Combo Fix

ComboFix 10-10-18.05 - user 19/10/2010 11:51:33.1.
1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1014.571 [GMT -2:0
0]
Executando de: c:\documents and settings\user\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A
743-FDD3350758C7}
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))
))))))))))))))))))))))))))))
.
c:\windows\system32\scp.dll
.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-09-19 to 2010-10-19 )))))
)))))))))))))))))))))))
.
2010-10-13 13:23 . 2010-01-29 20:17 80 ----a-w- C:\AtivarMapeame
nto1.bat
2010-10-13 13:23 . 2010-06-16 18:32 87 ----a-w- C:\AtivarMapeame
nto.bat
2010-10-13 13:16 . 2010-10-13 13:16 -------- d-----w- c:\arqui
vos de programas\Business Objects
2010-10-13 12:19 . 2010-10-13 12:19 -------- d--h--w- c:\windo
ws\system32\GroupPolicy
2010-10-13 12:07 . 2010-09-18 06:53 974848 ------w- c:\windows\syste
m32\dllcache\mfc42.dll
2010-10-13 12:07 . 2010-09-18 06:53 954368 ------w- c:\windows\syste
m32\dllcache\mfc40.dll
2010-10-13 12:07 . 2010-09-18 06:53 953856 ------w- c:\windows\syste
m32\dllcache\mfc40u.dll
2010-10-13 12:06 . 2010-08-23 16:12 617472 ------w- c:\windows\syste
m32\dllcache\comctl32.dll
2010-10-10 09:54 . 2009-08-06 22:23 274288 ----a-w- c:\windows\syste
m32\mucltui.dll
m32\muweb.dll
2010-10-09 14:23 . 2010-10-09 14:23 -------- d-----w- c:\arqui
vos de programas\PR2k7BRA
2010-10-07 19:48 . 2008-04-14 11:00 26624 ----a-w- c:\documents and
settings\LocalService\Dados de aplicativos\Microsoft\UPnP Device Host\upnphost\
udhisapi.dll
2010-10-05 15:50 . 2010-10-05 15:50 -------- d-----w- C:\CnrHs
bc
2010-10-05 15:50 . 2010-10-05 15:50 -------- d--h--w- c:\arqui
vos de programas\InstallShield Installation Information
2010-10-05 15:48 . 2010-10-05 15:49 -------- d-----w- C:\Cap_C
heq
2010-10-05 15:48 . 1998-10-09 20:56 327168 ----a-w- c:\windows\IsUn0
416.exe
2010-10-05 15:48 . 2010-10-05 15:48 -------- d-----w- c:\docum
ents and settings\user\WINDOWS
2010-10-02 15:12 . 2010-10-02 15:12 -------- d-----w- c:\arqui
vos de programas\MSXML 4.0
2010-10-02 12:09 . 2010-06-14 14:31 744448 ------w- c:\windows\syste
m32\dllcache\helpsvc.exe
m32\Spool\prtprocs\w32x86\mdippr.dll
m32\mdimon.dll
2010-10-01 23:43 . 2010-10-01 23:44 -------- d-----w- c:\windo
ws\SHELLNEW
2010-10-01 23:35 . 2010-10-01 23:35 -------- d-----r- C:\MSOCa
che
2010-10-01 23:28 . 2010-10-01 23:28 -------- d-----w- c:\docum
ents and settings\user\Dados de aplicativos\TeamViewer
2010-10-01 23:28 . 2010-10-01 23:28 -------- d-----w- c:\arqui
vos de programas\TeamViewer
2010-10-01 23:24 . 2010-10-01 23:24 -------- d-----w- c:\docum
ents and settings\All Users\Dados de aplicativos\WEBREG
2010-10-01 23:24 . 2010-10-01 23:24 -------- d-----w- c:\docum
ents and settings\user\Dados de aplicativos\HP
m32\drivers\HPZid412.sys
m32\drivers\HPZius12.sys
m32\drivers\HPZipr12.sys
m32\hpzids01.dll
m32\hpowiax4.dll
m32\hpotscl4.dll
m32\hppldcoi.dll
m32\hpovst11.dll
2010-10-01 23:18 . 2010-10-01 23:21 -------- d-----w- c:\arqui
vos de programas\HP
m32\drivers\usbscan.sys
m32\drivers\usbprint.sys
2010-10-01 23:11 . 2010-10-18 21:36 -------- d-----w- c:\arqui
vos de programas\TEKSGPC
2010-10-01 23:09 . 2010-10-01 23:11 303104 ------w- c:\windows\Setup
1.exe
2010-10-01 23:09 . 2010-10-01 23:11 73216 ----a-w- c:\windows\ST6UN
ST.EXE
2010-10-01 23:09 . 2010-10-01 23:09 -------- d-----w- C:\temp
2010-10-01 22:32 . 2010-10-01 22:32 -------- d-----w- C:\Servi
med
m32\drivers\mouhid.sys
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))
)))))))))))))))))))))))))))))
.
.
------- Sigcheck -------
[-] 2008-05-08 . 5AFEEB90A6BD5885608F05E27CBEC1F8 . 1571840 . . [5.1.2600.5512]
. . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))
)))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-01-29 16859648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-16 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-16 178712]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-16 150040]
"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\
Reader_sl.exe" [2008-06-12 34672]
"avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 2
09153]
"HP Software Update"="c:\arquivos de programas\HP\HP Software Update\HPWuSchd2.e
xe" [2009-11-18 54576]
"Bing Bar"="c:\arquivos de programas\MSN Toolbar\Platform\5.0.1449.0\mswinext.ex
e" [2010-04-27 243544]
"Microsoft Default Manager"="c:\arquivos de programas\Microsoft\Search Enhanceme
nt Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2010-09-09 124928]
c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
HP Digital Imaging Monitor.lnk - c:\arquivos de programas\HP\Digital Imaging\bin
\hpqtra08.exe [2010-5-28 276328]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authoriz
edApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxs08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Arquivos de programas\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Arquivos de programas\\HP\\Digital Imaging\\smart web printing\\SmartWebPri
ntExe.exe"=
"c:\\Arquivos de programas\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Arquivos de programas\\TeamViewer\\Version5\\TeamViewer_Service.exe"=
"c:\\Cap_Cheq\\Dbeng9.exe"=
"c:\\CnrHsbc\\Dbeng9.exe"=
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avir
a\AntiVir Desktop\sched.exe [25/1/2010 22:46 108289]
S3 AsrCDDrv;AsrCDDrv;\??\c:\windows\system32\Drivers\AsrCDDrv.sys --> c:\windows
\system32\Drivers\AsrCDDrv.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Conteúdo da pasta 'Tarefas Agendadas'
2010-10-19 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 17:07]
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com.br/
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~3\OFFICE11\EXCEL.EXE/3
000
TCP: {F28A32F3-A1FE-4205-AA61-C351D2BC1299} = 200.175.5.139,200.175.182.139
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData
\LocalSystem\Components\ |ÿÿÿÿÀ |ù 6~*]
"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Tempo para conclusão: 2010-10-19 11:56:39
ComboFix-quarantined-files.txt 2010-10-19 13:56
Pré-execução: 11 pasta(s) 146.551.578.624 bytes disponíveis
Pós execução: 14 pasta(s) 146.682.302.464 bytes disponíveis
WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional"
/noexecute=optin /fastdetect
- - End Of File - - 4B8381A656936A28D35FF4FD69F18242

Combo Fix

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Combo Fix

Încărcat de

Drepturi de autor:

Formate disponibile

ComboFix 10-10-18.05 - user 19/10/2010 11:51:33.1.

S-ar putea să vă placă și