[Arquivado] Pc infectado

[Edvan 30]

Continuidade do pc de Sena...

 

OBS: Cara rodei para passar o COMBOFIX nesse pc, fiz umas 8 tentativas nunca dava certo... com maior luta consegui, agora não sei se o relatorio veio corrompido... porque teve uma parte que ele não conseguiu acessar um arquivo não.. daí travou tive que reniciar.. mais quando ligou o pc ele apresentou o relatorio..

 

 

 

ComboFix 07-10-04.6 - Antonio 2007-10-05 21:31:06.3 - NTFSx86

Microsoft Windows 2000 Professional 5.0.2195.3.1252.1.1046.18.63 [GMT -3:00]

Executando de: C:\Documents and Settings\Antonio\Desktop\ComboFix.exe

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Arquivos de programas\Arquivos comuns\{18FEA~1

C:\Arquivos de programas\Arquivos comuns\{38FEA~1

C:\Arquivos de programas\Arquivos comuns\{38FEA~1\Bar888.dll.lzma

C:\Arquivos de programas\Arquivos comuns\{38FEA~1\UnInstall.exe

C:\Arquivos de programas\Arquivos comuns\winctl.dll

C:\Arquivos de programas\Arquivos comuns\Yazzle1658OinUninstaller.exe

C:\Arquivos de programas\curity~1

C:\Arquivos de programas\curity~1\??curity\

C:\paging.sys

C:\WINNT\system32\{21D9DF55-B5F1-4D94-BB13-EF2E539060C2}.exe

C:\WINNT\system32\{ABEB4594-AAE1-46BA-90E4-1AFFC853C368}.exe

C:\WINNT\system32\8_exception.nls

C:\WINNT\system32\unsvchosts.exe

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

-------\LEGACY_CLIENT_IP-IPX

-------\LEGACY_RUNTIME

-------\Client IP-IPX

-------\nm

-------\runtime

 

 

((((((((((((((((((((((( Ficheiros criados de 2007-09-06 to 2007-10-06 ))))))))))))))))))))))))))))))))

.

 

2007-10-05 21:10 <DIR> d-------- C:\senapc1

2007-10-04 15:32 51,200 --a------ C:\WINNT\NirCmd.exe

2007-09-24 12:10 274,489 --a------ C:\WINNT\system32\ntwdblib.dll

2007-09-24 12:10 <DIR> d-------- C:\Arquivos de programas\FireBird

2007-09-22 12:41 85,776 --a--c--- C:\WINNT\system32\dllcache\e100bnt5.sys

2007-09-22 12:41 85,776 --a------ C:\WINNT\system32\drivers\e100bnt5.sys

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

07-10-05 22:31 --------- d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab

07-10-05 22:10 182304 --ahs---- C:\WINNT\system32\drivers\fidbox2.dat

07-10-05 21:34 6246944 --ahs---- C:\WINNT\system32\drivers\fidbox.dat

07-10-05 21:11 87512 --ahs---- C:\WINNT\system32\drivers\fidbox.idx

07-10-05 21:11 20084 --ahs---- C:\WINNT\system32\drivers\fidbox2.idx

07-10-02 09:10 --------- d-------- C:\Documents and Settings\Antonio\Dados de aplicativos\AdobeUM

07-09-28 12:04 --------- d-------- C:\Arquivos de programas\MSN Messenger

07-09-27 21:55 --------- d-------- C:\Documents and Settings\Antonio\Dados de aplicativos\Help

07-09-27 11:58 326144 --a------ C:\WINNT\RemProtLib.dll

07-09-26 14:42 --------- d-------- C:\Arquivos de programas\CNPJ2007

07-09-24 10:22 --------- d-------- C:\Documents and Settings\Antonio\Dados de aplicativos\Image Zone Express

07-09-03 14:49 82061 --a------ C:\WINNT\system32\drivers\klick.dat

07-09-03 14:49 81549 --a------ C:\WINNT\system32\drivers\klin.dat

07-08-26 18:56 --------- d-------- C:\Arquivos de programas\Webteh

07-08-26 17:26 --------- d-------- C:\Documents and Settings\Antonio\Dados de aplicativos\Lavasoft

07-08-26 17:26 --------- d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

07-08-26 17:24 --------- d-------- C:\Arquivos de programas\Lavasoft

07-08-26 17:24 --------- d-------- C:\Arquivos de programas\CCleaner

07-08-26 16:17 --------- d-------- C:\Arquivos de programas\Kaspersky Lab

07-08-26 16:03 --------- d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Network Associates

07-08-26 16:03 --------- d-------- C:\Arquivos de programas\Network Associates

07-08-26 16:03 --------- d-------- C:\Arquivos de programas\Arquivos comuns\Network Associates

07-08-14 15:11 --------- d-------- C:\Arquivos de programas\CertCli

07-08-14 15:05 --------- d--h----- C:\Arquivos de programas\InstallShield Installation Information

07-08-14 15:05 --------- d-------- C:\Arquivos de programas\EPSON

07-08-14 08:26 --------- d-------- C:\Arquivos de programas\Programas RFB

02-11-27 19:29 271 ---h----- C:\Arquivos de programas\desktop.ini

02-11-27 19:29 22040 ---h----- C:\Arquivos de programas\folder.htt

00-08-10 21:00 32528 --a------ C:\WINNT\inf\wbfirdma.sys

--------- C:\Arquivos de programas\Fortes Informática

.

 

((((((((((((((((((((((((((((((((((((((((((((( AWF )))))))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

----a-w 147,514 2003-10-07 11:48:56 C:\Arquivos de programas\Arquivos comuns\Network Associates\TalkBack\bak\TBMon.exe

 

----a-w 20,480 1999-11-18 08:01:00 C:\Arquivos de programas\Creative\Audio2K\Program\bak\CTMIX32.EXE

 

----a-w 39,936 2000-03-23 04:00:00 C:\Arquivos de programas\Creative\News\bak\NewsUpd.EXE

 

----a-w 189,952 1999-08-30 03:55:00 C:\Arquivos de programas\Creative\ShareDLL\bak\CtNotify.exe

 

----a-w 57,344 2002-04-15 08:12:56 C:\Arquivos de programas\Elaborate Bytes\CloneCD\bak\CloneCDTray.exe

 

----a-w 45,056 2001-12-06 12:09:08 C:\Arquivos de programas\Elaborate Bytes\CloneCD\bak\ElbyCheck.exe

 

----a-w 258,116 2002-08-05 00:37:14 C:\Arquivos de programas\EPSON\Ink Monitor\bak\InkMonitor.exe

------w 258,116 2002-08-05 00:37:14 C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe

 

----a-w 36,975 2004-12-07 00:31:50 C:\Arquivos de programas\Java\jre1.5.0_01\bin\bak\jusched.exe

 

----a-w 86,016 2004-07-23 00:53:42 C:\Arquivos de programas\MSN Apps\Updater1.02.0002.1001\pt-pt\bak\msnappau.exe

 

----a-w 139,320 2004-08-06 05:50:00 C:\Arquivos de programas\Network Associates\Common Framework\bak\UpdaterUI.exe

 

----a-w 93,184 2007-02-28 13:18:20 C:\WINNT\system32\bak\mjygv.exe

 

----a-w 155,648 2002-09-11 20:01:08 C:\WINNT\system32\bak\NeroCheck.exe

 

----a-w 74,752 2002-07-01 03:05:00 C:\WINNT\system32\spool\drivers\w32x86\3\bak\E_S10IC2.EXE

----a-w 74,752 2002-07-01 03:05:00 C:\WINNT\system32\spool\drivers\w32x86\3\E_S10IC2.EXE

 

----a-w 188,416 2002-06-17 13:51:50 C:\WINNT\system32\spool\drivers\w32x86\3\bak\hpztsb05.exe

 

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias & legítimas por defeito não são mostradas.

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Synchronization Manager"="mobsync.exe" [00-08-10 21:00 C:\WINNT\system32\mobsync.exe]

"EssSpkPhone"="essspk.exe" [01-10-19 07:49 C:\WINNT\essspk.exe]

"Ink Monitor"="C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe" [02-08-04 21:37 ]

"M1000Mnt"="M1000Rmv.exe" []

"EPSON Stylus CX3200"="C:\WINNT\System32\spool\DRIVERS\W32X86\3\E_S10IC2.exe" [02-07-01 00:05 ]

"Windows Update Firewall System"="spack2.exe" []

"InterBaseGuardian"="C:\Arquivos de programas\CAIXA\SEFIP\IB6\bin\ibguard.exe" [02-01-30 20:20 ]

"HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [06-02-19 02:41 ]

"AVP"="C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [07-03-09 20:50 ]

"Firebird 1.5"="C:\Arquivos de programas\FireBird\FireBird_1_5\bin\fbguard.exe" [07-09-24 12:10 ]

"RemProtDeamon"="C:\Arquivos de programas\Fortes Informática\RemProtDeamon.exe" []

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"internat.exe"="internat.exe" [00-08-10 21:00 C:\WINNT\system32\internat.exe]

"MsnMsgr"="C:\Arquivos de programas\MSN Messenger\MsnMsgr.exe" [07-09-04 23:40 ]

"iBest.baloon"="C:\Arquivos de programas\Yahoo! Acesso Grátis\baloon.exe" []

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]

"Windows Update Firewall System"=spack2.exe

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"^SetupICWDesktop"=C:\Arquivos de programas\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"internat.exe"=internat.exe

 

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\

HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

Microsoft Office.lnk - D:\programas\Microsoft Office\Office\OSA9.EXE [2000-01-20 22:15:56]

WinZip Quick Pick.lnk - C:\Arquivos de programas\WinZip\WZQKPICK.EXE [2002-12-06 15:44:34]

Wireless Configuration Utility HW.51.lnk - C:\Arquivos de programas\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe [2004-12-15 09:41:28]

 

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\

HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

Microsoft Office.lnk - D:\programas\Microsoft Office\Office\OSA9.EXE [2000-01-20 22:15:56]

WinZip Quick Pick.lnk - C:\Arquivos de programas\WinZip\WZQKPICK.EXE [2002-12-06 15:44:34]

Wireless Configuration Utility HW.51.lnk - C:\Arquivos de programas\802.11 Wireless LAN\802.11g Wireless Cardbus & PCI Adapter HW.51 V1.00\WlanCU.exe [2004-12-15 09:41:28]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nwprovau]

nwprovau.dll 02-07-19 07:34 140560 C:\WINNT\system32\NWPROVAU.DLL

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"appinit_dlls"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 nwprovau

 

R2 AcrylicController;Acrylic DNS Proxy Service;C:\Arquivos de programas\Acrylic DNS Proxy\AcrylicService.exe

R3 IP100;ENCORE 10/100Mbps Fast Ethernet PCI Adapter NT Driver;C:\WINNT\System32\DRIVERS\ipfnd5.sys

R3 M1000Srv;Trek 320R Driver;C:\WINNT\System32\Drivers\M1000KNT.sys

R3 usbprint;Microsoft USB PRINTER Class;C:\WINNT\System32\DRIVERS\usbprint.sys

R3 W8335PCI;IEEE 802.11g Wireless Cardbus/PCI Adapter HW51;C:\WINNT\System32\DRIVERS\Mrv8000c.sys

S3 InterbaseServer;InterbaseServer;C:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBServer.exe -s -g

S3 mga64;mga64;C:\WINNT\System32\DRIVERS\mga64m.sys

S3 N100;Compaq Ethernet ou Fast Ethernet NIC NT Driver;C:\WINNT\System32\DRIVERS\n100nt5.sys

 

.

Conteúdo da pasta 'Tarefas Agendadas'

"2007-08-31 03:00:00 C:\WINNT\Tasks\At1.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 12:13:04 C:\WINNT\Tasks\At10.job"

"2007-10-05 13:00:00 C:\WINNT\Tasks\At11.job"

"2007-10-05 14:00:00 C:\WINNT\Tasks\At12.job"

"2007-10-05 15:00:00 C:\WINNT\Tasks\At13.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 16:00:46 C:\WINNT\Tasks\At14.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 17:00:00 C:\WINNT\Tasks\At15.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 18:00:00 C:\WINNT\Tasks\At16.job"

"2007-10-05 19:00:00 C:\WINNT\Tasks\At17.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 20:00:00 C:\WINNT\Tasks\At18.job"

"2007-10-04 21:00:00 C:\WINNT\Tasks\At19.job"

"2007-08-31 04:00:00 C:\WINNT\Tasks\At2.job"

- C:\WINNT\System32\winmds.exe

"2007-10-04 22:00:00 C:\WINNT\Tasks\At20.job"

- C:\WINNT\System32\winmds.exe

"2007-09-20 23:00:00 C:\WINNT\Tasks\At21.job"

- C:\WINNT\System32\winmds.exe

"2007-10-06 00:00:25 C:\WINNT\Tasks\At22.job"

- C:\WINNT\System32\winmds.exe

"2007-10-06 01:01:12 C:\WINNT\Tasks\At23.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 02:00:00 C:\WINNT\Tasks\At24.job"

- C:\WINNT\System32\winmds.exe

"2007-08-31 03:00:00 C:\WINNT\Tasks\At25.job"

- C:\WINNT\System32\winmds.exe

"2007-08-31 04:00:00 C:\WINNT\Tasks\At26.job"

- C:\WINNT\System32\winmds.exe

"2007-08-31 05:00:00 C:\WINNT\Tasks\At27.job"

- C:\WINNT\System32\winmds.exe

"2007-08-31 06:00:00 C:\WINNT\Tasks\At28.job"

"2007-08-31 07:00:00 C:\WINNT\Tasks\At29.job"

- C:\WINNT\System32\winmds.exe

"2007-08-31 05:00:00 C:\WINNT\Tasks\At3.job"

- C:\WINNT\System32\winmds.exe

"2007-08-31 08:00:00 C:\WINNT\Tasks\At30.job"

- C:\WINNT\System32\winmds.exe

"2007-08-31 09:00:00 C:\WINNT\Tasks\At31.job"

- C:\WINNT\System32\winmds.exe

"2007-09-24 10:00:00 C:\WINNT\Tasks\At32.job"

- C:\WINNT\System32\winmds.exe

"2007-10-01 11:00:00 C:\WINNT\Tasks\At33.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 12:25:18 C:\WINNT\Tasks\At34.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 13:00:00 C:\WINNT\Tasks\At35.job"

"2007-10-05 14:00:00 C:\WINNT\Tasks\At36.job"

"2007-10-05 15:00:00 C:\WINNT\Tasks\At37.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 16:00:53 C:\WINNT\Tasks\At38.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 17:00:00 C:\WINNT\Tasks\At39.job"

"2007-08-31 06:00:00 C:\WINNT\Tasks\At4.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 18:00:00 C:\WINNT\Tasks\At40.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 19:00:00 C:\WINNT\Tasks\At41.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 20:00:00 C:\WINNT\Tasks\At42.job"

"2007-10-04 21:00:00 C:\WINNT\Tasks\At43.job"

- C:\WINNT\System32\winmds.exe

"2007-10-04 22:00:00 C:\WINNT\Tasks\At44.job"

"2007-09-20 23:00:00 C:\WINNT\Tasks\At45.job"

- C:\WINNT\System32\winmds.exe

"2007-10-06 00:00:27 C:\WINNT\Tasks\At46.job"

- C:\WINNT\System32\winmds.exe

"2007-10-06 01:01:45 C:\WINNT\Tasks\At47.job"

- C:\WINNT\System32\winmds.exe

"2007-10-05 02:00:00 C:\WINNT\Tasks\At48.job"

- C:\WINNT\System32\winmds.exe

"2007-08-31 07:00:00 C:\WINNT\Tasks\At5.job"

- C:\WINNT\System32\winmds.exe

"2007-08-31 08:00:00 C:\WINNT\Tasks\At6.job"

- C:\WINNT\System32\winmds.exe

"2007-08-31 09:00:00 C:\WINNT\Tasks\At7.job"

- C:\WINNT\System32\winmds.exe

"2007-09-24 10:00:03 C:\WINNT\Tasks\At8.job"

- C:\WINNT\System32\winmds.exe

"2007-10-01 11:00:00 C:\WINNT\Tasks\At9.job"

- C:\WINNT\System32\winmds.exe

.

**************************************************************************

 

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-10-05 22:31:25

Windows 5.0.2195 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros ocultos ...

 

Varredura completada com sucesso

Ficheiros ocultos: 0

 

**************************************************************************

.

Tempo para conclusão: 2007-10-05 22:34:04 - machine was rebooted

C:\ComboFix-quarantined-files.txt ... 07-10-05 22:33

.

--- E O F ---

[Edvan 30]

Depois por vafor der uma olhada nesse log..

 

 

PC de Dimas...

 

 

Logfile of HijackThis v1.99.1

Scan saved at 10:24:29, on 4/10/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe

C:\WINDOWS\explorer.exe

C:\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.compartilhando.org/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:8080

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_05\bin\jusched.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [AVP] "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\RunOnce: [AAW] "C:\Arquivos de programas\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" "+b1"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?d52657cd456d489b89436114edeb0a02

O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?d52657cd456d489b89436114edeb0a02

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/

O17 - HKLM\System\CCS\Services\Tcpip\..\{595F56D1-271A-42D7-BEEB-DD0A6071A90A}: NameServer = 192.168.1.1

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)

O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe

[Shine 0]

Tópico Arquivado

 

Como o autor não respondeu ao tópico por mais de 20 dias, o mesmo foi arquivado.

 

Caso você seja o autor do tópico e quer que o mesmo seja reaberto, envie uma mensagem privada para um moderador com um link para este tópico e explique o motivo da reabertura.