############################## | UsbFix 7.058 | [Research]

User: Administrator (Administrator) # JACEK [ ]
Updated 24/08/2011 by El Desaparecido
Started at 21:15:02 | 12/09/2011
Website: http://www.teamxscript.org
Submit your sample: http://www.teamxscript.org/Upload.php
Contact: contact@eldesaparecido.com

CPU: AMD Turion(tm) 64 X2 Mobile Technology TL-56
CPU 2: AMD Turion(tm) 64 X2 Mobile Technology TL-56
Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3
Internet Explorer 8.0.6001.18702

Windows Firewall: Enabled
Antivirus: COMODO Antivirus 3.9 [Enabled | Updated]
Firewall: COMODO Firewall 3.9 [(!) Disabled]
RAM -> 2047 Mb 
C:\ (%systemdrive%) -> Fixed drive # 16 Gb (1 Mb free - 7%) [SYSTEM] # NTFS
D:\ -> Fixed drive # 96 Gb (6 Mb free - 6%) [Dane] # NTFS
E:\ -> CD-ROM
H:\ -> Fixed drive # 466 Gb (185 Mb free - 40%) [Transcend] # FAT32

################## | Files # Infected Folders |

Found ! H:\Recycler\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx
Found ! C:\RECYCLER\S-1-5-21-484763869-1454471165-725345543-500
Found ! D:\RECYCLER\S-1-5-21-484763869-1454471165-725345543-500
Found ! H:\Recycler\desktop.ini
Found ! H:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665

################## | Registry |


################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{390f105e-4f04-11df-8d2d-001a92d5c2b5}
Shell\AutoRun\Command = G:\FlashDiskUtility.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{b06842f8-cfe2-11de-8c5d-001a92d5c2b5}
Shell\AutoRun\Command = F:\Launcher.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{e8cea16c-ad8b-11dc-924d-001a92d5c2b5}
Shell\Auto\Command = F:\UFO.exe
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL UFO.exe


################## | Vaccin |

(!) This computer is not vaccinated!

################## | E.O.F |