Combo Fix

ComboFix 09-08-31.03 - Lan 01/09/2009 9:55.1.
1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1023.729 [GMT -3:00]
Executando de: c:\documents and settings\Lan\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-
A743-FDD3350758C7}
.
(((((((((((((((( Arquivos/Ficheiros criados de 2009-08-01 to 2009-09-

01 ))))))))))))))))))))))))))))
.
2009-09-01 12:28 . 2009-02-13 19:01 79105 ----a-w- c:\documents and settings\All

Users\Dados de aplicativos\Avira\AntiVir Desktop\TEMP\UPDATE\TMP_UPDATE\updext.dll
2009-09-01 12:28 . 2009-09-01 12:08 404737 ----a-w- c:\documents and
settings\All Users\Dados de aplicativos\Avira\AntiVir
Desktop\TEMP\UPDATE\TMP_UPDATE\update.exe
Desktop\TEMP\UPDATE\TMP_UPDATE\update.dll
2009-09-01 12:28 . 2009-04-09 13:20 79105 ----a-w- c:\documents and settings\All
Users\Dados de aplicativos\Avira\AntiVir
Desktop\TEMP\UPDATE\TMP_UPDATE\updaterc.dll
Desktop\TEMP\UPDATE\TMP_UPDATE\scewxmlw.dll
.
((((((((((((((((((((((((((((((((((((( Relat�rio
Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-01 12:29 . 2005-09-23 21:10 55656 ----a-w-
c:\windows\system32\drivers\avgntflt.sys
2009-07-30 11:39 . 2009-07-30 11:39 -------- d-----w- c:\arquivos de
programas\Arquivos comuns\Adobe
2009-07-09 11:49 . 2009-07-09 11:49 -------- d-----w- c:\arquivos de
programas\XMoto
2009-07-03 21:51 . 2009-07-03 21:50 -------- d-----w- c:\arquivos de
programas\PhotoScape
2009-07-03 21:35 . 2009-07-03 21:35 -------- d-----w- c:\arquivos de
programas\Google
2009-07-03 20:55 . 2005-09-23 18:46 -------- d-----w- c:\arquivos de
programas\FirebirdClient
2009-07-03 20:32 . 2009-07-03 20:32 -------- d-----w- c:\arquivos de
programas\Windows Media Connect 2
.
(((((((((((((((((((((((((( Pontos de Carregamento do

Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e leg�timas por defeito n�o s�o mostradas.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FixCamera"="c:\windows\FixCamera.exe" [2007-07-11 20480]
"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]
"snp325"="c:\windows\vsnp325.exe" [2007-05-10 835584]
"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe"
[2005-11-10 36975]
"GrooveMonitor"="c:\arquivos de programas\Microsoft
Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02
209153]
"VSCyber"="c:\vitesoft\Client\VSCyberClient.exe" [2009-02-09 1444352]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

Adobe Reader Speed Launch.lnk - c:\arquivos de programas\Adobe\Acrobat
7.0\Reader\reader_sl.exe [2005-9-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleStartMenu"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleStartMenu"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows
nt\currentversion\winlogon\notify\DfLogon]
2005-11-20 11:21 49152 ----a-w- c:\windows\system32\LogonDll.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /k:C *
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authorized
Applications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOp
enPorts\List]
"1155:TCP"= 1155:TCP:VSCyber
"445:TCP"= 445:TCP:@xpsp2res.dll,-22005
"137:UDP"= 137:UDP:@xpsp2res.dll,-22001
R0 DeepFrz;DeepFrz;c:\windows\system32\drivers\DeepFrz.sys [20/11/2005 08:16

134016]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de
programas\Avira\AntiVir Desktop\sched.exe [23/9/2005 18:10 108289]
R3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys
[23/9/2005 10:53 10394624]
.
- - - - ORF�OS REMOVIDOS - - - -
HKLM-Run-Cmaudio - cmicnfg.cpl
.
------- Scan Suplementar -------
.
IE: E&xportar para o Microsoft Excel -
c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {F1E7B069-48D3-4611-BACA-09DAD8D8300C} = 192.168.0.18
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Lan\Dados de
aplicativos\Mozilla\Firefox\Profiles\yjsmti17.default\
FF - plugin: c:\arquivos de programas\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\arquivos de programas\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\arquivos de programas\Java\jre1.5.0_06\bin\NPOJI610.dll
---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js -
pref("browser.fixup.alternate.suffix", ".com.br");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

http://www.gmer.net
Rootkit scan 2009-09-01 10:01
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializ�veis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso

arquivos/ficheiros ocultos: 0
**************************************************************************
.
--------------------- DLLs Carregadas Sob os Processos em Execu��o
---------------------
- - - - - - - > 'winlogon.exe'(768)
c:\windows\system32\LogonDll.dll
- - - - - - - > 'explorer.exe'(2668)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Tempo para conclus�o: 2009-09-01 10:05
ComboFix-quarantined-files.txt 2009-09-01 13:04
Pr�-execu��o: 7 pasta(s) 99.329.150.976 bytes dispon�veis

P�s execu��o: 7 pasta(s) 99.301.187.584 bytes dispon�veis
110

Combo Fix

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Combo Fix

Diunggah oleh

Hak Cipta:

Format Tersedia

ComboFix 09-08-31.03 - Lan 01/09/2009 9:55.1.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-08-01 to 2009-09-

2009-09-01 12:28 . 2009-02-13 19:01 79105 ----a-w- c:\documents and settings\All

(((((((((((((((((((((((((( Pontos de Carregamento do

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

R0 DeepFrz;DeepFrz;c:\windows\system32\drivers\DeepFrz.sys [20/11/2005 08:16

---- FIREFOX POLICIES ----

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

Procurando processos ocultos ...

Procurando entradas auto inicializ�veis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

Pr�-execu��o: 7 pasta(s) 99.329.150.976 bytes dispon�veis

Anda mungkin juga menyukai