Scribd Logo
Upload

Welcome to Scribd!

  • Rapport

    Uploaded by

    Edvagno Cardoso Cardoso
    9 views4 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views4 pages

    Rapport

    Uploaded by

    Edvagno Cardoso Cardoso

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    SmitFraudFix v2.

    424
    Scan done at 19:49:03,83, 26/05/2013
    Run from C:\Users\xr2013\Downloads\SmitfraudFix\SmitfraudFix
    OS: Microsoft Windows [verso 6.1.7601] - Windows_NT
    The filesystem type is NTFS
    Fix run in normal mode
    Process
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\PROGRA~1\GbPlugin\GbpSv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\ABBYY FineReader 11\NetworkLicenseServer.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe
    C:\Windows\system32\NLSSRV32.EXE
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\HP\HP Software Update\hpwuschd2.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Unlocker\UnlockerAssistant.exe
    C:\Program Files\Everything\Everything.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Driver LM\lmservice.exe
    C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\sppsvc.exe
    C:\Users\xr2013\Downloads\SmitfraudFix\SmitfraudFix\Policies.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskhost.exe
    C:\Users\xr2013\Downloads\SmitfraudFix\SmitfraudFix\Policies.exe
    C:\Windows\system32\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    hosts
    C:\
    C:\Windows
    C:\Windows\system
    C:\Windows\Web
    C:\Windows\system32
    C:\Windows\system32\LogFiles
    C:\Users\xr2013
    C:\Users\xr2013\AppData\Local\Temp
    C:\Users\xr2013\Application Data
    Start Menu
    C:\Users\xr2013\FAVORI~1
    Desktop
    C:\Program Files
    Corrupted keys
    Desktop Components


    o4Patch
    !!!Attention, following keys are not inevitably infected!!!
    o4Patch
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri
    IEDFix
    !!!Attention, following keys are not inevitably infected!!!
    IEDFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri
    Agent.OMZ.Fix
    !!!Attention, following keys are not inevitably infected!!!
    Agent.OMZ.Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri
    VACFix
    !!!Attention, following keys are not inevitably infected!!!
    VACFix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri
    404Fix
    !!!Attention, following keys are not inevitably infected!!!
    404Fix
    Credits: Malware Analysis & Diagnostic
    Code: S!Ri
    Sharedtaskscheduler
    !!!Attention, following keys are not inevitably infected!!!
    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll
    AppInit_DLLs
    !!!Attention, following keys are not inevitably infected!!!
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "RequireSignedAppInit_DLLs"=dword:00000001
    Winlogon
    !!!Attention, following keys are not inevitably infected!!!
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "Userinit"="C:\\Windows\\system32\\userinit.exe,"
    RK
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "VMApplet"="SystemPropertiesPerformance.exe /pagefile"
    "System"=""
    DNS
    Description: Atheros L2 Fast Ethernet 10/100Base-T Controller
    DNS Server Search Order: 192.168.0.1
    HKLM\SYSTEM\CCS\Services\Tcpip\..\{5A78E2B0-96A6-446E-BFC5-AA9F0A72BA1C}: DhcpNa
    meServer=192.168.0.1
    HKLM\SYSTEM\CS1\Services\Tcpip\..\{5A78E2B0-96A6-446E-BFC5-AA9F0A72BA1C}: DhcpNa
    meServer=192.168.0.1
    HKLM\SYSTEM\CS2\Services\Tcpip\..\{5A78E2B0-96A6-446E-BFC5-AA9F0A72BA1C}: DhcpNa
    meServer=192.168.0.1
    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1
    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1
    HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1
    Scanning for wininet.dll infection
    End

    You might also like