############################## | UsbFix 7.035 | [Research]

User: Maciej (Administrator) # DAREK-KOMPUTER [Hewlett-Packard HP Pavilion dv6 Notebook PC]
Updated 11/11/10 by El Desaparecido / C_XX
Started at 07:45:19 | 12/11/2010
Website: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org

CPU: AMD Turion(tm) II Dual-Core Mobile M500
CPU 2: AMD Turion(tm) II Dual-Core Mobile M500
Microsoft Windows 7 Home Premium  (6.1.7600 64-Bit) # 
Internet Explorer 8.0.7600.16385

Windows Firewall: Enabled
RAM -> 4092 Mb 
C:\ (%systemdrive%) -> Fixed drive # 453 Gb (380 Mb free - 84%) [] # NTFS
D:\ -> Fixed drive # 13 Gb (2 Mb free - 17%) [RECOVERY] # NTFS
E:\ -> CD-ROM
F:\ -> Removable drive # 4 Gb (2 Mb free - 40%) [] # FAT32

################## | Files # Infected Folders |


Found ! D:\sys

################## | Registry |

Found ! HKCU\Software\M5T8QL3YW3
Found ! HKCU\Software\Microsoft\Handle
Found ! HKCU\Software\QZAIB7KITK
Found ! HKCU\Software\XML

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{24a1e895-a148-11df-8089-00271338f70b}
Shell\AutoRun\Command = F:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{29f47b6b-9bc9-11df-b831-00271338f70b}
Shell\AutoRun\Command = F:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{29f47b6f-9bc9-11df-b831-00271338f70b}
Shell\AutoRun\Command = F:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{29f47b92-9bc9-11df-b831-00271338f70b}
Shell\AutoRun\Command = F:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{29f47b94-9bc9-11df-b831-00271338f70b}
Shell\AutoRun\Command = F:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d68be5b5-a145-11df-8093-00271338f70b}
Shell\AutoRun\Command = F:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{dce7f114-8c0c-11df-97b6-00271338f70b}
Shell\AutoRun\Command = F:\AutoRun.exe


################## | Vaccin |

(!) This computer is not vaccinated!

################## | E.O.F |