Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

CG X-treme

log do ComboFix

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

CG X-treme    0

CG X-treme
Postado

O log está aí. Já usei o Combo Fix no meu PC umas 5 ou 6 vezes com sucesso. Mas dessa vez uma amiga minha trouxe um notebook, mas não consegui. To mandando o log do CF pra vcs. Se der, analizem por favor.

 

________________________________________________________________________________

___________________________________________________

 

ComboFix 08-08-23.03 - Bia 2008-08-24 12:54:47.8 - NTFSx86

Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1046.18.2015 [GMT -3:00]

Executando de: C:\Users\Bia\Desktop\sada\ComboFix.exe

Command switches used :: C:\Users\Bia\Desktop\sada\CFScript.txt

* Criado um novo ponto de restauro

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Windows\system32\drivers\downld

 

.

((((((((((((((((((((((( Ficheiros criados de 2008-07-24 to 2008-08-24 ))))))))))))))))))))))))))))))))

.

 

2008-08-23 23:35 . 2008-08-23 23:37 <DIR> d-------- C:\Program Files\McAfee.com

2008-08-23 23:35 . 2008-08-23 23:37 <DIR> d-------- C:\Program Files\Common Files\McAfee

2008-08-23 23:34 . 2008-08-23 23:47 <DIR> d-------- C:\Program Files\McAfee

2008-08-23 22:25 . 2008-08-23 22:25 <DIR> d-------- C:\ProgramData\WindowsSearch

2008-08-23 19:21 . 2008-08-23 19:21 56 --ah----- C:\Windows\System32\ezsidmv.dat

2008-08-23 15:58 . 2008-08-23 16:35 <DIR> d-------- C:\Users\Bia\AppData\Roaming\Ahead

2008-08-23 15:54 . 2008-08-23 15:54 <DIR> d-------- C:\ProgramData\Nero

2008-08-23 15:54 . 2008-08-23 16:01 <DIR> d-------- C:\Program Files\Common Files\Ahead

2008-08-23 11:53 . 2008-08-23 11:53 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2008-08-23 11:45 . 2008-05-08 18:59 430,080 --a------ C:\Windows\System32\vbscript.dll

2008-08-23 11:45 . 2008-05-08 18:59 180,224 --a------ C:\Windows\System32\scrobj.dll

2008-08-23 11:45 . 2008-05-08 18:59 172,032 --a------ C:\Windows\System32\scrrun.dll

2008-08-23 11:45 . 2008-08-24 12:41 155,648 --a------ C:\Windows\System32\wscript.exe

2008-08-23 11:45 . 2008-05-08 18:58 135,168 --a------ C:\Windows\System32\wshom.ocx

2008-08-23 11:45 . 2008-05-08 18:58 135,168 --a------ C:\Windows\System32\cscript.exe

2008-08-23 11:45 . 2008-05-08 18:59 90,112 --a------ C:\Windows\System32\wshext.dll

2008-08-23 02:38 . 2008-08-23 02:38 <DIR> d-------- C:\PerfLogs

2008-08-23 01:48 . 2008-08-23 01:49 <DIR> d-------- C:\Program Files\Common Files\Adobe

2008-08-23 01:10 . 2008-08-23 01:10 0 --a------ C:\Windows\lde.INI

2008-08-23 00:45 . 2008-08-24 01:23 8,139,264 --a------ C:\Windows\System32\ssBranded.scr

2008-08-23 00:44 . 2008-08-24 01:23 5,714,432 --a------ C:\Windows\System32\logon.scr

2008-08-23 00:43 . 2008-01-19 03:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL

2008-08-23 00:41 . 2008-01-19 04:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll

2008-08-23 00:40 . 2008-01-19 04:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll

2008-08-23 00:40 . 2008-01-19 04:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll

2008-08-23 00:39 . 2008-01-19 04:36 218,624 --a------ C:\Windows\System32\wdscore.dll

2008-08-23 00:39 . 2008-01-19 04:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe

2008-08-23 00:37 . 2008-01-19 04:34 305,152 --a------ C:\Windows\System32\msdelta.dll

2008-08-23 00:37 . 2008-01-19 04:34 258,560 --a------ C:\Windows\System32\dpx.dll

2008-08-23 00:37 . 2008-01-19 04:34 246,784 --a------ C:\Windows\System32\drvstore.dll

2008-08-23 00:37 . 2008-01-19 04:35 35,328 --a------ C:\Windows\System32\mspatcha.dll

2008-08-23 00:31 . 2008-08-23 00:55 <DIR> d-------- C:\Program Files\Windows Live

2008-08-22 22:56 . 2008-08-22 22:56 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2

2008-08-22 22:56 . 2008-08-22 22:56 269,312 --a------ C:\Windows\System32\es.dll

2008-08-22 22:49 . 2008-08-23 00:21 <DIR> d-------- C:\Program Files\Windows Live Toolbar

2008-08-22 22:42 . 2008-08-22 22:42 <DIR> d-------- C:\Windows\PCHEALTH

2008-08-22 22:31 . 2008-08-22 22:42 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller

2008-08-22 22:30 . 2008-08-23 00:47 <DIR> d-------- C:\ProgramData\WLInstaller

2008-08-22 21:27 . 2008-08-22 21:27 <DIR> d-------- C:\ProgramData\eMule

2008-08-22 21:21 . 2008-08-22 21:21 <DIR> d-------- C:\Windows\System32\Macromed

2008-08-22 21:20 . 2008-08-23 17:10 <DIR> d-------- C:\Users\Bia\AppData\Roaming\skypePM

2008-08-22 21:19 . 2008-08-23 22:38 <DIR> d-------- C:\Users\Bia\AppData\Roaming\Skype

2008-08-22 21:18 . 2008-08-22 21:18 <DIR> d-------- C:\Program Files\Skype

2008-08-22 21:18 . 2008-08-22 21:18 <DIR> d-------- C:\Program Files\Common Files\Skype

2008-08-22 21:16 . 2008-08-22 21:18 <DIR> d-------- C:\ProgramData\Skype

2008-08-22 19:11 . 2008-08-22 19:11 <DIR> d-------- C:\Users\Bia\AppData\Roaming\ATI

2008-08-22 19:11 . 2008-08-22 19:11 <DIR> d-------- C:\ProgramData\ATI

2008-08-22 18:49 . 2008-01-19 04:34 15,872 --a------ C:\Windows\System32\hcrstco.dll

2008-08-22 18:49 . 2006-11-02 06:46 8,704 --a------ C:\Windows\System32\hccoin.dll

2008-08-22 18:09 . 2006-11-02 06:49 22,632 --a------ C:\Windows\System32\streamci.dll

2008-08-22 17:55 . 2008-08-22 21:07 <DIR> d-------- C:\ProgramData\Symantec

2008-08-22 17:55 . 2008-08-22 21:07 <DIR> d-------- C:\Program Files\Symantec

2008-08-22 17:55 . 2008-08-22 21:09 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared

2008-08-22 17:54 . 2008-08-22 17:54 <DIR> d-------- C:\Users\Bia\AppData\Roaming\InstallShield

2008-08-22 17:54 . 2001-01-07 18:30 413,760 --a------ C:\Windows\System32\MPG4C32.dll

2008-08-22 17:54 . 2000-04-24 16:14 239,888 --a------ C:\Windows\System32\mpg4ds32.ax

2008-08-22 17:54 . 2006-06-09 16:50 49,152 --a------ C:\Windows\System32\HdBmp_ACPlus.ax

2008-08-22 17:54 . 2004-05-31 10:36 45,056 --a------ C:\Windows\UncompAVIToWMV2.exe

2008-08-22 17:53 . 2008-08-22 17:53 <DIR> d-------- C:\Program Files\EzManual

2008-08-22 17:53 . 2006-12-11 15:58 114,688 --------- C:\Windows\System32\bmpsap.dll

2008-08-22 17:49 . 2008-08-22 17:54 <DIR> d-------- C:\Program Files\LG Software

2008-08-22 17:45 . 2008-08-22 17:47 <DIR> d-------- C:\Program Files\ATI Technologies

2008-08-22 17:44 . 2007-12-11 09:31 3,107,788 --a------ C:\Windows\System32\atiumdva.dat

2008-08-22 17:44 . 2007-12-11 09:58 368,640 --a------ C:\Windows\System32\ATIDEMGX.dll

2008-08-22 17:44 . 2006-10-29 22:23 7,680 --a------ C:\Windows\System32\drivers\AtiPcie.sys

2008-08-22 17:44 . 2008-08-22 17:44 0 --a------ C:\Windows\ativpsrm.bin

2008-08-22 17:43 . 2008-08-22 17:43 <DIR> d-------- C:\Program Files\ATI

2008-08-22 17:43 . 2007-12-11 12:26 55,072 --a------ C:\Windows\System32\drivers\ativvpxx.vp

2008-08-22 17:43 . 2007-11-28 04:50 11,717 --a------ C:\Windows\atiogl.xml

2008-08-22 17:43 . 2007-05-29 23:37 2,096 --a------ C:\Windows\System32\drivers\ativpkxx.vp

2008-08-22 17:43 . 2007-05-29 23:37 2,096 --a------ C:\Windows\System32\drivers\ativokxx.vp

2008-08-22 17:43 . 2007-04-17 20:19 2,096 --a------ C:\Windows\System32\drivers\ativdkxx.vp

2008-08-22 17:41 . 2008-08-23 02:33 <DIR> d-------- C:\Windows\System32\RTCOM

2008-08-22 17:40 . 2008-08-22 17:40 <DIR> d-------- C:\Program Files\Realtek

2008-08-22 17:38 . 2008-08-22 17:38 <DIR> d-------- C:\Users\Bia\AppData\Roaming\TMP

2008-08-22 17:38 . 2008-08-22 17:38 <DIR> d-------- C:\Program Files\Marvell

2008-08-22 17:37 . 2008-08-22 17:37 <DIR> d-------- C:\Program Files\Synaptics

2008-08-22 17:37 . 2008-08-22 17:37 0 --ah----- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf

2008-08-22 17:36 . 2006-03-08 22:58 1,060,424 --a------ C:\Windows\System32\WdfCoInstaller01000.dll

2008-08-22 17:36 . 2007-06-29 01:24 196,608 --a------ C:\Windows\System32\SynCtrl.dll

2008-08-22 17:36 . 2007-06-29 02:26 187,312 --a------ C:\Windows\System32\drivers\SynTP.sys

2008-08-22 17:36 . 2007-06-29 01:24 163,840 --a------ C:\Windows\System32\SynCOM.dll

2008-08-22 17:36 . 2007-06-29 01:35 147,456 --a------ C:\Windows\System32\SynTPAPI.dll

2008-08-22 17:36 . 2007-06-29 02:21 110,592 --a------ C:\Windows\System32\SynTPCo4.dll

2008-08-22 17:31 . 2008-08-24 12:45 <DIR> d-------- C:\Program Files\lg_swupdate

2008-08-22 17:31 . 2008-08-22 17:54 <DIR> d--h----- C:\Program Files\InstallShield Installation Information

2008-08-22 17:30 . 2008-08-22 17:39 <DIR> d-------- C:\Program Files\Common Files\InstallShield

2008-08-22 17:30 . 2008-08-24 12:45 825 --a------ C:\Windows\lgcenter.ini

2008-08-22 17:24 . 2008-08-22 17:24 418 --a------ C:\Windows\ODBC.INI

2008-08-22 17:22 . 2008-08-22 17:23 <DIR> d-------- C:\Windows\ShellNew

2008-08-22 17:15 . 2008-08-23 18:33 <DIR> d--hs---- C:\Windows\Installer

2008-08-22 16:57 . 2008-08-22 16:57 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL

2008-08-22 16:57 . 2008-08-22 16:57 272,896 --a------ C:\Windows\System32\polstore.dll

2008-08-22 16:57 . 2008-08-22 16:57 61,440 --a------ C:\Windows\System32\winipsec.dll

2008-08-22 16:57 . 2008-08-22 16:57 28,672 --a------ C:\Windows\System32\FwRemoteSvr.dll

2008-08-22 16:56 . 2008-08-22 16:56 1,820 --a------ C:\Windows\System32\rasctrnm.h

2008-08-22 16:45 . 2008-08-22 16:45 2,048 --a------ C:\Windows\System32\tzres.dll

2008-08-22 16:33 . 2008-08-22 16:33 1,383,424 --a------ C:\Windows\System32\mshtml.tlb

2008-08-22 16:33 . 2008-08-22 16:33 827,392 --a------ C:\Windows\System32\wininet.dll

2008-08-22 16:30 . 2008-08-22 16:30 988,216 --a------ C:\Windows\System32\winload.exe

2008-08-22 16:30 . 2008-08-22 16:30 927,288 --a------ C:\Windows\System32\winresume.exe

2008-08-22 16:30 . 2008-08-22 16:30 615,992 --a------ C:\Windows\System32\ci.dll

2008-08-22 16:30 . 2008-08-22 16:30 378,368 --a------ C:\Windows\System32\srcore.dll

2008-08-22 16:30 . 2008-08-22 16:30 318,464 --a------ C:\Windows\System32\rstrui.exe

2008-08-22 16:30 . 2008-08-22 16:30 46,592 --a------ C:\Windows\System32\setbcdlocale.dll

2008-08-22 16:30 . 2008-08-22 16:30 40,960 --a------ C:\Windows\System32\srclient.dll

2008-08-22 16:30 . 2008-08-22 16:30 19,000 --a------ C:\Windows\System32\kd1394.dll

2008-08-22 16:30 . 2008-08-22 16:30 14,848 --a------ C:\Windows\System32\srdelayed.exe

2008-08-22 16:30 . 2008-08-22 16:30 6,656 --a------ C:\Windows\System32\kbd106n.dll

2008-08-22 16:28 . 2008-08-22 16:28 2,032,128 --a------ C:\Windows\System32\win32k.sys

2008-08-22 16:27 . 2008-08-22 16:27 295,936 --a------ C:\Windows\System32\gdi32.dll

2008-08-22 16:24 . 2008-08-22 16:24 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys

2008-08-22 16:24 . 2008-08-22 16:24 14,848 --a------ C:\Windows\System32\wshrm.dll

2008-08-22 16:23 . 2008-08-22 16:23 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll

2008-08-22 16:23 . 2008-08-22 16:23 1,695,744 --a------ C:\Windows\System32\gameux.dll

2008-08-22 16:21 . 2008-08-22 16:21 <DIR> d-------- C:\ProgramData\SiteAdvisor

2008-08-22 16:21 . 2008-08-22 16:21 738,304 --a------ C:\Windows\System32\inetcomm.dll

2008-08-22 16:21 . 2008-08-22 16:21 84,480 --a------ C:\Windows\System32\INETRES.dll

2008-08-22 16:20 . 2008-08-22 16:20 <DIR> d-------- C:\Program Files\SiteAdvisor

2008-08-22 16:20 . 2008-08-22 16:20 1,314,816 --a------ C:\Windows\System32\quartz.dll

2008-08-22 16:16 . 2008-06-27 06:08 79,240 --a------ C:\Windows\System32\drivers\mfeavfk.sys

2008-08-22 16:16 . 2008-06-27 06:08 40,488 --a------ C:\Windows\System32\drivers\mfesmfk.sys

2008-08-22 16:16 . 2008-06-27 06:08 35,240 --a------ C:\Windows\System32\drivers\mfebopk.sys

2008-08-22 16:15 . 2008-06-20 05:41 34,152 --a------ C:\Windows\System32\drivers\mferkdk.sys

2008-08-22 16:00 . 2008-08-23 23:34 <DIR> d-------- C:\ProgramData\McAfee

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-08-23 05:51 174 --sha-w C:\Program Files\desktop.ini

2008-08-23 05:42 --------- d-----w C:\Program Files\Windows Mail

2008-08-23 05:42 --------- d-----w C:\Program Files\Windows Calendar

2008-08-23 05:41 --------- d-----w C:\Program Files\Windows Sidebar

2008-08-23 05:41 --------- d-----w C:\Program Files\Windows Photo Gallery

2008-08-23 05:41 --------- d-----w C:\Program Files\Windows Defender

2008-08-23 05:41 --------- d-----w C:\Program Files\Windows Collaboration

2008-08-23 05:26 82,432 ----a-w C:\Windows\System32\axaltocm.dll

2008-08-23 05:26 101,888 ----a-w C:\Windows\System32\ifxcardm.dll

2008-08-22 20:40 319,456 ----a-w C:\Windows\DIFxAPI.dll

2008-08-22 20:40 315,392 ----a-w C:\Windows\HideWin.exe

2008-08-22 20:32 42,288 ----a-w C:\Windows\System32\giljabiunis.exe

2008-08-22 20:32 1,140,016 ----a-w C:\Windows\System32\CS.dll

2008-08-22 19:23 540,672 ----a-w C:\Windows\AppPatch\AcLayers.dll

2008-08-22 19:23 458,752 ----a-w C:\Windows\AppPatch\AcSpecfc.dll

2008-08-22 19:23 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll

2008-08-22 19:23 2,153,984 ----a-w C:\Windows\AppPatch\AcGenral.dll

2008-08-22 19:23 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll

2008-06-27 09:08 207,656 ----a-w C:\Windows\system32\drivers\mfehidk.sys

2008-05-27 05:21 1,582,592 ----a-w C:\Windows\System32\tquery.dll

2008-05-27 05:21 1,418,240 ----a-w C:\Windows\System32\mssrch.dll

2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe

2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\mssitlb.dll

2008-05-27 05:17 754,176 ----a-w C:\Windows\System32\propsys.dll

2008-05-27 05:17 60,416 ----a-w C:\Windows\System32\msscntrs.dll

2008-05-27 05:17 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll

2008-05-27 05:17 34,816 ----a-w C:\Windows\System32\msscb.dll

2008-05-27 05:17 32,768 ----a-w C:\Windows\System32\mssprxy.dll

2008-05-27 05:17 313,344 ----a-w C:\Windows\System32\thawbrkr.dll

2008-05-27 05:17 301,568 ----a-w C:\Windows\System32\srchadmin.dll

2008-05-27 05:17 194,560 ----a-w C:\Windows\System32\offfilt.dll

2008-05-27 05:17 143,872 ----a-w C:\Windows\System32\korwbrkr.dll

2008-05-27 05:17 11,776 ----a-w C:\Windows\System32\msshooks.dll

2008-05-27 05:17 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll

2008-05-27 04:59 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin

2008-05-27 04:59 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias & legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 04:33 1233920]

"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 04:33 202240]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LG Intelligent Update"="C:\Program Files\lg_swupdate\giljabistart.exe" [2008-08-22 17:31 251184]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-23 18:04 708616]

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]

"KeybdUtility"="C:\Program Files\LG Software\On Screen Display Setup\HotKey.exe" [2007-11-05 18:11 2872624]

"BatteryMiser 5"="C:\Program Files\LG Software\BatteryMiser\BatteryMiser5.exe" [2008-04-08 09:51 689456]

"Adobe Reader Speed Launcher"="D:\Arquivos de programas\Adobe 8\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]

"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2008-08-24 00:31 641208]

"RtHDVCpl"="RtHDVCpl.exe" [2007-09-19 02:50 4702208 C:\Windows\RtHDVCpl.exe]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\

Microsoft Office.lnk - D:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{26F5978F-6493-4ee3-B114-C0C3ACCF9D4D}"= "C:\Windows\system32\bmpsap.dll" [2006-12-11 15:58 114688]

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2792947796-714711650-3818800544-1000]

"EnableNotificationsRef"=dword:00000004

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{73CF1519-F21B-459A-87AA-29BA77DE657E}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

"{1B534BA6-5305-4644-A4FF-C5FC53CAC501}"= C:\Program Files\Skype\Phone\Skype.exe:Skype

"{20CC0B11-1C4D-4ED7-AF4B-A0B2B5E18A45}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"{3ACD3197-63E5-453F-B383-8AEB0969B84F}"= UDP:D:\Arquivos de programas\eMule\emule.exe:eMule

"{B686A994-4C81-4BB3-8FEC-C60ECF0B1274}"= TCP:D:\Arquivos de programas\eMule\emule.exe:eMule

"{FF785F3A-1A41-4C2F-81E0-00A36A9A6147}"= UDP:C:\Program Files\McAfee\MSC\mcshell.exe:McAfee SecurityCenter

"{14536948-5A04-48F8-994A-65D2766C6502}"= TCP:C:\Program Files\McAfee\MSC\mcshell.exe:McAfee SecurityCenter

"{8B391EE7-F575-454B-8228-FE9541B08BBF}"= UDP:C:\Program Files\Windows Defender\MSASCui.exe:Windows Defender

"{62C6B16B-2F1F-4915-811B-A792B7771918}"= TCP:C:\Program Files\Windows Defender\MSASCui.exe:Windows Defender

"{0F02B639-4A6F-4CD1-A2DE-1F3099DE05B2}"= UDP:C:\Program Files\Internet Explorer\iexplore.exe:Internet Explorer

"{C73F2FB4-8D9E-4DB5-8EA7-61F2CE75C5C1}"= TCP:C:\Program Files\Internet Explorer\iexplore.exe:Internet Explorer

"{34EC7682-14E4-45BA-AAE3-7DC75516977B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]

"EnableFirewall"= 0 (0x0)

 

R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-29 22:23]

R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-11 10:09]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-07-30 10:21]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

bthsvcs REG_MULTI_SZ BthServ

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{009b5cf4-7121-11dd-9607-00e09115cf74}]

\shell\AutoRun\command - t1ypkh.exe

\shell\explore\Command - t1ypkh.exe

\shell\open\Command - t1ypkh.exe

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2008-08-24 C:\Windows\Tasks\User_Feed_Synchronization-{327B65EA-988F-4793-A57C-7FA44CD68067}.job

- C:\Windows\system32\msfeedssync.exe [2008-01-19 04:33]

.

 

**************************************************************************

 

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-08-24 12:56:22

Windows 6.0.6001 Service Pack 1 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros ocultos ...

 

Varredura completada com sucesso

Ficheiros ocultos: 0

 

**************************************************************************

.

Tempo para conclusão: 2008-08-24 12:57:36

ComboFix-quarantined-files.txt 2008-08-24 15:57:33

 

Pre-Run: 10,214,965,248 bytes disponíveis

Post-Run: 9,757,577,216 bytes disponíveis

 

259 --- E O F --- 2008-08-23 21:33:47

Compartilhar este post

Link para o post
Compartilhar em outros sites

PedroN    1

PedroN
Postado

Poste um log do hijackthis

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito