Scribd
Upload
188 views5 pages

At Destroyer

This document provides a summary of the system scan results from the AT-Destroyer malware removal tool. It lists various system settings, programs, folders, files and registry keys that were scanned and identifies any suspicious or infected items. Potential issues were found related to Babylon toolbar, generic malware in a temporary file, and Firefox and Chrome extensions. The system information includes the operating system, user, language and programs installed.

Uploaded by

Ricardo Lavado Palomino
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
188 views5 pages

At Destroyer

This document provides a summary of the system scan results from the AT-Destroyer malware removal tool. It lists various system settings, programs, folders, files and registry keys that were scanned and identifies any suspicious or infected items. Potential issues were found related to Babylon toolbar, generic malware in a temporary file, and Firefox and Chrome extensions. The system information includes the operating system, user, language and programs installed.

Uploaded by

Ricardo Lavado Palomino
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 5

######################## AT-Destroyer [2.1] By Infospyware.

Hora/Da/Mes/Ao: 14:44:59 \\\ 12/02/2013


AT-Destroyer 2.1 By Infospyware ---> www.infospyware.com
ltima actualizacin: 30/11/2012
Opcin escogida: 2 :Buscar y Destruir
Versin Internet Explorer:9.0.8112.16421
Google Chrome:24.0.1312.57
Privilegios: Riky - Administrador
Modo Actual: Modo Normal.
Nombre del pc: RIKY-PC
Informacin del sistema operativo:X64-WIN_7nombre del usuario:Riky
Lenguaje del sistema: Espaol

>>>>>>> Servicios <<<<<<<

>>>>>> Carpetas <<<<<<


C:\Users\Riky\AppData\Roaming\Babylon\log_file.txt
(W32/PND.Babylon Toolbar)
C:\Users\Riky\AppData\Roaming\Babylon
(W32/PND.Babylon Toolbar)
>>>>>> Archivos <<<<<<

>>>>>> Registro <<<<<<


HKEY_CURRENT_USER\Software\DataMngr
HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D
776-472f-A0FF-E1416B8B2E3A}
>>>>>> Heurstica <<<<<<
C:\Program Files (x86)\GUTAAB.tmp

(Heur malware.win32.generic)

>>>>>> Internet Explorer <<<<<<


Start Page==www.google.com
Local Page==C:\Windows\SysWOW64\blank.htm
Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157
''HKCU\Software\Microsoft\Internet Explorer\Main''
Start Page==www.google.com
Local Page==C:\Windows\system32\blank.htm
Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
Default_search_url==
Default_Page_URL==

HKEY_USERS\S-1-5-21-2359905182-563309414-1325469490-1000\Software\Microsoft\Inte
rnet Explorer\Main''
Start Page==www.google.com
Local Page==C:\Windows\system32\blank.htm
Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
Default_search_url==
Default_Page_URL==
>>>>>> Extensiones Firefox <<<<<<

>>>>>> Plugins Firefox <<<<<<


HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.13.2
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14
.0
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.
0
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;versi
on=3
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;versi
on=9
>>>>>> Google Chrome <<<<<<
"homepage": "http://www.google.com/",
"homepage_changed": true,
"homepage_is_newtabpage": false,
>>>>>> Extensiones Google Chrome <<<<<<
C:\Users\Riky\AppData\Local\Google\Chrome\User
C:\Users\Riky\AppData\Local\Google\Chrome\User
emlojlhccbcpcfflicgnaak
C:\Users\Riky\AppData\Local\Google\Chrome\User
afgjchaibgeefbgmgeghloj
C:\Users\Riky\AppData\Local\Google\Chrome\User
lieiainnegkcijnfilokake
C:\Users\Riky\AppData\Local\Google\Chrome\User
ahabafndbhieahigkjlhalf
C:\Users\Riky\AppData\Local\Google\Chrome\User
kmgnkcojhhkbfbldkacnbeo
C:\Users\Riky\AppData\Local\Google\Chrome\User
ojjbcpkihigfmkojdmmimdf
C:\Users\Riky\AppData\Local\Google\Chrome\User
ehcpndgmcddkkdhibpoglnk
C:\Users\Riky\AppData\Local\Google\Chrome\User
ikkiipiblmjeljniedjpjpf
C:\Users\Riky\AppData\Local\Google\Chrome\User
bajpcmmoheippocdidnckmm
C:\Users\Riky\AppData\Local\Google\Chrome\User
hgpcfagfpfjgoomddhccfgh
C:\Users\Riky\AppData\Local\Google\Chrome\User
dcephpbdjmipnffpjfgpbab
C:\Users\Riky\AppData\Local\Google\Chrome\User
bklfepjocnamgkkbiglidom

Data\Default\Extensions\19
Data\Default\Extensions\agoenciog
Data\Default\Extensions\aknpkdffa
Data\Default\Extensions\aohghmigh
Data\Default\Extensions\apdfllcka
Data\Default\Extensions\blpcfgoka
Data\Default\Extensions\bpegkgagf
Data\Default\Extensions\cdoinklel
Data\Default\Extensions\coobgpoho
Data\Default\Extensions\dlppkpafh
Data\Default\Extensions\ehgldbbpc
Data\Default\Extensions\eoghbkpob
Data\Default\Extensions\gighmmpio

C:\Users\Riky\AppData\Local\Google\Chrome\User
hhcknnbdgnnmjhiladcgbol
C:\Users\Riky\AppData\Local\Google\Chrome\User
dijkpnocmklfnjbeapigfbh
C:\Users\Riky\AppData\Local\Google\Chrome\User
lcalbenfhnacjeocbjdonic
C:\Users\Riky\AppData\Local\Google\Chrome\User
lhjiclaoiiifmheknpccalb
C:\Users\Riky\AppData\Local\Google\Chrome\User
mpklohkojmllohdhomoefph
C:\Users\Riky\AppData\Local\Google\Chrome\User
igkkhedgjedmffdepgmpfil
C:\Users\Riky\AppData\Local\Google\Chrome\User
cpnkpknbcohdijeoejaedia

Data\Default\Extensions\lbfehkoin
Data\Default\Extensions\lneaknkop
Data\Default\Extensions\oehpjpccm
Data\Default\Extensions\opnbmdkdf
Data\Default\Extensions\pgafcinpm
Data\Default\Extensions\pgjchkcfm
Data\Default\Extensions\pjkljhegn

======== Listado ===========


[12/02/2013 09:37 a.m.]
[11/02/2013 11:41
a\Roaming\Autodesk
[12/02/2013 01:23 p.m.]
[12/02/2013 02:07
a\Roaming\Dropbox
[12/02/2013 09:03 a.m.]
[12/02/2013 09:03
a\Roaming\GoforFiles
[12/02/2013 08:44 a.m.]
[12/02/2013 08:44
a\Roaming\Google
[10/02/2013 03:49 p.m.]
[10/02/2013 03:49
a\Roaming\Identities
[10/02/2013 04:31 p.m.]
[10/02/2013 04:31
a\Roaming\Macromedia
[14/07/2009 05:10 a.m.]
[10/02/2013 03:48
a\Roaming\Media Center Programs
[12/02/2013 08:08 a.m.]
[10/02/2013 03:48
ta\Roaming\Microsoft
[12/02/2013 08:37 a.m.]
[12/02/2013 08:37
a\Roaming\vlc
[10/02/2013 03:57 p.m.]
[10/02/2013 03:57
a\Roaming\WinBatch
[12/02/2013 03:11 a.m.]
[10/02/2013 05:47
a\Roaming\WinRAR
[12/02/2013 08:12 a.m.]
[12/02/2013 08:11
)\AutoCAD Civil 3D 2013
[12/02/2013 09:20 a.m.]
[12/02/2013 08:07
)\Autodesk
[12/02/2013 09:52 a.m.]
[13/07/2009 10:20
)\Common Files
C:\Program Files (x86)\desktop.ini [HSA]
[12/02/2013 01:48 a.m.]
[12/02/2013 01:48
)\Freemake
[12/02/2013 08:39 a.m.]
[10/02/2013 04:19
)\Google
[12/02/2013 10:10 a.m.]
[12/02/2013 10:10
)\GUMAAA.tmp
[11/02/2013 09:46 p.m.]
[10/02/2013 06:58
6)\InstallShield Installation Information
[12/02/2013 01:48 a.m.]
[13/07/2009 10:20
)\Internet Explorer
[10/02/2013 04:28 p.m.]
[10/02/2013 04:28
)\Java
[12/02/2013 08:51 a.m.]
[12/02/2013 08:51
)\K-Lite Codec Pack

p.m.]

[DI]

C:\Users\Riky\AppDat

a.m.]

[DI]

C:\Users\Riky\AppDat

a.m.]

[DI]

C:\Users\Riky\AppDat

a.m.]

[DI]

C:\Users\Riky\AppDat

p.m.]

[DI]

C:\Users\Riky\AppDat

p.m.]

[DI]

C:\Users\Riky\AppDat

p.m.]

[DI]

C:\Users\Riky\AppDat

p.m.]

[SDI]

C:\Users\Riky\AppDa

a.m.]

[DI]

C:\Users\Riky\AppDat

p.m.]

[DI]

C:\Users\Riky\AppDat

p.m.]

[DI]

C:\Users\Riky\AppDat

a.m.]

[D]

C:\Program Files (x86

a.m.]

[D]

C:\Program Files (x86

p.m.]

[D]

C:\Program Files (x86

174 bytes( 0)
a.m.] [D] C:\Program Files (x86
p.m.]

[D]

C:\Program Files (x86

a.m.]

[D]

C:\Program Files (x86

p.m.]

[HD]

C:\Program Files (x8

p.m.]

[D]

C:\Program Files (x86

p.m.]

[D]

C:\Program Files (x86

a.m.]

[D]

C:\Program Files (x86

[10/02/2013 04:37 p.m.]


[10/02/2013
)\Microsoft Analysis Services
[10/02/2013 04:40 p.m.]
[10/02/2013
)\Microsoft Office
[12/02/2013 01:50 a.m.]
[12/02/2013
)\Microsoft SDKs
[11/02/2013 09:50 p.m.]
[11/02/2013
)\Microsoft SQL Server
[10/02/2013 04:40 p.m.]
[10/02/2013
)\Microsoft SQL Server Compact Edition
[10/02/2013 04:40 p.m.]
[10/02/2013
)\Microsoft Sync Framework
[10/02/2013 04:40 p.m.]
[10/02/2013
)\Microsoft Synchronization Services
[10/02/2013 04:38 p.m.]
[10/02/2013
)\Microsoft Visual Studio 8
[12/02/2013 01:51 a.m.]
[12/02/2013
)\Microsoft Visual Studio 9.0
[11/02/2013 11:43 p.m.]
[10/02/2013
)\Microsoft.NET
[12/02/2013 09:03 a.m.]
[12/02/2013
)\Mozilla Firefox
[10/02/2013 04:41 p.m.]
[14/07/2009
)\MSBuild
[10/02/2013 06:01 p.m.]
[10/02/2013
)\Nero
[11/02/2013 10:11 p.m.]
[11/02/2013
)\NVIDIA Corporation
[12/02/2013 03:06 a.m.]
[10/02/2013
)\Photoshop
[14/07/2009 12:32 a.m.]
[14/07/2009
)\Reference Assemblies
[10/02/2013 06:57 p.m.]
[10/02/2013
)\TOSHIBA
[13/07/2009 11:57 p.m.]
[13/07/2009
6)\Uninstall Information
[12/02/2013 08:36 a.m.]
[12/02/2013
)\VideoLAN
[14/07/2009 04:30 a.m.]
[14/07/2009
)\Windows Defender
[14/07/2009 04:30 a.m.]
[13/07/2009
)\Windows Mail
[14/07/2009 04:30 a.m.]
[14/07/2009
)\Windows Media Player
[14/07/2009 12:32 a.m.]
[13/07/2009
)\Windows NT
[14/07/2009 04:30 a.m.]
[14/07/2009
)\Windows Photo Viewer
[14/07/2009 12:32 a.m.]
[14/07/2009
)\Windows Portable Devices
[14/07/2009 04:30 a.m.]
[14/07/2009
)\Windows Sidebar
[14/07/2009 12:08 a.m.]
[14/07/2009
plication Data
[12/02/2013 08:46 a.m.]
[12/02/2013
S
[12/02/2013 09:55 a.m.]
[11/02/2013
esk
[12/02/2013 09:03 a.m.]
[12/02/2013
erProtect

04:37 p.m.]

[D]

C:\Program Files (x86

04:36 p.m.]

[D]

C:\Program Files (x86

01:50 a.m.]

[D]

C:\Program Files (x86

09:47 p.m.]

[D]

C:\Program Files (x86

04:40 p.m.]

[D]

C:\Program Files (x86

04:40 p.m.]

[D]

C:\Program Files (x86

04:40 p.m.]

[D]

C:\Program Files (x86

04:38 p.m.]

[D]

C:\Program Files (x86

12:31 a.m.]

[D]

C:\Program Files (x86

04:40 p.m.]

[D]

C:\Program Files (x86

09:03 a.m.]

[D]

C:\Program Files (x86

12:32 a.m.]

[D]

C:\Program Files (x86

05:51 p.m.]

[D]

C:\Program Files (x86

10:11 p.m.]

[D]

C:\Program Files (x86

06:44 p.m.]

[D]

C:\Program Files (x86

12:32 a.m.]

[D]

C:\Program Files (x86

06:57 p.m.]

[D]

C:\Program Files (x86

11:57 p.m.]

[HD]

C:\Program Files (x8

08:36 a.m.]

[D]

C:\Program Files (x86

12:32 a.m.]

[D]

C:\Program Files (x86

10:20 p.m.]

[D]

C:\Program Files (x86

12:32 a.m.]

[D]

C:\Program Files (x86

10:20 p.m.]

[D]

C:\Program Files (x86

12:32 a.m.]

[D]

C:\Program Files (x86

12:32 a.m.]

[D]

C:\Program Files (x86

12:32 a.m.]

[D]

C:\Program Files (x86

12:08 a.m.]

[HSDLI]

08:46 a.m.]

[DI]

C:\ProgramData\ASGVI

11:41 p.m.]

[DI]

C:\ProgramData\Autod

09:03 a.m.]

[DI]

C:\ProgramData\Brows

C:\ProgramData\Ap

[10/02/2013 03:48 p.m.]


tos de programa
[14/07/2009 12:08 a.m.]
sktop
[10/02/2013 03:48 p.m.]
cumentos
[14/07/2009 12:08 a.m.]
cuments
[10/02/2013 03:48 p.m.]
critorio
[10/02/2013 06:24 p.m.]
[14/07/2009 12:08 a.m.]
vorites
[10/02/2013 03:48 p.m.]
voritos
[12/02/2013 02:22 a.m.]
et
[12/02/2013 01:49 a.m.]
ake
[12/02/2013 08:39 a.m.]
e
[10/02/2013 03:48 p.m.]
n Inicio
[12/02/2013 12:51 a.m.]
osoft
[12/02/2013 01:53 a.m.]
soft Help
[10/02/2013 05:57 p.m.]
[11/02/2013 10:54 p.m.]
A
[11/02/2013 10:11 p.m.]
A Corporation
[10/02/2013 03:48 p.m.]
antillas
[10/02/2013 07:07 p.m.]
.1986-12.com.adobe
[14/07/2009 12:08 a.m.]
art Menu
[10/02/2013 04:29 p.m.]
[12/02/2013 08:35 a.m.]
[14/07/2009 12:08 a.m.]
mplates

[10/02/2013 03:48 p.m.]

[HSDLI]

C:\ProgramData\Da

[14/07/2009 12:08 a.m.]

[HSDLI]

C:\ProgramData\De

[10/02/2013 03:48 p.m.]

[HSDLI]

C:\ProgramData\Do

[14/07/2009 12:08 a.m.]

[HSDLI]

C:\ProgramData\Do

[10/02/2013 03:48 p.m.]

[HSDLI]

C:\ProgramData\Es

[10/02/2013 06:24 p.m.]


[14/07/2009 12:08 a.m.]

[DI] C:\ProgramData\ESET
[HSDLI] C:\ProgramData\Fa

[10/02/2013 03:48 p.m.]

[HSDLI]

[12/02/2013 02:18 a.m.]

[DI]

C:\ProgramData\FLEXn

[12/02/2013 01:48 a.m.]

[DI]

C:\ProgramData\Freem

[12/02/2013 08:39 a.m.]

[DI]

C:\ProgramData\Googl

[10/02/2013 03:48 p.m.]

[HSDLI]

[13/07/2009 10:20 p.m.]

[SDI]

C:\ProgramData\Micr

[10/02/2013 04:36 p.m.]

[DI]

C:\ProgramData\Micro

[10/02/2013 05:51 p.m.]


[11/02/2013 10:54 p.m.]

[DI]
[DI]

C:\ProgramData\Nero
C:\ProgramData\NVIDI

[11/02/2013 10:11 p.m.]

[DI]

C:\ProgramData\NVIDI

[10/02/2013 03:48 p.m.]

[HSDLI]

[10/02/2013 07:07 p.m.]

[DI]

[14/07/2009 12:08 a.m.]

[HSDLI]

[10/02/2013 04:29 p.m.]


[12/02/2013 08:35 a.m.]
[14/07/2009 12:08 a.m.]

[DI] C:\ProgramData\Sun
[DI] C:\ProgramData\TEMP
[HSDLI] C:\ProgramData\Te

==================== EOF ==================

C:\ProgramData\Fa

C:\ProgramData\Me

C:\ProgramData\Pl
C:\ProgramData\regid
C:\ProgramData\St

You might also like