Nothing Special   »   [go: up one dir, main page]
Scribd Logo
Upload

Welcome to Scribd!

  • 22 views

    Combo Fix

    Uploaded by

    《MATHEUS》 EDUARDO
    ComboFix is a utility that scans and repairs Windows systems. This summary reports on the scan results: 1. Various temporary files and folders were deleted, including browser cache files. 2. A list of new files created between November 4th and December 4th was provided, including Windows update files. 3. The scan found no severe issues, but some minor registry entries and drivers were reported that could potentially be improved or removed.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd

    Combo Fix

    Uploaded by

    《MATHEUS》 EDUARDO
    22 views5 pages
    ComboFix is a utility that scans and repairs Windows systems. This summary reports on the scan results: 1. Various temporary files and folders were deleted, including browser cache files. 2. A list of new files created between November 4th and December 4th was provided, including Windows update files. 3. The scan found no severe issues, but some minor registry entries and drivers were reported that could potentially be improved or removed.

    Original Description:

    Original Title

    ComboFix.txt

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    ComboFix is a utility that scans and repairs Windows systems. This summary reports on the scan results: 1. Various temporary files and folders were deleted, including browser cache files. 2. A list of new files created between November 4th and December 4th was provided, including Windows update files. 3. The scan found no severe issues, but some minor registry entries and drivers were reported that could potentially be improved or removed.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    22 views5 pages

    Combo Fix

    Uploaded by

    《MATHEUS》 EDUARDO
    ComboFix is a utility that scans and repairs Windows systems. This summary reports on the scan results: 1. Various temporary files and folders were deleted, including browser cache files. 2. A list of new files created between November 4th and December 4th was provided, including Windows update files. 3. The scan found no severe issues, but some minor registry entries and drivers were reported that could potentially be improved or removed.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    of 5

    ComboFix 14-11-25.01 - User 04/12/2014 8:26.1.

    2 - x86
    Microsoft Windows 7 Professional 6.1.7600.0.1252.55.1046.18.3036.2181 [GMT -2:00]
    Executando de: E:\ComboFix.exe
    AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-
    930FE358FC3C}
    FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
    SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-
    A87D98DFB681}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Criado um novo ponto de restaura��o
    .
    .
    ((((((((((((((((((((((((((((((((((((( Outras
    Exclus�es )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Mega
    Browse_iels
    .
    .
    (((((((((((((((( Arquivos/Ficheiros criados de 2014-11-04 to 2014-12-
    04 ))))))))))))))))))))))))))))
    .
    .
    2014-12-04 10:33 . 2014-12-04 10:33 -------- d-----w- c:\users\User\AppData\
    Local\temp
    2014-12-04 10:33 . 2014-12-04 10:33 -------- d-----w- c:\users\Default\
    AppData\Local\temp
    2014-12-04 10:28 . 2014-12-04 10:28 62576 ----a-w- c:\programdata\Microsoft\
    Windows Defender\Definition Updates\{14B25E71-89DB-4143-B52F-70FEF12EFA1C}\
    offreg.dll
    2014-12-04 10:13 . 2014-12-04 10:15 -------- d-----w- C:\AdwCleaner
    2014-11-04 20:57 . 2014-11-04 20:57 -------- d-----w- c:\users\User\AppData\
    Roaming\Birdstep Technology
    2014-11-04 20:57 . 2014-11-04 20:57 -------- d-----w- c:\programdata\Birdstep
    Technology
    2014-11-04 20:56 . 2010-01-19 11:49 9216 ----a-w- c:\windows\system32\drivers\
    massfilter.sys
    2014-11-04 20:56 . 2014-11-04 20:56 -------- d-----w- c:\program files\
    ZTE_1.2059.0.8
    2014-11-04 20:56 . 2010-01-28 15:35 10240 ----a-w- c:\windows\system32\drivers\
    mdvrmng.sys
    2014-11-04 20:55 . 2014-11-04 20:55 -------- d-----w- c:\program files\3
    Mobile Broadband
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((( Relat�rio
    Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-12-03 17:53 . 2013-12-20 18:29 770784 ----a-w- c:\windows\system32\
    drivers\aswSnx.sys
    .
    .
    (((((((((((((((((((((((((( Pontos de Carregamento do
    Registro )))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e leg�timas por padr�o n�o s�o apresentadas.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\
    shelliconoverlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2014-01-22 15:51 121968 ----a-w- c:\program files\AVAST Software\Avast\
    ashShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
    [2006-10-27 31016]
    "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2014-01-22 4858968]
    "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\
    IAStorIconLaunch.exe" [2013-03-22 36352]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\
    HWDeviceService.exe [2011-03-14 271712]
    R2 MaintainerSvc1.92.5302915;MaintainerSvc1.92.5302915;c:\programdata\ecbaef90-
    5696-41e1-a1c3-3e8112ce2840\maintainer.exe [2014-12-03 123632]
    R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21
    162408]
    R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\
    ew_hwusbdev.sys [2010-07-27 102784]
    R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\
    ew_usbenumfilter.sys [2010-03-20 11136]
    R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-
    11-24 95744]
    R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys
    [2011-11-24 27520]
    R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys
    [2012-01-05 192512]
    R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\
    massfilter.sys [2010-01-19 9216]
    R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\
    netr73.sys [2009-07-13 545792]
    S0 aswKbd;aswKbd; [x]
    S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\
    aswNdis.sys [2013-03-13 12112]
    S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
    S0 aswRvrt;aswRvrt; [x]
    S0 aswVmm;aswVmm; [x]
    S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2013-03-22 541680]
    S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2013-03-22 26608]
    S1 aswFW;avast! TDI Firewall driver; [x]
    S1 aswSnx;aswSnx; [x]
    S1 aswSP;aswSP; [x]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-01-22 66336]
    S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\
    afwServ.exe [2014-01-22 137960]
    S2 BecHelperService;BecHelperService;c:\program files\3 Mobile Broadband\3Connect\
    BecHelperService.exe [2010-01-28 1737464]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\
    Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-03-22 15344]
    S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\
    RIconMan.exe [2012-09-13 1830544]
    S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys
    [2011-11-24 76544]
    S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\
    RtsBaStor.sys [2012-10-08 223376]
    S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\
    DRIVERS\rtwlane.sys [2013-01-28 1258208]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-
    D564-463c-AFF1-A69D9E530F96}]
    2014-10-30 22:43 1089352 ----a-w- c:\program files\Google\Chrome\
    Application\38.0.2125.111\Installer\chrmstp.exe
    .
    Conte�do da pasta 'Tarefas Agendadas'
    .
    2014-12-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-66541730-3839838193-
    3438097598-1000Core.job
    - c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-22 17:22]
    .
    2014-12-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-66541730-3839838193-
    3438097598-1000UA.job
    - c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-22 17:22]
    .
    2014-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2014-07-22 22:29]
    .
    2014-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2014-07-22 22:29]
    .
    .
    ------- Scan Suplementar -------
    .
    uStart Page = hxxp://www.google.com
    IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
    TCP: Interfaces\{18B3CCC6-7EE1-4361-A7E6-27EE431F33EE}: NameServer = 200.85.32.2
    200.85.32.3
    TCP: Interfaces\{7C93A4FE-2226-4B41-BC93-F8B3A51CFCE0}: NameServer = 200.85.32.2
    200.85.32.3
    TCP: Interfaces\{A428C0AC-F5EA-45BD-8B0F-2DBB3460EE12}: NameServer = 200.85.32.2
    200.85.32.3
    .
    - - - - ORF�OS REMOVIDOS - - - -
    .
    Toolbar-10 - (no file)
    AddRemove-WhatsApp Packages - c:\users\User\AppData\Roaming\0V1L2Z2Z1T1I1L1T\
    WhatsApp Packages\uninstaller.exe
    AddRemove-WhatsApp Plus 5.95D Packages - c:\users\User\AppData\Roaming\
    0V1L2Z2Z1T1I1L1T\WhatsApp Plus 5.95D Packages\uninstaller.exe
    .
    .
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\
    FlashUtil32_11_9_900_170_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\
    Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\
    LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\
    TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-
    0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-
    0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-
    0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
    08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
    08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
    08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
    08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
    08002BE10318}\0004\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Tempo para conclus�o: 2014-12-04 08:35:28
    ComboFix-quarantined-files.txt 2014-12-04 10:35
    .
    Pr�-execu��o: 281.552.797.696 bytes dispon�veis
    P�s execu��o: 283.331.633.152 bytes dispon�veis
    .
    - - End Of File - - 43ACE7384658DE7B3DEC09E3780F7E90
    A36C5E4F47E84449FF07ED3517B43A31

    You might also like