############################## | UsbFix 7.025 | [Research] User: Sławek (Administrator) # S-4D77D1A397C04 [ ] Updated 15/09/10 by El Desaparecido / C_XX Started at 20:18:31 | 18/09/2010 Website: http://www.teamxscript.org Contact: FindyKill.Contact@gmail.com CPU: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz CPU 2: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 2 Internet Explorer 6.0.2900.2180 Windows Firewall: Enabled Antivirus: ESET NOD32 Antivirus 4.2 4.2 [Enabled | Updated] RAM -> 2046 Mb C:\ -> Fixed drive # 100 Gb (19 Mb free - 19%) [] # NTFS D:\ (%systemdrive%) -> Fixed drive # 49 Gb (12 Mb free - 24%) [System] # NTFS E:\ -> CD-ROM G:\ -> Fixed drive # 233 Gb (11 Mb free - 5%) [Nowy] # NTFS ################## | Files # Infected Folders | Found ! E:\Autorun.inf ################## | Registry | Found ! HKLM\Software\Classes\CLSID\MADOWN Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apitrap.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ASSTE.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVSTE.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Cleanup.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cqw32.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divxdec.ax Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DJSMAR00.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRMINST.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\enc98.EXE Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EncodeDivXExt.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EncryptPatchVer.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\front.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fullsoft.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GBROWSER.DLL Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htmlmarq.ocx Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\htmlmm.ocx Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ishscan.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ISSTE.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\javai.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm_g.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\main123w.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mngreg32.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msci_uno.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscoree.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorsvr.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mscorwks.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msjava.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mso.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVOPTRF.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NeVideoFX.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPMLIC.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NSWSTE.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\photohse.EXE Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PMSTE.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ppw32hlp.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\printhse.EXE Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prwin8.EXE Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ps80.EXE Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psdmt.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qfinder.EXE Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qpw.EXE Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\salwrap.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup32.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sevinst.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcnet.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tcore_ebook.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TFDTCTT8.DLL Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ua80.EXE Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\udtapi.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ums.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vb40032.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbe6.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wpwin8.EXE Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xlmlEN.dll Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xwsetup.EXE Found ! HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_INSTPGM.EXE ################## | Mountpoints2 | ################## | Vaccin | (!) This computer is not vaccinated! ################## | E.O.F |