Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
ComboFix 08-03-14.4 - thiago josé 2008-03-17 17:47:10.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.153 [GMT -3:00]
Executando de: C:\Documents and Settings\thiago josé\Desktop\ComboFix.exe
* Criado um novo ponto de restauro
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((( Ficheiros criados de 2008-02-17 to 2008-03-17 ))))))))))))))))))))))))))))))))
.
2008-03-17 17:00 . 2007-12-04 10:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-17 17:00 . 2007-12-04 12:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-17 17:00 . 2007-12-04 12:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-17 17:00 . 2007-12-04 12:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-17 17:00 . 2007-12-04 12:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-17 17:00 . 2007-12-04 12:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-17 16:59 . 2007-12-04 11:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-17 16:59 . 2004-01-09 07:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-17 02:46 . 2008-03-17 02:46 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Corel
2008-03-17 02:46 . 2008-03-17 02:46 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Corel
2008-03-17 02:33 . 2008-03-17 17:40 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Avira
2008-03-17 02:33 . 2008-03-17 02:33 <DIR> d-------- C:\Arquivos de programas\Avira
2008-03-17 01:48 . 2008-03-17 01:48 <DIR> d-------- C:\Arquivos de programas\Anti-SPAM Guard
2008-03-17 01:24 . 2008-03-17 01:24 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\McAfee
2008-03-17 00:03 . 2008-03-17 00:03 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-03-16 22:54 . 2008-03-16 23:59 <DIR> d-------- C:\Arquivos de programas\UnderCoverXP
2008-03-16 22:45 . 2008-03-16 22:45 <DIR> d-------- C:\Arquivos de programas\XPRESS SOFTWARE
2008-03-16 20:10 . 2008-03-16 20:10 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Avg8
2008-03-16 19:18 . 2008-03-17 00:54 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab
2008-03-16 19:17 . 2008-03-16 19:17 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab Setup Files
2008-03-16 15:27 . 2008-03-16 15:27 <DIR> d-------- C:\Arquivos de programas\MSXML 4.02008-03-16 11:24 . 2005-02-16 11:06 218,112 --a------ C:\HijackThis.exe
2008-03-16 10:46 . 2004-07-26 16:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2008-03-16 10:46 . 2004-07-26 16:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2008-03-16 10:46 . 2004-07-26 16:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2008-03-16 10:46 . 2004-07-26 16:16 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2008-03-16 10:46 . 2001-07-09 10:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-03-16 10:46 . 2000-06-26 10:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-03-16 10:45 . 2008-03-16 10:45 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Ahead
2008-03-15 22:13 . 2008-03-15 22:13 <DIR> d-------- C:\Documents and Settings\thiago josé\Dados de aplicativos\Bitstream
2008-03-15 21:45 . 2008-03-15 21:45 <DIR> d-------- C:\Documents and Settings\thiago josé\Dados de aplicativos\Corel2008-03-15 21:45 . 2008-03-17 17:24 88 -r-hs---- C:\WINDOWS\system32\22CF341061.sys
2008-03-15 21:43 . 2008-03-15 21:43 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\InstallShield
2008-03-15 21:41 . 2008-03-15 21:41 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Protexis2008-03-15 21:33 . 2008-03-17 17:25 2,516 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-03-15 21:31 . 2008-03-17 02:46 <DIR> d-------- C:\Arquivos de programas\Corel
2008-03-15 14:51 . 2008-03-15 14:51 <DIR> d-------- C:\Arquivos de programas\MSECache2008-03-12 20:38 . 2008-03-12 20:38 858 --a------ C:\WINDOWS\system32\MRT.INI
2008-03-11 22:28 . 2007-01-22 10:49 344,064 --a------ C:\WINDOWS\system32\lxczcoin.dll
2008-03-11 22:28 . 2006-01-10 19:11 61,440 --a------ C:\WINDOWS\system32\lxczcnv4.dll
2008-03-11 22:28 . 2006-03-27 13:19 40,960 --a------ C:\WINDOWS\system32\lxczvs.dll
2008-03-09 22:36 . 2008-03-09 22:36 604,160 --a------ C:\Arquivos de programas\mdn.exe
2008-03-09 22:36 . 2008-03-09 22:36 565,760 --a------ C:\Arquivos de programas\gnrdb.exe
2008-03-09 22:35 . 2008-03-09 22:35 <DIR> d-------- C:\fotos
2008-03-09 22:35 . 2008-03-09 22:35 309,738 --a------ C:\WINDOWS\system32\nshs.exe
2008-03-09 22:35 . 2008-03-16 10:32 114 --a------ C:\WINDOWS\sysedir.dat
2008-03-04 13:38 . 2008-03-04 13:38 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-03-01 14:04 . 2008-03-01 14:04 10,520 --------- C:\WINDOWS\system32\avgrsstx.dll.install_backup
2008-03-01 13:28 . 2008-03-01 14:27 <DIR> d-------- C:\Documents and Settings\thiago josé\Dados de aplicativos\AVGTOOLBAR
2008-03-01 13:26 . 2008-03-01 13:26 <DIR> d-------- C:\Arquivos de programas\AVG2008-03-01 01:09 . 2006-10-04 23:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-03-01 01:09 . 2006-10-04 23:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-03-01 01:08 . 2008-03-12 00:51 <DIR> d-------- C:\Arquivos de programas\Picasa2
2008-03-01 00:27 . 2004-05-24 09:54 362,878 -ra------ C:\WINDOWS\system32\drivers\ptserial.sys
2008-03-01 00:21 . 2008-03-01 00:21 <DIR> d-------- C:\Arquivos de programas\Alwil Software
2008-03-01 00:21 . 2003-03-18 17:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2008-02-29 23:24 . 2005-06-20 23:09 18,751,488 -ra------ C:\WINDOWS\system32\ALSNDMGR.CPL
2008-02-29 23:06 . 2008-02-29 23:06 149,646 --a------ C:\WINDOWS\addreg.exe
2008-02-29 23:06 . 2008-02-29 23:06 31,170 --a------ C:\WINDOWS\system32\drivers\Partizan.sys
2008-02-29 23:06 . 2008-02-29 23:06 22,528 --a------ C:\WINDOWS\system32\Partizan.exe
2008-02-29 23:06 . 2008-02-29 23:06 8,042 --a------ C:\WINDOWS\PP.reg
2008-02-29 23:06 . 2008-02-29 23:06 0 --a------ C:\WINDOWS\system32\foi.4457
2008-02-29 23:03 . 2008-02-29 23:05 3,665,995 --a------ C:\WINDOWS\win32chekupdate.exe
2008-02-29 22:09 . 2008-03-15 22:03 <DIR> d-------- C:\Documents and Settings\thiago josé\Dados de aplicativos\FaxCtr
2008-02-29 11:32 . 2008-03-16 23:03 <DIR> d-------- C:\temp2008-02-29 11:29 . 2006-11-22 10:51 45,056 --a------ C:\WINDOWS\system32\LXPRMON.DLL
2008-02-29 11:29 . 2006-11-22 10:50 32,768 --a------ C:\WINDOWS\system32\LXPMONUI.DLL
2008-02-29 11:28 . 2008-02-29 11:28 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\FaxCtr
2008-02-29 11:28 . 2008-03-12 01:47 <DIR> d-------- C:\Arquivos de programas\Lexmark Fax Solutions2008-02-29 11:28 . 2006-04-28 06:16 339,968 --a------ C:\WINDOWS\system32\IMGMAN32.DLL
2008-02-29 11:28 . 2006-04-28 06:16 98,345 --a------ C:\WINDOWS\system32\IMHOST32.DLL
2008-02-29 11:28 . 2006-04-28 06:16 98,304 --a------ C:\WINDOWS\system32\IM31XPNG.DEL
2008-02-29 11:28 . 2006-04-28 06:16 69,632 --a------ C:\WINDOWS\system32\IM31XTIF.DEL
2008-02-29 11:28 . 2006-04-28 06:16 49,152 --a------ C:\WINDOWS\system32\IM31IMG.DIL
2008-02-29 11:28 . 2006-11-22 11:15 12,288 --a------ C:\WINDOWS\system32\LXPMONRC.DLL
2008-02-29 11:26 . 2008-03-12 10:08 <DIR> d-------- C:\Arquivos de programas\Lexmark 1200 Series
2008-02-29 11:26 . 2008-03-11 22:35 27,722 --a------ C:\WINDOWS\system32\LexFiles.ulf
2008-02-28 12:36 . 2004-08-04 00:45 358,400 --a--c--- C:\WINDOWS\system32\dllcache\snmpincl.dll
2008-02-28 12:02 . 1996-12-04 23:37 3,424 --a------ C:\WINDOWS\system32\drivers\DirectNT.sys
2008-02-28 11:44 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-02-28 11:44 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-02-27 01:38 . 2008-02-27 01:38 133 --a------ C:\WINDOWS\ODBC.INI
2008-02-27 00:12 . 2005-06-20 07:53 60,928 -ra------ C:\WINDOWS\system32\drivers\viamraid.sys
2008-02-27 00:10 . 2008-03-15 18:36 <DIR> d-------- C:\Arquivos de programas\On-line Help Console
2008-02-26 23:57 . 2008-03-15 18:28 <DIR> d-------- C:\Arquivos de programas\Windows Media Connect 2
2008-02-26 23:56 . 2008-02-26 23:56 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-02-26 23:56 . 2008-02-26 23:57 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-02-26 22:21 . 2008-02-26 22:21 <DIR> d-------- C:\Documents and Settings\thiago josé\Dados de aplicativos\AdobeUM2008-02-26 18:06 . 2007-08-13 21:37 107,908 --a------ C:\toolkit_widget.gif
2008-02-26 16:59 . 2008-02-26 17:00 <DIR> d-------- C:\WINDOWS\system32\pt-br
2008-02-26 14:21 . 2007-12-06 23:09 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-02-26 14:21 . 2007-07-01 00:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-02-26 14:21 . 2007-07-01 00:36 1,024,000 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-02-26 14:21 . 2007-12-06 23:09 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-02-26 14:21 . 2007-12-06 23:09 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-02-26 14:21 . 2007-12-06 23:09 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-02-26 14:21 . 2007-12-06 23:09 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-02-26 14:21 . 2007-12-06 23:09 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-02-26 14:21 . 2007-12-06 08:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-26 14:02 . 2008-02-26 14:02 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller
.((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-16 00:43 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield
2008-02-27 03:13 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information
2008-02-25 00:41 --------- d-----w C:\Arquivos de programas\VIA
2008-02-25 00:26 --------- d-----w C:\Arquivos de programas\microsoft frontpage
2008-02-25 00:24 --------- d-----w C:\Arquivos de programas\Serviços on-line
2008-02-25 00:23 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Serviços
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
Nota entradas vazias & legítimas por defeito não são mostradas.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360]
"NitroPC"="C:\Arquivos de programas\NitroPC\NitroPC.exe" [ ]
"MsnMsgr"="C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [2004-10-13 13:24 1694208]
"Picasa Media Detector"="C:\Arquivos de programas\Picasa2\PicasaMediaDetector.exe" [2007-10-23 18:18 443968]
"Pandora"="C:\Arquivos de programas\gnrdb.exe" [2008-03-09 22:36 565760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Atualizador - Puxa Rápido"="C:\Arquivos de programas\Puxa Rápido\Atualiza.exe" [2006-06-23 10:53 73216]
"RaidTool"="C:\Arquivos de programas\VIA\RAID\raid_t" [ ]
"FaxCenterServer"="C:\Arquivos de programas\Lexmark Fax Solutions\fm3032.exe" [2007-02-08 19:56 295856]
"GlobalFlagACER"="C:\WINDOWS\system32\maindwxp.exe" [ ]
"SoundMan"="SOUNDMAN.EXE" [2005-06-20 10:42 77824 C:\WINDOWS\SOUNDMAN.EXE]
"lxczbmgr.exe"="C:\Arquivos de programas\Lexmark 1200 Series\lxczbmgr.exe" [2007-02-08 19:55 74672]
"ISUSPM Startup"="C:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 16:15 221184]
"ISUSScheduler"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" [2005-02-16 16:15 81920]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 11:00 79224]
"avgnt"="C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25 249896]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:45 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\lxczcoms.exe"=
R2 DirectNT;DirectNT;C:\WINDOWS\system32\drivers\DirectNT.sys [1996-12-04 23:37]
R2 lxcz_device;lxcz_device;C:\WINDOWS\system32\lxczcoms.exe [2007-02-08 19:50]
S3 Partizan;Partizan;C:\WINDOWS\system32\drivers\Partizan.sys [2008-02-29 23:06]
Newly Created Service - ANTIVIRSCHEDULER
Newly Created Service - ANTIVIRSERVICE
Newly Created Service - AVGNTFLT
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-17 17:48:47
Windows 5.1.2600 Service Pack 2 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros ocultos ...
Varredura completada com sucesso
Ficheiros ocultos: 0
**************************************************************************
.
Tempo para conclusão: 2008-03-17 17:49:52
.
2008-03-16 18:27:27 --- E O F ---
Carregando comentários...