Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • Combo Fix

    Загружено:

    Milton Souza
    18 просмотров9 страниц

    Авторское право

    © Attribution Non-Commercial (BY-NC)

    Доступные форматы

    TXT, PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате TXT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    18 просмотров9 страниц

    Combo Fix

    Загружено:

    Milton Souza

    Авторское право:

    Attribution Non-Commercial (BY-NC)
    Скачайте в формате TXT, PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 9

    ComboFix 11-04-22.02 - VSCyber 24/04/2011 13:52:40.2.

    1 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1015.691 [GMT -3:0
    0]
    Executando de: c:\documents and settings\VSCyber\Desktop\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ATENAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAO INSTALADA !!
    .
    .
    (((((((((((((((( Arquivos/Ficheiros criados de 2011-03-24 to 2011-04-24 )))))
    )))))))))))))))))))))))
    .
    .
    2011-04-24 16:34 . 2011-04-18 17:17
    441176 ----a-wc:\windows\syste
    m32\drivers\aswSnx.sys
    2011-04-24 15:52 . 2011-04-24 15:53
    -------d-----wc:\docum
    ents and settings\VSCyber\Dados de aplicativos\Vso
    2011-04-24 15:52 . 2009-09-02 15:44
    102439 ----a-wc:\windows\syste
    m32\sipr3260.dll
    2011-04-24 15:52 . 2009-09-02 15:44
    65602 ----a-wc:\windows\syste
    m32\cook3260.dll
    2011-04-24 15:52 . 2009-09-02 15:44
    217127 ----a-wc:\windows\syste
    m32\drv43260.dll
    2011-04-24 15:52 . 2009-09-02 15:44
    208935 ----a-wc:\windows\syste
    m32\drv33260.dll
    2011-04-24 15:52 . 2009-09-02 15:44
    176165 ----a-wc:\windows\syste
    m32\drv23260.dll
    2011-04-24 15:52 . 2009-09-02 15:44
    626688 ----a-wc:\windows\syste
    m32\vp7vfw.dll
    2011-04-24 15:52 . 2009-09-02 15:44
    1184984 ----a-wc:\windows\syste
    m32\wvc1dmod.dll
    2011-04-24 15:52 . 2011-04-24 15:52
    -------d-----wc:\arqui
    vos de programas\VSO
    2011-04-24 15:49 . 2011-04-24 15:49
    -------d-----wc:\arqui
    vos de programas\softendo.com
    2011-04-24 14:48 . 2001-09-06 02:20
    12288 -c--a-wc:\windows\syste
    m32\dllcache\mouhid.sys
    2011-04-24 14:48 . 2001-09-06 02:20
    12288 ----a-wc:\windows\syste
    m32\drivers\mouhid.sys
    2011-04-24 14:47 . 2008-04-13 14:45
    10368 -c--a-wc:\windows\syste
    m32\dllcache\hidusb.sys
    2011-04-24 14:47 . 2008-04-13 14:45
    10368 ----a-wc:\windows\syste
    m32\drivers\hidusb.sys
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((( Relatrio Find3M )))))))))))))))))))))))
    )))))))))))))))))))))))))))))
    .
    2011-04-18 17:25 . 2010-10-30 01:42
    40112 ----a-wc:\windows\avast
    SS.scr
    2011-04-18 17:25 . 2010-10-30 01:42
    199304 ----a-wc:\windows\syste
    m32\aswBoot.exe
    2011-04-18 17:17 . 2010-10-30 01:42
    307288 ----a-wc:\windows\syste
    m32\drivers\aswSP.sys
    2011-04-18 17:16 . 2010-10-30 01:42
    49240 ----a-wc:\windows\syste
    m32\drivers\aswTdi.sys
    2011-04-18 17:16 . 2010-10-30 01:42
    102488 ----a-wc:\windows\syste
    m32\drivers\aswmon2.sys
    2011-04-18 17:16 . 2010-10-30 01:42
    96344 ----a-wc:\windows\syste

    m32\drivers\aswmon.sys
    2011-04-18 17:13 . 2010-10-30 01:42
    25432 ----a-wc:\windows\syste
    m32\drivers\aswRdr.sys
    2011-04-18 17:13 . 2010-10-30 01:42
    30680 ----a-wc:\windows\syste
    m32\drivers\aavmker4.sys
    2011-04-18 17:12 . 2010-10-30 01:42
    19544 ----a-wc:\windows\syste
    m32\drivers\aswFsBlk.sys
    2011-03-18 18:04 . 2011-04-24 15:51
    142296 ----a-wc:\arquivos de p
    rogramas\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2010-12-02_18.55.36 )))))))))))))))))
    ))))))))))))))))))))))))
    .
    + 2011-04-24 16:38 . 2011-04-24 16:38 16384
    c:\windows\Temp\Perfl
    ib_Perfdata_598.dat
    + 1999-11-25 04:40 . 1999-11-25 04:40 40960
    c:\windows\system32\V
    BAME.DLL
    + 2010-12-04 19:09 . 2003-06-19 03:31 18944
    c:\windows\system32\s
    pool\prtprocs\w32x86\mdippr.dll
    + 2010-12-04 19:09 . 2003-06-19 03:31 35328
    c:\windows\system32\s
    pool\drivers\w32x86\mdiui.dll
    + 2010-12-04 19:09 . 2003-06-19 03:31 35328
    c:\windows\system32\s
    pool\drivers\w32x86\3\mdiui.dll
    + 1998-03-25 07:54 . 1998-03-25 07:54 15872
    c:\windows\system32\S
    CP32.DLL
    + 2008-04-14 12:00 . 2010-12-04 19:14 80328
    c:\windows\system32\p
    erfc016.dat
    + 2008-04-14 12:00 . 2010-12-04 19:14 68470
    c:\windows\system32\p
    erfc009.dat
    + 1998-08-09 21:07 . 1998-08-09 21:07 94208
    c:\windows\system32\M
    SSTKPRP.DLL
    + 1999-05-10 20:08 . 1999-05-10 20:08 57344
    c:\windows\system32\M
    FC42PTB.DLL
    + 2010-12-04 19:09 . 2003-06-19 03:31 17920
    c:\windows\system32\m
    dimon.dll
    + 2010-12-04 19:10 . 2010-12-04 19:10 34632
    c:\windows\Installer\
    {90120000-0020-0416-0000-0000000FF1CE}\O12ConvIcon.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 23040
    c:\windows\Installer\
    {90110416-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 61440
    c:\windows\Installer\
    {90110416-6000-11D3-8CFE-0150048383C9}\pubs.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 27136
    c:\windows\Installer\
    {90110416-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 11264
    c:\windows\Installer\
    {90110416-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 86016
    c:\windows\Installer\
    {90110416-6000-11D3-8CFE-0150048383C9}\inficon.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 12288
    c:\windows\Installer\
    {90110416-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    + 2003-07-15 08:53 . 2003-07-15 08:53 34880
    c:\windows\Installer\
    $PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\DWTRIG20.EXE
    + 2003-07-15 08:52 . 2003-07-15 08:52 39992
    c:\windows\Installer\
    $PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\DWDCW20.DLL
    + 2010-12-14 01:02 . 2010-12-14 01:02 61440
    c:\windows\assembly\G
    AC_MSIL\FirebirdSql.Web.Providers\2.0.0.0__3d06a02581b682f8\FirebirdSql.Web.Prov
    iders.dll
    - 2010-11-01 00:29 . 2010-11-01 00:29 61440
    c:\windows\assembly\G
    AC_MSIL\FirebirdSql.Web.Providers\2.0.0.0__3d06a02581b682f8\FirebirdSql.Web.Prov
    iders.dll

    + 2010-12-04 19:07 . 2010-12-04 19:07 64088


    c:\windows\assembly\G
    AC\Microsoft.Vbe.Interop\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 20080
    c:\windows\assembly\G
    AC\Microsoft.Office.Interop.SmartTag\11.0.0.0__71e9bce111e9429c\Microsoft.Office
    .Interop.SmartTag.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 35448
    c:\windows\assembly\G
    AC\Microsoft.Office.Interop.OutlookViewCtl\11.0.0.0__71e9bce111e9429c\Microsoft.
    Office.Interop.OutlookViewCtl.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 65536
    c:\windows\assembly\G
    AC\dao\10.0.4504.0__31bf3856ad364e35\DAO.DLL
    + 2010-12-04 15:36 . 2010-12-04 15:36 8192
    c:\windows\system32\sr
    vany.exe
    + 1999-05-18 17:16 . 1999-05-18 17:16 7680
    c:\windows\system32\MS
    PRPPTB.DLL
    + 2010-12-04 19:08 . 2010-12-04 19:08 4096
    c:\windows\Installer\{
    90110416-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    + 2002-08-21 07:13 . 2002-08-21 07:13 189952
    c:\windows\system32\
    WISPTIS.EXE
    + 2010-12-04 19:09 . 2003-06-19 03:31 758784
    c:\windows\system32\
    spool\drivers\w32x86\mdigraph.dll
    + 2010-12-04 19:09 . 2003-06-19 03:31 758784
    c:\windows\system32\
    spool\drivers\w32x86\3\mdigraph.dll
    + 2000-04-03 19:52 . 2000-04-03 19:52 151552
    c:\windows\system32\
    RDOCURS.DLL
    + 2008-04-14 12:00 . 2010-12-04 19:14 471354
    c:\windows\system32\
    perfh016.dat
    + 2008-04-14 12:00 . 2010-12-04 19:14 435574
    c:\windows\system32\
    perfh009.dat
    + 2000-05-24 08:45 . 2000-05-24 08:45 118784
    c:\windows\system32\
    MSSTDFMT.DLL
    + 2000-05-11 15:06 . 2000-05-11 15:06 397312
    c:\windows\system32\
    MSRDO20.DLL
    + 2002-08-21 07:10 . 2002-08-21 07:10 204800
    c:\windows\system32\
    INKED.DLL
    - 2010-10-29 19:33 . 2010-11-01 00:01 268600
    c:\windows\system32\
    FNTCACHE.DAT
    + 2010-10-29 19:33 . 2010-12-04 19:24 268600
    c:\windows\system32\
    FNTCACHE.DAT
    + 2010-12-04 15:36 . 2010-12-04 15:36 151552
    c:\windows\KMService
    .exe
    + 2010-12-04 19:10 . 2010-12-04 19:10 381440
    c:\windows\Installer
    \2b3db.msi
    + 2010-12-04 19:27 . 2010-12-04 19:27 300328
    c:\windows\Installer
    \{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}\ARPPRODUCTICON.exe
    - 2010-11-01 00:14 . 2010-11-01 00:14 300328
    c:\windows\Installer
    \{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}\ARPPRODUCTICON.exe
    - 2010-11-01 00:13 . 2010-11-01 00:13 300328
    c:\windows\Installer
    \{C3580AC4-C827-4332-B935-9A282ED5BB97}\ARPPRODUCTICON.exe
    + 2010-12-04 19:27 . 2010-12-04 19:27 300328
    c:\windows\Installer
    \{C3580AC4-C827-4332-B935-9A282ED5BB97}\ARPPRODUCTICON.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 409600
    c:\windows\Installer
    \{90110416-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 286720
    c:\windows\Installer
    \{90110416-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 249856
    c:\windows\Installer
    \{90110416-6000-11D3-8CFE-0150048383C9}\pptico.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 794624
    c:\windows\Installer
    \{90110416-6000-11D3-8CFE-0150048383C9}\outicon.exe
    + 2010-12-04 19:08 . 2010-12-04 19:08 135168
    c:\windows\Installer
    \{90110416-6000-11D3-8CFE-0150048383C9}\misc.exe

    + 2010-12-04 19:08 . 2010-12-04 19:08 593920


    c:\windows\Installer
    \{90110416-6000-11D3-8CFE-0150048383C9}\accicons.exe
    + 2010-12-04 19:22 . 2010-12-04 19:22 131072
    c:\windows\Installer
    \{82EF29B1-9B60-4142-A155-0599216DD053}\QuickDemoUrl_E9752251A5AD4678977047FD655
    66D18.exe
    + 2010-12-04 19:22 . 2010-12-04 19:22 323584
    c:\windows\Installer
    \{82EF29B1-9B60-4142-A155-0599216DD053}\NewShortcut2_C673DF680CDE41FC9DFBF63D31D
    E4F28.exe
    + 2010-12-04 19:22 . 2010-12-04 19:22 339968
    c:\windows\Installer
    \{82EF29B1-9B60-4142-A155-0599216DD053}\NewShortcut1_FE82206EF6124B479F4EDD27A1E
    056A4.exe
    + 2010-12-04 19:22 . 2010-12-04 19:22 323584
    c:\windows\Installer
    \{82EF29B1-9B60-4142-A155-0599216DD053}\NewShortcut1_C673DF680CDE41FC9DFBF63D31D
    E4F28.exe
    + 2010-12-04 19:22 . 2010-12-04 19:22 131072
    c:\windows\Installer
    \{82EF29B1-9B60-4142-A155-0599216DD053}\LightScribeWebsite_9607541794D946E89D575
    2F753E35CC4.exe
    + 2010-12-04 19:22 . 2010-12-04 19:22 281894
    c:\windows\Installer
    \{82EF29B1-9B60-4142-A155-0599216DD053}\ARPPRODUCTICON.exe
    - 2010-11-01 00:15 . 2010-11-01 00:15 587048
    c:\windows\Installer
    \{70550193-1C22-445C-8FA4-564E155DB1A7}\NeroExpress.exe_81A8FD91A6494AD5B4998149
    EAAC7E7C.exe
    + 2010-12-04 19:28 . 2010-12-04 19:28 587048
    c:\windows\Installer
    \{70550193-1C22-445C-8FA4-564E155DB1A7}\NeroExpress.exe_81A8FD91A6494AD5B4998149
    EAAC7E7C.exe
    - 2010-11-01 00:15 . 2010-11-01 00:15 587048
    c:\windows\Installer
    \{70550193-1C22-445C-8FA4-564E155DB1A7}\ARPPRODUCTICON.exe
    + 2010-12-04 19:28 . 2010-12-04 19:28 587048
    c:\windows\Installer
    \{70550193-1C22-445C-8FA4-564E155DB1A7}\ARPPRODUCTICON.exe
    - 2010-11-01 00:13 . 2010-11-01 00:13 587048
    c:\windows\Installer
    \{6DFB899F-17A2-48F0-A533-ED8D6866CF38}\ScControlCenterSta_FC2653898C5047A6A872C
    AF6433C43A8.exe
    + 2010-12-04 19:26 . 2010-12-04 19:26 587048
    c:\windows\Installer
    \{6DFB899F-17A2-48F0-A533-ED8D6866CF38}\ScControlCenterSta_FC2653898C5047A6A872C
    AF6433C43A8.exe
    - 2010-11-01 00:13 . 2010-11-01 00:13 587048
    c:\windows\Installer
    \{6DFB899F-17A2-48F0-A533-ED8D6866CF38}\ARPPRODUCTICON.exe
    + 2010-12-04 19:26 . 2010-12-04 19:26 587048
    c:\windows\Installer
    \{6DFB899F-17A2-48F0-A533-ED8D6866CF38}\ARPPRODUCTICON.exe
    + 2010-12-04 19:27 . 2010-12-04 19:27 300328
    c:\windows\Installer
    \{63AA3EAB-23BB-48B2-9AD0-44F878075604}\ARPPRODUCTICON.exe
    - 2010-11-01 00:13 . 2010-11-01 00:13 300328
    c:\windows\Installer
    \{63AA3EAB-23BB-48B2-9AD0-44F878075604}\ARPPRODUCTICON.exe
    - 2010-11-01 00:13 . 2010-11-01 00:13 300328
    c:\windows\Installer
    \{277C1559-4CF7-44FF-8D07-98AA9C13AABD}\ARPPRODUCTICON.exe
    + 2010-12-04 19:26 . 2010-12-04 19:26 300328
    c:\windows\Installer
    \{277C1559-4CF7-44FF-8D07-98AA9C13AABD}\ARPPRODUCTICON.exe
    - 2010-11-01 00:13 . 2010-11-01 00:13 300328
    c:\windows\Installer
    \{237CCB62-8454-43E3-B158-3ACD0134852E}\ARPPRODUCTICON.exe
    + 2010-12-04 19:27 . 2010-12-04 19:27 300328
    c:\windows\Installer
    \{237CCB62-8454-43E3-B158-3ACD0134852E}\ARPPRODUCTICON.exe
    + 1998-06-17 21:52 . 1998-06-17 21:52 401462
    c:\windows\Installer
    \$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSVCP60.DLL
    + 2003-07-15 08:51 . 2003-07-15 08:51 116288
    c:\windows\Installer
    \$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSCONV97.DLL
    + 2010-12-14 01:02 . 2010-12-14 01:02 692224
    c:\windows\assembly\
    GAC_MSIL\FirebirdSql.Data.FirebirdClient\2.0.0.0__3750abcc3150b00c\FirebirdSql.D
    ata.FirebirdClient.dll
    - 2010-11-01 00:29 . 2010-11-01 00:29 692224
    c:\windows\assembly\
    GAC_MSIL\FirebirdSql.Data.FirebirdClient\2.0.0.0__3750abcc3150b00c\FirebirdSql.D

    ata.FirebirdClient.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 223800
    c:\windows\assembly\
    GAC\office\11.0.0.0__71e9bce111e9429c\OFFICE.DLL
    - 2010-10-30 13:29 . 2010-10-30 13:29 229376
    c:\windows\assembly\
    GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
    + 2010-12-04 19:07 . 2010-12-04 19:07 229376
    c:\windows\assembly\
    GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
    + 2010-12-04 19:07 . 2010-12-04 19:07 371296
    c:\windows\assembly\
    GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop
    .Forms.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 662120
    c:\windows\assembly\
    GAC\Microsoft.Office.Interop.Word\11.0.0.0__71e9bce111e9429c\Microsoft.Office.In
    terop.Word.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 211568
    c:\windows\assembly\
    GAC\Microsoft.Office.Interop.Publisher\11.0.0.0__71e9bce111e9429c\Microsoft.Offi
    ce.Interop.Publisher.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 223856
    c:\windows\assembly\
    GAC\Microsoft.Office.Interop.PowerPoint\11.0.0.0__71e9bce111e9429c\Microsoft.Off
    ice.Interop.PowerPoint.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 461416
    c:\windows\assembly\
    GAC\Microsoft.Office.Interop.Owc11\11.0.0.0__71e9bce111e9429c\Microsoft.Office.I
    nterop.Owc11.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 408176
    c:\windows\assembly\
    GAC\Microsoft.Office.Interop.Outlook\11.0.0.0__71e9bce111e9429c\Microsoft.Office
    .Interop.Outlook.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 141928
    c:\windows\assembly\
    GAC\Microsoft.Office.Interop.Graph\11.0.0.0__71e9bce111e9429c\Microsoft.Office.I
    nterop.Graph.dll
    + 2010-12-04 19:07 . 2010-12-04 19:07 997992
    c:\windows\assembly\
    GAC\Microsoft.Office.Interop.Access\11.0.0.0__71e9bce111e9429c\Microsoft.Office.
    Interop.Access.dll
    + 2010-12-04 19:28 . 2010-12-04 19:28 1612800
    c:\windows\Installe
    r\2cc72.msi
    + 2010-12-04 19:28 . 2010-12-04 19:28 8757248
    c:\windows\Installe
    r\2cc6a.msi
    + 2010-12-04 19:27 . 2010-12-04 19:27 1347072
    c:\windows\Installe
    r\2cc62.msi
    + 2010-12-04 19:27 . 2010-12-04 19:27 1332736
    c:\windows\Installe
    r\2cc5a.msi
    + 2010-12-04 19:27 . 2010-12-04 19:27 1230336
    c:\windows\Installe
    r\2cc52.msi
    + 2010-12-04 19:27 . 2010-12-04 19:27 1062912
    c:\windows\Installe
    r\2cc4a.msi
    + 2010-12-04 19:26 . 2010-12-04 19:26 2030080
    c:\windows\Installe
    r\2cc3a.msi
    + 2010-12-04 19:08 . 2010-12-04 19:08 5788160
    c:\windows\Installe
    r\2b3d2.msi
    + 2010-12-04 19:22 . 2010-12-04 19:22 2210816
    c:\windows\Installe
    r\293759.msi
    + 2003-07-11 12:15 . 2003-07-11 12:15 1292872
    c:\windows\Installe
    r\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\MSONSEXT.DLL
    + 2003-08-03 20:56 . 2003-08-03 20:56 1146184
    c:\windows\Installe
    r\$PatchCache$\Managed\6140110900063D11C8EF10054038389C\11.0.5614\FM20.DLL
    + 2010-12-04 19:07 . 2010-12-04 19:07 1100392
    c:\windows\assembly
    \GAC\Microsoft.Office.Interop.Excel\11.0.0.0__71e9bce111e9429c\Microsoft.Office.
    Interop.Excel.dll
    + 2010-12-04 19:27 . 2010-12-04 19:27 10164224
    c:\windows\Install
    er\2cc42.msi
    + 2010-12-04 19:26 . 2010-12-04 19:26 12588544
    c:\windows\Install
    er\2cc33.msi

    .
    -- Snapshot resetado para data atual -.
    (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))
    )))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legtimas por defeito no so mostradas.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
    overlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2011-04-18 17:25
    122512 ----a-wc:\arquivos de programas\Alwil S
    oftware\Avast5\ashShell.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SuNotification"="c:\arquivos de programas\ShadowStor\ShadowUser\suatshut.exe" [
    2005-01-13 40960]
    "VSCyber"="c:\vitesoft\Client\VSCyberClient.exe" [2009-02-09 1444352]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
    ShadowUser Pro Edition.lnk - c:\arquivos de programas\ShadowStor\ShadowUser\Shad
    owUser.exe [2005-1-12 921600]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoSimpleStartMenu"= 0 (0x0)
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoSimpleStartMenu"= 0 (0x0)
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExec
    uteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\arquivos de programas\SUPERAntiSpy
    ware\SASSEH.DLL" [2008-05-13 77824]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify
    \!SASWinLogon]
    2009-09-03 22:21
    548352 ----a-wc:\arquivos de programas\SUPERAn
    tiSpyware\SASWINLO.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify
    \sunotify]
    2005-01-13 01:49
    90112 ----a-wc:\windows\system32\sunotify.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.e
    xe]
    2008-04-14 12:00
    15360 ----a-wc:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScr
    ibe Control Panel]
    2009-06-17 14:13
    2363392 ----a-wc:\arquivos de programas\Arquivo
    s comuns\LightScribe\LightScribeControlPanel.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authoriz
    edApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\CS\\hl.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Globally
    OpenPorts\List]
    "445:TCP"= 445:TCP:@xpsp2res.dll,-22005
    "137:UDP"= 137:UDP:@xpsp2res.dll,-22001
    "1155:TCP"= 1155:TCP:VSCyber
    .
    R0 Shadow;Shadow;c:\windows\system32\drivers\shadow.sys [25/1/2005 18:21 114624]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [24/4/2011 13:34 441176]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29/10/2010 22:42 307288]
    R1 SASDIFSV;SASDIFSV;c:\arquivos de programas\SUPERAntiSpyware\sasdifsv.sys [17/
    2/2010 15:25 12872]
    R1 SASKUTIL;SASKUTIL;c:\arquivos de programas\SUPERAntiSpyware\SASKUTIL.SYS [10/
    5/2010 15:41 67656]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29/10/2010 22:42
    19544]
    R2 KMService;KMService;c:\windows\system32\srvany.exe [4/12/2010 12:36 8192]
    S4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [29/10/2010 23:2
    0 229376]
    .
    --- =Outros Servios/Drivers Na Memria --.
    *NewlyCreated* - ASWSNX
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D
    85-AAD9-4558-ABDC-2AB1552D831F}]
    2009-06-17 14:11
    451872 ----a-wc:\arquivos de programas\Arquivo
    s comuns\LightScribe\LSRunOnce.exe
    .
    .
    ------- Scan Suplementar ------.
    uStart Page = hxxp://www.orkut.com/
    IE: &Enviar para o OneNote - c:\arquiv~1\MI1933~1\Office14\ONBttnIE.dll/105
    IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MI1933~1\OFFICE11\EXCEL.EXE/3
    000
    TCP: {E4AC2097-182D-4AE0-8A1F-50AD96898FE1} = 8.8.8.8
    FF - ProfilePath - c:\documents and settings\VSCyber\Dados de aplicativos\Mozill
    a\Firefox\Profiles\fkxwwkps.default\
    FF - prefs.js: browser.startup.homepage - www.orkut.com
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/
    /www.gmer.net
    Rootkit scan 2011-04-24 13:57
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    Procurando processos ocultos ...
    .

    Procurando entradas auto inicializveis ocultas ...


    .
    Procurando ficheiros/arquivos ocultos ...
    .
    Varredura completada com sucesso
    arquivos/ficheiros ocultos: 0
    .
    **************************************************************************
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------.
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E
    }]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX
    .exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E
    }\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E
    }\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E
    }\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6A
    F30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6A
    F30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6A
    F30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    --------------------- DLLs Carregadas Sob os Processos em Execuo -------------------.
    - - - - - - - > 'winlogon.exe'(620)
    c:\arquivos de programas\SUPERAntiSpyware\SASWINLO.DLL
    .
    - - - - - - - > 'explorer.exe'(3432)
    c:\windows\system32\msi.dll
    c:\windows\system32\ieframe.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Tempo para concluso: 2011-04-24 14:01:40
    ComboFix-quarantined-files.txt 2011-04-24 17:01

    ComboFix2.txt 2010-12-02 18:58


    .
    Pr-execuo: 9 pasta(s) 13.696.299.008 bytes disponveis
    Ps execuo: 11 pasta(s) 13.696.700.416 bytes disponveis
    .
    - - End Of File - - DB7AB53A375E614F6A879B466856ED05

    Вам также может понравиться