Scribd Logo
Unggah

Selamat datang di Scribd!

  • Combo Fix

    Diunggah oleh

    Kyle Frazier
    15 tayangan7 halaman

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    TXT, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    15 tayangan7 halaman

    Combo Fix

    Diunggah oleh

    Kyle Frazier

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 7

    ComboFix 13-12-13.01 - Administrator 12.2013 . 21:47:11.1.

    1 - FAT32x86
    Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.447.135 [GMT 2:00
    ]
    Running from: c:\documents and settings\Administrator\Desktop\1.exe
    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-997
    52CCA7095}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))
    )))))))))))))))))))))))))))))
    .
    .
    c:\windows\system32\kbdBF.dll
    .
    .
    ((((((((((((((((((((((((( Files Created from 2013-11-15 to 2013-12-15 )))))))
    ))))))))))))))))))))))))
    .
    .
    2013-12-15 18:27 . 2013-12-15 18:27
    -------d-----wC:\Temp
    2013-12-15 14:37 . 2013-12-15 14:37
    -------d-----rC:\MSOCa
    che
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
    )))))))))))))))))))))))))))))))
    .
    2013-10-28 19:03 . 2013-10-28 17:03
    185856 ----a-wc:\windows\syste
    m32\upnphost.dll
    2013-10-28 19:03 . 2013-10-28 17:03
    16896 ----a-wc:\windows\syste
    m32\upnpcont.exe
    2013-10-28 19:03 . 2013-10-28 17:03
    133632 ----a-wc:\windows\syste
    m32\upnp.dll
    2013-10-28 19:03 . 2013-12-15 13:56
    150528 ----a-wc:\windows\pchea
    lth\UploadLB\Binaries\UploadM.exe
    2013-10-28 19:03 . 2013-10-28 19:03
    611328 ----a-wc:\windows\syste
    m32\UIAutomationCore.dll
    2013-10-28 19:03 . 2013-10-28 17:03
    26624 ----a-wc:\windows\syste
    m32\udhisapi.dll
    2013-10-28 19:03 . 2013-10-28 17:03
    279040 ----a-wc:\windows\help\
    TSHOOT.dll
    2013-10-28 19:02 . 2013-10-28 17:02
    33280 ----a-wc:\windows\help\
    sstub.dll
    2013-10-28 19:02 . 2013-12-15 13:56
    726078 ----a-wc:\windows\srcha
    sst\srchui.dll
    2013-10-28 19:02 . 2013-12-15 13:56
    58434 ----a-wc:\windows\srcha
    sst\srchctls.dll
    2013-10-28 19:02 . 2013-10-28 17:02
    71680 ----a-wc:\windows\syste
    m32\ssdpsrv.dll
    2013-10-28 19:02 . 2013-10-28 17:02
    34816 ----a-wc:\windows\syste
    m32\ssdpapi.dll
    2013-10-28 19:02 . 2013-10-28 17:02
    34816 ----a-wc:\windows\help\
    sniffpol.dll
    2013-10-28 19:01 . 2013-12-15 13:56
    38400 ----a-wc:\windows\pchea
    lth\helpctr\binaries\pchsvc.dll
    2013-10-28 19:01 . 2013-12-15 13:56
    102912 ----a-wc:\windows\pchea
    lth\helpctr\binaries\pchshell.dll
    2013-10-28 19:01 . 2013-12-15 13:56
    35328 ----a-wc:\windows\pchea
    lth\helpctr\binaries\notiflag.exe

    2013-10-28 19:00 . 2013-12-15 13:56


    lth\helpctr\binaries\msinfo.dll
    2013-10-28 19:00 . 2013-12-15 13:56
    sst\msgr3en.dll
    2013-10-28 19:00 . 2013-12-15 13:56
    lth\helpctr\binaries\msconfig.exe
    2013-10-28 18:59 . 2013-12-15 13:56
    lth\helpctr\binaries\HscUpd.exe
    2013-10-28 18:58 . 2013-12-15 13:56
    lth\helpctr\binaries\HelpHost.exe
    2013-10-28 18:58 . 2013-12-15 13:56
    lth\helpctr\binaries\HCAppRes.dll
    2013-10-28 18:58 . 2013-12-15 13:56
    lth\helpctr\binaries\HelpCtr.exe
    2013-10-28 18:58 . 2013-12-15 13:56
    lth\helpctr\binaries\HelpSvc.exe
    2013-10-28 18:57 . 2013-12-15 13:56
    lth\helpctr\binaries\brpinfo.dll
    2013-10-28 18:57 . 2013-10-28 16:57
    bnts.dll
    2013-10-28 17:16 . 2013-10-28 17:16
    m32\setup.cmd
    2013-10-28 17:16 . 2013-10-28 17:01
    m32\presetup.cmd
    2013-10-28 17:16 . 2013-10-28 17:02
    m32\setupold.exe
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\zipfldr.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\xpsp4res.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\xpsp2res.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\xpob2res.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\xpsp1res.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\xmlprovi.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\xmlprov.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\xactsrv.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\xcopy.exe
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\xenroll.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\drivers\wudfpf.sys
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\wudfsvc.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\wudfx.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\wudfcoinstaller.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\wzcdlg.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\wupdmgr.exe
    2013-10-28 17:04 . 2013-10-28 17:04
    m32\wudfhost.exe

    376832 ----a-w-

    c:\windows\pchea

    3166208 ----a-w-

    c:\windows\srcha

    169984 ----a-w-

    c:\windows\pchea

    18432

    ----a-w-

    c:\windows\pchea

    99840

    ----a-w-

    c:\windows\pchea

    6656

    ----a-w-

    c:\windows\pchea

    769024 ----a-w-

    c:\windows\pchea

    744448 ----a-w-

    c:\windows\pchea

    21504

    ----a-w-

    c:\windows\pchea

    152576 ----a-w-

    c:\windows\help\

    12824

    ----a-w-

    c:\windows\syste

    3330

    ----a-w-

    c:\windows\syste

    28672

    ----a-w-

    c:\windows\syste

    338432 ----a-w-

    c:\windows\syste

    5120

    ----a-w-

    c:\windows\syste

    2897920 ----a-w-

    c:\windows\syste

    438784 ----a-w-

    c:\windows\syste

    187392 ----a-w-

    c:\windows\syste

    50176

    ----a-w-

    c:\windows\syste

    129024 ----a-w-

    c:\windows\syste

    91648

    ----a-w-

    c:\windows\syste

    30720

    ----a-w-

    c:\windows\syste

    174200 ----a-w-

    c:\windows\syste

    91904

    ----a-w-

    c:\windows\syste

    64512

    ----a-w-

    c:\windows\syste

    567808 ----a-w-

    c:\windows\syste

    39936

    ----a-w-

    c:\windows\syste

    383488 ----a-w-

    c:\windows\syste

    32256

    ----a-w-

    c:\windows\syste

    195584 ----a-w-

    c:\windows\syste

    2013-10-28 17:04 . 2013-10-28


    m32\wudfplatform.dll
    2013-10-28 17:04 . 2013-10-28
    m32\drivers\wudfrd.sys
    2013-10-28 17:04 . 2013-10-28
    m32\wtsapi32.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wshext.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wshnetbs.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wstdecod.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wsnmp32.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wshcon.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wstrenderer.ax
    2013-10-28 17:04 . 2013-10-28
    m32\wsock32.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wshtcpip.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wstpager.ax
    2013-10-28 17:04 . 2013-10-28
    m32\wship6.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wshom.ocx
    2013-10-28 17:04 . 2013-10-28
    m32\wshisn.dll
    2013-10-28 17:04 . 2013-10-28
    m32\WshRm.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wshatm.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wscsvc.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wsecedit.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wscript.exe
    2013-10-28 17:04 . 2013-10-28
    m32\wscui.cpl
    2013-10-28 17:04 . 2013-10-28
    m32\wscntfy.exe
    2013-10-28 17:04 . 2013-10-28
    m32\wshbth.dll
    2013-10-28 17:04 . 2013-10-28
    m32\ws2_32.dll
    2013-10-28 17:04 . 2013-10-28
    m32\drivers\wpdusb.sys
    2013-10-28 17:04 . 2013-10-28
    m32\wpdsp.dll
    2013-10-28 17:04 . 2013-10-28
    m32\ws2help.dll
    2013-10-28 17:04 . 2013-10-28
    m32\wpdshserviceobj.dll
    2013-10-28 17:04 . 2013-10-28
    m32\drivers\ws2ifsl.sys
    2013-10-28 17:04 . 2013-10-28
    m32\wpnpinst.exe

    17:04

    148480 ----a-w-

    c:\windows\syste

    17:04

    132224 ----a-w-

    c:\windows\syste

    17:04

    18432

    ----a-w-

    c:\windows\syste

    17:04

    90112

    ----a-w-

    c:\windows\syste

    17:04

    7168

    ----a-w-

    c:\windows\syste

    17:04

    50688

    ----a-w-

    c:\windows\syste

    17:04

    41984

    ----a-w-

    c:\windows\syste

    17:04

    36864

    ----a-w-

    c:\windows\syste

    17:04

    239616 ----a-w-

    c:\windows\syste

    17:04

    22528

    ----a-w-

    c:\windows\syste

    17:04

    19456

    ----a-w-

    c:\windows\syste

    17:04

    164352 ----a-w-

    c:\windows\syste

    17:04

    14336

    ----a-w-

    c:\windows\syste

    17:04

    135168 ----a-w-

    c:\windows\syste

    17:04

    11776

    ----a-w-

    c:\windows\syste

    17:04

    11264

    ----a-w-

    c:\windows\syste

    17:04

    9216

    ----a-w-

    c:\windows\syste

    17:04

    80896

    ----a-w-

    c:\windows\syste

    17:04

    604160 ----a-w-

    c:\windows\syste

    17:04

    155648 ----a-w-

    c:\windows\syste

    17:04

    148480 ----a-w-

    c:\windows\syste

    17:04

    13824

    ----a-w-

    c:\windows\syste

    17:04

    108032 ----a-w-

    c:\windows\syste

    17:04

    82432

    ----a-w-

    c:\windows\syste

    17:04

    38528

    ----a-w-

    c:\windows\syste

    17:04

    356352 ----a-w-

    c:\windows\syste

    17:04

    19968

    ----a-w-

    c:\windows\syste

    17:04

    133632 ----a-w-

    c:\windows\syste

    17:04

    12032

    ----a-w-

    c:\windows\syste

    17:04

    11264

    ----a-w-

    c:\windows\syste

    2013-10-28 17:04 . 2013-10-28 17:04


    671232 ----a-wc:\windows\syste
    m32\drivers\UMDF\wpdmtpdr.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    63488 ----a-wc:\windows\syste
    m32\wpdmtpus.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    629760 ----a-wc:\windows\syste
    m32\wpd_ci.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    38400 ----a-wc:\windows\syste
    m32\wpdshextres.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    35840 ----a-wc:\windows\syste
    m32\wpdconns.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    32256 ----a-wc:\windows\syste
    m32\wpabaln.exe
    2013-10-28 17:04 . 2013-10-28 17:04
    2603008 ----a-wc:\windows\syste
    m32\wpdshext.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    17408 ----a-wc:\windows\syste
    m32\wpdshextautoplay.exe
    2013-10-28 17:04 . 2013-10-28 17:04
    154624 ----a-wc:\windows\syste
    m32\wpdmtp.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    767488 ----a-wc:\windows\syste
    m32\wmvsencd.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    656896 ----a-wc:\windows\syste
    m32\wmvxencd.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    2736
    ----a-wc:\windows\syste
    m32\wowdeb.exe
    2013-10-28 17:04 . 2013-10-28 17:04
    264192 ----a-wc:\windows\syste
    m32\wow32.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    1575424 ----a-wc:\windows\syste
    m32\wmvencod.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    1382912 ----a-wc:\windows\syste
    m32\wmvsdecd.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    10368 ----a-wc:\windows\syste
    m32\wowexec.exe
    2013-10-28 17:04 . 2013-10-28 17:04
    258048 ----a-wc:\windows\syste
    m32\wmvds32.ax
    2013-10-28 17:04 . 2013-10-28 17:04
    4096
    ----a-wc:\windows\syste
    m32\wmvdmoe2.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    4096
    ----a-wc:\windows\syste
    m32\wmvdmod.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    4096
    ----a-wc:\windows\syste
    m32\wmvadve.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    4096
    ----a-wc:\windows\syste
    m32\wmvadvd.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    278559 ----a-wc:\windows\syste
    m32\wmv8ds32.ax
    2013-10-28 17:04 . 2013-10-28 17:04
    1543680 ----a-wc:\windows\syste
    m32\wmvdecod.dll
    2013-10-28 17:04 . 2013-10-28 17:04
    99840 ----a-wc:\windows\syste
    m32\wmpshell.dll
    .
    .
    ------- Sigcheck ------Note: Unsigned files aren't necessarily malware.
    .
    [-] 2013-10-28 . EC936BB945F789C0B4DAE06397334430 . 361600 . . [5.1.2600.5625] .
    . c:\windows\system32\drivers\tcpip.sys
    .
    [-] 2013-10-28 . 679A7259741F6A09994F02CE261B5F2E . 507904 . . [5.1.2600.5512] .
    . c:\windows\system32\winlogon.exe
    .
    [-] 2013-10-28 . 8FCF3A8C83D93FA7BD01574DBD861786 . 1614848 . . [5.1.2600.5512]

    . . c:\windows\system32\sfcfiles.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))
    )))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "VTTimer"="VTTimer.exe" [2006-09-14 53248]
    "VTTrayp"="VTtrayp.exe" [2007-04-25 176128]
    "SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 99740
    8]
    "Bonus.SSR.FR11"="c:\program files\ABBYY FineReader 11\Bonus.ScreenshotReader.ex
    e" [2013-06-27 1364496]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2013-10-28 15360]
    "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03
    435096]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "_nltide_3"="advpack.dll" [2013-10-28 128512]
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoSMConfigurePrograms"= 1 (0x1)
    .
    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer
    ]
    "NoSMHelp"= 1 (0x1)
    "NoSMConfigurePrograms"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe AR
    M]
    2013-04-04 21:06
    958576 ----a-wc:\program files\Common Files\Ad
    obe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Re
    ader Speed Launcher]
    2013-05-08 21:20
    41056 ----a-wc:\program files\Adobe\Reader 9.
    0\Reader\reader_sl.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SS
    R.FR11]
    2013-06-27 23:51
    1364496 ----a-wc:\program files\ABBYY FineReade
    r 11\Bonus.ScreenshotReader.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.E
    XE]
    2013-10-28 16:58
    15360 ----a-wc:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWPersis
    tentQueuedReporting]
    2008-11-03 23:44
    435096 ----a-wc:\program files\Common Files\Mi
    crosoft Shared\DW\DWTRIG20.EXE

    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authoriz
    edApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "c:\\Program Files\\BitComet\\BitComet.exe"=
    "c:\\WINDOWS\\System32\\hasplms.exe"=
    "c:\\Program Files\\Winamp\\winamp.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "c:\\Program Files\\Samsung\\Samsung Universal Print Driver 2\\PrinterSelector\\
    SUPDApp.exe"=
    "c:\\Program Files\\Samsung\\Samsung Universal Print Driver 2 PCL6\\PrinterSelec
    tor\\SUPDApp.exe"=
    "c:\\Program Files\\Samsung\\Samsung Universal Scan Driver\\ICCUpdater.exe"=
    "c:\\Program Files\\Samsung\\Samsung Universal Scan Driver\\ScanCDLM.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSett
    ings]
    "AllowInboundEchoRequest"= 1 (0x1)
    .
    R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [28.10.2013 . 19:01
    14184]
    R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [28.10.2013 . 19:01
    5632]
    R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [28.10.2013 . 19:01 14184
    ]
    R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par
    .sys [15.12.2013 . 17:20 30656]
    R2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run -> c:\windows\system32\hasplms.exe -run [?]
    S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [19.4.20
    13 . 15:14 161384]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D3
    45-D564-463c-AFF1-A69D9E530F96}]
    2013-12-15 14:58
    1210320 ----a-wc:\program files\Google\Chrome\A
    pplication\31.0.1650.63\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-12-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2013-12-15 14:57]
    .
    2013-12-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2013-12-15 14:57]
    .
    2013-12-15 c:\windows\Tasks\MpIdleTask.job
    - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-1
    1 10:26]
    .
    2013-12-15 c:\windows\Tasks\MP Scheduled Scan.job
    - c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-1
    1 10:26]
    .
    .
    ------- Supplementary Scan ------.
    uStart Page = www.google.bg
    IE: & Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

    TCP: DhcpNameServer = 88.87.10.2 88.87.0.2


    FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozi
    lla\Firefox\Profiles\to752t39.default\
    .
    - - - - ORPHANS REMOVED - - - .
    AddRemove-Microsoft .NET Framework 3.5 SP1 - c:\windows\Microsoft.NET\Framework\
    v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/
    /www.gmer.net
    Rootkit scan 2013-12-15 22:16
    Windows 5.1.2600 Service Pack 3 FAT NTAPI
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS --------------------.
    [HKEY_USERS\S-1-5-21-861567501-583907252-1801674531-500\Software\Microsoft\Inter
    net Explorer\User Preferences]
    @Denied: (2) (Administrator)
    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,29,7f,bb,b6,28,30,d1,4d,bb,d2,a1,\
    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,29,7f,bb,b6,28,30,d1,4d,bb,d2,a1,\
    .
    Completion time: 2013-12-15 22:23:03
    ComboFix-quarantined-files.txt 2013-12-15 20:23
    .
    Pre-Run: 22061481984 bytes free
    Post-Run: 22126886912 bytes free
    .
    WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional"
    /noexecute=optin /fastdetect
    .
    - - End Of File - - 1E78AE1D34C2AAA46AF221AAB3071A7B
    8F558EB6672622401DA993E1E865C861

    Anda mungkin juga menyukai