[Arquivado] meu pc esta travando toda hora o exolorer some e trava tud

melksedec · Julho 3, 2008

Logfile of HijackThis v1.99.1

Scan saved at 17:16, on 2008-07-03

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Netropa\Multimedia Keyboard\nhksrv.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\Arquivos de programas\Eset\nod32kui.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeperUI.exe

C:\Arquivos de programas\UOL\Barra UOL\ubphost.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

D:\melksedec\Pprogamas\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://m.busca.uol.com.br/ie/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.velox.com.br/portal/site/Velox/...tfmt=secondView

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R3 - URLSearchHook: CUOLSearchHook Object - {1FE8243E-0A3A-41B9-B9CE-EFFEE51974D3} - C:\Arquivos de programas\Arquivos comuns\uol\urlsearch\UOLSearchHook.dll

O3 - Toolbar: Barra UOL - {5BBFC00A-312C-4777-A5DF-DDA65C67120C} - C:\Arquivos de programas\UOL\Barra UOL\ubp.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [64e86530] "rundll32.exe" "C:\WINDOWS\system32\nnpsfquj.dll",b

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O8 - Extra context menu item: &Download with &DAP - C:\ARQUIV~1\DAP\dapextie.htm

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.15\AMVConverter\grab.html

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Adicionar RSS - res://C:\Arquivos de programas\UOL\Barra UOL\ubp.dll/3130

O8 - Extra context menu item: Download &all with DAP - C:\ARQUIV~1\DAP\dapextie2.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.15\MediaManager\grab.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://img4.orkut.com/activex/10036/photouploader.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1189737938625

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D9CE2963-8547-4C18-A4CE-DA27278310D8} (Instalador Remoto UOL) - http://download.uol.com.br/discadorUOL/lig...tiveInstall.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} (GbPluginObj Class) - https://imagem.caixa.gov.br/cab/GbPluginCef.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D77743D2-52B2-4843-9B61-8E7B1895768C}: NameServer = 200.165.132.154 200.165.132.148

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Arquivos de programas\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"nod32kui"="\"C:\\Arquivos de programas\\Eset\\nod32kui.exe\" /WAITSERVICE"

"64e86530"="rundll32.exe \"C:\\WINDOWS\\system32\\knocvvek.dll\",b"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]

"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]

"Installed"="1"

"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]

"Installed"="1"

ÞÅ†Ð · Julho 3, 2008

Tenta esse link aqui e faz tudo que tiver nele, uns tempos atras o meu pc tava com um problema parecido, depois que segui o passo a passo desse link nunca mais deu problema: http://forum.imasters.com.br/index.php?showtopic=165906

Você pode encontrar tópicos semelhantes ao seu nesse link: http://forum.imasters.com.br/index.php?showtopic=282542

Silas Martins · Julho 4, 2008

Baixe o ComboFix e salve na área de trabalho.

Feche todos os programas.

Clique duas vezes sobre combofix.exe e tecle (1) logo após aperte Enter para continuar.

O ComboFix irá reiniciar seu computador automaticamente, isto faz parte do processo de remoção.

Ao se encerrar, será gerado um log, que vai estar em C:\ComboFix.txt.

Atenção:

Não clique em nada enquanto o Combofix estiver rodando, Do contrário seu desktop ficará em branco.

Para parar o processo ou sair do ComboFix, tecle "2" e Enter.

Aguardo um novo log do HijackThis juntamente com o ComboFix.txt

melksedec · Julho 4, 2008

ak o log

omboFix 08-07-02.5 - Administrador 2008-07-03 22:00:15.11 - NTFSx86 MINIMAL

Executando de: C:\Documents and Settings\Demétrio\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((((((((((((((( Outras Exclusäes )))))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\services.exe

C:\WINDOWS\system32\cbXPhheb.dll

C:\WINDOWS\system32\dtskli.dll

C:\WINDOWS\system32\fslbavvf.ini

C:\WINDOWS\system32\fvvablsf.dll

C:\WINDOWS\system32\gnlhryoh.dll

C:\WINDOWS\system32\hgGXOiGy.dll

C:\WINDOWS\system32\jjozue.dll

C:\WINDOWS\system32\juqfspnn.ini

C:\WINDOWS\system32\kevvconk.tmp

C:\WINDOWS\system32\knocvvek.dll

C:\WINDOWS\system32\mcrh.tmp

C:\WINDOWS\system32\ncqjimdr.dll

C:\WINDOWS\system32\nwgfpiwf.ini

C:\WINDOWS\system32\uBHOYGgh.ini

C:\WINDOWS\system32\uBHOYGgh.ini2

C:\WINDOWS\system32\urqQGxWp.dll

C:\WINDOWS\system32\vfhsrpff.dll

C:\WINDOWS\system32\vgxptk.dll

C:\WINDOWS\system32\yGiOXGgh.ini

C:\WINDOWS\system32\yGiOXGgh.ini2

C:\winlogon.exe

.

((((((((((((((((((((((( Ficheiros criados de 2008-06-04 to 2008-07-04 ))))))))))))))))))))))))))))))))

.

2008-07-03 21:29 . 2008-07-03 21:29 <DIR> d-------- C:\Arquivos de programas\Trend Micro

2008-07-03 21:28 . 2008-07-03 21:28 812,344 --a------ C:\HJTInstall.exe

2008-07-03 07:48 . 2008-07-03 07:48 1,721,300 ---hs---- C:\WINDOWS\system32\juqfspnn.tmp

2008-07-02 14:22 . 2008-07-02 14:22 1,714,969 ---hs---- C:\WINDOWS\system32\nwgfpiwf.tmp

2008-07-02 13:56 . 2008-06-27 08:29 117,760 --a------ C:\WINDOWS\system32\vav.cpl

2008-07-02 01:24 . 2008-07-02 01:24 <DIR> d-------- C:\!KillBox

2008-07-02 00:25 . 2008-07-02 00:27 5,745,425 --a------ C:\brasileirinho pepeu gomess.mp3

2008-07-01 22:15 . 2008-07-01 22:15 359 --a------ C:\340.bat

2008-06-30 17:08 . 2008-06-30 17:11 506 --ah----- C:\The.Chronicles.Of.Narnia.Prince.Caspian.2008.TS.XViD-mVs.CD1.[shareBrasil].avi.ini

2008-06-30 17:07 . 2008-07-01 23:06 <DIR> d-------- C:\Arquivos de programas\SubEdit-Player

2008-06-30 17:01 . 2008-06-30 17:01 <DIR> d-------- C:\Arquivos de programas\BitManSoft

2008-06-30 16:49 . 2008-06-30 17:28 <DIR> d-------- C:\Arquivos de programas\Gabest

2008-06-30 16:32 . 2008-06-30 16:32 269,130 --a------ C:\sub2divx.zip

2008-06-30 01:46 . 2006-01-19 15:32 755,999 --a------ C:\solfejando1.1.exe

2008-06-28 15:25 . 2008-06-28 15:25 15,596 --a------ C:\WINDOWS\_7D12479.TTF

2008-06-28 15:25 . 2008-06-28 20:27 13,030 --a------ C:\PDOXUSRS.NET

2008-06-28 15:24 . 2008-06-28 20:27 <DIR> d-------- C:\CurDigi

2008-06-28 13:11 . 2008-06-28 13:11 <DIR> d--h----- C:\WINDOWS\PIF

2008-06-28 00:05 . 2008-07-01 12:53 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Sandlot Games

2008-06-26 15:01 . 2007-05-10 21:12 <DIR> d-------- C:\PCSX2

2008-06-23 23:02 . 2008-06-23 23:25 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Fashion Solitaire 1.2

2008-06-23 15:27 . 2008-07-01 13:02 <DIR> d-------- C:\Arquivos de programas\Atrativa Games

2008-06-22 23:05 . 2008-06-22 23:05 0 --ah----- C:\WINDOWS\SwSys2.bmp

2008-06-22 23:05 . 2008-06-22 23:05 0 --ah----- C:\WINDOWS\SwSys1.bmp

2008-06-21 00:45 . 2008-06-21 00:45 <DIR> d-------- C:\Arquivos de programas\Learn2.com

2008-06-19 20:07 . 2008-06-19 20:16 1,477,632 --a------ C:\ASSOCIA€Ç21.doc

2008-06-16 10:41 . 2008-04-13 19:20 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll

2008-06-16 10:41 . 2001-09-05 23:50 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll

2008-06-15 22:22 . 2008-04-13 19:21 16,384 --a------ C:\WINDOWS\system32\ipsink.ax

2008-06-15 22:22 . 2008-04-13 19:21 16,384 --a--c--- C:\WINDOWS\system32\dllcache\ipsink.ax

2008-06-15 22:22 . 2008-04-13 11:46 15,232 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys

2008-06-15 22:22 . 2008-04-13 11:46 15,232 --a--c--- C:\WINDOWS\system32\dllcache\streamip.sys

2008-06-15 22:22 . 2008-04-13 11:46 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys

2008-06-15 22:22 . 2008-04-13 11:46 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys

2008-06-15 22:22 . 2008-04-13 11:39 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys

2008-06-15 22:22 . 2008-04-13 11:39 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys

2008-06-15 14:15 . 2008-06-15 14:16 <DIR> d-------- C:\Latest Definitions

2008-06-15 14:09 . 2008-06-15 14:17 <DIR> d-------- C:\Arquivos de programas\Spy Sweeper Updater

2008-06-15 13:01 . 2008-06-15 13:01 <DIR> d-a------ C:\Arquivos de programas\v1.21a Loader

2008-06-15 12:58 . 2008-06-15 12:58 <DIR> d-------- C:\Nova pasta

2008-06-13 04:16 . 2008-06-15 12:03 <DIR> d-------- C:\Arquivos de programas\HT Web Cam 3.0

2008-06-13 02:38 . 2008-06-13 04:10 515 --a------ C:\configuration.ini

2008-06-13 02:37 . 2006-10-20 10:32 <DIR> d-------- C:\languages

2008-06-13 01:26 . 2006-05-29 11:32 708,608 --a------ C:\configura‡ao.doc

2008-06-13 01:26 . 2006-03-03 19:24 406,016 --a------ C:\motocam.exe

2008-06-12 13:21 . 2008-06-12 13:21 <DIR> d-------- C:\Arquivos de programas\Alcohol Soft

2008-06-12 13:21 . 2004-04-30 09:37 160,640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys

2008-06-12 13:21 . 2004-04-30 09:33 5,248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys

2008-06-11 02:18 . 2008-05-08 11:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys

2008-06-11 02:17 . 2008-06-14 14:34 272,384 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys

.

((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-07-04 00:48 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

2008-07-03 22:43 392 ----a-w C:\fx.reg

2008-07-03 22:31 --------- d-----w C:\Arquivos de programas\TuneUp Utilities 2007

2008-07-03 13:30 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin

2008-07-03 12:28 22,654 ----a-w C:\Arquivos de programas\megacubo_log.log

2008-07-02 15:33 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2008-07-02 01:17 --------- d-----w C:\Arquivos de programas\LimeWire

2008-06-29 03:11 --------- d-----w C:\Arquivos de programas\Megacubo

2008-06-26 16:24 --------- d-----w C:\Arquivos de programas\Incomplete

2008-06-24 13:44 --------- d-----w C:\Arquivos de programas\Puxa Rápido

2008-06-15 17:08 17,408 ----a-w C:\psapi.dll

2008-06-15 15:03 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-06-14 17:34 272,384 ------w C:\WINDOWS\system32\drivers\bthport.sys

2008-06-11 18:51 --------- d-----w C:\Arquivos de programas\GbPlugin

2008-06-05 14:26 --------- d-----w C:\Arquivos de programas\Yahoo!

2008-05-31 10:12 --------- d--h--w C:\Arquivos de programas\Scpad

2008-05-23 15:22 --------- d-----w C:\Arquivos de programas\ImTOO

2008-05-23 14:55 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab

2008-05-18 20:19 --------- d-----w C:\Arquivos de programas\SpeedBit Video Accelerator

2008-05-18 20:03 96,384 -c--a-w C:\WINDOWS\system32\drivers\sptddrv1.sys

2008-05-13 16:46 --------- d-----w C:\Arquivos de programas\KONAMI

2008-05-09 13:50 --------- d-----w C:\Arquivos de programas\Create-Ringtone

2008-05-08 14:02 203,136 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys

2008-05-08 11:59 5,580,269 ----a-w C:\Arquivos de programas\Xilisoft.rar

2008-05-06 11:17 --------- d-----w C:\Arquivos de programas\Online_TV

2008-05-06 10:16 --------- d-----w C:\Arquivos de programas\Sony

2008-05-06 10:14 --------- d-----w C:\Arquivos de programas\Vstplugins

2008-05-06 10:13 --------- d-----w C:\Arquivos de programas\Sony Setup

2008-05-06 10:06 --------- d-----w C:\Arquivos de programas\Multi_Media

2008-04-13 22:21 70,144 ----a-w C:\WINDOWS\notepad.exe

2008-04-13 22:21 32,866 ------w C:\WINDOWS\slrundll.exe

2008-04-13 22:21 287,744 ----a-w C:\WINDOWS\winhlp32.exe

2008-04-13 22:21 150,528 ----a-w C:\WINDOWS\regedit.exe

2008-04-13 22:21 10,752 ----a-w C:\WINDOWS\hh.exe

2008-04-13 22:21 1,035,776 ----a-w C:\WINDOWS\explorer.exe

2008-04-13 22:20 50,688 ----a-w C:\WINDOWS\twain_32.dll

2008-04-13 22:20 451,072 ----a-w C:\WINDOWS\AppPatch\aclayers.dll

2008-04-13 22:20 39,424 ----a-w C:\WINDOWS\AppPatch\acadproc.dll

2008-04-13 22:20 34,816 ----a-w C:\WINDOWS\Help\sniffpol.dll

2008-04-13 22:20 33,280 ----a-w C:\WINDOWS\Help\sstub.dll

2008-04-13 22:20 279,040 ----a-w C:\WINDOWS\Help\tshoot.dll

2008-04-13 22:20 245,248 ----a-w C:\WINDOWS\AppPatch\acspecfc.dll

2008-04-13 22:20 141,312 ----a-w C:\WINDOWS\AppPatch\aclua.dll

2008-04-13 22:20 116,224 ----a-w C:\WINDOWS\AppPatch\acxtrnal.dll

2008-04-13 22:20 1,852,928 ----a-w C:\WINDOWS\AppPatch\acgenral.dll

2008-02-07 16:59 30,663 ----a-w C:\Arquivos de programas\scvhost2008.exe

2008-02-07 16:59 30,663 ----a-w C:\Arquivos de programas\gbpsvv.exe

2008-02-07 16:59 30,663 ----a-w C:\Arquivos de programas\Explorer2008.exe

2007-09-13 03:01 56 -csh--r C:\WINDOWS\system32\7E66821265.sys

2007-09-23 04:22 2,516 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys

.

((((((((((((((((((((((((((((( snapshot@2008-05-20_ 2.34.26.90 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-05-20 05:10:44 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-07-04 01:15:53 2,048 --s-a-w C:\WINDOWS\bootstat.dat

+ 2008-06-09 21:08:02 1,000,952 ----a-w C:\WINDOWS\Downloaded Program Files\UploaderX.dll

+ 2008-06-14 17:34:41 272,384 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys

- 2000-08-31 11:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe

+ 2000-08-31 11:00:00 89,504 ----a-w C:\WINDOWS\fdsv.exe

+ 2008-03-01 13:02:08 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll

+ 2008-03-01 13:02:09 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll

+ 2008-03-01 13:02:09 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll

+ 2008-03-01 13:02:09 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll

+ 2008-03-01 13:02:09 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll

+ 2008-02-29 08:59:58 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe

+ 2008-03-01 13:02:09 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll

+ 2008-03-01 13:02:09 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll

+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll

+ 2008-03-01 13:02:09 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll

+ 2008-03-01 13:02:09 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll

+ 2008-03-01 13:02:10 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll

+ 2008-03-01 13:02:10 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll

+ 2008-03-01 13:02:10 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll

+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe

+ 2008-02-29 09:00:27 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe

+ 2008-03-01 13:02:10 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll

+ 2008-03-01 13:02:10 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll

+ 2008-03-01 13:02:10 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll

+ 2008-03-01 21:32:12 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll

+ 2008-03-01 13:02:12 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll

+ 2008-03-01 13:02:12 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll

+ 2008-03-01 13:02:12 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll

+ 2008-03-01 13:02:12 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll

+ 2008-03-01 13:02:12 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll

+ 2007-03-06 01:01:00 215,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe

+ 2007-03-06 01:02:08 384,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll

+ 2008-03-01 13:02:12 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll

+ 2008-03-01 13:02:12 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll

+ 2008-03-01 13:02:12 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll

+ 2008-03-01 13:02:12 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll

- 2007-10-14 16:07:55 5,120 -c--a-r C:\WINDOWS\Installer\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\IconE9F814234.exe

+ 2008-06-12 16:21:37 5,120 ----a-r C:\WINDOWS\Installer\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\IconE9F814234.exe

- 2007-10-14 16:07:54 49,152 -c--a-r C:\WINDOWS\Installer\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\IconE9F814236.exe

+ 2008-06-12 16:21:37 49,152 ----a-r C:\WINDOWS\Installer\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\IconE9F814236.exe

- 2000-08-31 11:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe

+ 2000-08-31 11:00:00 28,672 ----a-w C:\WINDOWS\Nircmd.exe

- 2008-03-01 13:02:08 124,928 ----a-w C:\WINDOWS\system32\advpack.dll

+ 2008-04-23 07:14:09 124,928 ----a-w C:\WINDOWS\system32\advpack.dll

- 2008-03-01 13:02:08 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll

+ 2008-04-23 07:14:09 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll

+ 2008-04-13 14:46:24 17,024 -c--a-w C:\WINDOWS\system32\dllcache\ccdecode.sys

- 2008-03-01 13:02:09 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll

+ 2008-04-23 07:14:09 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll

- 2008-03-01 13:02:09 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll

+ 2008-04-23 07:14:09 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll

- 2008-03-01 13:02:09 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll

+ 2008-04-23 07:14:09 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll

- 2008-03-01 13:02:09 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll

+ 2008-04-23 07:14:09 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll

- 2008-02-29 08:59:58 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe

+ 2008-04-22 07:43:30 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe

- 2008-03-01 13:02:09 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll

+ 2008-04-23 07:14:09 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll

- 2008-03-01 13:02:09 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll

+ 2008-04-23 07:14:09 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll

- 2008-02-15 05:44:25 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll

+ 2008-04-20 05:07:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll

- 2008-03-01 13:02:09 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll

+ 2008-04-23 07:14:09 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll

- 2008-03-01 13:02:09 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll

+ 2008-04-23 07:14:09 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll

- 2008-03-01 13:02:10 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll

+ 2008-04-23 07:14:10 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll

- 2008-03-01 13:02:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll

+ 2008-04-23 07:14:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll

- 2008-03-01 13:02:10 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll

+ 2008-04-23 07:14:10 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll

- 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe

+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe

- 2008-02-29 09:00:27 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe

+ 2008-04-22 07:43:46 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe

- 2008-03-01 13:02:10 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll

+ 2008-04-23 07:14:10 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll

- 2008-03-01 13:02:10 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll

+ 2008-04-23 07:14:10 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll

- 2008-03-01 13:02:10 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll

+ 2008-04-23 07:14:10 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll

- 2008-03-01 21:32:12 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll

+ 2008-04-24 04:14:12 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll

- 2008-03-01 13:02:12 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll

+ 2008-04-23 07:14:11 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll

- 2008-03-01 13:02:12 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll

+ 2008-04-23 07:14:11 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll

- 2008-03-01 13:02:12 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll

+ 2008-04-23 07:14:11 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll

+ 2008-04-13 14:46:26 85,248 -c--a-w C:\WINDOWS\system32\dllcache\nabtsfec.sys

- 2008-03-01 13:02:12 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll

+ 2008-04-23 07:14:11 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll

- 2008-03-01 13:02:12 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll

+ 2008-04-23 07:14:11 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll

+ 2008-05-07 05:11:33 1,292,800 -c----w C:\WINDOWS\system32\dllcache\quartz.dll

+ 2008-04-13 14:46:24 11,136 -c--a-w C:\WINDOWS\system32\dllcache\slip.sys

- 2008-03-01 13:02:12 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll

+ 2008-04-23 07:14:11 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll

- 2008-03-01 13:02:12 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll

+ 2008-04-23 07:14:11 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll

+ 2008-04-13 14:45:14 60,032 -c--a-w C:\WINDOWS\system32\dllcache\usbaudio.sys

+ 2008-04-13 22:20:42 54,784 -c--a-w C:\WINDOWS\system32\dllcache\vfwwdm32.dll

- 2008-03-01 13:02:12 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll

+ 2008-04-23 07:14:11 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll

- 2008-03-01 13:02:12 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll

+ 2008-04-23 07:14:11 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll

+ 2008-04-13 14:46:26 19,200 -c--a-w C:\WINDOWS\system32\dllcache\wstcodec.sys

+ 2005-11-21 05:48:21 16,512 ----a-w C:\WINDOWS\system32\drivers\ASPI32.SYS

+ 2008-04-13 14:46:24 17,024 ----a-w C:\WINDOWS\system32\drivers\CCDECODE.sys

+ 2008-04-13 14:46:26 85,248 ----a-w C:\WINDOWS\system32\drivers\NABTSFEC.sys

+ 2008-04-13 14:46:24 11,136 ----a-w C:\WINDOWS\system32\drivers\SLIP.sys

- 2007-07-20 00:42:36 20,280 ----a-w C:\WINDOWS\system32\drivers\SSFS0BB8.sys

+ 2007-07-20 01:42:36 20,280 ----a-w C:\WINDOWS\system32\drivers\SSFS0BB8.sys

- 2007-07-20 00:42:36 21,816 ----a-w C:\WINDOWS\system32\drivers\sshrmd.sys

+ 2007-07-20 01:42:36 21,816 ----a-w C:\WINDOWS\system32\drivers\sshrmd.sys

- 2007-07-20 00:42:36 163,128 ----a-w C:\WINDOWS\system32\drivers\ssidrv.sys

+ 2007-07-20 01:42:36 163,128 ----a-w C:\WINDOWS\system32\drivers\ssidrv.sys

- 2007-07-20 00:42:36 23,864 ----a-w C:\WINDOWS\system32\drivers\sskbfd.sys

+ 2007-07-20 01:42:36 23,864 ----a-w C:\WINDOWS\system32\drivers\sskbfd.sys

+ 2008-04-13 14:45:14 60,032 ----a-w C:\WINDOWS\system32\drivers\USBAUDIO.sys

+ 2008-04-13 14:46:26 19,200 ----a-w C:\WINDOWS\system32\drivers\WSTCODEC.SYS

- 2008-03-01 13:02:09 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll

+ 2008-04-23 07:14:09 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll

- 2008-03-01 13:02:09 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll

+ 2008-04-23 07:14:09 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll

- 2008-03-01 13:02:09 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll

+ 2008-04-23 07:14:09 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll

- 2008-05-18 20:06:33 1,609,936 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT

+ 2008-07-04 00:48:58 1,609,960 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT

- 2008-03-01 13:02:09 63,488 ----a-w C:\WINDOWS\system32\icardie.dll

+ 2008-04-23 07:14:09 63,488 ----a-w C:\WINDOWS\system32\icardie.dll

- 2008-02-29 08:59:58 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe

+ 2008-04-22 07:43:30 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe

- 2008-03-01 13:02:09 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll

+ 2008-04-23 07:14:09 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll

- 2008-03-01 13:02:09 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll

+ 2008-04-23 07:14:09 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll

- 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll

+ 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll

- 2008-03-01 13:02:09 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll

+ 2008-04-23 07:14:09 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll

- 2008-03-01 13:02:09 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll

+ 2008-04-23 07:14:09 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll

- 2008-03-01 13:02:10 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll

+ 2008-04-23 07:14:10 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll

- 2008-03-01 13:02:10 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll

+ 2008-04-23 07:14:10 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll

- 2008-03-01 13:02:10 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll

+ 2008-04-23 07:14:10 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll

- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe

+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe

+ 1996-10-15 12:53:16 78,848 ----a-w C:\WINDOWS\system32\INLOADER.DLL

- 2008-03-01 13:02:10 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll

+ 2008-04-23 07:14:10 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll

+ 2005-05-24 15:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll

+ 2007-08-29 18:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe

+ 2007-08-29 18:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll

- 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe

+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe

- 2008-03-01 13:02:10 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll

+ 2008-04-23 07:14:10 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll

- 2008-03-01 13:02:10 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll

+ 2008-04-23 07:14:10 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll

- 2008-03-01 21:32:12 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll

+ 2008-04-24 04:14:12 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll

- 2008-03-01 13:02:12 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll

+ 2008-04-23 07:14:11 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll

- 2008-03-01 13:02:12 193,024 ----a-w C:\WINDOWS\system32\msrating.dll

+ 2008-04-23 07:14:11 193,024 ----a-w C:\WINDOWS\system32\msrating.dll

- 2008-03-01 13:02:12 671,232 ----a-w C:\WINDOWS\system32\mstime.dll

+ 2008-04-23 07:14:11 671,232 ----a-w C:\WINDOWS\system32\mstime.dll

- 2008-03-01 13:02:12 102,912 ----a-w C:\WINDOWS\system32\occache.dll

+ 2008-04-23 07:14:11 102,912 ----a-w C:\WINDOWS\system32\occache.dll

- 2008-03-01 13:02:12 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll

+ 2008-04-23 07:14:11 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll

- 2008-04-13 22:20:38 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll

+ 2008-05-07 05:11:33 1,292,800 ----a-w C:\WINDOWS\system32\quartz.dll

- 2007-08-10 11:12:44 18,296 ------w C:\WINDOWS\system32\spmsg.dll

+ 2007-11-30 11:18:16 18,296 ------w C:\WINDOWS\system32\spmsg.dll

- 2005-10-27 19:47:06 8,192 ----a-w C:\WINDOWS\system32\ssiefr.EXE

+ 2007-07-20 01:42:36 16,184 ----a-w C:\WINDOWS\system32\ssiefr.EXE

- 2007-09-04 19:56:10 164,352 ----a-w C:\WINDOWS\system32\unrar.dll

+ 2002-10-15 22:54:04 153,088 ----a-w C:\WINDOWS\system32\unrar.dll

- 2008-03-01 13:02:12 105,984 ----a-w C:\WINDOWS\system32\url.dll

+ 2008-04-23 07:14:11 105,984 ----a-w C:\WINDOWS\system32\url.dll

- 2008-03-01 13:02:12 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll

+ 2008-04-23 07:14:11 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll

+ 2008-04-13 22:20:42 54,784 ----a-w C:\WINDOWS\system32\vfwwdm32.dll

- 2008-03-01 13:02:12 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll

+ 2008-04-23 07:14:11 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll

- 2008-03-01 13:02:12 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

+ 2008-04-23 07:14:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

+ 2005-11-21 05:48:21 45,056 ----a-w C:\WINDOWS\system32\WNASPI32.DLL

- 2005-10-27 19:47:06 17,920 ----a-w C:\WINDOWS\system32\wrlzma.dll

+ 2007-07-20 01:42:36 26,424 ----a-w C:\WINDOWS\system32\wrlzma.dll

- 2007-07-20 00:54:32 1,521,464 ----a-w C:\WINDOWS\WRSetup.dll

+ 2007-07-20 01:54:32 1,521,464 ----a-w C:\WINDOWS\WRSetup.dll

.

-- Snapshot reset to current date --

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

REGEDIT4

*Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:20 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"nod32kui"="C:\Arquivos de programas\Eset\nod32kui.exe" [2008-04-26 06:06 921600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:20 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{A3717295-941D-416F-9384-ED1736729F1C}"= "C:\Arquivos de programas\Scpad\scpLIB.dll" [2008-05-30 23:25 201984]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399003}"= "C:\Arquivos de programas\GbPlugin\gbiehcef.dll" [2008-06-11 14:47 366672]

"{E37CB5F0-51F5-4395-A808-5FA49E399F83}"= "C:\ARQUIV~1\GBPLUGIN\gbieh.dll" [2008-05-12 18:19 378696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

"CompIBBrd"= {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll [2008-05-30 23:25 201984]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2008-05-12 18:19 378696 C:\ARQUIV~1\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]

2008-06-11 14:47 366672 C:\Arquivos de programas\GbPlugin\gbiehcef.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\__GbPluginBb]

2008-05-12 18:19 378696 C:\Arquivos de programas\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.DIVF"= DivX412.dll

"vidc.yv12"= yv12vfw.dll

"msacm.ac3filter"= ac3filter.acm

"vidc.sccd"= C:\PROGRA~1\LUMINO~1\SoftCam1.5\Driver\SCCodec.dll

"MSVideo7"= C:\PROGRA~1\LUMINO~1\SoftCam1.5\Driver\SCVid32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ scecli scecli scecli

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk

backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Microsoft Office.lnk

backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

--a------ 2008-04-13 19:20 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]

--a------ 2006-09-14 17:09 157592 C:\Arquivos de programas\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

--a------ 2007-05-08 16:24 54840 C:\Arquivos de programas\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

--a--c--- 2005-08-11 16:30 81920 C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--a------ 2008-04-13 19:21 1695232 C:\Arquivos de programas\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

--a------ 2003-01-02 04:37 4243456 C:\WINDOWS\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smapp]

--a------ 2002-01-30 17:01 81920 C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

-ra------ 2006-11-24 01:06 487424 C:\Arquivos de programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedBitVideoAccelerator]

--a------ 2008-04-19 16:29 2729584 C:\Arquivos de programas\SpeedBit Video Accelerator\VideoAccelerator.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

-rahs---- 2008-01-28 11:43 2097488 C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]

--a------ 2007-07-19 22:54 3564344 C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2008-02-22 04:25 144784 C:\Arquivos de programas\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVIEW]

--a------ 2003-01-02 04:37 774213 C:\WINDOWS\system32\nview.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

--a------ 2003-01-02 04:38 315392 C:\WINDOWS\system32\nwiz.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"D:\\melksedec\\programas instalados\\DreMule\\emule.exe"=

"D:\\melksedec\\programas instalados\\Infogrames\\Deadly Dozen 2 Pacific Theater\\DDozen2.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"C:\\Arquivos de programas\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"=

"C:\\Arquivos de programas\\SpeedBit Video Accelerator\\VideoAccelerator.exe"=

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Arquivos de programas\\Messenger\\msmsgs.exe"=

"C:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=

"C:\\Arquivos de programas\\Megacubo\\megacubo.exe"=

"C:\\Arquivos de programas\\Megacubo\\megasrv.exe"=

R0 SSFS0BB8;Spy Sweeper File System Filer Driver: 0BB8;C:\WINDOWS\system32\Drivers\SSFS0BB8.SYS [2007-07-19 22:42]

R2 sbbotdi;sbbotdi;C:\ARQUIV~1\SPEEDB~1\sbbotdi.sys [2008-04-19 16:29]

R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2008-04-13 19:21]

R3 PSXGamepadEnabler;Psx Hid to Gamepad Port Enabler;C:\WINDOWS\system32\drivers\psxpad.sys [2002-05-15 13:24]

R3 PsxPortEnumerator;Psx Port Enumerator;C:\WINDOWS\system32\Drivers\psxenum.sys [2002-09-26 05:36]

S2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys []

S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE31bus.sys [2006-11-10 08:45]

S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE31mdfl.sys [2006-11-10 08:45]

S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE31mdm.sys [2006-11-10 08:45]

S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE31mgmt.sys [2006-11-10 08:45]

S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS);C:\WINDOWS\system32\DRIVERS\se31nd5.sys [2006-11-10 08:46]

S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE31obex.sys [2006-11-10 08:46]

S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM);C:\WINDOWS\system32\DRIVERS\se31unic.sys [2006-11-10 08:46]

S3 siusbmod;siusbmod;C:\WINDOWS\system32\DRIVERS\siusbmod.sys []

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{185910ae-74e6-11dc-a566-0003472de302}]

\Shell\AutoRun\command - ntde1ect.com

\Shell\explore\Command - ntde1ect.com

\Shell\open\Command - ntde1ect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de313158-6bd1-11dc-a525-0003472de302}]

\Shell\AutoRun\command - ntde1ect.com

\Shell\explore\Command - ntde1ect.com

\Shell\open\Command - ntde1ect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f863e834-6ba6-11dc-a522-0003472de302}]

\Shell\AutoRun\command - ntde1ect.com

\Shell\explore\Command - ntde1ect.com

\Shell\open\Command - ntde1ect.com

.

Conte£do da pasta 'Tarefas Agendadas'

"2008-06-27 20:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job"

- C:\Arquivos de programas\TuneUp Utilities 2007\SystemOptimizer.exe

"2008-07-04 01:41:00 C:\WINDOWS\Tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job"

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:59, on 2008-07-03

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\System32\alg.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\UOL\Barra UOL\ubphost.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://m.busca.uol.com.br/ie/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.velox.com.br/portal/site/Velox/...tfmt=secondView

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R3 - URLSearchHook: CUOLSearchHook Object - {1FE8243E-0A3A-41B9-B9CE-EFFEE51974D3} - C:\Arquivos de programas\Arquivos comuns\uol\urlsearch\UOLSearchHook.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\Adobe\Acrobat Reader 5\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: ssh2 Class - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIV~1\GBPLUGIN\gbieh.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll

O3 - Toolbar: Barra UOL - {5BBFC00A-312C-4777-A5DF-DDA65C67120C} - C:\Arquivos de programas\UOL\Barra UOL\ubp.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [64e86530] rundll32.exe "C:\WINDOWS\system32\fvvablsf.dll",b

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: &Download with &DAP - C:\ARQUIV~1\DAP\dapextie.htm

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.15\AMVConverter\grab.html

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Adicionar RSS - res://C:\Arquivos de programas\UOL\Barra UOL\ubp.dll/3130

O8 - Extra context menu item: Download &all with DAP - C:\ARQUIV~1\DAP\dapextie2.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Liberar pop-ups desta página - res://C:\Arquivos de programas\UOL\Barra UOL\ubp.dll/3028

O8 - Extra context menu item: Liberar pop-ups deste site - res://C:\Arquivos de programas\UOL\Barra UOL\ubp.dll/3027

O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.15\MediaManager\grab.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://img4.orkut.com/activex/10036/photouploader.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1189737938625

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D9CE2963-8547-4C18-A4CE-DA27278310D8} (Instalador Remoto UOL) - http://download.uol.com.br/discadorUOL/lig...tiveInstall.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} (GbPluginObj Class) - https://imagem.caixa.gov.br/cab/GbPluginCef.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D77743D2-52B2-4843-9B61-8E7B1895768C}: NameServer = 200.165.132.154 200.165.132.148

O20 - Winlogon Notify: GbPluginBb - C:\ARQUIV~1\GBPLUGIN\gbieh.dll

O20 - Winlogon Notify: GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehcef.dll

O20 - Winlogon Notify: __GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

--

End of file - 9791 bytes

Silas Martins · Julho 4, 2008

Siga as Instruções:

Baixe o MSNfix.

Salve na área de trabalho, e descompacte ele, após isto, clique duas vezes em MSNFix.bat

Vai se abrir a tela MSN_Fix-menu nela aperte a opçãp R, será dado inicio ao scaneamento.

Caso o scan detecte algo irá aparecer a seguinte informação: Infection Presente, aperte enter, e prossiga.

Caso queira interromper o processo aperte a tecla Q

Na finalização vai se abrir o bloco de notas com um log, selecione todo ele e copie, que se encontra na pasta msnfix.txt.

Poste juntamente um novo log do Hijackthis

Aguardo o retorno.

melksedec · Julho 5, 2008

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:27, on 2008-07-05

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\System32\alg.exe

D:\melksedec\programas instalados\DreMule\emule.exe

C:\Arquivos de programas\ESET\nod32kui.exe