Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Armando Leitão

[Arquivado] Pc infectado

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

Armando Leitão    0

Armando Leitão
Postado

Maquinas lentas, talvez seja sinal de virus, vou postar dois log´s...

 

Maquina 1

 

 

Logfile of HijackThis v1.99.1

Scan saved at 11:34:58, on 8/9/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\D-Link\AirPlus G\AirGCFG.exe

C:\Arquivos de programas\Java\jre1.5.0_05\bin\jucheck.exe

C:\Arquivos de programas\ANI\ANIWZCS2 Service\WZCSLDR2.exe

C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.cade.yahoo.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.compartilhando.org/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Arquivos de programas\D-Link\AirPlus G\AirGCFG.exe

O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Arquivos de programas\ANI\ANIWZCS2 Service\WZCSLDR2.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/

O17 - HKLM\System\CCS\Services\Tcpip\..\{B157CC24-7327-4E78-9BA5-A227131F662C}: NameServer = 192.168.0.4

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Arquivos de programas\ANI\ANIWZCS2 Service\ANIWZCSdS.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

 

 

ComboFix 07-09-08.7 - "Administrador" 2007-09-08 11:18:10.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.193 [GMT -3:00]

* Created a new restore point

.

 

((((((((((((((((((((((( Ficheiros criados de 2007-08-08 to 2007-09-08 ))))))))))))))))))))))))))))))))

.

 

2007-09-08 11:16 <DIR> d-------- C:\LinhaDefensiva

2007-09-08 11:10 <DIR> d-------- C:\!KillBox

2007-09-06 12:11 <DIR> d-------- C:\Arquivos de programas\Windows Media Connect 2

2007-09-06 12:10 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF

2007-08-31 18:06 51,200 --a------ C:\WINDOWS\nircmd.exe

2007-08-22 16:27 <DIR> d-------- C:\Arquivos de programas\Psychic Doom 97D High Exp

2007-08-22 14:55 218,112 --a------ C:\HijackThis.exe

2007-08-21 08:57 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll

2007-08-21 08:57 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll

2007-08-19 21:37 23,040 --------- C:\WINDOWS\system32\dllcache\fltmc.exe

2007-08-19 21:37 16,896 --------- C:\WINDOWS\system32\dllcache\fltlib.dll

2007-08-19 21:37 128,896 --------- C:\WINDOWS\system32\dllcache\fltmgr.sys

2007-08-19 21:35 <DIR> d-------- C:\Arquivos de programas\MSXML 4.0

2007-08-19 21:34 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe

2007-08-19 17:10 2,450,944 --------- C:\WINDOWS\system32\dllcache\wmvcore.dll

2007-08-19 16:54 <DIR> d--h----- C:\WINDOWS\$hf_mig$

2007-08-17 08:16 <DIR> d---s---- C:\DOCUME~1\ADMINI~1\UserData

2007-08-16 20:34 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2007-08-16 10:02 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Image Zone Express

2007-08-15 15:38 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Lavasoft

2007-08-15 14:54 57,407 --a------ C:\WINDOWS\system32\ANICtl.dll

2007-08-15 14:54 49,152 --a------ C:\WINDOWS\system32\AQCKGen.dll

2007-08-15 14:54 368,640 --a------ C:\WINDOWS\system32\ANIWZCS2.dll

2007-08-15 14:54 221,184 --a------ C:\WINDOWS\system32\wlanapi.dll

2007-08-15 14:54 212,992 --a------ C:\WINDOWS\system32\aIPH.dll

2007-08-15 14:54 143,360 --a------ C:\WINDOWS\system32\WlanApp.dll

2007-08-15 14:54 1,323,095 --a------ C:\WINDOWS\system32\odSupp_M.dll

2007-08-15 14:53 36,864 --a------ C:\WINDOWS\system32\ANIOApi.dll

2007-08-15 14:53 28,205 --a------ C:\WINDOWS\system32\ANIO.sys

2007-08-15 14:53 11,904 --a------ C:\WINDOWS\system32\anio4.sys

2007-08-15 14:53 <DIR> d-------- C:\Arquivos de programas\D-Link

2007-08-15 14:53 <DIR> d-------- C:\Arquivos de programas\ANI

2007-08-14 16:31 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\HP

2007-08-13 21:09 <DIR> d---s---- C:\DOCUME~1\LOCALS~1\UserData

2007-08-13 21:05 <DIR> d-------- C:\DOCUME~1\LOCALS~1\DADOSD~1\HP

2007-08-13 21:04 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\HP

2007-08-13 21:02 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\HP

2007-08-13 21:00 <DIR> d-------- C:\Arquivos de programas\Hewlett-Packard

2007-08-13 20:59 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard

2007-08-13 20:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys

2007-08-13 20:57 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll

2007-08-13 20:57 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe

2007-08-13 20:57 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe

2007-08-13 20:57 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll

2007-08-13 20:57 306,688 --a------ C:\WINDOWS\IsUninst.exe

2007-08-13 20:57 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll

2007-08-13 20:57 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll

2007-08-13 20:57 <DIR> d-------- C:\Arquivos de programas\HP

2007-08-13 20:55 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll

2007-08-13 20:55 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys

2007-08-13 20:55 38,400 --a------ C:\WINDOWS\system32\hpz3l054.dll

2007-08-13 20:55 282,624 -ra------ C:\WINDOWS\system32\HPZc3212.dll

2007-08-13 20:55 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys

2007-08-13 20:55 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys

2007-08-13 20:55 119,027 --a------ C:\WINDOWS\hpoins11.dat

2007-08-13 20:54 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys

2007-08-13 20:49 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys

2007-08-10 14:14 304,182 --a------ C:\StiImg.dat

2007-08-10 14:12 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys

2007-08-10 14:12 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys

2007-08-10 14:12 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS

2007-08-10 14:12 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys

2007-08-10 14:12 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys

2007-08-10 14:12 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys

2007-08-10 14:12 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys

2007-08-10 14:11 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll

2007-08-10 14:02 <DIR> d-------- C:\WINDOWS\PAC207

2007-08-10 14:02 <DIR> d-------- C:\Arquivos de programas\PC Camera

2007-08-10 14:02 <DIR> d-------- C:\Arquivos de programas\Common Files

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-08-16 13:19 --------- d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Real

2007-08-15 14:54 --------- d--h----- C:\Arquivos de programas\InstallShield Installation Information

2007-08-07 08:58 --------- d-------- C:\Arquivos de programas\CyberLink DVD Solution

2007-08-02 16:26 --------- d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Help

2007-08-02 10:56 --------- d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\CyberLink

2007-07-31 20:40 --------- d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\CyberLink

2007-07-30 21:44 --------- d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Media Player Classic

2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll

2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll

2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe

2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll

2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll

2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll

2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll

2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll

2007-07-30 18:49 --------- d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Spybot - Search & Destroy

2007-07-30 18:48 --------- d-------- C:\Arquivos de programas\Lavasoft

2007-07-30 18:48 --------- d-------- C:\Arquivos de programas\CCleaner

2007-07-30 17:43 --------- d-------- C:\Arquivos de programas\Arquivos comuns\InstallShield

2007-07-30 13:32 --------- d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Corel

2007-07-30 13:29 --------- d-------- C:\Arquivos de programas\Arquivos comuns\Corel

2007-07-30 13:27 --------- d-------- C:\Arquivos de programas\Corel

2007-07-29 22:27 --------- d-------- C:\Arquivos de programas\Innovative Solutions

2007-07-29 22:25 --------- d-------- C:\Arquivos de programas\Arquivos comuns\Nero

2007-07-29 22:22 --------- d-------- C:\Arquivos de programas\Ahead

2007-07-29 22:21 --------- d-------- C:\Arquivos de programas\Arquivos comuns\Ahead

2007-07-29 22:18 --------- d-------- C:\Arquivos de programas\Microsoft.NET

2007-07-29 22:09 --------- d-------- C:\DOCUME~1\DEFAUL~1\DADOSD~1\Real

2007-07-29 22:09 --------- d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Real

2007-07-29 22:09 --------- d-------- C:\Arquivos de programas\K-Lite Codec Pack

2007-07-29 22:08 --------- d-------- C:\Arquivos de programas\MSN Messenger

2007-07-29 22:05 --------- d-------- C:\Arquivos de programas\Arquivos comuns\MSSoap

2007-07-29 22:01 4128 --a------ C:\WINDOWS\system32\drivers\INFCACHE.1

2007-07-29 18:56 --------- d-------- C:\Arquivos de programas\Arquivos comuns\SpeechEngines

2007-07-29 18:56 --------- d-------- C:\Arquivos de programas\Arquivos comuns\ODBC

2007-06-26 11:09 660992 --------- C:\WINDOWS\system32\dllcache\wininet.dll

2007-06-26 10:57 851968 --------- C:\WINDOWS\system32\dllcache\vgx.dll

2007-06-26 03:10 1104896 --a------ C:\WINDOWS\system32\msxml3.dll

2007-06-26 03:10 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll

2007-06-19 10:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll

2007-06-19 10:31 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll

2007-06-14 15:09 96768 --------- C:\WINDOWS\system32\dllcache\inseng.dll

2007-06-14 15:09 616448 --------- C:\WINDOWS\system32\dllcache\urlmon.dll

2007-06-14 15:09 55808 --------- C:\WINDOWS\system32\dllcache\extmgr.dll

2007-06-14 15:09 532480 --------- C:\WINDOWS\system32\dllcache\mstime.dll

2007-06-14 15:09 474112 --------- C:\WINDOWS\system32\dllcache\shlwapi.dll

2007-06-14 15:09 449024 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll

2007-06-14 15:09 39424 --------- C:\WINDOWS\system32\dllcache\pngfilt.dll

2007-06-14 15:09 357888 --------- C:\WINDOWS\system32\dllcache\dxtmsft.dll

2007-06-14 15:09 3079680 --------- C:\WINDOWS\system32\dllcache\mshtml.dll

2007-06-14 15:09 251392 --------- C:\WINDOWS\system32\dllcache\iepeers.dll

2007-06-14 15:09 205312 --------- C:\WINDOWS\system32\dllcache\dxtrans.dll

2007-06-14 15:09 16384 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll

2007-06-14 15:09 151552 --------- C:\WINDOWS\system32\dllcache\cdfview.dll

2007-06-14 15:09 1494528 --------- C:\WINDOWS\system32\dllcache\shdocvw.dll

2007-06-14 15:09 146432 --------- C:\WINDOWS\system32\dllcache\msrating.dll

2007-06-14 15:09 1055744 --------- C:\WINDOWS\system32\dllcache\danim.dll

2007-06-14 15:09 1024000 --------- C:\WINDOWS\system32\dllcache\browseui.dll

2007-06-14 11:07 18432 --------- C:\WINDOWS\system32\dllcache\iedw.exe

2007-06-13 10:21 1035264 --a------ C:\WINDOWS\explorer.exe

2007-06-13 10:21 1035264 --------- C:\WINDOWS\system32\dllcache\explorer.exe

2004-10-01 15:00 40960 --a------ C:\Arquivos de programas\Uninstall_CDS.exe

--------- C:\Arquivos de programas\Serviços on-line

--------- C:\Arquivos de programas\Arquivos comuns\Serviços

.

 

((((((((((((((((((((((((((((( snapshot_2007-08-31_181112.95 )))))))))))))))))))))))))))))))))))))))))

.

-c----w 213,216 2005-10-12 23:12:26 C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe

-c----w 371,424 2005-10-12 23:12:33 C:\WINDOWS\$NtUninstallKB926239$\spuninst\updspapi.dll

-c----w 414,208 2006-10-19 00:47:16 C:\WINDOWS\$NtUninstallKB929399$\msscp.dll

-c----w 213,216 2005-06-28 13:23:26 C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe

-c----w 371,424 2005-06-28 13:23:54 C:\WINDOWS\$NtUninstallKB929399$\spuninst\updspapi.dll

-c----w 10,834,432 2006-10-19 00:47:20 C:\WINDOWS\$NtUninstallKB936782_WMP11$\wmp.dll

-c----w 215,264 2005-06-28 13:23:32 C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe

-c----w 371,424 2005-06-28 13:23:54 C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\updspapi.dll

-c----w 316,928 2006-11-03 02:29:46 C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe

-c----w 215,264 2005-06-28 13:23:32 C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe

-c----w 371,424 2005-06-28 13:23:54 C:\WINDOWS\$NtUninstallKB939683$\spuninst\updspapi.dll

-c----w 221,488 2006-09-25 20:58:48 C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe

-c----w 379,184 2006-09-25 20:58:48 C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll

-c----w 485,888 2005-01-28 19:12:16 C:\WINDOWS\$NtUninstallWMFDist11$\audiodev.dll

-c----w 294,912 2005-09-19 20:12:29 C:\WINDOWS\$NtUninstallWMFDist11$\blackbox.dll

-c----w 164,864 2005-09-19 20:12:29 C:\WINDOWS\$NtUninstallWMFDist11$\cewmdm.dll

-c----w 502,272 2005-09-19 20:12:30 C:\WINDOWS\$NtUninstallWMFDist11$\drmv2clt.dll

-c----w 6,656 2005-09-19 20:12:30 C:\WINDOWS\$NtUninstallWMFDist11$\laprxy.dll

-c----w 96,768 2005-09-19 20:12:30 C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe

-c----w 310,272 2004-08-04 03:45:24 C:\WINDOWS\$NtUninstallWMFDist11$\mp43dmod.dll

-c----w 384,512 2004-08-04 03:45:24 C:\WINDOWS\$NtUninstallWMFDist11$\mp4sdmod.dll

-c----w 240,640 2004-08-04 03:45:24 C:\WINDOWS\$NtUninstallWMFDist11$\mpg4dmod.dll

-c----w 142,336 2005-09-19 20:12:31 C:\WINDOWS\$NtUninstallWMFDist11$\msnetobj.dll

-c----w 25,088 2005-09-19 20:12:31 C:\WINDOWS\$NtUninstallWMFDist11$\mspmsnsv.dll

-c----w 173,568 2005-09-19 20:12:31 C:\WINDOWS\$NtUninstallWMFDist11$\mspmsp.dll

-c----w 364,784 2005-09-19 20:12:32 C:\WINDOWS\$NtUninstallWMFDist11$\msscp.dll

-c----w 316,416 2005-09-19 20:12:32 C:\WINDOWS\$NtUninstallWMFDist11$\mswmdm.dll

-c----w 221,184 2005-09-19 20:12:32 C:\WINDOWS\$NtUninstallWMFDist11$\qasf.dll

-c----w 47,104 2005-01-28 04:36:04 C:\WINDOWS\$NtUninstallWMFDist11$\uwdf.exe

-c----w 15,872 2005-01-28 04:35:58 C:\WINDOWS\$NtUninstallWMFDist11$\wdfapi.dll

-c----w 38,912 2005-01-28 04:36:00 C:\WINDOWS\$NtUninstallWMFDist11$\wdfmgr.exe

-c----w 396,528 2005-09-19 20:12:33 C:\WINDOWS\$NtUninstallWMFDist11$\wmadmod.dll

-c----w 716,288 2005-09-19 20:12:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmadmoe.dll

-c----w 224,768 2005-09-19 20:12:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmasf.dll

-c----w 28,160 2005-09-19 20:12:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmdmlog.dll

-c----w 33,792 2005-09-19 20:12:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmdmps.dll

-c----w 335,872 2005-01-28 11:53:50 C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmdev.dll

-c----w 290,816 2005-01-28 11:53:54 C:\WINDOWS\$NtUninstallWMFDist11$\wmdrmnet.dll

-c----w 150,016 2005-09-19 20:12:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmidx.dll

-c----w 1,027,072 2005-09-19 20:12:35 C:\WINDOWS\$NtUninstallWMFDist11$\wmnetmgr.dll

-c----w 774,904 2005-09-19 20:12:47 C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmod.dll

-c----w 1,119,744 2005-09-19 20:12:48 C:\WINDOWS\$NtUninstallWMFDist11$\wmsdmoe2.dll

-c----w 413,944 2005-09-19 20:12:48 C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmod.dll

-c----w 940,544 2005-09-19 20:12:48 C:\WINDOWS\$NtUninstallWMFDist11$\wmspdmoe.dll

-c----w 1,218,808 2005-01-28 16:32:56 C:\WINDOWS\$NtUninstallWMFDist11$\wmvadvd.dll

-c----w 1,512,448 2005-01-28 11:53:20 C:\WINDOWS\$NtUninstallWMFDist11$\wmvadve.dll

-c----w 2,374,472 2006-12-07 05:29:34 C:\WINDOWS\$NtUninstallWMFDist11$\wmvcore.dll

-c----w 895,736 2005-09-19 20:12:51 C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmod.dll

-c----w 1,003,008 2005-09-19 20:12:52 C:\WINDOWS\$NtUninstallWMFDist11$\wmvdmoe2.dll

-c----w 61,952 2005-01-28 04:36:20 C:\WINDOWS\$NtUninstallWMFDist11$\wpdconns.dll

-c----w 114,176 2005-01-28 04:36:24 C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtp.dll

-c----w 66,560 2005-01-28 04:36:22 C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtpus.dll

-c----w 331,264 2005-01-28 04:36:28 C:\WINDOWS\$NtUninstallWMFDist11$\wpdsp.dll

-c----w 18,944 2005-01-28 04:36:24 C:\WINDOWS\$NtUninstallWMFDist11$\wpdusb.sys

-c----w 38,912 2005-01-28 04:36:28 C:\WINDOWS\$NtUninstallWMFDist11$\wpd_ci.dll

-c----w 213,216 2006-05-16 21:11:54 C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe

-c----w 371,424 2006-05-16 21:11:54 C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\updspapi.dll

-c----w 13,312 2006-11-02 14:46:52 C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll

-c----w 221,488 2006-09-16 04:05:22 C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe

-c----w 379,184 2006-09-16 04:05:22 C:\WINDOWS\$NtUninstallWudf01000$\spuninst\updspapi.dll

-c----w 58,368 2006-09-28 22:01:52 C:\WINDOWS\$NtUninstallWudf01000$\spuninst\WudfCustom.dll

------w 39,424 2006-10-04 14:05:26 C:\WINDOWS\AppPatch\acadproc.dll

----a-w 13,536 2005-06-28 13:20:24 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\spmsg.dll

----a-w 215,264 2005-06-28 13:23:32 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\spuninst.exe

----a-w 22,752 2005-06-28 13:21:34 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\spupdsvc.exe

----a-w 10,834,944 2007-06-12 02:51:12 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\wmp.dll

----a-w 721,120 2005-06-28 13:25:00 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\update\update.exe

----a-w 371,424 2005-06-28 13:23:54 C:\WINDOWS\SoftwareDistribution\Download\7c77150a75996f50a419574071146123\update\updspapi.dll

----a-w 13,536 2005-06-28 13:20:24 C:\WINDOWS\SoftwareDistribution\Download\80e382e1de0d6353c98ea49c3b9cd56e\spmsg.dll

----a-w 215,264 2005-06-28 13:23:32 C:\WINDOWS\SoftwareDistribution\Download\80e382e1de0d6353c98ea49c3b9cd56e\spuninst.exe

----a-w 318,464 2007-06-27 19:02:52 C:\WINDOWS\SoftwareDistribution\Download\80e382e1de0d6353c98ea49c3b9cd56e\unregmp2.exe

----a-w 721,120 2005-06-28 13:25:00 C:\WINDOWS\SoftwareDistribution\Download\80e382e1de0d6353c98ea49c3b9cd56e\update\update.exe

----a-w 371,424 2005-06-28 13:23:54 C:\WINDOWS\SoftwareDistribution\Download\80e382e1de0d6353c98ea49c3b9cd56e\update\updspapi.dll

----a-w 414,720 2006-12-04 19:21:50 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\msscp.dll

----a-w 13,536 2005-06-28 13:20:24 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\spmsg.dll

----a-w 213,216 2005-06-28 13:23:26 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\spuninst.exe

----a-w 22,752 2005-06-28 13:21:34 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\spupdsvc.exe

----a-w 716,000 2005-06-28 13:24:52 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\update\update.exe

----a-w 371,424 2005-06-28 13:23:54 C:\WINDOWS\SoftwareDistribution\Download\f162a63e5d3b4dcd2b0764f22e8d9651\update\updspapi.dll

----a-w 276,992 2006-10-19 00:47:08 C:\WINDOWS\system32\audiodev.dll

----a-w 542,720 2006-10-19 00:47:10 C:\WINDOWS\system32\blackbox.dll

----a-w 229,376 2006-10-19 00:47:10 C:\WINDOWS\system32\cewmdm.dll

------w 249,856 2006-10-18 23:00:46 C:\WINDOWS\system32\drmupgds.exe

----a-w 991,744 2006-10-19 00:47:10 C:\WINDOWS\system32\drmv2clt.dll

----a-w 11,264 2006-10-19 00:47:14 C:\WINDOWS\system32\LAPRXY.dll

----a-w 100,864 2006-10-18 23:03:58 C:\WINDOWS\system32\logagent.exe

------w 212,992 2006-10-19 00:47:14 C:\WINDOWS\system32\MFPLAT.dll

------w 259,072 2006-10-19 00:47:14 C:\WINDOWS\system32\MP43DECD.dll

----a-w 4,096 2006-10-19 00:47:14 C:\WINDOWS\system32\MP43DMOD.dll

------w 317,440 2006-10-19 00:47:14 C:\WINDOWS\system32\MP4SDECD.dll

----a-w 4,096 2006-10-19 00:47:14 C:\WINDOWS\system32\MP4SDMOD.dll

------w 259,072 2006-10-19 00:47:14 C:\WINDOWS\system32\MPG4DECD.dll

----a-w 4,096 2006-10-19 00:47:14 C:\WINDOWS\system32\MPG4DMOD.dll

------w 312,128 2006-10-02 18:28:42 C:\WINDOWS\system32\msdelta.dll

----a-w 179,712 2006-10-19 00:47:16 C:\WINDOWS\system32\msnetobj.dll

----a-w 27,136 2006-10-19 00:47:16 C:\WINDOWS\system32\mspmsnsv.dll

----a-w 175,616 2006-10-19 00:47:16 C:\WINDOWS\system32\mspmsp.dll

----a-w 414,720 2006-12-04 19:21:50 C:\WINDOWS\system32\msscp.dll

----a-w 321,536 2006-10-19 00:47:16 C:\WINDOWS\system32\mswmdm.dll

------w 284,160 2006-10-19 00:47:18 C:\WINDOWS\system32\PortableDeviceApi.dll

------w 101,888 2006-10-19 00:47:18 C:\WINDOWS\system32\PortableDeviceClassExtension.dll

------w 166,912 2006-10-19 00:47:18 C:\WINDOWS\system32\PortableDeviceTypes.dll

------w 132,096 2006-10-19 00:47:18 C:\WINDOWS\system32\PortableDeviceWiaCompat.dll

------w 199,168 2006-10-19 00:47:18 C:\WINDOWS\system32\PortableDeviceWMDRM.dll

----a-w 211,456 2006-10-19 00:47:18 C:\WINDOWS\system32\qasf.dll

------w 14,640 2006-09-25 20:58:48 C:\WINDOWS\system32\spmsg.dll

----a-w 8,704 2006-10-19 00:58:00 C:\WINDOWS\system32\uwdf.exe

----a-w 4,096 2006-10-19 00:47:18 C:\WINDOWS\system32\wdfapi.dll

----a-w 8,704 2006-10-19 00:58:00 C:\WINDOWS\system32\wdfmgr.exe

----a-w 757,248 2006-10-19 00:47:18 C:\WINDOWS\system32\WMADMOD.dll

----a-w 1,117,696 2006-10-19 00:47:18 C:\WINDOWS\system32\WMADMOE.dll

----a-w 222,208 2006-10-19 00:47:18 C:\WINDOWS\system32\WMASF.dll

----a-w 33,792 2006-10-19 00:47:18 C:\WINDOWS\system32\wmdmlog.dll

----a-w 37,376 2006-10-19 00:47:18 C:\WINDOWS\system32\wmdmps.dll

----a-w 429,056 2006-10-19 00:47:18 C:\WINDOWS\system32\wmdrmdev.dll

----a-w 348,672 2006-10-19 00:47:20 C:\WINDOWS\system32\wmdrmnet.dll

------w 535,040 2006-10-19 00:47:20 C:\WINDOWS\system32\wmdrmsdk.dll

----a-w 157,184 2006-10-19 00:47:20 C:\WINDOWS\system32\wmidx.dll

----a-w 937,984 2006-10-19 00:47:20 C:\WINDOWS\system32\WMNetMgr.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\wmsdmod.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\wmsdmoe2.dll

----a-w 603,648 2006-10-19 00:47:22 C:\WINDOWS\system32\WMSPDMOD.dll

----a-w 1,329,152 2006-10-19 00:47:22 C:\WINDOWS\system32\WMSPDMOE.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVADVD.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVADVE.DLL

----a-w 2,450,944 2006-10-19 00:47:22 C:\WINDOWS\system32\wmvcore.dll

------w 1,543,680 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVDECOD.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\wmvdmod.dll

----a-w 4,096 2006-10-19 00:47:22 C:\WINDOWS\system32\wmvdmoe2.dll

------w 1,574,912 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVENCOD.dll

------w 1,382,912 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVSDECD.dll

------w 767,488 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVSENCD.dll

------w 656,896 2006-10-19 00:47:22 C:\WINDOWS\system32\WMVXENCD.dll

----a-w 35,840 2006-10-19 00:47:22 C:\WINDOWS\system32\wpdconns.dll

----a-w 154,624 2006-10-19 00:47:22 C:\WINDOWS\system32\wpdmtp.dll

----a-w 63,488 2006-10-19 00:47:22 C:\WINDOWS\system32\wpdmtpus.dll

------w 2,603,008 2006-10-19 00:47:22 C:\WINDOWS\system32\WpdShext.dll

------w 17,408 2006-10-18 23:00:14 C:\WINDOWS\system32\wpdshextautoplay.exe

------w 41,984 2006-11-02 14:52:56 C:\WINDOWS\system32\wpdshextres.dll

------w 133,632 2006-10-19 00:47:22 C:\WINDOWS\system32\WPDShServiceObj.dll

----a-w 356,352 2006-10-19 00:47:22 C:\WINDOWS\system32\wpdsp.dll

----a-w 629,760 2006-10-19 00:47:22 C:\WINDOWS\system32\wpd_ci.dll

------w 95,344 2006-09-28 23:13:26 C:\WINDOWS\system32\WUDFCoinstaller.dll

------w 146,432 2006-09-28 21:56:38 C:\WINDOWS\system32\WudfHost.exe

------w 165,376 2006-09-28 21:56:16 C:\WINDOWS\system32\WudfPlatform.dll

------w 55,808 2006-09-28 21:56:14 C:\WINDOWS\system32\WudfSvc.dll

------w 316,416 2006-09-28 21:56:38 C:\WINDOWS\system32\WUDFx.dll

----a-w 821,600 2007-09-04 12:22:55 C:\WINDOWS\system32\drivers\avg7core.sys

----a-w 38,528 2006-10-18 23:00:00 C:\WINDOWS\system32\drivers\wpdusb.sys

------w 77,568 2006-09-28 21:55:50 C:\WINDOWS\system32\drivers\WudfPf.sys

------w 82,944 2006-09-28 22:00:34 C:\WINDOWS\system32\drivers\WudfRd.sys

------w 671,232 2006-10-19 00:47:22 C:\WINDOWS\system32\drivers\UMDF\wpdmtpdr.dll

----a-w 11,776 2005-09-19 19:42:56 C:\WINDOWS\system32\spool\drivers\w32x86\3\LMIKJRES.DLL

----a-w 8,704 2005-09-19 19:43:32 C:\WINDOWS\system32\spool\drivers\w32x86\3\TTY.DLL

----a-w 39,936 2005-09-19 19:43:38 C:\WINDOWS\system32\spool\drivers\w32x86\3\TTYRES.DLL

----a-w 16,384 2005-09-19 19:43:32 C:\WINDOWS\system32\spool\drivers\w32x86\3\TTYUI.DLL

.

----a-w 485,888 2005-01-28 19:12:16 C:\WINDOWS\system32\audiodev.dll

----a-w 294,912 2005-09-19 20:12:29 C:\WINDOWS\system32\blackbox.dll

----a-w 164,864 2005-09-19 20:12:29 C:\WINDOWS\system32\cewmdm.dll

----a-w 502,272 2005-09-19 20:12:30 C:\WINDOWS\system32\drmv2clt.dll

----a-w 6,656 2005-09-19 20:12:30 C:\WINDOWS\system32\laprxy.dll

----a-w 96,768 2005-09-19 20:12:30 C:\WINDOWS\system32\logagent.exe

----a-w 310,272 2004-08-04 03:45:24 C:\WINDOWS\system32\mp43dmod.dll

----a-w 384,512 2004-08-04 03:45:24 C:\WINDOWS\system32\mp4sdmod.dll

----a-w 240,640 2004-08-04 03:45:24 C:\WINDOWS\system32\mpg4dmod.dll

----a-w 142,336 2005-09-19 20:12:31 C:\WINDOWS\system32\msnetobj.dll

----a-w 25,088 2005-09-19 20:12:31 C:\WINDOWS\system32\mspmsnsv.dll

----a-w 173,568 2005-09-19 20:12:31 C:\WINDOWS\system32\mspmsp.dll

----a-w 364,784 2005-09-19 20:12:32 C:\WINDOWS\system32\msscp.dll

----a-w 316,416 2005-09-19 20:12:32 C:\WINDOWS\system32\mswmdm.dll

----a-w 221,184 2005-09-19 20:12:32 C:\WINDOWS\system32\qasf.dll

------w 15,072 2007-03-06 01:00:55 C:\WINDOWS\system32\spmsg.dll

----a-w 47,104 2005-01-28 04:36:04 C:\WINDOWS\system32\uWDF.exe

----a-w 15,872 2005-01-28 04:35:58 C:\WINDOWS\system32\WdfApi.dll

----a-w 38,912 2005-01-28 04:36:00 C:\WINDOWS\system32\WdfMgr.exe

----a-w 396,528 2005-09-19 20:12:33 C:\WINDOWS\system32\wmadmod.dll

----a-w 716,288 2005-09-19 20:12:34 C:\WINDOWS\system32\wmadmoe.dll

----a-w 224,768 2005-09-19 20:12:34 C:\WINDOWS\system32\wmasf.dll

----a-w 28,160 2005-09-19 20:12:34 C:\WINDOWS\system32\wmdmlog.dll

----a-w 33,792 2005-09-19 20:12:34 C:\WINDOWS\system32\wmdmps.dll

----a-w 335,872 2005-01-28 11:53:50 C:\WINDOWS\system32\wmdrmdev.dll

----a-w 290,816 2005-01-28 11:53:54 C:\WINDOWS\system32\wmdrmnet.dll

----a-w 150,016 2005-09-19 20:12:34 C:\WINDOWS\system32\wmidx.dll

----a-w 1,027,072 2005-09-19 20:12:35 C:\WINDOWS\system32\wmnetmgr.dll

----a-w 774,904 2005-09-19 20:12:47 C:\WINDOWS\system32\wmsdmod.dll

----a-w 1,119,744 2005-09-19 20:12:48 C:\WINDOWS\system32\wmsdmoe2.dll

----a-w 413,944 2005-09-19 20:12:48 C:\WINDOWS\system32\wmspdmod.dll

----a-w 940,544 2005-09-19 20:12:48 C:\WINDOWS\system32\wmspdmoe.dll

----a-w 1,218,808 2005-01-28 16:32:56 C:\WINDOWS\system32\WMVADVD.DLL

----a-w 1,512,448 2005-01-28 11:53:20 C:\WINDOWS\system32\WMVADVE.DLL

----a-w 2,374,472 2006-12-07 05:29:34 C:\WINDOWS\system32\wmvcore.dll

----a-w 895,736 2005-09-19 20:12:51 C:\WINDOWS\system32\wmvdmod.dll

----a-w 1,003,008 2005-09-19 20:12:52 C:\WINDOWS\system32\wmvdmoe2.dll

----a-w 61,952 2005-01-28 04:36:20 C:\WINDOWS\system32\wpdconns.dll

----a-w 114,176 2005-01-28 04:36:24 C:\WINDOWS\system32\wpdmtp.dll

----a-w 66,560 2005-01-28 04:36:22 C:\WINDOWS\system32\wpdmtpus.dll

----a-w 331,264 2005-01-28 04:36:28 C:\WINDOWS\system32\WPDSp.dll

----a-w 38,912 2005-01-28 04:36:28 C:\WINDOWS\system32\wpd_ci.dll

----a-w 821,536 2007-08-20 21:02:23 C:\WINDOWS\system32\drivers\avg7core.sys

----a-w 18,944 2005-01-28 04:36:24 C:\WINDOWS\system32\drivers\wpdusb.sys

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

 

*Nota* entradas vazias & legítimas por defeito não são mostradas.

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe" [2005-08-26 18:14]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]

"RemoteControl"="C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 20:24]

"HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41]

"D-Link AirPlus G"="C:\Arquivos de programas\D-Link\AirPlus G\AirGCFG.exe" [2005-03-29 11:41]

"ANIWZCS2Service"="C:\Arquivos de programas\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2004-12-16 17:49]

"AVG7_CC"="C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe" [2007-08-20 18:02]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45]

"msnmsgr"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" [2005-08-13 22:34]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"nlsf"=cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"

"tscuninstall"=%systemroot%\system32\tscupgrd.exe

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"MsnMsgr"="C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

 

C:\DOCUME~1\ALLUSE~1\MENUIN~1\PROGRA~1\INICIA~1\

Adobe Gamma Loader.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2007-07-30 13:18:34]

Adobe Reader Speed Launch.lnk - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]

HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"ForceClassicControlPanel"=1 (0x1)

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoSharedDocuments"=1 (0x1)

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoSharedDocuments"=1 (0x1)

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 nwprovau

 

R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys

 

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F9E9A340-D1F1-11D0-821E-POISONIVY2007}]

C:\WINDOWS\system32\dllcache\poisonivy.exe s

.

**************************************************************************

 

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-09-08 11:19:52

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2007-09-08 11:20:51

C:\ComboFix-quarantined-files.txt ... 2007-09-08 11:20

C:\ComboFix2.txt ... 2007-08-31 18:11

.

--- E O F ---

 

 

 

Maquina 2

 

 

Logfile of HijackThis v1.99.1

Scan saved at 11:40:55, on 8/9/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE

C:\WINDOWS\Mixer.exe

C:\WINDOWS\wdfmgr.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\svchost.exe

C:\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww.google.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.compartilhando.org/

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe

O4 - HKLM\..\Run: [EPSON Stylus CX4100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE /P26 "EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [wdfmgr.exe] C:\WINDOWS\wdfmgr.exe

O4 - HKLM\..\Run: [AVP] "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/

O17 - HKLM\System\CCS\Services\Tcpip\..\{97F29EDD-7E83-45DC-AE39-EB392CE53F5B}: NameServer = 192.168.0.1

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito