Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Edvan

[Resolvido] &nbspProcesso BCU estranho

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

Edvan    30

Edvan
Postado

Tinha um processo chamado BCU estranho aqui na maquina do meu amigo, então ele resolveu rodar o combofix pela conta e risco..hehe.. Bom, resolvir postar o log para vcs analistas olharem.

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:40:40, on 24/10/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\DeviceVM\Browser Configuration Utility\BCUService.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Gigabyte\EasySaver\ESSVR.EXE

C:\Arquivos de programas\Java\jre7\bin\jqs.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\TeamViewer\Version7\TeamViewer_Service.exe

C:\Arquivos de programas\TeamViewer\Version7\TeamViewer.exe

C:\Arquivos de programas\TeamViewer\Version7\tv_w32.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\DeviceVM\Browser Configuration Utility\BCU.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.funpec.br/ponto_online/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Arquivos de programas\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [avast] "C:\Arquivos de programas\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [bCU] "C:\Arquivos de programas\DeviceVM\Browser Configuration Utility\BCU.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Administrador\Dados de aplicativos\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Arquivos de programas\DeviceVM\Browser Configuration Utility\BCUService.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Arquivos de programas\Gigabyte\EasySaver\ESSVR.EXE

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Java\jre7\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Arquivos de programas\TeamViewer\Version7\TeamViewer_Service.exe

 

--

End of file - 6951 bytes

 

 

 

================x=====================

 

 

 

ComboFix 12-10-24.02 - Administrador 24/10/2012 16:29:17.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2037.1461 [GMT -3:00]

Executando de: c:\documents and settings\Administrador\Meus documentos\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system\chron32.dll

c:\windows\system\libeay32.dll

c:\windows\system\ssleay32.dll

c:\windows\system32\FlashPlayerInstaller.exe

.

.

(((((((((((((((( Arquivos/Ficheiros criados de 2012-09-24 to 2012-10-24 ))))))))))))))))))))))))))))

.

.

2012-10-24 17:27 . 2004-09-17 10:17 253440 ----a-r- c:\windows\system32\drivers\Mrv8000c.sys

2012-10-22 13:03 . 2012-09-25 02:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2012-10-15 18:40 . 2001-09-06 02:50 5632 ----a-w- c:\windows\system32\ptpusb.dll

2012-10-15 18:40 . 2008-04-13 22:20 159232 ----a-w- c:\windows\system32\ptpusd.dll

2012-10-15 18:40 . 2008-04-13 14:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys

2012-10-15 18:40 . 2008-04-13 14:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

2012-10-04 19:35 . 2012-10-04 19:35 -------- d-----w- c:\documents and settings\Administrador\Configurações locais\Dados de aplicativos\Thunderbird

2012-10-02 11:16 . 2012-10-02 11:16 -------- d-----w- c:\arquivos de programas\DsNET Corp

2012-10-02 11:15 . 2012-10-02 11:15 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Ask

2012-09-29 08:02 . 2012-06-02 18:18 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-09-29 08:02 . 2012-06-02 18:18 214256 ----a-w- c:\windows\system32\muweb.dll

2012-09-28 10:52 . 2012-09-28 10:52 -------- d-----w- c:\arquivos de programas\Microsoft Silverlight

2012-09-25 18:05 . 2012-09-25 18:05 -------- d-sh--w- c:\windows\ftpcache

.

.

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-24 18:12 . 2012-07-18 20:35 17488 ----a-w- c:\windows\gdrv.sys

2012-10-09 10:33 . 2012-07-19 13:04 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-10-09 10:33 . 2012-07-19 13:04 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-09-14 17:30 . 2012-07-19 13:07 821736 ----a-w- c:\windows\system32\npDeployJava1.dll

2012-09-14 17:30 . 2012-07-19 13:07 746984 ----a-w- c:\windows\system32\deployJava1.dll

2012-08-21 09:13 . 2012-07-18 20:43 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-08-21 09:13 . 2012-07-18 20:43 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-08-21 09:13 . 2012-07-18 20:43 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-08-21 09:13 . 2012-07-18 20:43 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2012-08-21 09:13 . 2012-07-18 20:43 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2012-08-21 09:13 . 2012-07-18 20:43 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys

2012-08-21 09:13 . 2012-07-18 20:43 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-08-21 09:13 . 2012-07-18 20:43 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2012-08-21 09:12 . 2012-07-18 20:43 41224 ----a-w- c:\windows\avastSS.scr

2012-08-21 09:12 . 2012-07-18 20:43 227648 ----a-w- c:\windows\system32\aswBoot.exe

2012-10-13 08:15 . 2012-10-13 08:15 261600 ----a-w- c:\arquivos de programas\mozilla firefox\components\browsercomps.dll

.

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por padrão não são apresentadas.

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-08-21 09:12 121528 ----a-w- c:\arquivos de programas\AVAST Software\Avast\ashShell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\documents and settings\Administrador\Dados de aplicativos\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\documents and settings\Administrador\Dados de aplicativos\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\documents and settings\Administrador\Dados de aplicativos\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-06-30 04:19 94208 ----a-w- c:\documents and settings\Administrador\Dados de aplicativos\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-21 134656]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-21 166912]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-21 134656]

"avast"="c:\arquivos de programas\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]

"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2012-07-03 252848]

"BCU"="c:\arquivos de programas\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

.

c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\

Dropbox.lnk - c:\documents and settings\Administrador\Dados de aplicativos\Dropbox\bin\Dropbox.exe [2012-7-24 26909544]

.

[HKLM\~\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^BrOffice.org 3.2.lnk]

path=c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\BrOffice.org 3.2.lnk

backup=c:\windows\pss\BrOffice.org 3.2.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2007-05-11 06:06 40048 ----a-w- c:\arquivos de programas\Adobe\Reader 8.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]

2009-08-04 20:29 346320 ----a-w- c:\arquivos de programas\DeviceVM\Browser Configuration Utility\BCU.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2007-06-27 22:03 152872 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2012-07-19 18:45 116648 ----atw- c:\documents and settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-13 22:21 1695232 ------w- c:\arquivos de programas\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 18:57 153136 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2009-06-25 06:07 17887232 ----a-w- c:\windows\RTHDCPL.EXE

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Arquivos de programas\\TeamViewer\\Version7\\TeamViewer.exe"=

"c:\\Arquivos de programas\\TeamViewer\\Version7\\TeamViewer_Service.exe"=

"c:\\Documents and Settings\\Administrador\\Dados de aplicativos\\Dropbox\\bin\\Dropbox.exe"=

"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=

.

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [18/07/2012 17:43 729752]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [18/07/2012 17:43 355632]

R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [09/08/2012 08:33 158552]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [09/08/2012 08:33 91992]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [18/07/2012 17:43 21256]

R2 BCUService;Browser Configuration Utility Service;c:\arquivos de programas\DeviceVM\Browser Configuration Utility\BCUService.exe [18/07/2012 17:29 219360]

R2 ES lite Service;ES lite Service for program management.;c:\arquivos de programas\Gigabyte\EasySaver\essvr.exe [18/07/2012 17:29 68136]

R2 TeamViewer7;TeamViewer 7;c:\arquivos de programas\TeamViewer\Version7\TeamViewer_Service.exe [31/08/2012 11:02 2754984]

R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [18/07/2012 17:34 44032]

R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [05/06/2012 16:33 116056]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [19/07/2012 10:04 250288]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [18/07/2012 17:32 1684736]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe [19/07/2012 11:58 115168]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [05/06/2012 16:33 104792]

.

Conteúdo da pasta 'Tarefas Agendadas'

.

2012-10-24 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-19 10:33]

.

2012-10-24 c:\windows\Tasks\avast! Emergency Update.job

- c:\arquivos de programas\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-18 09:12]

.

2012-10-24 c:\windows\Tasks\User_Feed_Synchronization-{59086E34-7A55-4167-9858-E8C4D4A099AE}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 07:31]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.funpec.br/ponto_online/

uInternet Settings,ProxyOverride = *.local

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 10.4.65.16

FF - ProfilePath - c:\documents and settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\o48o609a.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.br/

.

- - - - ORFÃOS REMOVIDOS - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-10-24 16:32

Windows 5.1.2600 Service Pack 3 NTFS

.

Procurando processos ocultos ...

.

Procurando entradas auto inicializáveis ocultas ...

.

Procurando ficheiros/arquivos ocultos ...

.

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

.

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

.

[HKEY_USERS\S-1-5-21-1957994488-583907252-839522115-500\Software\MediaBurner\ExclusionList]

@DACL=(02 0000)

.

[HKEY_USERS\S-1-5-21-1957994488-583907252-839522115-500\Software\MediaBurner\Options]

@DACL=(02 0000)

"Extended Skinning"=hex:01

"Apply3dcc"=hex:00

.

[HKEY_USERS\S-1-5-21-1957994488-583907252-839522115-500\Software\MediaBurner\SkinPerApp]

@DACL=(02 0000)

.

[HKEY_USERS\S-1-5-21-1957994488-583907252-839522115-500\Software\Microsoft\Installer\Products\EB940C659E972054EB7A79453A6EF0B9\SourceList\Media]

@DACL=(02 0000)

"1"=";"

.

[HKEY_USERS\S-1-5-21-1957994488-583907252-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,cf,55,54,fb,54,4b,0d,45,96,f6,83,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,cf,55,54,fb,54,4b,0d,45,96,f6,83,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\F307481C0422F334BAB073BCA72235B0\SourceList\Media]

@DACL=(02 0000)

"DiskPrompt"="Microsoft's Silverlight Installation [1]"

"100"=";"

.

[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\1FDE1D85E83026F40AE84C571864A575\SourceList\Media]

@DACL=(02 0000)

"1"=";"

.

[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\46EAC7482DC4D2B4FA0079F85F340164\SourceList\Media]

@DACL=(02 0000)

"DiskPrompt"="[1]"

"1"=";"

"2"=";"

"3"=";"

"4"=";"

"5"=";"

"6"=";"

"7"=";"

"8"=";"

"9"=";"

"10"=";"

"11"=";"

"12"=";"

"13"=";"

"14"=";"

"15"=";"

"16"=";"

"17"=";"

"18"=";"

"19"=";"

"20"=";"

"21"=";"

"22"=";"

"23"=";"

"24"=";"

"25"=";"

"26"=";"

"27"=";"

"28"=";"

"29"=";"

"30"=";"

"31"=";"

"32"=";"

"33"=";"

"34"=";"

"35"=";"

"36"=";"

"37"=";"

"38"=";"

"39"=";"

"40"=";"

"41"=";"

"42"=";"

"43"=";"

"44"=";"

"45"=";"

"46"=";"

"47"=";"

"48"=";"

"49"=";"

"50"=";"

"51"=";"

"52"=";"

"53"=";"

"54"=";"

"55"=";"

"56"=";"

"57"=";"

"58"=";"

"59"=";"

"60"=";"

"61"=";"

"62"=";"

"63"=";"

"64"=";"

"65"=";"

"66"=";"

"67"=";"

"68"=";"

"69"=";"

"70"=";"

"71"=";"

"72"=";"

"73"=";"

"74"=";"

"75"=";"

"76"=";"

"77"=";"

"78"=";"

"79"=";"

"80"=";"

"81"=";"

"82"=";"

"83"=";"

"84"=";"

"85"=";"

"86"=";"

"87"=";"

"88"=";"

"89"=";"

"90"=";"

"91"=";"

"92"=";"

"93"=";"

"94"=";"

"95"=";"

"96"=";"

"97"=";"

"98"=";"

"99"=";"

"100"=";"

"101"=";"

"102"=";"

"103"=";"

"104"=";"

"105"=";"

"106"=";"

"107"=";"

"108"=";"

"109"=";"

"110"=";"

"111"=";"

"112"=";"

"113"=";"

"114"=";"

"115"=";"

"116"=";"

"117"=";"

"118"=";"

"119"=";"

"120"=";"

"121"=";"

"122"=";"

"123"=";"

"124"=";"

"125"=";"

"126"=";"

"127"=";"

"128"=";"

"129"=";"

"130"=";"

"131"=";"

"132"=";"

"133"=";"

"134"=";"

"135"=";"

"136"=";"

"137"=";"

"138"=";"

"139"=";"

"140"=";"

"141"=";"

"142"=";"

"143"=";"

"144"=";"

"145"=";"

"146"=";"

"147"=";"

"148"=";"

"149"=";"

"150"=";"

"151"=";"

"152"=";"

"153"=";"

"154"=";"

"155"=";"

"156"=";"

"157"=";"

"158"=";"

"159"=";"

"160"=";"

"161"=";"

"162"=";"

"163"=";"

"164"=";"

"165"=";"

"166"=";"

"167"=";"

"168"=";"

"169"=";"

"170"=";"

"171"=";"

"172"=";"

"173"=";"

"174"=";"

"175"=";"

"176"=";"

"177"=";"

"178"=";"

"179"=";"

"180"=";"

"181"=";"

"182"=";"

"183"=";"

"184"=";"

"185"=";"

"186"=";"

"187"=";"

"188"=";"

"189"=";"

"190"=";"

"191"=";"

"192"=";"

"193"=";"

"194"=";"

"195"=";"

"196"=";"

"197"=";"

"198"=";"

"199"=";"

"200"=";"

"201"=";"

"202"=";"

"203"=";"

"204"=";"

"205"=";"

"206"=";"

"207"=";"

"208"=";"

"209"=";"

"210"=";"

"211"=";"

"212"=";"

"213"=";"

"214"=";"

"215"=";"

"216"=";"

"217"=";"

"218"=";"

"219"=";"

"220"=";"

"221"=";"

"222"=";"

"223"=";"

"224"=";"

"225"=";"

"226"=";"

"227"=";"

"228"=";"

"229"=";"

"230"=";"

"231"=";"

"232"=";"

"233"=";"

"234"=";"

"235"=";"

"236"=";"

"237"=";"

"238"=";"

"239"=";"

"240"=";"

"241"=";"

"242"=";"

"243"=";"

"244"=";"

"245"=";"

"246"=";"

"247"=";"

"248"=";"

"249"=";"

"250"=";"

"251"=";"

"252"=";"

"253"=";"

"254"=";"

"255"=";"

"256"=";"

"257"=";"

"258"=";"

"259"=";"

"260"=";"

"261"=";"

"262"=";"

"263"=";"

"264"=";"

"265"=";"

"266"=";"

"267"=";"

"268"=";"

"269"=";"

"270"=";"

"271"=";"

"272"=";"

"273"=";"

"274"=";"

"275"=";"

"276"=";"

"277"=";"

"278"=";"

"279"=";"

"280"=";"

"281"=";"

"282"=";"

"283"=";"

"284"=";"

"285"=";"

"286"=";"

"287"=";"

"288"=";"

"289"=";"

"290"=";"

"291"=";"

"292"=";"

"293"=";"

"294"=";"

"295"=";"

"296"=";"

"297"=";"

"298"=";"

"299"=";"

"300"=";"

"301"=";"

"302"=";"

"303"=";"

"304"=";"

"305"=";"

"306"=";"

"307"=";"

"308"=";"

"309"=";"

"310"=";"

"311"=";"

"312"=";"

"313"=";"

"314"=";"

"315"=";"

"316"=";"

"317"=";"

"318"=";"

"319"=";"

"320"=";"

"321"=";"

"322"=";"

"323"=";"

"324"=";"

"325"=";"

"326"=";"

"327"=";"

"328"=";"

"329"=";"

"330"=";"

"331"=";"

"332"=";"

"333"=";"

"334"=";"

"335"=";"

"336"=";"

"337"=";"

"338"=";"

"339"=";"

"340"=";"

"341"=";"

"342"=";"

"343"=";"

"344"=";"

"345"=";"

"346"=";"

"347"=";"

"348"=";"

"349"=";"

"350"=";"

"351"=";"

"352"=";"

"353"=";"

"354"=";"

"355"=";"

"356"=";"

"357"=";"

"358"=";"

"359"=";"

"360"=";"

"361"=";"

"362"=";"

"363"=";"

"364"=";"

"365"=";"

"366"=";"

"367"=";"

"368"=";"

"369"=";"

"370"=";"

"371"=";"

"372"=";"

"373"=";"

"374"=";"

"375"=";"

"376"=";"

"377"=";"

"378"=";"

"379"=";"

"380"=";"

"381"=";"

"382"=";"

"383"=";"

"384"=";"

"385"=";"

"386"=";"

"387"=";"

"388"=";"

"389"=";"

"390"=";"

"391"=";"

"392"=";"

"393"=";"

"394"=";"

"395"=";"

"396"=";"

"397"=";"

"398"=";"

"399"=";"

"400"=";"

"401"=";"

"402"=";"

"403"=";"

"404"=";"

"405"=";"

"406"=";"

"407"=";"

"408"=";"

"409"=";"

"410"=";"

"411"=";"

"412"=";"

"413"=";"

"414"=";"

"415"=";"

"416"=";"

"417"=";"

"418"=";"

"419"=";"

"420"=";"

"421"=";"

"422"=";"

"423"=";"

"424"=";"

"425"=";"

"426"=";"

"427"=";"

"428"=";"

"429"=";"

"430"=";"

"431"=";"

"432"=";"

"433"=";"

"434"=";"

"435"=";"

"436"=";"

"437"=";"

"438"=";"

"439"=";"

"440"=";"

"441"=";"

"442"=";"

"443"=";"

"444"=";"

"445"=";"

"446"=";"

"447"=";"

"448"=";"

"449"=";"

"450"=";"

"451"=";"

"452"=";"

"453"=";"

"454"=";"

"455"=";"

"456"=";"

"457"=";"

"458"=";"

"459"=";"

"460"=";"

"461"=";"

"462"=";"

"463"=";"

"464"=";"

"465"=";"

"466"=";"

"467"=";"

"468"=";"

"469"=";"

"470"=";"

"471"=";"

"472"=";"

"473"=";"

"474"=";"

"475"=";"

"476"=";"

"477"=";"

"478"=";"

"479"=";"

"480"=";"

"481"=";"

"482"=";"

"483"=";"

"484"=";"

"485"=";"

"486"=";"

"487"=";"

"488"=";"

"489"=";"

"490"=";"

"491"=";"

"492"=";"

"493"=";"

"494"=";"

"495"=";"

"496"=";"

"497"=";"

"498"=";"

"499"=";"

"500"=";"

"501"=";"

"502"=";"

"503"=";"

"504"=";"

"505"=";"

"506"=";"

"507"=";"

"508"=";"

"509"=";"

"510"=";"

"511"=";"

"512"=";"

"513"=";"

"514"=";"

"515"=";"

"516"=";"

"517"=";"

"518"=";"

"519"=";"

"520"=";"

"521"=";"

"522"=";"

"523"=";"

"524"=";"

"525"=";"

"526"=";"

"527"=";"

"528"=";"

"529"=";"

"530"=";"

"531"=";"

"532"=";"

"533"=";"

"534"=";"

"535"=";"

"536"=";"

"537"=";"

"538"=";"

"539"=";"

"540"=";"

"541"=";"

"542"=";"

"543"=";"

"544"=";"

"545"=";"

"546"=";"

"547"=";"

"548"=";"

"549"=";"

"550"=";"

"551"=";"

"552"=";"

"553"=";"

"554"=";"

"555"=";"

"556"=";"

"557"=";"

"558"=";"

"559"=";"

"560"=";"

"561"=";"

"562"=";"

"563"=";"

"564"=";"

"565"=";"

"566"=";"

"567"=";"

"568"=";"

"569"=";"

"570"=";"

"571"=";"

"572"=";"

"573"=";"

"574"=";"

"575"=";"

"576"=";"

"577"=";"

"578"=";"

"579"=";"

"580"=";"

"581"=";"

"582"=";"

"583"=";"

"584"=";"

"585"=";"

"586"=";"

"587"=";"

"588"=";"

"589"=";"

"590"=";"

"591"=";"

"592"=";"

"593"=";"

"594"=";"

"595"=";"

"596"=";"

"597"=";"

"598"=";"

"599"=";"

"600"=";"

"601"=";"

"602"=";"

"603"=";"

"604"=";"

"605"=";"

"606"=";"

"607"=";"

"608"=";"

"609"=";"

"610"=";"

"611"=";"

"612"=";"

"613"=";"

"614"=";"

"615"=";"

"616"=";"

"617"=";"

"618"=";"

"619"=";"

"620"=";"

"621"=";"

"622"=";"

"623"=";"

"624"=";"

"625"=";"

"626"=";"

"627"=";"

"628"=";"

"629"=";"

"630"=";"

"631"=";"

"632"=";"

"633"=";"

"634"=";"

"635"=";"

"636"=";"

"637"=";"

"638"=";"

"639"=";"

"640"=";"

"641"=";"

"642"=";"

"643"=";"

"644"=";"

"645"=";"

"646"=";"

"647"=";"

"648"=";"

"649"=";"

"650"=";"

"651"=";"

"652"=";"

"653"=";"

"654"=";"

"655"=";"

"656"=";"

"657"=";"

"658"=";"

"659"=";"

"660"=";"

"661"=";"

"662"=";"

"663"=";"

"664"=";"

"665"=";"

"666"=";"

"667"=";"

"668"=";"

"669"=";"

"670"=";"

"671"=";"

"672"=";"

"673"=";"

"674"=";"

"675"=";"

"676"=";"

"677"=";"

"678"=";"

"679"=";"

"680"=";"

"681"=";"

"682"=";"

"683"=";"

"684"=";"

"685"=";"

"686"=";"

"687"=";"

"688"=";"

"689"=";"

"690"=";"

"691"=";"

"692"=";"

"693"=";"

"694"=";"

"695"=";"

"696"=";"

"697"=";"

"698"=";"

"699"=";"

"700"=";"

"701"=";"

"702"=";"

"703"=";"

"704"=";"

"705"=";"

"706"=";"

"707"=";"

"708"=";"

"709"=";"

"710"=";"

"711"=";"

"712"=";"

"713"=";"

"714"=";"

"715"=";"

"716"=";"

"717"=";"

"718"=";"

"719"=";"

"720"=";"

"721"=";"

"722"=";"

"723"=";"

"724"=";"

"725"=";"

"726"=";"

"727"=";"

"728"=";"

"729"=";"

"730"=";"

"731"=";"

"732"=";"

"733"=";"

"734"=";"

"735"=";"

"736"=";"

"737"=";"

"738"=";"

"739"=";"

"740"=";"

"741"=";"

"742"=";"

"743"=";"

"744"=";"

"745"=";"

"746"=";"

"747"=";"

"748"=";"

"749"=";"

"750"=";"

"751"=";"

"752"=";"

"753"=";"

"754"=";"

"755"=";"

"756"=";"

"757"=";"

"758"=";"

"759"=";"

"760"=";"

"761"=";"

"762"=";"

"763"=";"

"764"=";"

"765"=";"

"766"=";"

"767"=";"

"768"=";"

"769"=";"

"770"=";"

"771"=";"

"772"=";"

"773"=";"

"774"=";"

"775"=";"

"776"=";"

"777"=";"

"778"=";"

"779"=";"

"780"=";"

"781"=";"

"782"=";"

"783"=";"

"784"=";"

"785"=";"

"786"=";"

"787"=";"

"788"=";"

"789"=";"

"790"=";"

"791"=";"

"792"=";"

"793"=";"

"794"=";"

"795"=";"

"796"=";"

"797"=";"

"798"=";"

"799"=";"

"800"=";"

"801"=";"

"802"=";"

"803"=";"

"804"=";"

"805"=";"

"806"=";"

"807"=";"

"808"=";"

"809"=";"

"810"=";"

"811"=";"

"812"=";"

"813"=";"

"814"=";"

"815"=";"

"816"=";"

"817"=";"

"818"=";"

"819"=";"

"820"=";"

"821"=";"

"822"=";"

"823"=";"

"824"=";"

"825"=";"

"826"=";"

"827"=";"

"828"=";"

"829"=";"

"830"=";"

"831"=";"

"832"=";"

"833"=";"

"834"=";"

"835"=";"

"836"=";"

"837"=";"

"838"=";"

"839"=";"

"840"=";"

"841"=";"

"842"=";"

"843"=";"

"844"=";"

"845"=";"

"846"=";"

"847"=";"

"848"=";"

"849"=";"

"850"=";"

"851"=";"

"852"=";"

"853"=";"

"854"=";"

"855"=";"

"856"=";"

"857"=";"

"858"=";"

"859"=";"

"860"=";"

"861"=";"

"862"=";"

"863"=";"

"864"=";"

"865"=";"

"866"=";"

"867"=";"

"868"=";"

"869"=";"

"870"=";"

"871"=";"

"872"=";"

"873"=";"

"874"=";"

"875"=";"

"876"=";"

"877"=";"

"878"=";"

"879"=";"

"880"=";"

"881"=";"

"882"=";"

"883"=";"

"884"=";"

"885"=";"

"886"=";"

"887"=";"

"888"=";"

"889"=";"

"890"=";"

"891"=";"

"892"=";"

"893"=";"

"894"=";"

"895"=";"

"896"=";"

"897"=";"

"898"=";"

"899"=";"

"900"=";"

"901"=";"

"902"=";"

"903"=";"

"904"=";"

"905"=";"

"906"=";"

"907"=";"

"908"=";"

"909"=";"

"910"=";"

"911"=";"

"912"=";"

"913"=";"

"914"=";"

"915"=";"

"916"=";"

"917"=";"

"918"=";"

"919"=";"

"920"=";"

"921"=";"

"922"=";"

"923"=";"

"924"=";"

"925"=";"

"926"=";"

"927"=";"

"928"=";"

"929"=";"

"930"=";"

"931"=";"

"932"=";"

"933"=";"

"934"=";"

"935"=";"

"936"=";"

"937"=";"

"938"=";"

"939"=";"

"940"=";"

"941"=";"

"942"=";"

"943"=";"

"944"=";"

"945"=";"

"946"=";"

"947"=";"

"948"=";"

"949"=";"

"950"=";"

"951"=";"

"952"=";"

"953"=";"

"954"=";"

"955"=";"

"956"=";"

"957"=";"

"958"=";"

"959"=";"

"960"=";"

"961"=";"

"962"=";"

"963"=";"

"964"=";"

"965"=";"

"966"=";"

"967"=";"

"968"=";"

"969"=";"

"970"=";"

"971"=";"

"972"=";"

"973"=";"

"974"=";"

"975"=";"

"976"=";"

"977"=";"

"978"=";"

"979"=";"

"980"=";"

"981"=";"

"982"=";"

"983"=";"

"984"=";"

"985"=";"

"986"=";"

"987"=";"

"988"=";"

"989"=";"

"990"=";"

"991"=";"

"992"=";"

"993"=";"

"994"=";"

"995"=";"

"996"=";"

"997"=";"

"998"=";"

"999"=";"

"1000"=";"

"1001"=";"

"1002"=";"

"1003"=";"

"1004"=";"

"1005"=";"

"1006"=";"

"1007"=";"

"1008"=";"

"1009"=";"

"1010"=";"

"1011"=";"

"1012"=";"

"1013"=";"

"1014"=";"

"1015"=";"

"1016"=";"

"1017"=";"

"1018"=";"

"1019"=";"

"1020"=";"

"1021"=";"

"1022"=";"

"1023"=";"

"1024"=";"

"1025"=";"

"1026"=";"

"1027"=";"

"1028"=";"

"1029"=";"

"1030"=";"

"1031"=";"

"1032"=";"

"1033"=";"

"1034"=";"

"1035"=";"

"1036"=";"

"1037"=";"

"1038"=";"

"1039"=";"

"1040"=";"

"1041"=";"

"1042"=";"

"1043"=";"

"1044"=";"

"1045"=";"

"1046"=";"

"1047"=";"

"1048"=";"

"1049"=";"

"1050"=";"

"1051"=";"

"1052"=";"

"1053"=";"

"1054"=";"

"1055"=";"

"1056"=";"

"1057"=";"

"1058"=";"

"1059"=";"

"1060"=";"

"1061"=";"

"1062"=";"

"1063"=";"

"1064"=";"

"1065"=";"

"1066"=";"

"1067"=";"

"1068"=";"

"1069"=";"

"1070"=";"

"1071"=";"

"1072"=";"

"1073"=";"

"1074"=";"

"1075"=";"

"1076"=";"

"1077"=";"

"1078"=";"

"1079"=";"

"1080"=";"

"1081"=";"

"1082"=";"

"1083"=";"

"1084"=";"

"1085"=";"

"1086"=";"

"1087"=";"

"1088"=";"

"1089"=";"

"1090"=";"

"1091"=";"

"1092"=";"

"1093"=";"

"1094"=";"

"1095"=";"

"1096"=";"

"1097"=";"

"1098"=";"

"1099"=";"

"1100"=";"

"1101"=";"

"1102"=";"

"1103"=";"

"1104"=";"

"1105"=";"

"1106"=";"

"1107"=";"

"1108"=";"

"1109"=";"

"1110"=";"

"1111"=";"

"1112"=";"

"1113"=";"

"1114"=";"

"1115"=";"

"1116"=";"

"1117"=";"

"1118"=";"

"1119"=";"

"1120"=";"

"1121"=";"

"1122"=";"

"1123"=";"

"1124"=";"

"1125"=";"

"1126"=";"

"1127"=";"

"1128"=";"

"1129"=";"

"1130"=";"

"1131"=";"

"1132"=";"

"1133"=";"

"1134"=";"

"1135"=";"

"1136"=";"

"1137"=";"

"1138"=";"

"1139"=";"

"1140"=";"

"1141"=";"

"1142"=";"

"1143"=";"

"1144"=";"

"1145"=";"

"1146"=";"

"1147"=";"

"1148"=";"

"1149"=";"

"1150"=";"

"1151"=";"

"1152"=";"

"1153"=";"

"1154"=";"

"1155"=";"

"1156"=";"

"1157"=";"

"1158"=";"

"1159"=";"

"1160"=";"

"1161"=";"

"1162"=";"

"1163"=";"

"1164"=";"

"1165"=";"

"1166"=";"

"1167"=";"

"1168"=";"

"1169"=";"

"1170"=";"

"1171"=";"

"1172"=";"

"1173"=";"

"1174"=";"

"1175"=";"

"1176"=";"

"1177"=";"

"1178"=";"

"1179"=";"

"1180"=";"

"1181"=";"

"1182"=";"

"1183"=";"

"1184"=";"

"1185"=";"

"1186"=";"

"1187"=";"

"1188"=";"

"1189"=";"

"1190"=";"

"1191"=";"

"1192"=";"

"1193"=";"

"1194"=";"

"1195"=";"

"1196"=";"

"1197"=";"

"1198"=";"

"1199"=";"

"1200"=";"

"1201"=";"

"1202"=";"

"1203"=";"

"1204"=";"

"1205"=";"

"1206"=";"

"1207"=";"

"1208"=";"

"1209"=";"

"1210"=";"

"1211"=";"

"1212"=";"

"1213"=";"

"1214"=";"

"1215"=";"

"1216"=";"

"1217"=";"

"1218"=";"

"1219"=";"

"1220"=";"

"1221"=";"

"1222"=";"

"1223"=";"

"1224"=";"

"1225"=";"

"1226"=";"

"1227"=";"

"1228"=";"

"1229"=";"

"1230"=";"

"1231"=";"

"1232"=";"

"1233"=";"

"1234"=";"

"1235"=";"

"1236"=";"

"1237"=";"

"1238"=";"

"1239"=";"

"1240"=";"

"1241"=";"

"1242"=";"

"1243"=";"

"1244"=";"

"1245"=";"

"1246"=";"

"1247"=";"

"1248"=";"

"1249"=";"

"1250"=";"

"1251"=";"

"1252"=";"

"1253"=";"

"1254"=";"

"1255"=";"

"1256"=";"

"1257"=";"

"1258"=";"

"1259"=";"

"1260"=";"

"1261"=";"

"1262"=";"

"1263"=";"

"1264"=";"

"1265"=";"

"1266"=";"

"1267"=";"

"1268"=";"

"1269"=";"

"1270"=";"

"1271"=";"

"1272"=";"

"1273"=";"

"1274"=";"

"1275"=";"

"1276"=";"

"1277"=";"

"1278"=";"

"1279"=";"

"1280"=";"

"1281"=";"

"1282"=";"

"1283"=";"

"1284"=";"

"1285"=";"

"1286"=";"

"1287"=";"

"1288"=";"

"1289"=";"

"1290"=";"

"1291"=";"

"1292"=";"

"1293"=";"

"1294"=";"

"1295"=";"

"1296"=";"

"1297"=";"

"1298"=";"

"1299"=";"

"1300"=";"

"1301"=";"

"1302"=";"

"1303"=";"

"1304"=";"

"1305"=";"

"1306"=";"

"1307"=";"

"1308"=";"

"1309"=";"

"1310"=";"

"1311"=";"

"1312"=";"

"1313"=";"

"1314"=";"

"1315"=";"

"1316"=";"

"1317"=";"

"1318"=";"

"1319"=";"

"1320"=";"

"1321"=";"

"1322"=";"

"1323"=";"

"1324"=";"

"1325"=";"

"1326"=";"

"1327"=";"

"1328"=";"

"1329"=";"

"1330"=";"

"1331"=";"

"1332"=";"

"1333"=";"

"1334"=";"

"1335"=";"

"1336"=";"

"1337"=";"

"1338"=";"

"1339"=";"

"1340"=";"

"1341"=";"

"1342"=";"

"1343"=";"

"1344"=";"

"1345"=";"

"1346"=";"

"1347"=";"

"1348"=";"

"1349"=";"

"1350"=";"

"1351"=";"

"1352"=";"

"1353"=";"

"1354"=";"

"1355"=";"

"1356"=";"

"1357"=";"

"1358"=";"

"1359"=";"

"1360"=";"

"1361"=";"

"1362"=";"

"1363"=";"

"1364"=";"

"1365"=";"

"1366"=";"

"1367"=";"

"1368"=";"

"1369"=";"

"1370"=";"

"1371"=";"

"1372"=";"

"1373"=";"

"1374"=";"

"1375"=";"

"1376"=";"

"1377"=";"

"1378"=";"

"1379"=";"

"1380"=";"

"1381"=";"

"1382"=";"

"1383"=";"

"1384"=";"

"1385"=";"

"1386"=";"

"1387"=";"

"1388"=";"

"1389"=";"

"1390"=";"

"1391"=";"

"1392"=";"

"1393"=";"

"1394"=";"

"1395"=";"

"1396"=";"

"1397"=";"

"1398"=";"

"1399"=";"

"1400"=";"

"1401"=";"

"1402"=";"

"1403"=";"

"1404"=";"

"1405"=";"

"1406"=";"

"1407"=";"

"1408"=";"

"1409"=";"

"1410"=";"

"1411"=";"

"1412"=";"

.

[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\68AB67CA7DA76401B7448A0100000030\SourceList\Media]

@DACL=(02 0000)

"DiskPrompt"="[1]"

"1"="READER8;[1]"

.

[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\B3009F3D71D771346BB16049FF35338F\SourceList\Media]

@DACL=(02 0000)

"1"=";"

"2"=";"

.

[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\CFD2C1F142D260E3CB8B271543DA9F98\SourceList\Media]

@DACL=(02 0000)

"DiskPrompt"="[1]"

"1"=";1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\D7314F9862C648A4DB8BE2A5B47BE100\SourceList\Media]

@DACL=(02 0000)

"DiskPrompt"="Microsoft's Silverlight Installation [1]"

"1"=";1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\E1685DF1EE752F948945398B644D5EF4\SourceList\Media]

@DACL=(02 0000)

"DiskPrompt"="[1]"

"1"="DISK1;1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\E49D96A6965C45146934279ED4D1FDAD\SourceList\Media]

@DACL=(02 0000)

"1"=";"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

Tempo para conclusão: 2012-10-24 16:33:32

ComboFix-quarantined-files.txt 2012-10-24 19:33

.

Pré-execução: 6 pasta(s) 30.867.058.688 bytes disponíveis

Pós execução: 8 pasta(s) 30.825.734.144 bytes disponíveis

.

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - A0F7B64566F6F2F1E7C9D4AF144A0830

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Boa noite Edvan

 

 

Os relatórios estão limpos.

 

Quanto ao processo, ele é legítimo:

 

http://systemexplorer.net/file-database/file/bcu-exe

 

 

:seta: Desinstale o Combofix

 

*Renomei o Combofix para Uninstall

 

*Execute-o, aguarde a mensagem ComboFix foi desinstalado e clique [OK]

 

aawpOveK.jpg

 

*Delete o arquivo C:\Combofix.txt

 

 

:seta: Desinstale o Adobe Reader 8.0

 

 

:seta: Atualize o Adobe Reader

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito