############################## | UsbFix V 7.081 | [Research] User: michal (Administrator) # MICHAL-D8951981 Updated 05/02/2012 by El Desaparecido Started at 21:08:36 | 16/02/2012 Website: http://eldesaparecido.com Suspicious file ? : http://eldesaparecido.com/upload.html Contact: contact@eldesaparecido.com PC: System manufacturer (System Product Name) (X86-based PC) # Desktop Computer CPU: AMD Sempron(tm) Processor 3000+ (1600) RAM -> [ Total : 1535 | Free : 878 ] BIOS: BIOS Date: 07/31/06 14:52:50 Ver: 08.00.12 BOOT: Normal boot OS: Microsoft Windows XP Professional (5.1.2600 32-Bit) # Dodatek Service Pack 3 WB: Windows Internet Explorer 7.0.5730.13 SC: Security Center Service [ Enabled ] WU: Windows Update Service [ Enabled ] FW: Windows FireWall Service [ Enabled ] C:\ (%systemdrive%) -> Fixed drive # 15 Gb (7 Mb free - 50%) [] # FAT32 D:\ -> Fixed drive # 65 Gb (6 Mb free - 9%) [Dysk1] # NTFS E:\ -> Fixed drive # 69 Gb (921 Mb free - 1%) [Dysk2] # NTFS F:\ -> CD-ROM G:\ -> Removable drive # 2 Gb (2 Mb free - 95%) [] # FAT ################## | Active Processes | C:\WINDOWS\System32\smss.exe (660) C:\WINDOWS\system32\winlogon.exe (820) C:\WINDOWS\system32\services.exe (864) C:\WINDOWS\system32\lsass.exe (876) C:\WINDOWS\system32\svchost.exe (1036) C:\WINDOWS\System32\svchost.exe (1208) C:\WINDOWS\system32\spoolsv.exe (1664) C:\WINDOWS\Explorer.EXE (1768) C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe (1780) C:\WINDOWS\system32\RunDLL32.exe (180) C:\Program Files\ESET\ESET Smart Security\egui.exe (200) C:\WINDOWS\SOUNDMAN.EXE (208) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (268) C:\WINDOWS\system32\ctfmon.exe (280) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (316) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (360) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (548) C:\WINDOWS\system32\nvsvc32.exe (700) C:\Program Files\Mozilla Firefox\firefox.exe (2104) C:\WINDOWS\system32\wuauclt.exe (612) C:\UsbFix\Go.exe (1472) ################## | Files # Infected Folders | Found ! D:\DC++.lnk Found ! D:\Gadu-Gadu.lnk ################## | Registry | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{4e07a11c-589a-11e1-90f3-0018f365272b} Shell\AutoRun\Command = G:\SETUP.EXE Shell\configure\Command = G:\SETUP.EXE Shell\install\Command = G:\SETUP.EXE ################## | Vaccin | (!) This computer is not vaccinated! ################## | E.O.F |