Scribd Logo
Unggah

Selamat datang di Scribd!

  • Combo Fix

    Diunggah oleh

    Fabricio Gonçalves
    21 tayangan4 halaman

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    TXT, PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    21 tayangan4 halaman

    Combo Fix

    Diunggah oleh

    Fabricio Gonçalves

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai TXT, PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 4

    ComboFix 10-01-27.05 - Administrador 28/01/2010 10:29:24.1.

    2 - x86
    Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.494.102 [GMT -2:00
    ]
    Executando de: c:\arquivos de programas\ComboFix.exe
    AV: AVG Anti-Virus Free *On-access scanning enabled* (Outdated) {17DDD097-36FF-4
    35F-9E1B-52D74245D6BF}
    ATENAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAO INSTALADA !!
    .
    (((((((((((((((((((((((((((((((((((((
    ))))))))))))))))))))))))))))
    .

    Outras Excluses

    )))))))))))))))))))))))

    c:\documents and settings\Administrador\Dados de aplicativos\Desktopicon


    c:\documents and settings\Administrador\Dados de aplicativos\Desktopicon\eBay.ic
    o
    c:\documents and settings\Administrador\Dados de aplicativos\Desktopicon\uninst.
    exe
    c:\windows\system32\csrcs.exe
    .
    (((((((((((((((( Arquivos/Ficheiros criados de 2009-12-28 to 2010-01-28 )))))
    )))))))))))))))))))))))
    .
    2010-01-28 12:27 . 2010-01-28 10:15
    rogramas\ComboFix.exe

    3839130 ----a-r-

    c:\arquivos de p

    .
    ((((((((((((((((((((((((((((((((((((( Relatrio Find3M )))))))))))))))))))))))
    )))))))))))))))))))))))))))))
    .
    2009-12-21 10:54 . 2009-12-21 10:54
    294656 ----a-wc:\documents and
    settings\All Users\Dados de aplicativos\avg9\update\backup\avglngx.dll
    2009-12-18 09:56 . 2009-12-17 14:42
    333192 ----a-wc:\windows\syste
    m32\drivers\avgldx86.sys
    2009-12-18 09:56 . 2009-12-17 14:42
    12464 ----a-wc:\windows\syste
    m32\avgrsstx.dll
    2009-12-18 09:56 . 2007-11-13 11:51
    28424 ----a-wc:\windows\syste
    m32\drivers\avgmfx86.sys
    2009-12-18 09:56 . 2009-12-23 12:27
    3776280 ----a-wc:\documents and
    settings\All Users\Dados de aplicativos\avg9\update\backup\setup.exe
    2009-12-18 09:56 . 2009-12-23 12:27
    3967256 ----a-wc:\documents and
    settings\All Users\Dados de aplicativos\avg9\update\backup\avgcorex.dll
    2009-12-18 09:56 . 2009-12-21 10:54
    2352920 ----a-wc:\documents and
    settings\All Users\Dados de aplicativos\avg9\update\backup\avgresf.dll
    2009-12-18 09:56 . 2009-12-23 12:27
    4043032 ----a-wc:\documents and
    settings\All Users\Dados de aplicativos\avg9\update\backup\avgui.exe
    2009-12-18 09:56 . 2009-12-17 14:42
    360584 ----a-wc:\windows\syste
    m32\drivers\avgtdix.sys
    2009-12-18 09:56 . 2009-12-23 12:27
    916248 ----a-wc:\documents and
    settings\All Users\Dados de aplicativos\avg9\update\backup\avgcfgx.dll
    2009-12-18 09:56 . 2009-12-18 09:56
    -------d-----wc:\docum
    ents and settings\All Users\Dados de aplicativos\avg9
    2009-12-18 09:56 . 2009-12-17 14:42
    -------d-----wc:\arqui
    vos de programas\AVG
    2009-12-17 14:42 . 2009-12-17 14:42
    -------d-----wc:\docum
    ents and settings\All Users\Dados de aplicativos\AVG Security Toolbar
    2009-12-17 10:04 . 2006-03-02 12:00
    83888 ----a-wc:\windows\syste

    m32\perfc016.dat
    2009-12-17 10:04 . 2006-03-02 12:00
    479704 ----a-wc:\windows\syste
    m32\perfh016.dat
    2009-12-03 13:14 . 2009-12-03 13:14
    -------d-----wc:\docum
    ents and settings\Administrador\Dados de aplicativos\CyberLink
    2009-11-30 18:46 . 2009-11-30 18:46
    -------d-----wc:\docum
    ents and settings\Administrador\Dados de aplicativos\Corel
    2009-11-30 18:45 . 2007-11-01 14:58
    -------d--h--wc:\arqui
    vos de programas\InstallShield Installation Information
    2009-11-30 18:45 . 2009-11-30 18:45
    -------d-----wc:\arqui
    vos de programas\Arquivos comuns\Corel
    2009-11-30 18:45 . 2007-11-01 14:57
    -------d-----wc:\arqui
    vos de programas\Arquivos comuns\InstallShield
    2009-11-30 18:44 . 2009-11-30 18:44
    -------d-----wc:\arqui
    vos de programas\Corel
    2005-04-01 00:17 . 2007-11-01 15:08
    40960 ----a-wc:\arquivos de p
    rogramas\Uninstall_CDS.exe
    .
    (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))
    )))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legtimas por defeito no so mostradas.
    REGEDIT4
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\arquivos de programas\AVG\AVG9\Too
    lbar\IEToolbar.dll" [2009-11-25 1230080]
    [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D75601
    7C}]
    2009-11-25 15:01
    1230080 ----a-wc:\arquivos de programas\AVG\AVG
    9\Toolbar\IEToolbar.dll
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D81274
    40}]
    2009-05-19 15:37
    1144712 ----a-wc:\arquivos de programas\Ask.com
    \GenericAskToolbar.dll
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\arquivos de programas\Ask.com\Gene
    ricAskToolbar.dll" [2009-05-19 1144712]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\arquivos de programas\AVG\AVG9\Too
    lbar\IEToolbar.dll" [2009-11-25 1230080]
    [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\arquivos de programas\Ask.com\Gene
    ricAskToolbar.dll" [2009-05-19 1144712]
    "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\arquivos de programas\AVG\AVG9\Too
    lbar\IEToolbar.dll" [2009-11-25 1230080]

    [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="c:\arquivos de programas\Messenger\msmsgs.exe" [2004-10-13 1694208]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\arquivos de programas\ATI Technologies\ATI.ACE\Core-Static\CLISta
    rt.exe" [2006-11-10 90112]
    "SkyTel"="SkyTel.EXE" [2006-05-17 2879488]
    "atchk"="c:\arquivos de programas\Intel\AMT\atchk.exe" [2006-12-06 404288]
    "RemoteControl"="c:\arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDSe
    rv.exe" [2003-12-08 32768]
    "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
    "Xerox PanelMgr"="c:\windows\Xerox\PanelMgr\ssmmgr.exe" [2006-11-08 520192]
    "RTHDCPL"="RTHDCPL.EXE" [2006-12-20 16062464]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
    "SDMManager"="c:\windows\sdmcollector\SDMManager.exe" [2009-10-14 24576]
    "SDMCollector"="c:\windows\sdmcollector\dprInventario.exe" [2009-11-26 1127424]
    "AVG9_TRAY"="c:\arquiv~1\AVG\AVG9\avgtray.exe" [2009-12-18 2033432]
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
    c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
    Adobe Reader Speed Launch.lnk - c:\arquivos de programas\Adobe\Acrobat 7.0\Reade
    r\reader_sl.exe [2004-12-14 29696]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify
    \avgrsstarter]
    2009-12-18 09:56
    12464 ----a-wc:\windows\system32\avgrsstx.dll
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authoriz
    edApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\WINDOWS\\SDMCollector\\dprInventario.exe"=
    "c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
    "c:\\Arquivos de programas\\AVG\\AVG9\\avgupd.exe"=
    "c:\\Arquivos de programas\\AVG\\AVG9\\avgnsx.exe"=
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.
    sys [17/12/2009 12:42 333192]
    R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys
    [17/12/2009 12:42 360584]
    R2 avg9wd;AVG Free WatchDog;c:\arquivos de programas\AVG\AVG9\avgwdsvc.exe [18/1
    2/2009 07:56 285392]
    S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]
    .
    Contedo da pasta 'Tarefas Agendadas'
    2009-12-23 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
    - c:\arquivos de programas\Ask.com\UpdateTask.exe [2009-05-19 15:37]

    .
    .
    ------- Scan Suplementar ------.
    uStart Page = hxxp://www.educacao.sp.gov.br/
    uInternet Settings,ProxyOverride = 10.17.5.41
    IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3
    000
    .
    - - - - ORFOS REMOVIDOS - - - HKCU-Run-PowerBar - (no file)
    AddRemove-eBay Icon - c:\documents and settings\Administrador\Dados de aplicativ
    os\Desktopicon\uninst.exe
    AddRemove-ShockwaveFlash - c:\windows\system32\Macromed\Flash\FlashUtil9c.exe

    **************************************************************************
    Procurando processos ocultos ...
    Procurando entradas auto inicializveis ocultas ...
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    PowerBar = ????????????l?@?l?@?D?????6~??????????????6~l?@?l?@????? ??????????
    ?W?9~??6~??????6~K?6~x???????[?6~???????? ??????????????|x???0???????????? ot??6
    ~????????????????????????U???????l?@?l?@?????Q?7~????t?@?????l?@?8?@?l?@?3??s???
    ?????????????????8?@?_??s8?@?8?@
    Procurando ficheiros/arquivos ocultos ...
    Varredura completada com sucesso
    arquivos/ficheiros ocultos:
    **************************************************************************
    .
    --------------------- DLLs Carregadas Sob os Processos em Execuo -------------------- - - - - - - > 'winlogon.exe'(724)
    c:\windows\system32\Ati2evxx.dll
    .
    Tempo para concluso: 2010-01-28 10:35:14
    ComboFix-quarantined-files.txt 2010-01-28 12:35
    Pr-execuo: 10 pasta(s) 72.639.565.824 bytes disponveis
    Ps execuo: 13 pasta(s) 73.046.769.664 bytes disponveis
    - - End Of File - - 05B011458A25F68F3FDF6FE2597F503A

    Anda mungkin juga menyukai