[Resolvido!] Estou com problemas!

[Victorine 0]

Pessoal, eu gostaria que alguém me ajudasse e desse uma olhada no meu log, pois eu venho notando que o meu pc vem apresentando alguns comportamentos estranhos. Desde já agradeço pela atenção!!!!

 

 

Logfile of HijackThis v1.99.1

Scan saved at 02:32:06, on 23/02/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

e:\a-squared free\a2service.exe

D:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe

D:\Arquivos de programas\Bonjour\mDNSResponder.exe

D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBGuard.EXE

D:\Arquivos de programas\Java\jre6\bin\jqs.exe

D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\HPZipm12.exe

D:\WINDOWS\system32\slserv.exe

D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

D:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Candex2008\Apache-TomCat-5.5.26\bin\tomcat5.exe

D:\WINDOWS\Explorer.EXE

D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBServer.exe

D:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe

D:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

D:\Arquivos de programas\Arquivos comuns\ACD Systems\EN\DevDetect.exe

D:\Arquivos de programas\Java\jre6\bin\jusched.exe

D:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe

D:\WINDOWS\system32\ctfmon.exe

D:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

D:\Arquivos de programas\RALINK\Common\RaUI.exe

D:\Arquivos de programas\Musicmatch\Musicmatch Jukebox\mim.exe

D:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

D:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

D:\Arquivos de programas\Mozilla Firefox\firefox.exe

E:\Programas\Programas de Segurança\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgHelper.dll

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - D:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Arquivos de programas\Real\rpbrowserrecordplugin.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Arquivos de programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Arquivos de programas\Orbitdownloader\GrabPro.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - D:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O4 - HKLM\..\Run: [soundMAX] "D:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [HP Software Update] D:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [MimBoot] D:\ARQUIV~1\MUSICM~1\MUSICM~1\mimboot.exe

O4 - HKLM\..\Run: [NeroFilterCheck] D:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe

O4 - HKLM\..\Run: [iSUSPM Startup] D:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AVP] "D:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"

O4 - HKLM\..\Run: [sweetIM] D:\Arquivos de programas\SweetIM\Messenger\SweetIM.exe

O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "D:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [msnmsgr] ~"D:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Arquivos de programas\RALINK\Common\RaUI.exe

O8 - Extra context menu item: &Download by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Adicionar ao Bloqueador de Banners - D:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm

O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O9 - Extra button: CAi 2005 Plus! - Resumo da Conexão - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - D:\Arquivos de programas\CAi 2005 Plus!\CAi2005Plus.exe (file missing)

O9 - Extra 'Tools' menuitem: CAi 2005 Plus! - Resumo da Conexão - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - D:\Arquivos de programas\CAi 2005 Plus!\CAi2005Plus.exe (file missing)

O9 - Extra button: Estatísticas de protecção do Tráfego de Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - D:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: d:\arquivos de programas\bonjour\mdnsnsp.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: D:\ARQUIV~1\KASPER~1\KASPER~1\mzvkbd.dll,D:\ARQUIV~1\KASPER~1\KASPER~1\mzvkbd3.dll,D:\ARQUIV~1\KASPER~1\KASPER~1\adialhk.dll,D:\ARQUIV~1\KASPER~1\KASPER~1\kloehk.dll

O20 - Winlogon Notify: klogon - D:\WINDOWS\system32\klogon.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - e:\a-squared free\a2service.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - E:\Ares\chatServer.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Kaspersky Internet Security (AVP) - Unknown owner - D:\Arquivos de programas\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (file missing)

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - D:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: InterbaseGuardian - Inprise Corporation - D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBGuard.EXE

O23 - Service: InterbaseServer - Inprise Corporation - D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBServer.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - D:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "D:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: MySQLTSE - Unknown owner - D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe" "--defaults-file=D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\my.ini" MySQLTSE (file missing)

O23 - Service: NBService - Nero AG - D:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - D:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\system32\oodag.exe

O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ProtexisLicensing - Unknown owner - D:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: SmartLinkService (SLService) - Smart Link - D:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Apache Tomcat TomCatTSE (TomCatTSE) - Unknown owner - D:\Arquivos de programas\Candex2008\Apache-TomCat-5.5.26\bin\tomcat5.exe" //RS//TomCatTSE (file missing)

[DigRam 144]

Bom Dia! Victorine

 

<@> Baixe: < RSIT > ( ...by random/random )

<@> Salve-o,diretamente,no Disco Local ( D ).

<@> Dê um duplo clique em RSIT.exe,para executar a ferramenta.

<@> Na janela que abrir,disclamer,clique em "Continue".

<@> Aguarde a conclusão de "Running HijackThis". <-- Pseudo!

<@> Terminando,abrir-se-à o Bloco de Notas com o relatório: log.txt <-- Relatório para postagem!

<@> Poste,também,na sua resposta: info.txt,que estará em D:\rsit\info.txt <--

 

Abraços!

[Victorine 0]

Boa Noite! DigRam

 

Antes de tudo, muito obrigado por me ajudar!!!!!

 

Bem, logo abaixo estão os arquivos log.txt e info.txt. Muito obrigado e fico no aguardo da resposta. Abração!!!!

 

 

Logfile of random's system information tool 1.05 (written by random/random)

Run by Windows XP at 2009-02-25 01:35:41

Microsoft Windows XP Professional Service Pack 2

System drive D: has 3 GB (15%) free of 20 GB

Total RAM: 1023 MB (54% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 01:36:31, on 25/02/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe

D:\Arquivos de programas\BitDefender\BitDefender 2009\vsserv.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\Arquivos de programas\Bonjour\mDNSResponder.exe

D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBGuard.EXE

D:\Arquivos de programas\Java\jre6\bin\jqs.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\Explorer.EXE

D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe

D:\WINDOWS\system32\HPZipm12.exe

D:\WINDOWS\system32\slserv.exe

D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

D:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Candex2008\Apache-TomCat-5.5.26\bin\tomcat5.exe

D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBServer.exe

D:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe

D:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

D:\Arquivos de programas\Arquivos comuns\ACD Systems\EN\DevDetect.exe

D:\Arquivos de programas\Java\jre6\bin\jusched.exe

D:\Arquivos de programas\BitDefender\BitDefender 2009\bdagent.exe

D:\WINDOWS\system32\ctfmon.exe

D:\Arquivos de programas\MSN Messenger\msnmsgr.exe

D:\Arquivos de programas\BitDefender\BitDefender 2009\seccenter.exe

D:\Arquivos de programas\RALINK\Common\RaUI.exe

D:\WINDOWS\system32\notepad.exe

D:\RSIT.exe

D:\Arquivos de programas\trend micro\Windows XP.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgHelper.dll

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - D:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Arquivos de programas\Real\rpbrowserrecordplugin.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Arquivos de programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Arquivos de programas\Orbitdownloader\GrabPro.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - D:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Arquivos de programas\BitDefender\BitDefender 2009\IEToolbar.dll

O4 - HKLM\..\Run: [soundMAX] "D:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [HP Software Update] D:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe

O4 - HKLM\..\Run: [iSUSPM Startup] D:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [bDAgent] "D:\Arquivos de programas\BitDefender\BitDefender 2009\bdagent.exe"

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "D:\Arquivos de programas\BitDefender\BitDefender 2009\IEShow.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "D:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Arquivos de programas\RALINK\Common\RaUI.exe

O8 - Extra context menu item: &Download by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O9 - Extra button: CAi 2005 Plus! - Resumo da Conexão - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - D:\Arquivos de programas\CAi 2005 Plus!\CAi2005Plus.exe (file missing)

O9 - Extra 'Tools' menuitem: CAi 2005 Plus! - Resumo da Conexão - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - D:\Arquivos de programas\CAi 2005 Plus!\CAi2005Plus.exe (file missing)

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - D:\WINDOWS\bdoscandel.exe

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - D:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: InterbaseGuardian - Inprise Corporation - D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBGuard.EXE

O23 - Service: InterbaseServer - Inprise Corporation - D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBServer.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe

O23 - Service: MySQLTSE - Unknown owner - D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe

O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ProtexisLicensing - Unknown owner - D:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - D:\Arquivos de programas\WinPcap\rpcapd.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - D:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Apache Tomcat TomCatTSE (TomCatTSE) - Apache Software Foundation - D:\Arquivos de programas\Candex2008\Apache-TomCat-5.5.26\bin\tomcat5.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - D:\Arquivos de programas\BitDefender\BitDefender 2009\vsserv.exe

 

--

End of file - 12727 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]

Octh Class - D:\Arquivos de programas\Orbitdownloader\orbitcth.dll [2008-08-01 126152]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]

Yahoo! Toolbar Helper - D:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Facilitador de Leitor de Link Adobe PDF - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

AskBar BHO - D:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll [2008-09-08 279944]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

Skype add-on (mastermind) - D:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-01 1377576]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]

RealPlayer Download and Record Plugin for Internet Explorer - D:\Arquivos de programas\Real\rpbrowserrecordplugin.dll [2008-04-26 308856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}]

Megaupload Toolbar - D:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL [2007-07-31 1933256]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - D:\Arquivos de programas\Java\jre6\bin\ssv.dll [2008-11-10 320920]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-04-17 323904]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9394EDE7-C8B5-483E-8773-474BF36AF6E4}]

ST - D:\Arquivos de programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll [2004-08-13 155648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - d:\arquivos de programas\google\googletoolbar1.dll [2006-11-17 2133056]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

MSNToolBandBHO - D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll [2006-01-17 282624]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - D:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - D:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]

SweetIM Toolbar Helper - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - MSN - D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll [2006-01-17 282624]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - D:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - d:\arquivos de programas\google\googletoolbar1.dll [2006-11-17 2133056]

{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - Megaupload Toolbar - D:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL [2007-07-31 1933256]

{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - D:\Arquivos de programas\Orbitdownloader\GrabPro.dll [2008-08-01 433272]

{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - D:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll [2008-09-08 279944]

{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - D:\Arquivos de programas\BitDefender\BitDefender 2009\IEToolbar.dll [2009-02-23 90112]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SoundMAX"=D:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe [2004-03-26 794624]

"HP Software Update"=D:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]

"SMSERIAL"=sm56hlpr.exe []

"ISUSPM Startup"=D:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]

"ISUSScheduler"=D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe [2005-08-11 81920]

"Device Detector"=DevDetect.exe -autorun []

"Adobe Reader Speed Launcher"=D:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

"SunJavaUpdateSched"=D:\Arquivos de programas\Java\jre6\bin\jusched.exe [2008-11-10 136600]

"BDAgent"=D:\Arquivos de programas\BitDefender\BitDefender 2009\bdagent.exe [2009-02-23 741376]

"BitDefender Antiphishing Helper"=D:\Arquivos de programas\BitDefender\BitDefender 2009\IEShow.exe [2009-02-23 69632]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

"msnmsgr"=D:\Arquivos de programas\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

D:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLD.EXE]

E:\Download Direct\DLD.exe [2007-09-22 1343488]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]

D:\ARQUIV~1\MUSICM~1\MUSICM~1\mimboot.exe [2005-03-09 11776]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]

D:\Arquivos de programas\Musicmatch\Musicmatch Jukebox\mm_tray.exe [2005-03-09 110592]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

~D:\Arquivos de programas\MSN Messenger\msnmsgr.exe /background []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

D:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]

D:\WINDOWS\system32\oodtray.exe [2007-05-11 2512392]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]

E:\Picasa2\PicasaMediaDetector.exe [2006-04-19 421888]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeePassword]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]

D:\Arquivos de programas\SweetIM\Messenger\SweetIM.exe [2009-01-13 111928]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

D:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe [2007-01-11 165304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader 8.lnk]

[]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Orbit.lnk]

D:\ARQUIV~1\ORBITD~1\orbitdm.exe [2008-08-01 1703112]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^WinZip Quick Pick.lnk]

E:\WinZip\WZQKPICK.EXE [2009-01-14 525664]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"O&O Defrag"=2

"NMIndexingService"=3

"NBService"=3

"AresChatServer"=3

"a2free"=2

 

D:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar

Ralink Wireless Utility.lnk - D:\Arquivos de programas\RALINK\Common\RaUI.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

D:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sglfb.sys]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tga.sys]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableTaskMgr"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=

"NoDriveTypeAutoRun"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"D:\Arquivos de programas\Orbitdownloader\orbitnet.exe"="D:\Arquivos de programas\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"

"E:\Ares\Ares.exe"="E:\Ares\Ares.exe:*:Enabled:Ares p2p for windows"

"D:\Arquivos de programas\DNA\btdna.exe"="D:\Arquivos de programas\DNA\btdna.exe:*:Enabled:DNA"

"E:\BitTorrent\bittorrent.exe"="E:\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

"D:\Arquivos de programas\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe"="D:\Arquivos de programas\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe:*:Enabled:Nero MediaHome (1)"

"D:\Arquivos de programas\Nero\Nero 7\Nero MediaHome\NMMediaServer.exe"="D:\Arquivos de programas\Nero\Nero 7\Nero MediaHome\NMMediaServer.exe:*:Enabled:Nero MediaHome (2)"

"D:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"="D:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe:*:Enabled:Kaspersky Anti-Virus"

"D:\Arquivos de programas\Orbitdownloader\orbitdm.exe"="D:\Arquivos de programas\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"

"D:\Arquivos de programas\Internet Explorer\iexplore.exe"="D:\Arquivos de programas\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"

"D:\Arquivos de programas\Skype\Phone\Skype.exe"="D:\Arquivos de programas\Skype\Phone\Skype.exe:*:Enabled:Skype"

"E:\Python25\pythonw.exe"="E:\Python25\pythonw.exe:*:Enabled:pythonw"

"E:\Python26\pythonw.exe"="E:\Python26\pythonw.exe:*:Enabled:pythonw"

"E:\Arquivos de programas\eMule\emule.exe"="E:\Arquivos de programas\eMule\emule.exe:*:Enabled:eMule"

"D:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="D:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"D:\Arquivos de programas\MSN Messenger\livecall.exe"="D:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"D:\Arquivos de programas\MSN Messenger\msnmsgr.exe"="D:\Arquivos de programas\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"D:\Arquivos de programas\MSN Messenger\livecall.exe"="D:\Arquivos de programas\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0672b0b8-ecc5-11dd-8dcc-0017ad0086c1}]

shell\AutoRun\command - uvsqfgwd.cmd

shell\open\command - uvsqfgwd.cmd

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3b3dfea6-1917-11dd-9794-0017ad0086c1}]

shell\AutoRun\command - 60k281bl.com

shell\explore\command - 60k281bl.com

shell\open\command - 60k281bl.com

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d4a4384-9d6d-11dd-996f-0017ad0086c1}]

shell\AutoRun\command - taqhptr.bat

shell\explore\command - taqhptr.bat

shell\open\command - taqhptr.bat

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b18d7ed2-afea-11dd-99d5-0017ad0086c1}]

shell\auto\command - Knight.exe open

shell\AutoRun\command - D:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open

shell\explore\command - Knight.exe open

shell\find\command - Knight.exe open

shell\install\command - Knight.exe open

shell\open\command - Knight.exe open

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dcfed6ba-9c63-11dc-953c-0017ad0086c1}]

shell\Auto\command - MicrosoftPowerPoint.exe

shell\AutoRun\command - D:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe

 

 

======File associations======

 

.js - edit -

.js - open -

.txt - open -

 

======List of files/folders created in the last 1 months======

 

2009-02-25 01:35:42 ----D---- D:\Arquivos de programas\trend micro

2009-02-25 01:35:41 ----D---- D:\rsit

2009-02-25 01:33:04 ----A---- D:\RSIT.exe

2009-02-23 19:13:49 ----D---- D:\WINDOWS\system32\logs

2009-02-23 19:13:43 ----D---- D:\Documents and Settings\Windows XP\Dados de aplicativos\BitDefender

2009-02-23 19:13:29 ----D---- D:\Documents and Settings\All Users\Dados de aplicativos\BitDefender

2009-02-23 19:13:29 ----D---- D:\Arquivos de programas\BitDefender

2009-02-23 19:12:12 ----D---- D:\Arquivos de programas\Arquivos comuns\BitDefender

2009-02-23 19:02:18 ----SHD---- D:\Config.Msi

2009-02-23 02:58:03 ----D---- D:\LinhaDefensiva

2009-02-21 11:20:37 ----D---- D:\Arquivos de programas\SweetIM

2009-02-21 11:20:36 ----D---- D:\Documents and Settings\All Users\Dados de aplicativos\SweetIM

2009-02-19 21:20:00 ----SHD---- D:\FOUND.103

2009-02-19 17:15:00 ----D---- D:\spoolerlogs

2009-02-19 15:05:28 ----D---- D:\Arquivos de programas\Ontrack

2009-02-18 10:28:34 ----SHD---- D:\FOUND.102

2009-02-18 02:20:18 ----SHD---- D:\FOUND.101

2009-02-10 22:20:42 ----SHD---- D:\FOUND.100

2009-02-10 19:42:32 ----SHD---- D:\FOUND.099

2009-02-10 12:01:28 ----SHD---- D:\FOUND.098

2009-02-07 14:10:48 ----SHD---- D:\FOUND.097

2009-02-02 23:27:48 ----SHD---- D:\FOUND.096

2009-02-01 10:38:32 ----SHD---- D:\FOUND.095

2009-01-28 14:56:08 ----SHD---- D:\FOUND.094

2009-01-27 10:41:56 ----SHD---- D:\FOUND.093

 

======List of files/folders modified in the last 1 months======

 

2009-02-25 01:26:46 ----A---- D:\WINDOWS\NeroDigital.ini

2009-02-24 02:50:56 ----N---- D:\WINDOWS\SchedLgU.Txt

2009-02-23 20:40:36 ----A---- D:\WINDOWS\system32\txmlutil.dll

2009-02-23 03:40:14 ----A---- D:\WINDOWS\win.ini

2009-02-23 03:40:14 ----A---- D:\WINDOWS\system.ini

2009-02-19 03:44:40 ----A---- D:\WINDOWS\system32\BASSMOD.dll

2009-02-18 21:12:10 ----A---- D:\WINDOWS\ModemLog_Smart Link 56K Voice Modem #2.txt

2009-02-11 14:11:40 ----A---- D:\WINDOWS\dvdSanta.INI

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 bdftdif;bdftdif; \??\D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Firewall\bdftdif.sys []

R1 ShldDrv;Panda File Shield Driver; \??\D:\WINDOWS\system32\DRIVERS\ShlDrv51.sys []

R1 VIAPFD;VIAPFD; D:\WINDOWS\System32\Drivers\VIAPFD.SYS [2001-05-04 3033]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; D:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-09-15 20747]

R2 BDVEDISK;BDVEDISK; \??\D:\Arquivos de programas\BitDefender\BitDefender 2009\BDVEDISK.sys []

R2 cvintdrv;cvintdrv; D:\WINDOWS\system32\drivers\cvintdrv.sys [2005-06-10 7140]

R2 ithsgt;ithsgt; D:\WINDOWS\system32\DRIVERS\ithsgt.sys [2006-07-06 162432]

R2 lilsgt;lilsgt; D:\WINDOWS\system32\DRIVERS\lilsgt.sys [2006-07-06 12032]

R3 aeaudio;aeaudio; D:\WINDOWS\system32\drivers\aeaudio.sys [2004-04-07 116176]

R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]

R3 bdfm;BDFM; D:\WINDOWS\system32\drivers\bdfm.sys [2009-02-23 111112]

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; D:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2009-02-23 104328]

R3 bdfsfltr;bdfsfltr; D:\WINDOWS\system32\drivers\bdfsfltr.sys [2009-02-23 242184]

R3 BDSelfPr;BDSelfPr; \??\D:\Arquivos de programas\BitDefender\BitDefender 2009\bdselfpr.sys []

R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; D:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2008-06-25 43520]

R3 HidUsb;Driver de classe HID da Microsoft; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]

R3 MODEMCSA;Dispositivo de filtro de fluxo unimodem; D:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]

R3 Mtlmnt5;Mtlmnt5; D:\WINDOWS\system32\DRIVERS\SLDRV\Mtlmnt5.sys [2005-02-07 229720]

R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]

R3 MxlW2k;MxlW2k; D:\WINDOWS\system32\drivers\MxlW2k.sys [2008-06-22 28352]

R3 NTIDrvr;Upper Class Filter Driver; D:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2007-10-24 6912]

R3 pfc;Padus ASPI Shell; D:\WINDOWS\system32\drivers\pfc.sys [2007-01-06 10368]

R3 RT61;Ralink RT61 Wireless Driver; D:\WINDOWS\system32\DRIVERS\RT61.sys [2006-01-19 363008]

R3 senfilt;senfilt; D:\WINDOWS\system32\drivers\senfilt.sys [2004-04-26 381056]

R3 Slntamr;SmartLink AMR_PCI Driver; D:\WINDOWS\system32\DRIVERS\SLDRV\slntamr.sys [2005-02-07 653008]

R3 SlWdmSup;SlWdmSup; D:\WINDOWS\system32\DRIVERS\SLDRV\SlWdmSup.sys [2005-02-07 13216]

R3 smwdm;smwdm; D:\WINDOWS\system32\drivers\smwdm.sys [2004-06-07 266880]

R3 Tetris;Tetris driver; D:\WINDOWS\System32\Drivers\Tetris.sys [2006-07-06 48928]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]

R3 usbhub;USB2 Enabled Hub; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]

S3 catchme;catchme; \??\D:\DOCUME~1\WINDOW~1\CONFIG~1\Temp\catchme.sys []

S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]

S3 HPx9G+;HPx9G+ Device USB Driver; D:\WINDOWS\system32\DRIVERS\HPx9G2k.sys [2006-01-04 12658]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; D:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; D:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; D:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]

S3 ids00026;ids00026; \??\D:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys []

S3 ids00118;ids00118; \??\D:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys []

S3 ids0014f;ids0014f; \??\D:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys []

S3 ids0015d;ids0015d; \??\D:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys []

S3 ids00180;ids00180; \??\D:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Anti-Virus Personal\5.0\bases\ids00180.sys []

S3 ids0018a;ids0018a; \??\D:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Anti-Virus Personal\5.0\bases\ids0018a.sys []

S3 ids00196;ids00196; \??\D:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Anti-Virus Personal\5.0\bases\ids00196.sys []

S3 ids001b8;ids001b8; \??\D:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Anti-Virus Personal\5.0\bases\ids001b8.sys []

S3 klstm;klstm; \??\D:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Anti-Virus Personal\5.0\bases\klstm.sys []

S3 MagicTune;MagicTune; D:\WINDOWS\system32\drivers\MTiCtwl.sys [2004-10-11 12062]

S3 MidiSyn;MidiSyn; D:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]

S3 mouhid;Mouse HID Driver; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-05 12288]

S3 Mtlstrm;Mtlstrm; D:\WINDOWS\system32\DRIVERS\SLDRV\Mtlstrm.sys [2005-02-07 1396048]

S3 nm;Driver de monitor de rede; D:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-04 40320]

S3 NPF;NetGroup Packet Filter Driver; D:\WINDOWS\system32\drivers\npf.sys [2004-05-14 32896]

S3 NtMtlFax;NtMtlFax; D:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-03 180360]

S3 Profos;Profos; \??\D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Threat Scanner\profos.sys []

S3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-28 5888]

S3 sermouse;Serial Mouse Driver; D:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-09-05 18176]

S3 SlNtHal;SlNtHal; D:\WINDOWS\system32\DRIVERS\SLDRV\Slnthal.sys [2005-02-07 101136]

S3 smserial;smserial; D:\WINDOWS\system32\DRIVERS\smserial.sys []

S3 TDWXP;WavePlus 802.11b Wireless PCI/PCMCIA Card Driver; D:\WINDOWS\system32\DRIVERS\wpndis51.sys [2003-11-21 128512]

S3 Trufos;Trufos; \??\D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Threat Scanner\trufos.sys []

S3 TVICHW32;TVICHW32; \??\D:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []

S3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]

S3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]

S3 usbscan;USB Scanner Driver; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

S3 USBSTOR;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

S3 WpdUsb;WpdUsb; D:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]

S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

S4 PavProc;Panda Process Protection Driver; \??\D:\WINDOWS\system32\DRIVERS\PavProc.sys []

S4 WS2IFSL;Ambiente de suporte a provedores de serviços não-IFS do Windows Socket 2.0; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-28 12032]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; D:\Arquivos de programas\Bonjour\mDNSResponder.exe [2006-02-28 229376]

R2 InterbaseGuardian;InterbaseGuardian; D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBGuard.EXE [2002-01-30 22016]

R2 JavaQuickStarterService;Java Quick Starter; D:\Arquivos de programas\Java\jre6\bin\jqs.exe [2008-11-10 152984]

R2 LIVESRV;BitDefender Desktop Update Service; D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe [2009-02-23 431424]

R2 MDM;Machine Debug Manager; D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]

R2 MySQLTSE;MySQLTSE; D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe [2007-07-06 5730304]

R2 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]

R2 SLService;SmartLinkService; D:\WINDOWS\system32\slserv.exe [2004-08-04 73796]

R2 SoundMAX Agent Service (default);SoundMAX Agent Service; D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]

R2 StarWindService;StarWind iSCSI Service; D:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]

R2 TomCatTSE;Apache Tomcat TomCatTSE; D:\Arquivos de programas\Candex2008\Apache-TomCat-5.5.26\bin\tomcat5.exe [2008-01-28 57344]

R2 UMWdf;Windows User Mode Driver Framework; D:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]

R2 VSSERV;BitDefender Virus Shield; D:\Arquivos de programas\BitDefender\BitDefender 2009\vsserv.exe [2009-02-23 1581056]

R3 InterbaseServer;InterbaseServer; D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBServer.exe [2002-01-30 1704448]

S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]

S2 ProtexisLicensing;ProtexisLicensing; D:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe []

S3 Arrakis3;BitDefender Arrakis Server; D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]

S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-04 654848]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 getPlus® Helper;getPlus® Helper; D:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe [2008-10-06 33752]

S3 IDriverT;InstallDriver Table Manager; D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 ose;Office Source Engine; D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); D:\Arquivos de programas\WinPcap\rpcapd.exe [2004-05-14 86016]

S3 scan;BitDefender Threat Scanner; D:\WINDOWS\System32\svchost.exe [2004-08-04 14336]

S3 usnjsvc;Pastas Partilhadas do Messenger - USN Journal Reader Service; D:\Arquivos de programas\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S4 a2free;a-squared Free Service; e:\a-squared free\a2service.exe [2009-02-02 421496]

S4 AresChatServer;Ares Chatroom server; E:\Ares\chatServer.exe [2007-03-19 263168]

S4 NBService;NBService; D:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

S4 NMIndexingService;NMIndexingService; D:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]

S4 O&O Defrag;O&O Defrag; D:\WINDOWS\system32\oodag.exe [2007-05-11 1050120]

S4 PavPrSrv;Panda Process Protection Service; D:\Arquivos de programas\Arquivos comuns\Panda Software\PavShld\pavprsrv.exe [2007-02-19 41520]

 

-----------------EOF-----------------

 

 

 

info.txt logfile of random's system information tool 1.05 2009-02-25 01:36:35

 

======Uninstall list======

 

-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}

-->D:\Arquivos de programas\Arquivos comuns\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

-->D:\Arquivos de programas\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL

-->D:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL

-->D:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL

-->D:\WINDOWS\UNNeroShowTime.exe /UNINSTALL

-->D:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->D:\WINDOWS\UNRecode.exe /UNINSTALL

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf

ACDSee 7.0 PowerPack-->MsiExec.exe /I{B0625F16-B742-4F75-9FD8-20B47ACC7DE2}

ACE Mega CoDecS Pack-->"D:\Arquivos de programas\ACE Mega CoDecS Pack\unins000.exe"

Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}

Adobe Color Common Settings-->D:\Arquivos de programas\Arquivos comuns\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe

Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}

Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}

Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}

Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

Adobe ExtendScript Toolkit 2-->D:\Arquivos de programas\Arquivos comuns\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}

Adobe Flash Player 10 Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Flash Player ActiveX-->D:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}

Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}

Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

Adobe Photoshop CS3-->D:\Arquivos de programas\Arquivos comuns\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe

Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}

Adobe Reader 9 - Português-->MsiExec.exe /I{AC76BA86-7AD7-1046-7B44-A90000000001}

Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}

Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}

Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}

Adobe Shockwave Player-->D:\WINDOWS\system32\MACROMED\SHOCKW~1\UNWISE.EXE D:\WINDOWS\system32\MACROMED\SHOCKW~1\Install.log

Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}

Arquivo do WinRAR-->F:\Winrar\uninstall.exe

Ask Toolbar-->"D:\Arquivos de programas\AskBarDis\unins000.exe"

a-squared Free 3.0-->"E:\a-squared Free\unins000.exe"

ATI Display Driver-->rundll32 D:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean

Aurélio - Século XXI-->D:\WINDOWS\IsUn0416.exe -f"D:\Arquivos de programas\Aurélio - Século XXI\Uninst.isu"

Bandeiras 3D-->E:\FIFA 08\data\Uninstal.exe

Barra de Ferramentas MSN-->D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\mtbs.exe c

BitDefender Total Security 2009-->MsiExec.exe /X{8ACF317C-CA66-4363-AEBF-A073B124AA1A}

BR-->MsiExec.exe /I{C57CD366-C6BE-45B5-B5C6-0424E506F1D0}

BraZip 6.0-->D:\Arquivos de programas\BraZip\BraZip.exe /DEINST BraZip

CALL-->RunDll32 D:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "D:\Arquivos de programas\InstallShield Installation Information\{D0D21FFB-114C-4CC8-AD6A-2FE7F010FB54}\setup.exe"

CCleaner (remove only)-->"E:\CCleaner\uninst.exe"

CorelDRAW Graphics Suite X3-->E:\Corel\Programs\MSILauncher {63218538-4A69-497F-8455-904261B0E9E4} D:\DOCUME~1\WINDOW~1\CONFIG~1\Temp\CGSX3.log

CorelDRAW Graphics Suite X3-->MsiExec.exe /I{63218538-4A69-497F-8455-904261B0E9E4}

DAO 3.5-->D:\WINDOWS\IsUninst.exe -f"D:\Arquivos de programas\Your Company\DAO 3.5\Uninst.isu"

dBpowerAMP Music Converter-->"D:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>D:\WINDOWS\system32\SpoonUninstall-dBpowerAMP Music Converter.dat

Desinstalação do Divulga2008-->"D:\Arquivos de programas\Justiça Eleitoral\unins000.exe"

Desinstalação do SPCE 2008-->"D:\Arquivos de programas\Justiça Eleitoral\SPCE 2008\unins000.exe"

Desinstalação do SRCF 2008-->"D:\Arquivos de programas\Justiça Eleitoral\SRCF 2008\unins000.exe"

Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"

Download Direct-->MsiExec.exe /I{DB6A8C83-EFF7-4955-BBD0-81C13DDE5395}

DVD Shrink 3.2-->"E:\DVD Shrink\unins000.exe"

dvdSanta 4.50-->"E:\dvdSanta\unins000.exe"

EasyRecovery Professional-->D:\ARQUIV~1\ARQUIV~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A8BB9906-E618-406A-B161-7383AFF46C39} /l1033

Encore 4.5.3-->D:\WINDOWS\unvise32.exe E:\Encore\uninstal.log

EVEREST Home Edition v2.20-->"D:\Arquivos de programas\Lavalys\EVEREST Home Edition\unins000.exe"

FIFA 08-->MsiExec.exe /X{0A2A5039-B37F-489D-B1DC-A5258DF9E697}

FIFA 09 Demo-->MsiExec.exe /X{69352F8B-66AD-493C-9138-5FE0D300FB17}

FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}

FoxyTunes for Firefox-->"D:\Arquivos de programas\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul

Geany 0.15-->E:\Geany\uninst.exe

Gerador de Declaração RAIS - GDRAIS 2006 ( Versão 2006.4 )-->C:\GDB625~1\UNWISE.EXE C:\GDRais2006

Gerador de Declaração RAIS - GDRAIS 2007 ( Versão 2007.3 ) -->C:\GDC625~1\UNWISE.EXE C:\GDRais2007

getPlus® for Adobe-->"D:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1

GIM Digitação 2.3.0-->"D:\Arquivos de programas\SRE-PB\GimDigitacao\unins000.exe"

GIVA 2007 Contribuinte 7.0.0.1-->"D:\Arquivos de programas\Receita-PB\Giva\Giva2007Contribuinte\unins000.exe"

GIVA 2008 Contribuinte 8.0.0.4-->"D:\Arquivos de programas\Receita-PB\Giva\Giva2008Contribuinte\unins000.exe"

GIVA 2008 Contribuinte 8.0.0.4-->"D:\Arquivos de programas\Receita-PB\Giva\Giva2008Contribuinte\unins001.exe"

Google SketchUp 6-->RunDll32 D:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "D:\Arquivos de programas\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x9 -removeonly

Google SketchUp 6-->RunDll32 D:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "D:\Arquivos de programas\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x9 -removeonly

Google Talk (remove only)-->"D:\Arquivos de programas\Google\Google Talk\uninstall.exe"

Google Toolbar for Internet Explorer-->regsvr32 /u /s "d:\arquivos de programas\google\googletoolbar1.dll"

GrabPro - Toolbar-->regsvr32 /u /s "D:\Arquivos de programas\Orbitdownloader\GrabPro.dll"

Gramados Next Gen-->E:\FIFA 08\data\Uninstal.exe

HijackThis 2.0.2-->"D:\Arquivos de programas\trend micro\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->D:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

HP Document Viewer 5.3-->D:\Arquivos de programas\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat

HP Extended Capabilities 5.3-->D:\Arquivos de programas\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat

HP Image Zone 5.3-->D:\Arquivos de programas\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat

HP Imaging Device Functions 5.3-->D:\Arquivos de programas\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat

HP PSC & OfficeJet 5.3.B-->"D:\Arquivos de programas\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat

HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}

HP Solution Center & Imaging Support Tools 5.3-->D:\Arquivos de programas\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat

HP48g,49g,50g series Calculator Connectivity Kit-->E:\Hewlett-Packard\Conn4x\UnInstall_17604.exe

Indeo® Software-->D:\WINDOWS\IsUninst.exe -f"D:\Arquivos de programas\Ligos\Indeo\Uninst.isu" -c"D:\Arquivos de programas\Ligos\Indeo\Indeo System Files\indounin.dll"

Ink-->MsiExec.exe /I{9FCB2876-554D-491D-A2CD-58F8252D6C64}

InkSaver-->D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4025244F-7F7C-4AB8-BF9A-F4A017AE6674}

InterActual Player-->D:\Program Files\InterActual\InterActual Player\inuninst.exe

IRPF2002-->D:\ARQUIV~1\PROGRA~1\IRPF2002\UNWISE.EXE D:\ARQUIV~1\PROGRA~1\IRPF2002\INSTALL.LOG

IRPF2003 - Declaração de Ajuste Anual-->D:\ARQUIV~1\PROGRA~1\IRPF2003\UNWISE.EXE D:\ARQUIV~1\PROGRA~1\IRPF2003\INSTALL.LOG

IRPF2004 - Declaração de Ajuste Anual-->D:\ARQUIV~1\PROGRA~1\IRPF2004\UNWISE.EXE D:\ARQUIV~1\PROGRA~1\IRPF2004\INSTALL.LOG

IRPF2005 - Declaração de Ajuste Anual-->D:\ARQUIV~1\PROGRA~1\IRPF2005\UNWISE.EXE D:\ARQUIV~1\PROGRA~1\IRPF2005\INSTALL.LOG

IRPF2006 - Declaração de Ajuste Anual-->D:\ARQUIV~1\PROGRA~1\IRPF2006\UNWISE.EXE D:\ARQUIV~1\PROGRA~1\IRPF2006\INSTALL.LOG

IRPF2007 - Declaração de Ajuste Anual-->D:\ARQUIV~1\PROGRA~1\IRPF2007\UNWISE.EXE D:\ARQUIV~1\PROGRA~1\IRPF2007\INSTALL.LOG

IRPF2008 - Declaração de Ajuste Anual-->D:\ARQUIV~1\PROGRA~2\IRPF2008\UNWISE.EXE D:\ARQUIV~1\PROGRA~2\IRPF2008\INSTALL.LOG

J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}

J2SE Runtime Environment 5.0 Update 14-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150140}

Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

MagicTune 2.5-->RunDll32 D:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Arquivos de programas\InstallShield Installation Information\{1C04D433-2EDF-4AFB-B31B-C0B13065092F}\setup.exe" -l0x9

Malwarebytes' Anti-Malware-->"E:\Malwarebytes' Anti-Malware\unins000.exe"

MathType 5-->"D:\Arquivos de programas\MathType\Setup.exe" -R

Megaupload Toolbar-->D:\Arquivos de programas\MegauploadToolbar\uninstall.exe

Messenger Plus! Live-->"D:\Arquivos de programas\Messenger Plus! Live\Uninstall.exe"

mGsc - Instalação.-->D:\CONTAB\UNWISE.EXE D:\CONTAB\INSTALL.LOG

Microsoft .NET Framework 1.1 Brazilian Portuguese Language Pack-->MsiExec.exe /X{0CBADDF4-2CF6-4CDB-B4F5-29B8FCA7FE07}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTB-->MsiExec.exe /I{3F31F3B5-C1FF-3708-8611-869DE39C0CB6}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTB-->MsiExec.exe /I{B1FA73D8-AB79-3A2E-81AC-DBBAC155B2FE}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 Language Pack SP1 - ptb-->MsiExec.exe /I{1438B41C-658C-35B7-9253-780F2E0A0B8E}

Microsoft .NET Framework 3.5 SP1-->D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Office Professional Edição 2003-->MsiExec.exe /I{90110416-6000-11D3-8CFE-0150048383C9}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Text-to-Speech Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection D:\WINDOWS\INF\msTTSf22.inf, Uninstall

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Mozilla Firefox (3.0.6)-->D:\Arquivos de programas\Mozilla Firefox\uninstall\helper.exe

MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}

Musicmatch® Jukebox-->RunDll32 D:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "D:\Arquivos de programas\InstallShield Installation Information\{85D3CC30-8859-481A-9654-FD9B74310BEF}\setup.exe" -l0x9 -uninst

Nero 7 Ultra Edition-->MsiExec.exe /I{9A3D392C-B0BB-400A-A761-4B1497911046}

Novas Bolas-->E:\FIFA 08\data\Uninstal.exe

Novas Chuteiras-->E:\FIFA 08\data\Uninstal.exe

O&O Defrag Professional Edition-->MsiExec.exe /I{53480330-E1D1-41CA-B8F8-7F78644F7F50}

OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}

Orbit Downloader-->"D:\Arquivos de programas\Orbitdownloader\unins000.exe"

Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB-->D:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - ptb\setup.exe

PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

Picasa 2-->"E:\Picasa2\Uninstall.exe"

PokerStars.net-->"E:\PokerStars.NET\PokerStarsUninstall.exe" /u:PokerStars.net

Python 2.6 pygame-1.8.1-->MsiExec.exe /I{33BDCB7F-7686-41EE-B745-89CFFAEF3147}

Python 2.6-->MsiExec.exe /I{110EB5C4-E995-4CFB-AB80-A5F315BEA9E8}

Ralink Wireless LAN Card-->RunDll32 D:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "D:\Arquivos de programas\InstallShield Installation Information\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}\setup.exe" -l0x9 -removeonly

RealPlayer-->D:\Arquivos de programas\Arquivos comuns\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0

Receitanet 2008-->D:\WINDOWS\DesinstRecnet.exe

Receitanet Java 2008.01a-->D:\Arquivos de programas\Programas RFB\Receitanet Java\desinstalar\desinstalar.exe

RGSS-RTP Standard-->MsiExec.exe /I{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}

RPGXP-->MsiExec.exe /I{9B34CAC6-738F-4A20-B428-A115C3E3474C}

SEFIP 8.20-->D:\ARQUIV~1\CAIXA\SEFIP\UNWISE.EXE D:\ARQUIV~1\CAIXA\SEFIP\INSTALL.LOG

SimCity 3000-->D:\WINDOWS\IsUn0416.exe -f"E:\Maxis\SimCity 3000\Uninst.isu"

Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

Smart Link 56K Voice Modem-->D:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove

SoundMAX-->RunDll32 D:\ARQUIV~1\ARQUIV~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Arquivos de programas\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x416

SPCP 3.4.8.2-->"D:\Arquivos de programas\SPCP\unins000.exe"

SSH Secure Shell-->RunDll32 D:\ARQUIV~1\ARQUIV~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "D:\Arquivos de programas\InstallShield Installation Information\{74E2CD0C-D4A2-11D3-95A6-0000E86CFDE5}\Setup.exe"

SweetIM for Messenger 2.6-->MsiExec.exe /X{21D74CEE-EEFC-4D72-9691-2F2BE1DF9FB2}

SweetIM Toolbar for Internet Explorer 3.3-->MsiExec.exe /X{266C7330-C0F4-49E5-8F20-A56F9F822875}

The KMPlayer (remove only)-->"E:\The KMPlayer\uninstall.exe"

Torcida Next Gen-->E:\FIFA 08\data\Uninstal.exe

Uefa Logo Gramados-->E:\FIFA 08\data\Uninstal.exe

Ultra Video To Flash Converter 2.0-->"E:\Ultra Video To Flash Converter\unins000.exe"

Uniblue DriverScanner 2009-->"D:\Documents and Settings\All Users\Dados de aplicativos\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe" REMOVE=TRUE MODIFY=FALSE

Uniblue DriverScanner 2009-->D:\Documents and Settings\All Users\Dados de aplicativos\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\DriverScanner_Setup.exe

Uniblue ProcessScanner-->"E:\Uniblue\ProcessScanner\unins000.exe"

Uniblue RegistryBooster 2009-->"D:\Documents and Settings\All Users\Dados de aplicativos\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe" REMOVE=TRUE MODIFY=FALSE

Uniblue RegistryBooster 2009-->D:\Documents and Settings\All Users\Dados de aplicativos\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Uniblue RegistryBooster.exe

Uniblue SpeedUpMyPC 2009-->"D:\Documents and Settings\All Users\Dados de aplicativos\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\SpeedUpMyPC.exe" REMOVE=TRUE MODIFY=FALSE

Uniblue SpeedUpMyPC 2009-->D:\Documents and Settings\All Users\Dados de aplicativos\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}\SpeedUpMyPC.exe

Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}

Validador Sintegra 2006-->D:\WINDOWS\IsUn0416.exe -f"D:\Arquivos de programas\Validador Sintegra 2006\Uninst.isu"

Validador SRE-PB 2.0.8.2-->"D:\Arquivos de programas\SRE-PB\ValidadorSrePB\unins000.exe"

VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}

VIA Gerenciador de dispositivo de plataforma-->D:\ARQUIV~1\ARQUIV~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}

VIA Rhine-Family Fast-Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA

WinAVI Video Converter-->"E:\WinAVI Video Converter\unins000.exe"

Windows Imaging Component-->"D:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"

Windows Installer 3.1 (KB893803)-->"D:\WINDOWS\$MSI31Uninstall_KB893803$\spuninst\spuninst.exe"

Windows Installer 3.1 (KB893803)-->"D:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"

Windows Live Messenger-->MsiExec.exe /I{EE2DEE0A-7D66-45C8-BB17-EA0DDD7795F4}

Windows Live Sign-in Assistant-->MsiExec.exe /I{F652D238-5F29-42D5-BAF3-0115EF977EC2}

Windows Media Format Runtime-->"D:\Arquivos de programas\Windows Media Player\wmsetsdk.exe" /UninstallAll

WinPcap 3.1 beta3-->"D:\Arquivos de programas\WinPcap\Uninstall.exe" "D:\Arquivos de programas\WinPcap\install.log"

WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}

XML Paper Specification Shared Components Language Pack 1.0-->"D:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

Yahoo! Toolbar-->D:\ARQUIV~1\YAHOO!\COMMON\unyt.exe

 

======Security center information======

 

AV: BitDefender Antivirus

FW: BitDefender Firewall

 

System event log

 

Computer Name: F0F43E916B544C4

Event Code: 9

Message: O dispositivo, \Device\Scsi\viamraid1, não respondeu dentro do tempo limite.

 

Record Number: 242531

Source Name: viamraid

Time Written: 20090209203423.000000-120

Event Type: Erro

User:

 

Computer Name: F0F43E916B544C4

Event Code: 20158

Message: O usuário lavoisier estabeleceu com êxito uma conexão a NPL-CONECTIVIDADE usando o dispositivo PPPoE6-0.

 

Record Number: 242530

Source Name: RemoteAccess

Time Written: 20090209203211.000000-120

Event Type: Informações

User:

 

Computer Name: F0F43E916B544C4

Event Code: 7036

Message: O serviço Localizador de computadores entrou no estado interrompido.

 

Record Number: 242529

Source Name: Service Control Manager

Time Written: 20090209203203.000000-120

Event Type: Informações

User:

 

Computer Name: F0F43E916B544C4

Event Code: 7036

Message: O serviço Gerenciador de conexão de acesso remoto entrou no estado executando.

 

Record Number: 242528

Source Name: Service Control Manager

Time Written: 20090209203201.000000-120

Event Type: Informações

User:

 

Computer Name: F0F43E916B544C4

Event Code: 7036

Message: O serviço Serviço 'Gateway de camada de aplicativo' entrou no estado executando.

 

Record Number: 242527

Source Name: Service Control Manager

Time Written: 20090209203200.000000-120

Event Type: Informações

User:

 

Application event log

 

Computer Name: F0F43E916B544C4

Event Code: 102

Message: wuaueng.dll (3804) SUS20ClientDataStore: O mecanismo de banco de dados iniciou uma nova instância (0).

 

Record Number: 814

Source Name: ESENT

Time Written: 20081223153130.000000-120

Event Type: Informações

User:

 

Computer Name: F0F43E916B544C4

Event Code: 100

Message: wuauclt (3804) O mecanismo de banco de dados 5.01.2600.2180 foi iniciado.

 

Record Number: 813

Source Name: ESENT

Time Written: 20081223153130.000000-120

Event Type: Informações

User:

 

Computer Name: F0F43E916B544C4

Event Code: 1800

Message: O Serviço da Central de Segurança do Windows foi iniciado.

 

Record Number: 812

Source Name: SecurityCenter

Time Written: 20081223153047.000000-120

Event Type: Informações

User:

 

Computer Name: F0F43E916B544C4

Event Code: 100

Message: D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe: ready for connections.

Version: '5.0.45-community-nt' socket: '' port: 1278 MySQL Community Edition (GPL)

 

For more information, see Help and Support Center at http://www.mysql.com.

 

 

 

Record Number: 811

Source Name: MySQL

Time Written: 20081223153039.000000-120

Event Type: Informações

User:

 

Computer Name: F0F43E916B544C4

Event Code: 1

Message:

Record Number: 810

Source Name: Bonjour Service

Time Written: 20081223153029.000000-120

Event Type: Informações

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;D:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 44 Stepping 2, AuthenticAMD

"PROCESSOR_REVISION"=2c02

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

 

-----------------EOF-----------------

[DigRam 144]

Bom Dia! Victorine

 

<@> Baixe: < > ( ...by sUBs )

<@> Salve-o no desktop!

<@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! )

<@> Feche todas as janelas e execute a ferramenta!

<@> Na solicitação: "Negação de garantia de software" --> Clique em Sim!

<@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo!

 

<!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta e faça,novamente,o download.

<!> Salve-a no desktop,renomeada como: Kombo.exe

<!> Ps: Nomeie durante o salvamento,e não após salvá-la!

<!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em Modo de Segurança. <-- Link!

<!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

<!> Ps: Evite executar,voluntariamente,esta ferramenta!Siga,àcima,todas as recomendações propostas.

<!> Ps: O ComboFix é uma ferramenta que pode danificar o sistema. Utilize-o,somente,sob supervisão profissional.

<@> Abrir-se-á a janela Auto Scan. --> Aguarde!

<@> Àfim de completar as remoções,o ComboFix poderá reiniciar o computador.

<@> Se houver necessidade,digite a opção para continuar! --> ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

<@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante!

<@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter!

<><><><><><><><><><><><>

<@> Terminando,poste os relatórios: D:\ComboFix\ComboFix.txt + HijackThis,atualizado.

 

Abraços!

[Victorine 0]

Boa Noite! DigRam

 

Fiz o que você disse e abaixo estão os relatórios do ComboFix e do HijackThis. Espero as respostas. Abraços!!!!

 

 

ComboFix 09-02-24.02 - Windows XP 2009-02-25 21:17:49.2 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.1023.675 [GMT -3:00]

Executando de: D:\Documents and Settings\Windows XP\Desktop\ComboFix.exe

AV: BitDefender Antivirus *On-access scanning disabled* (Updated)

FW: BitDefender Firewall *enabled*

* Criado um novo ponto de restauro

.

 

-------------------------------------*---------------------------------------*--------------------------------------------------------

 

 

Logfile of HijackThis v1.99.1

Scan saved at 21:33, on 2009-02-25

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe

D:\Arquivos de programas\BitDefender\BitDefender 2009\vsserv.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\Arquivos de programas\Bonjour\mDNSResponder.exe

D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBGuard.EXE

D:\Arquivos de programas\Java\jre6\bin\jqs.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\Explorer.EXE

D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe

D:\WINDOWS\system32\oodag.exe

D:\WINDOWS\system32\HPZipm12.exe

D:\WINDOWS\system32\slserv.exe

D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

D:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Candex2008\Apache-TomCat-5.5.26\bin\tomcat5.exe

D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBServer.exe

D:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

D:\Arquivos de programas\Arquivos comuns\ACD Systems\EN\DevDetect.exe

D:\Arquivos de programas\Java\jre6\bin\jusched.exe

D:\Arquivos de programas\BitDefender\BitDefender 2009\bdagent.exe

D:\WINDOWS\system32\oodtray.exe

D:\WINDOWS\system32\ctfmon.exe

D:\Arquivos de programas\MSN Messenger\msnmsgr.exe

D:\Arquivos de programas\RALINK\Common\RaUI.exe

D:\Arquivos de programas\BitDefender\BitDefender 2009\seccenter.exe

D:\Arquivos de programas\Mozilla Firefox\firefox.exe

E:\Programas\Programas de Segurança\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgHelper.dll

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - D:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Arquivos de programas\Real\rpbrowserrecordplugin.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Arquivos de programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Arquivos de programas\Orbitdownloader\GrabPro.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - D:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Arquivos de programas\BitDefender\BitDefender 2009\IEToolbar.dll

O4 - HKLM\..\Run: [HP Software Update] D:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe

O4 - HKLM\..\Run: [iSUSPM Startup] D:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [bDAgent] "D:\Arquivos de programas\BitDefender\BitDefender 2009\bdagent.exe"

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "D:\Arquivos de programas\BitDefender\BitDefender 2009\IEShow.exe"

O4 - HKLM\..\Run: [OODefragTray] D:\WINDOWS\system32\oodtray.exe

O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "D:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Arquivos de programas\RALINK\Common\RaUI.exe

O8 - Extra context menu item: &Download by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: d:\arquivos de programas\bonjour\mdnsnsp.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - D:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: InterbaseGuardian - Inprise Corporation - D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBGuard.EXE

O23 - Service: InterbaseServer - Inprise Corporation - D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBServer.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - D:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "D:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: MySQLTSE - Unknown owner - D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe" "--defaults-file=D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\my.ini" MySQLTSE (file missing)

O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\system32\oodag.exe

O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ProtexisLicensing - Unknown owner - D:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: SmartLinkService (SLService) - Smart Link - D:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Apache Tomcat TomCatTSE (TomCatTSE) - Unknown owner - D:\Arquivos de programas\Candex2008\Apache-TomCat-5.5.26\bin\tomcat5.exe" //RS//TomCatTSE (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Arquivos de programas\BitDefender\BitDefender 2009\vsserv.exe" /service (file missing)

[DigRam 144]

Bom Dia! Victorine

 

<@> Vá em Iniciar --> Executar --> Digite ou cole: combofix.exe /u --> Clique OK.

<@> Abrir-se-á,a seguinte janela: ( Abrir arquivo - Aviso de Segurança )

<@> Clique em Executar --> Aguarde!

<@> Surgirá,finalmente,a mensagem: "ComboFix está desinstalado" --> Clique OK.

<@> Caso encontre,apague: D:\ComboFix <-- A pasta!

<><><><><><><><><><>

<@> Baixe: < UsbFix.exe > ( ...par Chiquitine29 et Chimay8 )

<@> Salve-o no Desktop! --> Tire-o do zip!

<@> Desabilite,temporariamente,seus programas de proteção. <-- ( antivírus,antispyware e firewall )

<@> Para maiores detalhes,na instalação,siga as recomendações deste Tutorial. <-- Link

<@> Execute a ferramenta,com um duplo-clique em UsbFix.exe.

<@> Surgirá uma mensagem,pedindo que seja conectada sua(s) mídia(s) removíveis,ao computador. ( pendrive,mp3,mp4,iPods,etc... )

<@> Aceite a solicitação,e dê o Ok. --> À seguir clique,novamente,em Ok.

<@> O computador irá reiniciar. <-- Aguarde!

<@> Terminando,clique em "Continue" e aguarde a finalização da ferramenta.

<@> Ps: Não desconecte,ainda,sua(s) mídia(s) removíveis! <-- Importante!

<@> Surgirá a mensagem: "Nettoyage effectue" --> Aperte Enter.

<@> Poste o relatório,que estará em: D:\UsbFix.txt + HijackThis,atualizado.

 

Abraços!

[Victorine 0]

Boa Noite! DigRam

 

Abaixo estão os relatórios do UsbFix e do HijackThis. Abraços!!!!!

 

 

 

 

-------------- UsbFix V2.395 ---------------

 

* User : Windows XP - F0F43E916B544C4

* Outils mis a jours le 20/10/2008 par Chiquitine29 et Chimay8

* Recherche effectuée à 3:12:47 le 2009-02-28

* Windows Xp - Internet Explorer 6.0.2900.2180

 

 

--------------- [ Processus actifs ] ----------------

 

 

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\csrss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe

D:\Arquivos de programas\BitDefender\BitDefender 2009\vsserv.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\ati2sgag.exe

D:\Arquivos de programas\Bonjour\mDNSResponder.exe

D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBGuard.EXE

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\userinit.exe

D:\Arquivos de programas\Java\jre6\bin\jqs.exe

D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe

D:\WINDOWS\system32\oodag.exe

D:\WINDOWS\system32\HPZipm12.exe

D:\WINDOWS\system32\slserv.exe

D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

D:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Candex2008\Apache-TomCat-5.5.26\bin\tomcat5.exe

D:\WINDOWS\system32\wdfmgr.exe

D:\DOCUME~1\WINDOW~1\CONFIG~1\Temp\6.tmp\b2e.exe

 

--------------- [ Informations lecteurs ] ----------------

 

C: - Unidade de disco fixo

 

D: - Unidade de disco fixo

 

E: - Unidade de disco fixo

 

F: - Unidade de disco fixo

 

G: - Unidade de CD-ROM

 

I: - Unidade de CD-ROM

 

J: - Unidade de CD-ROM

 

K: - Unidade de disco remov¡vel

 

L: - Unidade de disco remov¡vel

 

 

+- Contenu de l'autorun : G:\autorun.inf

 

[Autorun]

 

OPEN=Call.EXE

ICON=CCLS.ICO

+- Contenu de l'autorun : I:\autorun.inf

 

[autorun]

open=Autorun.exe

Icon=fifapc.ico

Name=FIFA 08

 

[special]

Disk=1

ProductGuiID={0A2A5039-B37F-489D-B1DC-A5258DF9E697}

 

 

--------------- [ Registre / Startup ] ----------------

 

 

! REG.EXE VERSION 3.0

 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

HP Software Update REG_SZ D:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

SMSERIAL REG_SZ sm56hlpr.exe

ISUSPM Startup REG_SZ D:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

ISUSScheduler REG_SZ "D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

Device Detector REG_SZ DevDetect.exe -autorun

Adobe Reader Speed Launcher REG_SZ "D:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

SunJavaUpdateSched REG_SZ "D:\Arquivos de programas\Java\jre6\bin\jusched.exe"

BDAgent REG_SZ "D:\Arquivos de programas\BitDefender\BitDefender 2009\bdagent.exe"

BitDefender Antiphishing Helper REG_SZ "D:\Arquivos de programas\BitDefender\BitDefender 2009\IEShow.exe"

OODefragTray REG_SZ D:\WINDOWS\system32\oodtray.exe

 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

 

! REG.EXE VERSION 3.0

 

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

CTFMON.EXE REG_SZ D:\WINDOWS\system32\ctfmon.exe

msnmsgr REG_SZ "D:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

 

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater

 

--------------- [ Registre / Mountpoint2 ] ----------------

 

 

-> Recherche négative.

 

--------------- [ Nettoyage des disques ] ----------------

 

Echec de la supression !! - G:\autorun.inf

Echec de la supression !! - G:\autorun.inf

Echec de la supression !! - I:\autorun.exe

Echec de la supression !! - I:\autorun.inf

Echec de la supression !! - I:\autorun.inf

Echec de la supression !! - I:\AutoRun

 

--------------- ! Fin du rapport ! ----------------

 

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 03:20, on 2009-02-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe

D:\Arquivos de programas\BitDefender\BitDefender 2009\vsserv.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\Arquivos de programas\Bonjour\mDNSResponder.exe

D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBGuard.EXE

D:\WINDOWS\system32\Ati2evxx.exe

D:\Arquivos de programas\Java\jre6\bin\jqs.exe

D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe

D:\WINDOWS\system32\oodag.exe

D:\WINDOWS\system32\HPZipm12.exe

D:\WINDOWS\system32\slserv.exe

D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

D:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

D:\WINDOWS\system32\svchost.exe

D:\Arquivos de programas\Candex2008\Apache-TomCat-5.5.26\bin\tomcat5.exe

D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBServer.exe

D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE

D:\WINDOWS\explorer.exe

D:\Arquivos de programas\Mozilla Firefox\firefox.exe

E:\Programas\Programas de Segurança\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgHelper.dll

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - D:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Arquivos de programas\Real\rpbrowserrecordplugin.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - D:\Arquivos de programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - D:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Arquivos de programas\Orbitdownloader\GrabPro.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - D:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - D:\Arquivos de programas\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Arquivos de programas\BitDefender\BitDefender 2009\IEToolbar.dll

O4 - HKLM\..\Run: [HP Software Update] D:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exe

O4 - HKLM\..\Run: [iSUSPM Startup] D:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [bDAgent] "D:\Arquivos de programas\BitDefender\BitDefender 2009\bdagent.exe"

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "D:\Arquivos de programas\BitDefender\BitDefender 2009\IEShow.exe"

O4 - HKLM\..\Run: [OODefragTray] D:\WINDOWS\system32\oodtray.exe

O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "D:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: Ralink Wireless Utility.lnk = D:\Arquivos de programas\RALINK\Common\RaUI.exe

O8 - Extra context menu item: &Download by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://D:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: d:\arquivos de programas\bonjour\mdnsnsp.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - D:\Arquivos de programas\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: InterbaseGuardian - Inprise Corporation - D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBGuard.EXE

O23 - Service: InterbaseServer - Inprise Corporation - D:\Arquivos de programas\CAIXA\SEFIP\IB6\Bin\IBServer.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - D:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "D:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - D:\Arquivos de programas\Arquivos comuns\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: MySQLTSE - Unknown owner - D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\bin\mysqld.exe" "--defaults-file=D:\Arquivos de programas\Candex2008\MySQL-5.0.45-win32\my.ini" MySQLTSE (file missing)

O23 - Service: O&O Defrag - O&O Software GmbH - D:\WINDOWS\system32\oodag.exe

O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ProtexisLicensing - Unknown owner - D:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PSIService.exe (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

O23 - Service: SmartLinkService (SLService) - Smart Link - D:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Apache Tomcat TomCatTSE (TomCatTSE) - Unknown owner - D:\Arquivos de programas\Candex2008\Apache-TomCat-5.5.26\bin\tomcat5.exe" //RS//TomCatTSE (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - D:\Arquivos de programas\BitDefender\BitDefender 2009\vsserv.exe" /service (file missing)

[DigRam 144]

Bom Dia! Victorine

 

<@> Baixe: < Norman Malware Cleaner >

<@> Salve-o no desktop.

<@> Abra o arquivo e clique em Executar --> Accept.

<@> Clique em Add,para adicionar ou Remove,para remover unidades/setores à serem escaneados. ( C:\*.*,D:\*.*,E:\*.*,etc... )

<@> Clique em "Start scan" --> Aguarde!

<@> Terminando,poste o relatório,que estará no desktop. ( NFix_2009-xx-xx_yy-yy-yy.log )

 

Abraços!

[Victorine 0]

Boa Noite! DigRam

 

Em primeiro lugar, gostaria de lhe pedir desculpas na demora para postar a resposta, mas é porque eu passei um tempo fora de casa. Bom, eu fiz o que você disse e abaixo está o relatório do Norman Malware Cleaner. Abraços!!!!

 

 

Norman Malware Cleaner

Copyright © 1990 - 2009, Norman ASA. Built 2009/03/05 08:30:22

 

Norman Scanner Engine Version: 6.00.06

Nvcbin.def Version: 6.00.00, Date: 2009/03/05 08:30:22, Variants: 2949664

 

Scan started: 08/03/2009 16:30:40

 

Running pre-scan cleanup routine:

Operating System: Microsoft Windows XP Professional 5.1.2600 Service Pack 2

Logged on user: F0F43E916B544C4\Windows XP

 

Failed to set registry value (0x00000005): HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLS = -> ""

Removed registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -> DisableRegistryTools = 0x00000000

Removed registry value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -> DisableRegistryTools = 0x00000000

Removed registry value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -> DisableTaskMgr = 0x00000000

Removed registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer -> NoDrives = 0x00000000

Removed registry value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer -> NoDrives = 0x00000000

Changed service configuration for "wuauserv" from 0x00000004 and 0x00000001 to 0x00000002 and 0xFFFFFFFF

Started service "wuauserv"

 

 

Scanning running processes and process memory...

 

D:\WINDOWS\system32\DRIVERS\ithsgt.sys (Infected with W32/Vundo.FTH)

Removed driver: ithsgt

Deleted file

 

D:\WINDOWS\system32\DRIVERS\lilsgt.sys (Infected with W32/Vundo.FTI)

Removed driver: lilsgt

Deleted file

 

Number of processes/threads found: 2244

Number of processes/threads scanned: 2234

Number of processes/threads not scanned: 10

Number of infected processes/threads terminated: 0

Total scanning time: 2m 30s

 

 

Scanning file system...

 

Scanning: C:\*.*

 

C:\WINDOWS\Temporary Internet Files\Content.IE5\0JHH4XCG\swflash[1].cab/unknown0 (Error whilst scanning file: I/O Error (0x00220005))

 

C:\WINDOWS\Temporary Internet Files\Content.IE5\0JHH4XCG\swflash[1].cab/unknown1 (Error whilst scanning file: I/O Error (0x00000000))

 

C:\WINDOWS\Temporary Internet Files\Content.IE5\25IZ814X\swflash[2].cab/unknown0 (Error whilst scanning file: I/O Error (0x00220005))

 

C:\WINDOWS\Temporary Internet Files\Content.IE5\25IZ814X\swflash[2].cab/unknown1 (Error whilst scanning file: I/O Error (0x00000000))

 

C:\WINDOWS\Temporary Internet Files\Content.IE5\K9A3W9IF\top_2005-09-20[1].html/unknown0 (Error whilst scanning file: I/O Error (0x00220005))

 

C:\WINDOWS\Configurações locais\Temporary Internet Files\Content.IE5\CJ234N67\04i1doc[1].zip/Prova1_i.doc (Error whilst scanning file: I/O Error (0x00000000))

 

C:\WINDOWS\Configurações locais\Temporary Internet Files\Content.IE5\CP23GTI7\charges[1]/unknown0 (Error whilst scanning file: I/O Error (0x00220005))

 

C:\Arquivos de programas\Discador UOL 10.0 Light\uol.phb/unknown0 (Error whilst scanning file: I/O Error (0x00220005))

 

Scanning: D:\*.*

 

D:\pagefile.sys (Error opening file: Access denied)

 

D:\hiberfil.sys (Error opening file: Access denied)

 

D:\Documents and Settings\All Users\Dados de aplicativos\NOS\Adobe_Downloads\nos_16903.dat (Infected with W32/Smalltroj.LVUH)

Deleted file

 

D:\Documents and Settings\Windows XP\Meus documentos\Provas\JOS+.BMP (Error opening file: Not found)

 

D:\Documents and Settings\Windows XP\Meus documentos\Provas\PAI_M+E.BMP (Error opening file: Not found)

 

D:\System Volume Information\_restore{32D4C05F-BB8A-40A3-82F5-EB5CDCA13C44}\RP419\A0235485.sys (Infected with W32/Vundo.FTH)

Deleted file

 

D:\System Volume Information\_restore{32D4C05F-BB8A-40A3-82F5-EB5CDCA13C44}\RP419\A0235486.sys (Infected with W32/Vundo.FTI)

Deleted file

 

Scanning: E:\*.*

 

E:\Computação\Outros Documentos\me0608.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Ares\My Shared Folder\imtoo mpeg encoder (avi & mpeg to 3gp & mp4) + serial by some(rimas).rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Ares\My Shared Folder\todos los juegos java para movil (nokia, samsung, sharp , symbian) by jesules rec.rar/TODOS LOS JUEGOS JAVA PARA MOVIL\S\Snails\Snails.sis (Error whilst scanning file: I/O Error (0x00000000))

 

E:\Ares\My Shared Folder\todos los juegos java para movil (nokia, samsung, sharp , symbian) by jesules rec.rar/TODOS LOS JUEGOS JAVA PARA MOVIL\T\Tomb Raider 2 - Quest For Cinnabar\TombRaider2QuestforCinnabar.jar/com/nokia/mid/sound/SoundListener.class (Error whilst scanning file: I/O Error (0x00220005))

 

E:\Ares\My Shared Folder\antivirus kaspersky 6 0 2 621 - license key 11-03-2010.rar/Antivirus Kaspersky 6.0.2.621 - License Key 11-03-2010\Kaspersky Antivirus Key\KeyViewer.exe (Infected with W32/Smalltroj.JMJD)

Deleted file

 

E:\Ares\My Shared Folder\curso de hacker modulo 4 xp cd 1.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Ares\My Shared Folder\kaspersky anti-virus v7 0 1 325 final + key.rar/RR (Error whilst scanning file: I/O Error (0x00000000))

 

E:\Ares\My Shared Folder\O&O Defrag 11.0 Professional (XP+Vista)+keygen.rar\O&O Defrag 11.0 Professional (XP+Vista)+keygen.rar/Keygen.exe (Infected with W32/Buzus.FXW)

Deleted file

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Controle - Teclado\padHellMM.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Controle - Teclado\padNRagePlugin.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Controle - Teclado\padSeguDIJoy.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Controle - Teclado\padSeguDIKey.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Audio\spuEternal141.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Audio\spuPeopsDSound.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Audio\spuAndy.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Audio\spuPeteDSound.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Bios\SCPH1001.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Bios\SCPH7001.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Bios\SCPH5500.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\Bios\SCPH7502.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\CD\cdrmooby2.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\CD\cdrPeops.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\CD\cdrSaPu.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Consoles\Playstation\Emulador - PSOne\Zipados\CD\cdrXeven.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Engenharia Elétrica\Apostilas\Outras Apostilas\Como resolver o cubo magico.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Engenharia Elétrica\Outros Documentos\me0608.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Downloads\macromidia9.pif (Infected with W32/Banload.AFUV)

Deleted file

 

E:\Downloads\uefa_champions_league_patch.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Programas\Alcohol 1.9.5 3105\Alcohol.120.v1.9.5.Build.3105.-.Trial_CRK-FFF.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Programas\Alcohol 1.9.5 3105\Alcohol.120.v1.9.5.Build.3105.-.Trial_CRK-FFF.rar/Crack-FFF.exe (Infected with W32/Malware.CWZL)

Deleted file

 

E:\Programas\AutoCad 2007\Blocos\3d Autocad blocks.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\Programas\O&O Defrag Professional\O&O Defrag Professional 11\O&O Defrag 11.0 Professional (XP+Vista)+keygen.rar/Keygen.exe (Infected with W32/Buzus.FXW)

Deleted file

 

E:\Programas\Nero\Nero7\Nero 7 Premium\Cab\81EC06DF.cab/unknown0 (Infected with W32/Agent.HSQH)

 

E:\Programas\Nero\Nero7\Nero 7 Premium\Cab\81EC06DF.cab (Empty archive after cleaning)

Deleted file

 

E:\Programas\Nero\Nero7\Nero 7 Premium\Cab\E63C3C70.cab/unknown3 (Error whilst scanning file: I/O Error (0x00000000))

 

E:\Programas\Nero\Nero7\Nero 7 Premium\Cab\E63C3C70.cab/unknown4 (Error whilst scanning file: I/O Error (0x00000000))

 

E:\Programas\Nero\Nero7\Nero 7 Premium\Cab\E63C3C70.cab/unknown5 (Error whilst scanning file: I/O Error (0x00000000))

 

E:\Programas\Nero\Nero7\Nero 7 Premium\Cab\E63C3C70.cab/unknown6 (Error whilst scanning file: I/O Error (0x00000000))

 

E:\Programas\Nero\Nero7\Nero 7 Premium\Cab\E63C3C70.cab/unknown7 (Error whilst scanning file: I/O Error (0x00000000))

 

E:\Programas\Nero\Nero7\Nero 7 Premium\Cab\E63C3C70.cab/unknown8 (Error whilst scanning file: I/O Error (0x00000000))

 

E:\Programas\Antivírus\Kaspersky\Kaspersky Internet Security 2006 6.0.2.621PT - Final\Kaspersky Internet Security 2006 6.0.2.621PT - Final.zip/Kaspersky Internet Security 2006 6.0.2.621PT - Final/Key/KeyViewer.exe (Infected with W32/Smalltroj.JMJD)

Deleted file

 

E:\Programas\Antivírus\Kaspersky\Kaspersky Internet Security 2006 6.0.2.621PT - Final\Keys-Kaspresky.rar/KeyViewer.exe (Infected with W32/Smalltroj.JMJD)

Deleted file

 

E:\Programas\Antivírus\Kaspersky\Kaspersky Internet Security 2006 6.0.2.621PT - Final\KeyViewer.exe (Infected with W32/Smalltroj.JMJD)

Deleted file

 

E:\Programas\Antivírus\Kaspersky\Kaspersky Internet Security 2006 6.0.2.621PT - Final\Key\KeyViewer.exe (Infected with W32/Smalltroj.JMJD)

Deleted file

 

E:\Programas\Antivírus\Kaspersky\Keys\KAV_KIS567.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

E:\The KMPlayer\Skins\KMP_Modern_Skin.ksf/Min_mini.bmp (Error whilst scanning file: I/O Error (0x00220005))

 

Scanning: F:\*.*

 

F:\Fotos\Hentai\Kelly.Key.Playboy.11DEZ.Por.KickButts.Pootz\PLAYBOY(debora seco,luciana vendramini,ellen roche,luciana gimenez,sheila melo,felinas).zip/Playboy.Brasil.2005.Maio.Fl via.Flavia.Monteiro.28.Fotos.Digitais.por.SexoDigita

l.com.br.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

F:\Fotos\Hentai\Kelly.Key.Playboy.11DEZ.Por.KickButts.Pootz\PLAYBOY(debora seco,luciana vendramini,ellen roche,luciana gimenez,sheila melo,felinas).zip/Deborah Secco - Playboy Brasil - Agosto De 2002.zip/foto03.jpg (Error whilst scanning file: I/O Error (0x00220005))

 

F:\Fotos\Hentai\Kelly.Key.Playboy.11DEZ.Por.KickButts.Pootz\Playboy.Brasil.2005.Maio.Flávia.Flavia.Monteiro.28.Fotos.Digitais.por.SexoD

igital.com.br.rar/CMT (Error whilst scanning file: I/O Error (0x00220000))

 

F:\Wallpaperes Paint\Wallpapers\PAI_M+E.BMP (Error opening file: Not found)

 

Scanning: A:\*.*

 

Scanning: G:\*.*

 

Scanning: H:\*.*

 

Scanning: I:\*.*

 

Scanning: J:\*.*

 

Scanning: e:\System Volume Information\*.*

 

e:\System Volume Information\_restore{32D4C05F-BB8A-40A3-82F5-EB5CDCA13C44}\RP419\A0235511.pif (Infected with W32/Banload.AFUV)

Deleted file

 

e:\System Volume Information\_restore{32D4C05F-BB8A-40A3-82F5-EB5CDCA13C44}\RP419\A0235512.exe (Infected with W32/Smalltroj.JMJD)

Deleted file

 

e:\System Volume Information\_restore{32D4C05F-BB8A-40A3-82F5-EB5CDCA13C44}\RP419\A0235513.exe (Infected with W32/Smalltroj.JMJD)

Deleted file

 

 

Running post-scan cleanup routine:

Failed to set registry value (0x00000005): HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLS = -> ""

Changed service configuration for "wuauserv" from 0x00000004 and 0x00000001 to 0x00000002 and 0xFFFFFFFF

Started service "wuauserv"

 

Number of files found: 583998

Number of archives unpacked: 7547

Number of files scanned: 583834

Number of files not scanned: 164

Number of files skipped due to exclude list: 0

Number of infected files found: 17

Number of infected files repaired/deleted: 16

Number of infections removed: 16

Total scanning time: 2h 46m 1s

[DigRam 144]

Boa Noite! Victorine

 

<!> Baixe,novamente,o ComboFix.exe e execute-o em Modo de Segurança.

<!> Terminando,poste: D:\ComboFix\ComboFix.txt + HijackThis,atualizado.

 

Abraços!

[Victorine 0]

Boa Noite! DigRam

 

 

Antes de mais nada, quero lhe pedir desculpas pelo atraso na reposta, mas desta vez eu não pude fazer muita coisa com relação a isto. Bem, o que aconteceu foi o seguinte: Sexta-feira passada, eu estava usando o computador e de repente deu uma queda de energia na rua onde moro. O computador desligou abruptamente e quando eu fui ligar, o windows não conseguia mais iniciar, ou seja, provavelmente o sistema foi danificado. Então eu tive que formatar o meu pc. Sendo assim, estou vindo através desta mensagem lhe dizer que por enquanto não será mais necessário os processos de limpeza e desinfecção do sistema. Mas quero muito lhe agradecer pelo empenho em me ajudar e espero que das próximas vezes que eu precisar, eu possa contar com sua grandiosa ajuda. Desde já, mais uma vez eu lhe agradeço muito e até a próxima.

 

Abraços!!!!

[DigRam 144]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.