API tools faq
paste
Advertisement
GeanAnjo

Combo Fix 2

GeanAnjo
Mar 23rd, 2012
127
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 25.75 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 12-03-22.01 - Gean 23/03/2012 16:33:16.2.4 - x64
  2. Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.6056.3911 [GMT -3:00]
  3. Executando de: d:\gean\Programas\Combo Fix\ComboFix.exe
  4. AV: Bitdefender Antivirus *Disabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
  5. FW: Bitdefender Firewall *Enabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
  6. SP: Bitdefender Antispyware *Disabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
  7. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  8. .
  9. .
  10. (((((((((((((((( Arquivos/Ficheiros criados de 2012-02-23 to 2012-03-23 ))))))))))))))))))))))))))))
  11. .
  12. .
  13. 2012-03-23 19:40 . 2012-03-23 19:40 -------- d-----w- c:\users\Default\AppData\Local\temp
  14. 2012-03-23 18:29 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{65AC9B8F-4EA8-40E6-B45F-7CD7FE3C2B7B}\mpengine.dll
  15. 2012-03-23 15:00 . 2012-03-23 15:00 -------- d-----w- c:\program files (x86)\Common Files\Java
  16. 2012-03-23 15:00 . 2012-03-23 15:00 -------- d-----w- c:\program files (x86)\Java
  17. 2012-03-23 01:34 . 2012-03-23 01:34 -------- d-----w- c:\users\Gean\AppData\Local\Stardock
  18. 2012-03-23 00:42 . 2012-03-23 15:00 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
  19. 2012-03-23 00:42 . 2012-03-23 15:00 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
  20. 2012-03-23 00:27 . 2012-03-23 14:49 -------- d-----w- C:\preload
  21. 2012-03-22 20:40 . 2012-03-22 22:25 -------- d-----w- c:\users\Gean\AppData\Roaming\GlarySoft
  22. 2012-03-22 20:33 . 2012-03-22 20:33 -------- d-----w- c:\program files (x86)\Glary Utilities
  23. 2012-03-22 14:53 . 2012-03-22 14:53 -------- d-----w- c:\users\Gean\AppData\Roaming\Malwarebytes
  24. 2012-03-22 14:53 . 2012-03-22 14:53 -------- d-----w- c:\programdata\Malwarebytes
  25. 2012-03-22 14:09 . 2012-03-22 14:09 -------- d-----w- c:\users\Gean\AppData\Local\ElevatedDiagnostics
  26. 2012-03-22 12:07 . 2011-04-12 21:18 252712 ----a-w- c:\windows\ETDUninst.dll
  27. 2012-03-22 12:05 . 2012-03-13 04:38 97208 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
  28. 2012-03-21 21:31 . 2010-11-20 13:25 390656 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\winlogon.exe
  29. 2012-03-21 21:31 . 2009-07-14 01:39 80384 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\winver.exe
  30. 2012-03-21 21:31 . 2009-07-14 01:14 79872 ----a-w- c:\programdata\Microsoft\Windows\SXS\32\winver.exe
  31. 2012-03-21 21:31 . 2009-07-14 01:41 65536 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\sppuinotify.dll
  32. 2012-03-21 21:31 . 2010-11-20 13:25 349696 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\slui.exe
  33. 2012-03-21 21:31 . 2009-07-14 01:41 381952 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\sppcommdlg.dll
  34. 2012-03-21 21:31 . 2010-11-20 13:27 419840 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\systemcpl.dll
  35. 2012-03-21 21:30 . 2010-11-20 13:27 1008128 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\user32.dll
  36. 2012-03-21 21:30 . 2009-07-14 01:16 118784 ----a-w- c:\programdata\Microsoft\Windows\SXS\32\sppwmi.dll
  37. 2012-03-21 21:30 . 2010-11-20 12:21 14336 ----a-w- c:\programdata\Microsoft\Windows\SXS\32\slwga.dll
  38. 2012-03-21 21:30 . 2009-07-14 01:41 142336 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\sppwmi.dll
  39. 2012-03-21 21:30 . 2010-11-20 13:27 15360 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\slwga.dll
  40. 2012-03-21 21:30 . 2009-06-10 21:38 113629 ----a-w- c:\programdata\Microsoft\Windows\SXS\32\slmgr.vbs
  41. 2012-03-21 21:30 . 2009-06-10 20:59 113629 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\slmgr.vbs
  42. 2012-03-21 21:29 . 2012-03-21 21:29 2169856 --sha-w- c:\windows\system32\hale.exe
  43. 2012-03-21 06:00 . 2012-03-21 06:00 -------- d-----w- c:\windows\SysWow64\Wat
  44. 2012-03-21 06:00 . 2012-03-21 06:00 -------- d-----w- c:\windows\system32\Wat
  45. 2012-03-20 19:54 . 2012-03-22 12:07 -------- d-----w- c:\windows\system32\appmgmt
  46. 2012-03-20 14:31 . 2012-03-20 14:31 -------- d-----w- c:\program files\Windows Journal
  47. 2012-03-20 14:31 . 2012-03-20 14:31 -------- d-----w- c:\windows\ehome
  48. 2012-03-20 14:31 . 2012-03-20 14:31 -------- d-sh--w- c:\windows\BitLockerDiscoveryVolumeContents
  49. 2012-03-20 14:31 . 2012-03-20 14:31 -------- d-----w- c:\windows\RemotePackages
  50. 2012-03-20 14:30 . 2012-03-23 00:25 -------- d-----r- c:\users\Public\Recorded TV
  51. 2012-03-20 14:30 . 2012-03-20 14:30 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
  52. 2012-03-18 04:05 . 2012-03-13 04:36 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
  53. 2012-03-18 04:05 . 2012-03-13 04:36 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
  54. 2012-03-16 22:38 . 2012-03-20 19:53 -------- d-----w- c:\program files (x86)\CounterStrikev47
  55. 2012-03-15 12:42 . 2012-03-15 12:42 -------- d-----w- c:\users\Gean\AppData\Local\bdch
  56. 2012-03-15 02:22 . 2012-03-15 02:22 -------- d-----w- c:\users\Gean\AppData\Roaming\YoudaGames
  57. 2012-03-15 00:33 . 2012-03-15 00:36 -------- d-----w- c:\program files\Common Files\Adobe
  58. 2012-03-14 23:08 . 2012-03-14 23:50 -------- d-----w- c:\program files (x86)\Counter-Strike
  59. 2012-03-14 14:42 . 2012-03-14 14:42 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
  60. 2012-03-14 14:41 . 2012-03-14 14:41 -------- d-----w- c:\windows\PCHEALTH
  61. 2012-03-14 14:41 . 2012-03-14 14:41 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
  62. 2012-03-14 14:39 . 2012-03-14 14:39 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
  63. 2012-03-14 14:38 . 2012-03-14 14:38 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
  64. 2012-03-14 14:38 . 2012-03-20 14:31 -------- d-----w- c:\windows\SHELLNEW
  65. 2012-03-14 14:38 . 2012-03-14 14:38 -------- d-----r- C:\MSOCache
  66. 2012-03-14 00:58 . 2012-03-14 00:58 -------- d-----w- c:\windows\system32\Macromed
  67. 2012-03-14 00:01 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
  68. 2012-03-14 00:01 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
  69. 2012-03-14 00:01 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
  70. 2012-03-13 23:40 . 2012-03-13 23:40 -------- d-----w- c:\program files (x86)\Utherverse Digital Inc
  71. 2012-03-13 21:37 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
  72. 2012-03-13 21:37 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
  73. 2012-03-13 21:37 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
  74. 2012-03-13 21:33 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
  75. 2012-03-13 21:33 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
  76. 2012-03-13 21:33 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
  77. 2012-03-13 21:33 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
  78. 2012-03-13 21:33 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
  79. 2012-03-13 21:33 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
  80. 2012-03-13 21:33 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
  81. 2012-03-13 21:33 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
  82. 2012-03-11 00:46 . 2012-03-12 22:25 -------- d-----w- c:\users\Gean\AppData\Local\Google
  83. 2012-03-11 00:37 . 2012-03-11 00:39 -------- d-----w- c:\windows\SysWow64\Adobe
  84. 2012-03-07 11:43 . 2012-03-07 14:30 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
  85. 2012-03-07 11:19 . 2012-03-23 15:12 -------- d-----w- c:\program files (x86)\Common Files\Adobe
  86. 2012-03-07 11:18 . 2012-03-15 00:45 -------- d-----w- c:\users\Gean\AppData\Local\Adobe
  87. 2012-03-05 13:33 . 2012-03-05 13:33 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
  88. 2012-03-04 23:55 . 2012-03-08 13:41 -------- d-----w- c:\program files (x86)\VDownloader
  89. 2012-03-04 23:49 . 2012-03-04 23:50 -------- d-----w- C:\Downloads
  90. 2012-03-04 23:49 . 2012-03-04 23:49 -------- d-----w- c:\users\Gean\AppData\Roaming\ProgSense
  91. 2012-03-04 23:48 . 2012-03-04 23:52 -------- d-----w- c:\users\Gean\AppData\Roaming\Orbit
  92. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\en
  93. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\ar
  94. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\es
  95. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\fr
  96. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\th
  97. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\tr
  98. 2012-03-02 15:30 . 2012-03-02 15:30 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\57066c601ccf88901\MeshBetaRemover.exe
  99. 2012-03-01 22:06 . 2012-03-01 22:06 545064 ----a-w- c:\windows\system32\drivers\avckf.sys
  100. 2012-03-01 11:46 . 2012-03-22 14:36 -------- d-----w- c:\users\Gean\AppData\Roaming\Media Player Classic
  101. 2012-03-01 11:34 . 2011-12-21 18:14 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
  102. 2012-03-01 11:34 . 2011-12-18 23:22 4078592 ----a-w- c:\windows\SysWow64\x264vfw.dll
  103. 2012-03-01 11:34 . 2011-12-07 18:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll
  104. 2012-03-01 11:34 . 2011-06-24 15:44 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
  105. 2012-03-01 11:34 . 2011-06-24 15:28 650752 ----a-w- c:\windows\SysWow64\xvidcore.dll
  106. 2012-03-01 11:34 . 2011-03-02 11:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
  107. 2012-03-01 11:34 . 2008-09-24 19:41 839680 ----a-w- c:\windows\SysWow64\lameACM.acm
  108. 2012-03-01 11:34 . 2006-04-02 13:47 630784 ----a-w- c:\windows\SysWow64\vp7vfw.dll
  109. 2012-03-01 11:34 . 2004-05-18 19:16 39936 ----a-w- c:\windows\SysWow64\huffyuv.dll
  110. 2012-03-01 11:34 . 2012-02-15 18:00 79360 ----a-w- c:\windows\SysWow64\ff_vfw.dll
  111. 2012-03-01 11:34 . 2012-03-01 11:34 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
  112. 2012-02-29 21:24 . 2012-03-13 23:56 -------- d-----w- c:\users\Gean\AppData\Roaming\GarenaPlus
  113. 2012-02-29 21:24 . 2012-03-13 23:56 -------- d-----w- c:\programdata\GarenaMessenger
  114. 2012-02-29 21:09 . 2012-02-29 21:09 -------- d-----w- c:\program files (x86)\MSXML 4.0
  115. 2012-02-26 14:27 . 2012-02-26 14:27 -------- d-----w- c:\users\Gean\AppData\Roaming\Windows Live Writer
  116. 2012-02-26 14:27 . 2012-02-26 14:27 -------- d-----w- c:\users\Gean\AppData\Local\Windows Live Writer
  117. 2012-02-25 23:37 . 2012-02-25 23:37 -------- d-----w- c:\users\Gean\AppData\Roaming\FLEXnet
  118. 2012-02-25 22:57 . 2012-02-25 22:57 -------- d-----w- c:\users\Gean\AppData\Roaming\InstallShield
  119. 2012-02-25 22:56 . 2012-03-22 13:49 -------- d-----w- C:\ASUS.DAT
  120. 2012-02-25 22:53 . 2011-03-15 07:32 648808 ----a-w- c:\windows\system32\RtkApi64.dll
  121. 2012-02-25 22:53 . 2011-03-31 08:49 3048552 ----a-w- c:\windows\system32\RtkAPO64.dll
  122. 2012-02-25 22:53 . 2011-03-31 08:49 2392168 ----a-w- c:\windows\system32\RtPgEx64.dll
  123. 2012-02-25 22:53 . 2011-03-02 09:25 1242216 ----a-w- c:\windows\system32\RTCOM64.dll
  124. 2012-02-25 22:52 . 2011-04-06 07:33 2826984 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
  125. 2012-02-25 22:52 . 2011-03-24 08:03 84584 ----a-w- c:\windows\system32\RCoInst64.dll
  126. 2012-02-25 22:52 . 2011-04-06 02:15 952320 ----a-w- c:\windows\system32\RCoRes64.dat
  127. 2012-02-25 22:51 . 2011-02-22 07:52 2075712 ----a-w- c:\windows\system32\FMAPO64.dll
  128. 2012-02-23 12:06 . 2012-02-23 13:09 -------- d-----w- c:\users\Gean\AppData\Roaming\PlayFirst
  129. 2012-02-23 12:06 . 2012-02-23 13:09 -------- d-----w- c:\programdata\PlayFirst
  130. 2012-02-23 11:55 . 2012-02-23 11:55 -------- d-----w- c:\users\Gean\AppData\Local\2DBoy
  131. 2012-02-23 11:55 . 2012-02-23 11:55 -------- d-----w- c:\programdata\2DBoy
  132. 2012-02-22 21:03 . 2012-02-23 11:38 -------- d-----w- c:\programdata\Oberon Media
  133. .
  134. .
  135. .
  136. ((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
  137. .
  138. 2012-03-23 19:25 . 2012-02-06 14:28 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
  139. 2012-03-22 11:49 . 2009-07-13 23:52 65536 ----a-w- c:\windows\system32\sppuinotify.dll
  140. 2012-03-22 11:49 . 2009-07-13 23:51 381952 ----a-w- c:\windows\system32\sppcommdlg.dll
  141. 2012-03-22 11:47 . 2011-02-18 18:24 349696 ----a-w- c:\windows\system32\slui.exe
  142. 2012-03-21 21:31 . 2011-02-18 18:23 419840 ----a-w- c:\windows\system32\systemcpl.dll
  143. 2012-03-21 21:31 . 2011-02-18 18:23 1008128 ----a-w- c:\windows\system32\user32.dll
  144. 2012-03-21 21:30 . 2009-07-13 23:52 142336 ----a-w- c:\windows\system32\sppwmi.dll
  145. 2012-03-21 21:30 . 2011-02-18 18:23 15360 ----a-w- c:\windows\system32\slwga.dll
  146. 2012-03-21 21:29 . 2011-02-18 18:24 389632 ----a-w- c:\windows\system32\winlogon.exe
  147. 2012-03-21 21:29 . 2009-07-13 23:57 2048 ----a-w- c:\windows\system32\winver.exe
  148. 2012-03-21 21:29 . 2009-06-10 20:59 107946 ----a-w- c:\windows\system32\slmgr.vbs
  149. 2012-03-02 15:31 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  150. 2012-03-01 22:04 . 2012-01-18 19:16 690872 ----a-w- c:\windows\system32\drivers\avc3.sys
  151. 2012-02-23 12:18 . 2012-02-18 02:42 279656 ------w- c:\windows\system32\MpSigStub.exe
  152. 2012-02-18 12:53 . 2012-02-18 12:53 1856058 ----a-w- c:\programdata\1329562271.bdinstall.bin
  153. 2012-02-18 10:36 . 2012-02-18 10:36 21594 ----a-w- c:\programdata\1329561378.bdinstall.bin
  154. 2012-02-18 10:34 . 2012-02-18 10:34 21594 ----a-w- c:\programdata\1329561266.bdinstall.bin
  155. 2012-02-18 10:33 . 2012-02-18 10:33 330231 ----a-w- c:\programdata\1329560463.bdinstall.bin
  156. 2012-02-18 10:12 . 2012-02-18 10:12 502 ----a-w- c:\programdata\1329559938.bdinstall.bin
  157. 2012-01-04 10:44 . 2012-02-18 13:37 509952 ----a-w- c:\windows\system32\ntshrui.dll
  158. 2012-01-04 08:58 . 2012-02-18 13:37 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
  159. 2011-12-30 06:26 . 2012-02-18 08:11 515584 ----a-w- c:\windows\system32\timedate.cpl
  160. 2011-12-30 05:27 . 2012-02-18 08:11 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
  161. 2011-12-28 03:59 . 2012-02-18 07:57 498688 ----a-w- c:\windows\system32\drivers\afd.sys
  162. .
  163. .
  164. ------- Sigcheck -------
  165. Note: Unsigned files aren't necessarily malware.
  166. .
  167. [7] 2010-11-20 . 1151B1BAA6F350B1DB6598E0FEA7C457 . 390656 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
  168. [7] 2009-07-14 . 132328DF455B0028F13BF0ABEE51A63A . 389120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
  169. [-] 2012-03-21 . 87A00ED70FEC36D0DD968E5058C29AA1 . 389632 . . [6.1.7601.17514] .. c:\windows\system32\winlogon.exe
  170. .
  171. [7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
  172. [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
  173. [-] 2012-03-21 . D186BABDFAE7C0D93C9F6AE63957EE96 . 1008128 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
  174. .
  175. (((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
  176. .
  177. .
  178. *Nota* entradas vazias e legítimas por padrão não são apresentadas.
  179. REGEDIT4
  180. .
  181. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  182. "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-03-06 741240]
  183. "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
  184. .
  185. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  186. "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
  187. "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
  188. "HP Component Manager"="c:\program files (x86)\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472]
  189. "HP Software Update"="c:\program files (x86)\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
  190. "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
  191. "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
  192. "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
  193. "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
  194. .
  195. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  196. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  197. "ConsentPromptBehaviorUser"= 3 (0x3)
  198. "EnableLUA"= 0 (0x0)
  199. "EnableUIADesktopToggle"= 0 (0x0)
  200. "PromptOnSecureDesktop"= 0 (0x0)
  201. .
  202. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
  203. "mixer4"=wdmaud.drv
  204. .
  205. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  206. Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  207. .
  208. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
  209. "SonicMasterTray"=c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
  210. "SwitchBoard"=c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
  211. "Wireless Console 3"=c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe
  212. "ASUSWebStorage"=c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
  213. "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
  214. .
  215. R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  216. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  217. R2 gupdate;Serviço do Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 136176]
  218. R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
  219. R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x]
  220. R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [x]
  221. R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
  222. R3 gupdatem;Serviço do Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 136176]
  223. R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
  224. R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
  225. R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
  226. R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
  227. R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
  228. R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
  229. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
  230. R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
  231. R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
  232. R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-15 466736]
  233. R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
  234. R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
  235. R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
  236. S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x]
  237. S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
  238. S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-11-14 90192]
  239. S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
  240. S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x]
  241. S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
  242. S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
  243. S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
  244. S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
  245. S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
  246. S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
  247. S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-01-23 62512]
  248. S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x]
  249. S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
  250. S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
  251. S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
  252. S3 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2012-03-01 75384]
  253. S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
  254. S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
  255. .
  256. .
  257. Conteúdo da pasta 'Tarefas Agendadas'
  258. .
  259. 2012-03-23 c:\windows\Tasks\GlaryInitialize.job
  260. - c:\program files (x86)\Glary Utilities\initialize.exe [2012-03-22 02:31]
  261. .
  262. 2012-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  263. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 22:22]
  264. .
  265. 2012-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  266. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 22:22]
  267. .
  268. .
  269. --------- x86-64 -----------
  270. .
  271. .
  272. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
  273. @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
  274. [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
  275. 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
  276. .
  277. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
  278. @="{64174815-8D98-4CE6-8646-4C039977D808}"
  279. [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
  280. 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
  281. .
  282. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
  283. @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
  284. [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
  285. 2012-03-01 22:04 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
  286. .
  287. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
  288. @="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
  289. [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
  290. 2012-03-01 22:04 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
  291. .
  292. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
  293. @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
  294. [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
  295. 2012-03-01 22:04 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
  296. .
  297. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
  298. @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
  299. [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
  300. 2012-03-01 22:04 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
  301. .
  302. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  303. "BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-03-01 1066232]
  304. "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
  305. "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704]
  306. "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
  307. "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
  308. "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
  309. "Chew7Hale"="c:\windows\System32\hale.exe" [2012-03-21 2169856]
  310. "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
  311. .
  312. ------- Scan Suplementar -------
  313. .
  314. uLocal Page = c:\windows\system32\blank.htm
  315. uStart Page = hxxp://home.xwidget.com
  316. mStart Page = about:blank
  317. mLocal Page = c:\windows\SysWOW64\blank.htm
  318. TCP: Interfaces\{BD71480F-25A3-40D6-A6D7-ADCBAA42E431}: NameServer = 200.225.197.34 200.225.197.37
  319. FF - ProfilePath - c:\users\Gean\AppData\Roaming\Mozilla\Firefox\Profiles\eq93kkw5.default\
  320. FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
  321. FF - prefs.js: network.proxy.type - 1
  322. .
  323. - - - - ORFÃOS REMOVIDOS - - - -
  324. .
  325. Toolbar-Locked - (no file)
  326. .
  327. .
  328. .
  329. --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
  330. .
  331. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
  332. @Denied: (A) (Everyone)
  333. "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
  334. .
  335. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
  336. @Denied: (A) (Everyone)
  337. .
  338. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
  339. "Key"="ActionsPane3"
  340. "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
  341. .
  342. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  343. @Denied: (Full) (Everyone)
  344. .
  345. Tempo para conclusão: 2012-03-23 16:42:49
  346. ComboFix-quarantined-files.txt 2012-03-23 19:42
  347. ComboFix2.txt 2012-03-22 22:14
  348. .
  349. Pré-execução: 119.774.670.848 bytes disponíveis
  350. Pós execução: 119.489.523.712 bytes disponíveis
  351. .
  352. - - End Of File - - 664B21F58E54608B2DB97BF0CBAA6410
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!