FVIEIRAS 2 Denunciar post Postado Fevereiro 4, 2009 Bom dia amigos, Seguinte, probleminha chato que não consigo resolver. De uma hora pra outra, a máquina passou a apresentar vários problemas. Dentre eles estão... 1-Máquina fica lenta 2-Desinstalou o AVG da máquina sozinho 3-Internet não funciona mais, não abrindo mais o Internet Explorer 4-Apresenta erro Generic Host for Win32 Services Acontece o seguinte... A máquina liga, só que logo me aparece o Spybot me perguntando se eu libero ou não 2 itens: Categoria: Session Manager Moificação: Valor Apagado Entrada: BootExecute Dados Antigos: Autocheck autochk * Categoria: Session Manager Moificação: Valor Apagado Entrada: BootExecute Dados Antigos: Autocheck autochk * Fico dando sempre Negar, porém toda vez que reinicia aparece de novo! Outra coisa, logo em seguida a estas solicitações, aparece na tela a mensagem de erro Generic Host Process for Win32 Services, onde se eu deixo minimizada a mensagem, consigo trabalhar normalmente na máquina, porém se eu clico em Não Enviar para fechar a mensagem, daí começa tudo... não funciona mais nada.... Sei que deve ser um malware, que entrou não sei como... mas... alguém tem idéia de como tirar isso... PS.: De forma alguma pode ser formatada a máquina, pois existem softwares que não temos mais instalado nela! Segue abaixo o log do Hijack: Logfile of HijackThis v1.99.1 Scan saved at 11:59:47, on 4/2/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\Arquivos de programas\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe C:\MSSQL7\binn\sqlservr.exe C:\WINDOWS\Explorer.EXE C:\apache\mysql\bin\mysqld-nt.exe c:\apache\APACHE.EXE C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe c:\apache\APACHE.EXE C:\ARQUIV~1\ARQUIV~1\DATADY~1\ACTIVE~1\WEBCAC~1.EXE C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe C:\Arquivos de programas\Ahead\InCD\InCD.exe C:\Arquivos de programas\Winamp\winampa.exe C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\Arquivos de programas\Messenger\msmsgs.exe C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\MSN Messenger\msnmsgr.exe C:\Arquivos de programas\Microsoft ActiveSync\Wcescomm.exe C:\MSSQL7\Binn\sqlmangr.exe C:\ARQUIV~1\MI3AA1~1\rapimgr.exe C:\apache\mysql\bin\winmysqladmin.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\WINDOWS\system32\dwwin.exe C:\WINDOWS\system32\taskmgr.exe C:\FAWAY\LABORATÓRIO\SOFTWARES\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/ R3 - Default URLSearchHook is missing O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [inCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Arquivos de programas\Winamp\winampa.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Arquivos de programas\Microsoft ActiveSync\Wcescomm.exe" O4 - HKCU\..\Run: [AdobeUpdater] C:\Arquivos de programas\Arquivos comuns\Adobe\Updater\AdobeUpdater.exe O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: WinMySQLadmin.lnk = C:\apache\mysql\bin\winmysqladmin.exe O4 - Global Startup: Administrador de servicios.lnk = C:\MSSQL7\Binn\sqlmangr.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\ARQUIV~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\ARQUIV~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\ARQUIV~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} (OCXDownloadChecker Control) - http://200.161.2.14:8080/cab/OCXChecker_6110.cab O16 - DPF: {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA} (Hewlett-Packard Printer Diagnostics) - http://h50203.www5.hp.com/HPISWeb/Customer...SWebManager.CAB O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://underground.thepie.com:8081/activex...sCamControl.cab O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} (DownloadFile Control) - http://200.161.2.14:8080/cab/DownloadFile_7000.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{AA140164-8166-432B-8465-141263014078}: NameServer = 200.229.128.21,200.229.128.18 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Logitech QuickCam Manager - Unknown owner - C:\WINDOWS\system32\dllcache\mlqm.exe (file missing) O23 - Service: MySql - Unknown owner - C:/apache/mysql/bin/mysqld-nt.exe O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE" --ntservice (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WebCacheService - Data Dynamics - C:\ARQUIV~1\ARQUIV~1\DATADY~1\ACTIVE~1\WEBCAC~1.EXE Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Fevereiro 4, 2009 Boa Tarde! FVIEIRAS <@> Abra o Spybot Search & Destroy! <@> No menu superior,vá em Modo e selecione a opção Avançado. Confirme! <@> Clique no botão Ferramentas e depois em Residente. <@> Desmarque a opção: Ativar "TeaTimer" do Residente. ( Proteção geral das configurações de sistema ) ----------------------------------- <!> Abra o HijackThis --> Clique: Do a system scan only O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present <!> Marque,àcima,estas entradas! --> Clique em Fix checked --> Sim! ----------------------------------- <@> Baixe: < FixPolicies > <@> Salve-o no Desktop! <@> Execute o arquivo FixPolicies.exe,com um duplo-clique. <@> Clique em Install. <@> Abra a pasta FixPolicies --> Clique em Fix_policies.cmd <@> Dê permissão ao reparo,caso seja negada por programas de proteção. <@> Aguarde o término da verificação! ----------------------------------- <@> Baixe: < SDFix > ( ...by andymanchesta ) <@> Salve-o no Disco Local-C e,descompacte-o aí mesmo. <@> Reinicie o computador em Modo de Segurança. <-- Link! <@> Dê um duplo clique em: < runThis.bat > <!> Caso uma janela abra e feche,repentinamente!<!> Vá em Iniciar --> Executar --> Digite ou cole: %systemdrive%\SDFix\apps\FixPath.exe /Q --> OK! <!> Reinicie o computador e execute,novamente,o SDFix. <!> Caso não funcione,verifique a variável %comspec%. <!> Clique direito do mouse,em Meu Computador --> Propriedades --> Avançadas. <!> Em Variáveis do Ambiente,verifique se a variável ComSpec,tem o seguinte valor para o cmd.exe: <!> Valor: %SystemRoot%\system32\cmd.exe <@> Aperte o Y. <@> Aguarde a conclusão! <@> Terminando,aperte Enter. ( Ou,qualquer tecla!) <@> O computador será reiniciado! <@> Aguarde,ainda,a conclusão da limpeza. <@> Poste os relatórios: Report.txt + HijackThis,atualizado. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
FVIEIRAS 2 Denunciar post Postado Fevereiro 5, 2009 Olá, Segue o Report.txt e depois o hijack. Aparentemente tudo está funcionando normal até agora. SDFix: Version 1.240 Run by FABIO on qui 05/02/2009 at 10:48 Microsoft Windows XP [versÆo 5.1.2600] Running From: C:\SDFix Checking Services : C:\WINDOWS\system32\Microsoft\backup.ftp Found C:\WINDOWS\system32\Microsoft\backup.tftp Found Checking files: Genuine: C:\WINDOWS\system32\Microsoft\backup.ftp C:\WINDOWS\system32\Microsoft\backup.tftp Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Desktop\Error Cleaner.url - Deleted C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Favoritos\Error Cleaner.url - Deleted C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Desktop\Privacy Protector.url - Deleted C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Favoritos\Privacy Protector.url - Deleted C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Desktop\Spyware&Malware Protection.url - Deleted C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Favoritos\Spyware&Malware Protection.url - Deleted C:\WINDOWS\system32\Microsoft\backup.ftp - Deleted C:\WINDOWS\system32\Microsoft\backup.tftp - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-05 11:12:58 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe"="C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger" "C:\\Arquivos de programas\\iTunes\\iTunes.exe"="C:\\Arquivos de programas\\iTunes\\iTunes.exe:*:Enabled:iTunes" "C:\\Arquivos de programas\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe"="C:\\Arquivos de programas\\Macromedia\\Dreamweaver 8\\Dreamweaver.exe:*:Enabled:Dreamweaver 8" "C:\\Arquivos de programas\\RealVNC\\VNC4\\winvnc4.exe"="C:\\Arquivos de programas\\RealVNC\\VNC4\\winvnc4.exe:*:Enabled:VNC Server Free Edition for Win32" "C:\\Arquivos de programas\\AtomPark\\Atomic Email Hunter\\AtomicEmailHunter.exe"="C:\\Arquivos de programas\\AtomPark\\Atomic Email Hunter\\AtomicEmailHunter.exe:*:Enabled:Atomic Email Hunter" "C:\\Arquivos de programas\\AtomPark\\Atomic Mail Sender\\AtomicMailSender.exe"="C:\\Arquivos de programas\\AtomPark\\Atomic Mail Sender\\AtomicMailSender.exe:*:Enabled:Atomic Mail Sender" "C:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"="C:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe" "C:\\Arquivos de programas\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Arquivos de programas\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Arquivos de programas\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Arquivos de programas\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Arquivos de programas\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Arquivos de programas\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" "C:\\Arquivos de programas\\UltraVNC\\vncviewer.exe"="C:\\Arquivos de programas\\UltraVNC\\vncviewer.exe:*:Enabled:vncviewer.exe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Arquivos de programas\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Arquivos de programas\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager" "C:\\Arquivos de programas\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Arquivos de programas\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager" "C:\\Arquivos de programas\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Arquivos de programas\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Wed 6 Jun 2007 660,992 A..H. --- "C:\WINDOWS\system32\d3dinf.dll" Thu 1 Feb 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Dados de aplicativos\Microsoft\Word\~WRL0143.tmp" Thu 1 Feb 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Dados de aplicativos\Microsoft\Word\~WRL0534.tmp" Sat 27 Jan 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Dados de aplicativos\Microsoft\Word\~WRL3106.tmp" Sat 27 Jan 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Dados de aplicativos\Microsoft\Word\~WRL3444.tmp" Thu 1 Feb 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Dados de aplicativos\Microsoft\Word\~WRL3805.tmp" Tue 3 Jul 2007 85,926 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT1.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT162.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT163.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT164.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT165.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT166.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT167.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT168.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT169.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT16A.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT16B.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT16C.tmp" Tue 3 Jul 2007 85,926 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT16D.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT16E.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT16F.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT170.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT171.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT177.tmp" Wed 4 Jul 2007 85,926 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT178.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT179.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT17A.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT17B.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT17C.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT17D.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT17E.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT17F.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT180.tmp" Wed 4 Jul 2007 85,926 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT181.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT182.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT183.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT184.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT185.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT186.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT187.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT188.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT189.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT18A.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT18B.tmp" Wed 4 Jul 2007 85,926 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT18C.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT18D.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT18E.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT191.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT192.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT193.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT1F3.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT1F8.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT1F9.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT1FA.tmp" Tue 3 Jul 2007 85,926 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT1FB.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT2.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT3.tmp" Tue 3 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT4.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT5.tmp" Wed 4 Jul 2007 0 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\BACKUP\Configura‡äes locais\Temp\BIT6.tmp" Sun 18 Jul 2004 29,696 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\UNISA Trabalhos e Pesquisas\~WRL0001.tmp" Thu 15 Nov 2007 47,104 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\UNISA Trabalhos e Pesquisas\~WRL3284.tmp" Mon 19 Jul 2004 30,208 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\UNISA Trabalhos e Pesquisas\~WRL3912.tmp" Sat 21 Jan 2006 4,348 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\Minha m£sica\Backup de Licen‡a\drmv1key.bak" Tue 25 Mar 1980 782 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\Minha m£sica\Backup de Licen‡a\drmv1lic.bak" Tue 25 Mar 1980 312 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\Minha m£sica\Backup de Licen‡a\drmv2key.bak" Tue 25 Mar 1980 1,536 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\Minha m£sica\Backup de Licen‡a\drmv2lic.bak" Sat 4 Dec 2004 33,280 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\Adm. RH\~WRL0325.tmp" Sat 4 Dec 2004 33,280 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\Adm. RH\~WRL0674.tmp" Sat 4 Dec 2004 33,280 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\Adm. RH\~WRL2315.tmp" Sat 4 Dec 2004 33,792 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\Adm. RH\~WRL2943.tmp" Sat 4 Dec 2004 33,280 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\Adm. RH\~WRL3316.tmp" Tue 21 Sep 2004 42,496 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\Estatistica\~WRL0286.tmp" Tue 21 Sep 2004 39,936 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\Estatistica\~WRL1071.tmp" Tue 21 Sep 2004 141,824 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\Estatistica\~WRL1186.tmp" Tue 21 Sep 2004 39,936 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\Estatistica\~WRL3147.tmp" Mon 20 Sep 2004 35,840 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\Estatistica\~WRL3534.tmp" Wed 1 Dec 2004 114,688 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\tica\~WRL0761.tmp" Wed 1 Dec 2004 112,640 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\tica\~WRL0786.tmp" Wed 1 Dec 2004 110,592 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\tica\~WRL0889.tmp" Wed 1 Dec 2004 104,960 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\tica\~WRL3191.tmp" Thu 25 Nov 2004 87,552 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CARCIA\Trabalhos da Faculdade\tica\~WRL3379.tmp" Sun 17 Feb 1980 37,376 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL0001.tmp" Fri 15 Feb 1980 31,232 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL0002.tmp" Fri 15 Feb 1980 30,720 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL0004.tmp" Sun 17 Feb 1980 35,840 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL0005.tmp" Sun 17 Feb 1980 36,864 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL0006.tmp" Fri 15 Feb 1980 33,792 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL0187.tmp" Tue 25 Mar 1980 84,480 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL0349.tmp" Sun 23 Mar 1980 79,872 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL0570.tmp" Sun 17 Feb 1980 35,840 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL0841.tmp" Sun 17 Feb 1980 35,328 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL1458.tmp" Tue 25 Mar 1980 81,920 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL1809.tmp" Tue 25 Mar 1980 81,920 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL2192.tmp" Tue 25 Mar 1980 82,944 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL2521.tmp" Sun 17 Feb 1980 36,352 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL2547.tmp" Tue 25 Mar 1980 81,920 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL2690.tmp" Tue 25 Mar 1980 83,456 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL2856.tmp" Fri 15 Feb 1980 29,184 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL2983.tmp" Tue 25 Mar 1980 82,432 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL3050.tmp" Sun 17 Feb 1980 36,864 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL3087.tmp" Sun 17 Feb 1980 35,328 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL3165.tmp" Sun 17 Feb 1980 35,328 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL3511.tmp" Sun 17 Feb 1980 36,864 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL3584.tmp" Tue 25 Mar 1980 81,920 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL3645.tmp" Fri 15 Feb 1980 31,744 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL4008.tmp" Tue 25 Mar 1980 81,920 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\Igreja\Coisas do Sambarcanjo\~WRL4076.tmp" Tue 15 Feb 2005 29,696 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\UNISA Trabalhos e Pesquisas\FORMATURA\~WRL0001.tmp" Wed 16 Feb 2005 29,696 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\UNISA Trabalhos e Pesquisas\FORMATURA\~WRL0005.tmp" Wed 16 Feb 2005 29,696 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\UNISA Trabalhos e Pesquisas\FORMATURA\~WRL1702.tmp" Wed 16 Feb 2005 29,696 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\UNISA Trabalhos e Pesquisas\FORMATURA\~WRL1793.tmp" Wed 16 Feb 2005 29,696 A..H. --- "C:\Documents and Settings\FABIO\Meus documentos\bk\Meus Documentos\CLEBMAR\UNISA Trabalhos e Pesquisas\FORMATURA\~WRL2389.tmp" Finished! HIJACK Logfile of HijackThis v1.99.1 Scan saved at 13:28:39, on 5/2/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe C:\MSSQL7\binn\sqlservr.exe C:\apache\mysql\bin\mysqld-nt.exe c:\apache\APACHE.EXE C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe C:\ARQUIV~1\ARQUIV~1\DATADY~1\ACTIVE~1\WEBCAC~1.EXE c:\apache\APACHE.EXE C:\ARQUIV~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe C:\Arquivos de programas\Ahead\InCD\InCD.exe C:\Arquivos de programas\Winamp\winampa.exe C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\ARQUIV~1\AVG\AVG8\avgtray.exe C:\Arquivos de programas\Messenger\msmsgs.exe C:\Arquivos de programas\MSN Messenger\msnmsgr.exe C:\Arquivos de programas\Microsoft ActiveSync\Wcescomm.exe C:\ARQUIV~1\MI3AA1~1\rapimgr.exe C:\MSSQL7\Binn\sqlmangr.exe C:\apache\mysql\bin\winmysqladmin.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\Arquivos de programas\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\mdm.exe C:\WINDOWS\system32\msdtc.exe C:\WINDOWS\system32\dllhost.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\FAWAY\LABORATÓRIO\SOFTWARES\Segurança\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/ R3 - Default URLSearchHook is missing O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [inCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] C:\Arquivos de programas\Winamp\winampa.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Arquivos de programas\Microsoft ActiveSync\Wcescomm.exe" O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: WinMySQLadmin.lnk = C:\apache\mysql\bin\winmysqladmin.exe O4 - Global Startup: Administrador de servicios.lnk = C:\MSSQL7\Binn\sqlmangr.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\ARQUIV~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\ARQUIV~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\ARQUIV~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} (OCXDownloadChecker Control) - http://200.161.2.14:8080/cab/OCXChecker_6110.cab O16 - DPF: {33415AC7-AFFA-4D55-B41C-C64C0D07DFCA} (Hewlett-Packard Printer Diagnostics) - http://h50203.www5.hp.com/HPISWeb/Customer...SWebManager.CAB O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://underground.thepie.com:8081/activex...sCamControl.cab O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} (DownloadFile Control) - http://200.161.2.14:8080/cab/DownloadFile_7000.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{AA140164-8166-432B-8465-141263014078}: NameServer = 200.229.128.21,200.229.128.18 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Logitech QuickCam Manager - Unknown owner - C:\WINDOWS\system32\dllcache\mlqm.exe (file missing) O23 - Service: MySql - Unknown owner - C:/apache/mysql/bin/mysqld-nt.exe O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE" --ntservice (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: WebCacheService - Data Dynamics - C:\ARQUIV~1\ARQUIV~1\DATADY~1\ACTIVE~1\WEBCAC~1.EXE Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Fevereiro 5, 2009 Boa Tarde! FVIERAS <!> Estando tudo Ok,crie um ponto limpo de Restauração do Sistema. <!> Clique com o direito do mouse,em cima de Meu Computador --> Propriedades --> Restauração do Sistema. <!> Marque: Desativar Restauração do Sistema --> Aplicar --> Ok. <!> Depois,desmarque novamente! --> Aplicar --> Ok. <!> Para maiores detalhes,vá em: < Docs > ------------------------------- <!> O log está limpo! :thumbsup: <!> Tudo Ok? Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Mário Monteiro 179 Denunciar post Postado Março 6, 2009 PROBLEMA RESOLVIDO! Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites