Pular para conteúdo principal
Iniciar uma nova conversa

Não Resolvido

Esta postagem tem mais de 5 anos

Keelly Lopes

1 Rookie

 • 

1 Mensagem

948

13 de outubro de 2013 15:00

Combofix

Passei o combofix no meu notebook e deu esse resultado. Gostaria de uma resposta que fosse com uma linguagem mais simples, pois gostaria de uma soluçao para o meu problema já que ele está reiniciando e aparecendo erros diferentes na tela azul.

ComboFix 13-10-13.02 - kellylopes 13/10/2013 18:09:14.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.2935.1060 [GMT -3:00]
Executando de: c:\users\kellylopes\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Criado um novo ponto de restauração
.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\XSxS
.
A cópia de c:\windows\SysWow64\userinit.exe foi encontrada e desinfectada
Cópia restaurada de - c:\windows\erdnt\cache86\userinit.exe
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2013-09-13 to 2013-10-13 ))))))))))))))))))))))))))))
.
.
2013-10-13 21:15 . 2013-10-13 21:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-13 21:02 . 2012-08-17 13:38 773968 ----a-w- c:\windows\system32\msvcr100.dll
2013-10-13 19:58 . 2013-10-13 19:58 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{25820060-05AB-4E0B-B37E-61529854A15D}\offreg.dll
2013-10-13 19:54 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{25820060-05AB-4E0B-B37E-61529854A15D}\mpengine.dll
2013-10-13 18:54 . 2013-10-13 18:54 -------- d-----w- c:\users\kellylopes\AppData\Roaming\Farm Mania
2013-10-13 18:13 . 2013-10-13 18:14 -------- d-----w- c:\program files (x86)\Plus-HD-1.8
2013-10-13 17:49 . 2013-10-13 17:49 -------- d-----w- c:\users\kellylopes\AppData\Roaming\Malwarebytes
2013-10-13 17:49 . 2013-10-13 17:49 -------- d-----w- c:\programdata\Malwarebytes
2013-10-13 17:49 . 2013-10-13 17:49 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-10-13 17:49 . 2013-04-04 17:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-13 17:44 . 2013-10-13 18:17 -------- d-----w- c:\program files\Common Files\McAfee
2013-10-13 17:44 . 2013-10-13 17:48 -------- d-----w- c:\programdata\McAfee
2013-10-13 17:06 . 2012-08-30 16:15 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-10-13 13:55 . 2013-10-13 13:55 -------- d-----w- c:\program files (x86)\Lavalys
2013-10-11 21:47 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-05 14:09 . 2013-10-05 14:10 -------- d-----w- c:\program files (x86)\Win7codecs
2013-10-05 14:08 . 2013-10-05 14:10 -------- d-----w- c:\programdata\Win7codecs
2013-10-02 17:40 . 2013-10-02 17:41 -------- d-----w- c:\users\kellylopes\AppData\Local\Facebook
2013-10-01 19:55 . 2013-10-01 19:55 -------- d-----w- c:\program files (x86)\PC HealthBoost
2013-10-01 19:55 . 2013-10-01 19:55 -------- d-----w- c:\programdata\PCHealthBoost
2013-10-01 19:47 . 2013-10-01 19:47 -------- d-----w- c:\users\kellylopes\AppData\Roaming\dll-files.com
2013-10-01 19:46 . 2013-10-01 19:47 -------- d-----w- c:\program files (x86)\Dll-Files.com Fixer
2013-09-30 20:13 . 2013-04-11 19:12 19392 ----a-w- c:\windows\system32\roboot64.exe
2013-09-30 17:27 . 2013-09-30 17:27 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-09-30 17:23 . 2013-09-30 17:23 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-09-30 00:09 . 2013-09-30 00:09 -------- d-----w- c:\users\kellylopes\AppData\Local\Macromedia
2013-09-29 23:51 . 2013-09-29 23:51 -------- d-----w- c:\users\kellylopes\AppData\Local\Mozilla
2013-09-29 18:12 . 2013-09-29 18:12 -------- d-----w- c:\users\kellylopes\AppData\Local\JH Software
2013-09-29 18:10 . 2013-09-29 18:11 -------- d-----w- c:\program files\Simple DNS Plus
2013-09-29 18:10 . 2013-09-29 18:10 -------- d-----w- c:\programdata\JH Software
2013-09-29 13:35 . 2013-09-30 17:26 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-09-29 13:31 . 2013-09-29 13:31 -------- d-----w- c:\program files\Microsoft Office
2013-09-29 13:30 . 2013-09-29 14:09 -------- d-----w- c:\users\kellylopes\AppData\Local\Microsoft Help
2013-09-29 13:30 . 2013-09-30 17:33 -------- d-----w- c:\programdata\Microsoft Help
2013-09-29 00:48 . 2013-09-29 01:02 -------- d-----w- c:\users\kellylopes\AppData\Roaming\PhotoScape
2013-09-29 00:47 . 2013-09-29 00:48 -------- d-----w- c:\program files (x86)\PhotoScape
2013-09-28 21:09 . 2013-09-28 21:09 -------- d-----w- c:\program files (x86)\Application Updater
2013-09-28 21:09 . 2013-09-28 21:09 -------- d-----w- c:\program files (x86)\SearchMe Toolbar
2013-09-28 21:09 . 2013-09-28 21:09 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2013-09-28 21:06 . 2013-09-28 21:08 -------- d-----w- c:\windows\SysWow64\C2MP
2013-09-28 20:32 . 2013-09-28 20:32 -------- d-----w- C:\FFOutput
2013-09-28 20:32 . 2013-09-28 20:32 -------- d-----w- c:\programdata\APN
2013-09-28 20:28 . 2013-09-28 20:28 -------- d-----w- c:\program files (x86)\FreeTime
2013-09-28 20:07 . 2013-10-05 20:18 -------- d-----w- c:\users\kellylopes\AppData\Roaming\vlc
2013-09-28 20:06 . 2013-09-28 20:06 -------- d-----w- c:\program files (x86)\VideoLAN
2013-09-25 19:02 . 2013-09-25 19:02 -------- d-----w- c:\program files\IDT
2013-09-25 18:45 . 2013-09-26 14:13 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-09-25 18:45 . 2013-09-25 18:45 -------- d-----w- c:\users\kellylopes\AppData\Local\SlimWare Utilities Inc
2013-09-25 18:41 . 2013-09-26 14:15 -------- d-----w- c:\program files (x86)\SlimDrivers
2013-09-25 18:17 . 2013-09-25 18:18 -------- d-----w- c:\users\Administrador
2013-09-25 15:22 . 2013-09-25 15:22 -------- d-----w- c:\program files (x86)\DLLSuite
2013-09-25 15:15 . 2013-09-25 15:15 -------- d-----w- c:\program files (x86)\NirSoft
2013-09-25 14:50 . 2013-06-07 11:21 -------- d-----w- c:\program files\minetest-0.4.7
2013-09-24 22:06 . 2013-09-24 22:06 -------- d-----w- c:\program files (x86)\R.G. Catalyst
2013-09-24 18:04 . 2013-09-24 18:05 -------- d-----w- C:\AdwCleaner
2013-09-24 00:34 . 2013-09-24 00:35 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2013-09-24 00:20 . 2013-09-24 00:20 1998168 ----a-w- c:\windows\SysWow64\d3dx9_43.dll
2013-09-22 23:08 . 2013-09-22 23:23 -------- d-----w- c:\users\kellylopes\AppData\Roaming\.minecraft
2013-09-22 23:08 . 2013-09-22 23:08 -------- d-----w- c:\programdata\Oracle
2013-09-22 23:08 . 2013-09-22 23:08 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-09-22 23:07 . 2013-09-22 23:06 790440 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-22 23:07 . 2013-09-22 23:06 868264 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-09-22 23:07 . 2013-09-22 23:07 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-22 23:06 . 2013-09-22 23:06 -------- d-----w- c:\program files (x86)\Java
2013-09-22 22:31 . 2013-09-22 22:31 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-09-22 22:31 . 2013-09-22 22:47 -------- d-----w- c:\users\kellylopes\AppData\Roaming\DAEMON Tools Lite
2013-09-22 22:30 . 2013-09-22 22:31 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-09-22 22:30 . 2013-09-22 22:48 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-09-22 22:06 . 2013-09-29 13:44 -------- d-----w- c:\users\kellylopes\AppData\Roaming\Opera Software
2013-09-22 22:06 . 2013-09-29 13:44 -------- d-----w- c:\users\kellylopes\AppData\Local\Opera Software
2013-09-22 22:05 . 2013-09-29 13:44 -------- d-----w- c:\program files (x86)\Opera
2013-09-20 22:30 . 2013-09-20 22:30 -------- d-----w- c:\programdata\SummerSoft
2013-09-20 22:29 . 2013-09-20 22:29 -------- d-----w- c:\users\kellylopes\AppData\Local\Programs
2013-09-20 22:28 . 2013-09-20 22:36 -------- d-----w- c:\program files (x86)\ss helper
2013-09-20 22:27 . 2013-09-20 22:30 -------- d-----w- c:\programdata\InstallMate
2013-09-19 23:53 . 2013-10-08 20:53 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-19 23:53 . 2013-10-08 20:53 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-19 23:53 . 2013-09-19 23:53 -------- d-----w- c:\windows\system32\Macromed
2013-09-19 01:45 . 2013-09-19 01:46 -------- d-----w- C:\e297a8c5e68337bc3a5ec9
2013-09-18 20:33 . 2013-09-18 20:33 -------- d-----w- c:\program files (x86)\MSECache
2013-09-18 17:42 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-09-18 17:42 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-09-18 17:17 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-09-18 17:17 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-09-18 16:54 . 2013-09-18 16:56 -------- d-----w- c:\windows\system32\MRT
2013-09-18 16:46 . 2013-09-18 16:46 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-18 16:45 . 2013-09-18 16:45 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-09-18 16:29 . 2013-09-18 16:29 -------- d-----w- c:\windows\SysWow64\Wat
2013-09-18 16:29 . 2013-09-18 16:29 -------- d-----w- c:\windows\system32\Wat
2013-09-17 22:00 . 2013-09-17 23:28 -------- d-----w- c:\users\kellylopes\Ferias
2013-09-17 00:35 . 2013-09-17 00:35 -------- d-----w- C:\2bb963b55d1467d07d91893b
2013-09-17 00:33 . 2012-07-26 07:56 2560 ----a-w- c:\windows\system32\drivers\pt-BR\wdf01000.sys.mui
2013-09-17 00:33 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-09-17 00:33 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-09-17 00:33 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-09-17 00:28 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-09-17 00:28 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-09-17 00:28 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-09-17 00:28 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-09-17 00:27 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-09-17 00:27 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-09-17 00:27 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-09-17 00:27 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-09-17 00:27 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-09-17 00:27 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-09-17 00:27 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-09-16 23:26 . 2013-09-16 23:26 -------- d-----w- c:\users\kellylopes\Originals
2013-09-16 22:30 . 2013-09-16 22:30 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-09-16 19:26 . 2013-09-16 19:26 -------- d-----w- c:\users\kellylopes\AppData\Roaming\PhotoFiltre Studio X
2013-09-16 19:25 . 2013-09-16 19:27 -------- d-----w- c:\program files (x86)\PhotoFiltre Studio X
2013-09-16 18:59 . 2013-09-30 00:14 -------- d-----w- c:\windows\system32\appmgmt
2013-09-16 16:55 . 2013-09-16 22:46 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-09-16 16:53 . 2013-09-16 16:53 -------- d-----w- c:\program files (x86)\Adobe InDesign CC
2013-09-16 16:51 . 2013-09-16 16:52 -------- d-----w- c:\program files\Adobe Media Encoder CC
2013-09-16 16:46 . 2013-09-16 16:52 -------- d-----w- c:\program files\Common Files\Adobe
2013-09-16 16:44 . 2013-09-16 16:55 -------- d-----w- c:\program files\Adobe InDesign CC (64 bit)
2013-09-16 15:18 . 2013-09-24 16:30 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-09-16 15:04 . 2013-10-13 11:31 -------- d-----w- c:\users\kellylopes\AppData\Local\Adobe
2013-09-16 01:03 . 2013-09-16 01:03 -------- d-----w- c:\programdata\Baidu Security
2013-09-16 01:00 . 2013-09-16 01:00 -------- d-----w- c:\users\kellylopes\AppData\Roaming\Baidu Security
2013-09-15 22:26 . 2013-09-15 22:26 -------- d-----w- c:\program files\Common Files\Topaz Labs
2013-09-15 22:26 . 2013-09-15 22:26 -------- d-----w- c:\program files (x86)\Common Files\Topaz Labs
2013-09-15 22:14 . 2013-09-15 22:15 -------- d-----w- c:\windows\SysWow64\Macromed
2013-09-15 22:14 . 2013-09-15 22:14 -------- d-----w- c:\program files (x86)\Portable
2013-09-15 22:13 . 2013-10-10 19:44 -------- d-----w- c:\users\kellylopes\AppData\Roaming\Skype
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 17:47 . 2013-09-13 17:47 31136 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2013-08-02 01:48 . 2013-09-15 19:22 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
2013-09-20 23:06 1357120 ----a-w- c:\program files (x86)\SearchMe Toolbar\IE\7.9\searchmeToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B9C767DD-F66A-40B4-8F12-4199A9A4393C}"= "c:\program files (x86)\SearchMe Toolbar\IE\7.9\searchmeToolbarIE.dll" [2013-09-20 1357120]
.
[HKEY_CLASSES_ROOT\clsid\{b9c767dd-f66a-40b4-8f12-4199a9a4393c}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"Facebook Update"="c:\users\kellylopes\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-10-02 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-06-02 98304]
"AdobeCEPServiceManager"="c:\program files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" [2013-03-13 1039248]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-09-20 1365312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files (x86)\Digital Line Detect\DLG.exe [2013-9-15 50688]
TrayMenu.lnk - c:\windows\SysWOW64\C2MP\TrayMenu.exe vlc.ico [2013-2-24 704008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AutoUpdateDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe
R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys;c:\windows\SYSNATIVE\drivers\BprotectEx.sys
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS
R3 PCFApiUtil;PCFApiUtil;c:\program files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys;c:\program files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys
S2 sdnsplus;Simple DNS Plus;c:\program files\Simple DNS Plus\sdnsmain.exe;c:\program files\Simple DNS Plus\sdnsmain.exe
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys
S3 NisSrv;Inspeção de Rede da Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-04 22:41 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2013-10-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19 20:53]
.
2013-10-02 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-10-01 19:12]
.
2013-10-05 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-10-01 19:12]
.
2013-10-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1717304961-1151447295-366776340-1000Core.job
- c:\users\kellylopes\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-02 17:40]
.
2013-10-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1717304961-1151447295-366776340-1000UA.job
- c:\users\kellylopes\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-02 17:40]
.
2013-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15 18:23]
.
2013-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15 18:23]
.
2013-10-13 c:\windows\Tasks\Plus-HD-1.8-chromeinstaller.job
- c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-chromeinstaller.exe [2013-10-13 18:13]
.
2013-10-13 c:\windows\Tasks\Plus-HD-1.8-firefoxinstaller.job
- c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-firefoxinstaller.exe [2013-10-13 18:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 384296]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2000-01-01 1128448]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-17 5470208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-07-18 1356240]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-11 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-11 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-11 417560]
"Simple DNS Plus"="c:\program files\Simple DNS Plus\sdnsgui.exe" [2013-05-15 1122304]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
mStart Page = hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\kellylopes\AppData\Roaming\Mozilla\Firefox\Profiles\itjsi7oj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
FF - ExtSQL: 2013-09-30 14:40; om.brunolm@gmail.com; c:\users\kellylopes\AppData\Roaming\Mozilla\Firefox\Profiles\itjsi7oj.default\extensions\om.brunolm@gmail.com
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Wow6432Node-HKLM-Run- - (no file)
AddRemove-{08A25478-C5DD-4EA7-B168-3D687CA987FF} - c:\program files\InstallShield Installation Information\{08A25478-C5DD-4EA7-B168-3D687CA987FF}\Sims3SP05Setup.exe
AddRemove-{117B6BF6-82C3-420C-B284-9247C8568E53} - c:\program files\InstallShield Installation Information\{117B6BF6-82C3-420C-B284-9247C8568E53}\setup.exe
AddRemove-{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43} - c:\program files\InstallShield Installation Information\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}\Sims3SP07Setup.exe
AddRemove-{71828142-5A24-4BD0-97E7-976DA08CE6CF} - c:\program files\InstallShield Installation Information\{71828142-5A24-4BD0-97E7-976DA08CE6CF}\setup.exe
AddRemove-{7B11296A-F894-449C-8DF6-6AAAA7D4D118} - c:\program files\InstallShield Installation Information\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}\Sims3SP04Setup.exe
AddRemove-{910F4A29-1134-49E0-AD8B-56E4A3152BD1} - c:\program files\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\setup.exe
AddRemove-{9B2506E3-9A3F-45B5-96BF-509CAD584650} - c:\program files\InstallShield Installation Information\{9B2506E3-9A3F-45B5-96BF-509CAD584650}\Sims3SP06Setup.exe
AddRemove-{C05D8CDB-417D-4335-A38C-A0659EDFD6B8} - c:\program files\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe
AddRemove-{DB21639E-FE55-432C-BCA2-0C5249E3F79E} - c:\program files\InstallShield Installation Information\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}\Sims3EP10Setup.exe
AddRemove-{E1868CAE-E3B9-4099-8C18-AA8944D336FD} - c:\program files\InstallShield Installation Information\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}\Sims3SP08Setup.exe
AddRemove-{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC} - c:\program files\InstallShield Installation Information\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}\Sims3EP04Setup.exe
AddRemove-{ED436EA8-4145-4703-AE5D-4D09DD24AF5A} - c:\program files\InstallShield Installation Information\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}\setup.exe
AddRemove-{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36} - c:\program files\InstallShield Installation Information\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}\Sims3EP09Setup.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Tempo para conclusão: 2013-10-13 18:23:28 - Máquina reiniciou
ComboFix-quarantined-files.txt 2013-10-13 21:23
ComboFix2.txt 2013-09-26 16:56
.
Pré-execução: 155.831.910.400 bytes disponíveis
Pós execução: 156.913.037.312 bytes disponíveis
.
- - End Of File - - 58B228B9CA2E397345FDDE91C6BB392A
A36C5E4F47E84449FF07ED3517B43A31

Nenhuma resposta!

Esta postagem foi útil?

Ver todos

Nenhum evento encontrado!

Top