[Resolvido!] explorer.exe reinicia incessantemente

Luiz psYco · Junho 24, 2009

Ola pessoal.

Esse é meu primeito topico, e gostaria da ajuda de voces.

Ultimamente, estou tendo alguns problemas com o processo explorer.exe (no meu Gerenciador de Tarefas aparece "Explorer.EXE").

Utilizo o sistema operacional Windows XP Professional SP2.

Quando inicio o computador, o explorer ja inicia travado. Quando passo o cursor sobre a barra inferior, apenas fica indicado que está a carregar, mas nunca que o explorer termina de carregar. Assim, eu abro o Gerenciador de Tarefas e o finalizo. Em seguida, executo o explorer novamente mas este fica reiniciando incessantemente.

Ja tentei diversas coisas como: desfragmentaçao de disco, escaneamento completo de disco(Karsperski 2009), Combofix, retirar alguns processos desnecessarios da inicializaçao; mas nada adiantou.

Que eu me lembre, a ultima coisa que eu modifiquei, antes de dar esse problema, foi a instalaçao do UxThemePackager, um programinha que serve pra adaptar as dlls de novos temas para o Windows, e a instalaçao de um pacote de icones.

Agora, a unica coisa que acontece é que o explorer.exe reinicia, começa a usar uma grande quantidade de RAM e CPU, e reinicia novamente.

Possuo aqui um log do HighJackThis e do ComboFix, espero que ajude.

Combofix:

ComboFix 09-06-22.0E - Usuario 23/06/2009 21:13.3 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.1023.586 [GMT -3:00]

Executando de: c:\combofix\ComboFix.exe

AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

* Criado um novo ponto de restauração

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\drivers\kl1.sys

c:\windows\system32\url(2).dll

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-05-24 to 2009-06-24 ))))))))))))))))))))))))))))

.

2009-06-20 23:41 . 2009-06-20 23:41 -------- d-----w- c:\arquivos de programas\Arquivos comuns\xing shared

2009-06-20 23:41 . 2009-06-20 23:41 -------- d-----w- c:\arquivos de programas\IcoFX 1.6

2009-06-14 22:25 . 2008-05-29 06:03 37176 ----a-w- c:\documents and settings\Usuario\Dados de aplicativos\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

2009-06-07 02:06 . 2009-06-12 18:53 -------- d-----w- c:\arquivos de programas\Gabest

2009-06-07 01:03 . 2009-06-07 01:03 -------- d-----w- c:\arquivos de programas\Codemasters

2009-06-01 20:36 . 2009-06-01 20:36 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Synetic

2009-06-01 20:34 . 2009-06-01 20:35 -------- d-----w- c:\arquivos de programas\Ferrari Virtual Race

2009-06-01 01:16 . 2009-06-01 01:47 -------- d-----w- c:\arquivos de programas\FrostWire Ultra Accelerator

2009-05-31 02:02 . 2009-05-31 02:02 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Adobe Systems

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-06-24 00:20 . 2009-01-28 13:26 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab

2009-06-24 00:18 . 2009-01-28 13:26 6279200 --sha-w- c:\windows\system32\drivers\fidbox.dat

2009-06-24 00:18 . 2009-01-28 13:26 5684 --sha-w- c:\windows\system32\drivers\fidbox2.idx

2009-06-24 00:18 . 2009-01-28 13:26 51184 --sha-w- c:\windows\system32\drivers\fidbox.idx

2009-06-24 00:18 . 2009-01-28 13:26 1040416 --sha-w- c:\windows\system32\drivers\fidbox2.dat

2009-06-22 23:35 . 2008-06-30 23:44 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\DNA

2009-06-22 23:35 . 2008-06-30 23:44 -------- d-----w- c:\arquivos de programas\DNA

2009-06-21 00:31 . 2008-07-14 22:35 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Stardock

2009-06-21 00:19 . 2008-04-20 18:39 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP

2009-06-20 23:41 . 2009-01-31 13:45 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Real

2009-06-20 23:41 . 2008-03-06 14:36 499712 ----a-w- c:\windows\system32\msvcp71.dll

2009-06-20 23:41 . 2008-03-06 14:36 348160 ----a-w- c:\windows\system32\msvcr71.dll

2009-06-20 23:23 . 2008-12-06 21:13 83456 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\SpeedBit\DAP\SDCondition.dll

2009-06-18 00:36 . 2008-03-27 23:24 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Orbit

2009-06-17 00:04 . 2009-01-18 01:22 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Hamachi

2009-06-11 19:06 . 2009-02-03 23:15 -------- d-----w- c:\arquivos de programas\SpeedFan

2009-06-07 13:22 . 2008-11-22 16:17 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\FrostWire

2009-06-07 01:23 . 2009-03-29 15:16 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\BitTorrent

2009-06-07 00:39 . 2008-03-06 14:28 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2009-05-31 02:03 . 2008-03-06 14:37 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe

2009-05-30 23:52 . 2008-11-05 22:23 -------- d-----w- c:\arquivos de programas\GameTop.com

2009-05-24 02:46 . 2008-04-17 23:34 -------- d-----w- c:\arquivos de programas\Google

2009-05-24 02:36 . 2008-10-30 14:54 -------- d-----w- c:\arquivos de programas\Megacubo

2009-05-21 16:55 . 2008-11-04 23:29 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Corel

2009-05-21 16:55 . 2008-11-04 23:25 -------- d-----w- c:\arquivos de programas\Corel

2009-05-21 13:06 . 2009-05-21 13:06 -------- d-----w- c:\arquivos de programas\PENSUITEPRO

2009-05-21 12:47 . 2009-05-21 12:28 -------- d-----w- c:\arquivos de programas\G-PEN SERIES

2009-05-20 22:08 . 2009-01-28 13:36 94643 ----a-w- c:\windows\system32\drivers\klick.dat

2009-05-20 22:08 . 2009-01-28 13:36 105395 ----a-w- c:\windows\system32\drivers\klin.dat

2009-05-18 00:05 . 2009-05-18 00:05 -------- d-----w- c:\arquivos de programas\BitTorrent

2009-05-17 13:32 . 2008-11-22 16:16 -------- d-----w- c:\arquivos de programas\FrostWire

2009-05-17 13:30 . 2008-11-22 16:16 -------- d-----w- c:\arquivos de programas\AskBarDis

2009-05-12 14:59 . 2009-02-15 21:50 -------- d-----w- c:\arquivos de programas\Microsoft Silverlight

2009-05-11 23:27 . 2009-05-11 23:27 -------- d-----w- c:\arquivos de programas\NCH Software

2009-05-11 23:27 . 2009-05-11 23:27 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\NCH Swift Sound

2009-05-11 23:27 . 2009-05-11 23:27 -------- d-----w- c:\arquivos de programas\NCH Swift Sound

2009-05-05 23:43 . 2008-03-06 14:41 -------- d-----w- c:\arquivos de programas\Java

2009-05-05 23:42 . 2009-05-05 23:42 152576 ----a-w- c:\documents and settings\Usuario\Dados de aplicativos\Sun\Java\jre1.6.0_13\lzma.dll

2009-05-03 23:39 . 2009-05-03 23:39 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Hide IP NG

2009-05-03 23:39 . 2009-05-03 23:39 -------- d-----w- c:\arquivos de programas\Hide IP NG

2009-05-03 17:28 . 2008-08-13 23:22 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2009-05-03 17:28 . 2008-08-13 23:22 103736 ----a-w- c:\windows\system32\PnkBstrB.exe

2009-05-03 01:31 . 2009-05-03 01:31 -------- d-----w- c:\arquivos de programas\GameVicio

2009-05-02 18:18 . 2008-08-13 23:22 66872 ----a-w- c:\windows\system32\PnkBstrA.exe

2009-05-02 18:12 . 2009-05-02 18:12 22328 ----a-w- c:\documents and settings\Usuario\Dados de aplicativos\PnkBstrK.sys

2009-05-02 17:55 . 2009-05-02 17:55 -------- d-----w- c:\arquivos de programas\Activision

2009-05-02 17:41 . 2009-01-30 12:54 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Ulead Systems

2009-05-01 20:59 . 2009-05-01 20:27 -------- d-----w- c:\arquivos de programas\Audio Mid Recorder

2009-05-01 17:36 . 2009-05-01 17:36 -------- d-----w- c:\arquivos de programas\TVUPlayer

2009-04-29 22:53 . 2009-04-29 22:53 51200 ----a-w- c:\documents and settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\86ik9tpc.default\extensions\{7c5c0f58-e061-457d-9033-77307f5ed00c}\components\FFExternalAlert.dll

2009-04-29 22:53 . 2009-04-29 22:53 114688 ----a-w- c:\documents and settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\86ik9tpc.default\extensions\{7c5c0f58-e061-457d-9033-77307f5ed00c}\components\npmozax.dll

2009-04-29 22:50 . 2009-04-29 22:50 -------- d-----w- c:\arquivos de programas\ASIO4ALL v2

2009-04-26 23:08 . 2008-03-06 14:43 -------- d-----w- c:\arquivos de programas\URUSoft

2009-04-26 17:17 . 2009-04-26 17:17 -------- d-----w- c:\arquivos de programas\Alien Connections

2009-04-26 15:29 . 2008-03-06 14:28 -------- d-----w- c:\arquivos de programas\Realtek

2009-04-26 15:06 . 2009-04-26 15:06 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\WinBatch

2009-04-26 14:49 . 2009-04-25 19:27 -------- d-----w- c:\arquivos de programas\AP Tuner

2009-04-25 19:38 . 2009-04-25 19:38 8 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\SDGLYBMPWPP.SYS

2009-04-21 22:48 . 2009-04-07 00:13 1554432 ----a-w- c:\windows\Explorer.EXE

2009-04-21 13:24 . 2009-04-21 13:24 150528 ----a-w- c:\windows\regedit.exe

2009-04-16 20:23 . 2008-03-06 14:28 540672 ----a-w- c:\windows\RtlExUpd.dll

2009-04-14 19:09 . 2008-03-06 14:29 5069312 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys

2009-04-10 16:38 . 2008-03-06 14:28 17879552 ----a-w- c:\windows\RTHDCPL.EXE

2009-04-01 12:58 . 2008-03-06 14:29 1200128 ----a-w- c:\windows\RtlUpd.exe

2004-07-22 12:51 . 2004-07-22 12:51 3432656 ----a-w- c:\arquivos de programas\ManagedDX.CAB

2004-07-20 00:58 . 2004-07-20 00:58 1156363 ----a-w- c:\arquivos de programas\BDANT.cab

2004-07-20 00:53 . 2004-07-20 00:53 976020 ----a-w- c:\arquivos de programas\BDAXP.cab

2004-07-09 16:17 . 2004-07-09 16:17 13265040 ----a-w- c:\arquivos de programas\dxnt.cab

2004-07-09 11:13 . 2004-07-09 11:13 15493481 ----a-w- c:\arquivos de programas\DirectX.cab

2004-07-09 11:13 . 2004-07-09 11:13 703080 ----a-w- c:\arquivos de programas\BDA.cab

2004-07-09 06:08 . 2004-07-09 06:08 472576 ----a-w- c:\arquivos de programas\dxsetup.exe

2004-07-09 06:08 . 2004-07-09 06:08 2242560 ----a-w- c:\arquivos de programas\dsetup32.dll

2004-07-09 05:03 . 2004-07-09 05:03 62976 ----a-w- c:\arquivos de programas\DSETUP.dll

2008-03-06 15:30 . 2008-03-06 14:51 24 --sh--w- c:\windows\S9AF1913F.tmp

.

------- Sigcheck -------

[7] 2004-08-04 02:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\system32\dllcache\tcpip.sys

[-] 2004-08-04 02:14 359040 6A603809F598332DBEDD535BDBCE313E c:\windows\system32\drivers\tcpip.sys

[-] 2004-08-04 03:45 543744 3550BFE59972A67AC2F7781041D28EA7 c:\windows\system32\winlogon.exe

[7] 2004-08-04 03:45 504320 6F7BDE7A1126DEBF0CC359A54953EFC1 c:\windows\system32\dllcache\winlogon.exe

[-] 2009-04-21 22:48 1554432 C7052E176D939D1C6D6585F62C02A8A2 c:\windows\Explorer.EXE

[7] 2004-08-04 03:45 1034240 FA61A19050AE14BEC1A26DE82390DD65 c:\windows\XPize Darkside\Backup\explorer.exe

[-] 2004-08-04 03:45 25088 A3F0971DBBA9657034C303B39464EA5B c:\windows\system32\ctfmon.exe

[-] 2004-08-04 03:45 30208 C44B39505116F6961988B8681793E572 c:\windows\system32\dllcache\ctfmon.exe

[7] 2004-08-04 03:45 15360 F40BC97996B8E53799EEF1D63996674B c:\windows\XPize Darkside\Backup\ctfmon.exe

.

((((((((((((((((((((((((((((( SnapShot@2009-04-21_13.33.13 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-06-24 00:19 . 2009-06-24 00:19 16384 c:\windows\temp\Perflib_Perfdata_394.dat

+ 2009-05-24 03:25 . 2009-03-16 17:18 69448 c:\windows\system32\XAPOFX1_3.dll

+ 2009-05-24 03:25 . 2008-10-27 13:04 70992 c:\windows\system32\XAPOFX1_2.dll

+ 2009-05-24 03:25 . 2008-07-30 09:20 68616 c:\windows\system32\XAPOFX1_1.dll

+ 2009-05-24 03:25 . 2008-05-30 17:17 65032 c:\windows\system32\XAPOFX1_0.dll

+ 2009-05-24 03:25 . 2009-03-16 17:18 22360 c:\windows\system32\X3DAudio1_6.dll

+ 2009-05-24 03:25 . 2008-10-27 13:04 23376 c:\windows\system32\X3DAudio1_5.dll

+ 2009-05-24 03:25 . 2008-05-30 17:17 25608 c:\windows\system32\X3DAudio1_4.dll

+ 2007-04-11 16:27 . 2007-04-11 16:27 40960 c:\windows\system32\WTClient.exe

+ 2007-04-24 16:27 . 2007-04-24 16:27 46080 c:\windows\system32\UCMfg.exe

+ 2007-04-24 19:31 . 2007-04-24 19:31 10240 c:\windows\system32\ucinst32.dll

+ 2009-04-26 15:29 . 2009-03-17 15:44 36352 c:\windows\system32\RtkCoInstXP.dll

+ 2009-05-21 12:46 . 2007-05-31 17:33 12800 c:\windows\system32\ReinstallBackups\0017\DriverFiles\drivers\UCTblHid.sys

+ 2009-05-21 12:46 . 2007-04-23 15:28 18432 c:\windows\system32\ReinstallBackups\0017\DriverFiles\drivers\TClass2k.sys

+ 2009-04-26 15:30 . 2006-07-21 08:14 86016 c:\windows\system32\ReinstallBackups\0016\DriverFiles\SOUNDMAN.EXE

+ 2009-04-26 15:30 . 2004-08-04 03:45 23552 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\wdmaud.drv

+ 2009-04-26 15:30 . 2004-08-04 02:08 48640 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\stream.sys

+ 2009-04-26 15:30 . 2004-08-04 02:08 60288 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\drmk.sys

+ 2009-04-26 15:30 . 2005-05-03 10:43 69632 c:\windows\system32\ReinstallBackups\0016\DriverFiles\ALCMTR.EXE

+ 2002-10-29 19:53 . 2002-10-29 19:53 69632 c:\windows\system32\PcHook.DLL

+ 2008-03-06 14:14 . 2001-10-28 18:07 19429 c:\windows\system32\MsDtc\Trace\msdtcvtr.bat

+ 2008-08-04 16:43 . 2009-05-31 19:41 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe

- 2008-08-04 16:43 . 2008-11-22 18:39 84661 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe

+ 2002-07-25 10:04 . 2002-07-25 10:04 24576 c:\windows\system32\lhtool.exe

+ 2007-05-31 13:38 . 2007-05-31 13:38 53248 c:\windows\system32\drivers\WTSrv.exe

+ 2007-05-31 17:33 . 2007-05-31 17:33 12800 c:\windows\system32\drivers\UCTblHid.sys

+ 2007-04-23 15:28 . 2007-04-23 15:28 18432 c:\windows\system32\drivers\TClass2k.sys

+ 2007-04-23 15:28 . 2007-04-23 15:28 17920 c:\windows\system32\drivers\Tablet2k.sys

+ 2007-04-23 15:28 . 2007-04-23 15:28 10752 c:\windows\system32\drivers\PTSimHid.sys

+ 2007-06-07 17:16 . 2007-06-07 17:16 18944 c:\windows\system32\drivers\PTSimBus.sys

+ 2009-05-21 12:33 . 2001-09-06 02:20 12288 c:\windows\system32\drivers\mouhid.sys

+ 2009-05-21 12:33 . 2001-09-06 02:20 12288 c:\windows\system32\dllcache\mouhid.sys

- 2008-03-06 14:21 . 2009-04-21 12:51 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2008-03-06 14:21 . 2009-06-24 00:19 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2009-06-24 00:19 . 2009-06-24 00:19 32768 c:\windows\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5\index.dat

- 2008-03-06 14:21 . 2009-04-21 12:51 32768 c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat

+ 2008-03-06 14:21 . 2009-06-24 00:19 32768 c:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\index.dat

+ 2008-03-06 14:29 . 2008-08-19 16:26 77824 c:\windows\SOUNDMAN.EXE

+ 2009-05-31 02:05 . 2009-05-31 02:05 65536 c:\windows\Installer\{E9787678-1033-0000-8E67-000000000001}\ProgramMenuShortcut_E9787678103300008E670000000001_1.exe

+ 2009-05-31 02:05 . 2009-05-31 02:05 65536 c:\windows\Installer\{E9787678-1033-0000-8E67-000000000001}\AppLanuchShortcut_E9787678103300008E67000000000001_1.exe

+ 2009-05-31 02:02 . 2009-05-31 02:02 65536 c:\windows\Installer\{236BB7C4-4419-42FD-0409-1E257A25E34D}\NewShortcut1_236BB7C4441942FD04091E257A25E34D.exe

+ 2009-06-07 01:21 . 2009-06-07 01:21 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2009-06-07 01:21 . 2009-06-07 01:21 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll

+ 2008-03-06 14:28 . 2009-03-02 14:14 57344 c:\windows\ALCMTR.EXE

+ 2009-04-26 15:29 . 2004-08-04 03:45 4096 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\ksuser.dll

- 2009-01-31 13:46 . 2009-01-31 13:46 5632 c:\windows\system32\pndx5032.dll

+ 2009-01-31 13:46 . 2009-06-20 23:41 5632 c:\windows\system32\pndx5032.dll

- 2009-01-31 13:46 . 2009-01-31 13:46 6656 c:\windows\system32\pndx5016.dll

+ 2009-01-31 13:46 . 2009-06-20 23:41 6656 c:\windows\system32\pndx5016.dll

+ 2009-04-26 15:29 . 2008-10-23 20:42 290816 c:\windows\vncutil.exe

+ 2009-04-26 17:17 . 1997-01-18 14:40 299520 c:\windows\uninst.exe

+ 2009-05-24 03:25 . 2009-03-16 17:18 517448 c:\windows\system32\XAudio2_4.dll

+ 2009-05-24 03:25 . 2008-10-27 13:04 514384 c:\windows\system32\XAudio2_3.dll

+ 2009-05-24 03:25 . 2008-07-30 09:20 509448 c:\windows\system32\XAudio2_2.dll

+ 2009-05-24 03:25 . 2008-05-30 17:19 507400 c:\windows\system32\XAudio2_1.dll

+ 2009-05-24 03:25 . 2009-03-16 17:18 235352 c:\windows\system32\xactengine3_4.dll

+ 2009-05-24 03:25 . 2008-10-27 13:04 235856 c:\windows\system32\xactengine3_3.dll

+ 2009-05-24 03:25 . 2008-07-31 13:41 238088 c:\windows\system32\xactengine3_2.dll

+ 2009-05-24 03:25 . 2008-05-30 17:18 238088 c:\windows\system32\xactengine3_1.dll

+ 2007-08-23 12:42 . 2007-08-23 12:42 143360 c:\windows\system32\WinTab32.dll

+ 2004-08-04 03:45 . 2006-08-09 23:58 218624 c:\windows\system32\uxtheme.dll

+ 2007-08-08 18:37 . 2007-08-08 18:37 401408 c:\windows\system32\tabcfg.exe

+ 2008-03-06 14:29 . 2009-03-05 16:35 131072 c:\windows\system32\RTCOM\RTLCPAPI.dll

- 2008-03-06 14:29 . 2007-03-07 06:59 131072 c:\windows\system32\RTCOM\RtlCPAPI.dll

+ 2008-03-06 14:28 . 2009-04-10 19:17 266240 c:\windows\system32\RTCOM\RTCOMDLL.dll

+ 2009-01-31 13:46 . 2009-06-20 23:41 185920 c:\windows\system32\rmoc3260.dll

- 2009-01-31 13:46 . 2009-01-31 13:46 185920 c:\windows\system32\rmoc3260.dll

+ 2009-04-26 15:30 . 2007-03-07 06:59 131072 c:\windows\system32\ReinstallBackups\0016\DriverFiles\RTLCPAPI.dll

+ 2009-04-26 15:30 . 2007-03-15 06:39 262144 c:\windows\system32\ReinstallBackups\0016\DriverFiles\RTCOMDLL.dll

+ 2009-04-26 15:30 . 2004-03-16 13:58 136960 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\portcls.sys

+ 2009-04-26 15:30 . 2004-08-04 02:15 140928 c:\windows\system32\ReinstallBackups\0016\DriverFiles\i386\ks.sys

+ 2002-09-30 00:25 . 2002-09-30 00:25 229376 c:\windows\system32\PreAnntt.exe

- 2009-01-31 13:45 . 2009-01-31 13:45 278528 c:\windows\system32\pncrt.dll

+ 2009-01-31 13:45 . 2009-06-20 23:41 278528 c:\windows\system32\pncrt.dll

+ 2009-02-03 02:15 . 2009-02-03 02:15 240544 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe

- 2009-01-11 12:45 . 2009-01-11 12:45 148888 c:\windows\system32\javaws.exe

+ 2009-05-05 23:43 . 2009-03-09 08:19 148888 c:\windows\system32\javaws.exe

- 2009-01-11 12:45 . 2009-01-11 12:45 144792 c:\windows\system32\javaw.exe

+ 2009-05-05 23:43 . 2009-03-09 08:19 144792 c:\windows\system32\javaw.exe

- 2009-01-11 12:45 . 2009-01-11 12:45 144792 c:\windows\system32\java.exe

+ 2009-05-05 23:43 . 2009-03-09 08:19 144792 c:\windows\system32\java.exe

+ 2004-08-04 03:45 . 2006-08-09 23:58 218624 c:\windows\system32\dllcache\uxtheme.dll

+ 2004-03-16 13:58 . 2004-03-16 13:58 136960 c:\windows\system32\dllcache\portcls.sys

+ 2009-01-11 12:45 . 2009-03-09 08:19 410984 c:\windows\system32\deploytk.dll

- 2009-01-11 12:45 . 2009-01-11 12:45 410984 c:\windows\system32\deploytk.dll

+ 2009-05-24 03:25 . 2009-03-09 18:27 453456 c:\windows\system32\d3dx10_41.dll

+ 2009-05-24 03:25 . 2008-10-15 09:22 452440 c:\windows\system32\d3dx10_40.dll

+ 2009-05-24 03:25 . 2008-07-10 14:01 467984 c:\windows\system32\d3dx10_39.dll

+ 2009-05-24 03:25 . 2008-05-30 17:11 467984 c:\windows\system32\d3dx10_38.dll

+ 2007-05-15 11:21 . 2007-05-15 11:21 323584 c:\windows\SetupX32.EXE

+ 2009-04-26 15:29 . 2009-03-17 17:07 122880 c:\windows\RtkAudioService.exe

+ 2009-05-20 23:07 . 2006-10-22 00:56 382976 c:\windows\Resources\Themes\Shell\NormalColor\Shellstyle.dll

+ 2009-05-20 23:07 . 2006-10-22 00:56 382976 c:\windows\Resources\Themes\Shell\Bottom48\Shellstyle.dll

+ 2009-05-20 23:07 . 2006-10-22 00:56 382976 c:\windows\Resources\Themes\Shell\Bottom32\Shellstyle.dll

+ 2009-05-20 23:07 . 2006-10-22 00:56 382976 c:\windows\Resources\Themes\Shell\Aero48\Shellstyle.dll

+ 2009-05-20 23:29 . 2006-10-22 00:56 749568 c:\windows\Resources\Themes\Seven\Shell\NormalColor\Shellstyle.dll

+ 2009-05-20 23:28 . 2006-10-22 00:56 665088 c:\windows\Resources\Themes\AeroUltimate\Shell\NormalColor\Shellstyle.dll

+ 2009-05-20 23:28 . 2006-10-22 00:56 665088 c:\windows\Resources\Themes\AeroGlass\Shell\NormalColor\Shellstyle.dll

+ 2009-05-02 18:08 . 2009-05-02 18:08 216358 c:\windows\Installer\{E48469CC-635E-4FD5-A122-1497C286D217}\ARPPRODUCTICON.exe

- 2008-12-23 13:14 . 2008-12-23 13:14 295606 c:\windows\Installer\{AC76BA86-7AD7-1046-7B44-A81300000003}\SC_Reader.exe

+ 2008-12-23 13:14 . 2009-06-20 12:21 295606 c:\windows\Installer\{AC76BA86-7AD7-1046-7B44-A81300000003}\SC_Reader.exe

+ 2007-01-23 13:39 . 2007-01-23 13:39 443904 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA76401B7448A3100000030\8.1.3\JP2KLib.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2009-06-07 01:21 . 2009-06-07 01:21 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll

+ 2009-06-07 01:21 . 2009-06-07 01:21 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll

+ 2009-06-07 01:21 . 2009-06-07 01:21 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll

+ 2009-06-07 01:21 . 2009-06-07 01:21 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll

+ 2009-06-07 01:21 . 2009-06-07 01:21 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll

+ 2009-05-31 20:22 . 2009-05-31 20:22 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-05-31 20:22 . 2009-05-31 20:22 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-05-31 20:22 . 2009-05-31 20:22 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-06-07 01:21 . 2009-06-07 01:21 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-05-31 20:22 . 2009-05-31 20:22 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-05-31 20:22 . 2009-05-31 20:22 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-05-31 20:22 . 2009-05-31 20:22 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-05-31 20:22 . 2009-05-31 20:22 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2009-06-07 01:21 . 2009-06-07 01:21 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll

+ 2009-04-26 15:30 . 2007-04-04 09:22 1822720 c:\windows\system32\ReinstallBackups\0016\DriverFiles\SkyTel.exe

+ 2009-04-26 15:30 . 2007-01-16 02:39 1191936 c:\windows\system32\ReinstallBackups\0016\DriverFiles\RtlUpd.exe

+ 2009-04-26 15:30 . 2007-03-23 11:19 9715200 c:\windows\system32\ReinstallBackups\0016\DriverFiles\RTLCPL.EXE

+ 2009-04-26 15:30 . 2007-04-10 11:04 4397568 c:\windows\system32\ReinstallBackups\0016\DriverFiles\RtkHDAud.sys

+ 2009-04-26 15:30 . 2006-10-11 09:42 2157568 c:\windows\system32\ReinstallBackups\0016\DriverFiles\MicCal.exe

+ 2009-04-26 15:30 . 2006-05-04 08:26 2808832 c:\windows\system32\ReinstallBackups\0016\DriverFiles\ALCWZRD.EXE

+ 2009-02-03 02:15 . 2009-02-03 02:15 3771296 c:\windows\system32\Macromed\Flash\NPSWF32.dll

+ 2008-03-06 11:10 . 2009-05-31 13:08 2258744 c:\windows\system32\FNTCACHE.DAT

+ 2009-04-26 15:29 . 2006-01-04 18:41 1389056 c:\windows\system32\drivers\Monfilt.sys

+ 2009-04-26 15:29 . 2008-08-05 23:10 1684736 c:\windows\system32\drivers\Ambfilt.sys

+ 2009-05-24 03:25 . 2009-03-09 18:27 4178264 c:\windows\system32\D3DX9_41.dll

+ 2009-05-24 03:25 . 2008-10-15 09:22 4379984 c:\windows\system32\D3DX9_40.dll

+ 2009-05-24 03:25 . 2008-07-10 14:00 3851784 c:\windows\system32\D3DX9_39.dll

+ 2009-05-24 03:25 . 2008-05-30 17:11 3850760 c:\windows\system32\D3DX9_38.dll

+ 2009-05-24 03:25 . 2009-03-09 18:27 1846632 c:\windows\system32\D3DCompiler_41.dll

+ 2009-05-24 03:25 . 2008-10-15 09:22 2036576 c:\windows\system32\D3DCompiler_40.dll

+ 2009-05-24 03:25 . 2008-07-10 14:00 1493528 c:\windows\system32\D3DCompiler_39.dll

+ 2009-05-24 03:25 . 2008-05-30 17:11 1491992 c:\windows\system32\D3DCompiler_38.dll

+ 2008-03-06 14:29 . 2007-11-20 21:15 1826816 c:\windows\SkyTel.exe

+ 2008-03-06 14:29 . 2008-06-19 19:27 9715200 c:\windows\RTLCPL.EXE

- 2008-03-06 14:29 . 2007-03-23 11:19 9715200 c:\windows\RTLCPL.exe

+ 2008-03-06 14:28 . 2009-03-10 17:32 2168320 c:\windows\MicCal.exe

+ 2009-05-31 20:22 . 2009-05-31 20:22 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2009-02-21 21:17 . 2009-02-21 21:17 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

+ 2009-05-31 20:22 . 2009-05-31 20:22 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll

- 2008-03-06 14:28 . 2006-05-04 08:26 2808832 c:\windows\alcwzrd.exe

+ 2008-03-06 14:28 . 2008-06-19 19:42 2808832 c:\windows\ALCWZRD.EXE

+ 2009-04-26 15:30 . 2007-04-10 07:28 16126464 c:\windows\system32\ReinstallBackups\0016\DriverFiles\RTHDCPL.EXE

+ 2008-10-15 02:42 . 2008-10-15 02:42 13219184 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA76401B7448A3100000030\8.1.3\AcroRd32.dll

.

-- Snapshot resetado para data atual --

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

2008-09-09 00:08 279944 ----a-w- c:\arquivos de programas\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]

2008-05-21 02:43 1526296 ----a-w- c:\arquivos de programas\TorrentMan\tbTorr.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="c:\arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 25088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVP"="c:\arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-02-10 206088]

"Persistence"="c:\windows\system32\igfxpers.exe" [2006-10-05 94208]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-10-05 98304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-10-05 114688]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640]

"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016]

"TkBellExe"="c:\arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" [2009-06-20 198160]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-04-10 17879552]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoChangeStartMenu"= 1 (0x1)

"ForceStartMenuLogOff"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="c:\windows\system32\logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]

2005-01-31 18:13 49152 ----a-w- c:\arquiv~1\ARQUIV~1\Stardock\MCPStub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]

2001-12-21 02:34 24576 ----a-w- c:\arquivos de programas\AlienGUIse\fastload.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Gamma Loader.lnk]

backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^AutoCAD Startup Accelerator.lnk]

backup=c:\windows\pss\AutoCAD Startup Accelerator.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^WatchLSDriver.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\WatchLSDriver.lnk

backup=c:\windows\pss\WatchLSDriver.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Usuario^Menu Iniciar^Programas^Inicializar^Adobe Gamma.lnk]

path=c:\documents and settings\Usuario\Menu Iniciar\Programas\Inicializar\Adobe Gamma.lnk

backup=c:\windows\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Usuario^Menu Iniciar^Programas^Inicializar^Mobile Phone Manager.lnk]

backup=c:\windows\pss\Mobile Phone Manager.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Usuario^Menu Iniciar^Programas^Inicializar^Recorte de tela e Iniciador do OneNote 2007.lnk]

path=c:\documents and settings\Usuario\Menu Iniciar\Programas\Inicializar\Recorte de tela e Iniciador do OneNote 2007.lnk

backup=c:\windows\pss\Recorte de tela e Iniciador do OneNote 2007.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WMPNetworkSvc"=2 (0x2)

"WLSetupSvc"=3 (0x3)

"WinTabService"=2 (0x2)

"usnjsvc"=3 (0x3)

"ose"=2 (0x2)

"odserv"=2 (0x2)

"NetTcpPortSharing"=2 (0x2)

"Microsoft Office Groove Audit Service"=3 (0x3)

"MDM"=2 (0x2)

"idsvc"=3 (0x3)

"HDD & SSD access service"=2 (0x2)

"FLEXnet Licensing Service"=2 (0x2)

"cmpe"=2 (0x2)

"Capture Device Service"=3 (0x3)

"Bonjour Service"=3 (0x3)

"Autodesk Licensing Service"=3 (0x3)

"Adobe LM Service"=3 (0x3)

"a2free"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Arquivos de programas\\OnGame\\GunBoundWC\\GunBound.gme"=

"c:\\Arquivos de programas\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"=

"c:\\Arquivos de programas\\DNA\\btdna.exe"=

"c:\\Arquivos de programas\\DAP\\DAP.exe"=

"c:\\BMW M3 Challenge\\BMW.exe"=

"c:\\Arquivos de programas\\Aspyr\\Guitar Hero III\\GH3.exe"=

"c:\\Arquivos de programas\\FrostWire\\FrostWire.exe"=

"c:\\Arquivos de programas\\Orbitdownloader\\orbitdm.exe"=

"c:\\Arquivos de programas\\Orbitdownloader\\orbitnet.exe"=

"c:\\Arquivos de programas\\Arquivos comuns\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=

"d:\\Meus Documentos\\LFS\\LFS Pack\\LFS.exe"=

"c:\\Arquivos de programas\\Hamachi\\hamachi.exe"=

"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=

"c:\\Documents and Settings\\All Users\\Dados de aplicativos\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 2009\\Brazilian\\setup.exe"=

"c:\\WINDOWS\\system32\\mmc.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Arquivos de programas\\SopCast\\adv\\SopAdver.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Arquivos de programas\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=

"c:\\Arquivos de programas\\BitTorrent\\bittorrent.exe"=

"d:\\Meus Documentos\\LFS\\LFS Pack\\LfsRevLimiter.0.9.exe"=

"d:\\Meus Documentos\\D1GP\\racer.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys --> \SystemRoot\\SystemRoot\System32\drivers\vidstub.sys [?]

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29/01/2008 16:29 33808]

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/04/2008 16:06 24592]

R3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\drivers\PTSimBus.sys [07/06/2007 14:16 18944]

R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\drivers\PTSimHid.sys [23/04/2007 12:28 10752]

R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [10/06/2002 00:09 31232]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [26/04/2009 12:29 1684736]

S3 CrystalSysInfo;CrystalSysInfo;\??\c:\arquivos de programas\MediaCoder\SysInfo.sys --> c:\arquivos de programas\MediaCoder\SysInfo.sys [?]

S3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [23/01/2004 16:33 13952]

S3 PPortJoystick;Parallel Port Joystick device driver;c:\windows\system32\drivers\PPortJoy.sys [23/01/2004 16:32 28800]

S3 siusbmod;siusbmod;c:\windows\system32\drivers\siusbmod.sys [09/08/2005 12:13 27008]

S4 akl_svc;Anti-keylogger Service;c:\windows\system32\akl_svc.exe --> c:\windows\system32\akl_svc.exe [?]

S4 cmpe;Context Manager Process Extension;c:\windows\system32\cmpe.exe --> c:\windows\system32\cmpe.exe [?]

S4 HDD & SSD access service;HDD & SSD access service;"c:\arquivos de programas\Arquivos comuns\BinarySense\disksvc.exe" --> c:\arquivos de programas\Arquivos comuns\BinarySense\disksvc.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.ask.com/?o=101677&l=dis

uInternet Settings,ProxyServer = socks=

uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,

IE: &Clean Traces - c:\arquivos de programas\DAP\Privacy Package\dapcleanerie.htm

IE: &Download by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/201

IE: &Download with &DAP - c:\arquivos de programas\DAP\dapextie.htm

IE: &Grab video by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/204

IE: Add to AMV Convert Tool... - c:\arquivos de programas\MP3 Player Utilities 4.00\AMVConverter\grab.html

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: Atualizar imagem com qualidade total - c:\arquivos de programas\Acelerador Propel Edição iG\pac-image.html

IE: Atualizar página com qualidade total - c:\arquivos de programas\Acelerador Propel Edição iG\pac-page.html

IE: Autorizar pop-ups deste site - c:\arquivos de programas\Acelerador Propel Edição iG\pac-addwl.html

IE: Do&wnload selected by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\arquivos de programas\Orbitdownloader\orbitmxt.dll/202

IE: Download &all with DAP - c:\arquivos de programas\DAP\dapextie2.htm

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: MediaManager tool grab multimedia file - c:\arquivos de programas\MP3 Player Utilities 4.00\MediaManager\grab.html

Trusted Zone: kboing.com.br\www

TCP: {04677822-EA51-4FFC-B13A-F90BCA479E93} = 200.165.132.148 200.165.132.155

Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\arquiv~1\DAP\dapie.dll

Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\arquiv~1\DAP\dapie.dll

Name-Space Handler: HTTPS\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\arquiv~1\DAP\dapie.dll

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

FF - ProfilePath -

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-06-23 21:20

Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-527237240-484763869-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]

@Denied: (Full) (LocalSystem)

[HKEY_USERS\S-1-5-21-527237240-484763869-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{46954830-9B4B-B97B-1BF6-A174BBFB0B2F}*]

@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]

"ThreadingModel"="Apartment"