Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
ariwendell

Alguem pode dar uma olhada no meu log do Combofix?

Recommended Posts

Foi isso o q apareceu( o q devo fazer?):

ComboFix 08-10-16.08 - Ari Wendell 2008-10-17 14:27:53.3 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.1514 [GMT -2:00]

Executando de: C:\Documents and Settings\Ari Wendell\Desktop\ComboFix.exe

Comandos utilizados :: C:\Documents and Settings\Ari Wendell\Desktop\WinXP_BR_PRO_BF.EXE

* Criado um novo ponto de restauro

* Resident AV is active

.

(((((((((((((((( Arquivos/Ficheiros criados de 2008-09-17 to 2008-10-17 ))))))))))))))))))))))))))))

.

2008-10-17 12:54 . 2008-10-17 12:54 10,148 --a------ C:\WINDOWS\NTWLOG.003

2008-10-17 12:54 . 2008-10-17 12:54 8,986 --a------ C:\WINDOWS\NTWLOG.002

2008-10-17 12:54 . 2008-10-17 12:54 3,326 --a------ C:\WINDOWS\NTWLOG.000

2008-10-17 12:54 . 2008-10-17 12:54 2,032 --a------ C:\WINDOWS\NTWLOG.001

2008-10-17 12:54 . 2008-10-17 12:54 1,268 --a------ C:\WINDOWS\NTWLOG.005

2008-10-17 12:54 . 2008-10-17 12:54 1,136 --a------ C:\WINDOWS\NTWLOG.006

2008-10-17 12:52 . 2008-10-17 12:52 27,318 --a------ C:\WINDOWS\NTWLOG.007

2008-10-17 12:50 . 2008-10-17 12:51 <DIR> d-------- C:\Arquivos de programas\Cable e ADSL Speed

2008-10-17 12:50 . 2008-10-17 12:50 200,704 --------- C:\WINDOWS\Setup1.exe

2008-10-17 12:50 . 2008-10-17 12:50 73,216 --a------ C:\WINDOWS\ST6UNST.EXE

2008-10-17 11:56 . 2005-08-31 00:14 219,648 --a------ C:\WINDOWS\system32\uxtheme.backup

2008-10-17 10:39 . 2008-10-17 10:39 <DIR> d-------- C:\Arquivos de programas\Microsoft CAPICOM 2.1.0.2

2008-10-17 10:36 . 2008-05-09 08:55 512,000 --------- C:\WINDOWS\system32\DllCache\jscript.dll

2008-10-17 10:36 . 2008-05-09 08:55 430,080 --------- C:\WINDOWS\system32\DllCache\vbscript.dll

2008-10-17 10:36 . 2008-05-09 08:55 180,224 --------- C:\WINDOWS\system32\DllCache\scrobj.dll

2008-10-17 10:36 . 2008-05-09 08:55 172,032 --------- C:\WINDOWS\system32\DllCache\scrrun.dll

2008-10-17 10:36 . 2008-05-08 09:24 155,648 --------- C:\WINDOWS\system32\DllCache\wscript.exe

2008-10-17 10:36 . 2008-05-09 06:45 135,168 --------- C:\WINDOWS\system32\DllCache\cscript.exe

2008-10-17 10:36 . 2008-05-09 08:55 90,112 --------- C:\WINDOWS\system32\DllCache\wshext.dll

2008-10-17 08:33 . 2008-10-17 08:33 <DIR> d-------- C:\WINDOWS\system32\xircom

2008-10-17 08:33 . 2008-10-17 08:33 <DIR> d-------- C:\Arquivos de programas\microsoft frontpage

2008-10-17 08:30 . 2008-10-17 08:30 <DIR> d-------- C:\WINDOWS\system32\oobe

2008-10-17 08:30 . 2008-10-17 08:30 <DIR> d-------- C:\WINDOWS\system32\bits

2008-10-17 08:30 . 2008-10-17 08:30 <DIR> d-------- C:\WINDOWS\l2schemas

2008-10-17 08:28 . 2008-10-17 08:28 <DIR> d-------- C:\WINDOWS\ServicePackFiles

2008-10-17 00:07 . 2008-04-14 00:20 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll

2008-10-16 23:00 . 2008-10-16 23:00 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\MozillaControl

2008-10-16 22:17 . 2008-10-17 12:49 <DIR> d-------- C:\Arquivos de programas\'Full Speed' Internet Booster + Performance Tests

2008-10-16 22:01 . 2008-10-16 22:01 <DIR> d-------- C:\WINDOWS\'Full Speed' Internet Booster + Performance Tests

2008-10-16 22:01 . 2008-10-17 12:49 <DIR> d-------- C:\aidualc3

2008-10-16 20:38 . 2008-10-16 20:38 <DIR> d-------- C:\Arquivos de programas\MSXML 4.0

2008-10-16 13:13 . 2008-10-16 13:14 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\TypingMaster7

2008-10-16 11:24 . 2008-08-14 11:24 2,193,408 --------- C:\WINDOWS\system32\DllCache\ntoskrnl.exe

2008-10-16 11:24 . 2008-08-14 11:24 2,149,376 --------- C:\WINDOWS\system32\DllCache\ntkrnlmp.exe

2008-10-16 11:24 . 2008-08-14 11:24 2,070,272 --------- C:\WINDOWS\system32\DllCache\ntkrnlpa.exe

2008-10-16 11:24 . 2008-08-14 11:24 2,028,032 --------- C:\WINDOWS\system32\DllCache\ntkrpamp.exe

2008-10-16 10:39 . 2008-06-14 15:34 272,384 --------- C:\WINDOWS\system32\DllCache\bthport.sys

2008-10-16 10:34 . 2008-09-08 08:41 333,824 --------- C:\WINDOWS\system32\DllCache\srv.sys

2008-10-16 10:32 . 2008-09-15 13:26 1,846,528 --------- C:\WINDOWS\system32\DllCache\win32k.sys

2008-10-16 10:12 . 2008-05-08 12:02 203,136 --------- C:\WINDOWS\system32\DllCache\rmcast.sys

2008-10-16 10:11 . 2008-05-01 12:36 331,776 --------- C:\WINDOWS\system32\DllCache\msadce.dll

2008-10-16 10:10 . 2008-04-11 17:05 691,712 --------- C:\WINDOWS\system32\DllCache\inetcomm.dll

2008-10-16 09:58 . 2007-07-30 20:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2008-10-16 09:58 . 2007-07-30 20:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2008-10-16 09:09 . 2006-09-01 22:42 694,532 --a------ C:\WINDOWS\system32\Tutorial.chm

2008-10-16 09:09 . 2007-10-02 01:59 1,806 --a------ C:\WINDOWS\system32\Chave.reg

2008-10-16 07:44 . 2008-10-16 07:44 <DIR> d-------- C:\Documents and Settings\ari\Dados de aplicativos\GetRight

2008-10-15 23:02 . 2008-10-15 23:02 <DIR> d-------- C:\Documents and Settings\Administrador\Dados de aplicativos\GetRight

2008-10-15 22:18 . 2008-10-15 22:21 <DIR> d-------- C:\Downloads

2008-10-15 22:17 . 2008-10-16 08:46 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\GetRight

2008-10-15 22:04 . 2008-10-15 22:04 <DIR> d-------- C:\Arquivos de programas\Portabilizer

2008-10-15 21:46 . 2008-10-17 10:06 <DIR> d-------- C:\Arquivos de programas\Zylom Games

2008-10-15 21:36 . 2008-10-15 21:36 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Zylom

2008-10-13 22:06 . 2008-10-13 22:06 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Two Pilots

2008-10-13 20:30 . 2008-10-13 20:30 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\xing shared

2008-10-13 20:21 . 2008-10-13 20:21 <DIR> d-------- C:\Arquivos de programas\Real

2008-10-13 20:21 . 2008-10-13 20:30 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Real

2008-10-12 23:02 . 2008-10-12 23:02 <DIR> d-------- C:\Documents and Settings\ari\Tracing

2008-10-11 09:07 . 2008-10-11 09:07 <DIR> d-------- C:\Documents and Settings\ari\Dados de aplicativos\Windows Search

2008-10-07 17:41 . 2008-09-04 23:03 56,344 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys

2008-10-04 20:33 . 2008-10-04 20:33 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Adobe AIR

2008-10-04 20:19 . 2008-10-04 20:19 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

2008-10-03 23:57 . 2008-10-03 23:57 <DIR> d-------- C:\ATUALIZACAO

2008-10-02 16:52 . 2008-10-02 16:52 <DIR> d-------- C:\Arquivos de programas\VVSN

2008-10-02 16:51 . 2008-10-02 16:51 223,128 --a------ C:\WINDOWS\system32\drivers\dtscsi.sys

2008-10-02 13:10 . 2008-10-02 15:39 <DIR> d-------- C:\Arquivos de programas\NCSoft

2008-10-02 13:02 . 2008-10-02 13:10 <DIR> d-------- C:\Documents and Settings\ari\Dados de aplicativos\GetRightToGo

2008-10-01 23:48 . 2008-10-17 14:28 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\DNA

2008-10-01 23:48 . 2008-10-16 14:43 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\BitTorrent

2008-10-01 23:48 . 2008-10-01 23:48 <DIR> d-------- C:\Arquivos de programas\DNA

2008-10-01 19:02 . 2008-10-01 19:06 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Adobe

2008-10-01 18:47 . 2008-10-01 18:53 <DIR> d-------- C:\WINDOWS\SxsCaPendDel

2008-10-01 17:22 . 2008-10-01 18:53 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\NOS

2008-10-01 17:22 . 2008-10-01 18:53 <DIR> d-------- C:\Arquivos de programas\NOS

2008-10-01 15:44 . 2008-10-01 15:44 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Winferno

2008-10-01 14:05 . 2008-10-01 14:05 <DIR> d-------- C:\Arquivos de programas\Free Offers from Freeze.com

2008-10-01 13:44 . 2008-10-01 13:44 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Yahoo! Companion

2008-10-01 13:34 . 2008-10-01 13:34 <DIR> d-------- C:\Arquivos de programas\Yahoo!

2008-10-01 13:10 . 2008-10-01 17:04 <DIR> d-------- C:\Arquivos de programas\Ultimate Racing Showdown

2008-09-30 23:13 . 2008-09-30 23:13 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Wings3D

2008-09-30 22:56 . 2008-09-30 23:01 <DIR> d-------- C:\Arquivos de programas\weblin

2008-09-30 22:52 . 2008-09-30 23:01 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\zweitgeist

2008-09-30 22:13 . 2008-09-30 22:13 <DIR> d-------- C:\Arquivos de programas\wings3d_0.99.03

2008-09-30 22:09 . 2008-09-30 22:09 <DIR> d-------- C:\Arquivos de programas\UVMapper Professional Demo

2008-09-30 14:51 . 2008-09-30 14:51 <DIR> d-------- C:\Documents and Settings\ari\Dados de aplicativos\Windows Desktop Search

2008-09-29 23:02 . 2008-10-09 23:10 664 --a------ C:\WINDOWS\system32\d3d9caps.dat

2008-09-29 08:07 . 2008-09-29 08:07 <DIR> d-------- C:\Documents and Settings\Administrador\Dados de aplicativos\Windows Search

2008-09-29 08:07 . 2008-09-29 08:07 <DIR> d-------- C:\Documents and Settings\Administrador\Dados de aplicativos\Windows Desktop Search

2008-09-28 19:20 . 2008-09-28 19:20 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Windows Search

2008-09-28 19:18 . 2008-09-28 19:18 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Windows Desktop Search

2008-09-28 19:18 . 2008-09-28 19:18 <DIR> d-------- C:\Arquivos de programas\Windows Desktop Search

2008-09-28 19:17 . 2008-03-07 15:02 192,000 --------- C:\WINDOWS\system32\DllCache\offfilt.dll

2008-09-28 19:17 . 2008-03-07 15:02 98,304 --------- C:\WINDOWS\system32\DllCache\nlhtml.dll

2008-09-28 19:17 . 2008-03-07 15:02 29,696 --------- C:\WINDOWS\system32\DllCache\mimefilt.dll

2008-09-25 16:02 . 2008-09-25 22:06 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Apple Computer

2008-09-25 16:01 . 2008-10-16 13:57 <DIR> d-------- C:\Arquivos de programas\Bonjour

2008-09-25 16:00 . 2008-10-07 17:29 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Apple Computer

2008-09-25 16:00 . 2008-09-25 16:00 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Apple

2008-09-25 16:00 . 2008-10-07 17:29 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Apple

2008-09-25 16:00 . 2008-09-25 16:00 <DIR> d-------- C:\Arquivos de programas\Apple Software Update

2008-09-23 23:44 . 2008-09-29 15:18 <DIR> d-------- C:\Arquivos de programas\UltraISO

2008-09-23 23:44 . 2008-09-23 23:44 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\EZB Systems

2008-09-23 19:17 . 2008-09-23 19:17 <DIR> d-------- C:\Arquivos de programas\Shock Utility

2008-09-23 19:17 . 2008-09-23 19:17 65,536 --a------ C:\WINDOWS\IFinst27.exe

2008-09-23 19:14 . 2008-09-23 19:15 <DIR> d-------- C:\Arquivos de programas\AeroDesktop

2008-09-23 18:20 . 2008-09-23 18:20 <DIR> d-------- C:\WINDOWS\system32\hitman_ss dir

2008-09-23 18:19 . 2008-09-23 18:20 520,192 --a------ C:\WINDOWS\system32\hitman_ss.scr

2008-09-23 14:19 . 2008-09-23 14:19 0 --a------ C:\WINDOWS\graphedit.INI

2008-09-21 19:33 . 2008-10-07 17:39 <DIR> d-------- C:\Arquivos de programas\Windows Live Toolbar

2008-09-21 19:33 . 2008-09-21 19:33 <DIR> d-------- C:\Arquivos de programas\Windows Live Favorites

2008-09-21 19:29 . 2008-09-21 19:29 <DIR> d-------- C:\Arquivos de programas\Microsoft SQL Server Compact Edition

2008-09-21 18:53 . 2008-10-07 17:29 <DIR> d-------- C:\Arquivos de programas\QuickTime

2008-09-21 09:45 . 2008-09-21 09:45 <DIR> d-------- C:\Arquivos de programas\K-Lite Codec Pack

2008-09-20 22:30 . 2008-09-21 16:28 <DIR> d-------- C:\Arquivos de programas\SopCast

2008-09-20 14:41 . 2008-09-28 19:18 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy

2008-09-20 14:40 . 2008-09-20 14:44 <DIR> d-------- C:\Arquivos de programas\Hitman Pro

2008-09-20 10:25 . 2008-09-20 10:25 <DIR> dr-h----- C:\Documents and Settings\Administrador\Dados de aplicativos\SecuROM

2008-09-20 08:01 . 2008-09-20 08:01 <DIR> d-------- C:\Documents and Settings\Administrador\Dados de aplicativos\AdobeUM

2008-09-20 07:19 . 2008-10-17 13:56 <DIR> d-------- C:\Documents and Settings\Administrador\Tracing

2008-09-19 21:52 . 2008-10-17 13:58 <DIR> d-------- C:\Documents and Settings\Ari Wendell\Tracing

2008-09-19 21:52 . 2008-09-19 21:52 <DIR> d-------- C:\Arquivos de programas\Microsoft Office Outlook Connector

2008-09-19 21:52 . 2006-11-29 14:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll

2008-09-19 21:50 . 2008-09-19 21:50 <DIR> d-------- C:\Arquivos de programas\Microsoft

2008-09-19 20:57 . 2008-09-19 20:57 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Windows Live

2008-09-17 16:08 . 2008-08-23 18:13 <DIR> d-------- C:\Documents and Settings\ari\nodtmpb

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-10-17 15:59 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Lightcomm

2008-10-17 14:44 --------- d-----w C:\Arquivos de programas\Windows Live Safety Center

2008-10-17 12:51 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

2008-10-16 00:59 --------- d-----w C:\Arquivos de programas\Windows Media Connect 2

2008-10-13 22:29 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll

2008-10-13 22:29 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll

2008-10-13 16:00 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\Lightcomm

2008-10-11 10:45 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Vso

2008-10-07 19:41 --------- d-----w C:\Arquivos de programas\Windows Live

2008-10-04 11:44 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller

2008-10-03 19:58 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll

2008-10-03 17:26 6,066,176 ----a-w C:\WINDOWS\system32\DllCache\ieframe.dll

2008-10-02 17:39 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

2008-09-21 21:15 --------- dcsh--w C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller

2008-09-15 15:26 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys

2008-09-14 20:40 201,728 ----a-w C:\WINDOWS\system32\HSM3_ScreenSaver.scr

2008-09-14 11:14 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\Zylom

2008-09-13 12:53 --------- d-----w C:\Arquivos de programas\Reference Assemblies

2008-09-13 12:53 --------- d-----w C:\Arquivos de programas\MSBuild

2008-09-13 12:50 --------- d-----w C:\Arquivos de programas\MSXML 6.0

2008-09-13 10:47 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Zylom

2008-09-11 17:01 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\DAEMON Tools

2008-09-09 03:03 51,712 ----a-w C:\WINDOWS\system32\sirenacm.dll

2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys

2008-09-08 00:51 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Gizmo5

2008-09-07 11:10 --------- d-----w C:\Arquivos de programas\Sun

2008-09-07 11:09 --------- d-----w C:\Arquivos de programas\Java

2008-09-06 17:20 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2008-09-06 17:20 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Nero

2008-09-06 01:31 267,304 ------w C:\WINDOWS\system32\DllCache\wgaLogon.dll

2008-09-06 01:30 951,336 ------w C:\WINDOWS\system32\DllCache\WgaTray.exe

2008-09-05 23:11 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\IGN_DLM

2008-09-05 19:04 288,768 ----a-w C:\WINDOWS\WLXPGSS.SCR

2008-09-04 18:56 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\Yahoo!

2008-09-04 18:47 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\Nero

2008-09-04 18:44 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Nero

2008-09-02 15:17 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys

2008-09-02 15:17 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\DAEMON Tools

2008-09-02 02:15 --------- d-----w C:\Arquivos de programas\DirecteX

2008-09-01 16:40 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Yahoo!

2008-09-01 16:40 --------- d-----w C:\Arquivos de programas\IObit

2008-08-31 20:23 --------- d-----w C:\Arquivos de programas\Conduit

2008-08-30 21:28 77,824 ----a-w C:\WINDOWS\system32\kdfapi.dll

2008-08-30 21:28 640,352 ----a-w C:\WINDOWS\system32\kdfmgr.exe

2008-08-30 21:28 53,248 ----a-w C:\WINDOWS\system32\Kdfhok.dll

2008-08-30 21:28 192,512 ----a-w C:\WINDOWS\system32\kdfvmgr.exe

2008-08-30 21:21 766,816 ----a-w C:\WINDOWS\system32\kdfinj.dll

2008-08-30 21:21 213,075 ----a-w C:\WINDOWS\system32\kdfmod.dll

2008-08-30 02:46 2,887,680 ----a-w C:\WINDOWS\system32\VagalumePluginWMP.dll

2008-08-29 13:18 87,336 ----a-w C:\WINDOWS\system32\dns-sd.exe

2008-08-29 12:53 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll

2008-08-29 00:16 --------- d-----w C:\Arquivos de programas\Google

2008-08-27 09:11 3,593,216 ----a-w C:\WINDOWS\system32\DllCache\mshtml.dll

2008-08-27 00:40 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\FDRLab

2008-08-27 00:31 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\TVU Networks

2008-08-27 00:31 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\TVU Networks

2008-08-27 00:08 --------- d-----w C:\Arquivos de programas\RelevantKnowledge

2008-08-26 22:15 --------- d-----w C:\Arquivos de programas\Programas RFB

2008-08-25 20:00 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\AdobeUM

2008-08-25 16:14 --------- d-----w C:\Arquivos de programas\Oi Velox

2008-08-25 08:42 70,656 ------w C:\WINDOWS\system32\DllCache\ie4uinit.exe

2008-08-25 08:38 13,824 ------w C:\WINDOWS\system32\DllCache\ieudinit.exe

2008-08-25 01:29 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\SmarThru4

2008-08-25 01:29 --------- d-----w C:\Arquivos de programas\SmarThru 4

2008-08-25 01:29 --------- d-----w C:\Arquivos de programas\Readiris10

2008-08-25 01:29 --------- d-----w C:\Arquivos de programas\Arquivos comuns\SRC Shared

2008-08-25 01:28 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-08-25 01:25 --------- d-----w C:\Arquivos de programas\SAMSUNG

2008-08-25 00:14 --------- d-----w C:\Documents and Settings\Ari Wendell\Dados de aplicativos\Media Player Classic

2008-08-23 21:01 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Windows Live Toolbar

2008-08-23 20:36 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\InstallShield

2008-08-23 20:36 --------- d-----w C:\Arquivos de programas\Realtek

2008-08-23 20:33 --------- d-----w C:\Arquivos de programas\Intel

2008-08-23 20:29 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\ESET

2008-08-23 20:29 --------- d-----w C:\Arquivos de programas\ESET

2008-08-23 20:23 --------- d-----w C:\Arquivos de programas\Microsoft Works

2008-08-23 20:13 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Java

2008-08-23 20:11 --------- d-----w C:\Arquivos de programas\Serviços on-line

2008-08-23 20:09 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Serviços

2008-08-23 05:56 635,848 ----a-w C:\WINDOWS\system32\DllCache\iexplore.exe

2008-08-23 05:54 161,792 ----a-w C:\WINDOWS\system32\DllCache\ieakui.dll

2008-08-14 13:24 2,149,376 ----a-w C:\WINDOWS\system32\ntoskrnl.exe

2008-08-14 13:24 2,028,032 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe

2008-08-14 10:04 138,496 ------w C:\WINDOWS\system32\DllCache\afd.sys

2008-08-06 12:18 69,632 ----a-r C:\WINDOWS\system32\MSJCE.dll

2008-07-29 23:35 326,160 ----a-w C:\WINDOWS\system32\PresentationHost.exe

2008-07-29 22:59 781,344 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll

2008-07-29 22:59 43,544 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll

2008-07-29 22:59 105,016 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2008-07-29 22:24 97,800 ----a-w C:\WINDOWS\system32\infocardapi.dll

2008-07-29 22:24 622,080 ----a-w C:\WINDOWS\system32\icardagt.exe

2008-07-29 22:24 11,264 ----a-w C:\WINDOWS\system32\icardres.dll

2008-07-25 14:16 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll

2008-07-25 14:16 83,968 ----a-w C:\WINDOWS\system32\mscories.dll

2008-07-25 14:16 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll

2008-07-25 14:16 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll

2008-07-25 08:34 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll

2008-07-25 08:34 683,520 ----a-w C:\WINDOWS\system32\divx.dll

2008-07-23 16:50 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

2008-08-21 16:15 94736 --a------ C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{21FA44EF-376D-4D53-9B0F-8A89D3229068}"= "C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll" [2008-09-02 953360]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{21FA44EF-376D-4D53-9B0F-8A89D3229068}"= "C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll" [2008-09-02 953360]

[HKEY_CLASSES_ROOT\clsid\{21fa44ef-376d-4d53-9b0f-8a89d3229068}]

[HKEY_CLASSES_ROOT\TypeLib\{182E05A4-F4FF-4F73-8C84-D36B87D915AF}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]

"MsnMsgr"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2008-09-09 3513344]

"swg"="C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-08-28 171448]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe" [bU]

"BitTorrent DNA"="C:\Arquivos de programas\DNA\btdna.exe" [2008-10-01 289088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"egui"="C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 1443072]

"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-11-28 98304]

"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-11-28 77824]

"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-11-28 118784]

"Samsung PanelMgr"="C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe" [2006-08-16 503808]

"desp2k"="C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe" [2006-08-03 65536]

"Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"VVSN"="C:\Arquivos de programas\VVSN\VVSN.exe" [2005-10-25 107520]

"TkBellExe"="C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" [2008-10-13 185896]

"CASpeed"="C:\Arquivos de programas\Cable e ADSL Speed\NtwCA.exe" [2002-10-16 157696]

"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]

"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nlsf"="move" [X]

"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-03 44544]

C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar\

Recorte de tela e Iniciador do OneNote 2007.lnk - C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

C:\Documents and Settings\Ari Wendell\Menu Iniciar\Programas\Inicializar\

Recorte de tela e Iniciador do OneNote 2007.lnk - C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\

Windows Search.lnk - C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"ForceClassicControlPanel"= 1 (0x1)

"NoResolveSearch"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "C:\Arquivos de programas\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Reader Speed Launch.lnk

backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"C:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"C:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Arquivos de programas\\SopCast\\adv\\SopAdver.exe"=

"D:\\Arquivos de programas\\eMule\\emule.exe"=

"C:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=

"C:\\Arquivos de programas\\DNA\\btdna.exe"=

"D:\\Arquivos de programas\\BitTorrent\\bittorrent.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 33800]

R2 cmpe;Context Manager Process Extension;C:\WINDOWS\system32\cmpe.exe [2007-02-26 61440]

R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2008-09-04 56344]

R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);C:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYS [2002-06-10 31232]

S3 fsssvc;Windows Live Proteção para a Família;C:\Arquivos de programas\Windows Live\Family Safety\fsssvc.exe [2008-09-04 512536]

S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 XDva195;XDva195;C:\WINDOWS\system32\XDva195.sys [ ]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ded7fa9-7d13-11dd-9693-001a4dacb637}]

\Shell\AutoRun\command - F:\Autorun.exe

.

Conteúdo da pasta 'Tarefas Agendadas'

2008-10-14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

- C:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 13:34]

2008-10-15 C:\WINDOWS\Tasks\rpc.job

- C:\Arquivos de programas\Winferno\RegistryPowerCleaner\RegPowerClean.exe []

.

- - - - ORFÃOS REMOVIDOS - - - -

HKCU-Run-updateMgr - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

HKCU-Run-igndlm.exe - C:\Arquivos de programas\Download Manager\DLM.exe

HKCU-Run-QuickPhrase - C:\Arquivos de programas\TypingMaster\quickphrase\quickphrase.exe

.

------- Scan Suplementar -------

.

R0 -: HKCU-Main,Start Page = hxxp://www.centralexpert.net/

R0 -: HKCU-Main,SearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore

O8 -: &Windows Live Search - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 -: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 -: E&xportar para o Microsoft Excel - C:\ARQUIV~1\MICROS~1\Office12\EXCEL.EXE/3000

O17 -: HKLM\CCS\Interface\{BDC9B16E-013E-4ED2-9DAC-29A5C0F47983}: NameServer = 200.165.132.155 200.149.55.142

O16 -: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} - hxxp://kings.nefficient.co.kr/kings/kdfx/kdfx308/kdfense8.cab

C:\WINDOWS\Downloaded Program Files\kdfense8.inf

C:\WINDOWS\system32\mfc42.dll

C:\WINDOWS\system32\msvcrt.dll

C:\WINDOWS\system32\olepro32.dll

C:\WINDOWS\system32\uninstallkdf8.exe

C:\WINDOWS\Downloaded Program Files\kdfense8.ocx

.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-10-17 14:31:49

Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

.

Tempo para conclusão: 2008-10-17 14:32:54

ComboFix-quarantined-files.txt 2008-10-17 16:32:30

ComboFix2.txt 2008-10-17 15:57:36

Pré-execução: 18 pasta(s) 12,979,789,824 bytes disponíveis

Pós execução: 18 pasta(s) 12,966,899,712 bytes disponíveis

WinXP_BR_PRO_BF.EXE

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

364 --- E O F --- 2008-10-17 13:11:48

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×