Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

log netbook combofix


  • This topic is locked This topic is locked
1 reply to this topic

#1 senaggs

senaggs

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:43 PM

Posted 06 October 2009 - 08:43 PM

gostaria de saber o que pode ter de errado no meu netbook. Segue o log do combofix

ComboFix 09-10-06.03 - sena 06/10/2009 22:02.1.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.55.1033.18.1790.929 [GMT -3:00]
Executando de: c:\users\sena\Downloads\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1721946810-225078541-1212839915-500
c:\$recycle.bin\S-1-5-21-2368773758-2294481403-2321917780-500
c:\windows\wpd99.drv

.
(((((((((((((((( Arquivos/Ficheiros criados de 2009-09-07 to 2009-10-07 ))))))))))))))))))))))))))))
.

2009-10-07 01:16 . 2009-10-07 01:16 -------- d-----w- c:\users\sena\AppData\Local\temp
2009-10-06 23:49 . 2009-10-06 23:49 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-10-06 23:49 . 2009-10-06 23:49 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-06 23:49 . 2009-10-06 23:49 -------- d-----w- c:\users\sena\AppData\Roaming\SUPERAntiSpyware.com
2009-10-06 23:48 . 2009-10-06 23:48 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-05 19:56 . 2009-10-05 20:01 -------- d-----w- c:\users\visitante
2009-10-05 17:13 . 2009-10-01 13:29 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-10-03 01:51 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-03 01:51 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-03 01:51 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-03 01:51 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-03 01:51 . 2009-08-06 22:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-10-03 01:51 . 2009-08-06 21:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-10-03 00:11 . 2009-10-05 13:17 -------- d-----w- c:\users\sena\AppData\Roaming\U3
2009-10-02 01:53 . 2009-10-02 01:53 -------- d-----w- C:\openproj-1.4
2009-10-01 14:58 . 2009-10-05 13:17 -------- d-----w- c:\program files\Common Files\xing shared
2009-10-01 14:57 . 2009-10-01 14:57 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-10-01 14:57 . 2009-10-05 13:17 -------- d-----w- c:\program files\Real
2009-10-01 14:57 . 2009-10-05 13:17 -------- d-----w- c:\program files\Common Files\Real
2009-10-01 14:03 . 2009-10-05 22:51 -------- d-----w- C:\$AVG8.VAULT$
2009-09-29 22:56 . 2009-09-29 22:57 -------- d-----w- c:\users\sena\AppData\Roaming\Media Player Classic
2009-09-29 22:51 . 2009-10-01 14:03 -------- d-----w- c:\program files\MPC HomeCinema
2009-09-29 19:32 . 2009-10-01 16:40 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-09-29 19:32 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-09-28 23:39 . 2009-09-28 23:39 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-09-28 23:39 . 2009-09-28 23:39 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-09-28 23:39 . 2009-09-28 23:39 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-09-28 23:39 . 2009-09-28 23:39 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-09-28 23:39 . 2009-10-05 13:18 -------- d-----w- c:\windows\system32\drivers\Avg
2009-09-28 23:39 . 2009-10-05 13:17 -------- d-----w- c:\programdata\AVG Security Toolbar
2009-09-28 23:38 . 2009-09-28 23:38 -------- d-----w- c:\program files\AVG
2009-09-28 23:38 . 2009-10-05 13:17 -------- d-----w- c:\programdata\avg8
2009-09-27 17:16 . 2009-10-05 13:17 -------- d-----w- c:\program files\CinePlay
2009-09-26 01:20 . 2009-09-26 01:20 -------- d-----w- c:\windows\Sun
2009-09-25 15:23 . 2009-09-25 15:23 -------- d-----w- c:\users\sena\AppData\Roaming\Ludia
2009-09-25 15:23 . 2009-09-25 15:23 -------- d-----w- c:\programdata\Ludia
2009-09-23 11:53 . 2009-09-23 11:53 -------- d-----w- c:\programdata\WindowsSearch
2009-09-22 01:41 . 2009-09-22 01:40 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-22 01:40 . 2009-09-22 01:40 -------- d-----w- c:\program files\Java
2009-09-21 01:07 . 2009-09-21 01:08 -------- d-----w- c:\program files\PhotoFiltre
2009-09-20 14:45 . 2009-10-05 13:17 -------- d-----w- c:\programdata\Hewlett-Packard
2009-09-20 14:43 . 2007-10-20 21:25 117760 ----a-w- c:\windows\system32\hpzll5mu.dll
2009-09-20 14:42 . 2009-10-05 13:17 -------- d-----w- c:\program files\HP
2009-09-20 14:41 . 2009-09-20 14:46 164235 ----a-w- c:\windows\hphins26.dat
2009-09-20 14:41 . 2008-01-19 08:52 787 ------w- c:\windows\hphmdl26.dat
2009-09-20 14:41 . 2009-09-20 14:41 -------- d-----w- c:\programdata\HP
2009-09-20 14:41 . 2007-11-09 06:59 271704 ----a-w- c:\windows\system32\hpzids01.dll
2009-09-17 04:47 . 2001-10-19 06:51 46592 ----a-w- c:\windows\system32\cmext.dll
2009-09-17 04:47 . 2000-07-15 09:00 101888 ----a-w- c:\windows\system32\Vb6stkit.dll
2009-09-17 04:47 . 2009-10-05 13:17 -------- d-----w- c:\program files\Adolix
2009-09-15 03:50 . 2009-09-15 03:51 -------- d-----w- C:\filmes
2009-09-13 07:12 . 2009-10-05 19:51 680 ----a-w- c:\users\sena\AppData\Local\d3d9caps.dat
2009-09-13 01:12 . 2009-10-05 13:17 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-09-12 21:51 . 2009-10-05 13:17 -------- d-----w- C:\pen drive ecemar
2009-09-12 18:15 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-09-12 18:15 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-12 18:15 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-09-12 18:15 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-09-12 18:15 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-09-12 18:15 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-09-12 18:15 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-09-12 18:02 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-09-12 18:02 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-09-12 18:02 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-09-12 18:01 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-09-12 18:01 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2009-09-11 15:17 . 2009-09-11 15:17 -------- d-----w- c:\programdata\Symantec
2009-09-09 03:52 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-09 03:52 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-09 03:52 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-09 03:52 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-09 03:52 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-09 03:52 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-09 03:52 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-09 03:52 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-09 03:52 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-09 03:52 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-08 20:52 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-09-08 06:47 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-08 06:47 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-08 06:47 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-08 06:47 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-08 06:47 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-06 01:57 . 2009-08-27 20:08 -------- d-----w- c:\users\sena\AppData\Roaming\Skype
2009-10-06 01:52 . 2009-09-04 00:02 -------- d-----w- c:\programdata\pdf995
2009-10-05 22:06 . 2009-08-27 07:09 -------- d-----w- c:\users\sena\AppData\Roaming\skypePM
2009-10-05 13:18 . 2009-09-03 04:22 -------- d-----w- c:\program files\My Lockbox
2009-10-05 13:18 . 2009-07-28 12:28 -------- d-----w- c:\program files\Video Web Camera
2009-10-05 13:18 . 2009-07-28 12:24 -------- d-----w- c:\program files\Launch Manager
2009-10-05 13:18 . 2009-08-30 23:44 -------- d-----w- c:\program files\Flock
2009-09-12 20:55 . 2009-05-08 22:09 -------- d-----w- c:\programdata\Norton
2009-09-04 00:16 . 2009-09-04 00:16 -------- d-----w- c:\users\sena\AppData\Roaming\pdf995
2009-09-04 00:02 . 2009-09-04 00:02 249856 ----a-w- c:\windows\system32\pdfmona.dll
2009-09-04 00:02 . 2009-09-04 00:02 51716 ----a-w- c:\windows\system32\pdf995mon.dll
2009-09-03 03:46 . 2009-08-25 17:14 73520 ----a-w- c:\users\sena\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-03 00:36 . 2009-05-08 21:40 -------- d-----w- c:\programdata\Microsoft Help
2009-08-30 23:44 . 2009-08-30 23:44 0 ----a-w- c:\windows\nsreg.dat
2009-08-30 23:44 . 2009-08-30 23:44 -------- d-----w- c:\users\sena\AppData\Roaming\Flock
2009-08-28 12:39 . 2009-09-03 00:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 10:15 . 2009-09-03 00:38 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-28 07:36 . 2009-08-28 07:36 -------- d-----w- c:\users\sena\AppData\Roaming\Oi
2009-08-27 20:05 . 2009-08-27 20:05 -------- d-----w- c:\program files\Common Files\Skype
2009-08-27 15:35 . 2009-08-27 15:35 -------- d-----w- c:\users\sena\AppData\Roaming\BrOffice.org
2009-08-27 07:09 . 2009-08-27 07:09 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-08-26 09:11 . 2009-08-26 09:11 -------- d-----w- c:\users\sena\AppData\Roaming\WildTangent
2009-08-25 17:17 . 2009-08-25 17:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-08-25 17:14 . 2009-08-25 17:14 -------- d-----w- c:\users\sena\AppData\Roaming\ATI
2009-08-25 17:13 . 2009-08-25 17:13 -------- d-----w- c:\program files\eBay
2009-07-28 12:15 . 2009-05-08 21:37 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-07-18 16:06 . 2009-09-02 23:49 827904 ----a-w- c:\windows\system32\wininet.dll
2009-07-18 16:01 . 2009-09-02 23:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 09:46 . 2009-09-02 23:49 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 14:35 . 2009-09-03 00:22 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-14 13:00 . 2009-09-02 23:47 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-14 12:59 . 2009-09-02 23:47 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-14 12:58 . 2009-09-02 23:47 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-14 10:59 . 2009-09-02 23:47 8147456 ----a-w- c:\windows\system32\wmploc.DLL
.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 19:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-07-24 12:55 1090816 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-07-24 1090816]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-09-15 1998576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Acer ePower Management"="c:\program files\Gateway\Gateway Power Management\ePowerTray.exe" [2009-04-04 698912]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-27 1434920]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-22 149280]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-28 2007832]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 18:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{84A4DE96-44B4-4B6E-BC0D-B6EEF4DAEF31}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4128F27E-2D86-44F8-BF55-FB3DC56B8100}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{5C24F8B8-74B2-4033-94CF-D9E5D18B62A0}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{AACE2CD8-1799-4B2E-BFA9-054B3B94EDB9}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{C9C8F8B1-AF60-485B-98BE-360E3F5BABF3}f:\\strongkey-rc1.3-build-208.exe"= UDP:F:\strongkey-rc1.3-build-208.exe:strongkey-rc1.3-build-208
"UDP Query User{B712F79B-899F-4C06-A9CB-0B83931C2B54}f:\\strongkey-rc1.3-build-208.exe"= TCP:F:\strongkey-rc1.3-build-208.exe:strongkey-rc1.3-build-208
"TCP Query User{ED0BC497-6C9A-431D-B3E5-60C1099E087B}f:\\strongkey-rc1.3-build-208.exe"= UDP:F:\strongkey-rc1.3-build-208.exe:strongkey-rc1.3-build-208
"UDP Query User{D7122014-9E1A-43BC-83F1-5E7C1A2E073B}f:\\strongkey-rc1.3-build-208.exe"= TCP:F:\strongkey-rc1.3-build-208.exe:strongkey-rc1.3-build-208
"{581C6F36-723C-4831-AC78-CD306CF728D3}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{EF5BF04C-902C-4992-93B9-BAA7726705DA}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{56C0B1DE-5D50-40BA-A7AC-22F375E0A6F9}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

R0 FSProFilter;FSPro File Filter;c:\windows\System32\drivers\FSPFltd.sys [03/09/2009 01:22 43792]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [28/09/2009 20:39 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [28/09/2009 20:39 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [15/09/2009 11:42 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [15/09/2009 11:42 74480]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [28/09/2009 20:38 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [28/09/2009 20:38 297752]
R2 ePowerSvc;Acer ePower Service;c:\program files\Gateway\Gateway Power Management\ePowerSvc.exe [08/05/2009 18:53 723488]
R2 fsproflt;FSPro Filter Service;c:\windows\System32\fsproflt.exe [03/09/2009 01:22 73392]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [15/09/2009 11:42 7408]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [08/05/2009 18:53 24064]

--- =Outros Serviços/Drivers Na Memória ---

*NewlyCreated* - SASDIFSV
*NewlyCreated* - SASENUM
*NewlyCreated* - SASKUTIL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Conteúdo da pasta 'Tarefas Agendadas'

2009-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2368773758-2294481403-2321917780-1000Core.job
- c:\users\sena\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-27 19:50]

2009-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2368773758-2294481403-2321917780-1000UA.job
- c:\users\sena\AppData\Local\Google\Update\GoogleUpdate.exe [2009-08-27 19:50]
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.yahoo.com.br/
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0416&s=2&o=vb32&d=0709&m=lt31
uInternet Settings,ProxyServer = 10.48.128.15:80
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {099770D2-D25F-4269-B16F-93153A3ED3AE} = 10.48.128.2
.
- - - - ORFÃOS REMOVIDOS - - - -

AddRemove-com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 - c:\program files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-06 22:16
Windows 6.0.6001 Service Pack 1 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...


C:\palm

Varredura completada com sucesso
arquivos/ficheiros ocultos: 1

**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Tempo para conclusão: 2009-10-07 22:19
ComboFix-quarantined-files.txt 2009-10-07 01:19

Pré-execução: 179.714.252.800 bytes free
Pós execução: 180.347.580.416 bytes free

261 --- E O F --- 2009-10-05 17:13

BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:09:43 PM

Posted 06 October 2009 - 09:45 PM

Por favor tentativa que afixa neste forum

http://forum.clubedohardware.com.br/



ComboFix logs should not to be posted or discussed outside the HijackThis forums. It is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained. ComboFix is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

Please create a new topic in the Am I Infected forum.
http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/
Explain the nature of your problem. Describe pop-ups and system tray or desktop icons that have appeared. Explain what is "going wrong" with your computer. Note any tools you have used and their respective results.

If needed, we will direct you to our HJT Preparation Guide.

This topic is now closed.
The BC Staff

Edited by garmanma, 06 October 2009 - 09:59 PM.

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users