Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Combo Fix

    Загружено:

    Pedro Pitaco
    26 просмотров4 страницы
    Combo Fix

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    TXT, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    Combo Fix

    Авторское право:

    © All Rights Reserved
    Скачайте в формате TXT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    26 просмотров4 страницы

    Combo Fix

    Загружено:

    Pedro Pitaco
    Combo Fix

    Авторское право:

    © All Rights Reserved
    Скачайте в формате TXT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 4

    ComboFix 12-12-22.02 - Jairo 22/12/2012 19:41:46.2.

    4 - x86
    Microsoft Windows 7 Professional 6.1.7601.1.1252.55.1046.18.3071.2017 [GMT -2:
    00]
    Executando de: c:\users\Jairo\Downloads\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A5
    1A4C60A69C}
    SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E
    6837E7EC21}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    [i] ADS - drivers: deleted 128 bytes in 1 streams. [/i]
    .
    (((((((((((((((( Arquivos/Ficheiros criados de 2012-11-22 to 2012-12-22 )))))
    )))))))))))))))))))))))
    .
    .
    2012-12-22 21:47 . 2012-12-22 21:47
    -------d-----wc:\users
    \Public\AppData\Local\temp
    2012-12-22 21:47 . 2012-12-22 21:47
    -------d-----wc:\users
    \Default\AppData\Local\temp
    2012-12-22 21:19 . 2012-12-22 21:19
    29904 ----a-wc:\programdata\M
    icrosoft\Microsoft Antimalware\Definition Updates\{CAEAE4F7-D147-4398-9AA3-66C4B
    5E97FB7}\MpKsl3ba188ad.sys
    2012-12-22 13:00 . 2012-06-19 15:30
    293889 ----a-wc:\windows\syste
    m32\drivers\RTAIODAT.DAT
    2012-12-21 23:15 . 2012-11-08 18:00
    6812136 ----a-wc:\programdata\M
    icrosoft\Microsoft Antimalware\Definition Updates\{CAEAE4F7-D147-4398-9AA3-66C4B
    5E97FB7}\mpengine.dll
    2012-12-21 13:32 . 2012-12-16 14:13
    295424 ----a-wc:\windows\syste
    m32\atmfd.dll
    2012-12-21 13:32 . 2012-12-16 14:13
    34304 ----a-wc:\windows\syste
    m32\atmlib.dll
    2012-12-20 15:44 . 2012-11-08 18:00
    6812136 ----a-wc:\programdata\M
    icrosoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2012-12-14 13:49 . 2012-12-14 13:49
    -------d-----wc:\users
    \Jairo\AppData\Local\Programs
    2012-12-13 10:12 . 2012-11-22 02:56
    2345984 ----a-wc:\windows\syste
    m32\win32k.sys
    2012-12-13 10:09 . 2012-11-09 04:42
    2048
    ----a-wc:\windows\syste
    m32\tzres.dll
    2012-11-29 11:14 . 2012-11-29 11:14
    740840 ------wc:\programdata\M
    icrosoft\Microsoft Antimalware\Definition Updates\{E5668B11-DB26-4080-932C-32ED4
    79E432B}\gapaengine.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((( Relatrio Find3M )))))))))))))))))))))))
    )))))))))))))))))))))))))))))
    .
    2012-12-12 18:12 . 2012-04-09 18:41
    697272 ----a-wc:\windows\syste
    m32\FlashPlayerApp.exe
    2012-12-12 18:12 . 2011-05-16 13:33
    73656 ----a-wc:\windows\syste
    m32\FlashPlayerCPLApp.cpl
    2012-10-16 07:39 . 2012-11-28 18:10
    561664 ----a-wc:\windows\apppa
    tch\AcLayers.dll
    2012-10-09 17:40 . 2012-11-19 09:49
    44032 ----a-wc:\windows\syste
    m32\dhcpcsvc6.dll
    2012-10-09 17:40 . 2012-11-19 09:49
    193536 ----a-wc:\windows\syste
    m32\dhcpcore6.dll
    2012-10-03 16:58 . 2012-11-19 09:56
    1293680 ----a-wc:\windows\syste

    m32\drivers\tcpip.sys
    2012-10-03 16:42 . 2012-11-19 09:56
    52224 ----a-wc:\windows\syste
    m32\nlaapi.dll
    2012-10-03 16:42 . 2012-11-19 09:56
    242176 ----a-wc:\windows\syste
    m32\nlasvc.dll
    2012-10-03 16:42 . 2012-11-19 09:56
    18944 ----a-wc:\windows\syste
    m32\netevent.dll
    2012-10-03 16:42 . 2012-11-19 09:56
    175104 ----a-wc:\windows\syste
    m32\netcorehc.dll
    2012-10-03 16:42 . 2012-11-19 09:56
    156672 ----a-wc:\windows\syste
    m32\ncsi.dll
    2012-10-03 16:40 . 2012-11-19 09:56
    499712 ----a-wc:\windows\syste
    m32\iphlpsvc.dll
    2012-10-03 15:21 . 2012-11-19 09:56
    35328 ----a-wc:\windows\syste
    m32\drivers\tcpipreg.sys
    2012-10-03 02:15 . 2011-03-25 15:43
    740784 ------wc:\programdata\M
    icrosoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    2012-09-25 22:47 . 2012-11-19 09:56
    78336 ----a-wc:\windows\syste
    m32\synceng.dll
    2012-09-24 17:32 . 2012-07-17 16:34
    477168 ----a-wc:\windows\syste
    m32\npdeployJava1.dll
    2012-09-24 17:32 . 2011-03-07 11:36
    473072 ----a-wc:\windows\syste
    m32\deployJava1.dll
    .
    .
    (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))
    )))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legtimas por padro no so apresentadas.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD24
    9D}]
    2010-12-09 15:51
    3911776 ----a-wc:\program files\ConduitEngine\C
    onduitEngine.dll
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890
    f4}]
    2010-12-09 15:51
    3911776 ----a-wc:\program files\MyAshampoo\tbMy
    As.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files\MyAshampoo\tbMyAs.dl
    l" [2010-12-09 3911776]
    "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\Condui
    tEngine.dll" [2010-12-09 3911776]
    .
    [HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
    .
    [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}"= "c:\program files\MyAshampoo\tbMyAs.dl
    l" [2010-12-09 3911776]
    "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\Condui
    tEngine.dll" [2010-12-09 3911776]
    .
    [HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
    .

    [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "PoStatusMon"="c:\program files\POSITIVO\MFP_POS\poDvcStatus.exe" [2007-06-15 25
    3952]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-0727 919008]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 94717
    6]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe
    " [2012-09-17 254896]
    .
    c:\users\Jairo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office
    \Office14\ONENOTEM.EXE [2011-9-2 227712]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\IMESHA~1\Mediabar\Datamngr\datamngr.dll c:\progra~1\I
    MESHA~1\Mediabar\Datamngr\IEBHO.dll
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C S
    ervice\c2c_service.exe [x]
    R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
    R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x
    ]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrv
    WFP.sys [x]
    R3 NisSrv;Inspeo de Rede da Microsoft;c:\program files\Microsoft Security Client\N
    isSrv.exe [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 WatAdminSvc;Servio de Tecnologias de Ativao do Windows;c:\windows\system32\Wat\W
    atAdminSvc.exe [x]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Window
    s Live\Mesh\wlcrasvc.exe [x]
    S1 MpKsl3ba188ad;MpKsl3ba188ad;c:\programdata\Microsoft\Microsoft Antimalware\De
    finition Updates\{CAEAE4F7-D147-4398-9AA3-66C4B5E97FB7}\MpKsl3ba188ad.sys [x]
    S2 poMntrService;poMntrService;c:\program files\POSITIVO\MFP_POS\poMntrService.e
    xe [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
    .
    .
    --- =Outros Servios/Drivers Na Memria --.
    *NewlyCreated* - MPKSL3BA188AD
    .
    Contedo da pasta 'Tarefas Agendadas'
    .
    2012-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 18
    :12]

    .
    2012-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-10-20 14:24]
    .
    2012-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-10-20 14:24]
    .
    .
    ------- Scan Suplementar ------.
    uStart Page = hxxp://www.google.com/
    IE: &Enviar para o OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
    IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3
    000
    Trusted Zone: bancoreal.com.br\www
    Trusted Zone: bancosantander.com.br\www
    Trusted Zone: realsecureweb.com.br\www
    Trusted Zone: realsecureweb.com.br\www2
    Trusted Zone: realsecureweb.com.br\wwws
    Trusted Zone: santander.com.br\www
    Trusted Zone: santanderempresarial.com.br\www
    Trusted Zone: santandernet.com.br\www
    Trusted Zone: santandernet.com.br\wwws
    Trusted Zone: santandernetibe.com.br\www
    Trusted Zone: secureweb.com.br\www
    TCP: DhcpNameServer = 192.168.1.1
    .
    - - - - ORFOS REMOVIDOS - - - .
    Toolbar-10 - (no file)
    .
    .
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------.
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Tempo para concluso: 2012-12-22 19:48:35
    ComboFix-quarantined-files.txt 2012-12-22 21:48
    ComboFix2.txt 2012-10-12 02:38
    .
    Pr-execuo: 56.433.111.040 bytes disponveis
    Ps execuo: 56.879.398.912 bytes disponveis
    .
    - - End Of File - - 6E84C07F6D298BA0D129D3C094BB8D92

    Вам также может понравиться