TrabalhosGratuitos.com - Trabalhos, Monografias, Artigos, Exames, Resumos de livros, Dissertações
Pesquisar

Relaçoes

Por:   •  13/4/2015  •  Resenha  •  397 Palavras (2 Páginas)  •  196 Visualizações

Página 1 de 2

ComboFix 14-09-24.01 - Terminal 26/09/2014 15:38:58.1.8 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.3490.2848 [GMT -3:00]

Executando de: \\server\1 Tera\Programas\ComboFix.exe

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\UNWISE.EXE

.

c:\windows\System32\userinit.exe . . . está infectado!!

.

c:\windows\system32\dsound.dll . . . está infectado!!

.

.

(((((((((((((((( Arquivos/Ficheiros criados de 2014-08-26 to 2014-09-26 ))))))))))))))))))))))))))))

.

.

2014-09-26 17:25 . 2014-05-14 16:23 45536 ----a-w- c:\windows\system32\wups2.dll

2014-09-26 17:25 . 2014-05-14 16:23 54240 ----a-w- c:\windows\system32\wuauclt.exe

2014-09-26 17:25 . 2014-05-14 16:23 1973728 ----a-w- c:\windows\system32\wuaueng.dll

2014-09-26 17:25 . 2014-05-14 16:17 2425856 ----a-w- c:\windows\system32\wucltux.dll

2014-09-26 17:25 . 2014-05-14 16:23 36320 ----a-w- c:\windows\system32\wups.dll

2014-09-26 17:25 . 2014-05-14 16:23 581600 ----a-w- c:\windows\system32\wuapi.dll

2014-09-26 17:25 . 2014-05-14 16:17 92672 ----a-w- c:\windows\system32\wudriver.dll

2014-09-26 17:25 . 2014-05-14 12:23 179656 ----a-w- c:\windows\system32\wuwebv.dll

2014-09-26 17:25 . 2014-05-14 12:17 33792 ----a-w- c:\windows\system32\wuapp.exe

2014-09-26 13:30 . 2014-09-26 14:21 -------- d-----w- c:\users\Admin

2014-09-04 12:12 . 2014-09-04 12:12 -------- d-----w- c:\users\Terminal\AppData\Local\Intel_Corporation

.

.

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-09-26 18:11 . 2009-07-13 23:14 148480 ----a-w- c:\windows\system32\drivers\fastfat.sys

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2010-11-20 . 2C4A7E70E3E1637A46C6CBA7949E64D7 . 26624 . . [6.1.7600.16385] . . c:\windows\System32\userinit.exe

[-] 2010-11-20 . 2C4A7E70E3E1637A46C6CBA7949E64D7 . 26624 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

.

[-] 2009-07-14 . 0B9583DB4301DDEAC623AAD3808C13B8 . 453632 . . [6.1.7600.16385] . . c:\windows\System32\dsound.dll

[-] 2009-07-14 . 0B9583DB4301DDEAC623AAD3808C13B8 . 453632 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por padrão não são apresentadas.

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="c:\windows\explorer.exe,"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2007-06-01 13:21 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]

2013-05-24 21:04 186864 ----a-w- c:\windows\System32\hkcmd.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]

2013-04-30 15:27 36352 ----a-w- c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

2013-05-24 21:04 140784 ----a-w- c:\windows\System32\igfxtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 18:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]

2013-05-24

...

Baixar como (para membros premium)  txt (7 Kb)   pdf (54.1 Kb)   docx (14.2 Kb)  
Continuar por mais 1 página »
Disponível apenas no TrabalhosGratuitos.com