Scribd Logo
Upload

Welcome to Scribd!

  • Combo Fix

    Uploaded by

    dddddqqq
    28 views2 pages

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    28 views2 pages

    Combo Fix

    Uploaded by

    dddddqqq

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    ComboFix 11-02-06.02 - Administrador 07/02/2011 10:03:11.1.

    1 - x86
    Microsoft Windows XP Professional 5.1.2600.1.1252.55.1046.18.510.386 [GMT -2:00
    ]
    Executando de: c:\documents and settings\Administrador\Desktop\ComboFix.exe
    ATENÇAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAÇÃO INSTALADA !!
    .
    (((((((((((((((( Arquivos/Ficheiros criados de 2011-01-07 to 2011-02-07 )))))
    )))))))))))))))))))))))
    .
    2011-02-04 17:32 . 2011-02-07 11:45 -------- d-----r- C:\Arqui
    vos de programas
    2011-02-04 17:31 . 2011-02-04 16:46 -------- d-----w- C:\Docum
    ents and Settings
    2011-02-04 17:07 . 2011-02-04 17:07 -------- d-----w- C:\dell
    .
    ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))
    )))))))))))))))))))))))))))))
    .
    .
    (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))
    )))))))))))))))))))))))))
    .
    .
    *Nota* entradas vazias e legítimas por defeito não são mostradas.
    REGEDIT4
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "igfxtray"="c:\windows\System32\igfxtray.exe" [2005-09-20 94208]
    "igfxhkcmd"="c:\windows\System32\hkcmd.exe" [2005-09-20 77824]
    "igfxpers"="c:\windows\System32\igfxpers.exe" [2005-09-20 114688]
    "WinVNC"="c:\arquivos de programas\RealVNC\WinVNC\WinVNC.exe" [2003-03-05 335872
    ]
    "Autorun Eater"="c:\arquivos de programas\Autorun Eater\oldmcdonald.exe" [2009-0
    5-27 549400]
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2002-09-09 13312]
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostSta
    rtTrayApp]
    2003-06-10 20:02 94208 ----a-w- c:\arquivos de programas\Symante
    c\Norton Ghost 2003\GhostStartTrayApp.exe
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaU
    pdateSched]
    2010-02-18 13:43 248040 ----a-w- c:\arquivos de programas\Arquivo
    s comuns\Java\Java Update\jusched.exe
    R1 GhPciScan;GhostPciScanner;c:\arquivos de programas\Symantec\Norton Ghost 2003
    \GhPciScan.sys [28/5/2003 19:01 5632]
    .
    .
    ------- Scan Suplementar -------
    .
    IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
    DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    FF - ProfilePath - c:\documents and settings\Administrador\Dados de aplicativos\
    Mozilla\Firefox\Profiles\phx6jddi.default\
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\arquivos de progr
    amas\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Quick Starter: jqs@sun.com - c:\arquivos de programas\Java\jre6\l
    ib\deploy\jqs\ff
    .
    **************************************************************************
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/
    /www.gmer.net
    Rootkit scan 2011-02-07 10:06
    Windows 5.1.2600 Service Pack 1 NTFS
    Procurando processos ocultos ...
    Procurando entradas auto inicializáveis ocultas ...
    Procurando ficheiros/arquivos ocultos ...
    Varredura completada com sucesso
    arquivos/ficheiros ocultos: 0
    **************************************************************************
    .
    --------------------- DLLs Carregadas Sob os Processos em Execução -----------------
    ----
    - - - - - - - > 'winlogon.exe'(636)
    c:\windows\System32\ODBC32.dll
    - - - - - - - > 'lsass.exe'(716)
    c:\windows\System32\dssenh.dll
    .
    Tempo para conclusão: 2011-02-07 10:07:54
    ComboFix-quarantined-files.txt 2011-02-07 12:07
    Pré-execução: 5 pasta(s) 35.081.728.000 bytes disponíveis
    Pós execução: 6 pasta(s) 35.056.775.168 bytes disponíveis
    - - End Of File - - BC6F68C3878C935AAEA9E47CBA493E65

    You might also like