Scribd
Upload
75 views5 pages

ComboFix Report for Windows 7

ComboFix is a utility that scans and repairs Windows systems. This summary reports on the scan results: 1. Various temporary files and folders were deleted, including browser cache files. 2. A list of new files created between November 4th and December 4th was provided, including Windows update files. 3. The scan found no severe issues, but some minor registry entries and drivers were reported that could potentially be improved or removed.

Uploaded by

《MATHEUS》 EDUARDO
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
75 views5 pages

ComboFix Report for Windows 7

ComboFix is a utility that scans and repairs Windows systems. This summary reports on the scan results: 1. Various temporary files and folders were deleted, including browser cache files. 2. A list of new files created between November 4th and December 4th was provided, including Windows update files. 3. The scan found no severe issues, but some minor registry entries and drivers were reported that could potentially be improved or removed.

Uploaded by

《MATHEUS》 EDUARDO
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 5

ComboFix 14-11-25.01 - User 04/12/2014 8:26.1.

2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.55.1046.18.3036.2181 [GMT -2:00]
Executando de: E:\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-
930FE358FC3C}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-
A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Criado um novo ponto de restaura��o
.
.
((((((((((((((((((((((((((((((((((((( Outras
Exclus�es )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Mega
Browse_iels
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-11-04 to 2014-12-
04 ))))))))))))))))))))))))))))
.
.
2014-12-04 10:33 . 2014-12-04 10:33 -------- d-----w- c:\users\User\AppData\
Local\temp
2014-12-04 10:33 . 2014-12-04 10:33 -------- d-----w- c:\users\Default\
AppData\Local\temp
2014-12-04 10:28 . 2014-12-04 10:28 62576 ----a-w- c:\programdata\Microsoft\
Windows Defender\Definition Updates\{14B25E71-89DB-4143-B52F-70FEF12EFA1C}\
offreg.dll
2014-12-04 10:13 . 2014-12-04 10:15 -------- d-----w- C:\AdwCleaner
2014-11-04 20:57 . 2014-11-04 20:57 -------- d-----w- c:\users\User\AppData\
Roaming\Birdstep Technology
2014-11-04 20:57 . 2014-11-04 20:57 -------- d-----w- c:\programdata\Birdstep
Technology
2014-11-04 20:56 . 2010-01-19 11:49 9216 ----a-w- c:\windows\system32\drivers\
massfilter.sys
2014-11-04 20:56 . 2014-11-04 20:56 -------- d-----w- c:\program files\
ZTE_1.2059.0.8
2014-11-04 20:56 . 2010-01-28 15:35 10240 ----a-w- c:\windows\system32\drivers\
mdvrmng.sys
2014-11-04 20:55 . 2014-11-04 20:55 -------- d-----w- c:\program files\3
Mobile Broadband
.
.
.
((((((((((((((((((((((((((((((((((((( Relat�rio
Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-03 17:53 . 2013-12-20 18:29 770784 ----a-w- c:\windows\system32\
drivers\aswSnx.sys
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do
Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e leg�timas por padr�o n�o s�o apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-22 15:51 121968 ----a-w- c:\program files\AVAST Software\Avast\
ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
[2006-10-27 31016]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2014-01-22 4858968]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\
IAStorIconLaunch.exe" [2013-03-22 36352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 HWDeviceService.exe;HWDeviceService.exe;c:\programdata\DatacardService\
HWDeviceService.exe [2011-03-14 271712]
R2 MaintainerSvc1.92.5302915;MaintainerSvc1.92.5302915;c:\programdata\ecbaef90-
5696-41e1-a1c3-3e8112ce2840\maintainer.exe [2014-12-03 123632]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21
162408]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\
ew_hwusbdev.sys [2010-07-27 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\
ew_usbenumfilter.sys [2010-03-20 11136]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-
11-24 95744]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys
[2011-11-24 27520]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys
[2012-01-05 192512]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\
massfilter.sys [2010-01-19 9216]
R3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\
netr73.sys [2009-07-13 545792]
S0 aswKbd;aswKbd; [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\
aswNdis.sys [2013-03-13 12112]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2013-03-22 541680]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2013-03-22 26608]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-01-22 66336]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\
afwServ.exe [2014-01-22 137960]
S2 BecHelperService;BecHelperService;c:\program files\3 Mobile Broadband\3Connect\
BecHelperService.exe [2010-01-28 1737464]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\
Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-03-22 15344]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\
RIconMan.exe [2012-09-13 1830544]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys
[2011-11-24 76544]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\
RtsBaStor.sys [2012-10-08 223376]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\
DRIVERS\rtwlane.sys [2013-01-28 1258208]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-
D564-463c-AFF1-A69D9E530F96}]
2014-10-30 22:43 1089352 ----a-w- c:\program files\Google\Chrome\
Application\38.0.2125.111\Installer\chrmstp.exe
.
Conte�do da pasta 'Tarefas Agendadas'
.
2014-12-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-66541730-3839838193-
3438097598-1000Core.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-22 17:22]
.
2014-12-02 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-66541730-3839838193-
3438097598-1000UA.job
- c:\users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-22 17:22]
.
2014-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-22 22:29]
.
2014-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-22 22:29]
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{18B3CCC6-7EE1-4361-A7E6-27EE431F33EE}: NameServer = 200.85.32.2
200.85.32.3
TCP: Interfaces\{7C93A4FE-2226-4B41-BC93-F8B3A51CFCE0}: NameServer = 200.85.32.2
200.85.32.3
TCP: Interfaces\{A428C0AC-F5EA-45BD-8B0F-2DBB3460EE12}: NameServer = 200.85.32.2
200.85.32.3
.
- - - - ORF�OS REMOVIDOS - - - -
.
Toolbar-10 - (no file)
AddRemove-WhatsApp Packages - c:\users\User\AppData\Roaming\0V1L2Z2Z1T1I1L1T\
WhatsApp Packages\uninstaller.exe
AddRemove-WhatsApp Plus 5.95D Packages - c:\users\User\AppData\Roaming\
0V1L2Z2Z1T1I1L1T\WhatsApp Plus 5.95D Packages\uninstaller.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\
FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\
Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\
LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\
TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-
0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-
0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-
0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclus�o: 2014-12-04 08:35:28
ComboFix-quarantined-files.txt 2014-12-04 10:35
.
Pr�-execu��o: 281.552.797.696 bytes dispon�veis
P�s execu��o: 283.331.633.152 bytes dispon�veis
.
- - End Of File - - 43ACE7384658DE7B3DEC09E3780F7E90
A36C5E4F47E84449FF07ED3517B43A31

You might also like