Relaçoes
Por: gdhgsh • 13/4/2015 • Resenha • 397 Palavras (2 Páginas) • 201 Visualizações
ComboFix 14-09-24.01 - Terminal 26/09/2014 15:38:58.1.8 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.3490.2848 [GMT -3:00]
Executando de: \\server\1 Tera\Programas\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\UNWISE.EXE
.
c:\windows\System32\userinit.exe . . . está infectado!!
.
c:\windows\system32\dsound.dll . . . está infectado!!
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2014-08-26 to 2014-09-26 ))))))))))))))))))))))))))))
.
.
2014-09-26 17:25 . 2014-05-14 16:23 45536 ----a-w- c:\windows\system32\wups2.dll
2014-09-26 17:25 . 2014-05-14 16:23 54240 ----a-w- c:\windows\system32\wuauclt.exe
2014-09-26 17:25 . 2014-05-14 16:23 1973728 ----a-w- c:\windows\system32\wuaueng.dll
2014-09-26 17:25 . 2014-05-14 16:17 2425856 ----a-w- c:\windows\system32\wucltux.dll
2014-09-26 17:25 . 2014-05-14 16:23 36320 ----a-w- c:\windows\system32\wups.dll
2014-09-26 17:25 . 2014-05-14 16:23 581600 ----a-w- c:\windows\system32\wuapi.dll
2014-09-26 17:25 . 2014-05-14 16:17 92672 ----a-w- c:\windows\system32\wudriver.dll
2014-09-26 17:25 . 2014-05-14 12:23 179656 ----a-w- c:\windows\system32\wuwebv.dll
2014-09-26 17:25 . 2014-05-14 12:17 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-09-26 13:30 . 2014-09-26 14:21 -------- d-----w- c:\users\Admin
2014-09-04 12:12 . 2014-09-04 12:12 -------- d-----w- c:\users\Terminal\AppData\Local\Intel_Corporation
.
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-26 18:11 . 2009-07-13 23:14 148480 ----a-w- c:\windows\system32\drivers\fastfat.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-11-20 . 2C4A7E70E3E1637A46C6CBA7949E64D7 . 26624 . . [6.1.7600.16385] . . c:\windows\System32\userinit.exe
[-] 2010-11-20 . 2C4A7E70E3E1637A46C6CBA7949E64D7 . 26624 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
[-] 2009-07-14 . 0B9583DB4301DDEAC623AAD3808C13B8 . 453632 . . [6.1.7600.16385] . . c:\windows\System32\dsound.dll
[-] 2009-07-14 . 0B9583DB4301DDEAC623AAD3808C13B8 . 453632 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\explorer.exe,"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-01 13:21 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2013-05-24 21:04 186864 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
2013-04-30 15:27 36352 ----a-w- c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2013-05-24 21:04 140784 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 18:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2013-05-24
...