Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Drumer

[Arquivado] Erros no pc

Recommended Posts

Valew pela dica o Erro SmartBridge foi sanado, mas nao consegui nenhuma solução para o outro erro que só aparece quando vo instala o programa:

 

'7/17/sábado 09:39:04 is not a valid date and time

 

E tb o erro:

 

Product not instaled

 

Esse último apareceu depois da remoção dos programas UberIcon, Visual Tasktips e Object Dock, não sei dizer qual deles ao certo que foi pois desisntalei simultaneamente os 3 dp q você me pediu!!

Compartilhar este post


Link para o post
Compartilhar em outros sites
Valew pela dica o Erro SmartBridge foi sanado, mas nao consegui nenhuma solução para o outro erro que só aparece quando vo instala o programa:

 

'7/17/sábado 09:39:04 is not a valid date and time

 

E tb o erro:

 

Product not instaled

 

Esse último apareceu depois da remoção dos programas UberIcon, Visual Tasktips e Object Dock, não sei dizer qual deles ao certo que foi pois desisntalei simultaneamente os 3 dp q você me pediu!!

<><><><><><><><><>

Opa! Drumer

 

<!> Baixe ComboFix.exe --> Execute-o --> Poste o relatório. ( ComboFix.txt )

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Aqui vai relatório Combofix

 

ComboFix 09-03-04.01 - UserName 2009-03-05 22:49:11.4 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.959.625 [GMT -3:00]

Executando de: c:\documents and settings\UserName\Desktop\ComboFix.exe

AV: avast! antivirus 4.7.1043 [VPS 090305-1] *On-access scanning disabled* (Updated)

* Criado um novo ponto de restauro

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\system32\AVSredirect.dll

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-02-06 to 2009-03-06 ))))))))))))))))))))))))))))

.

 

2009-03-05 17:14 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll

2009-03-05 17:08 . 2009-03-05 17:08 <DIR> d-------- c:\windows\system32\XPSViewer

2009-03-05 17:08 . 2009-03-05 17:08 <DIR> d-------- c:\arquivos de programas\Reference Assemblies

2009-03-05 17:08 . 2009-03-05 17:08 <DIR> d-------- c:\arquivos de programas\MSBuild

2009-03-05 17:08 . 2009-03-05 17:08 218 --a------ c:\windows\system32\spupdsvc.inf

2009-03-05 17:07 . 2009-03-05 17:08 <DIR> d-------- C:\8c402bcb0d1114182e7780fb8d

2009-03-05 17:07 . 2008-07-06 09:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll

2009-03-05 17:07 . 2008-07-06 09:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll

2009-03-05 17:07 . 2008-07-06 07:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-03-05 17:07 . 2008-07-06 09:06 575,488 --------- c:\windows\system32\xpsshhdr.dll

2009-03-05 17:07 . 2008-07-06 09:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll

2009-03-05 17:07 . 2008-07-06 09:06 117,760 --------- c:\windows\system32\prntvpt.dll

2009-03-05 17:07 . 2008-07-06 09:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-03-05 11:34 . 2009-03-05 11:34 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\snp325

2009-03-05 11:34 . 2007-05-24 18:06 10,343,424 --a------ c:\windows\system32\drivers\snp325.sys

2009-03-05 11:34 . 2007-05-10 13:18 835,584 --a------ c:\windows\vsnp325.exe

2009-03-05 11:34 . 2007-04-21 09:36 270,336 --a------ c:\windows\tsnp325.exe

2009-03-05 11:34 . 2006-04-12 12:11 147,456 --a------ c:\windows\system32\rsnp325.dll

2009-03-05 11:34 . 2006-07-03 10:31 94,208 --a------ c:\windows\amcap.exe

2009-03-05 11:34 . 2007-05-31 09:01 57,344 --a------ c:\windows\system32\vsnp325.dll

2009-03-05 11:34 . 2005-11-23 13:55 53,248 --a------ c:\windows\system32\csnp325.dll

2009-03-05 11:34 . 2007-02-12 14:50 20,480 --a------ c:\windows\FixCamera.exe

2009-03-05 11:34 . 2004-02-27 17:36 15,498 --a------ c:\windows\snp325.ini

2009-03-05 11:34 . 2004-02-27 17:36 13,023 --a------ c:\windows\snp325.src

2009-03-05 11:13 . 2009-03-05 11:13 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\HP

2009-03-05 11:13 . 2009-03-05 11:13 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\HP

2009-03-05 11:07 . 2006-04-12 22:04 49,664 -ra------ c:\windows\system32\drivers\HPZid412.sys

2009-03-05 11:07 . 2006-04-12 22:04 16,496 -ra------ c:\windows\system32\drivers\HPZipr12.sys

2009-03-05 11:06 . 2006-01-04 06:12 77,824 -ra------ c:\windows\system32\HPZIDS01.dll

2009-03-05 11:06 . 2006-04-10 14:03 38,400 --a------ c:\windows\system32\hpz3l054.dll

2009-03-05 11:06 . 2008-04-13 15:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys

2009-03-05 11:06 . 2008-04-13 15:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys

2009-03-05 11:05 . 1998-10-29 16:45 306,688 --a------ c:\windows\IsUninst.exe

2009-03-05 11:05 . 2006-03-03 21:03 282,680 --a------ c:\windows\system32\HPZidr12.dll

2009-03-05 11:05 . 2006-03-03 21:02 204,800 --a------ c:\windows\system32\HPZipr12.dll

2009-03-05 11:05 . 2006-03-03 21:02 94,208 --a------ c:\windows\system32\HPZipt12.dll

2009-03-05 11:05 . 2006-03-03 21:03 69,632 --a------ c:\windows\system32\HPZipm12.exe

2009-03-05 11:05 . 2006-03-03 21:03 65,536 --a------ c:\windows\system32\HPZinw12.exe

2009-03-05 11:05 . 2006-03-03 21:02 57,344 --a------ c:\windows\system32\HPZisn12.dll

2009-03-05 11:03 . 2009-03-05 11:13 <DIR> d-------- c:\arquivos de programas\HP

2009-03-05 11:01 . 2008-04-13 15:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys

2009-03-05 11:01 . 2008-04-13 15:45 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys

2009-03-05 11:01 . 2008-04-13 15:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys

2009-03-05 11:01 . 2008-04-13 15:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys

2009-03-05 10:59 . 2009-03-05 11:14 119,001 --a------ c:\windows\hpoins11.dat

2009-03-05 10:46 . 2009-03-05 10:47 4,507 --a------ c:\windows\imsins.BAK

2009-03-05 10:05 . 2009-03-05 10:05 <DIR> d-------- c:\arquivos de programas\Motive

2009-03-05 10:05 . 2009-03-05 10:06 <DIR> d-------- c:\arquivos de programas\Assistente Tecnico Speedy

2009-03-03 19:21 . 2009-03-03 19:21 <DIR> d-------- c:\arquivos de programas\Microsoft Silverlight

2009-03-03 06:32 . 2009-03-03 06:32 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\DVD Shrink

2009-02-28 22:09 . 2009-02-28 22:09 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\Malwarebytes

2009-02-28 22:09 . 2009-02-28 22:09 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\Malwarebytes

2009-02-28 22:09 . 2009-02-28 22:09 <DIR> d-------- c:\arquivos de programas\Malwarebytes' Anti-Malware

2009-02-28 22:09 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2009-02-28 22:09 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2009-02-27 12:36 . 2009-02-27 14:20 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\Media Player Classic

2009-02-27 12:36 . 2009-02-27 14:20 <DIR> d-------- c:\arquivos de programas\Real Alternative

2009-02-27 12:21 . 2009-02-27 12:21 <DIR> d-------- c:\arquivos de programas\Real

2009-02-26 18:36 . 2008-05-09 07:55 512,000 -----c--- c:\windows\system32\dllcache\jscript.dll

2009-02-26 18:36 . 2008-05-09 07:55 430,080 -----c--- c:\windows\system32\dllcache\vbscript.dll

2009-02-26 18:36 . 2008-05-09 07:55 180,224 -----c--- c:\windows\system32\dllcache\scrobj.dll

2009-02-26 18:36 . 2008-05-09 07:55 172,032 -----c--- c:\windows\system32\dllcache\scrrun.dll

2009-02-26 18:36 . 2008-05-08 08:24 155,648 -----c--- c:\windows\system32\dllcache\wscript.exe

2009-02-26 18:36 . 2008-05-09 05:45 135,168 -----c--- c:\windows\system32\dllcache\cscript.exe

2009-02-26 18:36 . 2008-05-09 07:55 90,112 -----c--- c:\windows\system32\dllcache\wshext.dll

2009-02-25 18:22 . 2009-02-25 18:22 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\Motive

2009-02-25 18:13 . 2009-02-25 18:13 64 --a------ c:\windows\Wininit.ini

2009-02-25 14:23 . 2009-02-25 21:57 <DIR> d-------- c:\arquivos de programas\DreaMule

2009-02-25 14:20 . 2004-02-22 10:11 719,872 --a------ c:\windows\system32\devil.dll

2009-02-25 14:20 . 2007-05-17 17:30 318,976 --a------ c:\windows\system32\avisynth.dll

2009-02-25 14:20 . 2004-01-25 00:00 70,656 --a------ c:\windows\system32\yv12vfw.dll

2009-02-25 14:20 . 2004-01-25 00:00 70,656 --a------ c:\windows\system32\i420vfw.dll

2009-02-24 19:53 . 2009-02-24 19:53 <DIR> d-------- c:\documents and settings\UserName\Configuraes locais

2009-02-24 18:08 . 2008-12-20 19:46 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll

2009-02-24 18:08 . 2007-04-17 06:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat

2009-02-24 18:08 . 2007-03-08 02:12 1,024,000 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui

2009-02-24 18:08 . 2008-12-20 19:46 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll

2009-02-24 18:08 . 2008-12-20 19:46 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll

2009-02-24 18:08 . 2008-12-20 19:46 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll

2009-02-24 18:08 . 2008-12-20 19:46 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll

2009-02-24 18:08 . 2008-12-20 19:46 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll

2009-02-24 18:08 . 2008-12-19 06:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe

2009-02-23 23:11 . 2009-02-23 23:11 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\Any Video Converter

2009-02-23 23:06 . 2009-02-23 23:06 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\Adobe Systems

2009-02-23 21:48 . 2009-03-04 00:41 69 --a------ c:\windows\NeroDigital.ini

2009-02-22 13:11 . 2004-08-04 00:36 701,440 --------- c:\windows\system32\drivers\ati2mtag.sys

2009-02-22 12:44 . 2008-06-14 14:34 272,384 --------- c:\windows\system32\drivers\bthport.sys

2009-02-22 12:44 . 2008-06-14 14:34 272,384 -----c--- c:\windows\system32\dllcache\bthport.sys

2009-02-22 12:44 . 2008-08-14 07:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys

2009-02-22 12:43 . 2008-12-20 19:47 1,160,192 -----c--- c:\windows\system32\dllcache\urlmon.dll

2009-02-22 12:43 . 2008-12-20 19:47 826,368 -----c--- c:\windows\system32\dllcache\wininet.dll

2009-02-22 12:42 . 2009-01-16 21:16 3,594,752 -----c--- c:\windows\system32\dllcache\mshtml.dll

2009-02-22 12:41 . 2008-08-14 10:24 2,193,408 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe

2009-02-22 12:41 . 2008-08-14 10:24 2,149,376 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe

2009-02-22 12:41 . 2008-08-14 10:24 2,070,272 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe

2009-02-22 12:41 . 2008-08-14 10:24 2,028,032 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe

2009-02-22 12:41 . 2008-09-15 12:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys

2009-02-22 12:36 . 2008-04-11 16:05 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll

2009-02-22 12:36 . 2008-10-24 08:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys

2009-02-22 12:36 . 2008-12-11 07:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys

2009-02-22 12:36 . 2008-05-08 11:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys

2009-02-22 12:34 . 2008-10-15 13:36 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll

2009-02-22 12:06 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll

2009-02-22 12:06 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll

2009-02-22 12:06 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui

2009-02-22 11:33 . 2009-02-22 11:33 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\Sony Corporation

2009-02-22 11:24 . 2006-11-02 16:57 118,520 --a------ c:\windows\system32\PxInsI64.exe

2009-02-22 11:24 . 2006-10-18 19:43 115,960 --a------ c:\windows\system32\PxCpyI64.exe

2009-02-22 11:24 . 2006-11-02 16:57 36,624 --a------ c:\windows\system32\drivers\pxhelp20.sys

2009-02-22 11:24 . 2006-08-28 21:48 2,560 --a------ c:\windows\system32\drivers\cdralw2k.sys

2009-02-22 11:24 . 2006-08-28 21:48 2,432 --a------ c:\windows\system32\drivers\cdr4_xp.sys

2009-02-22 11:22 . 2009-02-22 11:22 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\InstallShield

2009-02-21 20:15 . 2009-03-05 22:47 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\Spybot - Search & Destroy

2009-02-21 19:24 . 2009-02-21 19:24 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\Zylom

2009-02-21 19:23 . 2005-02-12 20:00 186,880 -r-hs---- c:\windows\system32\RLOgg.ax

2009-02-21 19:23 . 2005-02-05 20:00 92,672 -r-hs---- c:\windows\system32\RLVorbisDec.ax

2009-02-21 19:23 . 2005-02-12 20:00 67,584 -r-hs---- c:\windows\system32\RLTheoraDec.ax

2009-02-21 19:23 . 2005-02-12 20:00 51,712 -r-hs---- c:\windows\system32\RLSpeexDec.ax

2009-02-21 19:22 . 2005-01-17 20:26 179,200 -r-hs---- c:\windows\system32\DiracSplitter.ax

2009-02-21 19:22 . 2006-08-16 11:53 175,104 -r-hs---- c:\windows\system32\CoreAAC.ax

2009-02-21 19:22 . 2005-02-22 13:55 81,920 -r-hs---- c:\windows\system32\aac_parser.ax

2009-02-21 19:20 . 2009-02-21 19:20 <DIR> d-------- c:\arquivos de programas\eRightSoft

2009-02-21 18:48 . 2009-03-05 17:55 <DIR> d-------- c:\documents and settings\UserName\Tracing

2009-02-21 18:26 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll

2009-02-21 18:26 . 2007-11-30 08:18 26,488 --a------ c:\windows\system32\spupdsvc.exe

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-05 14:34 --------- d--h--w c:\arquivos de programas\InstallShield Installation Information

2009-03-05 13:05 --------- d-----w c:\arquivos de programas\Common Files

2009-03-04 02:24 --------- d-----w c:\arquivos de programas\Windows Live Safety Center

2009-02-28 21:01 --------- d--h--w c:\documents and settings\Administrador\Dados de aplicativos\drivers

2009-02-25 21:30 --------- d-----w c:\arquivos de programas\ESET

2009-02-24 02:08 --------- d-----w c:\arquivos de programas\Arquivos comuns\Adobe

2009-02-22 14:29 --------- d-----w c:\arquivos de programas\TopDesk

2009-02-21 23:21 --------- d-----w c:\arquivos de programas\Spybot - Search & Destroy

2009-02-21 18:47 --------- d-----w c:\arquivos de programas\Messenger Plus! Live

2009-02-21 18:13 --------- d-----w c:\arquivos de programas\Realtek AC97

2009-02-21 18:13 --------- d-----w c:\arquivos de programas\AvRack

2009-02-21 17:46 --------- d-----w c:\arquivos de programas\LClock

2009-02-21 17:44 --------- d-----w c:\arquivos de programas\Nero

2009-02-21 17:37 --------- d-----w c:\arquivos de programas\Arquivos comuns\Serviços

2009-02-21 17:36 --------- d-----w c:\arquivos de programas\Windows Media Connect 2

2009-02-21 15:58 --------- d-----w c:\arquivos de programas\Google

2009-02-21 15:39 155,995 ----a-w c:\windows\java\Packages\DRTBXV9Z.ZIP

2009-02-21 14:30 --------- d-----w c:\arquivos de programas\lg_fwupdate

2009-02-20 20:56 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\Any Video Converter

2009-02-20 12:43 --------- d-----w c:\arquivos de programas\Ahead

2009-02-18 19:02 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\vghd

2009-02-18 19:02 --------- d-----w c:\arquivos de programas\Windows Live

2009-02-18 19:02 --------- d-----w c:\arquivos de programas\CCleaner

2009-02-18 19:01 --------- d-----w c:\arquivos de programas\Microsoft

2009-02-04 16:56 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\Playrix Entertainment

2009-02-02 13:59 --------- d-----w c:\arquivos de programas\Microsoft SQL Server Compact Edition

2009-01-24 17:42 --------- d-----w c:\arquivos de programas\TeaTimer (Spybot - Search & Destroy)

2009-01-24 17:42 --------- d-----w c:\arquivos de programas\SDHelper (Spybot - Search & Destroy)

2009-01-24 16:17 --------- d-----w c:\arquivos de programas\Arquivos comuns\Windows Live

2009-01-24 16:13 --------- d-----w c:\arquivos de programas\Oneface

2009-01-24 16:13 --------- d-----w c:\arquivos de programas\MessengerPlus! 3

2009-01-24 14:09 1,044,168 ----a-w C:\vbrun60sp5.exe

2009-01-23 13:48 --------- d-----w c:\arquivos de programas\Alwil Software

2009-01-23 12:57 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\AVGTOOLBAR

2009-01-21 13:54 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\Zylom

2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll

2004-10-01 18:00 40,960 ----a-w c:\arquivos de programas\Uninstall_CDS.exe

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

"MsnMsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

"swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-24 68856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 79224]

"UnlockerAssistant"="c:\arquivos de programas\Unlocker\UnlockerAssistant.exe" [2009-01-24 15872]

"DAEMON Tools-1033"="c:\arquivos de programas\D-Tools\daemon.exe" [2004-08-22 81920]

"Motive SmartBridge"="c:\arquiv~1\ASSIST~1\SMARTB~1\MotiveSB.exe" [2005-04-15 397312]

"HP Software Update"="c:\arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]

"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]

"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]

"VTTimer"="VTTimer.exe" [2005-03-08 c:\windows\system32\VTTimer.exe]

"VTTrayp"="VTtrayp.exe" [2005-03-11 c:\windows\system32\VTTrayp.exe]

"SoundMan"="SOUNDMAN.EXE" [2005-07-22 c:\windows\SOUNDMAN.EXE]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nltide_3"="advpack.dll" [2008-12-20 c:\windows\system32\advpack.dll]

 

c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\

Ferramenta de Verifica‡Æo de M¡dia do Picture Motion Browser.lnk - c:\arquivos de programas\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-12-07 385024]

 

c:\documents and settings\UserName\Menu Iniciar\Programas\Inicializar\

Adobe Gamma.lnk - c:\arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

Ferramenta de Verifica‡Æo de M¡dia do Picture Motion Browser.lnk - c:\arquivos de programas\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-12-07 385024]

 

c:\documents and settings\All Users.WINDOWS\Menu Iniciar\Programas\Inicializar\

Assistente Tecnico Speedy.lnk - c:\arquivos de programas\Assistente Tecnico Speedy\bin\matcli.exe [2009-03-05 217088]

HP Digital Imaging Monitor.lnk - c:\arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

 

[HKLM\~\startupfolder\C:^Documents and Settings^UserName^Menu Iniciar^Programas^Inicializar^UberIcon.lnk]

backup=c:\windows\pss\UberIcon.lnkStartup

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\DreaMule\\emule.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"56899:TCP"= 56899:TCP:Pando P2P TCP Listening Port

"56899:UDP"= 56899:UDP:Pando P2P UDP Listening Port

 

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2009-02-24 c:\windows\Tasks\NSSstub.job

- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe []

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.uol.com.br/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

TCP: {17F4F1FF-78EC-420C-823C-FCC75D81DB43} = 200.204.0.138 200.204.0.10

DPF: Microsoft XML Parser for Java

FF - ProfilePath - c:\documents and settings\UserName\Dados de aplicativos\Mozilla\Firefox\Profiles\jpcdm6eq.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.uol.com.br/

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npganymedenet.dll

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npzylomgamesplayer.dll

FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

 

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-05 22:51:04

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Òw*]

"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

Tempo para conclusão: 2009-03-05 22:52:16

ComboFix-quarantined-files.txt 2009-03-06 01:52:13

 

Pré-execução: 14 pasta(s) 84.170.461.184 bytes disponíveis

Pós execução: 14 pasta(s) 84,306,608,128 bytes disponíveis

 

279 --- E O F --- 2009-03-06 00:52:08

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Drumer

 

Esse último apareceu depois da remoção dos programas UberIcon, Visual Tasktips e Object Dock, não sei dizer qual deles ao certo que foi pois desisntalei simultaneamente os 3 dp q você me pediu!!

<!> Se utilizou o Adicionar e remover programas,não deveria ter ocorrido problemas.

<!> Com certeza,devido a uma desinstalação incorreta,teremos que remover chaves,no registro,que ainda permanecem.

<><><><><><><><><><>

<@> Faça o download do RegSeeker.

<@> Salve-o no Disco Local-C e descompacte-o aí mesmo,em uma pasta própria.

<@> Execute o programa,com um duplo clique!

<@> Clique em Languages e selecione: Português Brasil

<@> Clique em: Procurar por....

<@> Na caixa,digite: OBjectDock

<@> Clique em: < Procurar >

<@> Selecione todos os valores encontrados.

<@> Agora,com o botão direito do mouse,clique em: Apagar entradas selecionadas

<@> Terminando,digite UberIcon --> ...e depois: VisualTaskTips. Faça um por vez!

<@> Reinicie após cada limpeza.

<><><><><><><><><><>

<@> Quanto ao outro erro,verifique se existe alguma Tarefa agendada.

 

Conteúdo da pasta 'Tarefas Agendadas'

 

2009-02-24 c:\windows\Tasks\NSSstub.job <--

<!> Remova qualquer tarefa,relacionada ao seu software,antes de reinstalá-lo.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Opa DigRam, tem uma chave de registro do UberIcon que teima em não sair, ja tentei tirar umas 3x e toda vez q reinicio o pc passo denovo o RegSeeker e esta la a mesma chave!!

 

E persiste o ERRO

 

Product not instaled

 

E eu ja retirei a unica tarefa agendada que tinha

 

2009-02-24 c:\windows\Tasks\NSSstub.job

 

E ainda assim quando instalo o programa e nada de rodar e aparece a mesma frase

 

'7/17/sábado 09:39:04 is not a valid date and time

 

Tipo assim a data do pc aparece tipo

EX:

09/02/aaaa

ja tentei arruma atualiza mas continua deste modo, pode ser isso q esta dando alguma interferência???

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Drumer

 

<@> Baixe: < BankerFix 3.0 >

<@> Salve-o no Disco Local-C!

<@> Desabilite,temporariamente,o seu anti-vírus.

<@> Dê um duplo-clique sobre o bankerfix.exe.

<@> Ps: Execute o bankerfix.exe,apenas uma vez!Evitando,com isso,a sobrescrição de seu relatório.

<@> A janela do BankerFix 3.0,abrir-se-á com a seguinte pergunta: "Instalar o Bankerfix 3.0?" <-- Traduzido!

<@> Clique em Sim!

<@> Uma janela informando que o BankerFix 3.0 será baixado,via internet,abrir-se-á.

<@> Clique OK. <-- Aguarde!

<@> Na próxima janela,clique em OK.

<@> O BankerFix 3.0 será iniciado!

<@> Pressione qualquer tecla,para dar continuidade ao processo. <-- Aguarde!

<@> Terminado o scan,leia a mensagem na tela e aperte Enter.

<@> Habilite o seu anti-vírus.

<@> Retorne com o relatório,do BankerFix,que estará em: C:\LinhaDefensiva\relatorio.txt <--

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Relatório Bankerfix

 

BankerFix 3.0 VALKYRIE - Removedor de Bankers

Linha Defensiva | http://www.linhadefensiva.org

http://www.linhadefensiva.org/bankerfix/

-------------------------------------------------------

Data: 2009-03-07 - 00:31

-------------------------------------------------------

Lista de Definição: 2009-01-21-2 | CORE: 2009-01-21-1

=======================================================

 

Arquivo infectado detectado: C:\WINDOWS\system32\GroupPolicy\Machine\Scripts\scripts.ini

Arquivo infectado removido com sucesso!

 

 

 

----- Fim -------------------------

 

 

 

 

Relatório Hijackthis

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:34:26, on 3/7/aaaa

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe

C:\WINDOWS\FixCamera.exe

C:\WINDOWS\tsnp325.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Assistente Tecnico Speedy\bin\mpbtn.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Arquivos de programas\HP\HP Software Update\hpwuSchd2.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

E:\Rick\Set-up\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [unlockerAssistant] C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Arquivos de programas\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Motive SmartBridge] "C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe" /restart

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe

O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O4 - S-1-5-18 Startup: ObjectDock.lnk = C:\Arquivos de programas\OBjectDock\ObjectDock.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: ObjectDock.lnk = C:\Arquivos de programas\OBjectDock\ObjectDock.exe (User 'Default user')

O4 - .DEFAULT Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe (User 'Default user')

O4 - .DEFAULT Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (User 'Default user')

O4 - .DEFAULT User Startup: ObjectDock.lnk = C:\Arquivos de programas\OBjectDock\ObjectDock.exe (User 'Default user')

O4 - .DEFAULT User Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe (User 'Default user')

O4 - .DEFAULT User Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Ferramenta de Verificação de Mídia do Picture Motion Browser.lnk = C:\Arquivos de programas\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

O4 - Global Startup: Assistente Tecnico Speedy.lnk = C:\Arquivos de programas\Assistente Tecnico Speedy\bin\matcli.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{17F4F1FF-78EC-420C-823C-FCC75D81DB43}: NameServer = 200.204.0.138 200.204.0.10

O17 - HKLM\System\CS1\Services\Tcpip\..\{17F4F1FF-78EC-420C-823C-FCC75D81DB43}: NameServer = 200.204.0.138 200.204.0.10

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 8809 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Drumer

 

<!> Mantenha,ainda,desabilitada a proteção TeaTimer. ( Spybot )

<><><><><><><><><><><>

<@> Abra o HijackThis --> Clique: Do a system scan only

 

O4 - S-1-5-18 Startup: ObjectDock.lnk = C:\Arquivos de programas\OBjectDock\ObjectDock.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe (User 'SYSTEM')

O4 - S-1-5-18 Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: ObjectDock.lnk = C:\Arquivos de programas\OBjectDock\ObjectDock.exe (User 'Default user')

O4 - .DEFAULT Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe (User 'Default user')

O4 - .DEFAULT Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (User 'Default user')

O4 - .DEFAULT User Startup: ObjectDock.lnk = C:\Arquivos de programas\OBjectDock\ObjectDock.exe (User 'Default user')

O4 - .DEFAULT User Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe (User 'Default user')

O4 - .DEFAULT User Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (User 'Default user')

<@> Marque,àcima,estas entradas! --> Clique em Fix checked --> Sim!

<><><><><><><><><><><><>

<@> Copie estas informações,entre os XXXXXXX....,para o Bloco de Notas.

<@> Salve-as,no desktop,como: CFScript <-- Texto!

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

File::

C:\Documents and Settings\UserName\Menu Iniciar\Programas\Inicializar\UberIcon.lnk

C:\Documents and Settings\WinXp\Menu Iniciar\Programas\Inicializar\UberIcon.lnk

C:\WINDOWS\BricoPacks\Vista Inspirat\Shortcuts\UberIcon.lnk

c:\windows\pss\UberIcon.lnkStartup

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^UserName^Menu Iniciar^Programas^Inicializar^UberIcon.lnk]

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^WinXp^Menu Iniciar^Programas^Inicializar^UberIcon.lnk]

RegNull::

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Òw*]

Folder::

C:\WINDOWS\BricoPacks\Vista Inspirat\Shortcuts

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

<@> Arraste o CFScript.txt,para o ícone do ComboFix.

<@> Arraste-o,até que surja uma solicitação para executar o ComboFix.exe.

<@> Terminando,poste: ComboFix.txt + HijackThis,atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia DigRam

 

Aqui vai relatório do Hijackthis

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:47:44, on 3/7/aaaa

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\FixCamera.exe

C:\WINDOWS\tsnp325.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\Arquivos de programas\Assistente Tecnico Speedy\bin\mpbtn.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wuauclt.exe

E:\Rick\Set-up\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [unlockerAssistant] C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Arquivos de programas\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Motive SmartBridge] "C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe" /restart

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe

O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O4 - .DEFAULT User Startup: ObjectDock.lnk = C:\Arquivos de programas\OBjectDock\ObjectDock.exe (User 'Default user')

O4 - .DEFAULT User Startup: UberIcon.lnk = C:\Arquivos de programas\UberIcon\UberIcon Manager.exe (User 'Default user')

O4 - .DEFAULT User Startup: VisualTaskTips.lnk = C:\Arquivos de programas\VisualTaskTips\VisualTaskTips.exe (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Ferramenta de Verificação de Mídia do Picture Motion Browser.lnk = C:\Arquivos de programas\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

O4 - Global Startup: Assistente Tecnico Speedy.lnk = C:\Arquivos de programas\Assistente Tecnico Speedy\bin\matcli.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 7776 bytes

 

Agora do ComboFix

 

ComboFix 09-03-06.02 - UserName 2009-03-07 11:36:52.5 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.959.617 [GMT -3:00]

Executando de: c:\documents and settings\UserName\Desktop\ComboFix.exe

Comandos utilizados :: c:\documents and settings\UserName\Desktop\CFScript.txt

AV: avast! antivirus 4.7.1043 [VPS 090305-1] *On-access scanning disabled* (Updated)

* Criado um novo ponto de restauro

 

FILE ::

c:\documents and settings\UserName\Menu Iniciar\Programas\Inicializar\UberIcon.lnk

c:\documents and settings\WinXp\Menu Iniciar\Programas\Inicializar\UberIcon.lnk

c:\windows\BricoPacks\Vista Inspirat\Shortcuts\UberIcon.lnk

c:\windows\pss\UberIcon.lnkStartup

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\pss\UberIcon.lnkStartup

 

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-02-07 to 2009-03-07 ))))))))))))))))))))))))))))

.

 

2009-03-07 00:31 . 2009-03-07 00:32 <DIR> d-------- C:\LinhaDefensiva

2009-03-07 00:29 . 2009-03-07 00:29 178,597 --a------ C:\bankerfix.exe

2009-03-07 00:18 . 2009-03-07 00:18 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\HP Product Assistant

2009-03-06 10:56 . 2009-03-06 10:56 450,114 --a------ C:\RegSeeker.zip

2009-03-06 10:53 . 2009-01-09 16:19 1,089,883 -----c--- c:\windows\system32\dllcache\ntprint.cat

2009-03-05 17:14 . 2006-06-29 13:07 14,048 --------- c:\windows\system32\spmsg2.dll

2009-03-05 17:08 . 2009-03-05 17:08 <DIR> d-------- c:\windows\system32\XPSViewer

2009-03-05 17:08 . 2009-03-05 17:08 <DIR> d-------- c:\arquivos de programas\Reference Assemblies

2009-03-05 17:08 . 2009-03-05 17:08 <DIR> d-------- c:\arquivos de programas\MSBuild

2009-03-05 17:08 . 2009-03-05 17:08 218 --a------ c:\windows\system32\spupdsvc.inf

2009-03-05 17:07 . 2009-03-05 17:08 <DIR> d-------- C:\8c402bcb0d1114182e7780fb8d

2009-03-05 17:07 . 2008-07-06 09:06 1,676,288 --------- c:\windows\system32\xpssvcs.dll

2009-03-05 17:07 . 2008-07-06 09:06 1,676,288 -----c--- c:\windows\system32\dllcache\xpssvcs.dll

2009-03-05 17:07 . 2008-07-06 07:50 597,504 -----c--- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2009-03-05 17:07 . 2008-07-06 09:06 575,488 --------- c:\windows\system32\xpsshhdr.dll

2009-03-05 17:07 . 2008-07-06 09:06 575,488 -----c--- c:\windows\system32\dllcache\xpsshhdr.dll

2009-03-05 17:07 . 2008-07-06 09:06 117,760 --------- c:\windows\system32\prntvpt.dll

2009-03-05 17:07 . 2008-07-06 09:06 89,088 -----c--- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2009-03-05 11:34 . 2009-03-05 11:34 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\snp325

2009-03-05 11:34 . 2007-05-24 18:06 10,343,424 --a------ c:\windows\system32\drivers\snp325.sys

2009-03-05 11:34 . 2007-05-10 13:18 835,584 --a------ c:\windows\vsnp325.exe

2009-03-05 11:34 . 2007-04-21 09:36 270,336 --a------ c:\windows\tsnp325.exe

2009-03-05 11:34 . 2006-04-12 12:11 147,456 --a------ c:\windows\system32\rsnp325.dll

2009-03-05 11:34 . 2006-07-03 10:31 94,208 --a------ c:\windows\amcap.exe

2009-03-05 11:34 . 2007-05-31 09:01 57,344 --a------ c:\windows\system32\vsnp325.dll

2009-03-05 11:34 . 2005-11-23 13:55 53,248 --a------ c:\windows\system32\csnp325.dll

2009-03-05 11:34 . 2007-02-12 14:50 20,480 --a------ c:\windows\FixCamera.exe

2009-03-05 11:34 . 2004-02-27 17:36 15,498 --a------ c:\windows\snp325.ini

2009-03-05 11:34 . 2004-02-27 17:36 13,023 --a------ c:\windows\snp325.src

2009-03-05 11:13 . 2009-03-05 11:13 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\HP

2009-03-05 11:13 . 2009-03-05 11:13 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\HP

2009-03-05 11:07 . 2006-04-12 22:04 49,664 -ra------ c:\windows\system32\drivers\HPZid412.sys

2009-03-05 11:07 . 2006-04-12 22:04 16,496 -ra------ c:\windows\system32\drivers\HPZipr12.sys

2009-03-05 11:06 . 2006-01-04 06:12 77,824 -ra------ c:\windows\system32\HPZIDS01.dll

2009-03-05 11:06 . 2006-04-10 14:03 38,400 --a------ c:\windows\system32\hpz3l054.dll

2009-03-05 11:06 . 2008-04-13 15:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys

2009-03-05 11:06 . 2008-04-13 15:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys

2009-03-05 11:05 . 1998-10-29 16:45 306,688 --a------ c:\windows\IsUninst.exe

2009-03-05 11:05 . 2006-03-03 21:03 282,680 --a------ c:\windows\system32\HPZidr12.dll

2009-03-05 11:05 . 2006-03-03 21:02 204,800 --a------ c:\windows\system32\HPZipr12.dll

2009-03-05 11:05 . 2006-03-03 21:02 94,208 --a------ c:\windows\system32\HPZipt12.dll

2009-03-05 11:05 . 2007-08-09 04:27 73,728 --a------ c:\windows\system32\HPZipm12.exe

2009-03-05 11:05 . 2006-03-03 21:03 65,536 --a------ c:\windows\system32\HPZinw12.exe

2009-03-05 11:05 . 2006-03-03 21:02 57,344 --a------ c:\windows\system32\HPZisn12.dll

2009-03-05 11:03 . 2009-03-07 00:20 <DIR> d-------- c:\arquivos de programas\HP

2009-03-05 11:01 . 2008-04-13 15:45 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys

2009-03-05 11:01 . 2008-04-13 15:45 32,128 --a--c--- c:\windows\system32\dllcache\usbccgp.sys

2009-03-05 11:01 . 2008-04-13 15:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys

2009-03-05 11:01 . 2008-04-13 15:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys

2009-03-05 10:59 . 2009-03-05 11:14 119,001 --a------ c:\windows\hpoins11.dat

2009-03-05 10:05 . 2009-03-05 10:05 <DIR> d-------- c:\arquivos de programas\Motive

2009-03-05 10:05 . 2009-03-05 10:06 <DIR> d-------- c:\arquivos de programas\Assistente Tecnico Speedy

2009-03-03 19:21 . 2009-03-03 19:21 <DIR> d-------- c:\arquivos de programas\Microsoft Silverlight

2009-03-03 06:32 . 2009-03-03 06:32 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\DVD Shrink

2009-02-28 22:09 . 2009-02-28 22:09 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\Malwarebytes

2009-02-28 22:09 . 2009-02-28 22:09 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\Malwarebytes

2009-02-28 22:09 . 2009-02-28 22:09 <DIR> d-------- c:\arquivos de programas\Malwarebytes' Anti-Malware

2009-02-28 22:09 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2009-02-28 22:09 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2009-02-27 12:36 . 2009-02-27 14:20 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\Media Player Classic

2009-02-27 12:36 . 2009-02-27 14:20 <DIR> d-------- c:\arquivos de programas\Real Alternative

2009-02-27 12:21 . 2009-02-27 12:21 <DIR> d-------- c:\arquivos de programas\Real

2009-02-26 18:36 . 2008-05-09 07:55 512,000 -----c--- c:\windows\system32\dllcache\jscript.dll

2009-02-26 18:36 . 2008-05-09 07:55 430,080 -----c--- c:\windows\system32\dllcache\vbscript.dll

2009-02-26 18:36 . 2008-05-09 07:55 180,224 -----c--- c:\windows\system32\dllcache\scrobj.dll

2009-02-26 18:36 . 2008-05-09 07:55 172,032 -----c--- c:\windows\system32\dllcache\scrrun.dll

2009-02-26 18:36 . 2008-05-08 08:24 155,648 -----c--- c:\windows\system32\dllcache\wscript.exe

2009-02-26 18:36 . 2008-05-09 05:45 135,168 -----c--- c:\windows\system32\dllcache\cscript.exe

2009-02-26 18:36 . 2008-05-09 07:55 90,112 -----c--- c:\windows\system32\dllcache\wshext.dll

2009-02-25 18:22 . 2009-02-25 18:22 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\Motive

2009-02-25 18:13 . 2009-02-25 18:13 64 --a------ c:\windows\Wininit.ini

2009-02-25 14:23 . 2009-02-25 21:57 <DIR> d-------- c:\arquivos de programas\DreaMule

2009-02-25 14:20 . 2004-02-22 10:11 719,872 --a------ c:\windows\system32\devil.dll

2009-02-25 14:20 . 2007-05-17 17:30 318,976 --a------ c:\windows\system32\avisynth.dll

2009-02-25 14:20 . 2004-01-25 00:00 70,656 --a------ c:\windows\system32\yv12vfw.dll

2009-02-25 14:20 . 2004-01-25 00:00 70,656 --a------ c:\windows\system32\i420vfw.dll

2009-02-24 19:53 . 2009-02-24 19:53 <DIR> d-------- c:\documents and settings\UserName\Configuraes locais

2009-02-24 18:08 . 2008-12-20 19:46 6,066,688 -----c--- c:\windows\system32\dllcache\ieframe.dll

2009-02-24 18:08 . 2007-04-17 06:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat

2009-02-24 18:08 . 2007-03-08 02:12 1,024,000 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui

2009-02-24 18:08 . 2008-12-20 19:46 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll

2009-02-24 18:08 . 2008-12-20 19:46 383,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dll

2009-02-24 18:08 . 2008-12-20 19:46 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll

2009-02-24 18:08 . 2008-12-20 19:46 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll

2009-02-24 18:08 . 2008-12-20 19:46 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll

2009-02-24 18:08 . 2008-12-19 06:10 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe

2009-02-23 23:11 . 2009-02-23 23:11 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\Any Video Converter

2009-02-23 23:06 . 2009-02-23 23:06 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\Adobe Systems

2009-02-23 21:48 . 2009-03-04 00:41 69 --a------ c:\windows\NeroDigital.ini

2009-02-22 13:11 . 2004-08-04 00:36 701,440 --------- c:\windows\system32\drivers\ati2mtag.sys

2009-02-22 12:44 . 2008-06-14 14:34 272,384 --------- c:\windows\system32\drivers\bthport.sys

2009-02-22 12:44 . 2008-06-14 14:34 272,384 -----c--- c:\windows\system32\dllcache\bthport.sys

2009-02-22 12:44 . 2008-08-14 07:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys

2009-02-22 12:43 . 2008-12-20 19:47 1,160,192 -----c--- c:\windows\system32\dllcache\urlmon.dll

2009-02-22 12:43 . 2008-12-20 19:47 826,368 -----c--- c:\windows\system32\dllcache\wininet.dll

2009-02-22 12:42 . 2009-01-16 21:16 3,594,752 -----c--- c:\windows\system32\dllcache\mshtml.dll

2009-02-22 12:41 . 2008-08-14 10:24 2,193,408 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe

2009-02-22 12:41 . 2008-08-14 10:24 2,149,376 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe

2009-02-22 12:41 . 2008-08-14 10:24 2,070,272 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe

2009-02-22 12:41 . 2008-08-14 10:24 2,028,032 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe

2009-02-22 12:41 . 2008-09-15 12:26 1,846,528 -----c--- c:\windows\system32\dllcache\win32k.sys

2009-02-22 12:36 . 2008-04-11 16:05 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll

2009-02-22 12:36 . 2008-10-24 08:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys

2009-02-22 12:36 . 2008-12-11 07:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys

2009-02-22 12:36 . 2008-05-08 11:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys

2009-02-22 12:34 . 2008-10-15 13:36 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll

2009-02-22 12:06 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll

2009-02-22 12:06 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll

2009-02-22 12:06 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui

2009-02-22 11:33 . 2009-02-22 11:33 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\Sony Corporation

2009-02-22 11:24 . 2006-11-02 16:57 118,520 --a------ c:\windows\system32\PxInsI64.exe

2009-02-22 11:24 . 2006-10-18 19:43 115,960 --a------ c:\windows\system32\PxCpyI64.exe

2009-02-22 11:24 . 2006-11-02 16:57 36,624 --a------ c:\windows\system32\drivers\pxhelp20.sys

2009-02-22 11:24 . 2006-08-28 21:48 2,560 --a------ c:\windows\system32\drivers\cdralw2k.sys

2009-02-22 11:24 . 2006-08-28 21:48 2,432 --a------ c:\windows\system32\drivers\cdr4_xp.sys

2009-02-22 11:22 . 2009-02-22 11:22 <DIR> d-------- c:\documents and settings\UserName\Dados de aplicativos\InstallShield

2009-02-21 20:15 . 2009-03-07 11:31 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\Spybot - Search & Destroy

2009-02-21 19:24 . 2009-02-21 19:24 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\Zylom

2009-02-21 19:23 . 2005-02-12 20:00 186,880 -r-hs---- c:\windows\system32\RLOgg.ax

2009-02-21 19:23 . 2005-02-05 20:00 92,672 -r-hs---- c:\windows\system32\RLVorbisDec.ax

2009-02-21 19:23 . 2005-02-12 20:00 67,584 -r-hs---- c:\windows\system32\RLTheoraDec.ax

2009-02-21 19:23 . 2005-02-12 20:00 51,712 -r-hs---- c:\windows\system32\RLSpeexDec.ax

2009-02-21 19:22 . 2005-01-17 20:26 179,200 -r-hs---- c:\windows\system32\DiracSplitter.ax

2009-02-21 19:22 . 2006-08-16 11:53 175,104 -r-hs---- c:\windows\system32\CoreAAC.ax

2009-02-21 19:22 . 2005-02-22 13:55 81,920 -r-hs---- c:\windows\system32\aac_parser.ax

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-05 14:34 --------- d--h--w c:\arquivos de programas\InstallShield Installation Information

2009-03-05 13:05 --------- d-----w c:\arquivos de programas\Common Files

2009-03-04 02:24 --------- d-----w c:\arquivos de programas\Windows Live Safety Center

2009-02-28 21:01 --------- d--h--w c:\documents and settings\Administrador\Dados de aplicativos\drivers

2009-02-25 21:30 --------- d-----w c:\arquivos de programas\ESET

2009-02-24 02:08 --------- d-----w c:\arquivos de programas\Arquivos comuns\Adobe

2009-02-22 14:29 --------- d-----w c:\arquivos de programas\TopDesk

2009-02-21 23:21 --------- d-----w c:\arquivos de programas\Spybot - Search & Destroy

2009-02-21 18:47 --------- d-----w c:\arquivos de programas\Messenger Plus! Live

2009-02-21 18:13 --------- d-----w c:\arquivos de programas\Realtek AC97

2009-02-21 18:13 --------- d-----w c:\arquivos de programas\AvRack

2009-02-21 17:46 --------- d-----w c:\arquivos de programas\LClock

2009-02-21 17:44 --------- d-----w c:\arquivos de programas\Nero

2009-02-21 17:37 --------- d-----w c:\arquivos de programas\Arquivos comuns\Serviços

2009-02-21 17:36 --------- d-----w c:\arquivos de programas\Windows Media Connect 2

2009-02-21 15:58 --------- d-----w c:\arquivos de programas\Google

2009-02-21 15:39 155,995 ----a-w c:\windows\java\Packages\DRTBXV9Z.ZIP

2009-02-21 14:30 --------- d-----w c:\arquivos de programas\lg_fwupdate

2009-02-20 20:56 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\Any Video Converter

2009-02-20 12:43 --------- d-----w c:\arquivos de programas\Ahead

2009-02-18 19:02 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\vghd

2009-02-18 19:02 --------- d-----w c:\arquivos de programas\Windows Live

2009-02-18 19:02 --------- d-----w c:\arquivos de programas\CCleaner

2009-02-18 19:01 --------- d-----w c:\arquivos de programas\Microsoft

2009-02-06 22:14 308,088 ----a-w c:\windows\WLXPGSS.SCR

2009-02-06 21:52 49,504 ----a-w c:\windows\system32\sirenacm.dll

2009-02-04 16:56 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\Playrix Entertainment

2009-02-02 13:59 --------- d-----w c:\arquivos de programas\Microsoft SQL Server Compact Edition

2009-01-24 17:42 --------- d-----w c:\arquivos de programas\TeaTimer (Spybot - Search & Destroy)

2009-01-24 17:42 --------- d-----w c:\arquivos de programas\SDHelper (Spybot - Search & Destroy)

2009-01-24 16:17 --------- d-----w c:\arquivos de programas\Arquivos comuns\Windows Live

2009-01-24 16:13 --------- d-----w c:\arquivos de programas\Oneface

2009-01-24 16:13 --------- d-----w c:\arquivos de programas\MessengerPlus! 3

2009-01-24 14:09 1,044,168 ----a-w C:\vbrun60sp5.exe

2009-01-23 13:48 --------- d-----w c:\arquivos de programas\Alwil Software

2009-01-23 12:57 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\AVGTOOLBAR

2009-01-21 13:54 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\Zylom

2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll

2004-10-01 18:00 40,960 ----a-w c:\arquivos de programas\Uninstall_CDS.exe

.

 

((((((((((((((((((((((((((((( SnapShot@2009-03-05_22.51.24,40 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-03-07 03:19:02 10,134 ----a-r c:\windows\Installer\{36FDBE6E-6684-462B-AE98-9A39A1B200CC}\ARPPRODUCTICON.exe

+ 2009-03-07 03:20:05 689,456 ----a-r c:\windows\Installer\{FE57DE70-95DE-4B64-9266-84DA811053DB}\HPSUShortcut_BB85ED9CAFC943BDB8DC258C3C7DF72E.exe

+ 2004-07-15 05:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\_aspnet_isapi.dll

+ 2004-07-15 04:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\_CORPerfMonExt.dll

+ 2004-07-15 04:24:30 282,624 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\_fusion.dll

+ 2004-07-15 04:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\_mscorjit.dll

+ 2004-07-15 18:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\_mscorlib.dll

+ 2003-02-20 23:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\_mscorsn.dll

+ 2004-07-15 04:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\_mscorsvr.dll

+ 2004-07-15 04:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\_mscorwks.dll

+ 2003-02-21 08:42:22 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\_msvcr71.dll

+ 2004-07-15 04:34:50 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW1816\_PerfCounter.dll

+ 2004-07-15 05:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW212\_aspnet_isapi.dll

+ 2004-07-15 04:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW212\_CORPerfMonExt.dll

+ 2004-07-15 04:24:30 282,624 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW212\_fusion.dll

+ 2004-07-15 04:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW212\_mscorjit.dll

+ 2004-07-15 18:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW212\_mscorlib.dll

+ 2003-02-20 23:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW212\_mscorsn.dll

+ 2004-07-15 04:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW212\_mscorsvr.dll

+ 2004-07-15 04:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW212\_mscorwks.dll

+ 2003-02-21 08:42:22 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW212\_msvcr71.dll

+ 2004-07-15 04:34:50 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW212\_PerfCounter.dll

+ 2004-07-15 05:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2308\_aspnet_isapi.dll

+ 2004-07-15 04:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2308\_CORPerfMonExt.dll

+ 2004-07-15 04:24:30 282,624 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2308\_fusion.dll

+ 2004-07-15 04:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2308\_mscorjit.dll

+ 2004-07-15 18:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2308\_mscorlib.dll

+ 2003-02-20 23:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2308\_mscorsn.dll

+ 2004-07-15 04:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2308\_mscorsvr.dll

+ 2004-07-15 04:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2308\_mscorwks.dll

+ 2003-02-21 08:42:22 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2308\_msvcr71.dll

+ 2004-07-15 04:34:50 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW2308\_PerfCounter.dll

+ 2004-07-15 05:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW256\_aspnet_isapi.dll

+ 2004-07-15 04:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW256\_CORPerfMonExt.dll

+ 2004-07-15 04:24:30 282,624 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW256\_fusion.dll

+ 2004-07-15 04:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW256\_mscorjit.dll

+ 2004-07-15 18:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW256\_mscorlib.dll

+ 2003-02-20 23:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW256\_mscorsn.dll

+ 2004-07-15 04:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW256\_mscorsvr.dll

+ 2004-07-15 04:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW256\_mscorwks.dll

+ 2003-02-21 08:42:22 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW256\_msvcr71.dll

+ 2004-07-15 04:34:50 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW256\_PerfCounter.dll

+ 2004-07-15 05:49:16 258,048 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3856\_aspnet_isapi.dll

+ 2004-07-15 04:32:22 81,920 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3856\_CORPerfMonExt.dll

+ 2004-07-15 04:24:30 282,624 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3856\_fusion.dll

+ 2004-07-15 04:25:06 315,392 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3856\_mscorjit.dll

+ 2004-07-15 18:29:02 2,138,112 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3856\_mscorlib.dll

+ 2003-02-20 23:09:18 77,824 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3856\_mscorsn.dll

+ 2004-07-15 04:26:52 2,510,848 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3856\_mscorsvr.dll

+ 2004-07-15 04:28:34 2,502,656 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3856\_mscorwks.dll

+ 2003-02-21 08:42:22 348,160 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3856\_msvcr71.dll

+ 2004-07-15 04:34:50 94,208 ----a-w c:\windows\Microsoft.NET\Framework\v1.1.4322\SHADOW3856\_PerfCounter.dll

- 2007-11-30 12:39:22 17,272 ------w c:\windows\system32\spmsg.dll

+ 2007-11-30 11:18:16 18,296 ------w c:\windows\system32\spmsg.dll

+ 2007-08-09 07:27:52 73,728 ----a-w c:\windows\system32\spool\drivers\w32x86\3\HPZIPM12.EXE

+ 2009-03-07 14:10:32 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_570.dat

+ 2006-03-23 14:15:32 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_6e85597b\ATL80.dll

+ 2006-03-23 14:14:36 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcm80.dll

+ 2006-03-23 14:14:36 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcp80.dll

+ 2006-03-23 14:14:36 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_0de56c07\msvcr80.dll

+ 2006-03-23 15:44:12 1,093,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfc80.dll

+ 2006-03-23 15:44:16 1,079,808 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfc80u.dll

+ 2006-03-23 15:44:20 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfcm80.dll

+ 2006-03-23 15:44:20 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.91_x-ww_decbdf0c\mfcm80u.dll

.

-- Snapshot resetado para data atual --

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

"MsnMsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

"swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-24 68856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 79224]

"UnlockerAssistant"="c:\arquivos de programas\Unlocker\UnlockerAssistant.exe" [2009-01-24 15872]

"DAEMON Tools-1033"="c:\arquivos de programas\D-Tools\daemon.exe" [2004-08-22 81920]

"Motive SmartBridge"="c:\arquiv~1\ASSIST~1\SMARTB~1\MotiveSB.exe" [2005-04-15 397312]

"HP Software Update"="c:\arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]

"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]

"VTTimer"="VTTimer.exe" [2005-03-08 c:\windows\system32\VTTimer.exe]

"VTTrayp"="VTtrayp.exe" [2005-03-11 c:\windows\system32\VTTrayp.exe]

"SoundMan"="SOUNDMAN.EXE" [2005-07-22 c:\windows\SOUNDMAN.EXE]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nltide_3"="advpack.dll" [2008-12-20 c:\windows\system32\advpack.dll]

 

c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\

Ferramenta de Verifica‡Æo de M¡dia do Picture Motion Browser.lnk - c:\arquivos de programas\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-12-07 385024]

 

c:\documents and settings\UserName\Menu Iniciar\Programas\Inicializar\

Adobe Gamma.lnk - c:\arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

Ferramenta de Verifica‡Æo de M¡dia do Picture Motion Browser.lnk - c:\arquivos de programas\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-12-07 385024]

 

c:\documents and settings\All Users.WINDOWS\Menu Iniciar\Programas\Inicializar\

Assistente Tecnico Speedy.lnk - c:\arquivos de programas\Assistente Tecnico Speedy\bin\matcli.exe [2009-03-05 217088]

HP Digital Imaging Monitor.lnk - c:\arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\DreaMule\\emule.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"56899:TCP"= 56899:TCP:Pando P2P TCP Listening Port

"56899:UDP"= 56899:UDP:Pando P2P UDP Listening Port

 

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.uol.com.br/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

TCP: {17F4F1FF-78EC-420C-823C-FCC75D81DB43} = 200.204.0.138 200.204.0.10

DPF: Microsoft XML Parser for Java

FF - ProfilePath - c:\documents and settings\UserName\Dados de aplicativos\Mozilla\Firefox\Profiles\jpcdm6eq.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.uol.com.br/

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npganymedenet.dll

FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npzylomgamesplayer.dll

FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: c:\documents and settings\All Users.WINDOWS\Dados de aplicativos\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

 

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-07 11:38:35

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|ÿÿÿÿ"•€|þ»Òw*]

"6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

Tempo para conclusão: 2009-03-07 11:39:44

ComboFix-quarantined-files.txt 2009-03-07 14:39:40

ComboFix2.txt 2009-03-06 01:52:17

 

Pré-execução: 15 pasta(s) 84.545.896.448 bytes disponíveis

Pós execução: 15 pasta(s) 84,591,370,240 bytes disponíveis

 

351 --- E O F --- 2009-03-07 04:36:39

 

 

Detalhe, hj eu consegui ver de qual programa aparece a msg de erro e de um programa chamado Virtual Daemon Tools, mas ele nao aparece na lista p Adicionar/Remover programas!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! Drumer

 

Detalhe, hj eu consegui ver de qual programa aparece a msg de erro e de um programa chamado Virtual Daemon Tools, mas ele nao aparece na lista p Adicionar/Remover programas!!!

<!> Desinstale essa versão do Daemon Tools,e busque instalar uma mais recente.Provavelmente,terás a eliminação do erro.

<!> Ps: Cuidado para não instalar o patrocínio. ( Adware )

 

<!> Baixe: < http://www.pplware.com/2008/01/19/daemon-tools-lite-412/ >

 

<!> Após o download,abra o Gerenciador de dispositivos.

<!> Vá em Iniciar --> Executar --> Digite:

 

devmgmt.msc

 

<!> Clique OK.

<!> Observe ítens de CD ou DVD,que aparece como um dispositivo. Além,é claro,de seu gravador ou unidade de CD.

<!> Clique no item,com o botão direito do Mouse.

<!> Clique em desinstalar. ( Estará desinstalando,as unidades virtuais! )

<!> Sem reiniciar,instale a nova versão do Daemon Tools.

<><><><><><><><><>

<!> Aguardo retorno! :thumbsup:

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Deu certo aquel erro de Product Not Instaled sumiu, ainda so nao consigo reinstalar o software, pois aparece a mensagem de "Is not a valid date and time", e fiz aquilo que falow retirei as tarefas agendadas e mesmo assim nao consigo instalar e faze-lo rodar corretamente!!

Compartilhar este post


Link para o post
Compartilhar em outros sites
Deu certo aquel erro de Product Not Instaled sumiu, ainda so nao consigo reinstalar o software, pois aparece a mensagem de "Is not a valid date and time", e fiz aquilo que falow retirei as tarefas agendadas e mesmo assim nao consigo instalar e faze-lo rodar corretamente!!

<><><><><><><><><><>

Opa! Drumer

 

<!> Então,somente,lhe resta o erro que ocorre ao instalar programas.

<><><><><><><><><><>

<!> Aplique estes procedimentos,na correção do problema: < http://support.microsoft.com/kb/105766/pt-br >

<><><><><><><><><><>

<!> Execute o BankerFix,em Modo de Segurança,e poste seu relatório. ( C:\LinhaDefensiva\relatorio.txt )

<!> Ps: Acredito que as orientações da Microsoft,se corretamente realizadas,solucionarão o problema.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.