Combo Fix

ComboFix 11-04-16.01 - Pc-cyber 17/04/2011 2:18.1.
2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.34.3082.18.2045.1712 [GMT -5:
00]
Running from: c:\documents and settings\Pc-cyber\Mis documentos\Downloads\ComboF
ix.exe
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((( Files Created from 2011-03-17 to 2011-04-17 )))))))
))))))))))))))))))))))))
.
.
2011-04-17 06:15 . 2011-04-17 06:16
-------d-----wC:\d263c
05cb32a3b56446de4
2011-04-16 01:45 . 2011-04-16 01:45
-------d-----wC:\Riot
Games
2011-04-16 01:41 . 2011-04-16 01:41
-------d-----wC:\SEED9
2011-04-16 01:07 . 2011-04-16 01:07
-------d-----wC:\Game
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
)))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))
)))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\archivos de programa\Winamp Toolba
r\winamptb.dll" [2011-03-11 1373512]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\archivos de programa\Windows Live\Messenger\msnmsgr.exe" [2010-0417 3872080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\archivos de programa\Archivos comunes\Java\Java Update\
jusched.exe" [2010-10-29 249064]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-20 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe AR
M]
2010-11-15 19:02
932288 ----a-wc:\archivos de programa\Archivos
comunes\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Re
ader Speed Launcher]

2011-01-30 15:45
35736 ----a-wc:\archivos de programa\Adobe\Re
ader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2009-12-08 03:29
64032 ----a-wc:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
2009-12-08 03:29
2815520 ----a-wc:\windows\ALCWZRD.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.E
XE]
2004-08-20 12:00
15360 ----a-wc:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F.lux]
2009-08-29 06:00
966656 ----a-wc:\documents and settings\Pc-cyb
er\Local Settings\Apps\F.lux\flux.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google U
pdate]
2011-04-16 00:46
136176 ----atwc:\documents and settings\Pc-cyb
er\Configuracin local\Datos de programa\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMo
nitor]
2006-10-26 22:47
31016 ----a-wc:\archivos de programa\Microsof
t Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2009-12-08 03:29
18789920
----a-wc:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan
]
2009-12-08 03:29
84512 ----a-wc:\windows\SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
]
2009-04-28 19:25
61440 ----a-wc:\archivos de programa\ATI Tech
nologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAg
ent]
2010-11-30 13:19
74752 ----a-wc:\archivos de programa\Winamp\w
inampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authoriz
edApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Archivos de programa\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Archivos de programa\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Archivos de programa\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Archivos de programa\\Skype\\Phone\\Skype.exe"=
"c:\\Archivos de programa\\Winamp\\winamp.exe"=
"c:\\Archivos de programa\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Archivos de programa\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Game\\SoftnyxGame\\GunboundLS\\NyxLauncher.exe"=
"c:\\Game\\SoftnyxGame\\GunboundLS\\GunBound.gme"=
"c:\\Riot Games\\League of Legends\\air\\LolClient.exe"=

"c:\\Riot Games\\League of Legends\\game\\League of Legends.exe"=
"c:\\Archivos de programa\\Softnyx\\RakionLS\\Bin\\rakion.bin"=
"d:\\Juegos\\Half-Life\\hl.exe"=
"d:\\Juegos\\Left 4 Dead 2\\left4dead2.exe"=
"c:\\Archivos de programa\\Counter-Strike 1.6\\hl.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Globally
OpenPorts\List]
"8381:TCP"= 8381:TCP:League of Legends Launcher
"8381:UDP"= 8381:UDP:League of Legends Launcher
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15/04/2011 07:48 p.m. 721904]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [15/04/2011 08:35
p.m. 22504]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [15/04/2011 12:28 p.m
. 1691480]
S3 apf001;apf001;c:\windows\system32\apf001.sys [15/04/2011 08:48 p.m. 10872]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\archivos de programa\Garena\safedrv.sys -> c:\archivos de programa\Garena\safedrv.sys [?]
S3 PciCon;PciCon;\??\e:\pcicon.sys --> e:\PciCon.sys [?]
S3 XDva383;XDva383;\??\c:\windows\system32\XDva383.sys --> c:\windows\system32\X
Dva383.sys [?]
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan ------.
uStart Page = hxxp://www.google.com/
IE: E&xportar a Microsoft Excel - c:\archiv~1\MICROS~2\Office12\EXCEL.EXE/3000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/
/www.gmer.net
Rootkit scan 2011-04-17 02:20
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS --------------------.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E
}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX
.exe,-101"
.
}\Elevation]
"Enabled"=dword:00000001
.
}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6A
F30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
F30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
F30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes --------------------.
- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2011-04-17 02:20:57
ComboFix-quarantined-files.txt 2011-04-17 07:20
.
Pre-Run: 65,230,716,928 bytes libres
Post-Run: 65,943,654,400 bytes libres
.
- - End Of File - - 8391CAC54E0A9D73E4D3DFB631D24359

Combo Fix

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Combo Fix

Hochgeladen von

Copyright:

Verfügbare Formate

ComboFix 11-04-16.01 - Pc-cyber 17/04/2011 2:18.1.

ader Speed Launcher]

"c:\\Riot Games\\League of Legends\\air\\LolClient.exe"=

Das könnte Ihnen auch gefallen