Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

ronaldogpi

[Arquivado] Problemas no MSN 8.5- Erro 800401f3/ Restauração do S

Recommended Posts

Eu busquei de todas as formas resolver esse problema. Já tentei fazer de tudo que vários fóruns da Internet indicam para esse erro do MSN Messenger e do Sistema do Windows XP, como por exemplo, a Restauração do Sistema e nada entretanto deu certo. Eu registrei as Dlls, reinstalei especialmente a msxml3.dll e o javscript.dll e nenhum dos dois funcionam no sistema operacional. Inclusive utilizei softwares específicos para solucionar esse problema, entretanto não consegui resolver o mesmo.

 

Ao conectar, o Windows Live Messenger apresenta o código de erro, há 1 lag grande no momento de digitar o e-mail no meu perfil ocorre esse problema. Antes o mesmo apresentava a mensagem "Um componente crítico foi reparado; é preciso reiniciar o Messenger".

 

E como se não bastasse o problema no Messenger, a Restauração do Sistema e as Contas de Usuário estão com falhas, pois apresentam telas brancas e não é possível acessar ou modificar o conteúdo desejado. A imagem a seguir mostra sobre o problema que ocorre com o Windows XP.

 

rsuo7.png

 

Conforme orientação no fórum desse site, segue o log do Hijackthis. Aguardo respostas conclusivas para respostas sobre os problemas mencionados. Desde já, agradeço pela atenção.

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:35:32, on 25/1/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Winamp\winampa.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\ltmoh\Ltmoh.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe

C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Meus documentos\Downloads\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60337'>http://www.crawler.com/search/ie.aspx?tb_id=60337"]http://www.crawler.com/search/ie.aspx?tb_id=60337

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60337'>http://dnl.crawler.com/support/sa_customize.aspx?TbId=60337"]http://dnl.crawler.com/support/sa_customize.aspx?TbId=60337

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896"]http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157"]http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.speedapps.com/search.htm'>http://www.speedapps.com/search.htm"]http://www.speedapps.com/search.htm

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_04\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O4 - HKLM\..\Run: [WinampAgent] "C:\Arquivos de programas\Winamp\winampa.exe"

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LtMoh] C:\Arquivos de programas\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [uSBFW] C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Microsoft Office Groove.lnk = C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE

O4 - Global Startup: Windows Desktop Search.lnk = C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx'>http://favorites.live.com/quickadd.aspx"]http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Crawler Search - tbr:iemenu

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab'>http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab"]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab'>http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab"]http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228498680593'>http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1228498680593"]http://update.microsoft.com/microsoftupdat...b?1228498680593

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228411392625'>http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1228411392625"]http://update.microsoft.com/microsoftupdat...b?1228411392625

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab'>http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab"]http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab'>http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab"]http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab'>https://secure.shared.live.com/Pa6vGqB728AxD-ckvrPc0A/etc/Microsoft.Live.Folders.RichUpload.cab"]https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab'>http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab"]http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100'>https://secure.logmein.com/activex/ractrl.cab?lmi=100"]https://secure.logmein.com/activex/ractrl.cab?lmi=100

O17 - HKLM\System\CCS\Services\Tcpip\..\{BE959707-E59A-4D10-A643-49268770758D}: NameServer = 201.10.120.3,201.10.128.3

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 12243 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! ronaldogpi

 

<@> Baixe: < ComboFix.exe > ( ...by sUBs )

<@> Salve-o no Desktop!

<@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! )

<@> Feche todas as janelas e execute a ferramenta!

<@> Na solicitação: "Negação de garantia de software" --> Clique em Sim!

<@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo!

 

<!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta e faça,novamente,o download.

<!> Salve-a no desktop,renomeada como: Kombo.exe

<!> Ps: Nomeie durante o salvamento,e não após salvá-la!

<!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em Modo de Segurança. <-- Link!

<!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

<!> Ps: Evite executar,voluntariamente,esta ferramenta!Siga,àcima,todas as recomendações propostas.

<@> Abrir-se-á a janela Auto Scan. --> Aguarde!

<@> Àfim de completar as remoções,o ComboFix poderá reiniciar o computador.

<@> Se houver necessidade,digite a opção para continuar! --> ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

<@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante!

<@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter!

--------------------------------------

<@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

nao ronaldogpi

 

o outro topico que era duplicado ja foi removido

 

siga as instrucoes do digram contidas neste topico

Compartilhar este post


Link para o post
Compartilhar em outros sites

Certo. Obrigado pelas dicas, segue os logs dos dois aplicativos, conforme solicitado.

 

LOG DO COMBOFIX.

 

ComboFix 09-01-21.04 - Ronaldo 2009-01-27 22:39:51.2 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.479.261 [GMT -3:00]

Executando de: c:\documents and settings\Ronaldo\Desktop\ComboFix.exe

AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated)

FW: Norton AntiVirus *enabled*

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\Administrador 2\Configura‡äes locais\Temporary Internet Files\

c:\documents and settings\Daniel\Configura‡äes locais\Temporary Internet Files\

c:\documents and settings\Joana\Configura‡äes locais\Temporary Internet Files\

c:\documents and settings\LocalService\Configura‡äes locais\Temporary Internet Files\

c:\documents and settings\NetworkService\Configura‡äes locais\Temporary Internet Files\

c:\documents and settings\Ronaldo\Configura‡äes locais\Temporary Internet Files\

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2008-12-28 to 2009-01-28 ))))))))))))))))))))))))))))

.

 

2009-01-27 22:32 . 2009-01-20 22:17 <DIR> d-------- C:\32788R22FWJFW

2009-01-27 17:55 . 2009-01-27 17:55 <DIR> d-------- c:\documents and settings\Daniel\Dados de aplicativos\AdobeUM

2009-01-25 20:31 . 2009-01-25 20:31 <DIR> d--hs---- C:\FOUND.064

2009-01-25 18:51 . 2009-01-25 18:51 <DIR> d-------- C:\!KillBox

2009-01-25 17:26 . 2009-01-25 17:26 <DIR> d-------- c:\arquivos de programas\Marcos Velasco Security

2009-01-25 17:07 . 2009-01-25 17:07 <DIR> d-------- C:\LinhaDefensiva

2009-01-25 13:22 . 2009-01-25 13:22 <DIR> d--hs---- C:\FOUND.063

2009-01-25 10:25 . 2009-01-25 10:25 <DIR> d-------- C:\MSXML3msms

2009-01-25 10:00 . 2009-01-25 10:00 <DIR> d-------- c:\arquivos de programas\MSXML 4.0

2009-01-24 13:43 . 2009-01-24 13:43 <DIR> d-------- c:\documents and settings\Ronaldo\Dados de aplicativos\GrabPro

2009-01-24 12:41 . 2009-01-24 12:41 <DIR> d-------- c:\documents and settings\Ronaldo\Dados de aplicativos\Orbit

2009-01-24 03:10 . 2009-01-24 03:10 <DIR> d-------- c:\documents and settings\Daniel\Dados de aplicativos\Orbit

2009-01-23 23:26 . 2009-01-23 23:26 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\BlazeVideo

2009-01-23 23:26 . 2009-01-23 23:26 <DIR> d-------- c:\arquivos de programas\Blaze Video Magic

2009-01-22 21:04 . 2009-01-22 21:04 <DIR> d-------- C:\DriveKey

2009-01-21 18:49 . 2009-01-21 18:49 86,528 --a------ c:\windows\system32\Dvdvideo.ax

2009-01-21 18:49 . 2009-01-21 18:49 65,536 --a------ c:\windows\system32\Dvdaudio.ax

2009-01-21 18:43 . 2009-01-21 18:43 <DIR> d-------- C:\divx

2009-01-21 18:38 . 2009-01-21 18:38 <DIR> d-------- c:\arquivos de programas\DivX

2009-01-21 16:45 . 2009-01-21 16:45 <DIR> d-------- c:\arquivos de programas\VSO

2009-01-21 16:45 . 2004-05-04 11:53 1,645,320 --a------ c:\windows\gdiplus.dll

2009-01-21 16:45 . 2006-05-20 16:16 1,184,984 --a------ c:\windows\system32\wvc1dmod.dll

2009-01-21 16:45 . 2006-05-11 19:21 626,688 --a------ c:\windows\system32\vp7vfw.dll

2009-01-21 16:45 . 2006-09-29 12:24 217,127 --a------ c:\windows\system32\drv43260.dll

2009-01-21 16:45 . 2006-09-29 12:25 208,935 --a------ c:\windows\system32\drv33260.dll

2009-01-21 16:45 . 2006-09-29 12:26 176,165 --a------ c:\windows\system32\drv23260.dll

2009-01-21 16:45 . 2007-03-18 20:37 65,602 --a------ c:\windows\system32\cook3260.dll

2009-01-21 10:06 . 2009-01-21 15:57 67 --a------ c:\windows\Easy Video to DVD.INI

2009-01-21 10:05 . 2009-01-21 10:05 <DIR> d-------- c:\arquivos de programas\Easy MPEG AVI DIVX WMV RM to DVD

2009-01-20 22:13 . 2009-01-20 22:13 <DIR> d--hs---- C:\FOUND.062

2009-01-20 19:26 . 2009-01-20 19:26 <DIR> d-------- c:\arquivos de programas\Any Audio Converter

2009-01-20 16:20 . 2009-01-20 16:20 <DIR> d--h----- C:\csrunbuffer

2009-01-19 22:53 . 2009-01-19 22:53 <DIR> d-------- c:\documents and settings\Ronaldo\Dados de aplicativos\AdobeUM

2009-01-17 13:41 . 2009-01-17 13:41 <DIR> d-------- C:\CFLog

2009-01-17 13:39 . 2003-07-17 06:17 5,174 --a------ c:\windows\system32\nppt9x.vxd

2009-01-17 13:39 . 2004-12-31 21:43 4,682 --a------ c:\windows\system32\npptNT2.sys

2009-01-17 13:34 . 2009-01-17 13:34 <DIR> d-------- c:\arquivos de programas\G4box

2009-01-16 22:24 . 2009-01-16 22:24 <DIR> d-------- c:\arquivos de programas\Net Studio

2009-01-16 16:57 . 2009-01-16 16:57 <DIR> d-------- c:\windows\Cache

2009-01-16 16:51 . 2009-01-16 16:52 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\Adobe

2009-01-16 14:54 . 2009-01-16 14:54 <DIR> d--hs---- C:\FOUND.061

2009-01-15 01:55 . 2009-01-15 01:55 <DIR> d-------- c:\documents and settings\Administrador 2\Dados de aplicativos\Windows Desktop Search

2009-01-15 01:54 . 2007-11-07 14:50 <DIR> d-------- c:\documents and settings\Administrador 2\Modelos

2009-01-15 01:54 . 2009-01-15 01:54 <DIR> dr------- c:\documents and settings\Administrador 2\Meus documentos

2009-01-15 01:54 . 2007-11-07 14:50 <DIR> dr------- c:\documents and settings\Administrador 2\Menu Iniciar

2009-01-15 01:54 . 2009-01-15 01:54 <DIR> dr------- c:\documents and settings\Administrador 2\Favoritos

2009-01-15 01:54 . 2007-11-07 14:50 <DIR> dr------- c:\documents and settings\Administrador 2\Dados de aplicativos

2009-01-15 01:54 . 2007-11-07 14:50 <DIR> d--h----- c:\documents and settings\Administrador 2\Configurações locais

2009-01-15 01:54 . 2007-11-07 14:50 <DIR> d-------- c:\documents and settings\Administrador 2\Ambiente de rede

2009-01-15 01:54 . 2007-11-07 14:50 <DIR> d-------- c:\documents and settings\Administrador 2\Ambiente de impressão

2009-01-15 01:54 . 2009-01-15 01:54 <DIR> d-------- c:\documents and settings\Administrador 2

2009-01-14 22:56 . 2009-01-14 22:56 <DIR> d-------- c:\arquivos de programas\TouchStoneSoftware

2009-01-13 20:48 . 2009-01-13 20:48 <DIR> d-------- c:\documents and settings\Daniel\Tracing

2009-01-13 20:16 . 2006-12-28 12:01 19,569 --a------ c:\windows\000003_.tmp

2009-01-13 19:29 . 2006-12-28 12:01 19,569 --a------ c:\windows\000002_.tmp

2009-01-13 19:12 . 2006-12-28 12:01 19,569 --a------ c:\windows\000001_.tmp

2009-01-13 18:58 . 2009-01-13 18:58 <DIR> d-------- c:\windows\system32\CatRoot_bak

2009-01-12 22:52 . 2009-01-12 22:52 <DIR> d-------- c:\documents and settings\Ronaldo\Dados de aplicativos\Windows Desktop Search

2009-01-12 22:30 . 2009-01-12 22:30 <DIR> d-------- c:\documents and settings\Ronaldo\Tracing

2009-01-12 22:25 . 2009-01-12 22:26 <DIR> d-------- c:\documents and settings\Joana\Tracing

2009-01-12 22:25 . 2009-01-12 22:25 184 --ah----- C:\sqmdata16.sqm

2009-01-12 22:25 . 2009-01-12 22:25 172 --ah----- C:\sqmnoopt16.sqm

2009-01-12 22:06 . 2009-01-12 22:06 244 --ah----- C:\sqmnoopt15.sqm

2009-01-12 22:06 . 2009-01-12 22:06 244 --ah----- C:\sqmdata15.sqm

2009-01-12 22:05 . 2009-01-12 22:05 <DIR> d-------- c:\arquivos de programas\Microsoft Sync Framework

2009-01-12 21:59 . 2009-01-12 21:59 <DIR> d-------- c:\arquivos de programas\Windows Live SkyDrive

2009-01-12 21:59 . 2009-01-12 21:59 <DIR> d-------- c:\arquivos de programas\Microsoft

2009-01-12 20:26 . 2009-01-12 20:26 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\Windows Live

2009-01-12 16:48 . 2009-01-12 16:48 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\SearchIn1Step

2009-01-12 16:45 . 2009-01-12 16:45 <DIR> d-------- c:\arquivos de programas\SearchIn1Step

2009-01-10 15:48 . 2009-01-10 15:49 230,424 --a------ C:\img2-001.raw

2009-01-09 23:56 . 2009-01-09 23:56 244 --ah----- C:\sqmnoopt14.sqm

2009-01-09 23:56 . 2009-01-09 23:56 244 --ah----- C:\sqmdata14.sqm

2009-01-09 21:34 . 2009-01-09 21:34 220 --ah----- C:\sqmdata13.sqm

2009-01-09 21:34 . 2009-01-09 21:34 172 --ah----- C:\sqmnoopt13.sqm

2009-01-09 21:26 . 2009-01-09 21:26 244 --ah----- C:\sqmnoopt12.sqm

2009-01-09 21:26 . 2009-01-09 21:26 244 --ah----- C:\sqmdata12.sqm

2009-01-09 19:08 . 2009-01-09 19:08 256 --ah----- C:\sqmdata11.sqm

2009-01-09 19:08 . 2009-01-09 19:08 244 --ah----- C:\sqmnoopt11.sqm

2009-01-07 13:22 . 2009-01-07 13:22 <DIR> d-------- c:\arquivos de programas\Wolfenstein - Enemy Territory

2009-01-07 10:38 . 2009-01-07 10:38 244 --ah----- C:\sqmnoopt10.sqm

2009-01-07 10:38 . 2009-01-07 10:38 244 --ah----- C:\sqmdata10.sqm

2009-01-06 23:17 . 2009-01-06 23:17 244 --ah----- C:\sqmnoopt09.sqm

2009-01-06 23:17 . 2009-01-06 23:17 244 --ah----- C:\sqmdata09.sqm

2009-01-05 19:58 . 2009-01-05 19:58 <DIR> d-------- c:\arquivos de programas\Mint Online TV

2009-01-05 16:46 . 2009-01-05 16:46 <DIR> d-------- c:\arquivos de programas\SopCast

2009-01-05 16:45 . 2009-01-05 16:45 <DIR> d-------- c:\arquivos de programas\Megacubo

2009-01-05 11:21 . 2009-01-05 11:21 244 --ah----- C:\sqmnoopt08.sqm

2009-01-05 11:21 . 2009-01-05 11:21 244 --ah----- C:\sqmdata08.sqm

2009-01-04 18:00 . 2009-01-04 18:00 <DIR> d-------- c:\documents and settings\Ronaldo\Dados de aplicativos\Windows Live Writer

2009-01-04 17:45 . 2009-01-04 17:45 <DIR> d-------- c:\arquivos de programas\AxBx

2009-01-04 15:50 . 2009-01-04 15:50 <DIR> d-------- c:\arquivos de programas\Cobian Backup 9

2009-01-04 15:17 . 2009-01-04 15:17 <DIR> d-------- c:\documents and settings\Ronaldo\Dados de aplicativos\Get Mail

2009-01-04 15:17 . 2009-01-04 15:17 <DIR> d-------- c:\arquivos de programas\PaulB

2009-01-04 14:36 . 2009-01-04 14:36 <DIR> d-------- c:\arquivos de programas\Microsoft Office Outlook Connector

2009-01-03 21:32 . 2009-01-03 21:32 244 --ah----- C:\sqmnoopt07.sqm

2009-01-03 21:32 . 2009-01-03 21:32 244 --ah----- C:\sqmdata07.sqm

2009-01-03 00:17 . 2009-01-03 00:17 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\TEMP

2009-01-03 00:16 . 2009-01-03 00:16 <DIR> d-------- c:\arquivos de programas\Super Internet TV

2009-01-01 18:29 . 2009-01-01 18:29 <DIR> d--hs---- C:\FOUND.060

2009-01-01 11:27 . 2009-01-01 11:27 280 --ah----- C:\sqmdata06.sqm

2009-01-01 11:27 . 2009-01-01 11:27 244 --ah----- C:\sqmnoopt06.sqm

2008-12-31 00:40 . 2008-12-31 00:40 196 --ah----- C:\sqmdata05.sqm

2008-12-31 00:40 . 2008-12-31 00:40 172 --ah----- C:\sqmnoopt05.sqm

2008-12-30 22:57 . 2008-12-30 22:57 244 --ah----- C:\sqmnoopt04.sqm

2008-12-30 22:57 . 2008-12-30 22:57 244 --ah----- C:\sqmdata04.sqm

2008-12-29 20:27 . 2008-12-29 20:27 244 --ah----- C:\sqmnoopt03.sqm

2008-12-29 20:27 . 2008-12-29 20:27 244 --ah----- C:\sqmdata03.sqm

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-01-21 19:45 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys

2009-01-21 19:45 47,360 ----a-w c:\documents and settings\Daniel\Dados de aplicativos\pcouffin.sys

2008-12-27 20:30 2,560 ----a-w c:\windows\_MSRSTRT.EXE

2008-12-27 20:20 --------- d-----w c:\arquivos de programas\ARCHPR

2008-12-26 19:08 --------- d-----w c:\arquivos de programas\ElcomSoft

2008-12-26 01:28 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus!

2008-12-26 01:28 --------- d-----w c:\arquivos de programas\Messenger Plus! Live

2008-12-25 19:05 --------- d-----w c:\arquivos de programas\SuperAVConverter

2008-12-23 22:02 --------- d-----w c:\arquivos de programas\Digital Video Converter

2008-12-22 16:11 --------- d-----w c:\arquivos de programas\ViaVoice TTS

2008-12-21 23:22 --------- d-----w c:\arquivos de programas\Avira

2008-12-21 19:36 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\Avira

2008-12-21 16:19 32 --sha-w c:\windows\system32\drivers\fidbox2.idx

2008-12-21 16:19 32 --sha-w c:\windows\system32\drivers\fidbox2.dat

2008-12-21 16:19 32 --sha-w c:\windows\system32\drivers\fidbox.idx

2008-12-21 16:19 32 --sha-w c:\windows\system32\drivers\fidbox.dat

2008-12-19 22:00 --------- d-----w c:\documents and settings\Ronaldo\Dados de aplicativos\drivers

2008-12-19 16:49 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab

2008-12-19 16:49 --------- d-----w c:\arquivos de programas\Kaspersky Lab

2008-12-18 01:54 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\Symantec

2008-12-18 01:32 --------- d-----w c:\arquivos de programas\Arquivos comuns\Symantec Shared

2008-12-16 10:32 13,195 ----a-w c:\documents and settings\Daniel\ZGUICFGW.DAT

2008-12-11 02:19 --------- d-----w c:\arquivos de programas\Total Uninstall 5

2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll

2008-12-11 00:33 200,704 ----a-w c:\windows\system32\dtu100.dll

2008-12-09 02:28 593,920 ----a-w c:\windows\system32\dpuGUI11.dll

2008-12-09 02:28 57,344 ----a-w c:\windows\system32\dpv11.dll

2008-12-09 02:28 344,064 ----a-w c:\windows\system32\dpus11.dll

2008-12-09 02:28 294,912 ----a-w c:\windows\system32\dpu11.dll

2008-12-07 01:59 --------- d-----w c:\documents and settings\Daniel\Dados de aplicativos\DivX

2008-12-07 01:23 --------- d-----w c:\documents and settings\Daniel\Dados de aplicativos\GlarySoft

2008-12-05 02:03 308,072 ----a-w c:\windows\WLXPGSS.SCR

2008-12-03 20:58 --------- d-----w c:\arquivos de programas\Zapu

2008-12-03 01:37 49,480 ----a-w c:\windows\system32\sirenacm.dll

2008-11-06 16:37 524,288 ----a-w c:\windows\system32\DivXsm.exe

2008-11-06 16:37 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll

2008-11-06 16:35 200,704 ----a-w c:\windows\system32\ssldivx.dll

2008-11-06 16:35 1,044,480 ----a-w c:\windows\system32\libdivx.dll

2008-11-06 16:33 823,296 ----a-w c:\windows\system32\divx_xx0c.dll

2008-11-06 16:33 823,296 ----a-w c:\windows\system32\divx_xx07.dll

2008-11-06 16:33 815,104 ----a-w c:\windows\system32\divx_xx0a.dll

2008-11-06 16:33 802,816 ----a-w c:\windows\system32\divx_xx11.dll

2008-11-06 16:33 684,032 ----a-w c:\windows\system32\DivX.dll

2008-11-06 16:33 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll

2008-01-24 18:32 2,088 ----a-w c:\arquivos de programas\z3D.log

2008-01-24 18:28 2,069 ----a-w c:\arquivos de programas\multiAutoSave

2008-01-24 18:28 2,069 ----a-w c:\arquivos de programas\demo1-Start

2008-06-17 19:43 32,768 --sha-w c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\MSHist012008061720080618\index.dat

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

"MsnMsgr"="c:\arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WinampAgent"="c:\arquivos de programas\Winamp\winampa.exe" [2008-01-15 37376]

"TkBellExe"="c:\arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" [2008-04-01 185896]

"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 144784]

"RemoteControl"="c:\arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768]

"LtMoh"="c:\arquivos de programas\ltmoh\Ltmoh.exe" [2005-05-18 188416]

"HP Software Update"="c:\arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]

"GrooveMonitor"="c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]

"googletalk"="c:\arquivos de programas\Google\Google Talk\googletalk.exe" [2007-01-01 3735552]

"avgnt"="c:\arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]

"snpstd3"="c:\windows\vsnpstd3.exe" [2005-01-14 339968]

"USBFW"="c:\arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe" [2008-09-01 1330688]

"VTTrayp"="VTtrayp.exe" [2006-08-30 c:\windows\system32\VTTrayp.exe]

"VTTimer"="VTTimer.exe" [2006-08-03 c:\windows\system32\VTTimer.exe]

"SoundMan"="SOUNDMAN.EXE" [2006-11-17 c:\windows\soundman.exe]

"AGRSMMSG"="AGRSMMSG.exe" [2005-06-30 c:\windows\AGRSMMSG.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

c:\documents and settings\Joana\Menu Iniciar\Programas\Inicializar\

Recorte de tela e Iniciador do OneNote 2007.lnk - c:\arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

 

c:\documents and settings\Ronaldo\Menu Iniciar\Programas\Inicializar\

Recorte de tela e Iniciador do OneNote 2007.lnk - c:\arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

Microsoft Office Groove.lnk - c:\arquivos de programas\Microsoft Office\Office12\GROOVE.EXE [2007-08-29 340856]

 

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

Windows Desktop Search.lnk - c:\arquivos de programas\Windows Desktop Search\WindowsSearch.exe [2007-02-05 118784]

HP Digital Imaging Monitor.lnk - c:\arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

Adobe Reader Speed Launch.lnk - c:\arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]

 

[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]

"NoAutoUpdate"= 1 (0x1)

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\arquivos de programas\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

2008-05-28 12:32 87352 c:\windows\system32\LMIinit.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.DIV3"= DivXc32.dll

"vidc.DIV4"= DivXc32f.dll

"vidc.3iv2"= 3ivxVfWCodec.dll

"msacm.divxa32"= divxa32.acm

"VIDC.HFYU"= huffyuv.dll

"VIDC.i263"= i263_32.drv

"msacm.imc"= imc32.acm

"VIDC.VP31"= vp31vfw.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]

"TkBellExe"="c:\arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

"QuickTime Task"="c:\arquivos de programas\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Arquivos de programas\\Ares\\Ares.exe"=

"c:\\Arquivos de programas\\DreMule\\emule.exe"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Arquivos de programas\\Messenger\\Msmsgs.exe"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5000:TCP"= 5000:TCP:AresChatServer

 

R4 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-09-11 45848]

R4 SeaPort;SeaPort;c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]

R4 WinDefend;Windows Defender;c:\arquivos de programas\Windows Defender\MsMpEng.exe [2006-11-03 13592]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512]

S4 agrsm;Agere Modem Driver;c:\windows\system32\agrsmnt.sys [2007-12-13 1269584]

S4 LMIRfsClientNP;LMIRfsClientNP; [x]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]

\Shell\AutoRun\command - 2u.com

\Shell\explore\Command - 2u.com

\Shell\open\Command - 2u.com

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2009-01-27 c:\windows\Tasks\WebReg Deskjet F300 series.job

- c:\arquivos de programas\HP\Digital Imaging\bin\hpqwrg.exe [2006-02-19 05:09]

 

2009-01-28 c:\windows\Tasks\MP Scheduled Scan.job

- c:\arquivos de programas\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]

 

2009-01-28 c:\windows\Tasks\AD92B7A891892B58.job

- c:\docume~1\daniel\dadosd~1\mealju~1\View Noun Mapi.exe []

.

.

------- Scan Suplementar -------

.

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = iexplore

uSearchURL,(Default) = hxxp://www.speedapps.com/search.htm

IE: &Descarregar tudo com o FlashGet - c:\arquivos de programas\FlashGet\jc_all.htm

IE: &Descarregar utilizando o FlashGet - c:\arquivos de programas\FlashGet\jc_link.htm

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: Crawler Search - tbr:iemenu

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: {BE959707-E59A-4D10-A643-49268770758D} = 201.10.120.3,201.10.128.3

DPF: Microsoft XML Parser for Java

DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} - hxxps://secure.shared.live.com/Pa6vGqB728AxD-ckvrPc0A/etc/Microsoft.Live.Folders.RichUpload.cab

FF - ProfilePath -

 

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-01-27 22:41:14

Windows 5.1.2600 Service Pack 3 FAT NTAPI

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'winlogon.exe'(748)

c:\windows\system32\LMIinit.dll

.

Tempo para conclusão: 2009-01-27 22:42:21

ComboFix-quarantined-files.txt 2009-01-28 01:42:20

ComboFix2.txt 2009-01-25 21:39:46

 

Pré-execução: 98 pasta(s) 15.901.032.448 bytes disponíveis

Pós execução: 98 pasta(s) 15,881,830,400 bytes disponíveis

 

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 

313

 

LOG DO HIJACKTHIS.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 07:23:27, on 28/1/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Winamp\winampa.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\ltmoh\Ltmoh.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\Restore\rstrui.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe

C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Documents and Settings\Ronaldo\Meus documentos\Downloads\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60337

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60337

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.speedapps.com/search.htm

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_04\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O4 - HKLM\..\Run: [WinampAgent] "C:\Arquivos de programas\Winamp\winampa.exe"

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LtMoh] C:\Arquivos de programas\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [uSBFW] C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Microsoft Office Groove.lnk = C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE

O4 - Global Startup: Windows Desktop Search.lnk = C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Crawler Search - tbr:iemenu

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228498680593

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228411392625

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O17 - HKLM\System\CCS\Services\Tcpip\..\{BE959707-E59A-4D10-A643-49268770758D}: NameServer = 201.10.120.3,201.10.128.3

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 11597 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! ronaldogpi

 

<!> Existem no PC,infecções por Lops e vírus oriundos de uma mídia removível.

-----------------------------

<@> Baixe: < LopS&D >

<@> Salve-o no Disco Local-C!

<@> Instale o programa e clique em: LopSD.cmd

<@> Na janela que abrir,aperte o "p" --> Aperte Enter.

<@> Em outra janela,aperte a opção 2 --> Aperte Enter --> Aguarde!

<@> Terminando,salve e poste o relatório. ( C:\Lop SD\LopR_1.txt )

-----------------------------

<@> Baixe: < UsbFix.exe > ( ...par Chiquitine29 et Chimay8 )

<@> Salve-o no Desktop! --> Tire-o do zip!

<@> Desabilite,temporariamente,seus programas de proteção. <-- ( antivírus,antispyware e firewall )

<@> Para maiores detalhes,na instalação,siga as recomendações deste Tutorial. <-- Link

<@> Execute a ferramenta,com um duplo-clique em UsbFix.exe.

<@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... )

<@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok.

<@> O computador irá reiniciar. <-- Aguarde!

<@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta.

<@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante!

<@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter.

<@> Poste o relatório,que estará em: C:\UsbFix.txt + HijackThis,atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde. Obrigado pelas dicas. Agradeço muito pela atenção recebida na resolução do meu problema. Abraços! Seguem abaixo os logs solicitados na mensagem anterior.

________________________________________________________________________________

_____________________

 

LOG DO LopS&D

 

===============================================================================

 

 

 

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

 

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : Intel® Pentium® 4 CPU 3.06GHz )

BIOS : Default System BIOS

USER : Ronaldo ( Administrator )

BOOT : Normal boot

Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)

Firewall : Norton AntiVirus 15.5.0.23 (Activated)

A:\ (USB)

C:\ (Local Disk) - FAT32 - Total:74 Go (Free:12 Go)

D:\ (CD or DVD)

 

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [2] ( seg 02/02/2009|13:29 )

 

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

 

--------------------\\ Lista de pastas em DADOSD~1

 

[07/11/2007|14:50] C:\DOCUME~1\ADMINI~2\DADOSD~1\Microsoft

 

[16/01/2009|18:41] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Adobe

[20/03/2008|23:59] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Ahead

[07/11/2007|16:45] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Apple Computer

[24/05/2008|11:28] C:\DOCUME~1\ALLUSE~1\DADOSD~1\avg8

[21/12/2008|16:36] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Avira

[31/01/2009|16:28] C:\DOCUME~1\ALLUSE~1\DADOSD~1\AVS4YOU

[23/01/2009|23:26] C:\DOCUME~1\ALLUSE~1\DADOSD~1\BlazeVideo

[07/11/2007|16:46] C:\DOCUME~1\ALLUSE~1\DADOSD~1\CyberLink

[11/11/2007|20:05] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Google

[07/11/2007|16:43] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Grisoft

[07/11/2007|18:10] C:\DOCUME~1\ALLUSE~1\DADOSD~1\HP

[19/12/2008|13:49] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Kaspersky Lab

[26/05/2008|20:09] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Lavasoft

[11/09/2008|17:48] C:\DOCUME~1\ALLUSE~1\DADOSD~1\LogMeIn

[25/12/2008|22:28] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Messenger Plus!

[07/11/2007|14:50] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Microsoft

[07/11/2007|15:20] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Microsoft Help

[23/08/2008|07:40] C:\DOCUME~1\ALLUSE~1\DADOSD~1\NexonUS

[14/01/2008|22:15] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Office Genuine Advantage

[31/01/2008|22:19] C:\DOCUME~1\ALLUSE~1\DADOSD~1\QuickTime

[07/11/2007|16:44] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Real

[12/01/2009|16:48] C:\DOCUME~1\ALLUSE~1\DADOSD~1\SearchIn1Step

[02/11/2008|13:37] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Skype

[17/12/2008|22:54] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Symantec

[03/01/2009|00:17] C:\DOCUME~1\ALLUSE~1\DADOSD~1\TEMP

[15/12/2007|12:21] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Trymedia

[20/04/2008|15:58] C:\DOCUME~1\ALLUSE~1\DADOSD~1\WildTangent

[16/03/2008|19:45] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Windows Genuine Advantage

[28/04/2008|19:27] C:\DOCUME~1\ALLUSE~1\DADOSD~1\WLInstaller

 

[07/11/2007|14:50] C:\DOCUME~1\NETWOR~1\DADOSD~1\Microsoft

 

[07/11/2007|14:50] C:\DOCUME~1\LOCALS~1\DADOSD~1\Microsoft

[12/01/2009|16:45] C:\DOCUME~1\LOCALS~1\DADOSD~1\Mozilla

 

[03/01/2008|12:56] C:\DOCUME~1\DANIEL\DADOSD~1\Adobe

[27/01/2009|17:55] C:\DOCUME~1\DANIEL\DADOSD~1\AdobeUM

[31/01/2009|16:28] C:\DOCUME~1\DANIEL\DADOSD~1\AVS4YOU

[17/10/2008|15:46] C:\DOCUME~1\DANIEL\DADOSD~1\CyberLink

[06/12/2008|22:59] C:\DOCUME~1\DANIEL\DADOSD~1\DivX

[06/12/2008|22:23] C:\DOCUME~1\DANIEL\DADOSD~1\GlarySoft

[11/11/2007|20:08] C:\DOCUME~1\DANIEL\DADOSD~1\Google

[20/04/2008|21:56] C:\DOCUME~1\DANIEL\DADOSD~1\Grisoft

[29/03/2008|11:58] C:\DOCUME~1\DANIEL\DADOSD~1\Help

[08/11/2007|09:33] C:\DOCUME~1\DANIEL\DADOSD~1\HP

[08/11/2007|09:32] C:\DOCUME~1\DANIEL\DADOSD~1\Identities

[24/01/2008|16:16] C:\DOCUME~1\DANIEL\DADOSD~1\Image Zone Express

[11/11/2007|19:51] C:\DOCUME~1\DANIEL\DADOSD~1\Macromedia

[07/11/2007|14:50] C:\DOCUME~1\DANIEL\DADOSD~1\Microsoft

[25/01/2009|21:41] C:\DOCUME~1\DANIEL\DADOSD~1\Mozilla

[24/12/2008|00:12] C:\DOCUME~1\DANIEL\DADOSD~1\Opera

[24/01/2009|03:10] C:\DOCUME~1\DANIEL\DADOSD~1\Orbit

[04/05/2008|16:48] C:\DOCUME~1\DANIEL\DADOSD~1\RadLight Company

[03/03/2008|22:18] C:\DOCUME~1\DANIEL\DADOSD~1\Real

[02/11/2008|18:04] C:\DOCUME~1\DANIEL\DADOSD~1\Skype

[26/05/2008|20:24] C:\DOCUME~1\DANIEL\DADOSD~1\Spyware Terminator

[23/02/2008|08:39] C:\DOCUME~1\DANIEL\DADOSD~1\Sun

[15/12/2007|12:17] C:\DOCUME~1\DANIEL\DADOSD~1\Talkback

[15/05/2008|13:56] C:\DOCUME~1\DANIEL\DADOSD~1\Vso

[09/01/2008|13:50] C:\DOCUME~1\DANIEL\DADOSD~1\Windows Desktop Search

[28/04/2008|20:51] C:\DOCUME~1\DANIEL\DADOSD~1\Windows Live Writer

[08/11/2007|10:57] C:\DOCUME~1\DANIEL\DADOSD~1\WinRAR

 

[03/01/2008|12:56] C:\DOCUME~1\RONALDO\DADOSD~1\Adobe

[19/01/2009|22:53] C:\DOCUME~1\RONALDO\DADOSD~1\AdobeUM

[01/03/2008|20:59] C:\DOCUME~1\RONALDO\DADOSD~1\CyberLink

[19/12/2008|19:00] C:\DOCUME~1\RONALDO\DADOSD~1\drivers

[04/01/2009|15:17] C:\DOCUME~1\RONALDO\DADOSD~1\Get Mail

[14/11/2007|22:52] C:\DOCUME~1\RONALDO\DADOSD~1\Google

[24/01/2009|13:43] C:\DOCUME~1\RONALDO\DADOSD~1\GrabPro

[03/03/2008|23:04] C:\DOCUME~1\RONALDO\DADOSD~1\Grisoft

[08/11/2007|09:34] C:\DOCUME~1\RONALDO\DADOSD~1\HP

[08/11/2007|09:34] C:\DOCUME~1\RONALDO\DADOSD~1\Identities

[18/11/2007|20:18] C:\DOCUME~1\RONALDO\DADOSD~1\Image Zone Express

[14/11/2007|22:52] C:\DOCUME~1\RONALDO\DADOSD~1\Macromedia

[07/11/2007|14:50] C:\DOCUME~1\RONALDO\DADOSD~1\Microsoft

[15/12/2007|15:32] C:\DOCUME~1\RONALDO\DADOSD~1\Mozilla

[21/03/2008|00:02] C:\DOCUME~1\RONALDO\DADOSD~1\Nero

[25/12/2008|10:23] C:\DOCUME~1\RONALDO\DADOSD~1\Opera

[24/01/2009|12:41] C:\DOCUME~1\RONALDO\DADOSD~1\Orbit

[01/02/2008|13:47] C:\DOCUME~1\RONALDO\DADOSD~1\Real

[02/11/2008|13:40] C:\DOCUME~1\RONALDO\DADOSD~1\Skype

[02/11/2008|13:41] C:\DOCUME~1\RONALDO\DADOSD~1\skypePM

[30/07/2008|17:11] C:\DOCUME~1\RONALDO\DADOSD~1\Sun

[15/12/2007|15:33] C:\DOCUME~1\RONALDO\DADOSD~1\Talkback

[12/01/2009|22:52] C:\DOCUME~1\RONALDO\DADOSD~1\Windows Desktop Search

[04/01/2009|18:00] C:\DOCUME~1\RONALDO\DADOSD~1\Windows Live Writer

[19/11/2007|06:52] C:\DOCUME~1\RONALDO\DADOSD~1\WinRAR

 

[13/01/2008|21:42] C:\DOCUME~1\JOANA\DADOSD~1\Adobe

[11/11/2007|22:17] C:\DOCUME~1\JOANA\DADOSD~1\Google

[04/01/2008|22:29] C:\DOCUME~1\JOANA\DADOSD~1\Grisoft

[08/11/2007|09:35] C:\DOCUME~1\JOANA\DADOSD~1\HP

[08/11/2007|09:34] C:\DOCUME~1\JOANA\DADOSD~1\Identities

[18/11/2007|09:01] C:\DOCUME~1\JOANA\DADOSD~1\Image Zone Express

[11/11/2007|22:53] C:\DOCUME~1\JOANA\DADOSD~1\Macromedia

[07/11/2007|14:50] C:\DOCUME~1\JOANA\DADOSD~1\Microsoft

[19/12/2007|20:38] C:\DOCUME~1\JOANA\DADOSD~1\Mozilla

[21/12/2008|19:49] C:\DOCUME~1\JOANA\DADOSD~1\Opera

[20/03/2008|11:41] C:\DOCUME~1\JOANA\DADOSD~1\Real

[28/05/2008|13:04] C:\DOCUME~1\JOANA\DADOSD~1\Spyware Terminator

[19/12/2007|20:39] C:\DOCUME~1\JOANA\DADOSD~1\Talkback

[11/01/2008|19:49] C:\DOCUME~1\JOANA\DADOSD~1\Windows Desktop Search

 

[15/01/2009|01:54] C:\DOCUME~1\ADMINI~1\DADOSD~1\Identities

[15/01/2009|01:55] C:\DOCUME~1\ADMINI~1\DADOSD~1\Macromedia

[07/11/2007|14:50] C:\DOCUME~1\ADMINI~1\DADOSD~1\Microsoft

[15/01/2009|01:55] C:\DOCUME~1\ADMINI~1\DADOSD~1\Real

[15/01/2009|01:55] C:\DOCUME~1\ADMINI~1\DADOSD~1\Windows Desktop Search

 

--------------------\\ Tarefas Agendadas na pasta C:\WINDOWS\Tasks

 

[02/02/2009 07:08][--ah-----] C:\WINDOWS\tasks\SA.DAT

[02/02/2009 07:12][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job

[01/02/2009 18:10][--a------] C:\WINDOWS\tasks\WebReg Deskjet F300 series.job

[28/10/2001 13:07][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

--------------------\\ Lista de pastas em C:\Arquivos de programas

 

[18/12/2007|01:01] C:\Arquivos de programas\Activision Value

[16/01/2009|17:00] C:\Arquivos de programas\Adobe

[08/11/2007|12:15] C:\Arquivos de programas\Ahead

[20/01/2009|19:26] C:\Arquivos de programas\Any Audio Converter

[27/12/2008|17:20] C:\Arquivos de programas\ARCHPR

[24/03/2008|14:36] C:\Arquivos de programas\Ares

[07/11/2007|14:51] C:\Arquivos de programas\Arquivos comuns

[07/11/2007|18:33] C:\Arquivos de programas\ASCII

[20/04/2008|21:21] C:\Arquivos de programas\ATS2

[21/12/2008|20:22] C:\Arquivos de programas\Avira

[07/11/2007|17:22] C:\Arquivos de programas\AvRack

[31/01/2009|16:28] C:\Arquivos de programas\AVS4YOU

[04/01/2009|17:45] C:\Arquivos de programas\AxBx

[05/04/2008|23:07] C:\Arquivos de programas\Bíblia Católica v2.0

[23/01/2009|23:26] C:\Arquivos de programas\Blaze Video Magic

[11/09/2008|17:23] C:\Arquivos de programas\CCleaner

[04/01/2009|15:50] C:\Arquivos de programas\Cobian Backup 9

[07/11/2007|14:58] C:\Arquivos de programas\ComPlus Applications

[07/11/2007|16:46] C:\Arquivos de programas\CyberLink

[28/06/2008|15:40] C:\Arquivos de programas\Desafio Sebrae 2008

[23/12/2008|19:02] C:\Arquivos de programas\Digital Video Converter

[25/08/2008|19:42] C:\Arquivos de programas\directx

[21/01/2009|18:38] C:\Arquivos de programas\DivX

[21/11/2007|23:05] C:\Arquivos de programas\DreMule

[03/01/2008|12:56] C:\Arquivos de programas\DsNET Corp

[31/01/2009|12:02] C:\Arquivos de programas\DVDVideoSoft

[21/01/2009|10:05] C:\Arquivos de programas\Easy MPEG AVI DIVX WMV RM to DVD

[26/12/2008|16:08] C:\Arquivos de programas\ElcomSoft

[07/11/2007|18:32] C:\Arquivos de programas\FilZip

[23/06/2008|15:33] C:\Arquivos de programas\FlashGet

[02/09/2008|14:56] C:\Arquivos de programas\Fox

[07/11/2007|16:44] C:\Arquivos de programas\Foxit Software

[17/01/2009|13:34] C:\Arquivos de programas\G4box

[11/11/2007|20:05] C:\Arquivos de programas\Google

[07/11/2007|18:07] C:\Arquivos de programas\Hewlett-Packard

[07/11/2007|17:58] C:\Arquivos de programas\HP

[07/11/2007|16:46] C:\Arquivos de programas\InstallShield Installation Information

[07/11/2007|14:59] C:\Arquivos de programas\Internet Explorer

[26/03/2008|13:36] C:\Arquivos de programas\Java

[19/12/2008|13:49] C:\Arquivos de programas\Kaspersky Lab

[07/11/2007|16:44] C:\Arquivos de programas\K-Lite Codec Pack

[13/12/2007|13:33] C:\Arquivos de programas\ltmoh

[07/11/2007|18:32] C:\Arquivos de programas\MAIET

[25/01/2009|17:26] C:\Arquivos de programas\Marcos Velasco Security

[05/01/2009|16:45] C:\Arquivos de programas\Megacubo

[07/11/2007|14:58] C:\Arquivos de programas\Messenger

[25/12/2008|22:28] C:\Arquivos de programas\Messenger Plus! Live

[12/01/2009|21:59] C:\Arquivos de programas\Microsoft

[07/11/2007|15:02] C:\Arquivos de programas\microsoft frontpage

[07/11/2007|15:20] C:\Arquivos de programas\Microsoft Office

[04/01/2009|14:36] C:\Arquivos de programas\Microsoft Office Outlook Connector

[28/04/2008|21:32] C:\Arquivos de programas\Microsoft SQL Server Compact Edition

[12/01/2009|22:05] C:\Arquivos de programas\Microsoft Sync Framework

[07/11/2007|15:23] C:\Arquivos de programas\Microsoft Visual Studio

[07/11/2007|15:24] C:\Arquivos de programas\Microsoft Works

[05/01/2009|19:58] C:\Arquivos de programas\Mint Online TV

[03/03/2008|21:08] C:\Arquivos de programas\Motherboard Monitor 5

[07/11/2007|15:00] C:\Arquivos de programas\Movie Maker

[15/12/2007|12:17] C:\Arquivos de programas\Mozilla Firefox

[08/07/2008|11:09] C:\Arquivos de programas\MP3 Player Utilities 4.15

[07/11/2007|15:24] C:\Arquivos de programas\MSBuild

[14/01/2008|23:22] C:\Arquivos de programas\MSECache

[07/11/2007|14:58] C:\Arquivos de programas\MSN Gaming Zone

[07/11/2007|16:55] C:\Arquivos de programas\MSN Messenger

[25/01/2009|10:00] C:\Arquivos de programas\MSXML 4.0

[16/01/2009|22:24] C:\Arquivos de programas\Net Studio

[07/11/2007|14:59] C:\Arquivos de programas\NetMeeting

[01/12/2007|13:07] C:\Arquivos de programas\NextUp-ScanSoft

[31/01/2008|22:21] C:\Arquivos de programas\Opera

[07/11/2007|14:59] C:\Arquivos de programas\Outlook Express

[04/01/2009|15:17] C:\Arquivos de programas\PaulB

[24/01/2008|15:48] C:\Arquivos de programas\Purge

[21/05/2008|18:38] C:\Arquivos de programas\RadLight Company

[01/04/2008|14:29] C:\Arquivos de programas\Real

[07/11/2007|17:22] C:\Arquivos de programas\Realtek AC97

[07/11/2007|17:22] C:\Arquivos de programas\Realtek Sound Manager

[07/11/2007|17:30] C:\Arquivos de programas\S3

[12/01/2009|16:45] C:\Arquivos de programas\SearchIn1Step

[07/11/2007|15:01] C:\Arquivos de programas\Serviços on-line

[02/11/2008|13:38] C:\Arquivos de programas\Skype

[27/05/2008|11:52] C:\Arquivos de programas\SlySoft

[26/10/2008|16:05] C:\Arquivos de programas\SomePDF

[05/01/2009|16:46] C:\Arquivos de programas\SopCast

[07/11/2007|18:32] C:\Arquivos de programas\Steam

[24/01/2008|15:42] C:\Arquivos de programas\Strike and Retrieve

[03/01/2009|00:16] C:\Arquivos de programas\Super Internet TV

[25/12/2008|16:05] C:\Arquivos de programas\SuperAVConverter

[01/12/2007|13:06] C:\Arquivos de programas\TextAloud

[10/12/2008|23:19] C:\Arquivos de programas\Total Uninstall 5

[14/01/2009|22:56] C:\Arquivos de programas\TouchStoneSoftware

[07/11/2007|15:10] C:\Arquivos de programas\Uninstall Information

[01/02/2009|23:36] C:\Arquivos de programas\UsbFix

[07/11/2007|18:30] C:\Arquivos de programas\Valve

[22/12/2008|13:11] C:\Arquivos de programas\ViaVoice TTS

[21/01/2009|16:45] C:\Arquivos de programas\VSO

[18/01/2008|21:52] C:\Arquivos de programas\WC3Banlist

[03/01/2008|13:08] C:\Arquivos de programas\Winamp

[29/12/2007|14:42] C:\Arquivos de programas\Winamp(2)

[03/01/2008|12:19] C:\Arquivos de programas\Winamp(3)

[04/05/2008|17:01] C:\Arquivos de programas\Windows Defender

[08/01/2008|23:24] C:\Arquivos de programas\Windows Desktop Search

[28/04/2008|19:27] C:\Arquivos de programas\Windows Live

[12/01/2009|21:59] C:\Arquivos de programas\Windows Live SkyDrive

[28/04/2008|21:13] C:\Arquivos de programas\Windows Live Toolbar

[03/11/2008|14:56] C:\Arquivos de programas\Windows Media Connect 2

[07/11/2007|14:58] C:\Arquivos de programas\Windows Media Player

[07/11/2007|14:58] C:\Arquivos de programas\Windows NT

[07/11/2007|15:01] C:\Arquivos de programas\WindowsUpdate

[18/01/2008|21:52] C:\Arquivos de programas\WinPcap

[07/11/2007|16:56] C:\Arquivos de programas\WinRAR

[07/01/2009|13:22] C:\Arquivos de programas\Wolfenstein - Enemy Territory

[07/11/2007|15:02] C:\Arquivos de programas\xerox

[03/12/2008|17:58] C:\Arquivos de programas\Zapu

 

--------------------\\ Lista de pastas em C:\Arquivos de programas\Arquivos comuns

 

[16/01/2009|16:52] C:\Arquivos de programas\Arquivos comuns\Adobe

[08/11/2007|12:15] C:\Arquivos de programas\Arquivos comuns\Ahead

[31/01/2009|16:28] C:\Arquivos de programas\Arquivos comuns\AVSMedia

[07/11/2007|15:23] C:\Arquivos de programas\Arquivos comuns\DESIGNER

[03/01/2008|12:56] C:\Arquivos de programas\Arquivos comuns\DirectX

[31/01/2009|12:02] C:\Arquivos de programas\Arquivos comuns\DVDVideoSoft

[07/11/2007|18:06] C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard

[07/11/2007|18:09] C:\Arquivos de programas\Arquivos comuns\HP

[07/11/2007|16:46] C:\Arquivos de programas\Arquivos comuns\InstallShield

[26/03/2008|13:30] C:\Arquivos de programas\Arquivos comuns\Java

[07/11/2007|14:51] C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

[07/11/2007|15:00] C:\Arquivos de programas\Arquivos comuns\MSSoap

[15/07/2008|15:56] C:\Arquivos de programas\Arquivos comuns\NSV

[07/11/2007|14:51] C:\Arquivos de programas\Arquivos comuns\ODBC

[01/04/2008|14:29] C:\Arquivos de programas\Arquivos comuns\Real

[07/11/2007|15:00] C:\Arquivos de programas\Arquivos comuns\Serviços

[02/11/2008|13:38] C:\Arquivos de programas\Arquivos comuns\Skype

[02/08/2008|00:55] C:\Arquivos de programas\Arquivos comuns\snpstd3

[07/11/2007|14:51] C:\Arquivos de programas\Arquivos comuns\SpeechEngines

[18/01/2008|12:15] C:\Arquivos de programas\Arquivos comuns\SWF Studio

[17/12/2008|22:32] C:\Arquivos de programas\Arquivos comuns\Symantec Shared

[07/11/2007|14:59] C:\Arquivos de programas\Arquivos comuns\System

[12/01/2009|20:26] C:\Arquivos de programas\Arquivos comuns\Windows Live

[28/04/2008|19:28] C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller

[01/04/2008|14:30] C:\Arquivos de programas\Arquivos comuns\xing shared

 

--------------------\\ Process

 

( 48 Processes )

 

... OK !

 

--------------------\\ Procura pelo S_Lop

 

Não foram encontradas pastas com o Lop!

 

--------------------\\ Procura por Arquivos/Ficheiros e pastas do Lop

 

Não foram encontradas pastas com o Lop!

 

--------------------\\ Procura no Registro

 

..... OK !

 

--------------------\\ Verificando o Arquivos/Ficheiros Hosts

 

Arquivos/Ficheiros Hosts LIMPO

 

 

--------------------\\ Procurando Arquivos/Ficheiros ocultos com o Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-02-02 13:32:19

Windows 5.1.2600 Service Pack 3 FAT NTAPI

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

 

--------------------\\ Procurando por outras infecções

 

--------------------\\ Cracks & Keygens ..

 

C:\DOCUME~1\RONALDO\Meus documentos\Aplicativos\Áudio\Sintetizadores de Áudio\leia-me crack.txt

 

 

[F:11][D:6]-> C:\DOCUME~1\Ronaldo\CONFIG~1\Temp

[F:258][D:0]-> C:\DOCUME~1\Ronaldo\Cookies

[F:17][D:5]-> C:\DOCUME~1\Ronaldo\CONFIG~1\TEMPOR~1\content.IE5

[F:48][D:15]-> C:\Recycled

 

1 - "C:\Lop SD\LopR_1.txt" - qua 28/01/2009|18:27 - Option : [2]

2 - "C:\Lop SD\LopR_2.txt" - seg 02/02/2009|13:33 - Option : [2]

 

________________________________________________________________________________

_____________________

 

 

LOG DO USB FIX

===============================================================================

 

 

 

-------------- UsbFix V2.395 ---------------

 

* User : Ronaldo - USER-37FFE861E7

* Outils mis a jours le 20/10/2008 par Chiquitine29 et Chimay8

* Recherche effectuée à 23:38:30 le dom 01/02/2009

* Windows Xp - Internet Explorer 7.0.5730.13

 

 

--------------- [ Processus actifs ] ----------------

 

 

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\savedump.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\DOCUME~1\Ronaldo\CONFIG~1\Temp\4.tmp\b2e.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\rundll32.exe

 

--------------- [ Informations lecteurs ] ----------------

 

C: - Unidade de disco fixo

 

E: - Unidade de disco remov¡vel

 

 

--------------- [ Registre / Startup ] ----------------

 

 

! REG.EXE VERSION 3.0

 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

WinampAgent REG_SZ "C:\Arquivos de programas\Winamp\winampa.exe"

VTTrayp REG_SZ VTtrayp.exe

VTTimer REG_SZ VTTimer.exe

TkBellExe REG_SZ "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

SunJavaUpdateSched REG_SZ "C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe"

SoundMan REG_SZ SOUNDMAN.EXE

RemoteControl REG_SZ "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

LtMoh REG_SZ C:\Arquivos de programas\ltmoh\Ltmoh.exe

HP Software Update REG_SZ C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

googletalk REG_SZ C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

avgnt REG_SZ "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

AGRSMMSG REG_SZ AGRSMMSG.exe

snpstd3 REG_SZ C:\WINDOWS\vsnpstd3.exe

USBFW REG_SZ C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

KernelFaultCheck REG_EXPAND_SZ %systemroot%\system32\dumprep 0 -k

 

! REG.EXE VERSION 3.0

 

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

MsnMsgr REG_SZ "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

 

--------------- [ Registre / Mountpoint2 ] ----------------

 

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\Shell\AutoRun\command

Supprimé ! - HKEY_USERS\S-1-5-21-1004336348-746137067-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\Shell\AutoRun\command

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\Shell\explore\Command

Supprimé ! - HKEY_USERS\S-1-5-21-1004336348-746137067-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\Shell\explore\Command

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\Shell\open\Command

Supprimé ! - HKEY_USERS\S-1-5-21-1004336348-746137067-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\C\Shell\open\Command

 

--------------- [ Nettoyage des disques ] ----------------

 

Supprimé ! - E:\fooool.exe

 

--------------- ! Fin du rapport ! ----------------

 

________________________________________________________________________________

_____________________

 

LOG DO HIJACKTHIS

 

===============================================================================

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:18:29, on 2/2/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Winamp\winampa.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\ltmoh\Ltmoh.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe

C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Meus documentos\Downloads\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60337

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60337

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.speedapps.com/search.htm

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_04\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O4 - HKLM\..\Run: [WinampAgent] "C:\Arquivos de programas\Winamp\winampa.exe"

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LtMoh] C:\Arquivos de programas\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [uSBFW] C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: Microsoft Office Groove.lnk = C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE

O4 - Global Startup: Windows Desktop Search.lnk = C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Crawler Search - tbr:iemenu

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228498680593

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228411392625

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O17 - HKLM\System\CCS\Services\Tcpip\..\{BE959707-E59A-4D10-A643-49268770758D}: NameServer = 201.10.120.3,201.10.128.3

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 11398 bytes

________________________________________________________________________________

_____________________

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! ronaldogpi

 

<!> Como está o computador? O erro,ainda,permanece?

------------------------------

<@> Baixe: < OTMoveIt3 >

<@> Salve-o no desktop e,execute-o aí mesmo!

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

:Processes

explorer.exe

:Files

C:\DOCUME~1\Ronaldo\CONFIG~1\Temp\4.tmp\b2e.exe

C:\DOCUME~1\Ronaldo\CONFIG~1\Temp\4.tmp

C:\windows\Temp\1.tmp\b2e.exe

C:\windows\Temp\3.tmp\b2e.exe

C:\windows\Temp\5.tmp\b2e.exe

C:\windows\Temp\6.tmp\b2e.exe

C:\windows\Temp\7.tmp\b2e.exe

C:\windows\Temp\9.tmp\b2e.exe

C:\windows\Temp\b.tmp\b2e.exe

C:\windows\Temp\b2e.exe

C:\windows\Temp\b2e\b2e.exe

C:\windows\Temp\c.tmp\b2e.exe

C:\windows\Temp\d.tmp\b2e.exe

C:\windows\Temp\e.tmp\b2e.exe

C:\windows\Temp\f.tmp\b2e.exe

C:\windows\Temp\1.tmp

C:\windows\Temp\3.tmp

C:\windows\Temp\5.tmp

C:\windows\Temp\6.tmp

C:\windows\Temp\7.tmp

C:\windows\Temp\9.tmp

C:\windows\Temp\b.tmp

C:\windows\Temp\b2e

C:\windows\Temp\c.tmp

C:\windows\Temp\d.tmp

C:\windows\Temp\e.tmp

C:\windows\Temp\f.tmp

C:\sqmdata06.sqm

C:\sqmnoopt06.sqm

C:\sqmdata05.sqm

C:\sqmnoopt05.sqm

C:\sqmnoopt04.sqm

C:\sqmdata04.sqm

C:\sqmnoopt03.sqm

C:\sqmdata03.sqm

C:\sqmnoopt07.sqm

C:\sqmdata07.sqm

C:\sqmnoopt08.sqm

C:\sqmdata08.sqm

C:\sqmnoopt10.sqm

C:\sqmdata10.sqm

C:\sqmnoopt09.sqm

C:\sqmdata09.sqm

C:\sqmnoopt14.sqm

C:\sqmdata14.sqm

C:\sqmdata13.sqm

C:\sqmnoopt13.sqm

C:\sqmnoopt12.sqm

C:\sqmdata12.sqm

C:\sqmdata11.sqm

C:\sqmnoopt11.sqm

C:\sqmdata16.sqm

C:\sqmnoopt16.sqm

C:\sqmnoopt15.sqm

C:\sqmdata15.sqm

c:\windows\000003_.tmp

c:\windows\000002_.tmp

c:\windows\000001_.tmp

C:\FOUND.064

C:\FOUND.063

C:\FOUND.062

C:\FOUND.061

C:\FOUND.060

C:\2u.com

:Commands

[purity]

[emptytemp]

[start explorer]

[Reboot]

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

<@> Copie e cole estas informações,entre os XXXXX...,para o campo ( clipboard ),da ferramenta.

<@> Ps: Área abaixo de "Paste Instructions for Items to be Moved".

<@> Clique em MoveIt.

<@> Na solicitação de reboot,confirme!

<@> Terminando,verifique o conteúdo texto da pasta: C:\_OTMoveIt\MovedFiles

<@> Copie e poste,seu relatório mais recente: C:\_OTMoveIt\MovedFiles\xxxx2009_xxxxxx.log <--

<@> Ps: Como a ferramenta não sobreescreve seus relatórios,há que observar o que foi gerado após sua execução.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite, Dig Ram

 

Antes de tudo quero te agradecer pelas valiosas dicas que me apresentaste neste fórum. Entretanto, nenhum delas surtiu o efeito esperado a qual estava na expectativa de que as ações tivessem tal resultado.

 

Infelizmente, o computador persiste e continua com esses erros no sistema e no Windows Live Messenger. Ainda bem que isso não afetou a conectividade com a Internet, pois não utilizo o navegador Internet Explorer 7.0, a qual está afetado devido a esses problemas no PC.

 

Segue abaixo o relatório do aplicativo OTMoveIt3, conforme solicitado anteriormente por ti.

 

OTMoveIt3

________________________________________________________________________________

_____________________

 

========== PROCESSES ==========

Process explorer.exe killed successfully.

========== FILES ==========

File/Folder C:\DOCUME~1\Ronaldo\CONFIG~1\Temp\4.tmp\b2e.exe not found.

File/Folder C:\DOCUME~1\Ronaldo\CONFIG~1\Temp\4.tmp not found.

File/Folder C:\windows\Temp\1.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\3.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\5.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\6.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\7.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\9.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\b.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\b2e.exe not found.

File/Folder C:\windows\Temp\b2e\b2e.exe not found.

File/Folder C:\windows\Temp\c.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\d.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\e.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\f.tmp\b2e.exe not found.

File/Folder C:\windows\Temp\1.tmp not found.

File/Folder C:\windows\Temp\3.tmp not found.

File/Folder C:\windows\Temp\5.tmp not found.

File/Folder C:\windows\Temp\6.tmp not found.

File/Folder C:\windows\Temp\7.tmp not found.

File/Folder C:\windows\Temp\9.tmp not found.

File/Folder C:\windows\Temp\b.tmp not found.

File/Folder C:\windows\Temp\b2e not found.

File/Folder C:\windows\Temp\c.tmp not found.

File/Folder C:\windows\Temp\d.tmp not found.

File/Folder C:\windows\Temp\e.tmp not found.

File/Folder C:\windows\Temp\f.tmp not found.

C:\sqmdata06.sqm moved successfully.

C:\sqmnoopt06.sqm moved successfully.

C:\sqmdata05.sqm moved successfully.

C:\sqmnoopt05.sqm moved successfully.

C:\sqmnoopt04.sqm moved successfully.

C:\sqmdata04.sqm moved successfully.

C:\sqmnoopt03.sqm moved successfully.

C:\sqmdata03.sqm moved successfully.

C:\sqmnoopt07.sqm moved successfully.

C:\sqmdata07.sqm moved successfully.

C:\sqmnoopt08.sqm moved successfully.

C:\sqmdata08.sqm moved successfully.

C:\sqmnoopt10.sqm moved successfully.

C:\sqmdata10.sqm moved successfully.

C:\sqmnoopt09.sqm moved successfully.

C:\sqmdata09.sqm moved successfully.

C:\sqmnoopt14.sqm moved successfully.

C:\sqmdata14.sqm moved successfully.

C:\sqmdata13.sqm moved successfully.

C:\sqmnoopt13.sqm moved successfully.

C:\sqmnoopt12.sqm moved successfully.

C:\sqmdata12.sqm moved successfully.

C:\sqmdata11.sqm moved successfully.

C:\sqmnoopt11.sqm moved successfully.

C:\sqmdata16.sqm moved successfully.

C:\sqmnoopt16.sqm moved successfully.

C:\sqmnoopt15.sqm moved successfully.

C:\sqmdata15.sqm moved successfully.

c:\windows\000003_.tmp moved successfully.

c:\windows\000002_.tmp moved successfully.

c:\windows\000001_.tmp moved successfully.

C:\FOUND.064 moved successfully.

C:\FOUND.063 moved successfully.

C:\FOUND.062 moved successfully.

C:\FOUND.061 moved successfully.

C:\FOUND.060 moved successfully.

File/Folder C:\2u.com not found.

========== COMMANDS ==========

File delete failed. C:\DOCUME~1\Ronaldo\CONFIG~1\Temp\etilqs_sVzaLdXEXRrwD8M scheduled to be deleted on reboot.

User's Temp folder emptied.

User's Temporary Internet Files folder emptied.

User's Internet Explorer cache folder emptied.

Local Service Temp folder emptied.

Local Service Temporary Internet Files folder emptied.

Windows Temp folder emptied.

Java cache emptied.

FireFox cache emptied.

Opera cache emptied.

Temp folders emptied.

Explorer started successfully

 

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02032009_221812

 

Files moved on Reboot...

File C:\DOCUME~1\Ronaldo\CONFIG~1\Temp\etilqs_sVzaLdXEXRrwD8M not found!

________________________________________________________________________________

___________________

 

Abraços. Tudo de bom na tua vida. Tenha uma ótima semana!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! ronaldogpi

 

<@> Baixe: < DrWebCureIt >

<@> Salve-o no desktop!

<@> Inicie a instalação/execução,com um duplo-clique em drweb-cureit.

<@> Na janela que abrir,clique em Iniciar --> OK.

<@> Será dado início a "Verificação rápida" --> Feche a janela de propaganda!

<@> Terminando,marque a caixa de "Verificação Completa".

 

Neste modo são verificados os seguintes objectos:

 

* Sectores de Arranque de Todos os Discos. <--

 

* Todas as Unidades Removíveis. <--

 

* Todos os Discos Locais. <--

<@> Clique em "Iniciar verificação" --> Aguarde!

<@> Surgindo mensagens para mover ou desinfectar arquivos,clique em Sim.

<@> Terminando,clique em "Ficheiro" --> "Guardar lista de relatórios".

<@> Procure salvá-lo em um local adequado. ( DrWeb.csv ) <-- Converta para texto!

<@> Poste: DrWeb.csv + HijackThis,atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

BOA NOITE,

 

Antes de tudo quero agradecer pela resposta e pedir desculpas pela demora no envio da resposta. Infelizmente, o computador persiste no erro inicial, mesmo após tentativas frustradas, indicadas no site. O programa "Doutor Web" não apresenta disponível a opção de "Guardar Ficheiro" em "Ficheiro" no sistema, o que dificultou o trabalho. Seguem abaixo os logs do aplicativo "Doutor Web" a qual se encontra registrado na pasta do programa (arquivo CureIt.log) em minha pasta e do HijackThis, na postagem seguinte, conforme solicitação. Agradeço pela atenção e antecipo a estima e consideração pelo trabalho realizado.

________________________________________________________________________________

 

LOG DO DOCTOR WEB

 

Scanner Dr.Web para Windows v5.00.2 (5.00.2.02090)

© Igor Daniloff, 1992-2009. Todos os direitos reservados.

Registo gerado em: 2009-03-04, 23:32:04 [Ronaldo]

Linha de comandos: "C:\DOCUME~1\Ronaldo\CONFIG~1\Temp\RarSFX1\setup.exe" /lng:pt-cureit.dwl /ini:setup_XP.ini

Sistema Operativo: Windows XP Professional x86 (Build 2600), Service Pack 3

=============================================================================

DwShield iniciou-se

Versão da aplicação: 5.00 (5.00.0.12182)

Versão da API: 2.02

 

[Teste à memória] Não foram encontrados vírus

Master Boot Record HDD1 - OK

Active Boot Sector HDD1 - OK

 

[Caminho] c:\documents and settings\administrador 2\menu iniciar\programas\inicializar\desktop.ini

c:\documents and settings\administrador 2\menu iniciar\programas\inicializar\desktop.ini - OK

 

[Caminho] c:\documents and settings\administrador\menu iniciar\programas\inicializar\desktop.ini

c:\documents and settings\administrador\menu iniciar\programas\inicializar\desktop.ini - OK

 

[Caminho] c:\documents and settings\all users\dados de aplicativos\microsoft\windows defender\definition updates\{adc093a7-b89f-4d47-bf13-e69339c7514b}\mpengine.dll

c:\documents and settings\all users\dados de aplicativos\microsoft\windows defender\definition updates\{adc093a7-b89f-4d47-bf13-e69339c7514b}\mpengine.dll empacotado por BINARYRES

>c:\documents and settings\all users\dados de aplicativos\microsoft\windows defender\definition updates\{adc093a7-b89f-4d47-bf13-e69339c7514b}\mpengine.dll - OK

 

[Caminho] c:\documents and settings\all users\menu iniciar\programas\inicializar\desktop.ini

c:\documents and settings\all users\menu iniciar\programas\inicializar\desktop.ini - OK

 

[Caminho] c:\documents and settings\daniel\menu iniciar\programas\inicializar\desktop.ini

c:\documents and settings\daniel\menu iniciar\programas\inicializar\desktop.ini - OK

 

[Caminho] c:\documents and settings\daniel\meus documentos\programa que conveter vídeos para mp4\amvconverter\amvtransform.dll

c:\documents and settings\daniel\meus documentos\programa que conveter vídeos para mp4\amvconverter\amvtransform.dll - OK

 

[Caminho] c:\documents and settings\joana\menu iniciar\programas\inicializar\desktop.ini

c:\documents and settings\joana\menu iniciar\programas\inicializar\desktop.ini - OK

 

[Caminho] c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\chrome.dll

c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\chrome.dll - OK

 

[Caminho] c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\gears.dll

c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\gears.dll - OK

 

[Caminho] c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\icudt38.dll

c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\icudt38.dll - OK

 

[Caminho] c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\locales\pt-br.dll

c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\locales\pt-br.dll - OK

 

[Caminho] c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\rlz.dll

c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\rlz.dll - OK

 

[Caminho] c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll

c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll empacotado por ZLIB

>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll - arquivo BINARYRES

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data001 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data002 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data003 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data004 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data005 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data006 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data007 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data008 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data009 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data010 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data011 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data012 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data013 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data014 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data015 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data016 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data017 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data018 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data019 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data020 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data021 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data022 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data023 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data024 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data025 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data026 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data027 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data028 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data029 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data030 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data031 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data032 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data033 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data034 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data035 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data036 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data037 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data038 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data039 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data040 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data041 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data042 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data043 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data044 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data045 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data046 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data047 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data048 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data049 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data050 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data051 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data052 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data053 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data054 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data055 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data056 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data057 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data058 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data059 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data060 - OK

>>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll/data061 - OK

>c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\1.0.154.36\themes\default.dll - OK

 

[Caminho] c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\chrome.exe

c:\documents and settings\ronaldo\configurações locais\dados de aplicativos\google\chrome\application\chrome.exe - OK

 

[Caminho] c:\documents and settings\ronaldo\configurações locais\temp\hgu8ynfx.dll

c:\documents and settings\ronaldo\configurações locais\temp\hgu8ynfx.dll empacotado por ASPACK

>c:\documents and settings\ronaldo\configurações locais\temp\hgu8ynfx.dll - OK

 

[Caminho] c:\documents and settings\ronaldo\configurações locais\temp\rarsfx1\_start.exe

c:\documents and settings\ronaldo\configurações locais\temp\rarsfx1\_start.exe - OK

 

[Caminho] c:\documents and settings\ronaldo\configurações locais\temp\rarsfx1\setup.exe

c:\documents and settings\ronaldo\configurações locais\temp\rarsfx1\setup.exe - arquivo BINARYRES

>c:\documents and settings\ronaldo\configurações locais\temp\rarsfx1\setup.exe/data001 empacotado por ASPACK

>>c:\documents and settings\ronaldo\configurações locais\temp\rarsfx1\setup.exe/data001 - OK

>c:\documents and settings\ronaldo\configurações locais\temp\rarsfx1\setup.exe/data002 - OK

>c:\documents and settings\ronaldo\configurações locais\temp\rarsfx1\setup.exe/data003 - OK

c:\documents and settings\ronaldo\configurações locais\temp\rarsfx1\setup.exe - OK

 

[Caminho] c:\documents and settings\ronaldo\desktop\launch.exe

[Caminho] c:\documents and settings\ronaldo\menu iniciar\programas\inicializar\desktop.ini

c:\documents and settings\ronaldo\menu iniciar\programas\inicializar\desktop.ini - OK

 

[Caminho] c:\windows\agrsmmsg.exe

c:\windows\agrsmmsg.exe - OK

 

[Caminho] c:\windows\apppatch\acadproc.dll

c:\windows\apppatch\acadproc.dll - OK

 

[Caminho] c:\windows\apppatch\acgenral.dll

c:\windows\apppatch\acgenral.dll - OK

 

[Caminho] c:\windows\downloaded program files\conflict.1\msnpupld.dll

c:\windows\downloaded program files\conflict.1\msnpupld.dll - OK

 

[Caminho] c:\windows\downloaded program files\messengerstatspaclient.dll

c:\windows\downloaded program files\messengerstatspaclient.dll - OK

 

[Caminho] c:\windows\downloaded program files\microsoft.live.folders.richupload.dll

c:\windows\downloaded program files\microsoft.live.folders.richupload.dll - OK

 

[Caminho] c:\windows\downloaded program files\msgrchkr.dll

c:\windows\downloaded program files\msgrchkr.dll - OK

 

[Caminho] c:\windows\downloaded program files\ractrl.dll

c:\windows\downloaded program files\ractrl.dll empacotado por BINARYRES

>c:\windows\downloaded program files\ractrl.dll - OK

 

[Caminho] c:\windows\downloaded program files\zintro.ocx

c:\windows\downloaded program files\zintro.ocx - OK

 

[Caminho] c:\windows\explorer.exe

c:\windows\explorer.exe - OK

 

[Caminho] c:\windows\inf\msnetmtg.inf

c:\windows\inf\msnetmtg.inf - OK

 

[Caminho] c:\windows\inf\unregmp2.exe

c:\windows\inf\unregmp2.exe - OK

 

[Caminho] c:\windows\inf\wmp11.inf

c:\windows\inf\wmp11.inf - OK

 

[Caminho] c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe

c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe - OK

 

[Caminho] c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe

c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe - OK

 

[Caminho] c:\windows\msagent\agentpsh.dll

c:\windows\msagent\agentpsh.dll - OK

 

[Caminho] c:\windows\network diagnostic\xpnetdiag.exe

c:\windows\network diagnostic\xpnetdiag.exe - OK

 

[Caminho] c:\windows\pchealth\helpctr\binaries\pchsvc.dll

c:\windows\pchealth\helpctr\binaries\pchsvc.dll - OK

 

[Caminho] c:\windows\soundman.exe

c:\windows\soundman.exe empacotado por BINARYRES

>c:\windows\soundman.exe - OK

 

[Caminho] c:\windows\system32\acctres.dll

c:\windows\system32\acctres.dll - OK

 

[Caminho] c:\windows\system32\activeds.dll

c:\windows\system32\activeds.dll empacotado por FLY-CODE

>c:\windows\system32\activeds.dll - OK

 

[Caminho] c:\windows\system32\actxprxy.dll

c:\windows\system32\actxprxy.dll - OK

 

[Caminho] c:\windows\system32\adsldpc.dll

c:\windows\system32\adsldpc.dll - OK

 

[Caminho] c:\windows\system32\advapi32.dll

c:\windows\system32\advapi32.dll - OK

 

[Caminho] c:\windows\system32\advpack.dll

c:\windows\system32\advpack.dll - OK

 

[Caminho] c:\windows\system32\agrsmnt.sys

c:\windows\system32\agrsmnt.sys - OK

 

[Caminho] c:\windows\system32\alg.exe

c:\windows\system32\alg.exe - OK

 

[Caminho] c:\windows\system32\alrsvc.dll

c:\windows\system32\alrsvc.dll - OK

 

[Caminho] c:\windows\system32\apphelp.dll

c:\windows\system32\apphelp.dll - OK

 

[Caminho] c:\windows\system32\appmgmts.dll

c:\windows\system32\appmgmts.dll - OK

 

[Caminho] c:\windows\system32\appwiz.cpl

c:\windows\system32\appwiz.cpl - OK

 

[Caminho] c:\windows\system32\atl.dll

c:\windows\system32\atl.dll - OK

 

[Caminho] c:\windows\system32\audiosrv.dll

c:\windows\system32\audiosrv.dll - OK

 

[Caminho] c:\windows\system32\authz.dll

c:\windows\system32\authz.dll - OK

 

[Caminho] c:\windows\system32\autochk.exe

c:\windows\system32\autochk.exe - OK

 

[Caminho] c:\windows\system32\basesrv.dll

c:\windows\system32\basesrv.dll - OK

 

[Caminho] c:\windows\system32\batmeter.dll

c:\windows\system32\batmeter.dll - OK

 

[Caminho] c:\windows\system32\browser.dll

c:\windows\system32\browser.dll - OK

 

[Caminho] c:\windows\system32\browseui.dll

c:\windows\system32\browseui.dll - OK

 

[Caminho] c:\windows\system32\cabinet.dll

c:\windows\system32\cabinet.dll - OK

 

[Caminho] c:\windows\system32\cabview.dll

c:\windows\system32\cabview.dll - OK

 

[Caminho] c:\windows\system32\cfgmgr32.dll

c:\windows\system32\cfgmgr32.dll - OK

 

[Caminho] c:\windows\system32\cisvc.exe

c:\windows\system32\cisvc.exe - OK

 

[Caminho] c:\windows\system32\clbcatq.dll

c:\windows\system32\clbcatq.dll - OK

 

[Caminho] c:\windows\system32\clipsrv.exe

c:\windows\system32\clipsrv.exe - OK

 

[Caminho] c:\windows\system32\clusapi.dll

c:\windows\system32\clusapi.dll - OK

 

[Caminho] c:\windows\system32\cnbjmon.dll

c:\windows\system32\cnbjmon.dll - OK

 

[Caminho] c:\windows\system32\colbact.dll

c:\windows\system32\colbact.dll - OK

 

[Caminho] c:\windows\system32\comctl32.dll

c:\windows\system32\comctl32.dll - OK

 

[Caminho] c:\windows\system32\comdlg32.dll

c:\windows\system32\comdlg32.dll - OK

 

[Caminho] c:\windows\system32\comres.dll

c:\windows\system32\comres.dll - OK

 

[Caminho] c:\windows\system32\comsvcs.dll

c:\windows\system32\comsvcs.dll - OK

 

[Caminho] c:\windows\system32\config\systemprofile\menu iniciar\programas\inicializar\desktop.ini

c:\windows\system32\config\systemprofile\menu iniciar\programas\inicializar\desktop.ini - OK

 

[Caminho] c:\windows\system32\credui.dll

c:\windows\system32\credui.dll - OK

 

[Caminho] c:\windows\system32\crypt32.dll

c:\windows\system32\crypt32.dll - OK

 

[Caminho] c:\windows\system32\cryptdll.dll

c:\windows\system32\cryptdll.dll - OK

 

[Caminho] c:\windows\system32\cryptext.dll

c:\windows\system32\cryptext.dll - OK

 

[Caminho] c:\windows\system32\cryptnet.dll

c:\windows\system32\cryptnet.dll - OK

 

[Caminho] c:\windows\system32\cryptsvc.dll

c:\windows\system32\cryptsvc.dll - OK

 

[Caminho] c:\windows\system32\cryptui.dll

c:\windows\system32\cryptui.dll - OK

 

[Caminho] c:\windows\system32\cscdll.dll

c:\windows\system32\cscdll.dll - OK

 

[Caminho] c:\windows\system32\cscui.dll

c:\windows\system32\cscui.dll - OK

 

[Caminho] c:\windows\system32\csrsrv.dll

c:\windows\system32\csrsrv.dll - OK

 

[Caminho] c:\windows\system32\csrss.exe

c:\windows\system32\csrss.exe - OK

 

[Caminho] c:\windows\system32\ctfmon.exe

c:\windows\system32\ctfmon.exe - OK

 

[Caminho] c:\windows\system32\d3dim700.dll

c:\windows\system32\d3dim700.dll - OK

 

[Caminho] c:\windows\system32\davclnt.dll

c:\windows\system32\davclnt.dll - OK

 

[Caminho] c:\windows\system32\dbgeng.dll

c:\windows\system32\dbgeng.dll - OK

 

[Caminho] c:\windows\system32\dbghelp.dll

c:\windows\system32\dbghelp.dll - OK

 

[Caminho] c:\windows\system32\dciman32.dll

c:\windows\system32\dciman32.dll - OK

 

[Caminho] c:\windows\system32\ddraw.dll

c:\windows\system32\ddraw.dll - OK

 

[Caminho] c:\windows\system32\deskadp.dll

c:\windows\system32\deskadp.dll - OK

 

[Caminho] c:\windows\system32\deskmon.dll

c:\windows\system32\deskmon.dll - OK

 

[Caminho] c:\windows\system32\deskperf.dll

c:\windows\system32\deskperf.dll - OK

 

[Caminho] c:\windows\system32\devenum.dll

c:\windows\system32\devenum.dll - OK

 

[Caminho] c:\windows\system32\dfsshlex.dll

c:\windows\system32\dfsshlex.dll - OK

 

[Caminho] c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dhcpcsvc.dll - OK

 

[Caminho] c:\windows\system32\digest.dll

c:\windows\system32\digest.dll - OK

 

[Caminho] c:\windows\system32\dimsntfy.dll

c:\windows\system32\dimsntfy.dll - OK

 

[Caminho] c:\windows\system32\diskcopy.dll

c:\windows\system32\diskcopy.dll - OK

 

[Caminho] c:\windows\system32\dllhost.exe

c:\windows\system32\dllhost.exe - OK

 

[Caminho] c:\windows\system32\dmadmin.exe

c:\windows\system32\dmadmin.exe - OK

 

[Caminho] c:\windows\system32\dmserver.dll

c:\windows\system32\dmserver.dll - OK

 

[Caminho] c:\windows\system32\dnsapi.dll

c:\windows\system32\dnsapi.dll - OK

 

[Caminho] c:\windows\system32\dnsrslvr.dll

c:\windows\system32\dnsrslvr.dll - OK

 

[Caminho] c:\windows\system32\docprop.dll

c:\windows\system32\docprop.dll - OK

 

[Caminho] c:\windows\system32\docprop2.dll

c:\windows\system32\docprop2.dll - OK

 

[Caminho] c:\windows\system32\dot3api.dll

c:\windows\system32\dot3api.dll - OK

 

[Caminho] c:\windows\system32\dot3dlg.dll

c:\windows\system32\dot3dlg.dll - OK

 

[Caminho] c:\windows\system32\dot3gpclnt.dll

c:\windows\system32\dot3gpclnt.dll - OK

 

[Caminho] c:\windows\system32\dot3svc.dll

c:\windows\system32\dot3svc.dll - OK

 

[Caminho] c:\windows\system32\dpnhupnp.dll

c:\windows\system32\dpnhupnp.dll - OK

 

[Caminho] c:\windows\system32\drivers\acpi.sys

c:\windows\system32\drivers\acpi.sys - OK

 

[Caminho] c:\windows\system32\drivers\aec.sys

c:\windows\system32\drivers\aec.sys - OK

 

[Caminho] c:\windows\system32\drivers\afd.sys

c:\windows\system32\drivers\afd.sys - OK

 

[Caminho] c:\windows\system32\drivers\agrsm.sys

c:\windows\system32\drivers\agrsm.sys - OK

 

[Caminho] c:\windows\system32\drivers\alcxwdm.sys

c:\windows\system32\drivers\alcxwdm.sys - OK

 

[Caminho] c:\windows\system32\drivers\aslm75.sys

c:\windows\system32\drivers\aslm75.sys - OK

 

[Caminho] c:\windows\system32\drivers\asyncmac.sys

c:\windows\system32\drivers\asyncmac.sys - OK

 

[Caminho] c:\windows\system32\drivers\atapi.sys

c:\windows\system32\drivers\atapi.sys - OK

 

[Caminho] c:\windows\system32\drivers\atmarpc.sys

c:\windows\system32\drivers\atmarpc.sys - OK

 

[Caminho] c:\windows\system32\drivers\audstub.sys

c:\windows\system32\drivers\audstub.sys - OK

 

[Caminho] c:\windows\system32\drivers\avipbb.sys

c:\windows\system32\drivers\avipbb.sys - OK

 

[Caminho] c:\windows\system32\drivers\beep.sys

c:\windows\system32\drivers\beep.sys - OK

 

[Caminho] c:\windows\system32\drivers\ccdecode.sys

c:\windows\system32\drivers\ccdecode.sys empacotado por PESTUB

>c:\windows\system32\drivers\ccdecode.sys - OK

 

[Caminho] c:\windows\system32\drivers\cdaudio.sys

c:\windows\system32\drivers\cdaudio.sys - OK

 

[Caminho] c:\windows\system32\drivers\cdrom.sys

c:\windows\system32\drivers\cdrom.sys - OK

 

[Caminho] c:\windows\system32\drivers\disk.sys

c:\windows\system32\drivers\disk.sys - OK

 

[Caminho] c:\windows\system32\drivers\dmboot.sys

c:\windows\system32\drivers\dmboot.sys - OK

 

[Caminho] c:\windows\system32\drivers\dmio.sys

c:\windows\system32\drivers\dmio.sys - OK

 

[Caminho] c:\windows\system32\drivers\dmload.sys

c:\windows\system32\drivers\dmload.sys - OK

 

[Caminho] c:\windows\system32\drivers\dmusic.sys

c:\windows\system32\drivers\dmusic.sys - OK

 

[Caminho] c:\windows\system32\drivers\drmkaud.sys

c:\windows\system32\drivers\drmkaud.sys - OK

 

[Caminho] c:\windows\system32\drivers\fdc.sys

c:\windows\system32\drivers\fdc.sys - OK

 

[Caminho] c:\windows\system32\drivers\fetnd5.sys

c:\windows\system32\drivers\fetnd5.sys - OK

 

[Caminho] c:\windows\system32\drivers\fips.sys

c:\windows\system32\drivers\fips.sys - OK

 

[Caminho] c:\windows\system32\drivers\flpydisk.sys

c:\windows\system32\drivers\flpydisk.sys - OK

 

[Caminho] c:\windows\system32\drivers\fltmgr.sys

c:\windows\system32\drivers\fltmgr.sys - OK

 

[Caminho] c:\windows\system32\drivers\fs_rec.sys

c:\windows\system32\drivers\fs_rec.sys - OK

 

[Caminho] c:\windows\system32\drivers\ftdisk.sys

c:\windows\system32\drivers\ftdisk.sys - OK

 

[Caminho] c:\windows\system32\drivers\hidusb.sys

c:\windows\system32\drivers\hidusb.sys - OK

 

[Caminho] c:\windows\system32\drivers\hpzid412.sys

c:\windows\system32\drivers\hpzid412.sys - OK

 

[Caminho] c:\windows\system32\drivers\hpzipr12.sys

c:\windows\system32\drivers\hpzipr12.sys - OK

 

[Caminho] c:\windows\system32\drivers\hpzius12.sys

c:\windows\system32\drivers\hpzius12.sys - OK

 

[Caminho] c:\windows\system32\drivers\http.sys

c:\windows\system32\drivers\http.sys - OK

 

[Caminho] c:\windows\system32\drivers\i8042prt.sys

c:\windows\system32\drivers\i8042prt.sys - OK

 

[Caminho] c:\windows\system32\drivers\imapi.sys

c:\windows\system32\drivers\imapi.sys - OK

 

[Caminho] c:\windows\system32\drivers\intelppm.sys

c:\windows\system32\drivers\intelppm.sys - OK

 

[Caminho] c:\windows\system32\drivers\ip6fw.sys

c:\windows\system32\drivers\ip6fw.sys - OK

 

[Caminho] c:\windows\system32\drivers\ipfltdrv.sys

c:\windows\system32\drivers\ipfltdrv.sys - OK

 

[Caminho] c:\windows\system32\drivers\ipinip.sys

c:\windows\system32\drivers\ipinip.sys - OK

 

[Caminho] c:\windows\system32\drivers\ipnat.sys

c:\windows\system32\drivers\ipnat.sys - OK

 

[Caminho] c:\windows\system32\drivers\ipsec.sys

c:\windows\system32\drivers\ipsec.sys - OK

 

[Caminho] c:\windows\system32\drivers\irenum.sys

c:\windows\system32\drivers\irenum.sys - OK

 

[Caminho] c:\windows\system32\drivers\isapnp.sys

c:\windows\system32\drivers\isapnp.sys - OK

 

[Caminho] c:\windows\system32\drivers\kbdclass.sys

c:\windows\system32\drivers\kbdclass.sys - OK

 

[Caminho] c:\windows\system32\drivers\kbdhid.sys

c:\windows\system32\drivers\kbdhid.sys - OK

 

[Caminho] c:\windows\system32\drivers\kmixer.sys

c:\windows\system32\drivers\kmixer.sys - OK

 

[Caminho] c:\windows\system32\drivers\ksecdd.sys

c:\windows\system32\drivers\ksecdd.sys - OK

 

[Caminho] c:\windows\system32\drivers\lmimirr.sys

c:\windows\system32\drivers\lmimirr.sys - OK

 

[Caminho] c:\windows\system32\drivers\lmirfsdriver.sys

c:\windows\system32\drivers\lmirfsdriver.sys - OK

 

[Caminho] c:\windows\system32\drivers\mnmdd.sys

c:\windows\system32\drivers\mnmdd.sys - OK

 

[Caminho] c:\windows\system32\drivers\mouclass.sys

c:\windows\system32\drivers\mouclass.sys - OK

 

[Caminho] c:\windows\system32\drivers\mouhid.sys

c:\windows\system32\drivers\mouhid.sys - OK

 

[Caminho] c:\windows\system32\drivers\mountmgr.sys

c:\windows\system32\drivers\mountmgr.sys - OK

 

[Caminho] c:\windows\system32\drivers\mrxdav.sys

c:\windows\system32\drivers\mrxdav.sys - OK

 

[Caminho] c:\windows\system32\drivers\mrxsmb.sys

c:\windows\system32\drivers\mrxsmb.sys - OK

 

[Caminho] c:\windows\system32\drivers\msfs.sys

c:\windows\system32\drivers\msfs.sys - OK

 

[Caminho] c:\windows\system32\drivers\msgpc.sys

c:\windows\system32\drivers\msgpc.sys - OK

 

[Caminho] c:\windows\system32\drivers\mskssrv.sys

c:\windows\system32\drivers\mskssrv.sys - OK

 

[Caminho] c:\windows\system32\drivers\mspclock.sys

c:\windows\system32\drivers\mspclock.sys - OK

 

[Caminho] c:\windows\system32\drivers\mspqm.sys

c:\windows\system32\drivers\mspqm.sys - OK

 

[Caminho] c:\windows\system32\drivers\mssmbios.sys

c:\windows\system32\drivers\mssmbios.sys - OK

 

[Caminho] c:\windows\system32\drivers\mstee.sys

c:\windows\system32\drivers\mstee.sys - OK

 

[Caminho] c:\windows\system32\drivers\mup.sys

c:\windows\system32\drivers\mup.sys - OK

 

[Caminho] c:\windows\system32\drivers\nabtsfec.sys

c:\windows\system32\drivers\nabtsfec.sys - OK

 

[Caminho] c:\windows\system32\drivers\ndis.sys

c:\windows\system32\drivers\ndis.sys - OK

 

[Caminho] c:\windows\system32\drivers\ndisip.sys

c:\windows\system32\drivers\ndisip.sys - OK

 

[Caminho] c:\windows\system32\drivers\ndistapi.sys

c:\windows\system32\drivers\ndistapi.sys - OK

 

[Caminho] c:\windows\system32\drivers\ndisuio.sys

c:\windows\system32\drivers\ndisuio.sys - OK

 

[Caminho] c:\windows\system32\drivers\ndiswan.sys

c:\windows\system32\drivers\ndiswan.sys - OK

 

[Caminho] c:\windows\system32\drivers\netbios.sys

c:\windows\system32\drivers\netbios.sys - OK

 

[Caminho] c:\windows\system32\drivers\netbt.sys

c:\windows\system32\drivers\netbt.sys - OK

 

[Caminho] c:\windows\system32\drivers\nmnt.sys

c:\windows\system32\drivers\nmnt.sys - OK

 

[Caminho] c:\windows\system32\drivers\npf.sys

c:\windows\system32\drivers\npf.sys - OK

 

[Caminho] c:\windows\system32\drivers\npfs.sys

c:\windows\system32\drivers\npfs.sys - OK

 

[Caminho] c:\windows\system32\drivers\null.sys

c:\windows\system32\drivers\null.sys - OK

 

[Caminho] c:\windows\system32\drivers\nwlnkflt.sys

c:\windows\system32\drivers\nwlnkflt.sys - OK

 

[Caminho] c:\windows\system32\drivers\nwlnkfwd.sys

c:\windows\system32\drivers\nwlnkfwd.sys - OK

 

[Caminho] c:\windows\system32\drivers\parport.sys

c:\windows\system32\drivers\parport.sys - OK

 

[Caminho] c:\windows\system32\drivers\partmgr.sys

c:\windows\system32\drivers\partmgr.sys - OK

 

[Caminho] c:\windows\system32\drivers\pci.sys

c:\windows\system32\drivers\pci.sys - OK

 

[Caminho] c:\windows\system32\drivers\pciide.sys

c:\windows\system32\drivers\pciide.sys - OK

 

[Caminho] c:\windows\system32\drivers\pcouffin.sys

c:\windows\system32\drivers\pcouffin.sys - OK

 

[Caminho] c:\windows\system32\drivers\psched.sys

c:\windows\system32\drivers\psched.sys - OK

 

[Caminho] c:\windows\system32\drivers\ptilink.sys

c:\windows\system32\drivers\ptilink.sys - OK

 

[Caminho] c:\windows\system32\drivers\pxhelp20.sys

c:\windows\system32\drivers\pxhelp20.sys - OK

 

[Caminho] c:\windows\system32\drivers\rasacd.sys

c:\windows\system32\drivers\rasacd.sys - OK

 

[Caminho] c:\windows\system32\drivers\rasl2tp.sys

c:\windows\system32\drivers\rasl2tp.sys - OK

 

[Caminho] c:\windows\system32\drivers\raspppoe.sys

c:\windows\system32\drivers\raspppoe.sys - OK

 

[Caminho] c:\windows\system32\drivers\raspptp.sys

c:\windows\system32\drivers\raspptp.sys - OK

 

[Caminho] c:\windows\system32\drivers\raspti.sys

c:\windows\system32\drivers\raspti.sys - OK

 

[Caminho] c:\windows\system32\drivers\rdbss.sys

c:\windows\system32\drivers\rdbss.sys - OK

 

[Caminho] c:\windows\system32\drivers\rdpcdd.sys

c:\windows\system32\drivers\rdpcdd.sys - OK

 

[Caminho] c:\windows\system32\drivers\rdpdr.sys

c:\windows\system32\drivers\rdpdr.sys - OK

 

[Caminho] c:\windows\system32\drivers\rdpwd.sys

c:\windows\system32\drivers\rdpwd.sys - OK

 

[Caminho] c:\windows\system32\drivers\redbook.sys

c:\windows\system32\drivers\redbook.sys - OK

 

[Caminho] c:\windows\system32\drivers\scsiport.sys

c:\windows\system32\drivers\scsiport.sys - OK

 

[Caminho] c:\windows\system32\drivers\secdrv.sys

c:\windows\system32\drivers\secdrv.sys - OK

 

[Caminho] c:\windows\system32\drivers\serenum.sys

c:\windows\system32\drivers\serenum.sys - OK

 

[Caminho] c:\windows\system32\drivers\serial.sys

c:\windows\system32\drivers\serial.sys - OK

 

[Caminho] c:\windows\system32\drivers\sfloppy.sys

c:\windows\system32\drivers\sfloppy.sys - OK

 

[Caminho] c:\windows\system32\drivers\slip.sys

c:\windows\system32\drivers\slip.sys - OK

 

[Caminho] c:\windows\system32\drivers\snpstd3.sys

c:\windows\system32\drivers\snpstd3.sys - OK

 

[Caminho] c:\windows\system32\drivers\splitter.sys

c:\windows\system32\drivers\splitter.sys - OK

 

[Caminho] c:\windows\system32\drivers\sr.sys

c:\windows\system32\drivers\sr.sys - OK

 

[Caminho] c:\windows\system32\drivers\srv.sys

c:\windows\system32\drivers\srv.sys - OK

 

[Caminho] c:\windows\system32\drivers\ssmdrv.sys

c:\windows\system32\drivers\ssmdrv.sys - OK

 

[Caminho] c:\windows\system32\drivers\streamip.sys

c:\windows\system32\drivers\streamip.sys - OK

 

[Caminho] c:\windows\system32\drivers\swenum.sys

c:\windows\system32\drivers\swenum.sys - OK

 

[Caminho] c:\windows\system32\drivers\swmidi.sys

c:\windows\system32\drivers\swmidi.sys - OK

 

[Caminho] c:\windows\system32\drivers\sysaudio.sys

c:\windows\system32\drivers\sysaudio.sys - OK

 

[Caminho] c:\windows\system32\drivers\tcpip.sys

c:\windows\system32\drivers\tcpip.sys - OK

 

[Caminho] c:\windows\system32\drivers\tdpipe.sys

c:\windows\system32\drivers\tdpipe.sys - OK

 

[Caminho] c:\windows\system32\drivers\tdtcp.sys

c:\windows\system32\drivers\tdtcp.sys - OK

 

[Caminho] c:\windows\system32\drivers\termdd.sys

c:\windows\system32\drivers\termdd.sys - OK

 

[Caminho] c:\windows\system32\drivers\uagp35.sys

c:\windows\system32\drivers\uagp35.sys - OK

 

[Caminho] c:\windows\system32\drivers\update.sys

c:\windows\system32\drivers\update.sys - OK

 

[Caminho] c:\windows\system32\drivers\usbccgp.sys

c:\windows\system32\drivers\usbccgp.sys - OK

 

[Caminho] c:\windows\system32\drivers\usbehci.sys

c:\windows\system32\drivers\usbehci.sys - OK

 

[Caminho] c:\windows\system32\drivers\usbhub.sys

c:\windows\system32\drivers\usbhub.sys - OK

 

[Caminho] c:\windows\system32\drivers\usbprint.sys

c:\windows\system32\drivers\usbprint.sys - OK

 

[Caminho] c:\windows\system32\drivers\usbscan.sys

c:\windows\system32\drivers\usbscan.sys - OK

 

[Caminho] c:\windows\system32\drivers\usbstor.sys

c:\windows\system32\drivers\usbstor.sys - OK

 

[Caminho] c:\windows\system32\drivers\usbuhci.sys

c:\windows\system32\drivers\usbuhci.sys - OK

 

[Caminho] c:\windows\system32\drivers\vga.sys

c:\windows\system32\drivers\vga.sys - OK

 

[Caminho] c:\windows\system32\drivers\viaide.sys

c:\windows\system32\drivers\viaide.sys - OK

 

[Caminho] c:\windows\system32\drivers\volsnap.sys

c:\windows\system32\drivers\volsnap.sys - OK

 

[Caminho] c:\windows\system32\drivers\vtmini.sys

c:\windows\system32\drivers\vtmini.sys - OK

 

[Caminho] c:\windows\system32\drivers\wanarp.sys

c:\windows\system32\drivers\wanarp.sys - OK

 

[Caminho] c:\windows\system32\drivers\wdmaud.sys

c:\windows\system32\drivers\wdmaud.sys - OK

 

[Caminho] c:\windows\system32\drivers\ws2ifsl.sys

c:\windows\system32\drivers\ws2ifsl.sys - OK

 

[Caminho] c:\windows\system32\drivers\wstcodec.sys

c:\windows\system32\drivers\wstcodec.sys - OK

 

[Caminho] c:\windows\system32\drivers\wudfpf.sys

c:\windows\system32\drivers\wudfpf.sys - OK

 

[Caminho] c:\windows\system32\drivers\wudfrd.sys

c:\windows\system32\drivers\wudfrd.sys - OK

 

[Caminho] c:\windows\system32\drprov.dll

c:\windows\system32\drprov.dll - OK

 

[Caminho] c:\windows\system32\dskquota.dll

c:\windows\system32\dskquota.dll - OK

 

[Caminho] c:\windows\system32\dskquoui.dll

c:\windows\system32\dskquoui.dll - OK

 

[Caminho] c:\windows\system32\dsound.dll

c:\windows\system32\dsound.dll - OK

 

[Caminho] c:\windows\system32\dsquery.dll

c:\windows\system32\dsquery.dll - OK

 

[Caminho] c:\windows\system32\dssec.dll

c:\windows\system32\dssec.dll - OK

 

[Caminho] c:\windows\system32\dssenh.dll

c:\windows\system32\dssenh.dll - OK

 

[Caminho] c:\windows\system32\dsuiext.dll

c:\windows\system32\dsuiext.dll - OK

 

[Caminho] c:\windows\system32\eapolqec.dll

c:\windows\system32\eapolqec.dll - OK

 

[Caminho] c:\windows\system32\eappcfg.dll

c:\windows\system32\eappcfg.dll - OK

 

[Caminho] c:\windows\system32\eappprxy.dll

c:\windows\system32\eappprxy.dll - OK

 

[Caminho] c:\windows\system32\eapsvc.dll

c:\windows\system32\eapsvc.dll - OK

 

[Caminho] c:\windows\system32\ersvc.dll

c:\windows\system32\ersvc.dll - OK

 

[Caminho] c:\windows\system32\es.dll

c:\windows\system32\es.dll - OK

 

[Caminho] c:\windows\system32\esent.dll

c:\windows\system32\esent.dll - OK

 

[Caminho] c:\windows\system32\eventlog.dll

c:\windows\system32\eventlog.dll - OK

 

[Caminho] c:\windows\system32\extmgr.dll

c:\windows\system32\extmgr.dll - OK

 

[Caminho] c:\windows\system32\fdeploy.dll

c:\windows\system32\fdeploy.dll - OK

 

[Caminho] c:\windows\system32\firewall.cpl

c:\windows\system32\firewall.cpl - OK

 

[Caminho] c:\windows\system32\fltlib.dll

c:\windows\system32\fltlib.dll - OK

 

[Caminho] c:\windows\system32\fontext.dll

c:\windows\system32\fontext.dll - arquivo BINARYRES

>c:\windows\system32\fontext.dll/data001 empacotado por MS COMPRESS

>>c:\windows\system32\fontext.dll/data001 - OK

>c:\windows\system32\fontext.dll/data002 empacotado por MS COMPRESS

>>c:\windows\system32\fontext.dll/data002 - OK

c:\windows\system32\fontext.dll - OK

 

[Caminho] c:\windows\system32\gdi32.dll

c:\windows\system32\gdi32.dll - OK

 

[Caminho] c:\windows\system32\gptext.dll

c:\windows\system32\gptext.dll - OK

 

[Caminho] c:\windows\system32\h323.tsp

c:\windows\system32\h323.tsp - OK

 

[Caminho] c:\windows\system32\hhctrl.ocx

c:\windows\system32\hhctrl.ocx - OK

 

[Caminho] c:\windows\system32\hid.dll

c:\windows\system32\hid.dll - OK

 

[Caminho] c:\windows\system32\hidphone.tsp

c:\windows\system32\hidphone.tsp - OK

 

[Caminho] c:\windows\system32\hidserv.dll

c:\windows\system32\hidserv.dll - OK

 

[Caminho] c:\windows\system32\hnetcfg.dll

c:\windows\system32\hnetcfg.dll - OK

 

[Caminho] c:\windows\system32\hpowiax2.dll

c:\windows\system32\hpowiax2.dll - OK

 

[Caminho] c:\windows\system32\hptcpmib.dll

c:\windows\system32\hptcpmib.dll - OK

 

[Caminho] c:\windows\system32\hptcpmon.dll

c:\windows\system32\hptcpmon.dll - OK

 

[Caminho] c:\windows\system32\hptcpmui.dll

c:\windows\system32\hptcpmui.dll - OK

 

[Caminho] c:\windows\system32\hpzipm12.exe

c:\windows\system32\hpzipm12.exe - OK

 

[Caminho] c:\windows\system32\hpzjrd01.dll

c:\windows\system32\hpzjrd01.dll - OK

 

[Caminho] c:\windows\system32\hpzll054.dll

c:\windows\system32\hpzll054.dll - OK

 

[Caminho] c:\windows\system32\hticons.dll

c:\windows\system32\hticons.dll - OK

 

[Caminho] c:\windows\system32\icaapi.dll

c:\windows\system32\icaapi.dll - OK

 

[Caminho] c:\windows\system32\icmui.dll

c:\windows\system32\icmui.dll - OK

 

[Caminho] c:\windows\system32\ie4uinit.exe

c:\windows\system32\ie4uinit.exe - OK

 

[Caminho] c:\windows\system32\iedkcs32.dll

c:\windows\system32\iedkcs32.dll - OK

 

[Caminho] c:\windows\system32\ieframe.dll

c:\windows\system32\ieframe.dll - OK

 

[Caminho] c:\windows\system32\iertutil.dll

c:\windows\system32\iertutil.dll - OK

 

[Caminho] c:\windows\system32\ieudinit.exe

c:\windows\system32\ieudinit.exe - OK

 

[Caminho] c:\windows\system32\imagehlp.dll

c:\windows\system32\imagehlp.dll - OK

 

[Caminho] c:\windows\system32\imapi.exe

c:\windows\system32\imapi.exe - OK

 

[Caminho] c:\windows\system32\imm32.dll

c:\windows\system32\imm32.dll - OK

 

[Caminho] c:\windows\system32\inetcomm.dll

c:\windows\system32\inetcomm.dll - OK

 

[Caminho] c:\windows\system32\inetpp.dll

c:\windows\system32\inetpp.dll - OK

 

[Caminho] c:\windows\system32\inetres.dll

c:\windows\system32\inetres.dll - OK

 

[Caminho] c:\windows\system32\ipconf.tsp

c:\windows\system32\ipconf.tsp - OK

 

[Caminho] c:\windows\system32\iphlpapi.dll

c:\windows\system32\iphlpapi.dll - OK

 

[Caminho] c:\windows\system32\ipnathlp.dll

c:\windows\system32\ipnathlp.dll - OK

 

[Caminho] c:\windows\system32\ipsecsvc.dll

c:\windows\system32\ipsecsvc.dll - OK

 

[Caminho] c:\windows\system32\itss.dll

c:\windows\system32\itss.dll - OK

 

[Caminho] c:\windows\system32\kerberos.dll

c:\windows\system32\kerberos.dll - OK

 

[Caminho] c:\windows\system32\kernel32.dll

c:\windows\system32\kernel32.dll - OK

 

[Caminho] c:\windows\system32\kmddsp.tsp

c:\windows\system32\kmddsp.tsp - OK

 

[Caminho] c:\windows\system32\kmsvc.dll

c:\windows\system32\kmsvc.dll - OK

 

[Caminho] c:\windows\system32\linkinfo.dll

c:\windows\system32\linkinfo.dll - OK

 

[Caminho] c:\windows\system32\lmhsvc.dll

c:\windows\system32\lmhsvc.dll - OK

 

[Caminho] c:\windows\system32\lmiinit.dll

c:\windows\system32\lmiinit.dll - OK

 

[Caminho] c:\windows\system32\lmiport.dll

c:\windows\system32\lmiport.dll - OK

 

[Caminho] c:\windows\system32\lmirfsclientnp.dll

c:\windows\system32\lmirfsclientnp.dll - OK

 

[Caminho] c:\windows\system32\localspl.dll

c:\windows\system32\localspl.dll - OK

 

[Caminho] c:\windows\system32\locator.exe

c:\windows\system32\locator.exe - OK

 

[Caminho] c:\windows\system32\logon.scr

c:\windows\system32\logon.scr - OK

 

[Caminho] c:\windows\system32\logonui.exe

c:\windows\system32\logonui.exe - OK

 

[Caminho] c:\windows\system32\lpk.dll

c:\windows\system32\lpk.dll - OK

 

[Caminho] c:\windows\system32\lsasrv.dll

c:\windows\system32\lsasrv.dll - OK

 

[Caminho] c:\windows\system32\lsass.exe

c:\windows\system32\lsass.exe - OK

 

[Caminho] c:\windows\system32\lz32.dll

c:\windows\system32\lz32.dll - OK

 

[Caminho] c:\windows\system32\macromed\flash\flash10a.ocx

c:\windows\system32\macromed\flash\flash10a.ocx empacotado por ZLIB

>c:\windows\system32\macromed\flash\flash10a.ocx - arquivo BINARYRES

>>c:\windows\system32\macromed\flash\flash10a.ocx/data001 - OK

>>c:\windows\system32\macromed\flash\flash10a.ocx/data002 - OK

>>c:\windows\system32\macromed\flash\flash10a.ocx/data003 - OK

>>c:\windows\system32\macromed\flash\flash10a.ocx/data004 - OK

>c:\windows\system32\macromed\flash\flash10a.ocx - OK

 

[Caminho] c:\windows\system32\mapi32.dll

c:\windows\system32\mapi32.dll - OK

 

[Caminho] c:\windows\system32\mfc42.dll

c:\windows\system32\mfc42.dll - OK

 

[Caminho] c:\windows\system32\mfc42loc.dll

c:\windows\system32\mfc42loc.dll - OK

 

[Caminho] c:\windows\system32\mgmtapi.dll

c:\windows\system32\mgmtapi.dll - OK

 

[Caminho] c:\windows\system32\midimap.dll

c:\windows\system32\midimap.dll - OK

 

[Caminho] c:\windows\system32\mlang.dll

c:\windows\system32\mlang.dll - OK

 

[Caminho] c:\windows\system32\mmcshext.dll

c:\windows\system32\mmcshext.dll - OK

 

[Caminho] c:\windows\system32\mmsys.cpl

c:\windows\system32\mmsys.cpl - OK

 

[Caminho] c:\windows\system32\mnmsrvc.exe

c:\windows\system32\mnmsrvc.exe - OK

 

[Caminho] c:\windows\system32\modemui.dll

c:\windows\system32\modemui.dll - OK

 

[Caminho] c:\windows\system32\mpr.dll

c:\windows\system32\mpr.dll - OK

 

[Caminho] c:\windows\system32\mprapi.dll

c:\windows\system32\mprapi.dll empacotado por FLY-CODE

>c:\windows\system32\mprapi.dll - OK

 

[Caminho] c:\windows\system32\mprdim.dll

c:\windows\system32\mprdim.dll - OK

 

[Caminho] c:\windows\system32\msacm32.dll

c:\windows\system32\msacm32.dll - OK

 

[Caminho] c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.drv - OK

 

[Caminho] c:\windows\system32\msapsspc.dll

c:\windows\system32\msapsspc.dll - OK

 

[Caminho] c:\windows\system32\msasn1.dll

c:\windows\system32\msasn1.dll - OK

 

[Caminho] c:\windows\system32\mscms.dll

c:\windows\system32\mscms.dll - OK

 

[Caminho] c:\windows\system32\mscoree.dll

c:\windows\system32\mscoree.dll - OK

 

[Caminho] c:\windows\system32\mscories.dll

c:\windows\system32\mscories.dll - OK

 

[Caminho] c:\windows\system32\msctf.dll

c:\windows\system32\msctf.dll - OK

 

[Caminho] c:\windows\system32\msctfime.ime

c:\windows\system32\msctfime.ime - OK

 

[Caminho] c:\windows\system32\msdmo.dll

c:\windows\system32\msdmo.dll - OK

 

[Caminho] c:\windows\system32\msdtc.exe

c:\windows\system32\msdtc.exe - OK

 

[Caminho] c:\windows\system32\msftedit.dll

c:\windows\system32\msftedit.dll - OK

 

[Caminho] c:\windows\system32\msgina.dll

c:\windows\system32\msgina.dll - OK

 

[Caminho] c:\windows\system32\msgsvc.dll

c:\windows\system32\msgsvc.dll - OK

 

[Caminho] c:\windows\system32\mshtml.dll

c:\windows\system32\mshtml.dll - OK

 

[Caminho] c:\windows\system32\msi.dll

c:\windows\system32\msi.dll - OK

 

[Caminho] c:\windows\system32\msident.dll

c:\windows\system32\msident.dll - OK

 

[Caminho] c:\windows\system32\msidle.dll

c:\windows\system32\msidle.dll - OK

 

[Caminho] c:\windows\system32\msidntld.dll

c:\windows\system32\msidntld.dll - OK

 

[Caminho] c:\windows\system32\msieftp.dll

c:\windows\system32\msieftp.dll - OK

 

[Caminho] c:\windows\system32\msiexec.exe

c:\windows\system32\msiexec.exe - OK

 

[Caminho] c:\windows\system32\msimg32.dll

c:\windows\system32\msimg32.dll - OK

 

[Caminho] c:\windows\system32\msimtf.dll

c:\windows\system32\msimtf.dll - OK

 

[Caminho] c:\windows\system32\msnsspc.dll

c:\windows\system32\msnsspc.dll - OK

 

[Caminho] c:\windows\system32\msoeacct.dll

c:\windows\system32\msoeacct.dll - OK

 

[Caminho] c:\windows\system32\msoert2.dll

c:\windows\system32\msoert2.dll - OK

 

[Caminho] c:\windows\system32\msonpmon.dll

c:\windows\system32\msonpmon.dll - OK

 

[Caminho] c:\windows\system32\mspatcha.dll

c:\windows\system32\mspatcha.dll - OK

 

[Caminho] c:\windows\system32\mspmsnsv.dll

c:\windows\system32\mspmsnsv.dll - OK

 

[Caminho] c:\windows\system32\msprivs.dll

c:\windows\system32\msprivs.dll - OK

 

[Caminho] c:\windows\system32\msscb.dll

c:\windows\system32\msscb.dll - OK

 

[Caminho] c:\windows\system32\mssph.dll

c:\windows\system32\mssph.dll - OK

 

[Caminho] c:\windows\system32\mssprxy.dll

c:\windows\system32\mssprxy.dll - OK

 

[Caminho] c:\windows\system32\mssrch.dll

c:\windows\system32\mssrch.dll - OK

 

[Caminho] c:\windows\system32\msstrc.dll

c:\windows\system32\msstrc.dll - OK

 

[Caminho] c:\windows\system32\mstask.dll

c:\windows\system32\mstask.dll - OK

 

[Caminho] c:\windows\system32\mstlsapi.dll

c:\windows\system32\mstlsapi.dll - OK

 

[Caminho] c:\windows\system32\msutb.dll

c:\windows\system32\msutb.dll - OK

 

[Caminho] c:\windows\system32\msv1_0.dll

c:\windows\system32\msv1_0.dll - OK

 

[Caminho] c:\windows\system32\msvcp60.dll

c:\windows\system32\msvcp60.dll - OK

 

[Caminho] c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcp71.dll - OK

 

[Caminho] c:\windows\system32\msvcr71.dll

c:\windows\system32\msvcr71.dll - OK

 

[Caminho] c:\windows\system32\msvcrt.dll

c:\windows\system32\msvcrt.dll - OK

 

[Caminho] c:\windows\system32\msvidctl.dll

c:\windows\system32\msvidctl.dll - OK

 

[Caminho] c:\windows\system32\mswsock.dll

c:\windows\system32\mswsock.dll - OK

 

[Caminho] c:\windows\system32\msxml3.dll

c:\windows\system32\msxml3.dll - OK

 

[Caminho] c:\windows\system32\mtxclu.dll

c:\windows\system32\mtxclu.dll - OK

 

[Caminho] c:\windows\system32\mui\0016\hhctrlui.dll

c:\windows\system32\mui\0016\hhctrlui.dll - OK

 

[Caminho] c:\windows\system32\muweb.dll

c:\windows\system32\muweb.dll - arquivo CAB

>c:\windows\system32\muweb.dll/authorization.xml - OK

c:\windows\system32\muweb.dll - OK

 

[Caminho] c:\windows\system32\mydocs.dll

c:\windows\system32\mydocs.dll - OK

 

[Caminho] c:\windows\system32\ncobjapi.dll

c:\windows\system32\ncobjapi.dll - OK

 

[Caminho] c:\windows\system32\nddeapi.dll

c:\windows\system32\nddeapi.dll - OK

 

[Caminho] c:\windows\system32\ndptsp.tsp

c:\windows\system32\ndptsp.tsp - OK

 

[Caminho] c:\windows\system32\netapi32.dll

c:\windows\system32\netapi32.dll - OK

 

[Caminho] c:\windows\system32\netcfgx.dll

c:\windows\system32\netcfgx.dll - OK

 

[Caminho] c:\windows\system32\netdde.exe

c:\windows\system32\netdde.exe - OK

 

[Caminho] c:\windows\system32\netlogon.dll

c:\windows\system32\netlogon.dll - OK

 

[Caminho] c:\windows\system32\netman.dll

c:\windows\system32\netman.dll - OK

 

[Caminho] c:\windows\system32\netplwiz.dll

c:\windows\system32\netplwiz.dll - OK

 

[Caminho] c:\windows\system32\netrap.dll

c:\windows\system32\netrap.dll - OK

 

[Caminho] c:\windows\system32\netsetup.cpl

c:\windows\system32\netsetup.cpl - OK

 

[Caminho] c:\windows\system32\netshell.dll

c:\windows\system32\netshell.dll - OK

 

[Caminho] c:\windows\system32\netui0.dll

c:\windows\system32\netui0.dll - OK

 

[Caminho] c:\windows\system32\netui1.dll

c:\windows\system32\netui1.dll - OK

 

[Caminho] c:\windows\system32\normaliz.dll

c:\windows\system32\normaliz.dll - OK

 

[Caminho] c:\windows\system32\ntdll.dll

c:\windows\system32\ntdll.dll - OK

 

[Caminho] c:\windows\system32\ntdsapi.dll

c:\windows\system32\ntdsapi.dll - OK

 

[Caminho] c:\windows\system32\ntlanman.dll

c:\windows\system32\ntlanman.dll - OK

 

[Caminho] c:\windows\system32\ntlanui2.dll

c:\windows\system32\ntlanui2.dll - OK

 

[Caminho] c:\windows\system32\ntlsapi.dll

c:\windows\system32\ntlsapi.dll - OK

 

[Caminho] c:\windows\system32\ntmarta.dll

c:\windows\system32\ntmarta.dll empacotado por FLY-CODE

>c:\windows\system32\ntmarta.dll - OK

 

[Caminho] c:\windows\system32\ntmssvc.dll

c:\windows\system32\ntmssvc.dll - OK

 

[Caminho] c:\windows\system32\ntsd.exe

c:\windows\system32\ntsd.exe - OK

 

[Caminho] c:\windows\system32\ntshrui.dll

c:\windows\system32\ntshrui.dll - OK

 

[Caminho] c:\windows\system32\oakley.dll

c:\windows\system32\oakley.dll - OK

 

[Caminho] c:\windows\system32\occache.dll

c:\windows\system32\occache.dll - OK

 

[Caminho] c:\windows\system32\odbc32.dll

c:\windows\system32\odbc32.dll - OK

 

[Caminho] c:\windows\system32\odbcint.dll

c:\windows\system32\odbcint.dll - OK

 

[Caminho] c:\windows\system32\oeph.dll

c:\windows\system32\oeph.dll - OK

 

[Caminho] c:\windows\system32\ole32.dll

c:\windows\system32\ole32.dll - OK

 

[Caminho] c:\windows\system32\oleacc.dll

c:\windows\system32\oleacc.dll - OK

 

[Caminho] c:\windows\system32\oleaut32.dll

c:\windows\system32\oleaut32.dll - OK

 

[Caminho] c:\windows\system32\olecli32.dll

c:\windows\system32\olecli32.dll - OK

 

[Caminho] c:\windows\system32\olecnv32.dll

c:\windows\system32\olecnv32.dll - OK

 

[Caminho] c:\windows\system32\olepro32.dll

c:\windows\system32\olepro32.dll - OK

 

[Caminho] c:\windows\system32\olesvr32.dll

c:\windows\system32\olesvr32.dll - OK

 

[Caminho] c:\windows\system32\olethk32.dll

c:\windows\system32\olethk32.dll - OK

 

[Caminho] c:\windows\system32\onex.dll

c:\windows\system32\onex.dll - OK

 

[Caminho] c:\windows\system32\perfproc.dll

c:\windows\system32\perfproc.dll - OK

 

[Caminho] c:\windows\system32\photowiz.dll

c:\windows\system32\photowiz.dll - OK

 

[Caminho] c:\windows\system32\pjlmon.dll

c:\windows\system32\pjlmon.dll - OK

 

[Caminho] c:\windows\system32\portabledeviceapi.dll

c:\windows\system32\portabledeviceapi.dll - OK

 

[Caminho] c:\windows\system32\portabledevicetypes.dll

c:\windows\system32\portabledevicetypes.dll - OK

 

[Caminho] c:\windows\system32\powrprof.dll

c:\windows\system32\powrprof.dll - OK

 

[Caminho] c:\windows\system32\printui.dll

c:\windows\system32\printui.dll - OK

 

[Caminho] c:\windows\system32\profmap.dll

c:\windows\system32\profmap.dll - OK

 

[Caminho] c:\windows\system32\propdefs.dll

c:\windows\system32\propdefs.dll - OK

 

[Caminho] c:\windows\system32\propsys.dll

c:\windows\system32\propsys.dll - OK

 

[Caminho] c:\windows\system32\psapi.dll

c:\windows\system32\psapi.dll - OK

 

[Caminho] c:\windows\system32\psbase.dll

c:\windows\system32\psbase.dll - OK

 

[Caminho] c:\windows\system32\pstorec.dll

c:\windows\system32\pstorec.dll - OK

 

[Caminho] c:\windows\system32\pstorsvc.dll

c:\windows\system32\pstorsvc.dll - OK

 

[Caminho] c:\windows\system32\pt-br\tquery.dll.mui

c:\windows\system32\pt-br\tquery.dll.mui - OK

 

[Caminho] c:\windows\system32\qagentrt.dll

c:\windows\system32\qagentrt.dll - OK

 

[Caminho] c:\windows\system32\qmgr.dll

c:\windows\system32\qmgr.dll - OK

 

[Caminho] c:\windows\system32\quartz.dll

c:\windows\system32\quartz.dll - OK

 

[Caminho] c:\windows\system32\query.dll

c:\windows\system32\query.dll - OK

 

[Caminho] c:\windows\system32\qutil.dll

c:\windows\system32\qutil.dll - OK

 

[Caminho] c:\windows\system32\rasadhlp.dll

c:\windows\system32\rasadhlp.dll - OK

 

[Caminho] c:\windows\system32\rasapi32.dll

c:\windows\system32\rasapi32.dll - OK

 

[Caminho] c:\windows\system32\rasauto.dll

c:\windows\system32\rasauto.dll - OK

 

[Caminho] c:\windows\system32\raschap.dll

c:\windows\system32\raschap.dll - OK

 

[Caminho] c:\windows\system32\rasdlg.dll

c:\windows\system32\rasdlg.dll - OK

 

[Caminho] c:\windows\system32\rasman.dll

c:\windows\system32\rasman.dll - OK

 

[Caminho] c:\windows\system32\rasmans.dll

c:\windows\system32\rasmans.dll - OK

 

[Caminho] c:\windows\system32\rasppp.dll

c:\windows\system32\rasppp.dll - OK

 

[Caminho] c:\windows\system32\rasqec.dll

c:\windows\system32\rasqec.dll - OK

 

[Caminho] c:\windows\system32\rastapi.dll

c:\windows\system32\rastapi.dll - OK

 

[Caminho] c:\windows\system32\rastls.dll

c:\windows\system32\rastls.dll - OK

 

[Caminho] c:\windows\system32\regapi.dll

c:\windows\system32\regapi.dll - OK

 

[Caminho] c:\windows\system32\regsvc.dll

c:\windows\system32\regsvc.dll - OK

 

[Caminho] c:\windows\system32\regsvr32.exe

c:\windows\system32\regsvr32.exe - OK

 

[Caminho] c:\windows\system32\remotepg.dll

c:\windows\system32\remotepg.dll - OK

 

[Caminho] c:\windows\system32\resutils.dll

c:\windows\system32\resutils.dll - OK

 

[Caminho] c:\windows\system32\riched20.dll

c:\windows\system32\riched20.dll - OK

 

[Caminho] c:\windows\system32\riched32.dll

c:\windows\system32\riched32.dll - OK

 

[Caminho] c:\windows\system32\rpcrt4.dll

c:\windows\system32\rpcrt4.dll - OK

 

[Caminho] c:\windows\system32\rpcss.dll

c:\windows\system32\rpcss.dll - OK

 

[Caminho] c:\windows\system32\rsaenh.dll

c:\windows\system32\rsaenh.dll - OK

 

[Caminho] c:\windows\system32\rshx32.dll

c:\windows\system32\rshx32.dll - OK

 

[Caminho] c:\windows\system32\rsvp.exe

c:\windows\system32\rsvp.exe - OK

 

[Caminho] c:\windows\system32\rsvpsp.dll

c:\windows\system32\rsvpsp.dll - OK

 

[Caminho] c:\windows\system32\rtutils.dll

c:\windows\system32\rtutils.dll - OK

 

[Caminho] c:\windows\system32\rundll32.exe

c:\windows\system32\rundll32.exe - OK

 

[Caminho] c:\windows\system32\samlib.dll

c:\windows\system32\samlib.dll - OK

 

[Caminho] c:\windows\system32\samsrv.dll

c:\windows\system32\samsrv.dll - OK

 

[Caminho] c:\windows\system32\savedump.exe

c:\windows\system32\savedump.exe - OK

 

[Caminho] c:\windows\system32\scardsvr.exe

c:\windows\system32\scardsvr.exe - OK

 

[Caminho] c:\windows\system32\scecli.dll

c:\windows\system32\scecli.dll - OK

 

[Caminho] c:\windows\system32\scesrv.dll

c:\windows\system32\scesrv.dll - OK

 

[Caminho] c:\windows\system32\schannel.dll

c:\windows\system32\schannel.dll - OK

 

[Caminho] c:\windows\system32\schedsvc.dll

c:\windows\system32\schedsvc.dll - OK

 

[Caminho] c:\windows\system32\sclgntfy.dll

c:\windows\system32\sclgntfy.dll - OK

 

[Caminho] c:\windows\system32\searchfilterhost.exe

c:\windows\system32\searchfilterhost.exe - OK

 

[Caminho] c:\windows\system32\searchindexer.exe

c:\windows\system32\searchindexer.exe - OK

 

[Caminho] c:\windows\system32\searchprotocolhost.exe

c:\windows\system32\searchprotocolhost.exe - OK

 

[Caminho] c:\windows\system32\seclogon.dll

c:\windows\system32\seclogon.dll - OK

 

[Caminho] c:\windows\system32\secur32.dll

c:\windows\system32\secur32.dll - OK

 

[Caminho] c:\windows\system32\sendmail.dll

c:\windows\system32\sendmail.dll - OK

 

[Caminho] c:\windows\system32\sens.dll

c:\windows\system32\sens.dll - OK

 

[Caminho] c:\windows\system32\sensapi.dll

c:\windows\system32\sensapi.dll - OK

 

[Caminho] c:\windows\system32\services.exe

c:\windows\system32\services.exe - OK

 

[Caminho] c:\windows\system32\sessmgr.exe

c:\windows\system32\sessmgr.exe - OK

 

[Caminho] c:\windows\system32\setupapi.dll

c:\windows\system32\setupapi.dll - OK

 

[Caminho] c:\windows\system32\sfc.dll

c:\windows\system32\sfc.dll - OK

 

[Caminho] c:\windows\system32\sfc_os.dll

c:\windows\system32\sfc_os.dll - OK

 

[Caminho] c:\windows\system32\shdocvw.dll

c:\windows\system32\shdocvw.dll - OK

 

[Caminho] c:\windows\system32\shell32.dll

c:\windows\system32\shell32.dll - OK

 

[Caminho] c:\windows\system32\shfolder.dll

c:\windows\system32\shfolder.dll - OK

 

[Caminho] c:\windows\system32\shimeng.dll

c:\windows\system32\shimeng.dll - OK

 

[Caminho] c:\windows\system32\shimgvw.dll

c:\windows\system32\shimgvw.dll - OK

 

[Caminho] c:\windows\system32\shlwapi.dll

c:\windows\system32\shlwapi.dll - OK

 

[Caminho] c:\windows\system32\shmedia.dll

c:\windows\system32\shmedia.dll - OK

 

[Caminho] c:\windows\system32\shmgrate.exe

c:\windows\system32\shmgrate.exe - OK

 

[Caminho] c:\windows\system32\shscrap.dll

c:\windows\system32\shscrap.dll - OK

 

[Caminho] c:\windows\system32\shsvcs.dll

c:\windows\system32\shsvcs.dll - OK

 

[Caminho] c:\windows\system32\sirenacm.dll

c:\windows\system32\sirenacm.dll - OK

 

[Caminho] c:\windows\system32\slayerxp.dll

c:\windows\system32\slayerxp.dll - OK

 

[Caminho] c:\windows\system32\smlogsvc.exe

c:\windows\system32\smlogsvc.exe - OK

 

[Caminho] c:\windows\system32\smss.exe

c:\windows\system32\smss.exe - OK

 

[Caminho] c:\windows\system32\snmpapi.dll

c:\windows\system32\snmpapi.dll - OK

 

[Caminho] c:\windows\system32\spool\prtprocs\w32x86\hpzpp054.dll

c:\windows\system32\spool\prtprocs\w32x86\hpzpp054.dll - OK

 

[Caminho] c:\windows\system32\spool\prtprocs\w32x86\lmiproc.dll

c:\windows\system32\spool\prtprocs\w32x86\lmiproc.dll - OK

 

[Caminho] c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll

c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll - OK

 

[Caminho] c:\windows\system32\spoolss.dll

c:\windows\system32\spoolss.dll - OK

 

[Caminho] c:\windows\system32\spoolsv.exe

c:\windows\system32\spoolsv.exe - OK

 

[Caminho] c:\windows\system32\srchadmin.dll

c:\windows\system32\srchadmin.dll - OK

 

[Caminho] c:\windows\system32\srsvc.dll

c:\windows\system32\srsvc.dll - OK

 

[Caminho] c:\windows\system32\srvsvc.dll

c:\windows\system32\srvsvc.dll - OK

 

[Caminho] c:\windows\system32\ssdpapi.dll

c:\windows\system32\ssdpapi.dll - OK

 

[Caminho] c:\windows\system32\ssdpsrv.dll

c:\windows\system32\ssdpsrv.dll - OK

 

[Caminho] c:\windows\system32\stobject.dll

c:\windows\system32\stobject.dll - OK

 

[Caminho] c:\windows\system32\svchost.exe

c:\windows\system32\svchost.exe - OK

 

[Caminho] c:\windows\system32\sxs.dll

c:\windows\system32\sxs.dll - OK

 

[Caminho] c:\windows\system32\syncui.dll

c:\windows\system32\syncui.dll - OK

 

[Caminho] c:\windows\system32\tapi32.dll

c:\windows\system32\tapi32.dll - OK

 

[Caminho] c:\windows\system32\tapisrv.dll

c:\windows\system32\tapisrv.dll - OK

 

[Caminho] c:\windows\system32\tcpmon.dll

c:\windows\system32\tcpmon.dll - OK

 

[Caminho] c:\windows\system32\termsrv.dll

c:\windows\system32\termsrv.dll - OK

 

[Caminho] c:\windows\system32\themeui.dll

c:\windows\system32\themeui.dll - OK

 

[Caminho] c:\windows\system32\tlntsvr.exe

c:\windows\system32\tlntsvr.exe - OK

 

[Caminho] c:\windows\system32\tquery.dll

c:\windows\system32\tquery.dll - OK

 

[Caminho] c:\windows\system32\trkwks.dll

c:\windows\system32\trkwks.dll - OK

 

[Caminho] c:\windows\system32\twext.dll

c:\windows\system32\twext.dll - OK

 

[Caminho] c:\windows\system32\umpnpmgr.dll

c:\windows\system32\umpnpmgr.dll - OK

 

[Caminho] c:\windows\system32\uncdms.dll

c:\windows\system32\uncdms.dll - OK

 

[Caminho] c:\windows\system32\uncph.dll

c:\windows\system32\uncph.dll - OK

 

[Caminho] c:\windows\system32\unimdm.tsp

c:\windows\system32\unimdm.tsp - OK

 

[Caminho] c:\windows\system32\unimdmat.dll

c:\windows\system32\unimdmat.dll - OK

 

[Caminho] c:\windows\system32\uniplat.dll

c:\windows\system32\uniplat.dll empacotado por FLY-CODE

>c:\windows\system32\uniplat.dll - OK

 

[Caminho] c:\windows\system32\upnp.dll

c:\windows\system32\upnp.dll - OK

 

[Caminho] c:\windows\system32\upnphost.dll

c:\windows\system32\upnphost.dll - OK

 

[Caminho] c:\windows\system32\ups.exe

c:\windows\system32\ups.exe - OK

 

[Caminho] c:\windows\system32\url.dll

c:\windows\system32\url.dll - OK

 

[Caminho] c:\windows\system32\urlmon.dll

c:\windows\system32\urlmon.dll - OK

 

[Caminho] c:\windows\system32\usbmon.dll

c:\windows\system32\usbmon.dll - OK

 

[Caminho] c:\windows\system32\user32.dll

c:\windows\system32\user32.dll - OK

 

[Caminho] c:\windows\system32\userenv.dll

c:\windows\system32\userenv.dll - OK

 

[Caminho] c:\windows\system32\userinit.exe

c:\windows\system32\userinit.exe - OK

 

[Caminho] c:\windows\system32\usp10.dll

c:\windows\system32\usp10.dll - OK

 

[Caminho] c:\windows\system32\uxtheme.dll

c:\windows\system32\uxtheme.dll - OK

 

[Caminho] c:\windows\system32\version.dll

c:\windows\system32\version.dll - OK

 

[Caminho] c:\windows\system32\vssapi.dll

c:\windows\system32\vssapi.dll - OK

 

[Caminho] c:\windows\system32\vssvc.exe

c:\windows\system32\vssvc.exe - OK

 

[Caminho] c:\windows\system32\vtdisply.dll

c:\windows\system32\vtdisply.dll empacotado por ZLIB

>c:\windows\system32\vtdisply.dll - arquivo BINARYRES

>>c:\windows\system32\vtdisply.dll/data001 - OK

>>c:\windows\system32\vtdisply.dll/data002 - OK

>>c:\windows\system32\vtdisply.dll/data003 - OK

>>c:\windows\system32\vtdisply.dll/data004 - OK

>>c:\windows\system32\vtdisply.dll/data005 - OK

>>c:\windows\system32\vtdisply.dll/data006 - OK

>>c:\windows\system32\vtdisply.dll/data007 - OK

>>c:\windows\system32\vtdisply.dll/data008 - OK

>>c:\windows\system32\vtdisply.dll/data009 - OK

>>c:\windows\system32\vtdisply.dll/data010 - OK

>>c:\windows\system32\vtdisply.dll/data011 - OK

>>c:\windows\system32\vtdisply.dll/data012 - OK

>>c:\windows\system32\vtdisply.dll/data013 - OK

>c:\windows\system32\vtdisply.dll - OK

 

[Caminho] c:\windows\system32\vtgamma2.dll

c:\windows\system32\vtgamma2.dll empacotado por ZLIB

>c:\windows\system32\vtgamma2.dll - arquivo BINARYRES

>>c:\windows\system32\vtgamma2.dll/data001 - OK

>>c:\windows\system32\vtgamma2.dll/data002 - OK

>>c:\windows\system32\vtgamma2.dll/data003 - OK

>>c:\windows\system32\vtgamma2.dll/data004 - OK

>>c:\windows\system32\vtgamma2.dll/data005 - OK

>>c:\windows\system32\vtgamma2.dll/data006 - OK

>>c:\windows\system32\vtgamma2.dll/data007 - OK

>>c:\windows\system32\vtgamma2.dll/data008 - OK

>>c:\windows\system32\vtgamma2.dll/data009 - OK

>>c:\windows\system32\vtgamma2.dll/data010 - OK

>>c:\windows\system32\vtgamma2.dll/data011 - OK

>>c:\windows\system32\vtgamma2.dll/data012 - OK

>>c:\windows\system32\vtgamma2.dll/data013 - OK

>>c:\windows\system32\vtgamma2.dll/data014 - OK

>>c:\windows\system32\vtgamma2.dll/data015 - OK

>>c:\windows\system32\vtgamma2.dll/data016 - OK

>>c:\windows\system32\vtgamma2.dll/data017 - OK

>>c:\windows\system32\vtgamma2.dll/data018 - OK

>c:\windows\system32\vtgamma2.dll - OK

 

[Caminho] c:\windows\system32\vtinfo2.dll

c:\windows\system32\vtinfo2.dll empacotado por ZLIB

>c:\windows\system32\vtinfo2.dll - arquivo BINARYRES

>>c:\windows\system32\vtinfo2.dll/data001 - OK

>>c:\windows\system32\vtinfo2.dll/data002 - OK

>>c:\windows\system32\vtinfo2.dll/data003 - OK

>>c:\windows\system32\vtinfo2.dll/data004 - OK

>>c:\windows\system32\vtinfo2.dll/data005 - OK

>>c:\windows\system32\vtinfo2.dll/data006 - OK

>>c:\windows\system32\vtinfo2.dll/data007 - OK

>>c:\windows\system32\vtinfo2.dll/data008 - OK

>>c:\windows\system32\vtinfo2.dll/data009 - OK

>>c:\windows\system32\vtinfo2.dll/data010 - OK

>>c:\windows\system32\vtinfo2.dll/data011 - OK

>>c:\windows\system32\vtinfo2.dll/data012 - OK

>c:\windows\system32\vtinfo2.dll - OK

 

[Caminho] c:\windows\system32\vtovrlay.dll

c:\windows\system32\vtovrlay.dll empacotado por ZLIB

>c:\windows\system32\vtovrlay.dll - arquivo BINARYRES

>>c:\windows\system32\vtovrlay.dll/data001 - OK

>>c:\windows\system32\vtovrlay.dll/data002 - OK

>>c:\windows\system32\vtovrlay.dll/data003 - OK

>>c:\windows\system32\vtovrlay.dll/data004 - OK

>>c:\windows\system32\vtovrlay.dll/data005 - OK

>>c:\windows\system32\vtovrlay.dll/data006 - OK

>>c:\windows\system32\vtovrlay.dll/data007 - OK

>>c:\windows\system32\vtovrlay.dll/data008 - OK

>>c:\windows\system32\vtovrlay.dll/data009 - OK

>>c:\windows\system32\vtovrlay.dll/data010 - OK

>>c:\windows\system32\vtovrlay.dll/data011 - OK

>>c:\windows\system32\vtovrlay.dll/data012 - OK

>c:\windows\system32\vtovrlay.dll - OK

 

[Caminho] c:\windows\system32\vttimer.exe

c:\windows\system32\vttimer.exe - OK

 

[Caminho] c:\windows\system32\vttrayp.exe

c:\windows\system32\vttrayp.exe empacotado por ZLIB

>c:\windows\system32\vttrayp.exe - arquivo BINARYRES

>>c:\windows\system32\vttrayp.exe/data001 - OK

>>c:\windows\system32\vttrayp.exe/data002 - OK

>>c:\windows\system32\vttrayp.exe/data003 - OK

>>c:\windows\system32\vttrayp.exe/data004 - OK

>>c:\windows\system32\vttrayp.exe/data005 - OK

>>c:\windows\system32\vttrayp.exe/data006 - OK

>c:\windows\system32\vttrayp.exe - OK

 

[Caminho] c:\windows\system32\w32time.dll

c:\windows\system32\w32time.dll - OK

 

[Caminho] c:\windows\system32\w3ssl.dll

c:\windows\system32\w3ssl.dll - OK

 

[Caminho] c:\windows\system32\wbem\esscli.dll

c:\windows\system32\wbem\esscli.dll - OK

 

[Caminho] c:\windows\system32\wbem\fastprox.dll

c:\windows\system32\wbem\fastprox.dll - OK

 

[Caminho] c:\windows\system32\wbem\ncprov.dll

c:\windows\system32\wbem\ncprov.dll - OK

 

[Caminho] c:\windows\system32\wbem\repdrvfs.dll

c:\windows\system32\wbem\repdrvfs.dll - OK

 

[Caminho] c:\windows\system32\wbem\wbemcomn.dll

c:\windows\system32\wbem\wbemcomn.dll - OK

 

[Caminho] c:\windows\system32\wbem\wbemcore.dll

c:\windows\system32\wbem\wbemcore.dll - OK

 

[Caminho] c:\windows\system32\wbem\wbemess.dll

c:\windows\system32\wbem\wbemess.dll - OK

 

[Caminho] c:\windows\system32\wbem\wbemsvc.dll

c:\windows\system32\wbem\wbemsvc.dll - OK

 

[Caminho] c:\windows\system32\wbem\winmgmt.exe

c:\windows\system32\wbem\winmgmt.exe - OK

 

[Caminho] c:\windows\system32\wbem\wmiapsrv.exe

c:\windows\system32\wbem\wmiapsrv.exe - OK

 

[Caminho] c:\windows\system32\wbem\wmiprvsd.dll

c:\windows\system32\wbem\wmiprvsd.dll - OK

 

[Caminho] c:\windows\system32\wbem\wmisvc.dll

c:\windows\system32\wbem\wmisvc.dll - OK

 

[Caminho] c:\windows\system32\wbem\wmiutils.dll

c:\windows\system32\wbem\wmiutils.dll - OK

 

[Caminho] c:\windows\system32\wdigest.dll

c:\windows\system32\wdigest.dll - OK

 

[Caminho] c:\windows\system32\wdmaud.drv

c:\windows\system32\wdmaud.drv - OK

 

[Caminho] c:\windows\system32\webcheck.dll

c:\windows\system32\webcheck.dll - OK

 

[Caminho] c:\windows\system32\webclnt.dll

c:\windows\system32\webclnt.dll - OK

 

[Caminho] c:\windows\system32\wgalogon.dll

c:\windows\system32\wgalogon.dll - OK

 

[Caminho] c:\windows\system32\wiascr.dll

c:\windows\system32\wiascr.dll - OK

 

[Caminho] c:\windows\system32\wiaservc.dll

c:\windows\system32\wiaservc.dll - OK

 

[Caminho] c:\windows\system32\wiashext.dll

c:\windows\system32\wiashext.dll - OK

 

[Caminho] c:\windows\system32\win32spl.dll

c:\windows\system32\win32spl.dll - OK

 

[Caminho] c:\windows\system32\winhttp.dll

c:\windows\system32\winhttp.dll - OK

 

[Caminho] c:\windows\system32\wininet.dll

c:\windows\system32\wininet.dll - OK

 

[Caminho] c:\windows\system32\winipsec.dll

c:\windows\system32\winipsec.dll - OK

 

[Caminho] c:\windows\system32\winlogon.exe

c:\windows\system32\winlogon.exe - OK

 

[Caminho] c:\windows\system32\winmm.dll

c:\windows\system32\winmm.dll - OK

 

[Caminho] c:\windows\system32\winrnr.dll

c:\windows\system32\winrnr.dll - OK

 

[Caminho] c:\windows\system32\winscard.dll

c:\windows\system32\winscard.dll - OK

 

[Caminho] c:\windows\system32\winspool.drv

c:\windows\system32\winspool.drv - OK

 

[Caminho] c:\windows\system32\winsrv.dll

c:\windows\system32\winsrv.dll - OK

 

[Caminho] c:\windows\system32\winsta.dll

c:\windows\system32\winsta.dll empacotado por FLY-CODE

>c:\windows\system32\winsta.dll - OK

 

[Caminho] c:\windows\system32\wintrust.dll

c:\windows\system32\wintrust.dll - OK

 

[Caminho] c:\windows\system32\wkssvc.dll

c:\windows\system32\wkssvc.dll - OK

 

[Caminho] c:\windows\system32\wldap32.dll

c:\windows\system32\wldap32.dll - OK

 

[Caminho] c:\windows\system32\wlnotify.dll

c:\windows\system32\wlnotify.dll - OK

 

[Caminho] c:\windows\system32\wmi.dll

c:\windows\system32\wmi.dll - OK

 

[Caminho] c:\windows\system32\wmpshell.dll

c:\windows\system32\wmpshell.dll - OK

 

[Caminho] c:\windows\system32\wpdshserviceobj.dll

c:\windows\system32\wpdshserviceobj.dll - OK

 

[Caminho] c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2_32.dll - OK

 

[Caminho] c:\windows\system32\ws2help.dll

c:\windows\system32\ws2help.dll - OK

 

[Caminho] c:\windows\system32\wscsvc.dll

c:\windows\system32\wscsvc.dll - OK

 

[Caminho] c:\windows\system32\wshext.dll

c:\windows\system32\wshext.dll - OK

 

[Caminho] c:\windows\system32\wshtcpip.dll

c:\windows\system32\wshtcpip.dll - OK

 

[Caminho] c:\windows\system32\wsnmp32.dll

c:\windows\system32\wsnmp32.dll - OK

 

[Caminho] c:\windows\system32\wsock32.dll

c:\windows\system32\wsock32.dll - OK

 

[Caminho] c:\windows\system32\wtsapi32.dll

c:\windows\system32\wtsapi32.dll - OK

 

[Caminho] c:\windows\system32\wuauclt.exe

c:\windows\system32\wuauclt.exe - OK

 

[Caminho] c:\windows\system32\wuaucpl.cpl

c:\windows\system32\wuaucpl.cpl - OK

 

[Caminho] c:\windows\system32\wuaueng.dll

c:\windows\system32\wuaueng.dll - OK

 

[Caminho] c:\windows\system32\wuauserv.dll

c:\windows\system32\wuauserv.dll - OK

 

[Caminho] c:\windows\system32\wudfsvc.dll

c:\windows\system32\wudfsvc.dll empacotado por PESTUB

>c:\windows\system32\wudfsvc.dll - OK

 

[Caminho] c:\windows\system32\wups2.dll

c:\windows\system32\wups2.dll - OK

 

[Caminho] c:\windows\system32\wuweb.dll

c:\windows\system32\wuweb.dll - OK

 

[Caminho] c:\windows\system32\wzcsapi.dll

c:\windows\system32\wzcsapi.dll - OK

 

[Caminho] c:\windows\system32\wzcsvc.dll

c:\windows\system32\wzcsvc.dll - OK

 

[Caminho] c:\windows\system32\xmllite.dll

c:\windows\system32\xmllite.dll - OK

 

[Caminho] c:\windows\system32\xmlprov.dll

c:\windows\system32\xmlprov.dll - OK

 

[Caminho] c:\windows\system32\xpsp2res.dll

c:\windows\system32\xpsp2res.dll - OK

 

[Caminho] c:\windows\system32\zipfldr.dll

c:\windows\system32\zipfldr.dll - OK

 

[Caminho] c:\windows\vsnpstd3.exe

c:\windows\vsnpstd3.exe - OK

 

-----------------------------------------------------------------------------

Estatísticas

-----------------------------------------------------------------------------

Objectos verificados: 1031

Infectado: 0

Objectos com modificações encontrados: 0

Objectos suspeitos encontrados: 0

Programas Adware encontrados: 0

Programas Dialer encontrados: 0

Programas Joke encontrados: 0

Programas Riskware encontrados: 0

Programas Hacktool encontrados: 0

Objectos desinfectados: 0

Objectos eliminados: 0

Objectos renomeados: 0

Objectos movidos: 0

Objectos ignorados: 0

Velocidade de verificação: 1229 Kb/s

Tempo de verificação: 00:03:27

-----------------------------------------------------------------------------

Compartilhar este post


Link para o post
Compartilhar em outros sites

CONTINUAÇÃO DA POSTAGEM ANTERIOR

________________________________________________________________________________

 

LOG DO HIJACKTHIS

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:01:55, on 5/3/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Winamp\winampa.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\ltmoh\Ltmoh.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe

C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\Ronaldo\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\Ronaldo\Meus documentos\Downloads\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60337

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60337

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.speedapps.com/search.htm

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_04\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O4 - HKLM\..\Run: [WinampAgent] "C:\Arquivos de programas\Winamp\winampa.exe"

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LtMoh] C:\Arquivos de programas\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [uSBFW] C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Windows Desktop Search.lnk = C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Crawler Search - tbr:iemenu

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228498680593

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228411392625

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O17 - HKLM\System\CCS\Services\Tcpip\..\{BE959707-E59A-4D10-A643-49268770758D}: NameServer = 201.10.120.3,201.10.128.3

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 11413 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! ronaldogpi

 

<!> Desinstale:

 

<!> Crawler <--

 

< 137764_a.gif >

 

<!> MSN 8.5 <--

 

<!> Reinicie,após desinstalar!

<><><><><><><><><><>

<@> Abra o HijackThis --> Clique: Do a system scan only

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60337

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60337

 

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

 

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

 

O8 - Extra context menu item: Crawler Search - tbr:iemenu

 

<@> Marque,àcima,estas entradas --> Clique em Fix checked --> Sim!

<><><><><><><><><><>

<@> Baixe: < CCleaner >

<@> Salve-o no Desktop!

<@> Com a opção < Limpador >,já selecionada,clique em Analisar. --> Aguarde o progresso!

<@> Terminando,clique em Executar Cleaner.

<@> Na janela que surgir,dê o Ok. --> Aguarde o progresso!

<@> Selecionando a opção Registro,clique em Procurar erros.

<@> Terminando,clique em Corrigir erros selecionados...

<@> Na pergunta,clique em Sim!

<@> Nomeie os backups e clique em Salvar.

<@> Por alguns dias,estando tudo Ok,poderá deletar esse arquivo de backup. ( .reg )

<@> Na janela que aparecer,clique em: "Corrigir todos os erros selecionados"

<@> Clique em Ok --> Fechar.

<@> Para maiores detalhes,leia o Tutorial: < Link >

<><><><><><><><><><>

<@> Vá em Iniciar --> Executar --> Digite: services.msc

<@> Clique em Ok.

<@> Verifique se:

 

Chamada de Procedimento Remoto ( RPC ) e Serviço de Restauração do Sistema,estão no automático e iniciados.

<@> Verifique,também,se o Serviço de restauração do sistema está configurado,na guia logon,como Conta de sistema local.

<@> Se estiver tudo Ok,insira o CD de instalação do Windows XP,no drive de CD-ROM.

<@> Vá em Iniciar --> Executar --> Digite: %SystemRoot%\inf

<@> Localize o arquivo: sr,na pasta inf.

<@> Clique com o direito do Mouse,sobre o arquivo ( sr ) e escolha: Instalar

<@> Terminando,reinicie o computador!

<><><><><><><><><><>

<@> Vá em Iniciar --> Executar --> Digite: sfc /scannow --> Clique OK.

 

< 2.jpg >

 

<@> Será pedido a colocação do CD-ROM,do Windows XP,no drive.

<@> Aguarde a conclusão do reparo! --> Reinicie!

<><><><><><><><><><>

<!> Reinstale o seu MSN 8.5. Se possível,baixe outro instalador.

<!> Após as correções/remoções,poste um novo log do HijackThis e relate os resultados.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite,

 

Todos os passos foram executados com sucesso, conforme a orientação do tópico anterior. Inclusive eliminei as linhas apontadas pelo Hijackthis. Desses procedimentos, porém, um não foi concluído de forma satisfatória pelo sistema operacional do Windows XP.

 

<@> Localize o arquivo: sr,na pasta inf.

<@> Clique com o direito do Mouse,sobre o arquivo ( sr ) e escolha: Instalar

 

Quando eu segui esse passo, o XP pediu para procurar no sistema do computador o arquivo correspondente.

 

Chamada de Procedimento Remoto ( RPC ) e Serviço de Restauração do Sistema,estão no automático e iniciados.

 

Sobre a solicitação para verificar as chamadas de procedimento remoto e Serviço de Restauração do Sistema encontram-se ligados no sistema operacional.

 

Entretanto, de forma geral o computador persiste nos mesmos erros de memória quanto aos painéis de Restauração do Sistema, Contas de Usuário, os quais não estão funcionando corretamente no XP. Embora demore para carregar, o navegador do Internet Explorer está operando normalmente pelas páginas da Web, sem reproduzir nenhum vídeo.

 

Segue abaixo o log do Hijackthis, conforme solicitação para uma posterior análise sobre o sistema. Desde já agradeço pela atenção e obrigado pela ajuda de grande valia na busca pela solução do meu problema.

 

________________________________________________________________________________

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:56:36, on 4/4/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Winamp\winampa.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\ltmoh\Ltmoh.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

C:\WINDOWS\system32\Restore\rstrui.exe

C:\Arquivos de programas\Mozilla Firefox 3.1 Beta 3\firefox.exe

C:\WINDOWS\system32\msiexec.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe

C:\Documents and Settings\Ronaldo\Meus documentos\Downloads\hijackthis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60337

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_04\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [WinampAgent] "C:\Arquivos de programas\Winamp\winampa.exe"

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LtMoh] C:\Arquivos de programas\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [uSBFW] C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [NBJ] "C:\Arquivos de programas\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228498680593

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228411392625

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O17 - HKLM\System\CCS\Services\Tcpip\..\{BE959707-E59A-4D10-A643-49268770758D}: NameServer = 201.10.120.3,201.10.128.3

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 11522 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! ronaldogpi

 

<@> Baixe: < Kaspersky Virus Removal Tool >

<@> Salve-o em Arquivos de Programas,e instale-o aí mesmo!

<@> Reinicie o computador,em Modo de Segurança! <-- Importante!

<@> Dê início ao exame,clicando em "Scan".

<@> A verificação é muito demorada. <-- Aguarde!

<@> Caso seja encontrada infecções,clique em "disinfect".

<@> Terminando,clique na aba Events.

<@> Desmarque a caixa de seleção "Show all events".

<@> Clique em "Save to file".

<@> Nomeie-o e salve-o no desktop! <-- Relatório para postagem!

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite

 

Conforme solicitação seguem em anexo os relatórios dos aplicativos Kaspersky Virus Removal Tool e do Hijackthis. Infelizmente, informo que os problemas relatados anteriormente persistem no computador. Desde já agradeço pela atenção e pelo empenho na resolução desse problema. Tudo de bom para você.

 

________________________________________________________________________________

LOG DO KASPERSKY VIRUS REMOVAL TOOL

________________________________________________________________________________

Scan

----

Scanned: 1636

Detected: 0

Untreated: 0

Start time: 5/4/2009 18:24:40

Duration: 00:02:48

Finish time: 5/4/2009 18:27:28

 

 

Detected

--------

Status Object

------ ------

 

 

Events

------

Time Name Status Reason

---- ---- ------ ------

 

 

Statistics

----------

Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted

------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------

All objects 1636 0 0 0 0 1 163 0 0

System memory 804 0 0 0 0 0 0 0 0

Startup objects 830 0 0 0 0 1 163 0 0

Disk boot sectors 2 0 0 0 0 0 0 0 0

 

 

Settings

--------

Parameter Value

--------- -----

Security Level Recommended

Action Prompt for action when the scan is complete

Run mode Manually

File types Scan all files

Scan only new and changed files No

Scan archives All

Scan embedded OLE objects All

Skip if object is larger than No

Skip if scan takes longer than No

Parse email formats No

Scan password-protected archives No

Enable iChecker technology No

Enable iSwift technology No

Show detected threats on "Detected" tab Yes

Rootkits search Yes

Deep rootkits search No

Use heuristic analyzer Yes

 

 

Quarantine

----------

Status Object Size Added

------ ------ ---- -----

 

 

Backup

------

Status Object Size

------ ------ ----

________________________________________________________________________________

LOG DO HIJACKTHIS

________________________________________________________________________________

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:35:37, on 5/4/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Winamp\winampa.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\ltmoh\Ltmoh.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

C:\Arquivos de programas\Mozilla Firefox 3.1 Beta 3\firefox.exe

C:\Arquivos de programas\Winamp\winamp.exe

C:\Documents and Settings\Ronaldo\Meus documentos\Downloads\hijackthis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60337

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_04\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [WinampAgent] "C:\Arquivos de programas\Winamp\winampa.exe"

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_04\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LtMoh] C:\Arquivos de programas\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [uSBFW] C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [NBJ] "C:\Arquivos de programas\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228498680593

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228411392625

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O17 - HKLM\System\CCS\Services\Tcpip\..\{BE959707-E59A-4D10-A643-49268770758D}: NameServer = 201.10.120.3,201.10.128.3

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 11356 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! ronaldogpi

 

<@> Baixe: < ToolsCleaner > (...par A.Rothstein & dj QUIOU )

<@> Salve-o no desktop!

<@> Feche programas que estejam abertos,e execute a ferramenta.

<@> Clique no botão Recherche,para iniciar o scan. <-- Aguarde!

<@> Terminando,teremos relacionados os itens que serão removidos.

<@> Clique no botão Supression para remover os itens encontrados.

<@> Clique,à seguir,em Quitter.

<@> Poste o relatório: ( C:\TCleaner.txt ) <--

<><><><><><><><><><>

<@> Faça um escaneamento,online,em Eset.

<@> Utilize o navegador Internet Explorer.

<@> Marque a caixa: "SIM,aceito as condições de uso" --> Iniciar.

<@> Marque a caixa: "YES, I accept the Terms of Use" --> Start.

<@> Aceite a instalação do ActiveX e,ao terminar,salve e poste o relatório. ( C:\Arquivos de programas\EsetOnlineScanner\log )

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Topico aberto por solicitacao do autor

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite,

 

Antes de mais nada quero dizer que por problemas de ordem técnica e operacional impedindo que fossem realizadas as tarefas anteriormente solicitadas.

Entretanto, o problema persiste com o Windows XP, mesmo apesar de todas as tentativas testadas até o momento.

Segue em anexo o relatório do programa TCleaner, seguido o do Hijackthis, sendo que não obtive êxito no escaneamento e instalação do EsetOnlineScanner, o qual não se encontra anexado.

Desde já agradeço pela atenção, tudo de bom para você.

 

_________________________________________________________________________

LOG DO TCLEANER

_________________________________________________________________________

 

[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

 

-->- Recherche:

 

 

---------------------------------

-->- Suppression:

 

_________________________________________________________________________

LOG DO HIJACKTHIS

_________________________________________________________________________

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:23:32, on 20/5/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Winamp\winampa.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\ltmoh\Ltmoh.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\vsnpstd3.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe

C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Arquivos de programas\Mozilla Firefox 3.1 Beta 3\firefox.exe

C:\Documents and Settings\Daniel\Meus documentos\Downloads\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.a...&tbid=60337

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [WinampAgent] "C:\Arquivos de programas\Winamp\winampa.exe"

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LtMoh] C:\Arquivos de programas\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [AVP] "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"

O4 - HKLM\..\Run: [uSBFW] C:\Arquivos de programas\Net Studio\USB FireWall\USB FireWall.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [NBJ] "C:\Arquivos de programas\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Windows Desktop Search.lnk = C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Arquivos de programas\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228498680593

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228411392625

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vGqB728Ax....RichUpload.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O17 - HKLM\System\CCS\Services\Tcpip\..\{BE959707-E59A-4D10-A643-49268770758D}: NameServer = 201.10.120.3,201.10.128.3

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe

O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe

O23 - Service: Serviço Google Update (gupdate1c9c1b13a0f3b7e) (gupdate1c9c1b13a0f3b7e) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 11239 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! ronaldogpi

 

<@> Baixe: < DDS > ( ...by sUBs )

<@> Salve-o no desktop!

<@> Desabilite seus programas de proteção: antivírus,antimalware,antispyware ou firewall.

<@> Estando desconectado,execute a ferramenta! --> Duplo clique em dds.scr.

<@> Aguarde o término do scan,até obtermos o relatório. ( DDS.txt ) <--

<@> Surgirá,também,uma nova janela: "D.D.S - Optional_Scan" --> Clique em Sim.

<@> O Bloco de Notas irá abrir,com outro relatório. ( Attach.txt ) <--

<@> Ps: Caso o relatório seja incompreensível,renomeie o executável para DDS.exe e repita o scan.

<@> Outra janela,finalmente,abrir-se-à! --> Clique em OK.

<@> Salve os relatórios: DDS.txt + Attach.txt <-- Poste-os!

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.