Continuação:ComboFix 13-07-09.01 - f000847 10/07/2013 16:48:18.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2013.1545 [GMT -3:00]
Executando de: c:\documents and settings\f000847\Desktop\Ferramentas para remoção de virus\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
ADS - system32: deleted 2 bytes in 1 streams. ADS - drivers: deleted 412 bytes in 1 streams. .
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dados de aplicativos\TEMP
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2013-06-10 to 2013-07-10 ))))))))))))))))))))))))))))
.
.
2013-07-10 19:44 . 2013-07-10 19:44 512 ----a-w- C:\PhysicalDisk0_MBR.bin
2013-07-10 19:42 . 2013-07-10 19:44 -------- d-----w- C:\ZHP
2013-07-10 19:42 . 2013-07-10 19:44 -------- d-----w- c:\arquivos de programas\ZHPDiag
2013-07-10 19:41 . 2013-07-10 19:41 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-10 19:41 . 2013-07-10 19:41 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-10 19:41 . 2013-07-10 19:41 -------- d-----w- c:\arquivos de programas\Java
2013-07-10 19:33 . 2013-07-10 19:33 -------- d-----w- C:\JRT
2013-06-27 11:53 . 2013-07-10 19:26 -------- d-----w- c:\documents and settings\f000847\Dados de aplicativos\Thunderbird
2013-06-18 12:28 . 2013-06-21 17:19 -------- d-----w- c:\documents and settings\f000847\Dados de aplicativos\IE Addon
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-10 19:48 . 2012-01-09 12:39 31088 ----a-w- c:\windows\system32\drivers\GbpNdisrd.sys
2013-07-10 19:41 . 2013-04-11 13:20 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-10 19:41 . 2011-11-24 13:45 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-27 19:41 . 2013-05-16 14:01 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 19:41 . 2011-11-24 13:28 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-27 19:41 . 2011-11-29 10:37 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-12 14:55 . 2013-01-22 11:13 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 14:55 . 2011-11-24 14:10 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 08:59 . 2013-05-16 14:01 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2011-11-24 13:28 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-05-16 14:01 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2011-11-24 13:28 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-09 08:59 . 2011-11-24 13:28 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2011-11-29 10:37 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2011-11-24 13:27 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-08 12:52 . 2011-12-01 18:50 49536 ----a-w- c:\windows\system32\drivers\gbpkm.sys
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\arquivos de programas\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\arquivos de programas\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
"Adobe ARM"="c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{E37CB5F0-51F5-4395-A808-5FA49E399014}"= "c:\arquivos de programas\GbPlugin\gbiehbnb.dll" [2012-11-06 643008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2013-05-23 13:47 1389096 ----a-w- c:\arquivos de programas\GbPlugin\gbieh.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBnb]
2012-11-06 12:26 643008 ------w- c:\arquivos de programas\GbPlugin\gbiehbnb.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2012-12-26 16:03 1652584 ------w- c:\arquivos de programas\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Serviço Scheduler2]
2011-02-03 06:49 358808 ----a-w- c:\arquivos de programas\Arquivos comuns\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-05-11 06:06 40048 ----a-w- c:\arquivos de programas\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 22:03 152872 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-13 22:20 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2009-11-18 02:55 33697792 ----a-r- c:\arquivos de programas\VIA\VIAudioi\HDADeck\HDeck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-06-25 04:51 166912 ----a-r- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-06-25 04:52 134656 ----a-r- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 18:57 153136 ----a-w- c:\arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-06-25 04:51 136192 ----a-r- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 10:32 253816 ----a-w- c:\arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2011-02-03 06:49 5149840 ----a-w- c:\arquivos de programas\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [16/05/2013 11:01 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [16/05/2013 11:01 175176]
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [01/12/2011 15:50 49536]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [24/11/2011 11:11 752128]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [03/04/2012 09:31 24408]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [29/11/2011 07:37 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [24/11/2011 10:28 369584]
R2 afcdpsrv;Serviço de Acronis Nonstop Backup;c:\arquivos de programas\Arquivos comuns\Acronis\CDP\afcdpsrv.exe [24/11/2011 11:11 3246040]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24/11/2011 10:28 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [16/05/2013 11:01 66336]
R2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [01/12/2011 15:50 410152]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [24/11/2011 11:11 167968]
R3 NdisrdMP;NdisrdMP;c:\windows\system32\drivers\GbpNdisrd.sys [09/01/2012 09:39 31088]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [24/11/2011 10:11 1425280]
S3 Ndisrd;GAS Tecnologia Service;c:\windows\system32\drivers\GbpNdisrd.sys [09/01/2012 09:39 31088]
.
--- =Outros Serviços/Drivers Na Memória ---
.
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-21 15:39 1165776 ----a-w- c:\arquivos de programas\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2013-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-22 14:55]
.
2013-07-10 c:\windows\Tasks\avast! Emergency Update.job
- c:\arquivos de programas\Alwil Software\Avast5\AvastEmUpdate.exe [2012-08-20 08:58]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2013-04-11 10:24]
.
2013-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2013-04-11 10:24]
.
.
------- Scan Suplementar -------
.
uStart Page =
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]mSearch Bar =
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]Trusted Zone: bancobrasil.com.br\www
Trusted Zone: bancobrasil.com.br\www14
Trusted Zone: bancobrasil.com.br\www2
Trusted Zone: bb.com.br\www
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\www
TCP: DhcpNameServer = 10.4.65.16
FF - ProfilePath - c:\documents and settings\f000847\Dados de aplicativos\Mozilla\Firefox\Profiles\vc3ld4n3.default\
FF - prefs.js: browser.startup.homepage -
FF - ExtSQL: 2013-06-18 08:37;
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]; c:\documents and settings\f000847\Dados de aplicativos\Mozilla\Firefox\Profiles\vc3ld4n3.default\extensions\helperframework@zonemedia.com.xpi
FF - ExtSQL: 2013-06-18 08:38;
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]; c:\documents and settings\f000847\Dados de aplicativos\Mozilla\Firefox\Profiles\vc3ld4n3.default\extensions\ffxtlbr@babylon.com
.
- - - - ORFÃOS REMOVIDOS - - - -
.
HKLM-Run-update_apc - c:\arquivos de programas\Internet Explorer\Updater.exe
AddRemove-Cartoon Maker1.7 - c:\documents and settings\f000847\Meus documentos\Nova pasta\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]Rootkit scan 2013-07-10 16:51
Windows 5.1.2600 Service Pack 3 NTFS
.
Procurando processos ocultos ...
.
Procurando entradas auto inicializáveis ocultas ...
.
Procurando ficheiros/arquivos ocultos ...
.
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
.
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\1FDE42FC632E233438BCC407A1B9BC0F\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"107"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\2451D69CF585D214C8A52004DB1A469B\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"106"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\256917180E811B74A9218FB20F574DBD\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"105"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\484CA1D2615EC8048852CA1B3C65CAA7\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"101"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\4C9878626E35BDD4F833D8F0E900B0AE\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"100"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\5E903427217EC6249BD46B4B52112CF9\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"104"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\7A7FFB02FB4E7E4488243D1990374C9B\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="Microsoft's Silverlight Installation [1]"
"100"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\82B28DCEEB84C6245BB5E60C22162658\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"108"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\BE7C28545F39D804F992A5B51E7E8654\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"103"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\DE6BA3F2C1597EC4A89C5864DFFCF1A5\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"102"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\46EAC7482DC4D2B4FA0079F85F340164\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";"
"2"=";"
"3"=";"
"4"=";"
"5"=";"
"6"=";"
"7"=";"
"8"=";"
"9"=";"
"10"=";"
"11"=";"
"12"=";"
"13"=";"
"14"=";"
"15"=";"
"16"=";"
"17"=";"
"18"=";"
"19"=";"
"20"=";"
"21"=";"
"22"=";"
"23"=";"
"24"=";"
"25"=";"
"26"=";"
"27"=";"
"28"=";"
"29"=";"
"30"=";"
"31"=";"
"32"=";"
"33"=";"
"34"=";"
"35"=";"
"36"=";"
"37"=";"
"38"=";"
"39"=";"
"40"=";"
"41"=";"
"42"=";"
"43"=";"
"44"=";"
"45"=";"
"46"=";"
"47"=";"
"48"=";"
"49"=";"
"50"=";"
"51"=";"
"52"=";"
"53"=";"
"54"=";"
"55"=";"
"56"=";"
"57"=";"
"58"=";"
"59"=";"
"60"=";"
"61"=";"
"62"=";"
"63"=";"
"64"=";"
"65"=";"
"66"=";"
"67"=";"
"68"=";"
"69"=";"
"70"=";"
"71"=";"
"72"=";"
"73"=";"
"74"=";"
"75"=";"
"76"=";"
"77"=";"
"78"=";"
"79"=";"
"80"=";"
"81"=";"
"82"=";"
"83"=";"
"84"=";"
"85"=";"
"86"=";"
"87"=";"
"88"=";"
"89"=";"
"90"=";"
"91"=";"
"92"=";"
"93"=";"
"94"=";"
"95"=";"
"96"=";"
"97"=";"
"98"=";"
"99"=";"
"100"=";"
"101"=";"
"102"=";"
"103"=";"
"104"=";"
"105"=";"
"106"=";"
"107"=";"
"108"=";"
"109"=";"
"110"=";"
"111"=";"
"112"=";"
"113"=";"
"114"=";"
"115"=";"
"116"=";"
"117"=";"
"118"=";"
"119"=";"
"120"=";"
"121"=";"
"122"=";"
"123"=";"
"124"=";"
"125"=";"
"126"=";"
"127"=";"
"128"=";"
"129"=";"
"130"=";"
"131"=";"
"132"=";"
"133"=";"
"134"=";"
"135"=";"
"136"=";"
"137"=";"
"138"=";"
"139"=";"
"140"=";"
"141"=";"
"142"=";"
"143"=";"
"144"=";"
"145"=";"
"146"=";"
"147"=";"
"148"=";"
"149"=";"
"150"=";"
"151"=";"
"152"=";"
"153"=";"
"154"=";"
"155"=";"
"156"=";"
"157"=";"
"158"=";"
"159"=";"
"160"=";"
"161"=";"
"162"=";"
"163"=";"
"164"=";"
"165"=";"
"166"=";"
"167"=";"
"168"=";"
"169"=";"
"170"=";"
"171"=";"
"172"=";"
"173"=";"
"174"=";"
"175"=";"
"176"=";"
"177"=";"
"178"=";"
"179"=";"
"180"=";"
"181"=";"
"182"=";"
"183"=";"
"184"=";"
"185"=";"
"186"=";"
"187"=";"
"188"=";"
"189"=";"
"190"=";"
"191"=";"
"192"=";"
"193"=";"
"194"=";"
"195"=";"
"196"=";"
"197"=";"
"198"=";"
"199"=";"
"200"=";"
"201"=";"
"202"=";"
"203"=";"
"204"=";"
"205"=";"
"206"=";"
"207"=";"
"208"=";"
"209"=";"
"210"=";"
"211"=";"
"212"=";"
"213"=";"
"214"=";"
"215"=";"
"216"=";"
"217"=";"
"218"=";"
"219"=";"
"220"=";"
"221"=";"
"222"=";"
"223"=";"
"224"=";"
"225"=";"
"226"=";"
"227"=";"
"228"=";"
"229"=";"
"230"=";"
"231"=";"
"232"=";"
"233"=";"
"234"=";"
"235"=";"
"236"=";"
"237"=";"
"238"=";"
"239"=";"
"240"=";"
"241"=";"
"242"=";"
"243"=";"
"244"=";"
"245"=";"
"246"=";"
"247"=";"
"248"=";"
"249"=";"
"250"=";"
"251"=";"
"252"=";"
"253"=";"
"254"=";"
"255"=";"
"256"=";"
"257"=";"
"258"=";"
"259"=";"
"260"=";"
"261"=";"
"262"=";"
"263"=";"
"264"=";"
"265"=";"
"266"=";"
"267"=";"
"268"=";"
"269"=";"
"270"=";"
"271"=";"
"272"=";"
"273"=";"
"274"=";"
"275"=";"
"276"=";"
"277"=";"
"278"=";"
"279"=";"
"280"=";"
"281"=";"
"282"=";"
"283"=";"
"284"=";"
"285"=";"
"286"=";"
"287"=";"
"288"=";"
"289"=";"
"290"=";"
"291"=";"
"292"=";"
"293"=";"
"294"=";"
"295"=";"
"296"=";"
"297"=";"
"298"=";"
"299"=";"
"300"=";"
"301"=";"
"302"=";"
"303"=";"
"304"=";"
"305"=";"
"306"=";"
"307"=";"
"308"=";"
"309"=";"
"310"=";"
"311"=";"
"312"=";"
"313"=";"
"314"=";"
"315"=";"
"316"=";"
"317"=";"
"318"=";"
"319"=";"
"320"=";"
"321"=";"
"322"=";"
"323"=";"
"324"=";"
"325"=";"
"326"=";"
"327"=";"
"328"=";"
"329"=";"
"330"=";"
"331"=";"
"332"=";"
"333"=";"
"334"=";"
"335"=";"
"336"=";"
"337"=";"
"338"=";"
"339"=";"
"340"=";"
"341"=";"
"342"=";"
"343"=";"
"344"=";"
"345"=";"
"346"=";"
"347"=";"
"348"=";"
"349"=";"
"350"=";"
"351"=";"
"352"=";"
"353"=";"
"354"=";"
"355"=";"
"356"=";"
"357"=";"
"358"=";"
"359"=";"
"360"=";"
"361"=";"
"362"=";"
"363"=";"
"364"=";"
"365"=";"
"366"=";"
"367"=";"
"368"=";"
"369"=";"
"370"=";"
"371"=";"
"372"=";"
"373"=";"
"374"=";"
"375"=";"
"376"=";"
"377"=";"
"378"=";"
"379"=";"
"380"=";"
"381"=";"
"382"=";"
"383"=";"
"384"=";"
"385"=";"
"386"=";"
"387"=";"
"388"=";"
"389"=";"
"390"=";"
"391"=";"
"392"=";"
"393"=";"
"394"=";"
"395"=";"
"396"=";"
"397"=";"
"398"=";"
"399"=";"
"400"=";"
"401"=";"
"402"=";"
"403"=";"
"404"=";"
"405"=";"
"406"=";"
"407"=";"
"408"=";"
"409"=";"
"410"=";"
"411"=";"
"412"=";"
"413"=";"
"414"=";"
"415"=";"
"416"=";"
"417"=";"
"418"=";"
"419"=";"
"420"=";"
"421"=";"
"422"=";"
"423"=";"
"424"=";"
"425"=";"
"426"=";"
"427"=";"
"428"=";"
"429"=";"
"430"=";"
"431"=";"
"432"=";"
"433"=";"
"434"=";"
"435"=";"
"436"=";"
"437"=";"
"438"=";"
"439"=";"
"440"=";"
"441"=";"
"442"=";"
"443"=";"
"444"=";"
"445"=";"
"446"=";"
"447"=";"
"448"=";"
"449"=";"
"450"=";"
"451"=";"
"452"=";"
"453"=";"
"454"=";"
"455"=";"
"456"=";"
"457"=";"
"458"=";"
"459"=";"
"460"=";"
"461"=";"
"462"=";"
"463"=";"
"464"=";"
"465"=";"
"466"=";"
"467"=";"
"468"=";"
"469"=";"
"470"=";"
"471"=";"
"472"=";"
"473"=";"
"474"=";"
"475"=";"
"476"=";"
"477"=";"
"478"=";"
"479"=";"
"480"=";"
"481"=";"
"482"=";"
"483"=";"
"484"=";"
"485"=";"
"486"=";"
"487"=";"
"488"=";"
"489"=";"
"490"=";"
"491"=";"
"492"=";"
"493"=";"
"494"=";"
"495"=";"
"496"=";"
"497"=";"
"498"=";"
"499"=";"
"500"=";"
"501"=";"
"502"=";"
"503"=";"
"504"=";"
"505"=";"
"506"=";"
"507"=";"
"508"=";"
"509"=";"
"510"=";"
"511"=";"
"512"=";"
"513"=";"
"514"=";"
"515"=";"
"516"=";"
"517"=";"
"518"=";"
"519"=";"
"520"=";"
"521"=";"
"522"=";"
"523"=";"
"524"=";"
"525"=";"
"526"=";"
"527"=";"
"528"=";"
"529"=";"
"530"=";"
"531"=";"
"532"=";"
"533"=";"
"534"=";"
"535"=";"
"536"=";"
"537"=";"
"538"=";"
"539"=";"
"540"=";"
"541"=";"
"542"=";"
"543"=";"
"544"=";"
"545"=";"
"546"=";"
"547"=";"
"548"=";"
"549"=";"
"550"=";"
"551"=";"
"552"=";"
"553"=";"
"554"=";"
"555"=";"
"556"=";"
"557"=";"
"558"=";"
"559"=";"
"560"=";"
"561"=";"
"562"=";"
"563"=";"
"564"=";"
"565"=";"
"566"=";"
"567"=";"
"568"=";"
"569"=";"
"570"=";"
"571"=";"
"572"=";"
"573"=";"
"574"=";"
"575"=";"
"576"=";"
"577"=";"
"578"=";"
"579"=";"
"580"=";"
"581"=";"
"582"=";"
"583"=";"
"584"=";"
"585"=";"
"586"=";"
"587"=";"
"588"=";"
"589"=";"
"590"=";"
"591"=";"
"592"=";"
"593"=";"
"594"=";"
"595"=";"
"596"=";"
"597"=";"
"598"=";"
"599"=";"
"600"=";"
"601"=";"
"602"=";"
"603"=";"
"604"=";"
"605"=";"
"606"=";"
"607"=";"
"608"=";"
"609"=";"
"610"=";"
"611"=";"
"612"=";"
"613"=";"
"614"=";"
"615"=";"
"616"=";"
"617"=";"
"618"=";"
"619"=";"
"620"=";"
"621"=";"
"622"=";"
"623"=";"
"624"=";"
"625"=";"
"626"=";"
"627"=";"
"628"=";"
"629"=";"
"630"=";"
"631"=";"
"632"=";"
"633"=";"
"634"=";"
"635"=";"
"636"=";"
"637"=";"
"638"=";"
"639"=";"
"640"=";"
"641"=";"
"642"=";"
"643"=";"
"644"=";"
"645"=";"
"646"=";"
"647"=";"
"648"=";"
"649"=";"
"650"=";"
"651"=";"
"652"=";"
"653"=";"
"654"=";"
"655"=";"
"656"=";"
"657"=";"
"658"=";"
"659"=";"
"660"=";"
"661"=";"
"662"=";"
"663"=";"
"664"=";"
"665"=";"
"666"=";"
"667"=";"
"668"=";"
"669"=";"
"670"=";"
"671"=";"
"672"=";"
"673"=";"
"674"=";"
"675"=";"
"676"=";"
"677"=";"
"678"=";"
"679"=";"
"680"=";"
"681"=";"
"682"=";"
"683"=";"
"684"=";"
"685"=";"
"686"=";"
"687"=";"
"688"=";"
"689"=";"
"690"=";"
"691"=";"
"692"=";"
"693"=";"
"694"=";"
"695"=";"
"696"=";"
"697"=";"
"698"=";"
"699"=";"
"700"=";"
"701"=";"
"702"=";"
"703"=";"
"704"=";"
"705"=";"
"706"=";"
"707"=";"
"708"=";"
"709"=";"
"710"=";"
"711"=";"
"712"=";"
"713"=";"
"714"=";"
"715"=";"
"716"=";"
"717"=";"
"718"=";"
"719"=";"
"720"=";"
"721"=";"
"722"=";"
"723"=";"
"724"=";"
"725"=";"
"726"=";"
"727"=";"
"728"=";"
"729"=";"
"730"=";"
"731"=";"
"732"=";"
"733"=";"
"734"=";"
"735"=";"
"736"=";"
"737"=";"
"738"=";"
"739"=";"
"740"=";"
"741"=";"
"742"=";"
"743"=";"
"744"=";"
"745"=";"
"746"=";"
"747"=";"
"748"=";"
"749"=";"
"750"=";"
"751"=";"
"752"=";"
"753"=";"
"754"=";"
"755"=";"
"756"=";"
"757"=";"
"758"=";"
"759"=";"
"760"=";"
"761"=";"
"762"=";"
"763"=";"
"764"=";"
"765"=";"
"766"=";"
"767"=";"
"768"=";"
"769"=";"
"770"=";"
"771"=";"
"772"=";"
"773"=";"
"774"=";"
"775"=";"
"776"=";"
"777"=";"
"778"=";"
"779"=";"
"780"=";"
"781"=";"
"782"=";"
"783"=";"
"784"=";"
"785"=";"
"786"=";"
"787"=";"
"788"=";"
"789"=";"
"790"=";"
"791"=";"
"792"=";"
"793"=";"
"794"=";"
"795"=";"
"796"=";"
"797"=";"
"798"=";"
"799"=";"
"800"=";"
"801"=";"
"802"=";"
"803"=";"
"804"=";"
"805"=";"
"806"=";"
"807"=";"
"808"=";"
"809"=";"
"810"=";"
"811"=";"
"812"=";"
"813"=";"
"814"=";"
"815"=";"
"816"=";"
"817"=";"
"818"=";"
"819"=";"
"820"=";"
"821"=";"
"822"=";"
"823"=";"
"824"=";"
"825"=";"
"826"=";"
"827"=";"
"828"=";"
"829"=";"
"830"=";"
"831"=";"
"832"=";"
"833"=";"
"834"=";"
"835"=";"
"836"=";"
"837"=";"
"838"=";"
"839"=";"
"840"=";"
"841"=";"
"842"=";"
"843"=";"
"844"=";"
"845"=";"
"846"=";"
"847"=";"
"848"=";"
"849"=";"
"850"=";"
"851"=";"
"852"=";"
"853"=";"
"854"=";"
"855"=";"
"856"=";"
"857"=";"
"858"=";"
"859"=";"
"860"=";"
"861"=";"
"862"=";"
"863"=";"
"864"=";"
"865"=";"
"866"=";"
"867"=";"
"868"=";"
"869"=";"
"870"=";"
"871"=";"
"872"=";"
"873"=";"
"874"=";"
"875"=";"
"876"=";"
"877"=";"
"878"=";"
"879"=";"
"880"=";"
"881"=";"
"882"=";"
"883"=";"
"884"=";"
"885"=";"
"886"=";"
"887"=";"
"888"=";"
"889"=";"
"890"=";"
"891"=";"
"892"=";"
"893"=";"
"894"=";"
"895"=";"
"896"=";"
"897"=";"
"898"=";"
"899"=";"
"900"=";"
"901"=";"
"902"=";"
"903"=";"
"904"=";"
"905"=";"
"906"=";"
"907"=";"
"908"=";"
"909"=";"
"910"=";"
"911"=";"
"912"=";"
"913"=";"
"914"=";"
"915"=";"
"916"=";"
"917"=";"
"918"=";"
"919"=";"
"920"=";"
"921"=";"
"922"=";"
"923"=";"
"924"=";"
"925"=";"
"926"=";"
"927"=";"
"928"=";"
"929"=";"
"930"=";"
"931"=";"
"932"=";"
"933"=";"
"934"=";"
"935"=";"
"936"=";"
"937"=";"
"938"=";"
"939"=";"
"940"=";"
"941"=";"
"942"=";"
"943"=";"
"944"=";"
"945"=";"
"946"=";"
"947"=";"
"948"=";"
"949"=";"
"950"=";"
"951"=";"
"952"=";"
"953"=";"
"954"=";"
"955"=";"
"956"=";"
"957"=";"
"958"=";"
"959"=";"
"960"=";"
"961"=";"
"962"=";"
"963"=";"
"964"=";"
"965"=";"
"966"=";"
"967"=";"
"968"=";"
"969"=";"
"970"=";"
"971"=";"
"972"=";"
"973"=";"
"974"=";"
"975"=";"
"976"=";"
"977"=";"
"978"=";"
"979"=";"
"980"=";"
"981"=";"
"982"=";"
"983"=";"
"984"=";"
"985"=";"
"986"=";"
"987"=";"
"988"=";"
"989"=";"
"990"=";"
"991"=";"
"992"=";"
"993"=";"
"994"=";"
"995"=";"
"996"=";"
"997"=";"
"998"=";"
"999"=";"
"1000"=";"
"1001"=";"
"1002"=";"
"1003"=";"
"1004"=";"
"1005"=";"
"1006"=";"
"1007"=";"
"1008"=";"
"1009"=";"
"1010"=";"
"1011"=";"
"1012"=";"
"1013"=";"
"1014"=";"
"1015"=";"
"1016"=";"
"1017"=";"
"1018"=";"
"1019"=";"
"1020"=";"
"1021"=";"
"1022"=";"
"1023"=";"
"1024"=";"
"1025"=";"
"1026"=";"
"1027"=";"
"1028"=";"
"1029"=";"
"1030"=";"
"1031"=";"
"1032"=";"
"1033"=";"
"1034"=";"
"1035"=";"
"1036"=";"
"1037"=";"
"1038"=";"
"1039"=";"
"1040"=";"
"1041"=";"
"1042"=";"
"1043"=";"
"1044"=";"
"1045"=";"
"1046"=";"
"1047"=";"
"1048"=";"
"1049"=";"
"1050"=";"
"1051"=";"
"1052"=";"
"1053"=";"
"1054"=";"
"1055"=";"
"1056"=";"
"1057"=";"
"1058"=";"
"1059"=";"
"1060"=";"
"1061"=";"
"1062"=";"
"1063"=";"
"1064"=";"
"1065"=";"
"1066"=";"
"1067"=";"
"1068"=";"
"1069"=";"
"1070"=";"
"1071"=";"
"1072"=";"
"1073"=";"
"1074"=";"
"1075"=";"
"1076"=";"
"1077"=";"
"1078"=";"
"1079"=";"
"1080"=";"
"1081"=";"
"1082"=";"
"1083"=";"
"1084"=";"
"1085"=";"
"1086"=";"
"1087"=";"
"1088"=";"
"1089"=";"
"1090"=";"
"1091"=";"
"1092"=";"
"1093"=";"
"1094"=";"
"1095"=";"
"1096"=";"
"1097"=";"
"1098"=";"
"1099"=";"
"1100"=";"
"1101"=";"
"1102"=";"
"1103"=";"
"1104"=";"
"1105"=";"
"1106"=";"
"1107"=";"
"1108"=";"
"1109"=";"
"1110"=";"
"1111"=";"
"1112"=";"
"1113"=";"
"1114"=";"
"1115"=";"
"1116"=";"
"1117"=";"
"1118"=";"
"1119"=";"
"1120"=";"
"1121"=";"
"1122"=";"
"1123"=";"
"1124"=";"
"1125"=";"
"1126"=";"
"1127"=";"
"1128"=";"
"1129"=";"
"1130"=";"
"1131"=";"
"1132"=";"
"1133"=";"
"1134"=";"
"1135"=";"
"1136"=";"
"1137"=";"
"1138"=";"
"1139"=";"
"1140"=";"
"1141"=";"
"1142"=";"
"1143"=";"
"1144"=";"
"1145"=";"
"1146"=";"
"1147"=";"
"1148"=";"
"1149"=";"
"1150"=";"
"1151"=";"
"1152"=";"
"1153"=";"
"1154"=";"
"1155"=";"
"1156"=";"
"1157"=";"
"1158"=";"
"1159"=";"
"1160"=";"
"1161"=";"
"1162"=";"
"1163"=";"
"1164"=";"
"1165"=";"
"1166"=";"
"1167"=";"
"1168"=";"
"1169"=";"
"1170"=";"
"1171"=";"
"1172"=";"
"1173"=";"
"1174"=";"
"1175"=";"
"1176"=";"
"1177"=";"
"1178"=";"
"1179"=";"
"1180"=";"
"1181"=";"
"1182"=";"
"1183"=";"
"1184"=";"
"1185"=";"
"1186"=";"
"1187"=";"
"1188"=";"
"1189"=";"
"1190"=";"
"1191"=";"
"1192"=";"
"1193"=";"
"1194"=";"
"1195"=";"
"1196"=";"
"1197"=";"
"1198"=";"
"1199"=";"
"1200"=";"
"1201"=";"
"1202"=";"
"1203"=";"
"1204"=";"
"1205"=";"
"1206"=";"
"1207"=";"
"1208"=";"
"1209"=";"
"1210"=";"
"1211"=";"
"1212"=";"
"1213"=";"
"1214"=";"
"1215"=";"
"1216"=";"
"1217"=";"
"1218"=";"
"1219"=";"
"1220"=";"
"1221"=";"
"1222"=";"
"1223"=";"
"1224"=";"
"1225"=";"
"1226"=";"
"1227"=";"
"1228"=";"
"1229"=";"
"1230"=";"
"1231"=";"
"1232"=";"
"1233"=";"
"1234"=";"
"1235"=";"
"1236"=";"
"1237"=";"
"1238"=";"
"1239"=";"
"1240"=";"
"1241"=";"
"1242"=";"
"1243"=";"
"1244"=";"
"1245"=";"
"1246"=";"
"1247"=";"
"1248"=";"
"1249"=";"
"1250"=";"
"1251"=";"
"1252"=";"
"1253"=";"
"1254"=";"
"1255"=";"
"1256"=";"
"1257"=";"
"1258"=";"
"1259"=";"
"1260"=";"
"1261"=";"
"1262"=";"
"1263"=";"
"1264"=";"
"1265"=";"
"1266"=";"
"1267"=";"
"1268"=";"
"1269"=";"
"1270"=";"
"1271"=";"
"1272"=";"
"1273"=";"
"1274"=";"
"1275"=";"
"1276"=";"
"1277"=";"
"1278"=";"
"1279"=";"
"1280"=";"
"1281"=";"
"1282"=";"
"1283"=";"
"1284"=";"
"1285"=";"
"1286"=";"
"1287"=";"
"1288"=";"
"1289"=";"
"1290"=";"
"1291"=";"
"1292"=";"
"1293"=";"
"1294"=";"
"1295"=";"
"1296"=";"
"1297"=";"
"1298"=";"
"1299"=";"
"1300"=";"
"1301"=";"
"1302"=";"
"1303"=";"
"1304"=";"
"1305"=";"
"1306"=";"
"1307"=";"
"1308"=";"
"1309"=";"
"1310"=";"
"1311"=";"
"1312"=";"
"1313"=";"
"1314"=";"
"1315"=";"
"1316"=";"
"1317"=";"
"1318"=";"
"1319"=";"
"1320"=";"
"1321"=";"
"1322"=";"
"1323"=";"
"1324"=";"
"1325"=";"
"1326"=";"
"1327"=";"
"1328"=";"
"1329"=";"
"1330"=";"
"1331"=";"
"1332"=";"
"1333"=";"
"1334"=";"
"1335"=";"
"1336"=";"
"1337"=";"
"1338"=";"
"1339"=";"
"1340"=";"
"1341"=";"
"1342"=";"
"1343"=";"
"1344"=";"
"1345"=";"
"1346"=";"
"1347"=";"
"1348"=";"
"1349"=";"
"1350"=";"
"1351"=";"
"1352"=";"
"1353"=";"
"1354"=";"
"1355"=";"
"1356"=";"
"1357"=";"
"1358"=";"
"1359"=";"
"1360"=";"
"1361"=";"
"1362"=";"
"1363"=";"
"1364"=";"
"1365"=";"
"1366"=";"
"1367"=";"
"1368"=";"
"1369"=";"
"1370"=";"
"1371"=";"
"1372"=";"
"1373"=";"
"1374"=";"
"1375"=";"
"1376"=";"
"1377"=";"
"1378"=";"
"1379"=";"
"1380"=";"
"1381"=";"
"1382"=";"
"1383"=";"
"1384"=";"
"1385"=";"
"1386"=";"
"1387"=";"
"1388"=";"
"1389"=";"
"1390"=";"
"1391"=";"
"1392"=";"
"1393"=";"
"1394"=";"
"1395"=";"
"1396"=";"
"1397"=";"
"1398"=";"
"1399"=";"
"1400"=";"
"1401"=";"
"1402"=";"
"1403"=";"
"1404"=";"
"1405"=";"
"1406"=";"
"1407"=";"
"1408"=";"
"1409"=";"
"1410"=";"
"1411"=";"
"1412"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\68AB67CA7DA76401B7448A0100000030\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="READER8;[1]"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\CFD2C1F142D260E3CB8B271543DA9F98\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\D20352A90C039D93DBF6126ECE614057\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\D7314F9862C648A4DB8BE2A5B47BE100\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="Microsoft's Silverlight Installation [1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\DC3BF90CC0D3D2F398A9A6D1762F70F3\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";"
"100"=";"
"101"=";"
"102"=";"
"103"=";"
"104"=";"
"105"=";"
"106"=";"
"107"=";"
"108"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
.
- - - - - - - > 'winlogon.exe'(1076)
c:\arquivos de programas\GBPLUGIN\gbieh.dll
c:\arquivos de programas\GbPlugin\gbiehBnb.dll
c:\arquivos de programas\GbPlugin\gbiehCef.dll
.
- - - - - - - > 'explorer.exe'(1472)
c:\windows\system32\ieframe.dll
c:\arquivos de programas\GbPlugin\gbiehBnb.dll
c:\windows\system32\webcheck.dll
c:\arquivos de programas\GBPLUGIN\gbieh.dll
c:\arquivos de programas\GbPlugin\gbiehCef.dll
.
Tempo para conclusão: 2013-07-10 16:52:37
ComboFix-quarantined-files.txt 2013-07-10 19:52
.
Pré-execução: 12 pasta(s) 74.985.631.744 bytes disponíveis
Pós execução: 13 pasta(s) 74.998.796.288 bytes disponíveis
.
- - End Of File - - F3789C676E1F5486AFF52186A2CD8FC6
239FC8B1C26D5286165A956F5A98D8D7
Portal
» KpRm ( ... by Kernel-panik )
» ESET Rogue Applications Remover ( ... by Eset.com )
» PW Clean 2.7 ( ... by Doutor PW )
» CKScanner ( ... by askey127 )
» AdwCleaner ( ... by XPlode )
» ZHPDiag ( ... de Nicolas Coolman )
» Argente - Registry Cleaner ( ... by Argente Software )
» ListChkdskResult ( ... by SleepyDude )