Combo Fix
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Combo Fix as PDF for free.
More details
- Words: 830
- Pages: 4
ComboFix 08-10-10.09 - Play 2008-10-11 15:15:48.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.686 [GMT -3:00] Executando de: C:\COMBOFIX\ComboFix.exe [COLOR=RED][B]ATEN�AO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERA��O INSTALADA !! [/B][/COLOR] . ((((((((((((((((((((((( Ficheiros criados de 2008-09-11 to 2008-10-11 )))))))))))))))))))))))))))))))) . 2008-10-11 14:25 . 2008-10-11 14:25 268 --ah----C:\sqmdata03.sqm 2008-10-11 14:25 . 2008-10-11 14:25 244 --ah----C:\sqmnoopt03.sqm 2008-10-11 13:47 . 2005-05-26 15:34 2,297,552 --a-----C:\WINDOWS\system32\d3dx9_26.dll 2008-10-11 13:43 . 2008-10-11 13:59 d-------C:\WINDOWS\LastGood 2008-10-11 13:43 . 2008-10-11 13:43 d-------C:\Arquivos de programas\DTools 2008-10-11 13:43 . 2004-08-22 16:31 155,136 --a-----C:\WINDOWS\system32\drivers\d347bus.sys 2008-10-11 13:43 . 2004-08-22 16:31 5,248 --a-----C:\WINDOWS\system32\drivers\d347prt.sys 2008-10-11 13:41 . 2008-10-11 13:41 d-------C:\WINDOWS\Downloaded Installations 2008-10-11 12:31 . 2008-10-11 12:32 d-------C:\Documents and Settings\Play\Contacts 2008-10-11 12:31 . 2008-10-11 12:39 d-------C:\Arquivos de programas\Trymedia 2008-10-11 12:31 . 2008-10-11 12:31 268 --ah----C:\sqmdata02.sqm 2008-10-11 12:31 . 2008-10-11 12:31 244 --ah----C:\sqmnoopt02.sqm 2008-10-11 12:30 . 2008-10-11 12:30 d-------C:\Arquivos de programas\Valusoft 2008-10-11 11:22 . 2008-10-11 11:47 d-------C:\Documents and Settings\All Users\Dados de aplicativos\Trymedia 2008-10-11 10:22 . 2008-10-11 10:23 d-------C:\18 WoS Pedal to the Metal 2008-10-11 10:06 . 2008-10-11 10:06 d-------C:\Arquivos de programas\Rockstar Games 2008-10-11 09:57 . 2008-10-11 09:57 268 --ah----C:\sqmdata01.sqm 2008-10-11 09:57 . 2008-10-11 09:57 244 --ah----C:\sqmnoopt01.sqm 2008-10-11 09:47 . 2008-10-11 09:50 d--h----C:\WINDOWS\$hf_mig$ 2008-10-11 09:47 . 2005-02-25 00:34 22,752 --a-----C:\WINDOWS\system32\spupdsvc.exe 2008-10-10 21:25 . 2008-10-11 13:28 d--h----C:\Arquivos de programas\InstallShield Installation Information 2008-10-10 21:24 . 2008-10-10 21:24 d-------C:\Arquivos de programas\Messenger Plus! Live 2008-10-10 21:24 . 2008-10-10 21:24 d-------C:\Arquivos de programas\Adverts 2008-10-10 21:24 . 2008-10-10 21:24 268 --ah----C:\sqmdata00.sqm 2008-10-10 21:24 . 2008-10-10 21:24 244 --ah----C:\sqmnoopt00.sqm 2008-10-10 21:23 . 2008-10-10 21:23 d----c--C:\WINDOWS\system32\DRVSTORE 2008-10-10 21:23 . 2008-10-10 21:24 d-------C:\Arquivos de programas\MSN Messenger 2008-10-10 21:06 . 2008-10-10 21:06 d-------C:\Arquivos de programas\Arquivos comuns\InstallShield 2008-10-10 21:05 . 2008-10-10 21:05 d-------C:\Arquivos de programas\Google
2008-10-10 21:05 . 2008-10-10 21:05 d-------C:\Arquivos de programas\Arquivos comuns\DirectX 2008-10-10 21:03 . 2008-10-10 21:03 0 --a-----C:\WINDOWS\nsreg.dat 2008-10-10 21:00 . 2008-10-11 11:46 d-------C:\Documents and Settings\Play\Dados de aplicativos\IDM 2008-10-10 21:00 . 2008-10-11 15:17 d-------C:\Documents and Settings\Play\Dados de aplicativos\DMCache 2008-10-10 21:00 . 2008-10-10 21:00 d-------C:\Arquivos de programas\Internet Download Manager 2008-10-10 20:50 . 2008-10-10 20:50 d-------C:\Adobe Rader 2008-10-10 20:47 . 2008-10-10 20:47 d---s---C:\Documents and Settings\Play\UserData 2008-10-10 20:46 . 2003-05-28 18:53 45,056 --a-----C:\WINDOWS\system32\WNASPI32.DLL 2008-10-10 20:46 . 2003-05-28 18:53 17,005 --a-----C:\WINDOWS\system32\drivers\ASPI32.SYS 2008-10-10 20:46 . 2003-05-28 18:53 5,600 --a-----C:\WINDOWS\system\WINASPI.DLL 2008-10-10 20:46 . 2003-05-28 18:53 4,672 --a-----C:\WINDOWS\system\WOWPOST.EXE 2008-10-10 20:33 . 2008-10-10 20:33 d-------C:\Arquivos de programas\SymNetDrv 2008-10-10 20:21 . 2003-06-19 01:31 17,920 --a-----C:\WINDOWS\system32\mdimon.dll 2008-10-10 20:21 . 2008-10-10 20:21 421 --a-----C:\WINDOWS\ODBC.INI 2008-10-10 20:20 . 2008-10-10 20:20 d-------C:\Arquivos de programas\Microsoft.NET 2008-10-10 20:19 . 2008-10-10 20:19 d-------C:\Arquivos de programas\Microsoft Works 2008-10-10 20:18 . 2008-10-10 20:20 d-------C:\WINDOWS\SHELLNEW 2008-10-10 20:08 . 2008-10-10 20:08 d-------C:\WINDOWS\system32\Adobe 2008-10-10 20:08 . 2008-10-10 20:08 d-------C:\WINDOWS\Profiles 2008-10-10 20:08 . 2008-10-10 20:08 d-------C:\Documents and Settings\Play\Dados de aplicativos\InterTrust 2008-10-10 20:08 . 2008-10-10 20:08 d-------C:\Arquivos de programas\Arquivos comuns\Adobe 2008-10-10 20:08 . 1998-11-13 12:18 308,224 --a-----C:\WINDOWS\IsUn0416.exe 2008-10-10 20:00 . 2008-10-10 20:00 d-------C:\Documents and Settings\Play\Dados de aplicativos\Symantec 2008-10-10 20:00 . 2008-10-10 21:45 d-------C:\Arquivos de programas\Norton SystemWorks 2008-10-10 20:00 . 2008-10-10 20:46 d-------C:\Arquivos de programas\Arquivos comuns\Symantec Shared 2008-10-10 20:00 . 2003-09-12 07:08 83,208 --a-----C:\WINDOWS\system32\S32EVNT1.DLL 2008-10-10 20:00 . 2003-09-12 07:08 82,136 --a-----C:\WINDOWS\system32\drivers\SYMEVENT.SYS . ((((((((((((((((((((((((((((((((((((( Relat�rio Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-10 23:46 --------d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Symantec 2008-10-10 23:45 --------d-----w C:\Arquivos de programas\Symantec 2008-10-10 22:28 --------d-----w C:\Arquivos de programas\microsoft frontpage 2008-10-10 22:26 --------d-----w C:\Arquivos de programas\Servi�os on-line 2008-10-10 22:25 --------d-----w C:\Arquivos de programas\Arquivos comuns\Servi�os
2008-09-12 10:44 .
206,256
----a-w
C:\WINDOWS\system32\idmmbc.dll
(((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e leg�timas por defeito n�o s�o mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "IDMan"="C:\Arquivos de programas\Internet Download Manager\IDMan.exe" [2008-09-12 2606512] "swg"="C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-10-10 171448] "MsnMsgr"="C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-24 7323648] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-24 86016] "ccApp"="C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe" [2006-01-11 71312] "Symantec NetDriver Monitor"="C:\ARQUIV~1\SYMNET~1\SNDMon.exe" [2008-10-10 95960] "GhostStartTrayApp"="C:\Arquivos de programas\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe" [2003-06-10 94208] "DAEMON Tools-1033"="C:\Arquivos de programas\D-Tools\daemon.exe" [2004-08-22 81920] "PCTVOICE"="pctspk.exe" [2004-01-29 C:\WINDOWS\system32\pctspk.exe] "nwiz"="nwiz.exe" [2006-07-24 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authorized Applications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe"= "C:\\Arquivos de programas\\MSN Messenger\\livecall.exe"= "D:\\Need for Speed Underground 1\\Speed.exe"= R1 GhPciScan;GhostPciScanner;C:\Arquivos de programas\Norton SystemWorks\Norton Ghost\ghpciscan.sys [2003-05-28 5632] *Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90 . Conte�do da pasta 'Tarefas Agendadas' 2008-10-10 C:\WINDOWS\Tasks\Norton AntiVirus - Verificar o meu computador.job - C:\ARQUIV~1\NORTON~1\NORTON~1\Navw32.exe [2003-12-16 12:05] 2008-10-10 C:\WINDOWS\Tasks\One Button Checkup do Norton SystemWorks.job - C:\Arquivos de programas\Norton SystemWorks\OBC.exe [2003-09-25 15:26] 2008-10-10 C:\WINDOWS\Tasks\Symantec Drmc.job
- C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SymDrmc.exe [2003-09-10 04:48] 2008-10-11 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Arquivos de programas\Symantec\LiveUpdate\NDETECT.EXE [2003-09-09 14:15] . . ------- Scan Suplementar ------. FireFox -: Profile - C:\Documents and Settings\Play\Dados de aplicativos\Mozilla\Firefox\Profiles\xen86bzy.default\ FF -: plugin - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\browser\nppdf32.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-11 15:17:11 Windows 5.1.2600 Service Pack 2 NTFS Procurando processos ocultos ... Procurando entradas auto inicializ�veis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso Ficheiros ocultos: 0 ************************************************************************** . Tempo para conclus�o: 2008-10-11 15:18:19 ComboFix-quarantined-files.txt 2008-10-11 18:18:15 ComboFix2.txt 2008-10-11 18:03:58 Pr�-execu��o: 684.847.104 bytes dispon�veis P�s execu��o: 680,955,904 bytes dispon�veis 135
--- E O F ---
2008-10-11 12:47:30
2008-10-10 21:05 . 2008-10-10 21:05
2008-09-12 10:44 .
206,256
----a-w
C:\WINDOWS\system32\idmmbc.dll
(((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e leg�timas por defeito n�o s�o mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "IDMan"="C:\Arquivos de programas\Internet Download Manager\IDMan.exe" [2008-09-12 2606512] "swg"="C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-10-10 171448] "MsnMsgr"="C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-24 7323648] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-07-24 86016] "ccApp"="C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe" [2006-01-11 71312] "Symantec NetDriver Monitor"="C:\ARQUIV~1\SYMNET~1\SNDMon.exe" [2008-10-10 95960] "GhostStartTrayApp"="C:\Arquivos de programas\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe" [2003-06-10 94208] "DAEMON Tools-1033"="C:\Arquivos de programas\D-Tools\daemon.exe" [2004-08-22 81920] "PCTVOICE"="pctspk.exe" [2004-01-29 C:\WINDOWS\system32\pctspk.exe] "nwiz"="nwiz.exe" [2006-07-24 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Authorized Applications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe"= "C:\\Arquivos de programas\\MSN Messenger\\livecall.exe"= "D:\\Need for Speed Underground 1\\Speed.exe"= R1 GhPciScan;GhostPciScanner;C:\Arquivos de programas\Norton SystemWorks\Norton Ghost\ghpciscan.sys [2003-05-28 5632] *Newly Created Service* - CATCHME *Newly Created Service* - PROCEXP90 . Conte�do da pasta 'Tarefas Agendadas' 2008-10-10 C:\WINDOWS\Tasks\Norton AntiVirus - Verificar o meu computador.job - C:\ARQUIV~1\NORTON~1\NORTON~1\Navw32.exe [2003-12-16 12:05] 2008-10-10 C:\WINDOWS\Tasks\One Button Checkup do Norton SystemWorks.job - C:\Arquivos de programas\Norton SystemWorks\OBC.exe [2003-09-25 15:26] 2008-10-10 C:\WINDOWS\Tasks\Symantec Drmc.job
- C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SymDrmc.exe [2003-09-10 04:48] 2008-10-11 C:\WINDOWS\Tasks\Symantec NetDetect.job - C:\Arquivos de programas\Symantec\LiveUpdate\NDETECT.EXE [2003-09-09 14:15] . . ------- Scan Suplementar ------. FireFox -: Profile - C:\Documents and Settings\Play\Dados de aplicativos\Mozilla\Firefox\Profiles\xen86bzy.default\ FF -: plugin - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\browser\nppdf32.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-11 15:17:11 Windows 5.1.2600 Service Pack 2 NTFS Procurando processos ocultos ... Procurando entradas auto inicializ�veis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso Ficheiros ocultos: 0 ************************************************************************** . Tempo para conclus�o: 2008-10-11 15:18:19 ComboFix-quarantined-files.txt 2008-10-11 18:18:15 ComboFix2.txt 2008-10-11 18:03:58 Pr�-execu��o: 684.847.104 bytes dispon�veis P�s execu��o: 680,955,904 bytes dispon�veis 135
--- E O F ---
2008-10-11 12:47:30
