Scribd Logo
Unggah

Selamat datang di Scribd!

  • Combo Fix

    Diunggah oleh

    Miller Burbano Muñoz
    99 tayangan5 halaman

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    TXT, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    99 tayangan5 halaman

    Combo Fix

    Diunggah oleh

    Miller Burbano Muñoz

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 5

    ComboFix 12-03-02.01 - Burbano 02/03/2012 17:27:09.2.

    2 - x86
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.34.3082.18.1014.372 [GMT -5:0
    0]
    Running from: c:\users\Burbano\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
    SP: avast! Antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    [i] ADS - system32: deleted 12 bytes in 1 streams. [/i]
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))
    )))))))))))))))))))))))))))))
    .
    .
    c:\windows\system32\oobe\audit.exe
    c:\windows\system32\oobe\msoobe.exe
    c:\windows\system32\oobe\oobeldr.exe
    c:\windows\system32\oobe\Setup.exe
    c:\windows\system32\oobe\setupsqm.exe
    c:\windows\system32\oobe\windeploy.exe
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-02-02 to 2012-03-02 )))))))
    ))))))))))))))))))))))))
    .
    .
    2012-03-02 22:56 . 2012-03-02 22:56
    -------d-----wc:\users
    \Public\AppData\Local\temp
    2012-03-02 22:56 . 2012-03-02 22:56
    -------d-----wc:\users
    \Default\AppData\Local\temp
    2012-03-02 21:33 . 2010-05-06 20:41
    307280 ----a-wc:\windows\syste
    m32\drivers\aswSnx.sys
    2012-03-02 21:32 . 2012-03-02 21:32
    -------d-----wc:\progr
    amdata\Alwil Software
    2012-03-02 20:56 . 2010-05-06 20:34
    23376 ----a-wc:\windows\syste
    m32\drivers\aswRdr.sys
    2012-03-02 20:56 . 2010-05-06 20:39
    46672 ----a-wc:\windows\syste
    m32\drivers\aswTdi.sys
    2012-03-02 20:56 . 2010-05-06 20:59
    38848 ----a-wc:\windows\syste
    m32\avastSS.scr
    2012-03-02 20:56 . 2010-05-06 20:39
    164048 ----a-wc:\windows\syste
    m32\drivers\aswSP.sys
    2012-03-02 20:56 . 2010-05-06 20:33
    19024 ----a-wc:\windows\syste
    m32\drivers\aswFsBlk.sys
    2012-03-02 20:55 . 2010-05-06 20:59
    165032 ----a-wc:\windows\syste
    m32\aswBoot.exe
    2012-03-02 20:55 . 2010-05-06 20:34
    51792 ----a-wc:\windows\syste
    m32\drivers\aswMonFlt.sys
    2012-03-02 20:55 . 2004-01-09 09:13
    380928 ----a-wc:\windows\syste
    m32\actskin4.ocx
    2012-03-02 20:55 . 2012-03-02 21:35
    -------d-----wc:\progr
    am files\Alwil Software
    2012-02-12 19:05 . 2012-02-12 19:06
    -------dc-h--wc:\progr
    amdata\{B49A644A-1076-4A3D-B124-DAA7862F2318}
    2012-02-12 19:05 . 2012-02-12 19:05
    -------d-----wc:\progr
    am files\iLivid
    2012-02-12 19:03 . 2012-02-12 19:03
    -------d-----wc:\users
    \Burbano\AppData\Local\PackageAware
    2012-02-12 18:51 . 2012-02-12 18:51
    -------d-----wc:\users

    \Burbano\AppData\Roaming\Globe7
    2012-02-12 18:50 . 2012-02-12 18:54
    -------d-----wc:\progr
    am files\Globe7
    2012-02-12 03:00 . 2012-02-12 03:00
    -------d-----wc:\users
    \Burbano\AppData\Roaming\JCreator
    2012-02-12 03:00 . 2012-02-12 03:00
    -------d-----wc:\progr
    amdata\JCreator
    2012-02-12 02:58 . 2012-02-12 02:58
    -------d-----wc:\progr
    am files\Xinox Software
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
    )))))))))))))))))))))))))))))))
    .
    2012-01-31 12:44 . 2011-09-17 17:04
    237072 ------wc:\windows\syste
    m32\MpSigStub.exe
    2011-12-05 14:42 . 2011-09-17 21:28
    134104 ----a-wc:\program files
    \mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))
    )))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
    overlayidentifiers\IDM Shell Extension]
    @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
    [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
    2011-05-30 16:50
    21864 ----a-wc:\program files\Internet Downlo
    ad Manager\IDMShellExt.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
    overlayidentifiers\snxPluginsShell]
    @="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
    [HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
    2010-05-06 21:02
    151648 ----a-wc:\program files\Alwil Software\
    Avast5\snxPlugins.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
    "NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-01-10
    1083264]
    "HW_OPENEYE_OUC_Mobile Partner"="c:\program files\Mobile Partner\UpdateDog\ouc.e
    xe" [2009-07-27 110592]
    "PSwitch"="c:\program files\Proxy Switcher Standard\ProxySwitcher.exe" [2012-0104 5299768]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 9
    1520]
    "USB Antivirus"="c:\program files\USB Disk Security\RunUSBGuard.exe" [2010-06-04
    91040]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-09-03 1557800]

    "PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-27


    648032]
    "TAForOE Loader"="c:\program files\TextAloud\TAForOELoader.exe" [2010-12-23 5020
    96]
    "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]
    .
    c:\users\Burbano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Recorte de pantalla y Selector de OneNote 2010.lnk - c:\program files\Microsoft
    Office\Office14\ONENOTEM.EXE [2010-3-29 227712]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SS
    Scheduler.exe [2010-1-15 255536]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON T
    ools Lite]
    2009-10-30 11:57
    369200 ----a-wc:\program files\DAEMON Tools Li
    te\DTLite.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
    2010-03-26 08:52
    1234216 ----a-wc:\program files\Nero\Nero 10\Ne
    ro BackItUp\NBAgent.exe
    .
    R1 MpKsl23f66e2a;MpKsl23f66e2a;c:\programdata\Microsoft\Microsoft Antimalware\De
    finition Updates\{5D61A2A1-2FEC-4369-8450-5EB239C59CBC}\MpKsl23f66e2a.sys [x]
    R2 DeviceManager;DeviceManager;c:\program files\Common Files\DeviceHelper\Device
    Manager.exe [2008-11-21 40960]
    R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\HWDevi
    ceService.exe [2010-11-16 264704]
    R2 KMService;KMService;c:\windows\system32\srvany.exe [2011-09-17 8192]
    R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS
    \ew_hwusbdev.sys [2010-07-27 102784]
    R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIV
    ERS\ewdcsc.sys [2010-01-18 27136]
    R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2010
    -11-04 85248]
    R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.
    sys [x]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program
    files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace A
    udit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 3
    0969208]
    R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu
    .sys [2011-11-01 137600]
    R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sy
    s [2011-11-01 8576]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Mic
    rosoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
    R3 qcusbser;Modem Interface USB Device for Legacy Serial Communication;c:\window
    s\system32\DRIVERS\qcusbser.sys [2008-10-22 103552]

    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\v


    wifimp.sys [2009-07-13 14336]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2011-09-18 691696]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys
    [2009-07-13 48128]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 517
    92]
    S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2011-07-06 89376]
    S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 49028
    0]
    S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program
    files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [2011-06-22 196912]
    S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDevi
    ceInfoProvider.exe [2010-11-27 398176]
    S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.
    sys [2010-10-09 72576]
    S3 L1C;Controlador de minipuerto NDIS para controladora Ethernet Atheros AR8131/
    AR8132 PCI-E (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50
    688]
    S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7;c:\w
    indows\system32\DRIVERS\ts_athw.sys [2011-01-09 14:22 1629992]
    .
    .
    --- Other Services/Drivers In Memory --.
    *NewlyCreated* - ASWSNX
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1352276995-808599099-20
    34238897-1000Core.job
    - c:\users\Burbano\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-06 01:5
    1]
    .
    2012-03-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1352276995-808599099-20
    34238897-1000UA.job
    - c:\users\Burbano\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-06 01:5
    1]
    .
    .
    ------- Supplementary Scan ------.
    uStart Page = hxxp://www.google.com.co/
    IE: &Enviar a OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: Descargar con IDM - c:\program files\Internet Download Manager\IEExt.htm
    IE: Descargar con IDM todos los enlaces - c:\program files\Internet Download Ma
    nager\IEGetAll.htm
    IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
    LSP: %SystemRoot%\system32\PrxerDrv.dll
    FF - ProfilePath - c:\users\Burbano\AppData\Roaming\Mozilla\Firefox\Profiles\2ho
    f8ek9.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS REMOVED - - - .
    MSConfigStartUp-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSp

    yware.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS --------------------.
    [HKEY_USERS\S-1-5-21-1352276995-808599099-2034238897-1000_Classes\CLSID\{27243c5
    b-0f74-458a-9e5f-01b4ff328e03}]
    @Denied: (Full) (Everyone)
    @Allowed: (Read) (RestrictedCode)
    "Model"=dword:0000014a
    "Therad"=dword:00000010
    "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
    1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
    .
    [HKEY_USERS\S-1-5-21-1352276995-808599099-2034238897-1000_Classes\CLSID\{7B8E916
    4-324D-4A2E-A46D-0165FB2000EC}]
    @Denied: (Full) (Everyone)
    "scansk"=hex(0):9f,28,ef,6c,48,90,c2,65,c2,93,4a,ee,c6,33,da,31,ef,40,fd,81,06,
    00,63,27,38,20,13,fb,67,0e,4c,93,20,a8,4b,be,2a,4b,dc,14,00,00,00,00,00,00,\
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2012-03-02 18:04:56
    ComboFix-quarantined-files.txt 2012-03-02 23:04
    ComboFix2.txt 2011-10-28 14:44
    ComboFix3.txt 2011-09-03 21:28
    ComboFix4.txt 2011-09-03 21:11
    ComboFix5.txt 2012-03-02 22:22
    .
    Pre-Run: 9.885.032.448 bytes libres
    Post-Run: 10.380.439.552 bytes libres
    .
    - - End Of File - - CA29C0A46DA805759FE74E77255D4999

    Anda mungkin juga menyukai