Dá uma olhada ai galera!
ComboFix 10-04-14.04 - Luiz Fernando Reis 15/04/2010 23:18:43.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.991.616 [GMT -3:00]
Executando de: c:\documents and settings\Luiz Fernando Reis\Meus documentos\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
ADS - drivers: deleted 204 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
A cópia de c:\windows\system32\midimap.dll foi encontrada e desinfectada
Cópia restaurada de - c:\windows\NiwradSoft Shell Pack\Backup\midimap.dll
.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-03-16 to 2010-04-16 ))))))))))))))))))))))))))))
.
2010-04-16 02:09 . 2010-04-16 02:10 -------- d-----w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\GetRightToGo
2010-04-16 01:10 . 2010-04-16 01:10 -------- d-----w- c:\arquivos de programas\AxBx
2010-04-07 13:46 . 2010-04-07 13:46 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-04-07 13:46 . 2010-04-15 19:06 -------- d-----w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\skypePM
2010-04-07 13:45 . 2010-04-16 01:53 -------- d-----w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\Skype
2010-04-07 13:44 . 2010-04-07 13:44 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Skype
2010-04-07 13:44 . 2010-04-07 17:30 -------- d-----r- c:\arquivos de programas\Skype
2010-04-07 13:43 . 2010-04-07 13:44 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Skype
2010-04-07 03:57 . 2010-04-07 04:07 -------- d-----w- c:\arquivos de programas\FullT
2010-04-07 01:49 . 2010-04-07 01:49 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-04-05 02:41 . 2010-04-05 02:42 -------- d-----w- c:\arquivos de programas\XP Codec Pack
2010-03-31 19:41 . 2010-03-31 19:41 -------- d-----w- c:\windows\Sun
2010-03-31 19:38 . 2010-03-31 19:38 152576 ----a-w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\Sun\Java\jre1.6.0_16\lzma.dll
2010-03-30 22:03 . 2010-03-30 22:03 -------- d-----w- c:\arquivos de programas\Noel Danjou
2010-03-29 14:10 . 2010-03-29 14:10 -------- d-----w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\LogoMaker
2010-03-29 14:06 . 2010-03-29 14:06 -------- d-----w- c:\arquivos de programas\Studio V5
2010-03-28 19:25 . 2008-04-13 22:20 26624 ----a-w- c:\documents and settings\LocalService\Dados de aplicativos\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-03-28 19:23 . 2010-03-28 19:23 -------- d-----w- c:\arquivos de programas\Windows Media Connect 2
2010-03-28 19:19 . 2010-04-08 13:03 -------- d-----w- c:\windows\system32\LogFiles
2010-03-28 19:19 . 2010-03-28 19:21 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-03-26 02:40 . 2010-03-25 13:56 131360 ----a-w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\Mozilla\Firefox\Profiles\t4ji6grk.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}\components\GbMzhBb.dll
2010-03-25 22:24 . 2010-03-25 22:24 25610266 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft\Microsoft Antimalware\LocalCopy\{9E6ABCBE-4F48-0033-FCF8-C444F8207B6F}-K-Lite Codec Pack.exe
2010-03-25 16:33 . 2010-02-18 13:20 30752 ----a-w- c:\windows\system32\drivers\gbpkm.sys
2010-03-25 16:32 . 2010-03-25 16:33 -------- d-----w- c:\arquivos de programas\GbPlugin
2010-03-25 16:32 . 2010-03-25 16:32 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\GbPlugin
2010-03-25 16:30 . 2010-02-24 13:53 1688288 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Temp\gbplugin_ie_bb_setup.exe
2010-03-25 16:30 . 2010-03-25 16:30 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java
2010-03-25 16:29 . 2010-03-31 19:39 -------- d-----w- c:\arquivos de programas\Java
2010-03-25 16:29 . 2010-03-25 16:29 79488 ----a-w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\Sun\Java\jre1.6.0_18\gtapi.dll
2010-03-25 16:29 . 2010-03-25 16:29 152576 ----a-w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\Sun\Java\jre1.6.0_18\lzma.dll
2010-03-25 16:26 . 2010-01-12 05:30 16488224 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Temp\java_setup.exe
2010-03-25 16:26 . 2010-03-25 16:33 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Temp
2010-03-25 03:12 . 2010-03-25 03:12 -------- d-----w- c:\documents and settings\Luiz Fernando Reis\Configuraes locais
2010-03-25 03:02 . 2010-03-25 03:02 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Adobe Systems
2010-03-25 03:01 . 2010-03-25 03:01 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe Systems Shared
2010-03-25 01:39 . 2003-01-22 22:04 40960 ----a-w- c:\windows\Vm_sti.exe
2010-03-25 01:39 . 2002-08-22 19:34 147456 ----a-w- c:\windows\VMCap.exe
2010-03-25 01:39 . 2002-08-22 17:50 61440 ----a-w- c:\windows\system32\VM31bSTI.dll
2010-03-25 01:39 . 2002-10-16 12:29 49152 ----a-w- c:\windows\amcap.exe
2010-03-25 01:39 . 2002-08-22 20:02 53248 ----a-w- c:\windows\StillCap.exe
2010-03-25 01:39 . 2000-10-31 03:00 307200 ----a-w- c:\windows\vidcap32.Exe
2010-03-25 01:39 . 2010-03-25 01:39 -------- d-----w- c:\windows\CatRoot
2010-03-25 01:39 . 2010-03-25 01:39 -------- d-----w- c:\arquivos de programas\Vimicro
2010-03-25 01:39 . 2002-11-01 20:43 93450 ----a-w- c:\windows\system32\drivers\usbVM31b.sys
2010-03-23 04:06 . 2010-03-23 04:06 -------- d-sh--w- c:\documents and settings\Luiz Fernando Reis\IECompatCache
2010-03-23 04:05 . 2010-03-23 04:05 -------- d-sh--w- c:\documents and settings\Luiz Fernando Reis\PrivacIE
2010-03-23 00:53 . 2010-03-23 00:53 -------- d-sh--w- c:\documents and settings\Luiz Fernando Reis\IETldCache
2010-03-22 23:52 . 2008-04-13 14:39 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2010-03-22 23:52 . 2008-04-13 14:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2010-03-22 23:52 . 2008-04-13 14:46 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2010-03-22 23:52 . 2008-04-13 14:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2010-03-22 23:51 . 2008-04-13 14:46 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2010-03-22 23:51 . 2008-04-13 14:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2010-03-22 23:51 . 2008-04-13 14:46 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2010-03-22 23:51 . 2008-04-13 14:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2010-03-22 23:51 . 2008-04-13 14:46 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2010-03-22 23:51 . 2008-04-13 14:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2010-03-22 23:51 . 2008-04-13 14:46 85248 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2010-03-22 23:51 . 2008-04-13 14:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2010-03-22 23:51 . 2008-04-13 14:46 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2010-03-22 23:51 . 2008-04-13 14:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2010-03-22 23:51 . 2008-04-13 22:20 54784 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-03-22 23:51 . 2008-04-13 22:20 54784 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-03-22 23:50 . 2008-04-13 14:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-03-22 23:50 . 2008-04-13 14:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-03-22 18:40 . 2010-03-22 18:40 -------- d-----w- c:\windows\ie8updates
2010-03-22 18:36 . 2010-03-22 18:39 -------- dc-h--w- c:\windows\ie8
2010-03-22 18:29 . 2009-12-21 19:07 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-03-22 18:29 . 2009-12-21 19:07 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-03-22 18:29 . 2009-12-21 19:07 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-03-22 18:29 . 2009-12-21 19:07 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-03-22 18:29 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-03-22 18:28 . 2009-12-21 19:07 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-03-20 14:59 . 2005-01-01 09:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2010-03-20 14:58 . 2010-03-20 14:58 -------- d-----w- C:\Program Files
2010-03-20 14:48 . 2010-03-20 14:48 -------- d-----w- c:\arquivos de programas\OnGame
2010-03-20 14:27 . 2010-04-14 16:59 -------- d-----w- c:\arquivos de programas\BitComet
2010-03-20 14:03 . 2010-03-20 14:03 -------- d-----w- C:\Downloads
2010-03-20 13:31 . 2009-08-06 22:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-03-20 13:31 . 2009-08-06 22:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-03-20 13:24 . 2010-03-22 18:40 -------- d--h--w- c:\windows\$hf_mig$
2010-03-19 18:47 . 2010-03-19 18:47 -------- d-----w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\Software Informer
2010-03-19 18:47 . 2010-03-19 18:47 -------- d-----w- c:\arquivos de programas\Software Informer
2010-03-19 18:46 . 2010-03-22 16:29 -------- d-----w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\Free Download Manager
2010-03-19 18:46 . 2010-03-19 18:46 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\FreeDownloadManager.ORG
2010-03-19 18:46 . 2010-03-19 18:47 -------- d-----w- c:\arquivos de programas\Free Download Manager
2010-03-19 17:55 . 2010-03-19 17:55 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus!
2010-03-19 15:52 . 2010-03-19 15:52 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live
2010-03-19 15:25 . 2010-03-25 03:05 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe
2010-03-19 15:00 . 2010-04-07 20:10 -------- d--h--w- c:\windows\NiwradSoft Shell Pack
2010-03-19 13:33 . 2005-11-01 13:35 28672 ----a-r- c:\windows\system32\VModes.exe
2010-03-19 13:33 . 2010-03-19 13:33 -------- d-----w- c:\arquivos de programas\S3
2010-03-19 13:33 . 2010-03-19 13:33 -------- d-----w- C:\SWSetup
2010-03-19 13:30 . 2010-03-19 13:30 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-03-19 13:29 . 2009-10-06 21:32 327168 ----a-w- c:\windows\system32\cutil32.dll
2010-03-19 13:29 . 2009-08-03 23:25 285696 ----a-w- c:\windows\system32\cudart.dll
2010-03-19 13:29 . 2010-03-19 13:29 -------- d-----w- c:\arquivos de programas\CPUID
2010-03-19 13:21 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2010-03-19 13:21 . 2009-02-09 11:25 2353408 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-03-19 13:21 . 2009-03-06 14:20 286208 -c----w- c:\windows\system32\dllcache\pdh.dll
2010-03-19 13:21 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2010-03-19 13:21 . 2009-02-09 10:53 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2010-03-19 13:21 . 2009-02-09 10:53 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2010-03-19 13:21 . 2009-02-09 10:53 683520 -c----w- c:\windows\system32\dllcache\advapi32.dll
2010-03-19 13:21 . 2009-02-09 10:53 731648 -c----w- c:\windows\system32\dllcache\lsasrv.dll
2010-03-19 13:21 . 2009-02-09 10:53 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2010-03-19 13:21 . 2009-02-09 10:53 730624 -c----w- c:\windows\system32\dllcache\ntdll.dll
2010-03-19 13:21 . 2009-02-09 11:25 2149376 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-03-19 13:20 . 2009-02-09 11:25 2028032 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-03-19 13:16 . 2009-11-27 16:08 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll
2010-03-19 13:16 . 2009-11-27 16:08 11264 -c----w- c:\windows\system32\dllcache\msrle32.dll
2010-03-19 13:16 . 2009-11-27 16:08 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll
2010-03-19 13:16 . 2009-11-27 16:08 85504 -c----w- c:\windows\system32\dllcache\avifil32.dll
2010-03-19 13:03 . 2010-03-19 13:03 -------- d-----w- c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\Media Player Classic
2010-03-19 13:02 . 2010-02-10 17:13 165376 ----a-w- c:\windows\system32\unrar.dll
2010-03-19 13:02 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-03-19 13:02 . 2003-03-19 03:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-03-19 12:58 . 2010-04-16 01:21 -------- d-----w- c:\documents and settings\Luiz Fernando Reis\Tracing
2010-03-19 12:57 . 2010-03-19 12:57 -------- d-----w- c:\arquivos de programas\Microsoft Silverlight
2010-03-19 12:56 . 2010-03-19 12:56 -------- d-----w- c:\arquivos de programas\Microsoft
2010-03-19 12:55 . 2010-03-19 12:55 -------- d-----w- c:\arquivos de programas\Windows Live SkyDrive
2010-03-19 12:55 . 2010-04-16 01:53 -------- d-----w- c:\arquivos de programas\Windows Live
2010-03-19 12:53 . 2010-03-19 12:53 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Windows Live
2010-03-19 12:50 . 2010-02-24 13:16 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-03-19 12:47 . 2010-03-19 12:47 -------- d-----w- c:\arquivos de programas\Microsoft Security Essentials
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-20 13:52 . 2001-10-28 15:07 347648 ----a-w- c:\windows\system32\perfh016.dat
2010-03-20 13:52 . 2001-10-28 15:07 49804 ----a-w- c:\windows\system32\perfc016.dat
2010-03-19 15:01 . 2004-08-04 03:45 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-03-19 12:32 . 2010-03-19 03:44 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-03-19 03:46 . 2010-03-19 03:46 -------- d-----w- c:\arquivos de programas\microsoft frontpage
2010-03-19 03:43 . 2010-03-19 03:43 -------- d-----w- c:\arquivos de programas\Serviços on-line
2010-03-19 03:43 . 2010-03-19 03:43 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços
2010-03-19 03:41 . 2010-03-19 03:41 21844 ----a-w- c:\windows\system32\emptyregdb.dat
.
------- Sigcheck -------
[7] 2008-04-13 . 71D440F79B711627B12B567FB2EADB42 . 509952 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-13 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-13 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2004-08-04 . 6F7BDE7A1126DEBF0CC359A54953EFC1 . 504320 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[7] 2008-04-13 . 085C5892D9C1E19B3CEFD1B79F5BBF13 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-13 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-13 . 302CD5BE4CA48200F9AC1C6074D71805 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2004-08-04 . 021631D9D0729D9E52300CCEACE4F054 . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2009-12-21 . B5A5C997C2F926C40CCC64A3BD377D4B . 5942784 . . [8.00.6001.18876] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2009-12-21 . 19C0EF966F1D3A2D163C337F4729B59D . 6104064 . . [8.00.6001.18876] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2009-12-21 . 19C0EF966F1D3A2D163C337F4729B59D . 6104064 . . [8.00.6001.18876] . . c:\windows\system32\mshtml.dll
[-] 2009-12-21 . 19C0EF966F1D3A2D163C337F4729B59D . 6104064 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2009-12-21 . AAD700DEA94EE6E56E591C351111941A . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . 58A17D0C94F23CD59346720B0C374A90 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-29 . 80F9322FBC4BBBC3A0DB6E9B3C953C60 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[-] 2008-04-13 . BDF0FBBD5F760CD6D7CFD066919042A7 . 3395072 . . [6.00.2900.5512] . . c:\windows\ie8\mshtml.dll
[7] 2004-08-04 . 2D36439FE3C0FBD30F5ABD8FDBAA31B5 . 3003392 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
[-] 2009-12-10 . C25035B93BDF12E2CB89C6F5BF8B99F1 . 2193536 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\acb7a465447f66deb6e0048de9915ff5\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 22E04EF02CAFBB0293096C15055E1578 . 2184576 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\acb7a465447f66deb6e0048de9915ff5\SP2GDR\ntoskrnl.exe
[-] 2009-12-09 . E89563C3278B87C889F817264D124100 . 2190208 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\acb7a465447f66deb6e0048de9915ff5\SP2QFE\ntoskrnl.exe
[-] 2009-12-09 . EB331E36934D9016B66CDF694954A8AF . 2193408 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\acb7a465447f66deb6e0048de9915ff5\SP3GDR\ntoskrnl.exe
[7] 2009-02-10 . B0BF079AF000D97D8C043D1DFF08086D . 2193408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . C667CA055AA4E24A0733061282276AA5 . 2193280 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2009-02-09 . C667CA055AA4E24A0733061282276AA5 . 2193280 . . [5.1.2600.5755] . . c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[-] 2009-02-09 . 8C039A52F26EA47CE27805BC757D5B0A . 2353408 . . [5.1.2600.5755] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2009-02-09 . 8C039A52F26EA47CE27805BC757D5B0A . 2353408 . . [5.1.2600.5755] . . c:\windows\system32\ntoskrnl.exe
[-] 2009-02-09 . 8C039A52F26EA47CE27805BC757D5B0A . 2353408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2004-08-04 . 3B72A63F230DFB276FC96A99173A81BE . 2185216 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2008-04-13 . 54907DB28872A7A6D3EE2B4747A23828 . 579072 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-13 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-13 . A9B36030497E98C29210E4544700649D . 579072 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[7] 2004-08-04 . E0FF28447D1038DE106D1F2FDF851647 . 577536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll
[7] 2009-12-21 . 79805286A6D381A658A1871F6B3588B9 . 916480 . . [8.00.6001.18876] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2009-12-21 . 3F3D0CA0F3E59B72893E87159316E640 . 983040 . . [8.00.6001.18876] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2009-12-21 . 3F3D0CA0F3E59B72893E87159316E640 . 983040 . . [8.00.6001.18876] . . c:\windows\system32\wininet.dll
[-] 2009-12-21 . 3F3D0CA0F3E59B72893E87159316E640 . 983040 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\wininet.dll
[7] 2009-12-21 . 11162780821A0531D39E675A662D766F . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . 191FFB2798E4DB25F04C2E71C9595A85 . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-10-29 . E30B8F0D3BFAF4B403C57F05242AEF74 . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2008-04-13 . 04170588CFCFB99298C6AE393A8252C3 . 778240 . . [6.00.2900.5512] . . c:\windows\ie8\wininet.dll
[7] 2004-08-04 . 398A619CE60090303042D1F8CC68F712 . 658432 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\wininet.dll
[-] 2008-04-13 . 77F71BF6970EA10B4CC9AA1D45654AA0 . 1542656 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-13 . 064EC7FF5F58B928C3E119402977FA6D . 1035776 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-13 . 77F71BF6970EA10B4CC9AA1D45654AA0 . 1542656 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2004-08-04 . FA61A19050AE14BEC1A26DE82390DD65 . 1034240 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[7] 2008-04-13 . 4E486ADFE3A0B9ED0EB0639902E9F64F . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-13 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-13 . 584450C5B2439571755D40444589C63D . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-04 . F40BC97996B8E53799EEF1D63996674B . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2009-12-10 . 7D45AF0A376A7EEE59B2A4BCDC304C9C . 2070400 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\acb7a465447f66deb6e0048de9915ff5\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 4674AF70BFDCA06E93B0B4986BB6226E . 2061952 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\acb7a465447f66deb6e0048de9915ff5\SP2GDR\ntkrnlpa.exe
[-] 2009-12-09 . FDB9C8546BB18C5084FDB523BE6BBDBC . 2067328 . . [5.1.2600.3654] . . c:\windows\SoftwareDistribution\Download\acb7a465447f66deb6e0048de9915ff5\SP2QFE\ntkrnlpa.exe
[-] 2009-12-09 . FA72BE44F0715BD88A37C77559ACB3B7 . 2070272 . . [5.1.2600.5913] . . c:\windows\SoftwareDistribution\Download\acb7a465447f66deb6e0048de9915ff5\SP3GDR\ntkrnlpa.exe
[7] 2009-02-10 . DBAD62B9A518249C1A1408CF3AB9064A . 2070272 . . [5.1.2600.5755] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2009-02-10 . DBAD62B9A518249C1A1408CF3AB9064A . 2070272 . . [5.1.2600.5755] . . c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2009-02-10 . 85DB21704357B3064BF9ED52AD209B35 . 2230400 . . [5.1.2600.5755] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2009-02-10 . 85DB21704357B3064BF9ED52AD209B35 . 2230400 . . [5.1.2600.5755] . . c:\windows\system32\ntkrnlpa.exe
[-] 2009-02-10 . 85DB21704357B3064BF9ED52AD209B35 . 2230400 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2009-02-09 . FF7FE874B6DA494303EE3DD9B97AB007 . 2070400 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2004-08-04 . C9BAE5544B8AA39454C50D8FF83AE5A8 . 2061056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\arquivos de programas\Skype\Phone\Skype.exe" [2010-03-09 26100520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"MSSE"="c:\arquivos de programas\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208]
"VTTimer"="VTTimer.exe" [2006-09-21 53248]
"QuickTime Task"="c:\arquivos de programas\QuickTime\qttask.exe" [2009-11-11 417792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 40448]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2010-02-18 13:19 323360 ----a-w- c:\arquivos de programas\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Luiz Fernando Reis^Menu Iniciar^Programas^Inicializar^Adobe Gamma.lnk]
path=c:\documents and settings\Luiz Fernando Reis\Menu Iniciar\Programas\Inicializar\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 20:10 35696 ----a-w- c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-19 15:26 136176 ----atw- c:\documents and settings\Luiz Fernando Reis\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-02-15 21:07 141608 ----a-w- c:\arquivos de programas\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-11 02:08 417792 ----a-w- c:\arquivos de programas\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-01-11 18:21 246504 ----a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=
"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\BitComet\\BitComet.exe"=
"c:\\Arquivos de programas\\OnGame\\GunBoundWC\\GunBound.gme"=
"c:\\Arquivos de programas\\FullT\\mirc.exe"=
"c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"22818:TCP"= 22818:TCP:BitComet 22818 TCP
"22818:UDP"= 22818:UDP:BitComet 22818 UDP
"12055:TCP"= 12055:TCP:BitComet 12055 TCP
"12055:UDP"= 12055:UDP:BitComet 12055 UDP
"9742:TCP"= 9742:TCP:BitComet 9742 TCP
"9742:UDP"= 9742:UDP:BitComet 9742 UDP
"15525:TCP"= 15525:TCP:BitComet 15525 TCP
"15525:UDP"= 15525:UDP:BitComet 15525 UDP
"26029:TCP"= 26029:TCP:BitComet 26029 TCP
"26029:UDP"= 26029:UDP:BitComet 26029 UDP
"10409:TCP"= 10409:TCP:BitComet 10409 TCP
"10409:UDP"= 10409:UDP:BitComet 10409 UDP
"15924:TCP"= 15924:TCP:BitComet 15924 TCP
"15924:UDP"= 15924:UDP:BitComet 15924 UDP
"16865:TCP"= 16865:TCP:BitComet 16865 TCP
"16865:UDP"= 16865:UDP:BitComet 16865 UDP
"18302:TCP"= 18302:TCP:BitComet 18302 TCP
"18302:UDP"= 18302:UDP:BitComet 18302 UDP
"12565:TCP"= 12565:TCP:BitComet 12565 TCP
"12565:UDP"= 12565:UDP:BitComet 12565 UDP
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [25/3/2010 13:33 30752]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19/3/2010 01:39 691696]
R2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [25/3/2010 13:33 54048]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
.
Conteúdo da pasta 'Tarefas Agendadas'
2010-04-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 15:34]
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1085031214-1500820517-1801674531-1003UA.job
2010-04-16 c:\windows\Tasks\MP Scheduled Scan.job
- c:\arquivos de programas\Microsoft Security Essentials\MpCmdRun.exe [2009-12-09 21:02]
2010-04-16 c:\windows\Tasks\User_Feed_Synchronization-{CC5C15B0-6CB4-4113-9298-A2A6BAB623C7}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 07:31]
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.terra.com.br/
uInternet Settings,ProxyOverride = *.local
IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm
IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm
IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm
IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\www
FF - ProfilePath - c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\Mozilla\Firefox\Profiles\t4ji6grk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.terra.com.br/portal/
FF - component: c:\arquivos de programas\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\documents and settings\Luiz Fernando Reis\Dados de aplicativos\Mozilla\Firefox\Profiles\t4ji6grk.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}\components\GbMzhBb.dll
FF - plugin: c:\arquivos de programas\Java\jre1.6.0_16\bin\new_plugin\npdeploytk.dll
FF - plugin: c:\arquivos de programas\Java\jre1.6.0_16\bin\new_plugin\npjp2.dll
---- FIREFOX POLICIES ----
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORFÃOS REMOVIDOS - - - -
HKCU-Run-msnmsgr - c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe
HKCU-Run-fsm - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-15 23:26
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys speb.sys >>UNKNOWN [0x85F8E938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7712f28
\Driver\ACPI -> ACPI.sys @ 0xf757acb8
\Driver\atapi -> atapi.sys @ 0xf750fb40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a8
ParseProcedure -> ntoskrnl.exe @ 0x8056c1d6
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a8
ParseProcedure -> ntoskrnl.exe @ 0x8056c1d6
NDIS: VIA PCI 10/100Mb Fast Ethernet Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7418bb0
PacketIndicateHandler -> NDIS.sys @ 0xf7425a21
SendHandler -> NDIS.sys @ 0xf740387b
user & kernel MBR OK
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
- - - - - - - > 'winlogon.exe'(660)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\arquivos de programas\GbPlugin\gbieh.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(720)
c:\windows\system32\setupapi.dll
c:\windows\system32\psbase.dll
- - - - - - - > 'explorer.exe'(2580)
c:\windows\system32\WININET.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\LINKINFO.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\arquivos de programas\GbPlugin\gbieh.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\PDFShell.PTB
.
------------------------ Outros Processos em Execução ------------------------
.
c:\arquivos de programas\Microsoft Security Essentials\MsMpEng.exe
c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\arquivos de programas\Bonjour\mDNSResponder.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\VTTimer.exe
c:\arquivos de programas\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Tempo para conclusão: 2010-04-15 23:31:54 - Máquina reiniciou
ComboFix-quarantined-files.txt 2010-04-16 02:31
Pré-execução: 7 pasta(s) 14.633.226.240 bytes disponíveis
Pós execução: 10 pasta(s) 16.427.405.312 bytes disponíveis
WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 433BBBC2597CAD5622511A049C7BB08E

luizreis14
Novo Membro
Registrado
5 Mensagens
0 Curtidas