Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Combo Fix

    Hochgeladen von

    x3computadores
    30 Ansichten4 Seiten

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    TXT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden

    Copyright:

    © All Rights Reserved
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    30 Ansichten4 Seiten

    Combo Fix

    Hochgeladen von

    x3computadores

    Copyright:

    © All Rights Reserved
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 4

    ComboFix 13-12-16.01 - User 17/12/2013 7:47.4.

    2 - x86
    Microsoft Windows 7 Professional 6.1.7600.0.1252.55.1046.18.3317.2271 [GMT -2:
    00]
    Executando de: c:\users\User\Downloads\ComboFix.exe
    AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((( Arquivos/Ficheiros criados de 2013-11-17 to 2013-12-17 )))))
    )))))))))))))))))))))))
    .
    .
    2013-12-17 09:52 . 2013-12-17 09:52
    -------d-----wc:\users
    \Public\AppData\Local\temp
    2013-12-17 09:52 . 2013-12-17 09:52
    -------d-----wc:\users
    \Default\AppData\Local\temp
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((( Relatrio Find3M )))))))))))))))))))))))
    )))))))))))))))))))))))))))))
    .
    2013-12-11 12:41 . 2012-05-23 16:13
    71048 ----a-wc:\windows\syste
    m32\FlashPlayerCPLApp.cpl
    2013-12-11 12:41 . 2012-05-23 16:13
    692616 ----a-wc:\windows\syste
    m32\FlashPlayerApp.exe
    2013-11-12 13:06 . 2013-03-12 11:28
    178304 ----a-wc:\windows\syste
    m32\drivers\aswVmm.sys
    2013-11-12 13:06 . 2013-03-12 11:28
    49944 ----a-wc:\windows\syste
    m32\drivers\aswRvrt.sys
    2013-11-12 13:06 . 2012-05-23 15:54
    403440 ----a-wc:\windows\syste
    m32\drivers\aswSP.sys
    2013-11-12 13:06 . 2012-05-23 15:54
    35656 ----a-wc:\windows\syste
    m32\drivers\aswFsBlk.sys
    2013-11-12 13:06 . 2012-05-23 15:54
    79720 ----a-wc:\windows\syste
    m32\drivers\aswRdr2.sys
    2013-11-12 13:06 . 2012-05-23 15:54
    774392 ----a-wc:\windows\syste
    m32\drivers\aswSnx.sys
    2013-11-12 13:06 . 2012-05-23 15:54
    57672 ----a-wc:\windows\syste
    m32\drivers\aswTdi.sys
    2013-11-12 13:06 . 2012-05-23 15:54
    70384 ----a-wc:\windows\syste
    m32\drivers\aswMonFlt.sys
    2013-11-12 13:06 . 2012-05-23 15:54
    43152 ----a-wc:\windows\avast
    SS.scr
    2013-11-12 13:06 . 2012-05-23 15:54
    269216 ----a-wc:\windows\syste
    m32\aswBoot.exe
    .
    .
    (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))
    )))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legtimas por padro no so apresentadas.
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellicon
    overlayidentifiers\00avast]
    @="{472083B0-C522-11CF-8763-00608CC02F24}"
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

    2013-11-12 13:06
    321752 ----a-wc:\program files\AVAST Software\
    Avast\ashShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Akamai NetSession Interface"="c:\users\User\AppData\Local\Akamai\netsession_win
    .exe" [2013-06-05 4489472]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [200703-01 153136]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [
    2009-02-26 30040]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
    "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [201
    0-06-09 49208]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-0404 958576]
    "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-12 35
    68312]
    .
    c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Recorte de tela e Iniciador do OneNote 2007.lnk - c:\program files\Microsoft Off
    ice\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    R3 HPFXBULKLEDM;HPFXBULKLEDM;c:\windows\system32\drivers\hppcbulkio.sys [2010-10
    -28 20504]
    R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\window
    s\system32\DRIVERS\RTL85n86.sys [2009-07-13 311808]
    R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.s
    ys [2009-09-19 98432]
    R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmd
    fl.sys [2009-09-19 14848]
    R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [200
    9-09-19 123648]
    R3 WatAdminSvc;Servio de Tecnologias de Ativao do Windows;c:\windows\system32\Wat\W
    atAdminSvc.exe [2012-05-24 1343400]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Window
    s Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
    S0 aswRvrt;avast! Revert; [x]
    S0 aswVmm;avast! VM Monitor; [x]
    S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-11-12 774392]
    S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-11-12 403440]
    S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-11-12 35656]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-11-12 703
    84]
    S2 HP DS Service;HP DS Service;c:\program files\HP\HPBDSService\HPBDSService.exe
    [2010-10-27 13824]
    S2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService

    \HPLaserJetService.exe [2010-10-27 145920]


    S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Serv
    ice.exe [2012-03-19 2666880]
    S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\wi
    ndows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 14848]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009
    -07-13 139776]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ
    Pml Driver HPZ12 Net Driver HPZ12
    .
    Contedo da pasta 'Tarefas Agendadas'
    .
    2013-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-23 12
    :41]
    .
    2013-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-07-11 20:01]
    .
    2013-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-07-11 20:01]
    .
    .
    ------- Scan Suplementar ------.
    uStart Page = hxxp://www.uol.com.br/
    uInternet Settings,ProxyOverride = <local>
    TCP: Interfaces\{CBA0B1B2-2D20-48BB-AD6E-1D4DF514A7C7}: NameServer = 192.168.1.1
    FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fjlall
    8s.default\
    FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110825&tt=0213_6
    FF - user.js: extensions.BabylonToolbar_i.babExt FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
    FF - user.js: extensions.BabylonToolbar_i.id - 249b7d3e00000000000000016c7dd278
    FF - user.js: extensions.BabylonToolbar_i.hardId - 249b7d3e00000000000000016c7dd
    278
    FF - user.js: extensions.BabylonToolbar_i.instlDay - 15714
    FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1718:05
    FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
    FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
    FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
    FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
    FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
    FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
    FF - user.js: extensions.delta.tlbrSrchUrl FF - user.js: extensions.delta.id - 249b7d3e00000000000000016c7dd278
    FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    FF - user.js: extensions.delta.instlDay - 15918
    FF - user.js: extensions.delta.vrsn - 1.8.22.0
    FF - user.js: extensions.delta.vrsni - 1.8.22.0
    FF - user.js: extensions.delta.vrsnTs - 1.8.22.013:54
    FF - user.js: extensions.delta.prtnrId - delta
    FF - user.js: extensions.delta.prdct - delta
    FF - user.js: extensions.delta.aflt - babsst
    FF - user.js: extensions.delta.smplGrp - none
    FF - user.js: extensions.delta.tlbrId - base

    FF - user.js: extensions.delta.instlRef - sst


    FF - user.js: extensions.delta.dfltLng - pt
    FF - user.js: extensions.delta.excTlbr - false
    FF - user.js: extensions.delta.ffxUnstlRst - true
    FF - user.js: extensions.delta.admin - false
    FF - user.js: extensions.delta_i.babTrack - affID=119357&tsp=4961
    FF - user.js: extensions.delta_i.babExt FF - user.js: extensions.delta_i.srcExt - ss
    FF - user.js: extensions.delta.autoRvrt - false
    FF - user.js: extensions.delta.rvrt - false
    FF - user.js: extensions.delta.newTab - false
    .
    .
    --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------.
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Tempo para concluso: 2013-12-17 07:55:25
    ComboFix-quarantined-files.txt 2013-12-17 09:55
    ComboFix2.txt 2013-10-15 11:59
    ComboFix3.txt 2013-03-12 11:26
    ComboFix4.txt 2012-10-30 10:29
    .
    Pr-execuo: 272.720.109.568 bytes disponveis
    Ps execuo: 273.156.648.960 bytes disponveis
    .
    - - End Of File - - DB49F86AB7D58C721C5BFA1912980231
    A36C5E4F47E84449FF07ED3517B43A31

    Das könnte Ihnen auch gefallen