API tools faq
paste
Advertisement
GeanAnjo

Combo fix

GeanAnjo
Mar 22nd, 2012
96
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 27.08 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 12-03-22.01 - Gean 22/03/2012 18:58:55.1.4 - x64
  2. Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.6056.4070 [GMT -3:00]
  3. Executando de: c:\users\Gean\Downloads\ComboFix.exe
  4. AV: Bitdefender Antivirus *Enabled/Updated* {50909708-FF80-02AF-F814-B28405891E92}
  5. FW: Bitdefender Firewall *Enabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
  6. SP: Bitdefender Antispyware *Enabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
  7. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  8. .
  9. .
  10. ((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
  11. .
  12. .
  13. c:\program files (x86)\sXe Injected
  14. c:\program files (x86)\sXe Injected\sxe injected.exe
  15. c:\program files (x86)\sXe Injected\sXe Injected.txt
  16. c:\program files (x86)\sXe Injected\web.dll
  17. c:\programdata\FullRemove.exe
  18. c:\windows\IsUn0416.exe
  19. .
  20. .
  21. ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
  22. .
  23. .
  24. -------\Legacy_NPF
  25. .
  26. .
  27. (((((((((((((((( Arquivos/Ficheiros criados de 2012-02-22 to 2012-03-22 ))))))))))))))))))))))))))))
  28. .
  29. .
  30. 2012-03-22 22:04 . 2012-03-22 22:04 -------- d-----w- c:\users\Default\AppData\Local\temp
  31. 2012-03-22 20:40 . 2012-03-22 20:40 -------- d-----w- c:\users\Gean\AppData\Roaming\GlarySoft
  32. 2012-03-22 20:33 . 2012-03-22 20:33 -------- d-----w- c:\program files (x86)\Glary Utilities
  33. 2012-03-22 14:53 . 2012-03-22 14:53 -------- d-----w- c:\users\Gean\AppData\Roaming\Malwarebytes
  34. 2012-03-22 14:53 . 2012-03-22 14:53 -------- d-----w- c:\programdata\Malwarebytes
  35. 2012-03-22 14:53 . 2012-03-22 14:53 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
  36. 2012-03-22 14:53 . 2011-12-10 18:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
  37. 2012-03-22 14:09 . 2012-03-22 14:09 -------- d-----w- c:\users\Gean\AppData\Local\ElevatedDiagnostics
  38. 2012-03-22 12:07 . 2011-04-12 21:18 252712 ----a-w- c:\windows\ETDUninst.dll
  39. 2012-03-22 12:05 . 2012-03-13 04:38 97208 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
  40. 2012-03-21 21:31 . 2010-11-20 13:25 390656 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\winlogon.exe
  41. 2012-03-21 21:31 . 2009-07-14 01:39 80384 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\winver.exe
  42. 2012-03-21 21:31 . 2009-07-14 01:14 79872 ----a-w- c:\programdata\Microsoft\Windows\SXS\32\winver.exe
  43. 2012-03-21 21:31 . 2009-07-14 01:41 65536 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\sppuinotify.dll
  44. 2012-03-21 21:31 . 2010-11-20 13:25 349696 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\slui.exe
  45. 2012-03-21 21:31 . 2009-07-14 01:41 381952 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\sppcommdlg.dll
  46. 2012-03-21 21:31 . 2010-11-20 13:27 419840 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\systemcpl.dll
  47. 2012-03-21 21:30 . 2010-11-20 13:27 1008128 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\user32.dll
  48. 2012-03-21 21:30 . 2009-07-14 01:16 118784 ----a-w- c:\programdata\Microsoft\Windows\SXS\32\sppwmi.dll
  49. 2012-03-21 21:30 . 2010-11-20 12:21 14336 ----a-w- c:\programdata\Microsoft\Windows\SXS\32\slwga.dll
  50. 2012-03-21 21:30 . 2009-07-14 01:41 142336 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\sppwmi.dll
  51. 2012-03-21 21:30 . 2010-11-20 13:27 15360 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\slwga.dll
  52. 2012-03-21 21:30 . 2009-06-10 21:38 113629 ----a-w- c:\programdata\Microsoft\Windows\SXS\32\slmgr.vbs
  53. 2012-03-21 21:30 . 2009-06-10 20:59 113629 ----a-w- c:\programdata\Microsoft\Windows\SXS\64\slmgr.vbs
  54. 2012-03-21 21:29 . 2012-03-21 21:29 2169856 --sha-w- c:\windows\system32\hale.exe
  55. 2012-03-21 06:00 . 2012-03-21 06:00 -------- d-----w- c:\windows\SysWow64\Wat
  56. 2012-03-21 06:00 . 2012-03-21 06:00 -------- d-----w- c:\windows\system32\Wat
  57. 2012-03-20 19:54 . 2012-03-22 12:07 -------- d-----w- c:\windows\system32\appmgmt
  58. 2012-03-20 14:31 . 2012-03-20 14:31 -------- d-----w- c:\program files\Windows Journal
  59. 2012-03-20 14:31 . 2012-03-20 14:31 -------- d-----w- c:\windows\ehome
  60. 2012-03-20 14:31 . 2012-03-20 14:31 -------- d-sh--w- c:\windows\BitLockerDiscoveryVolumeContents
  61. 2012-03-20 14:31 . 2012-03-20 14:31 -------- d-----w- c:\windows\RemotePackages
  62. 2012-03-20 14:30 . 2012-03-20 14:30 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
  63. 2012-03-20 14:30 . 2012-03-20 14:30 -------- d-----r- c:\users\Public\Recorded TV
  64. 2012-03-20 06:52 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{314CFA1E-6F07-4F4E-9E33-CF733BA23DE9}\mpengine.dll
  65. 2012-03-20 02:48 . 2012-03-20 02:48 -------- d-----w- c:\program files (x86)\Ccleaner Business Edition x64 x86 Tom_Da_Man
  66. 2012-03-18 04:05 . 2012-03-13 04:36 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
  67. 2012-03-18 04:05 . 2012-03-13 04:36 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
  68. 2012-03-16 22:38 . 2012-03-20 19:53 -------- d-----w- c:\program files (x86)\CounterStrikev47
  69. 2012-03-15 12:42 . 2012-03-15 12:42 -------- d-----w- c:\users\Gean\AppData\Local\bdch
  70. 2012-03-15 02:22 . 2012-03-15 02:22 -------- d-----w- c:\users\Gean\AppData\Roaming\YoudaGames
  71. 2012-03-15 00:33 . 2012-03-15 00:36 -------- d-----w- c:\program files\Common Files\Adobe
  72. 2012-03-14 23:08 . 2012-03-14 23:50 -------- d-----w- c:\program files (x86)\Counter-Strike
  73. 2012-03-14 14:42 . 2012-03-14 14:42 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
  74. 2012-03-14 14:41 . 2012-03-14 14:41 -------- d-----w- c:\windows\PCHEALTH
  75. 2012-03-14 14:41 . 2012-03-14 14:41 -------- d-----w- c:\program files (x86)\Microsoft Sync Framework
  76. 2012-03-14 14:39 . 2012-03-14 14:39 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
  77. 2012-03-14 14:38 . 2012-03-14 14:38 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
  78. 2012-03-14 14:38 . 2012-03-20 14:31 -------- d-----w- c:\windows\SHELLNEW
  79. 2012-03-14 14:38 . 2012-03-14 14:38 -------- d-----r- C:\MSOCache
  80. 2012-03-14 00:58 . 2012-03-14 00:58 -------- d-----w- c:\windows\system32\Macromed
  81. 2012-03-14 00:01 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
  82. 2012-03-14 00:01 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
  83. 2012-03-14 00:01 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
  84. 2012-03-13 23:40 . 2012-03-13 23:40 -------- d-----w- c:\program files (x86)\Utherverse Digital Inc
  85. 2012-03-13 21:37 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
  86. 2012-03-13 21:37 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
  87. 2012-03-13 21:37 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
  88. 2012-03-13 21:33 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
  89. 2012-03-13 21:33 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
  90. 2012-03-13 21:33 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
  91. 2012-03-13 21:33 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
  92. 2012-03-13 21:33 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
  93. 2012-03-13 21:33 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
  94. 2012-03-13 21:33 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
  95. 2012-03-13 21:33 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
  96. 2012-03-11 00:46 . 2012-03-12 22:25 -------- d-----w- c:\users\Gean\AppData\Local\Google
  97. 2012-03-11 00:37 . 2012-03-11 00:39 -------- d-----w- c:\windows\SysWow64\Adobe
  98. 2012-03-07 11:43 . 2012-03-07 14:30 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
  99. 2012-03-07 11:19 . 2012-03-22 12:05 -------- d-----w- c:\program files (x86)\Common Files\Adobe
  100. 2012-03-07 11:18 . 2012-03-15 00:45 -------- d-----w- c:\users\Gean\AppData\Local\Adobe
  101. 2012-03-05 13:33 . 2012-03-05 13:33 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
  102. 2012-03-04 23:55 . 2012-03-08 13:41 -------- d-----w- c:\program files (x86)\VDownloader
  103. 2012-03-04 23:49 . 2012-03-04 23:50 -------- d-----w- C:\Downloads
  104. 2012-03-04 23:49 . 2012-03-04 23:49 -------- d-----w- c:\users\Gean\AppData\Roaming\ProgSense
  105. 2012-03-04 23:48 . 2012-03-04 23:52 -------- d-----w- c:\users\Gean\AppData\Roaming\Orbit
  106. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\en
  107. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\ar
  108. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\es
  109. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\fr
  110. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\th
  111. 2012-03-02 15:34 . 2012-03-02 15:34 -------- d-----w- c:\windows\tr
  112. 2012-03-02 15:30 . 2012-03-02 15:30 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\57066c601ccf88901\MeshBetaRemover.exe
  113. 2012-03-01 22:06 . 2012-03-01 22:06 545064 ----a-w- c:\windows\system32\drivers\avckf.sys
  114. 2012-03-01 11:46 . 2012-03-22 14:36 -------- d-----w- c:\users\Gean\AppData\Roaming\Media Player Classic
  115. 2012-03-01 11:34 . 2011-12-21 18:14 151552 ----a-w- c:\windows\SysWow64\ac3acm.acm
  116. 2012-03-01 11:34 . 2011-12-18 23:22 4078592 ----a-w- c:\windows\SysWow64\x264vfw.dll
  117. 2012-03-01 11:34 . 2011-12-07 18:32 216064 ----a-w- c:\windows\SysWow64\lagarith.dll
  118. 2012-03-01 11:34 . 2011-06-24 15:44 243200 ----a-w- c:\windows\SysWow64\xvidvfw.dll
  119. 2012-03-01 11:34 . 2011-06-24 15:28 650752 ----a-w- c:\windows\SysWow64\xvidcore.dll
  120. 2012-03-01 11:34 . 2011-03-02 11:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
  121. 2012-03-01 11:34 . 2008-09-24 19:41 839680 ----a-w- c:\windows\SysWow64\lameACM.acm
  122. 2012-03-01 11:34 . 2006-04-02 13:47 630784 ----a-w- c:\windows\SysWow64\vp7vfw.dll
  123. 2012-03-01 11:34 . 2004-05-18 19:16 39936 ----a-w- c:\windows\SysWow64\huffyuv.dll
  124. 2012-03-01 11:34 . 2012-02-15 18:00 79360 ----a-w- c:\windows\SysWow64\ff_vfw.dll
  125. 2012-03-01 11:34 . 2012-03-01 11:34 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
  126. 2012-02-29 21:24 . 2012-03-13 23:56 -------- d-----w- c:\users\Gean\AppData\Roaming\GarenaPlus
  127. 2012-02-29 21:24 . 2012-03-13 23:56 -------- d-----w- c:\programdata\GarenaMessenger
  128. 2012-02-29 21:09 . 2012-02-29 21:09 -------- d-----w- c:\program files (x86)\MSXML 4.0
  129. 2012-02-26 14:27 . 2012-02-26 14:27 -------- d-----w- c:\users\Gean\AppData\Roaming\Windows Live Writer
  130. 2012-02-26 14:27 . 2012-02-26 14:27 -------- d-----w- c:\users\Gean\AppData\Local\Windows Live Writer
  131. 2012-02-25 23:37 . 2012-02-25 23:37 -------- d-----w- c:\users\Gean\AppData\Roaming\FLEXnet
  132. 2012-02-25 22:57 . 2012-02-25 22:57 -------- d-----w- c:\users\Gean\AppData\Roaming\InstallShield
  133. 2012-02-25 22:56 . 2012-03-22 13:49 -------- d-----w- C:\ASUS.DAT
  134. 2012-02-25 22:53 . 2011-03-15 07:32 648808 ----a-w- c:\windows\system32\RtkApi64.dll
  135. 2012-02-25 22:53 . 2011-03-31 08:49 3048552 ----a-w- c:\windows\system32\RtkAPO64.dll
  136. 2012-02-25 22:53 . 2011-03-31 08:49 2392168 ----a-w- c:\windows\system32\RtPgEx64.dll
  137. 2012-02-25 22:53 . 2011-03-02 09:25 1242216 ----a-w- c:\windows\system32\RTCOM64.dll
  138. 2012-02-25 22:52 . 2011-04-06 07:33 2826984 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
  139. 2012-02-25 22:52 . 2011-03-24 08:03 84584 ----a-w- c:\windows\system32\RCoInst64.dll
  140. 2012-02-25 22:52 . 2011-04-06 02:15 952320 ----a-w- c:\windows\system32\RCoRes64.dat
  141. 2012-02-25 22:51 . 2011-02-22 07:52 2075712 ----a-w- c:\windows\system32\FMAPO64.dll
  142. 2012-02-23 12:06 . 2012-02-23 13:09 -------- d-----w- c:\users\Gean\AppData\Roaming\PlayFirst
  143. 2012-02-23 12:06 . 2012-02-23 13:09 -------- d-----w- c:\programdata\PlayFirst
  144. 2012-02-23 11:55 . 2012-02-23 11:55 -------- d-----w- c:\users\Gean\AppData\Local\2DBoy
  145. 2012-02-23 11:55 . 2012-02-23 11:55 -------- d-----w- c:\programdata\2DBoy
  146. 2012-02-22 21:03 . 2012-02-23 11:38 -------- d-----w- c:\programdata\Oberon Media
  147. 2012-02-22 14:21 . 2003-09-24 11:44 82432 ----a-r- c:\windows\SysWow64\MSXML4r.dll
  148. 2012-02-22 14:21 . 2003-09-24 11:44 44544 ----a-r- c:\windows\SysWow64\MSXML4a.dll
  149. 2012-02-22 14:21 . 2003-09-24 11:43 626960 ----a-r- c:\windows\SysWow64\hpvaut32.dll
  150. 2012-02-22 14:21 . 2003-09-24 11:43 487424 ----a-r- c:\windows\SysWow64\hpvcp70.dll
  151. .
  152. .
  153. .
  154. ((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
  155. .
  156. 2012-03-22 22:06 . 2012-02-06 14:28 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
  157. 2012-03-22 11:49 . 2009-07-13 23:52 65536 ----a-w- c:\windows\system32\sppuinotify.dll
  158. 2012-03-22 11:49 . 2009-07-13 23:51 381952 ----a-w- c:\windows\system32\sppcommdlg.dll
  159. 2012-03-22 11:47 . 2011-02-18 18:24 349696 ----a-w- c:\windows\system32\slui.exe
  160. 2012-03-21 21:31 . 2011-02-18 18:23 419840 ----a-w- c:\windows\system32\systemcpl.dll
  161. 2012-03-21 21:31 . 2011-02-18 18:23 1008128 ----a-w- c:\windows\system32\user32.dll
  162. 2012-03-21 21:30 . 2009-07-13 23:52 142336 ----a-w- c:\windows\system32\sppwmi.dll
  163. 2012-03-21 21:30 . 2011-02-18 18:23 15360 ----a-w- c:\windows\system32\slwga.dll
  164. 2012-03-21 21:29 . 2011-02-18 18:24 389632 ----a-w- c:\windows\system32\winlogon.exe
  165. 2012-03-21 21:29 . 2009-07-13 23:57 2048 ----a-w- c:\windows\system32\winver.exe
  166. 2012-03-21 21:29 . 2009-06-10 20:59 107946 ----a-w- c:\windows\system32\slmgr.vbs
  167. 2012-03-02 15:31 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
  168. 2012-03-01 22:04 . 2012-01-18 19:16 690872 ----a-w- c:\windows\system32\drivers\avc3.sys
  169. 2012-02-23 12:18 . 2012-02-18 02:42 279656 ------w- c:\windows\system32\MpSigStub.exe
  170. 2012-02-18 12:53 . 2012-02-18 12:53 1856058 ----a-w- c:\programdata\1329562271.bdinstall.bin
  171. 2012-02-18 10:36 . 2012-02-18 10:36 21594 ----a-w- c:\programdata\1329561378.bdinstall.bin
  172. 2012-02-18 10:34 . 2012-02-18 10:34 21594 ----a-w- c:\programdata\1329561266.bdinstall.bin
  173. 2012-02-18 10:33 . 2012-02-18 10:33 330231 ----a-w- c:\programdata\1329560463.bdinstall.bin
  174. 2012-02-18 10:12 . 2012-02-18 10:12 502 ----a-w- c:\programdata\1329559938.bdinstall.bin
  175. 2012-01-04 10:44 . 2012-02-18 13:37 509952 ----a-w- c:\windows\system32\ntshrui.dll
  176. 2012-01-04 08:58 . 2012-02-18 13:37 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
  177. 2011-12-30 06:26 . 2012-02-18 08:11 515584 ----a-w- c:\windows\system32\timedate.cpl
  178. 2011-12-30 05:27 . 2012-02-18 08:11 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
  179. 2011-12-28 03:59 . 2012-02-18 07:57 498688 ----a-w- c:\windows\system32\drivers\afd.sys
  180. .
  181. .
  182. ------- Sigcheck -------
  183. Note: Unsigned files aren't necessarily malware.
  184. .
  185. [7] 2010-11-20 . 1151B1BAA6F350B1DB6598E0FEA7C457 . 390656 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
  186. [7] 2009-07-14 . 132328DF455B0028F13BF0ABEE51A63A . 389120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
  187. [-] 2012-03-21 . 87A00ED70FEC36D0DD968E5058C29AA1 . 389632 . . [6.1.7601.17514] .. c:\windows\system32\winlogon.exe
  188. .
  189. [7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
  190. [7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
  191. [-] 2012-03-21 . D186BABDFAE7C0D93C9F6AE63957EE96 . 1008128 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
  192. .
  193. (((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
  194. .
  195. .
  196. *Nota* entradas vazias e legítimas por padrão não são apresentadas.
  197. REGEDIT4
  198. .
  199. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  200. "Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
  201. "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
  202. "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-03-06 741240]
  203. .
  204. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  205. "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-13 2317312]
  206. "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
  207. "SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
  208. "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
  209. "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
  210. "ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
  211. "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
  212. "HP Component Manager"="c:\program files (x86)\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472]
  213. "HP Software Update"="c:\program files (x86)\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
  214. "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
  215. "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
  216. .
  217. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  218. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  219. "ConsentPromptBehaviorUser"= 3 (0x3)
  220. "EnableLUA"= 0 (0x0)
  221. "EnableUIADesktopToggle"= 0 (0x0)
  222. "PromptOnSecureDesktop"= 0 (0x0)
  223. .
  224. [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
  225. "mixer4"=wdmaud.drv
  226. .
  227. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  228. Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  229. .
  230. R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  231. R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  232. R2 gupdate;Serviço do Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 136176]
  233. R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
  234. R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x]
  235. R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [x]
  236. R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
  237. R3 gupdatem;Serviço do Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 136176]
  238. R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
  239. R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
  240. R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
  241. R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
  242. R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
  243. R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
  244. R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
  245. R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
  246. R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
  247. R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-15 466736]
  248. R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
  249. R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
  250. R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
  251. S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x]
  252. S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
  253. S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2011-11-14 90192]
  254. S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504]
  255. S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x]
  256. S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
  257. S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
  258. S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
  259. S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
  260. S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
  261. S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
  262. S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-01-23 62512]
  263. S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x]
  264. S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
  265. S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
  266. S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
  267. S3 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2012-03-01 75384]
  268. S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
  269. .
  270. .
  271. --- =Outros Serviços/Drivers Na Memória ---
  272. .
  273. *NewlyCreated* - WS2IFSL
  274. .
  275. Conteúdo da pasta 'Tarefas Agendadas'
  276. .
  277. 2012-03-22 c:\windows\Tasks\GlaryInitialize.job
  278. - c:\program files (x86)\Glary Utilities\initialize.exe [2012-03-22 02:31]
  279. .
  280. 2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  281. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 22:22]
  282. .
  283. 2012-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  284. - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-12 22:22]
  285. .
  286. .
  287. --------- x86-64 -----------
  288. .
  289. .
  290. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
  291. @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
  292. [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
  293. 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
  294. .
  295. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
  296. @="{64174815-8D98-4CE6-8646-4C039977D808}"
  297. [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
  298. 2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
  299. .
  300. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
  301. @="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
  302. [HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
  303. 2012-03-01 22:04 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
  304. .
  305. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
  306. @="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
  307. [HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
  308. 2012-03-01 22:04 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
  309. .
  310. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
  311. @="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
  312. [HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
  313. 2012-03-01 22:04 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
  314. .
  315. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
  316. @="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
  317. [HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
  318. 2012-03-01 22:04 266952 ----a-w- c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
  319. .
  320. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  321. "BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-03-01 1066232]
  322. "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
  323. "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
  324. "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-31 167704]
  325. "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-31 392472]
  326. "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
  327. "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
  328. "Chew7Hale"="c:\windows\System32\hale.exe" [2012-03-21 2169856]
  329. "combofix"="c:\combofix\CF2000.3XE" [2010-11-20 345088]
  330. .
  331. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  332. "LoadAppInit_DLLs"=0x0
  333. .
  334. ------- Scan Suplementar -------
  335. .
  336. uLocal Page = c:\windows\system32\blank.htm
  337. uStart Page = about:blank
  338. mStart Page = about:blank
  339. mLocal Page = c:\windows\SysWOW64\blank.htm
  340. TCP: Interfaces\{BD71480F-25A3-40D6-A6D7-ADCBAA42E431}: NameServer = 200.225.197.34 200.225.197.37
  341. FF - ProfilePath - c:\users\Gean\AppData\Roaming\Mozilla\Firefox\Profiles\eq93kkw5.default\
  342. FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
  343. FF - prefs.js: network.proxy.type - 1
  344. .
  345. - - - - ORFÃOS REMOVIDOS - - - -
  346. .
  347. Toolbar-Locked - (no file)
  348. Toolbar-Locked - (no file)
  349. .
  350. .
  351. .
  352. --------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
  353. .
  354. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
  355. @Denied: (A) (Everyone)
  356. "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
  357. .
  358. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
  359. @Denied: (A) (Everyone)
  360. .
  361. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
  362. "Key"="ActionsPane3"
  363. "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
  364. .
  365. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  366. @Denied: (Full) (Everyone)
  367. .
  368. ------------------------ Outros Processos em Execução ------------------------
  369. .
  370. c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
  371. c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
  372. c:\program files (x86)\ASUS\Splendid\ACMON.exe
  373. c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
  374. c:\windows\SysWOW64\ACEngSvr.exe
  375. c:\windows\AsScrPro.exe
  376. c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
  377. c:\program files (x86)\syncables\syncables desktop\syncablesMAPI.exe
  378. c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  379. c:\users\Gean\AppData\Local\Temp\F42D.tmp\bump.exe
  380. .
  381. **************************************************************************
  382. .
  383. Tempo para conclusão: 2012-03-22 19:14:15 - Máquina reiniciou
  384. ComboFix-quarantined-files.txt 2012-03-22 22:14
  385. .
  386. Pré-execução: 129.770.049.536 bytes disponíveis
  387. Pós execução: 128.910.901.248 bytes disponíveis
  388. .
  389. - - End Of File - - 98C497427E066623E6A2D12DF3860D0F
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!