOWS\system32\ctfmon.exe (1808)
Stopped! C:\Program Files\AVG\AVG2012\avgfws.exe (1064)
Stopped! C:\Program Files\AVG\AVG2012\avgwdsvc.exe (1164)
Stopped! C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (1304)
Stopped! C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (1628)
Stopped! C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe (2076)

################## | Files # Infected Folders |

Deleted ! D:\Acrobat.com.lnk
Deleted ! D:\Adobe Reader 9.lnk
Deleted ! D:\Animation Shop 3.lnk
Deleted ! D:\ASUSTek ASUSDVD.lnk
Deleted ! D:\D-Link AirPlus Utility.lnk
Deleted ! D:\DOSBox 0.73.lnk
Deleted ! D:\ipla.lnk
Deleted ! D:\iPlus.lnk
Deleted ! D:\Mozilla Thunderbird.lnk
Deleted ! D:\OpenOffice.org 3.0.lnk
Deleted ! D:\Opera.lnk
Deleted ! D:\Play Universe at War Earth Assault.lnk
Deleted ! D:\Skype.lnk
Deleted ! D:\TC PowerPack.lnk
Deleted ! D:\Transport Giant - Złota Edycja.lnk
Deleted ! D:\Uruchom grę Railroad Tycoon 3.lnk
Deleted ! D:\WF-MAG DOS DEMO.lnk
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-31
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-20
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-24
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-21
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-22
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-23
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-25
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-26
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-28
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-27
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-29
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok-9-30
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Bron.tok.A9.em.bin
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Kosong.Bron.Tok.txt
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\ListHost9.txt
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Loc.Mail.Bron.Tok
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Ok-SendMail-Bron-tok
Deleted ! C:\Documents and Settings\Matrix\Ustawienia lokalne\Dane aplikacji\Update.9.Bron.Tok.bin
Deleted ! D:\Recycler\S-1-5-21-1343024091-1647877149-725345543-1003
Deleted ! D:\Recycler\S-1-5-21-1547161642-1637723038-839522115-1003
Deleted ! D:\Recycler\S-1-5-21-1935655697-1078081533-725345543-1002
Deleted ! D:\Recycler\S-1-5-21-1935655697-1078081533-725345543-500
Deleted ! D:\Recycler\S-1-5-21-484763869-1935655697-839522115-1003
Deleted ! D:\Recycler\S-1-5-21-682003330-1604221776-839522115-1003
Deleted ! D:\AUTORUN.INF

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\policies\System|DisableRegistryTools
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\policies\System|DisableTaskMgr
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\D
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{075f0874-e315-11e1-963c-0018f3a8f520}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{1fb03c0c-6ae0-11e1-9599-243c20050212}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{20809ea1-e304-11e1-963b-0018f3a8f520}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2c287942-fed6-11de-ac70-abe92cdc3a7f}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{435f5102-f753-11e0-93c5-243c20050212}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{58a3ad4f-35f8-11df-987f-001e589b8733}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{64964734-fd9f-11e0-93f5-243c20050212}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{6c8e9f3e-002d-11df-ac7a-0018f3a8f520}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{88ea85b6-1527-11e0-9a0a-243c20050212}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{de961757-fed4-11de-921c-806d6172696f}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{ff159bc8-ac83-11e1-9601-243c20050212}

################## | Listing |

[05/09/2012 - 12:45:10 | ASH | 704643072] 	C:\pagefile.sys
[11/01/2010 - 17:16:56 | D ] 	C:\WINDOWS
[04/09/2012 - 14:22:52 | D ] 	C:\FOUND.000
[21/07/2001 - 22:13:54 | N | 4952] 	C:\Bootfont.bin
[22/03/2010 - 23:12:26 | N | 251152] 	C:\ntldr
[03/08/2004 - 21:38:34 | N | 47564] 	C:\NTDETECT.COM
[11/01/2010 - 17:30:38 | N | 211] 	C:\boot.ini
[11/01/2010 - 17:24:40 | D ] 	C:\Documents and Settings
[11/01/2010 - 17:36:54 | D ] 	C:\Program Files
[11/01/2010 - 17:37:58 | N | 0] 	C:\CONFIG.SYS
[26/11/2011 - 17:35:16 | D ] 	C:\FOUND.078
[11/01/2010 - 17:37:58 | N | 0] 	C:\IO.SYS
[11/01/2010 - 17:37:58 | N | 0] 	C:\MSDOS.SYS
[11/01/2010 - 17:44:18 | SHD ] 	C:\System Volume Information
[04/09/2012 - 16:33:34 | D ] 	C:\FOUND.001
[14/10/2011 - 09:57:58 | D ] 	C:\log
[04/09/2012 - 21:43:20 | D ] 	C:\FOUND.002
[05/09/2012 - 12:42:08 | D ] 	C:\UsbFix
[05/09/2012 - 12:49:10 | N | 6218] 	C:\UsbFix.txt
[02/07/2010 - 23:49:10 | D ] 	C:\FOUND.010
[26/07/2010 - 00:07:30 | D ] 	C:\System Recovery Files
[09/08/2010 - 10:46:56 | D ] 	C:\FOUND.011
[10/08/2010 - 09:09:06 | D ] 	C:\FOUND.012
[15/08/2010 - 20:35:22 | D ] 	C:\FOUND.013
[06/09/2010 - 00:19:38 | D ] 	C:\FOUND.014
[31/08/2010 - 12:26:20 | D ] 	C:\FOUND.015
[25/10/2010 - 23:16:36 | D ] 	C:\FOUND.016
[28/10/2010 - 19:26:32 | D ] 	C:\FOUND.017
[11/01/2010 - 18:27:56 | SHD ] 	C:\Recycled
[29/10/2010 - 10:57:20 | D ] 	C:\FOUND.018
[31/10/2010 - 18:34:04 | D ] 	C:\FOUND.019
[07/11/2010 - 01:37:04 | D ] 	C:\FOUND.020
[07/11/2010 - 19:32:30 | D ] 	C:\UT2004Demo
[07/11/2010 - 22:26:54 | D ] 	C:\FOUND.021
[09/11/2010 - 12:31:46 | D ] 	C:\FOUND.022
[12/01/2010 - 00:33:52 | D ] 	C:\SWSetup
[26/11/2010 - 08:38:44 | D ] 	C:\FOUND.023
[01/12/2010 - 13:08:22 | D ] 	C:\FOUND.024
[08/12/2010 - 21:12:14 | D ] 	C:\FOUND.025
[10/12/2010 - 11:33:42 | D ] 	C:\FOUND.026
[11/12/2010 - 23:24:40 | D ] 	C:\FOUND.027
[19/12/2010 - 01:27:58 | D ] 	C:\FOUND.028
[02/01/2011 - 19:44:08 | D ] 	C:\FOUND.029
[03/01/2011 - 14:01:52 | D ] 	C:\FOUND.030
[11/01/2011 - 14:32:02 | D ] 	C:\FOUND.031
[19/01/2011 - 22:03:36 | D ] 	C:\FOUND.032
[27/01/2011 - 22:03:26 | D ] 	C:\FOUND.033
[08/02/2011 - 12:11:08 | D ] 	C:\FOUND.034
[12/02/2011 - 07:56:34 | D ] 	C:\FOUND.035
[23/03/2011 - 14:02:20 | D ] 	C:\FOUND.036
[30/03/2011 - 20:55:50 | D ] 	C:\FOUND.037
[03/05/2011 - 19:10:48 | D ] 	C:\FOUND.038
[17/01/2010 - 13:29:34 | D ] 	C:\madar
[18/05/2011 - 15:33:56 | D ] 	C:\FOUND.039
[05/06/2011 - 14:16:24 | D ] 	C:\FOUND.040
[15/06/2011 - 17:41:10 | D ] 	C:\FOUND.041
[30/06/2011 - 00:45:24 | D ] 	C:\FOUND.042
[04/07/2011 - 11:30:12 | D ] 	C:\FOUND.043
[23/07/2011 - 19:57:24 | D ] 	C:\FOUND.044
[02/10/2011 - 16:28:42 | D ] 	C:\FOUND.045
[05/10/2011 - 15:52:32 | D ] 	C:\FOUND.046
[23/10/2011 - 15:35:18 | D ] 	C:\FOUND.048
[26/10/2011 - 13:40:04 | D ] 	C:\FOUND.049
[22/10/2011 - 21:30:06 | D ] 	C:\FOUND.047
[23/10/2011 - 11:17:44 | N | 1004] 	C:\ala.txt
[28/10/2011 - 20:31:34 | D ] 	C:\FOUND.050
[28/10/2011 - 23:41:26 | D ] 	C:\FOUND.051
[29/10/2011 - 19:22:02 | D ] 	C:\FOUND.052
[30/10/2011 - 00:07:20 | D ] 	C:\FOUND.053
[30/10/2011 - 09:55:34 | D ] 	C:\FOUND.054
[30/10/2011 - 16:07:30 | D ] 	C:\FOUND.055
[30/10/2011 - 16:54:08 | D ] 	C:\FOUND.056
[30/10/2011 - 17:08:50 | D ] 	C:\FOUND.057
[14/11/2011 - 04:27:24 | D ] 	C:\FOUND.066
[15/11/2011 - 13:57:58 | D ] 	C:\FOUND.067
[01/11/2011 - 22:48:02 | D ] 	C:\FOUND.058
[06/11/2011 - 15:22:34 | D ] 	C:\FOUND.061
[03/11/2011 - 13:44:26 | D ] 	C:\FOUND.059
[03/11/2011 - 20:21:36 | D ] 	C:\FOUND.060
[07/11/2011 - 07:18:12 | D ] 	C:\FOUND.062
[09/11/2011 - 14:14:58 | D ] 	C:\FOUND.063
[10/11/2011 - 16:15:18 | D ] 	C:\FOUND.064
[11/11/2011 - 11:56:28 | D ] 	C:\FOUND.065
[16/11/2011 - 13:21:30 | D ] 	C:\FOUND.068
[17/11/2011 - 13:37:42 | D ] 	C:\FOUND.069
[18/11/2011 - 13:48:44 | D ] 	C:\FOUND.070
[18/11/2011 - 21:12:36 | D ] 	C:\FOUND.071
[19/11/2011 - 15:41:40 | D ] 	C:\FOUND.072
[20/11/2011 - 17:27:16 | D ] 	C:\FOUND.073
[21/11/2011 - 04:21:32 | D ] 	C:\FOUND.074
[21/11/2011 - 04:28:24 | D ] 	C:\FOUND.075
[23/11/2011 - 11:24:38 | D ] 	C:\FOUND.076
[25/11/2011 - 12:52:48 | D ] 	C:\FOUND.077
[28/11/2011 - 21:45:06 | D ] 	C:\FOUND.081
[29/11/2011 - 16:03:28 | D ] 	C:\FOUND.082
[07/12/2011 - 19:00:54 | D ] 	C:\FOUND.083
[27/11/2011 - 09:32:54 | D ] 	C:\FOUND.079
[27/11/2011 - 12:48:30 | D ] 	C:\FOUND.080
[12/12/2011 - 04:21:46 | D ] 	C:\FOUND.084
[13/12/2011 - 06:51:24 | D ] 	C:\FOUND.085
[14/12/2011 - 15:54:20 | D ] 	C:\FOUND.086
[17/12/2011 - 08:38:46 | D ] 	C:\FOUND.087
[19/12/2011 - 06:51:42 | D ] 	C:\FOUND.088
[22/12/2011 - 08:12:58 | D ] 	C:\FOUND.089
[29/12/2011 - 10:51:12 | D ] 	C:\FOUND.090
[31/12/2011 - 08:58:04 | D ] 	C:\FOUND.091
[17/01/2012 - 14:48:52 | D ] 	C:\FOUND.092
[22/01/2012 - 19:28:58 | D ] 	C:\FOUND.093
[25/01/2012 - 08:03:04 | D ] 	C:\FOUND.094
[05/02/2012 - 14:57:36 | D ] 	C:\FOUND.095
[14/03/2012 - 14:24:46 | D ] 	C:\FOUND.101
[19/03/2012 - 13:56:14 | D ] 	C:\FOUND.102
[11/02/2012 - 14:50:24 | D ] 	C:\FOUND.096
[20/02/2012 - 08:22:52 | D ] 	C:\FOUND.097
[24/02/2012 - 17:35:32 | D ] 	C:\FOUND.098
[29/02/2012 - 14:40:42 | D ] 	C:\FOUND.099
[05/03/2012 - 20:08:24 | D ] 	C:\FOUND.100
[02/04/2012 - 08:13:06 | D ] 	C:\FOUND.103
[14/04/2012 - 19:34:02 | D ] 	C:\FOUND.104
[16/04/2012 - 17:33:06 | D ] 	C:\FOUND.105
[15/06/2012 - 16:15:16 | D ] 	C:\FOUND.108
[30/06/2012 - 22:07:26 | N | 10] 	C:\error.txt
[30/04/2012 - 07:48:42 | D ] 	C:\PIT Format 2011
[13/05/2012 - 10:36:58 | D ] 	C:\FOUND.106
[15/05/2012 - 13:28:54 | D ] 	C:\FOUND.107
[30/06/2012 - 22:31:36 | D ] 	C:\FOUND.109
[14/07/2012 - 15:29:30 | D ] 	C:\FOUND.110
[31/07/2012 - 23:05:52 | D ] 	C:\FOUND.111
[14/04/2008 - 22:49:16 | D ] 	C:\Recycle.Bin
[01/08/2012 - 22:15:52 | D ] 	C:\FOUND.112
[17/08/2012 - 21:07:32 | D ] 	C:\FOUND.113
[20/08/2012 - 17:37:32 | D ] 	C:\FOUND.114
[02/09/2012 - 09:04:56 | D ] 	C:\FOUND.115
[03/09/2012 - 20:12:06 | D ] 	C:\$AVG
[19/01/2010 - 11:10:50 | D ] 	C:\lj1005hb-en
[19/01/2010 - 13:25:24 | N | 32840] 	C:\P1005.log
[11/03/2010 - 11:02:28 | D ] 	C:\totalcmd
[30/03/2010 - 10:11:12 | D ] 	C:\lj1000hb
[30/03/2010 - 10:32:06 | D ] 	C:\lj1488
[03/09/2012 - 20:54:53 | D ] 	D:\$AVG
[19/12/2008 - 15:57:18 | N | 208704] 	D:\.fonts.cache-1
[30/04/2012 - 07:33:29 | D ] 	D:\b38313abdb628caf02a4a204
[27/02/2008 - 13:28:26 | D ] 	D:\DORO
[11/01/2010 - 17:36:12 | D ] 	D:\Dysk lokalny (C)
[12/08/2012 - 10:40:33 | D ] 	D:\filmy
[24/09/2008 - 23:17:14 | D ] 	D:\fotodom
[11/01/2010 - 17:38:38 | D ] 	D:\Gadu-Gadu
[11/01/2010 - 17:38:38 | D ] 	D:\Menu Start
[22/02/2010 - 13:57:43 | D ] 	D:\MMLEGAT
[03/09/2012 - 20:57:22 | D ] 	D:\Moje dokumenty
[17/03/2008 - 14:09:57 | RHD ] 	D:\MSOCache
[11/01/2010 - 17:31:42 | D ] 	D:\Nowy folder
[24/10/2008 - 19:21:29 | D ] 	D:\Nowy folder (2)
[04/09/2012 - 00:57:46 | D ] 	D:\Nowy folder (3)
[27/02/2008 - 14:19:45 | D ] 	D:\Prywatne zdjęcia
[04/09/2012 - 01:05:35 | D ] 	D:\Pulpit
[11/01/2010 - 17:37:19 | D ] 	D:\Rafał
[05/09/2012 - 13:06:25 | SHD ] 	D:\RECYCLER
[15/10/2011 - 16:53:54 | D ] 	D:\Scenario
[20/11/2011 - 22:44:40 | D ] 	D:\SMRTNTKY
[20/05/2008 - 19:56:09 | D ] 	D:\STR CIMA DORO SINAER
[28/10/2008 - 18:54:56 | SHD ] 	D:\System Volume Information
[08/12/2008 - 16:42:34 | ASH | 123904] 	D:\Thumbs.db
[11/01/2010 - 17:54:58 | D ] 	D:\Ulubione
[11/01/2010 - 17:54:59 | D ] 	D:\UserData

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_MATRIX-C4BE90B2.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.

################## | E.O.F |