Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Combo Fix

    Încărcat de

    Samira T Pyne
    79 vizualizări9 pagini

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Formate disponibile

    TXT, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    79 vizualizări9 pagini

    Combo Fix

    Încărcat de

    Samira T Pyne

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca TXT, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 9

    ComboFix 12-01-16.02 - samsung 22-01-2012 6:55.4.

    4 - x64
    Microsoft Windows 7 Home Basic 6.1.7601.1.1252.91.1033.18.2933.1574 [GMT 5.5:3
    0]
    Running from: c:\users\samsung\Downloads\Misc\Software DT 111229\Anti Virus\Root
    kit\puppy.exe
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    - REDUCED FUNCTIONALITY MODE .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))
    )))))))))))))))))))))))))))))
    .
    .
    c:\windows\system32\java.exe
    c:\windows\SysWow64\flcss.sys
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-12-22 to 2012-01-22 )))))))
    ))))))))))))))))))))))))
    .
    .
    2012-01-22 01:26 . 2012-01-22 01:26
    -------d-----wc:\windo
    ws\system32\config\systemprofile\AppData\Local\temp
    2012-01-22 01:26 . 2012-01-22 01:26
    -------d-----wc:\users
    \samsung\AppData\Local\temp
    2012-01-22 01:26 . 2012-01-22 01:26
    -------d-----wc:\users
    \Default\AppData\Local\temp
    2012-01-22 01:19 . 2012-01-22 01:19
    -------d-----wc:\progr
    am files\Registrar Registry Manager
    2012-01-22 01:19 . 2011-12-20 10:56
    25144 ----a-wc:\windows\syste
    m32\drivers\rspRegMon64.sys
    2012-01-21 17:22 . 2011-05-12 08:35
    18816 ------wc:\windows\SysWo
    w64\SAVRKBootTasks.sys
    2012-01-21 15:04 . 2011-05-12 08:33
    6144
    ------wc:\windows\syste
    m32\C13D.tmp
    2012-01-21 14:57 . 2011-05-12 08:33
    6144
    ------wc:\windows\syste
    m32\71B6.tmp
    2012-01-21 13:45 . 2012-01-21 14:07
    -------d-----wc:\users
    \samsung\AppData\Roaming\FreeFixer
    2012-01-21 13:45 . 2012-01-21 13:45
    -------d-----wc:\users
    \samsung\AppData\Local\FreeFixer
    2012-01-21 13:45 . 2012-01-21 13:45
    -------d-----wc:\progr
    am files\FreeFixer
    2012-01-21 06:55 . 2012-01-21 06:55
    -------d-----wc:\progr
    am files (x86)\NoVirusThanks
    2012-01-21 06:39 . 2012-01-21 13:26
    -------dc----wc:\windo
    ws\system32\DRVSTORE
    2012-01-21 06:09 . 2011-05-12 08:33
    6144
    ------wc:\windows\syste
    m32\4568.tmp
    2012-01-21 05:57 . 2011-05-04 06:06
    29752 ----a-wc:\windows\syste
    m32\drivers\rspSanity64.sys
    2012-01-21 05:57 . 2012-01-21 05:57
    -------d-----wc:\progr
    am files\SanityCheck
    2012-01-21 05:56 . 2012-01-21 05:56
    -------d-----wc:\progr
    am files\DispatchMon
    2012-01-21 05:56 . 2010-09-13 10:55
    20536 ----a-wc:\windows\syste
    m32\drivers\rspAux64.sys
    2012-01-21 05:55 . 2012-01-21 05:55
    -------d-----wc:\progr
    amdata\abelhadigital.com

    2012-01-21 05:55 . 2012-01-21 05:55


    -------d-----wc:\users
    \samsung\AppData\Roaming\abelhadigital.com
    2012-01-21 05:53 . 2009-11-13 06:38
    19512 ----a-wc:\windows\syste
    m32\drivers\rspmmfs64.sys
    2012-01-21 05:53 . 2012-01-21 05:53
    -------d-----wc:\progr
    am files\MultiMon
    2012-01-21 03:49 . 2012-01-21 03:49
    -------d-----wc:\users
    \samsung\AppData\Roaming\ParetoLogic
    2012-01-21 03:49 . 2012-01-21 05:45
    -------d-----wc:\progr
    amdata\ParetoLogic
    2012-01-21 03:49 . 2012-01-21 03:49
    -------d-----wc:\progr
    am files (x86)\ParetoLogic
    2012-01-21 03:46 . 2012-01-21 03:46
    -------d-----wc:\users
    \samsung\AppData\Roaming\SpeedyPC Software
    2012-01-21 03:46 . 2012-01-21 03:46
    -------d-----wc:\users
    \samsung\AppData\Roaming\DriverCure
    2012-01-21 03:45 . 2012-01-21 05:44
    -------d-----wc:\progr
    amdata\SpeedyPC Software
    2012-01-20 19:29 . 2012-01-20 19:29
    -------d-----wc:\users
    \samsung\AppData\Roaming\SUPERAntiSpyware.com
    2012-01-20 19:28 . 2012-01-20 19:36
    -------d-----wc:\progr
    am files\SUPERAntiSpyware
    2012-01-20 09:11 . 2012-01-20 09:11
    -------d-----wc:\progr
    am files (x86)\CleanUp!
    2012-01-20 09:07 . 2012-01-20 09:07
    -------d-----wc:\progr
    am files (x86)\Common Files\Adobe AIR
    2012-01-19 20:40 . 2012-01-19 20:40
    -------d-----wc:\windo
    ws\Microsoft Antimalware
    2012-01-19 18:45 . 2012-01-19 18:45
    287304 ----a-wc:\windows\syste
    m32\drivers\TrufosAlt.sys
    2012-01-19 17:57 . 2012-01-19 17:57
    750488 ----a-wc:\windows\syste
    m32\npdeployJava1.dll
    2012-01-19 17:57 . 2012-01-19 17:57
    660368 ----a-wc:\windows\syste
    m32\deployJava1.dll
    2012-01-19 17:57 . 2012-01-19 17:57
    -------d-----wc:\progr
    am files\Java
    2012-01-19 05:31 . 2012-01-19 05:31
    -------d-----wc:\windo
    ws\Windows Defender Offline
    2012-01-17 17:31 . 2012-01-17 17:31
    1152
    ----a-wc:\windows\SysWo
    w64\windrv.sys
    2012-01-16 04:24 . 2012-01-16 04:24
    -------d-----wc:\users
    \Default\AppData\Local\Power2Go
    2012-01-16 04:24 . 2012-01-16 04:24
    -------d-----wc:\users
    \Default\AppData\Roaming\CleanMyPC Software
    2012-01-16 04:22 . 2012-01-16 04:22
    -------d-sh--wc:\windo
    ws\SysWow64\%APPDATA%
    2012-01-15 18:23 . 2004-06-11 10:03
    290304 ----a-wC:\subinacl.exe
    2012-01-15 18:14 . 2012-01-15 18:14
    -------d-----wc:\users
    \samsung\AppData\Local\WindowsUpdate
    2012-01-15 18:02 . 2012-01-15 18:02
    -------d-----wc:\users
    \samsung\AppData\Local\Secunia PSI
    2012-01-15 18:01 . 2012-01-15 18:01
    -------d-----wc:\progr
    am files (x86)\Secunia
    2012-01-15 17:43 . 2012-01-15 17:43
    16200 ----a-wc:\windows\sting
    er.sys
    2012-01-15 16:43 . 2012-01-15 16:43
    -------d-----rC:\comme
    nt.htt
    2012-01-15 16:38 . 2012-01-15 16:38
    39192 ----a-wc:\windows\syste
    m32\Partizan.exe
    2012-01-15 16:37 . 2012-01-15 16:37
    2
    --shatrc:\windows\winst

    art.bat
    2012-01-15 16:37 . 2012-01-16 04:40
    -------d-----wc:\progr
    am files (x86)\UnHackMe
    2012-01-15 16:05 . 2012-01-15 16:05
    0
    ----a-wc:\windows\SysWo
    w64\shoCEE3.tmp
    2012-01-15 15:57 . 2011-05-12 08:33
    6144
    ------wc:\windows\syste
    m32\1979.tmp
    2012-01-15 15:00 . 2011-05-12 08:33
    6144
    ------wc:\windows\syste
    m32\2CBC.tmp
    2012-01-15 14:57 . 2011-05-12 08:33
    6144
    ------wc:\windows\syste
    m32\8140.tmp
    2012-01-15 14:57 . 2012-01-21 06:09
    -------d-----wc:\progr
    am files (x86)\Sophos
    2012-01-15 08:41 . 2012-01-22 01:10
    -------d-----wc:\windo
    ws\SysWow64\wbem\Performance
    2012-01-15 08:40 . 2012-01-22 01:12
    181064 ----a-wc:\windows\PSEXE
    SVC.EXE
    2012-01-15 05:28 . 2012-01-15 09:12
    -------d-----wc:\users
    \AppData
    2012-01-14 19:52 . 2012-01-14 19:52
    0
    ----a-wc:\windows\SysWo
    w64\shoFA65.tmp
    2012-01-14 19:51 . 2012-01-21 09:23
    12872 ----a-wc:\windows\syste
    m32\bootdelete.exe
    2012-01-14 19:34 . 2012-01-21 23:42
    25160 ----a-wc:\windows\syste
    m32\drivers\hitmanpro36.sys
    2012-01-14 19:33 . 2012-01-21 09:12
    -------d-----wc:\progr
    am files\HitmanPro
    2012-01-14 19:33 . 2012-01-14 19:51
    -------d-----wc:\progr
    amdata\HitmanPro
    2012-01-14 18:16 . 2012-01-14 18:24
    -------d-----wc:\progr
    am files (x86)\Malwarebytes' Anti-Malware
    2012-01-14 15:52 . 2012-01-14 15:52
    -------d-----wc:\users
    \samsung\AppData\Roaming\HPAppData
    2012-01-11 04:31 . 2011-10-26 05:25
    1572864 ----a-wc:\windows\syste
    m32\quartz.dll
    2012-01-11 04:31 . 2011-10-26 05:25
    366592 ----a-wc:\windows\syste
    m32\qdvd.dll
    2012-01-11 04:31 . 2011-10-26 04:32
    514560 ----a-wc:\windows\SysWo
    w64\qdvd.dll
    2012-01-11 04:31 . 2011-10-26 04:32
    1328128 ----a-wc:\windows\SysWo
    w64\quartz.dll
    2012-01-11 04:31 . 2011-11-19 14:58
    77312 ----a-wc:\windows\syste
    m32\packager.dll
    2012-01-11 04:31 . 2011-11-19 14:01
    67072 ----a-wc:\windows\SysWo
    w64\packager.dll
    2012-01-11 04:31 . 2011-11-17 06:41
    1731920 ----a-wc:\windows\syste
    m32\ntdll.dll
    2012-01-11 04:31 . 2011-11-17 05:38
    1292080 ----a-wc:\windows\SysWo
    w64\ntdll.dll
    2012-01-09 04:20 . 2012-01-09 04:20
    43992 ----a-wc:\program files
    (x86)\Mozilla Firefox\mozutils.dll
    2012-01-09 04:20 . 2012-01-09 04:20
    479232 ----a-wc:\program files
    (x86)\Mozilla Firefox\msvcm80.dll
    2012-01-09 04:20 . 2012-01-09 04:20
    626688 ----a-wc:\program files
    (x86)\Mozilla Firefox\msvcr80.dll
    2012-01-09 04:20 . 2012-01-09 04:20
    548864 ----a-wc:\program files
    (x86)\Mozilla Firefox\msvcp80.dll
    2012-01-08 15:50 . 2012-01-08 15:50
    -------d-----wc:\users
    \samsung\AppData\Local\Evernote
    2012-01-08 15:50 . 2012-01-08 15:50
    -------d-----wc:\progr

    am files (x86)\Evernote
    2012-01-08 14:39 . 2012-01-09 15:45
    -------d-----wc:\users
    \samsung\AppData\Roaming\Dropbox
    2011-12-28 14:59 . 2009-02-24 13:05
    255552 ----a-wc:\windows\SysWo
    w64\drivers\mcdbus.sys
    2011-12-28 14:59 . 2009-02-24 13:05
    255552 ----a-wc:\windows\syste
    m32\drivers\mcdbus.sys
    2011-12-28 14:59 . 2011-12-28 15:00
    -------d-----wc:\progr
    am files (x86)\MagicDisc
    2011-12-27 19:07 . 2011-12-27 19:07
    -------d-----wc:\progr
    am files (x86)\Common Files\EZB Systems
    2011-12-27 19:07 . 2011-12-27 19:07
    -------d-----wc:\progr
    am files (x86)\UltraISO
    2011-12-27 15:16 . 2011-12-28 19:20
    -------d-----wC:\pebui
    lder3110a
    2011-12-26 10:24 . 2011-12-26 10:24
    -------d-----wc:\users
    \samsung\AppData\Roaming\WildTangent
    2011-12-24 04:21 . 2011-12-27 17:08
    -------d-----wc:\users
    \samsung\AppData\Local\Conduit
    2011-12-24 04:17 . 2012-01-21 05:42
    -------d-----wc:\progr
    am files (x86)\uTorrent
    2011-12-24 04:16 . 2012-01-22 01:24
    -------d-----wc:\users
    \samsung\AppData\Roaming\uTorrent
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
    )))))))))))))))))))))))))))))))
    .
    2012-01-15 18:12 . 2011-08-19 17:02
    404640 ----a-wc:\windows\SysWo
    w64\FlashPlayerCPLApp.cpl
    2011-12-10 09:54 . 2011-10-20 13:46
    23152 ----a-wc:\windows\syste
    m32\drivers\mbam.sys
    2011-11-24 04:52 . 2011-12-14 14:04
    3145216 ----a-wc:\windows\syste
    m32\win32k.sys
    2011-11-15 08:59 . 2010-11-21 03:27
    270720 ------wc:\windows\syste
    m32\MpSigStub.exe
    2011-11-05 05:32 . 2011-12-14 14:04
    2048
    ----a-wc:\windows\syste
    m32\tzres.dll
    2011-11-05 04:26 . 2011-12-14 14:04
    2048
    ----a-wc:\windows\SysWo
    w64\tzres.dll
    2011-11-04 01:53 . 2011-12-14 14:53
    2309120 ----a-wc:\windows\syste
    m32\jscript9.dll
    2011-11-04 01:44 . 2011-12-14 14:53
    1390080 ----a-wc:\windows\syste
    m32\wininet.dll
    2011-11-04 01:44 . 2011-12-14 14:53
    1493504 ----a-wc:\windows\syste
    m32\inetcpl.cpl
    2011-11-04 01:34 . 2011-12-14 14:53
    2382848 ----a-wc:\windows\syste
    m32\mshtml.tlb
    2011-11-03 22:47 . 2011-12-14 14:53
    1798144 ----a-wc:\windows\SysWo
    w64\jscript9.dll
    2011-11-03 22:40 . 2011-12-14 14:53
    1427456 ----a-wc:\windows\SysWo
    w64\inetcpl.cpl
    2011-11-03 22:39 . 2011-12-14 14:53
    1127424 ----a-wc:\windows\SysWo
    w64\wininet.dll
    2011-11-03 22:31 . 2011-12-14 14:53
    2382848 ----a-wc:\windows\SysWo
    w64\mshtml.tlb
    2011-10-26 05:21 . 2011-12-14 14:09
    43520 ----a-wc:\windows\syste
    m32\csrsrv.dll
    .

    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))
    )))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explor
    er\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-12-05 19:17
    94208 ----a-wc:\users\samsung\AppData\Roaming
    \Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explor
    er\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-12-05 19:17
    94208 ----a-wc:\users\samsung\AppData\Roaming
    \Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explor
    er\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-12-05 19:17
    94208 ----a-wc:\users\samsung\AppData\Roaming
    \Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explor
    er\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2011-12-05 19:17
    94208 ----a-wc:\users\samsung\AppData\Roaming
    \Dropbox\bin\DropboxExt.14.dll
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2011-1014 291896]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages
    REG_MULTI_SZ
    kerberos msv1_0 schannel wdigest tspkg p
    ku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Start
    up^Bluetooth.lnk]
    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
    backup=c:\windows\pss\Bluetooth.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Start

    up^Secunia PSI Tray.lnk]


    path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tr
    ay.lnk
    backup=c:\windows\pss\Secunia PSI Tray.lnkCommon Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe AR
    M^32*Registry: HKLM:RUN]
    2012-01-03 07:37
    843712 ----a-wc:\program files (x86)\Common Fi
    les\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMo
    nitor^32*Registry: HKLM:RUN]
    2009-02-26 13:06
    30040 ----a-wc:\program files (x86)\Microsoft
    Office\Office12\GrooveMonitor.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwareb
    ytes' Anti-Malware^32*Registry: HKLM:RUN]
    2011-12-24 12:20
    460872 ----a-wc:\program files (x86)\Malwareby
    tes' Anti-Malware\mbamgui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAnt
    iSpyware^Registry: HKCU:RUN]
    2012-01-20 19:36
    5486464 ----a-wc:\program files\SUPERAntiSpywar
    e\SUPERANTISPYWARE.EXE
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c
    :\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c
    :\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 KLAntiFL;KLAntiFL;c:\windows\system32\flcss.sys [x]
    R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.
    EXE [2011-03-01 183560]
    R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\iv
    usb.sys [x]
    R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\C13D.tmp [x]
    R3 MMPSY;MMPSY;c:\users\samsung\AppData\Local\Temp\mmpsy64.sys [x]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Mic
    rosoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
    R3 rspAux;rspAux;c:\windows\system32\DRIVERS\rspAux64.sys [x]
    R3 rspMMFS;rspMMFS;c:\windows\system32\DRIVERS\rspmmfs64.sys [x]
    R3 rspRegMon;rspRegMon;c:\windows\system32\DRIVERS\rspRegMon64.sys [x]
    R3 rspSanity;rspSanity;c:\windows\system32\DRIVERS\rspSanity64.sys [x]
    R3 Samsung UPD Service;Samsung UPD Service; [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD
    .sys [x]
    R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Fi
    les\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
    R4 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.e
    xe [2011-10-14 994360]
    R4 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\
    sua.exe [2011-10-14 399416]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Window
    s Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 SMR210;Symantec SMR Utility Service 2.1.0;c:\windows\System32\drivers\SMR210.
    SYS [x]
    S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys
    [x]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-2

    2 14928]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-1
    2 12368]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys
    [x]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [20
    11-08-11 140672]
    S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Micr
    osoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.ex
    e [2012-01-21 105800]
    S2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\system32\DRIVERS\kmdfmemio.sys [20
    11-09-04 18960]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mba
    mservice.exe [2011-12-24 652872]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Ap
    plication Virtualization Client\sftlist.exe [2010-09-14 508264]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\p
    rogram files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010
    -07-01 2533400]
    S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
    S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [
    x]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI
    x64.sys [x]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
    S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Micros
    oft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\v
    wifimp.sys [x]
    .
    .
    --- Other Services/Drivers In Memory --.
    *NewlyCreated* - PROCEXP141
    *NewlyCreated* - RSPREGMON
    *Deregistered* - PROCEXP141
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svc
    host]
    hpdevmgmt
    REG_MULTI_SZ
    hpqcxs08 hpqddsvc
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4159056799-3255372684-2
    273463947-1000Core.job
    - c:\users\samsung\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-19 17:3
    3]
    .
    2012-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4159056799-3255372684-2
    273463947-1000UA.job

    - c:\users\samsung\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-19 17:3


    3]
    .
    .
    --------- x86-64 ----------.
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
    overlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2011-12-05 19:17
    97792 ----a-wc:\users\samsung\AppData\Roaming
    \Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
    overlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2011-12-05 19:17
    97792 ----a-wc:\users\samsung\AppData\Roaming
    \Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
    overlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2011-12-05 19:17
    97792 ----a-wc:\users\samsung\AppData\Roaming
    \Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
    overlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2011-12-05 19:17
    97792 ----a-wc:\users\samsung\AppData\Roaming
    \Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 1166090
    4]
    .
    ------- Supplementary Scan ------.
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://samsung.msn.com
    mLocal Page = c:\windows\system32\blank.htm
    IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evern
    ote\Evernote\EvernoteIE.dll/204
    IE: {{328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F
    681} - c:\program files\Samsung AnyWeb Print\W2PBrowser.dll
    TCP: DhcpNameServer = 109.74.196.50 109.74.196.50
    CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dl
    l
    FF - ProfilePath - c:\users\samsung\AppData\Roaming\Mozilla\Firefox\Profiles\2oy
    sj1qg.default\
    FF - prefs.js: keyword.URL - hxxp://search.hotspotshield.com/g/results.php?c=s&q
    =
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS REMOVED - - - .
    Toolbar-Locked - (no file)

    Notify-igfxcui - (no file)


    SafeBoot-80551303.sys
    Toolbar-Locked - (no file)
    HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]
    "ImagePath"="\??\c:\windows\system32\C13D.tmp"
    .
    --------------------- LOCKED REGISTRY KEYS --------------------.
    [HKEY_USERS\S-1-5-21-4159056799-3255372684-2273463947-1000\Software\Microsoft\Wi
    ndows\CurrentVersion\Explorer\FileExts\.*Z _:'* V-M|%0 W a a{/ * !j]
    @Class="Shell"
    @Allowed: (Read) (RestrictedCode)
    .
    [HKEY_USERS\S-1-5-21-4159056799-3255372684-2273463947-1000\Software\Microsoft\Wi
    ndows\CurrentVersion\Explorer\FileExts\.*Z _:'* V-M|%0 W a a{/ * !j\OpenWithList]
    @Class="Shell"
    "a"="vlc.exe"
    "MRUList"="a"
    .
    Completion time: 2012-01-22 06:58:38
    ComboFix-quarantined-files.txt 2012-01-22 01:28
    .
    Pre-Run: 60,069,986,304 bytes free
    Post-Run: 59,648,831,488 bytes free
    .
    - - End Of File - - C610BC70076E33713E89216AB6DB3755

    S-ar putea să vă placă și