[Arquivado] Análise de Log

Pablo RD · Julho 6, 2009

Meu avg deu uns avisos de vírus aí esses dias.. Daí decidi postar o log do Hijack aqui..

Aí vai:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:59:51, on 6/7/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16850)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

C:\Arquivos de programas\Google\Google Talk\googletalk.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEAB.EXE

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\Hijack\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Arquivos de programas\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Arquivos de programas\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [EPSON Stylus T23 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEAB.EXE /FU "C:\WINDOWS\TEMP\E_S13A.tmp" /EF "HKCU"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Stardock ObjectDock.lnk = C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: Append to existing PDF - res://E:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://E:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://E:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://E:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://E:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://E:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://E:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://E:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.2.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Arquivos de programas\Arquivos comuns\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate1c98655383f4042) (gupdate1c98655383f4042) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

--

End of file - 9839 bytes

MGuitar · Julho 6, 2009

Saberia dizer qual(is) arquivo(s) era(m) detectado(s) pelo AVG?

Faça o download do DDS e salve no desktop

• Desative temporariamente seu antivirus e dê um duplo clique em dds.scr;

• Abrirá uma tela do DOS para você. Apenas aguarde;

• Ao término, serão abertos automaticamente dois logs. Um com o nome DDS.txt e outro Attach.txt. Estes logs também estarão salvos no desktop.

Cole os logs em sua próxima resposta.

Pablo RD · Julho 6, 2009

DDS (Ver_09-06-26.01) - NTFSx86
Run by Usuario at 15:38:01,26 on seg 06/07/2009

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1407.590 [GMT -3:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

C:\Arquivos de programas\Google\Google Talk\googletalk.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEAB.EXE

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\arquivos de programas\mozilla firefox\firefox.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Arquivos de programas\twhirl\twhirl.exe

C:\WINDOWS\system32\lxcccoms.exe

C:\Arquivos de programas\Skype\Phone\Skype.exe

C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe

C:\Documents and Settings\Usuario\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Facilitador de Leitor de Link Adobe PDF: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelper.dll

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - e:\arquivos de programas\adobe\/Adobe Contribute CS3/contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\arquivos de programas\avg\avg8\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\arquivos de programas\java\jre6\bin\ssv.dll

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\arquivos de programas\google\googletoolbarnotifier\5.1.1309.3572\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - e:\arquivos de programas\adobe\/Adobe Contribute CS3/contributeieplugin.dll

TB: {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No File

EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll

uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe

uRun: [Google Update] "c:\documents and settings\usuario\configurações locais\dados de aplicativos\google\update\GoogleUpdate.exe" /c

uRun: [EPSON Stylus T23 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatieab.exe /fu "c:\windows\temp\E_S13A.tmp" /EF "HKCU"

mRun: [soundMan] SOUNDMAN.EXE

mRun: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

mRun: [siSUSBRG] c:\windows\SiSUSBrg.exe

mRun: [sunJavaUpdateSched] "c:\arquivos de programas\java\jre6\bin\jusched.exe"

mRun: [LXCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCCtime.dll,_RunDLLEntry@16

mRun: [AVG8_TRAY] c:\arquiv~1\avg\avg8\avgtray.exe

mRun: [googletalk] c:\arquivos de programas\google\google talk\googletalk.exe /autostart

mRun: [Adobe Reader Speed Launcher] "c:\arquivos de programas\adobe\reader 9.0\reader\Reader_sl.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\usuario\menuin~1\progra~1\inicia~1\stardo~1.lnk - c:\arquivos de programas\stardock\objectdock\ObjectDock.exe

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Append to existing PDF - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - e:\arquivos de programas\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - e:\arquiv~1\micros~1\office12\REFIEBAR.DLL

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab

DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\arquivos de programas\avg\avg8\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\arquiv~1\arquiv~1\skype\SKYPE4~1.DLL

Notify: avgrsstarter - avgrsstx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\usuario\dadosd~1\mozilla\firefox\profiles\2i0zws22.default 2\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/

FF - component: c:\arquivos de programas\avg\avg8\firefox\components\avgssff.dll

FF - plugin: c:\arquivos de programas\google\google updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\arquivos de programas\google\update\1.2.141.5\npGoogleOneClick7.dll

FF - plugin: c:\arquivos de programas\google\update\1.2.145.5\npGoogleOneClick8.dll

FF - plugin: c:\arquivos de programas\google\update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: c:\documents and settings\usuario\configuraã§ãµes locais\dados de aplicativos\google\update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: e:\arquivos de programas\google\picasa3\npPicasa3.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);

c:\arquivos de programas\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);

c:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);

c:\arquivos de programas\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-1-19 327688]

R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-1-19 27784]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-1-19 108552]

R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2009-1-26 100560]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2009-1-26 41744]

R2 avg8emc;AVG Free8 E-mail Scanner;c:\arquiv~1\avg\avg8\avgemc.exe [2009-1-19 906520]

R2 avg8wd;AVG Free8 WatchDog;c:\arquiv~1\avg\avg8\avgwdsvc.exe [2009-1-19 298776]

R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2009-3-27 87568]

S2 gupdate1c98655383f4042;Google Update Service (gupdate1c98655383f4042);c:\arquivos de programas\google\update\GoogleUpdate.exe [2009-2-3 133104]

S2 gzdjkemdi;Center Update;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]

=============== Created Last 30 ================

2009-07-06 12:33 <DIR> --d----- C:\Hijack

2009-07-04 20:30 <DIR> --d----- c:\arquivos de programas\HyCam2

2009-06-28 17:42 56,320 a------- c:\windows\system32\wrr2tokl.exe

2009-06-28 17:42 56,320 a------- C:\mthpbgbp.exe

2009-06-26 14:07 <DIR> --d----- c:\windows\system32\NtmsData

2009-06-22 11:41 <DIR> --d----- c:\docume~1\usuario\dadosd~1\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1

2009-06-22 11:41 <DIR> --d----- c:\arquivos de programas\twhirl

2009-06-22 11:36 <DIR> --d----- c:\arquivos de programas\Skype

2009-06-13 12:34 664 a------- c:\windows\system32\d3d9caps.dat

2009-06-12 12:38 65,320 a---h--- c:\windows\system32\mlfcache.dat

2009-06-11 21:23 <DIR> --d----- c:\arquivos de programas\directx

2009-06-11 21:22 <DIR> --d----- c:\arquivos de programas\Rockstar Games

2009-06-11 19:41 <DIR> --d----- c:\arquivos de programas\Koinonia Software

2009-06-11 19:41 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Opus Shared

2009-06-11 17:40 <DIR> --d----- c:\arquivos de programas\iPod

2009-06-11 17:40 <DIR> --d----- c:\arquivos de programas\iTunes

2009-06-11 10:27 <DIR> --d----- c:\docume~1\usuario\dadosd~1\Witty

2009-06-08 16:54 <DIR> --d----- C:\driver T23

2009-06-08 16:18 <DIR> --d----- C:\CI_C92

2009-06-08 15:56 9,072 -------- c:\windows\system32\drivers\cdr4_xp.sys

2009-06-08 15:56 9,200 -------- c:\windows\system32\drivers\cdralw2k.sys

2009-06-08 15:55 <DIR> --d----- c:\windows\system32\IOSUBSYS

==================== Find3M ====================

2009-07-06 14:16 2,516 a--sh--- c:\docume~1\alluse~1\dadosd~1\KGyGaAvL.sys

2009-07-04 20:39 34 a------- c:\documents and settings\usuario\jagex_runescape_preferences.dat

2009-06-27 10:25 327,688 a------- c:\windows\system32\drivers\avgldx86.sys

2009-06-27 10:25 11,952 a------- c:\windows\system32\avgrsstx.dll

2009-05-11 16:36 108,552 a------- c:\windows\system32\drivers\avgtdix.sys

2009-05-07 12:33 347,136 a------- c:\windows\system32\localspl.dll

2009-05-01 15:30 3,366,912 a------- c:\windows\system32\GPhotos.scr

2009-04-29 01:45 827,392 a------- c:\windows\system32\wininet.dll

2009-04-29 01:45 78,336 a------- c:\windows\system32\ieencode.dll

2009-04-19 16:50 1,847,296 a------- c:\windows\system32\win32k.sys

2009-04-16 18:40 465,632 a------- c:\windows\system32\perfh016.dat

2009-04-16 18:40 76,196 a------- c:\windows\system32\perfc016.dat

2009-04-15 11:53 585,216 a------- c:\windows\system32\rpcrt4.dll

2009-01-14 20:59 8 ---shr-- c:\docume~1\alluse~1\dadosd~1\AC65688EC0.sys

============= FINISH: 15:38:25,71 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-06-26.01)

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 14/1/2009 16:11:56

System Uptime: 7/6/2009 12:35:38 (699 hours ago)

Motherboard: Digitron Ind Com S.A. | | DG-661FX

Processor: Intel® Pentium® D CPU 2.80GHz | Socket 775 | 2800/200mhz

==== Disk Partitions =========================

A: is Removable

C: is FIXED (NTFS) - 20 GiB total, 6,377 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 55 GiB total, 15,133 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP36: 19/6/2009 08:11:10 - Ponto de verificação do sistema

RP37: 20/6/2009 20:46:36 - Ponto de verificação do sistema

RP38: 21/6/2009 22:32:50 - Ponto de verificação do sistema

RP39: 22/6/2009 11:22:12 - Removido Skype™ 4.0

RP40: 22/6/2009 11:31:37 - Removido Skype™ 4.0

RP41: 23/6/2009 15:52:10 - Ponto de verificação do sistema

RP42: 24/6/2009 18:12:27 - Ponto de verificação do sistema

RP43: 25/6/2009 20:29:55 - Ponto de verificação do sistema

RP44: 26/6/2009 14:07:06 - Funcionando corretamente.

RP45: 26/6/2009 14:11:40 - Removed 3DVIA player 4.1

RP46: 26/6/2009 14:13:10 - Removido Ferramenta de Carregamento do Windows Live

RP47: 26/6/2009 14:15:38 - Removed Xara3D6

RP48: 27/6/2009 10:23:24 - Avg8 Update

RP49: 27/6/2009 10:26:08 - Avg8 Update

RP50: 28/6/2009 22:40:52 - Ponto de verificação do sistema

RP51: 1/7/2009 07:18:09 - Ponto de verificação do sistema

RP52: 2/7/2009 08:08:10 - Ponto de verificação do sistema

RP53: 3/7/2009 13:02:56 - Ponto de verificação do sistema

RP54: 4/7/2009 16:14:09 - Ponto de verificação do sistema

RP55: 6/7/2009 10:55:28 - Ponto de verificação do sistema

==== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1)

7-Zip 4.65

Add or Remove Adobe Creative Suite 3 Master Collection

Adobe Acrobat 8 Professional

Adobe After Effects CS3

Adobe After Effects CS3 Presets

Adobe After Effects CS3 Third Party Content

Adobe AIR

Adobe Anchor Service CS3

Adobe Asset Services CS3

Adobe Bridge CS3

Adobe Bridge Start Meeting

Adobe BridgeTalk Plugin CS3

Adobe Camera Raw 4.0

Adobe CMaps

Adobe Color - Photoshop Specific

Adobe Color Common Settings

Adobe Color EU Extra Settings

Adobe Color JA Extra Settings

Adobe Color NA Recommended Settings

Adobe Contribute CS3

Adobe Creative Suite 3 Master Collection

Adobe Default Language CS3

Adobe Device Central CS3

Adobe Dreamweaver CS3

Adobe Encore CS3

Adobe Encore CS3 Codecs

Adobe ExtendScript Toolkit 2

Adobe Extension Manager CS3

Adobe Fireworks CS3

Adobe Flash CS3

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Flash Player 9 ActiveX

Adobe Flash Video Encoder

Adobe Fonts All

Adobe Help Viewer CS3

Adobe Illustrator CS3

Adobe InDesign CS3

Adobe InDesign CS3 Icon Handler

Adobe Linguistics CS3

Adobe MotionPicture Color Files

Adobe PDF Library Files

Adobe Photoshop CS3

Adobe Premiere Pro CS3

Adobe Premiere Pro CS3 Functional Content

Adobe Premiere Pro CS3 Third Party Content

Adobe Reader 9.1.1 - Português

Adobe Setup

Adobe SING CS3

Adobe Soundbooth CS3

Adobe Soundbooth CS3 Codecs

Adobe Stock Photos CS3

Adobe Type Support

Adobe Update Manager CS3

Adobe Version Cue CS3 Client

Adobe Version Cue CS3 Server

Adobe Video Profiles

Adobe WAS CS3

Adobe WinSoft Linguistics Plugin

Adobe XMP DVA Panels CS3

Adobe XMP Panels CS3

AHV content for Acrobat and Flash

Apple Mobile Device Support

Apple Software Update

Arquivo do WinRAR

Assistente de Conexão do Windows Live

µTorrent

Atualização Crítica para o Windows Media Player 11 (KB959772)

Atualização de Segurança para o Windows Media Player (KB952069)

Atualização de Segurança para o Windows Media Player 11 (KB936782)

Atualização de Segurança para o Windows Media Player 11 (KB954154)

Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2)

Atualização de Segurança para Windows Internet Explorer 7 (KB956390)

Atualização de Segurança para Windows Internet Explorer 7 (KB958215)

Atualização de Segurança para Windows Internet Explorer 7 (KB960714)

Atualização de Segurança para Windows Internet Explorer 7 (KB961260)

Atualização de Segurança para Windows Internet Explorer 7 (KB963027)

Atualização de Segurança para Windows Internet Explorer 7 (KB969897)

Atualização de Segurança para Windows XP (KB923561)

Atualização de Segurança para Windows XP (KB923689)

Atualização de Segurança para Windows XP (KB938464)

Atualização de Segurança para Windows XP (KB941569)

Atualização de Segurança para Windows XP (KB946648)

Atualização de Segurança para Windows XP (KB950762)

Atualização de Segurança para Windows XP (KB950974)

Atualização de Segurança para Windows XP (KB951066)

Atualização de Segurança para Windows XP (KB951376-v2)

Atualização de Segurança para Windows XP (KB951698)

Atualização de Segurança para Windows XP (KB951748)

Atualização de Segurança para Windows XP (KB952004)

Atualização de Segurança para Windows XP (KB952954)

Atualização de Segurança para Windows XP (KB954211)

Atualização de Segurança para Windows XP (KB954459)

Atualização de Segurança para Windows XP (KB954600)

Atualização de Segurança para Windows XP (KB955069)

Atualização de Segurança para Windows XP (KB956391)

Atualização de Segurança para Windows XP (KB956572)

Atualização de Segurança para Windows XP (KB956802)

Atualização de Segurança para Windows XP (KB956803)

Atualização de Segurança para Windows XP (KB956841)

Atualização de Segurança para Windows XP (KB957097)

Atualização de Segurança para Windows XP (KB958215)

Atualização de Segurança para Windows XP (KB958644)

Atualização de Segurança para Windows XP (KB958687)

Atualização de Segurança para Windows XP (KB958690)

Atualização de Segurança para Windows XP (KB959426)

Atualização de Segurança para Windows XP (KB960225)

Atualização de Segurança para Windows XP (KB960714)

Atualização de Segurança para Windows XP (KB960715)

Atualização de Segurança para Windows XP (KB960803)

Atualização de Segurança para Windows XP (KB961373)

Atualização de Segurança para Windows XP (KB961501)

Atualização de Segurança para Windows XP (KB968537)

Atualização de Segurança para Windows XP (KB969898)

Atualização de Segurança para Windows XP (KB970238)

Atualização para Windows XP (KB898461)

Atualização para Windows XP (KB951978)

Atualização para Windows XP (KB955839)

Atualização para Windows XP (KB961503)

Atualização para Windows XP (KB967715)

AVG Free 8.5

Bonjour

Bíblia Hábil 2.0

Camtasia Studio 6

Choice Guard

CorelDRAW Graphics Suite X4

CorelDRAW Graphics Suite X4 - Capture

CorelDRAW Graphics Suite X4 - Content

CorelDRAW Graphics Suite X4 - Draw

CorelDRAW Graphics Suite X4 - Filters

CorelDRAW Graphics Suite X4 - FontNav

CorelDRAW Graphics SUite X4 - ICA

CorelDRAW Graphics Suite X4 - IPM

CorelDRAW Graphics Suite X4 - Lang BR

CorelDRAW Graphics Suite X4 - PP

CorelDRAW Graphics Suite X4 - VBA

CorelDRAW® Graphics Suite X4

CorelDRAW® Graphics Suite X4 - Windows Shell Extension

DAEMON Tools Toolbar

Desinstalar impressora EPSON Stylus T23 Series

DET AoC(E) 1.0

EasyCleaner

EVEREST Ultimate Edition v4.60

Google Chrome

Google Earth

Google Talk (remove only)

Google Update Helper

Google Updater

GTA2

HijackThis 2.0.2

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix para o Windows Media Player 11 (KB939683)

Hotfix para Windows XP (KB952287)

HyperCam 2

iTunes

Java 6 Update 11

Lexmark 3300 Series

LimeWire 5.1.3

Messenger Plus! Live

Microsoft .NET Framework 2.0 Service Pack 1

Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - PTB

Microsoft .NET Framework 3.0 Service Pack 1

Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - PTB

Microsoft .NET Framework 3.5

Microsoft .NET Framework 3.5 Language Pack - ptb

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox (3.5)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 Parser and SDK

MSXML 6.0 Parser

Nero 7 Ultra Edition

neroxml

ObjectDock

PDF Settings

Picasa 3

QuickTime

Realtek AC'97 Audio

Safari

Security Update for 2007 Microsoft Office System (KB951550)

Security Update for 2007 Microsoft Office System (KB951944)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB969679)

Security Update for Microsoft Office Excel 2007 (KB969682)

Security Update for Microsoft Office OneNote 2007 (KB950130)

Security Update for Microsoft Office PowerPoint 2007 (KB957789)

Security Update for Microsoft Office Publisher 2007 (KB950114)

Security Update for Microsoft Office system 2007 (KB954326)

Security Update for Microsoft Office system 2007 (KB969613)

Security Update for Microsoft Office Word 2007 (KB969604)

Segoe UI

SiS VGA Utilities

Skype™ 3.8

Software para Impressoras EPSON

Spybot - Search & Destroy

Sun xVM VirtualBox

TagScanner 5.0 build 532

TeamSpeak 2 RC2

TeamSpeak 2 Server RC2

Tradução 4

twhirl

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office Outlook 2007 (KB969907)

Update for Outlook 2007 Junk Email Filter (kb970012)

Visual Basic for Applications ® Core

Visual Basic for Applications ® Core - English

Visual Basic for Applications ® Core - Portuguese (Brazil)

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 7

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Format 11 runtime

Windows Media Player 11

XML Paper Specification Shared Components Language Pack 1.0

XML Paper Specification Shared Components Pack 1.0

XP Codec Pack

Zune Desktop Theme

==== End Of File ===========================

MGuitar · Julho 7, 2009

- Faça o download do ComboFix e salve-o na área de trabalho;

● Desative temporariamente o seu antivirus para não detectar a ferramenta como vírus;

● Duplo clique no ícone combofix.exe para iniciar o scan;

● Leia o contrato que aparecerá e clique em Sim para continuar;

● Abrirá uma janela do Console de Recuperação, clique em Sim para instalar. Se aparecer outra janela do Console, clique em OK > Sim;

● Aguarde enquanto o ComboFix faz o scan;

● Se ocorrer algum problema durante o scan, reinicie seu computador em Modo de Segurança e repita o procedimento;

● Não clique na janela do ComboFix e procure não utilizar o teclado também, para não atrapalhar a varredura da ferramenta;

● Se quiser sair ou parar o ComboFix, tecle N;

● Quando terminar seu micro será reiniciado. Após o reinicio, a ferramenta executará novamente, aguarde;

● Será gerado um log em C:\ComboFix.txt.

Cole este log em sua próxima resposta.

Pablo RD · Julho 11, 2009

Desculpa a demora...

Está aí o log:

ComboFix 09-07-09.08 - Usuario 11/07/2009 17:32.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1407.950 [GMT -3:00]

Executando de: c:\documents and settings\Usuario\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-06-11 to 2009-07-11 ))))))))))))))))))))))))))))

.

2009-07-10 16:01 . 2009-07-10 16:01 -------- d-----w- c:\arquivos de programas\DsNET Corp

2009-07-08 17:23 . 2009-07-08 17:34 -------- d-----w- c:\arquivos de programas\Total Video Converter

2009-07-08 17:13 . 2009-07-08 17:16 -------- d-----w- c:\arquivos de programas\AviSynth 2.5

2009-07-06 15:33 . 2009-07-06 15:59 -------- d-----w- C:\Hijack

2009-07-04 23:30 . 2009-07-04 23:30 -------- d-----w- c:\arquivos de programas\HyCam2

2009-06-28 20:42 . 2009-06-28 20:42 56320 ----a-w- c:\windows\system32\wrr2tokl.exe

2009-06-28 20:42 . 2009-06-28 20:42 56320 ----a-w- C:\mthpbgbp.exe

2009-06-26 17:07 . 2009-06-26 17:08 -------- d-----w- c:\windows\system32\NtmsData

2009-06-24 20:33 . 2007-03-20 16:49 2781184 ----a-w- c:\documents and settings\Usuario\Dados de aplicativos\Adobe\Dreamweaver 9\Configuration\Flash Player\authplay.dll

2009-06-22 14:41 . 2009-06-22 14:41 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1

2009-06-22 14:41 . 2009-06-22 14:41 -------- d-----w- c:\arquivos de programas\twhirl

2009-06-22 14:36 . 2009-06-22 14:36 -------- d-----w- c:\arquivos de programas\Skype

2009-06-22 14:36 . 2009-06-22 14:36 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Skype

2009-06-13 15:34 . 2009-06-14 18:31 664 ----a-w- c:\windows\system32\d3d9caps.dat

2009-06-12 15:38 . 2009-06-28 20:34 65320 ---ha-w- c:\windows\system32\mlfcache.dat

2009-06-12 00:23 . 2009-06-12 00:23 -------- d-----w- c:\arquivos de programas\directx

2009-06-12 00:22 . 2009-06-12 00:22 -------- d-----w- c:\arquivos de programas\Rockstar Games

2009-06-11 22:41 . 1999-09-29 00:42 1034752 ----a-w- c:\windows\system32\MSJet35.dll

2009-06-11 22:41 . 1999-08-25 17:57 177664 ----a-w- c:\windows\system32\MSRepl35.dll

2009-06-11 22:41 . 1998-06-01 17:37 139264 ----a-w- c:\windows\system32\MSJInt35.dll

2009-06-11 22:41 . 1997-06-23 16:06 24848 ----a-w- c:\windows\system32\MSJtEr35.dll

2009-06-11 22:41 . 1997-06-13 10:34 368912 ----a-w- c:\windows\system32\VBAR332.dll

2009-06-11 22:41 . 2001-10-14 15:28 132096 ----a-w- c:\windows\system32\Zipdll.dll

2009-06-11 22:41 . 2001-10-14 15:28 117760 ----a-w- c:\windows\system32\Unzdll.dll

2009-06-11 22:41 . 2009-06-11 22:41 -------- d-----w- c:\arquivos de programas\Koinonia Software

2009-06-11 22:41 . 2009-06-11 22:41 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Opus Shared

2009-06-11 20:46 . 2009-06-27 16:21 -------- d-----w- c:\arquivos de programas\Safari

2009-06-11 20:40 . 2009-06-11 20:40 -------- d-----w- c:\arquivos de programas\iPod

2009-06-11 20:40 . 2009-07-02 22:29 -------- d-----w- c:\arquivos de programas\iTunes

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-11 19:26 . 2009-01-15 17:20 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Skype

2009-07-11 17:16 . 2009-01-14 23:59 2516 --sha-w- c:\documents and settings\All Users\Dados de aplicativos\KGyGaAvL.sys

2009-07-11 17:16 . 2009-01-14 23:59 2516 --sha-w- c:\documents and settings\All Users\Dados de aplicativos\KGyGaAvL.sys

2009-07-11 17:12 . 2009-01-15 13:33 34 ----a-w- c:\documents and settings\Usuario\jagex_runescape_preferences.dat

2009-07-11 16:11 . 2009-02-03 23:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Google Updater

2009-07-10 20:53 . 2009-02-27 13:57 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\LimeWire

2009-07-10 14:18 . 2009-01-15 17:22 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\skypePM

2009-07-09 03:15 . 2009-01-26 23:40 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\uTorrent

2009-07-05 17:27 . 2009-04-20 00:26 -------- d-----w- c:\arquivos de programas\Teamspeak2_RC2

2009-07-04 20:19 . 2009-01-15 17:12 -------- d-----w- c:\arquivos de programas\Lx_cats

2009-06-28 20:49 . 2009-04-11 22:58 -------- d-----w- c:\arquivos de programas\HooTech

2009-06-27 21:21 . 2009-01-27 13:19 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Download Manager

2009-06-27 13:59 . 2009-01-15 21:39 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\FLEXnet

2009-06-27 13:25 . 2009-01-19 17:17 11952 ----a-w- c:\windows\system32\avgrsstx.dll

2009-06-27 13:25 . 2009-01-19 17:17 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2009-06-27 13:25 . 2009-01-19 17:17 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2009-06-26 17:14 . 2009-01-27 16:11 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Ultra Fractal 5

2009-06-26 16:12 . 2009-01-15 22:27 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2009-06-24 21:43 . 2009-01-14 17:54 -------- d-----w- c:\arquivos de programas\7-Zip

2009-06-22 14:36 . 2009-01-15 17:20 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Skype

2009-06-12 00:21 . 2009-01-14 19:35 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2009-06-11 20:58 . 2009-01-26 21:21 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Apple Computer

2009-06-11 20:40 . 2009-01-26 21:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Apple

2009-06-11 20:38 . 2009-01-15 21:17 -------- d-----w- c:\arquivos de programas\QuickTime

2009-06-11 20:32 . 2009-06-11 20:32 75048 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe

2009-06-11 13:27 . 2009-06-11 13:27 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Witty

2009-06-08 19:19 . 2009-01-15 17:48 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\EPSON

2009-06-08 19:19 . 2009-01-20 21:52 -------- d-----w- c:\arquivos de programas\EPSON

2009-06-06 21:30 . 2009-02-27 13:57 -------- d-----w- c:\arquivos de programas\LimeWire

2009-05-16 20:14 . 2009-02-03 23:12 -------- d-----w- c:\arquivos de programas\Google

2009-05-11 19:36 . 2009-01-19 17:17 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2009-05-07 15:33 . 2008-04-14 12:00 347136 ----a-w- c:\windows\system32\localspl.dll

2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr

2009-04-29 04:45 . 2008-04-14 12:00 827392 ----a-w- c:\windows\system32\wininet.dll

2009-04-29 04:45 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll

2009-04-26 00:42 . 2009-01-14 17:54 721904 ----a-w- c:\windows\system32\drivers\sptd.sys

2009-04-25 01:02 . 2009-04-25 01:03 38208 ----a-w- c:\documents and settings\Usuario\Dados de aplicativos\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

2009-04-19 19:50 . 2008-04-14 12:00 1847296 ----a-w- c:\windows\system32\win32k.sys

2009-04-16 21:40 . 2008-04-14 12:00 76196 ----a-w- c:\windows\system32\perfc016.dat

2009-04-16 21:40 . 2008-04-14 12:00 465632 ----a-w- c:\windows\system32\perfh016.dat

2009-04-15 14:53 . 2008-04-14 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"Google Update"="c:\documents and settings\Usuario\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-04-04 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]

"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2009-01-15 136600]

"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-01-10 69632]

"AVG8_TRAY"="c:\arquiv~1\AVG\AVG8\avgtray.exe" [2009-06-27 1948440]

"googletalk"="c:\arquivos de programas\Google\Google Talk\googletalk.exe" [2007-01-01 3735552]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-07-27 68096]

"SiSPower"="SiSPower.dll" - c:\windows\system32\SiSPower.dll [2004-09-02 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Usuario\Menu Iniciar\Programas\Inicializar\

Stardock ObjectDock.lnk - c:\arquivos de programas\Stardock\ObjectDock\ObjectDock.exe [2009-2-9 3450608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-06-27 13:25 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Utility Tray.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Utility Tray.lnk

backup=c:\windows\pss\Utility Tray.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WLSetupSvc"=3 (0x3)

"PSI_SVC_2"=2 (0x2)

"Bonjour Service"=2 (0x2)

"iPod Service"=3 (0x3)

"FLEXnet Licensing Service"=3 (0x3)

"Apple Mobile Device"=2 (0x2)

"WinVNC4"=2 (0x2)

"ose"=3 (0x3)

"odserv"=3 (0x3)

"NMIndexingService"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\system32\\lxcccoms.exe"=

"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxccPSWX.EXE"=

"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgemc.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"=

"c:\\WINDOWS\\system32\\java.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=

"c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=

"c:\\Arquivos de programas\\Arquivos comuns\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=

"c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=

"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=

"c:\\Arquivos de programas\\Microsoft Games\\Age of Empires II - The Conquerors\\age2_x1.exe"=

"c:\\Arquivos de programas\\Microsoft Games\\Age of Empires II - The Conquerors\\age2_x1\\age2_x1.exe"=

"c:\\Arquivos de programas\\Google\\Google Talk\\googletalk.exe"=

"c:\\Arquivos de programas\\Teamspeak2_RC2\\server_windows.exe"=

"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=

"c:\\WINDOWS\\system32\\dplaysvr.exe"=

"c:\\Arquivos de programas\\Rockstar Games\\GTA2\\gta2.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\bin\\java.exe"=

"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"135:TCP"= 135:TCP:TCP Port 135

"5000:TCP"= 5000:TCP:TCP Port 5000

"5001:TCP"= 5001:TCP:TCP Port 5001

"5002:TCP"= 5002:TCP:TCP Port 5002

"5003:TCP"= 5003:TCP:TCP Port 5003

"5004:TCP"= 5004:TCP:TCP Port 5004

"5005:TCP"= 5005:TCP:TCP Port 5005

"5006:TCP"= 5006:TCP:TCP Port 5006

"5007:TCP"= 5007:TCP:TCP Port 5007

"5008:TCP"= 5008:TCP:TCP Port 5008

"5009:TCP"= 5009:TCP:TCP Port 5009

"5010:TCP"= 5010:TCP:TCP Port 5010

"5011:TCP"= 5011:TCP:TCP Port 5011

"5012:TCP"= 5012:TCP:TCP Port 5012

"5013:TCP"= 5013:TCP:TCP Port 5013

"5014:TCP"= 5014:TCP:TCP Port 5014

"5015:TCP"= 5015:TCP:TCP Port 5015

"5016:TCP"= 5016:TCP:TCP Port 5016

"5017:TCP"= 5017:TCP:TCP Port 5017

"5018:TCP"= 5018:TCP:TCP Port 5018

"5019:TCP"= 5019:TCP:TCP Port 5019

"5020:TCP"= 5020:TCP:TCP Port 5020

"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server

"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server

"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server

"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

"1155:TCP"= 1155:TCP:VSCyber

"3050:TCP"= 3050:TCP:Firebird

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [19/1/2009 14:17 327688]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [19/1/2009 14:17 108552]

R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [26/1/2009 20:04 100560]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [26/1/2009 20:04 41744]

R2 avg8emc;AVG Free8 E-mail Scanner;c:\arquiv~1\AVG\AVG8\avgemc.exe [19/1/2009 14:17 906520]

R2 avg8wd;AVG Free8 WatchDog;c:\arquiv~1\AVG\AVG8\avgwdsvc.exe [19/1/2009 14:17 298776]

R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [27/3/2009 17:16 87568]

S2 gupdate1c98655383f4042;Google Update Service (gupdate1c98655383f4042);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [3/2/2009 20:14 133104]

S2 gzdjkemdi;Center Update;c:\windows\system32\svchost.exe -k netsvcs [14/4/2008 09:00 14336]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

gzdjkemdi

.

Conteúdo da pasta 'Tarefas Agendadas'

2009-07-09 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 14:34]

2009-07-11 c:\windows\Tasks\Google Software Updater.job

- c:\arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-03 10:30]

2009-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-02-03 23:14]

2009-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-02-03 23:14]

.

.

------- Scan Suplementar -------

.

uStart Page = about:blank

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Append to existing PDF - e:\arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - e:\arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - e:\arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - e:\arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - e:\arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - e:\arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - e:\arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - e:\arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\2i0zws22.default 2\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/

FF - component: c:\arquivos de programas\AVG\AVG8\Firefox\components\avgssff.dll

FF - plugin: c:\arquivos de programas\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: e:\arquivos de programas\Google\Picasa3\npPicasa3.dll

FF - HiddenExtension: Java Console: No Registry Reference - c:\arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-11 17:35

Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gzdjkemdi]

"ServiceDll"="c:\windows\system32\ukevdy.dll"

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'explorer.exe'(3416)

c:\arquivos de programas\Stardock\ObjectDock\DockShellHook.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Tempo para conclusão: 2009-07-11 17:37

ComboFix-quarantined-files.txt 2009-07-11 20:36

Pré-execução: 5.970.042.880 bytes disponíveis

Pós execução: 7.602.442.240 bytes disponíveis

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

300 --- E O F --- 2009-06-16 01:21

MGuitar · Julho 12, 2009

Selecione e copie o texto abaixo. Cole no Bloco de Notas do PC e salve-o no desktop como CFScript.txt

Driver::
gzdjkemdi

File::

c:\windows\system32\ukevdy.dll

c:\windows\system32\wrr2tokl.exe

C:\mthpbgbp.exe

c:\documents and settings\All Users\Dados de aplicativos\KGyGaAvL.sys

Registry::

[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gzdjkemdi]

NetSvc::

gzdjkemdi

Arraste o CFScript para o ComboFix como na imagem aqui abaixo e aguarde a execução automática da ferramenta:

● Se for solicitado à você, pressione Enter para iniciar o processo de remoção;

● Não use o mouse nem o teclado quando o ComboFix estiver rodando;

● Quando terminar, será gerado um novo log que estará em C:\ComboFix.txt;

● Talvez seu computador seja reiniciado automaticamente. Caso não ocorra, reinicie-o manualmente.

Na sua próxima resposta, cole o ComboFix.txt e um novo log do HijackThis.

Pablo RD · Julho 18, 2009

Desculpa novamente pela demora... Não vou demorar denovo...

ComboFix 09-07-14.08 - Usuario 17/07/2009 20:45.2.2 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1407.602 [GMT -3:00]

Executando de: c:\documents and settings\Usuario\Desktop\ComboFix.exe

Comandos utilizados :: c:\documents and settings\Usuario\Desktop\CFScript.txt

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::

"c:\documents and settings\All Users\Dados de aplicativos\KGyGaAvL.sys"

"C:\mthpbgbp.exe"

"c:\windows\system32\ukevdy.dll"

"c:\windows\system32\wrr2tokl.exe"

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\All Users\Dados de aplicativos\KGyGaAvL.sys

C:\mthpbgbp.exe

c:\windows\system32\wrr2tokl.exe

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_GZDJKEMDI

-------\Service_gzdjkemdi

(((((((((((((((( Arquivos/Ficheiros criados de 2009-06-17 to 2009-07-17 ))))))))))))))))))))))))))))

.

2009-07-17 21:16 . 2009-07-17 21:16 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\ALM

2009-07-17 21:01 . 2008-04-07 08:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll

2009-07-17 21:01 . 2008-04-07 08:38 45392 ----a-r- c:\windows\system32\AdobePDF.dll

2009-07-17 20:45 . 2009-07-17 20:45 -------- d-----w- c:\arquivos de programas\Adobe Media Player

2009-07-17 20:32 . 2009-07-17 20:32 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Macrovision Shared

2009-07-16 19:47 . 2009-07-16 19:47 -------- d-----w- c:\arquivos de programas\iPod

2009-07-16 19:39 . 2009-07-16 19:39 75040 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe

2009-07-10 16:01 . 2009-07-10 16:01 -------- d-----w- c:\arquivos de programas\DsNET Corp

2009-07-08 17:23 . 2009-07-08 17:34 -------- d-----w- c:\arquivos de programas\Total Video Converter

2009-07-08 17:13 . 2009-07-08 17:16 -------- d-----w- c:\arquivos de programas\AviSynth 2.5

2009-07-06 15:33 . 2009-07-06 15:59 -------- d-----w- C:\Hijack

2009-07-04 23:30 . 2009-07-04 23:30 -------- d-----w- c:\arquivos de programas\HyCam2

2009-06-26 17:07 . 2009-06-26 17:08 -------- d-----w- c:\windows\system32\NtmsData

2009-06-22 14:41 . 2009-06-22 14:41 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\de.makesoft.twhirl.0EA062BC275E7ED1E6EC3762EFFD73C7158ADF33.1

2009-06-22 14:41 . 2009-06-22 14:41 -------- d-----w- c:\arquivos de programas\twhirl

2009-06-22 14:36 . 2009-06-22 14:36 -------- d-----w- c:\arquivos de programas\Skype

2009-06-22 14:36 . 2009-06-22 14:36 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Skype

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-17 23:43 . 2009-01-15 17:20 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Skype

2009-07-17 23:14 . 2009-01-15 17:22 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\skypePM

2009-07-17 21:49 . 2009-01-14 20:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe

2009-07-17 16:20 . 2009-01-15 13:33 34 ----a-w- c:\documents and settings\Usuario\jagex_runescape_preferences.dat

2009-07-16 23:05 . 2009-02-03 23:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Google Updater

2009-07-16 19:55 . 2009-06-11 20:46 -------- d-----w- c:\arquivos de programas\Safari

2009-07-16 19:48 . 2009-06-11 20:40 -------- d-----w- c:\arquivos de programas\iTunes

2009-07-16 19:47 . 2009-01-26 21:18 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Apple

2009-07-16 15:00 . 2009-01-22 13:49 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live

2009-07-15 20:28 . 2009-01-15 22:27 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2009-07-14 00:21 . 2009-01-15 17:12 -------- d-----w- c:\arquivos de programas\Lx_cats

2009-07-12 19:04 . 2009-01-26 23:40 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\uTorrent

2009-07-10 20:53 . 2009-02-27 13:57 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\LimeWire

2009-07-05 17:27 . 2009-04-20 00:26 -------- d-----w- c:\arquivos de programas\Teamspeak2_RC2

2009-06-28 20:49 . 2009-04-11 22:58 -------- d-----w- c:\arquivos de programas\HooTech

2009-06-28 20:34 . 2009-06-12 15:38 65320 ---ha-w- c:\windows\system32\mlfcache.dat

2009-06-27 21:21 . 2009-01-27 13:19 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Download Manager

2009-06-27 13:59 . 2009-01-15 21:39 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\FLEXnet

2009-06-27 13:25 . 2009-01-19 17:17 11952 ----a-w- c:\windows\system32\avgrsstx.dll

2009-06-27 13:25 . 2009-01-19 17:17 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2009-06-27 13:25 . 2009-01-19 17:17 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2009-06-26 17:14 . 2009-01-27 16:11 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Ultra Fractal 5

2009-06-24 21:43 . 2009-01-14 17:54 -------- d-----w- c:\arquivos de programas\7-Zip

2009-06-22 14:36 . 2009-01-15 17:20 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Skype

2009-06-16 14:39 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll

2009-06-16 14:39 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll

2009-06-14 18:31 . 2009-06-13 15:34 664 ----a-w- c:\windows\system32\d3d9caps.dat

2009-06-12 00:23 . 2009-06-12 00:23 -------- d-----w- c:\arquivos de programas\directx

2009-06-12 00:22 . 2009-06-12 00:22 -------- d-----w- c:\arquivos de programas\Rockstar Games

2009-06-12 00:21 . 2009-01-14 19:35 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2009-06-11 22:41 . 2009-06-11 22:41 -------- d-----w- c:\arquivos de programas\Koinonia Software

2009-06-11 22:41 . 2009-06-11 22:41 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Opus Shared

2009-06-11 20:58 . 2009-01-26 21:21 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Apple Computer

2009-06-11 20:38 . 2009-01-15 21:17 -------- d-----w- c:\arquivos de programas\QuickTime

2009-06-11 13:27 . 2009-06-11 13:27 -------- d-----w- c:\documents and settings\Usuario\Dados de aplicativos\Witty

2009-06-08 19:19 . 2009-01-15 17:48 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\EPSON

2009-06-08 19:19 . 2009-01-20 21:52 -------- d-----w- c:\arquivos de programas\EPSON

2009-06-06 21:30 . 2009-02-27 13:57 -------- d-----w- c:\arquivos de programas\LimeWire

2009-06-03 19:10 . 2008-04-14 12:00 1295872 ----a-w- c:\windows\system32\quartz.dll

2009-05-11 19:36 . 2009-01-19 17:17 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2009-05-07 15:33 . 2008-04-14 12:00 347136 ----a-w- c:\windows\system32\localspl.dll

2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr

2009-04-29 04:45 . 2008-04-14 12:00 827392 ----a-w- c:\windows\system32\wininet.dll

2009-04-29 04:45 . 2008-04-14 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll

2009-04-26 00:42 . 2009-01-14 17:54 721904 ----a-w- c:\windows\system32\drivers\sptd.sys

2009-04-25 01:02 . 2009-04-25 01:03 38208 ----a-w- c:\documents and settings\Usuario\Dados de aplicativos\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

2009-04-19 19:50 . 2008-04-14 12:00 1847296 ----a-w- c:\windows\system32\win32k.sys

2009-06-30 16:26 . 2009-04-11 16:17 137208 ----a-w- c:\arquivos de programas\mozilla firefox\components\brwsrcmp.dll

.

((((((((((((((((((((((((((((( SnapShot@2009-07-11_20.35.37 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-07-17 23:52 . 2009-07-17 23:52 16384 c:\windows\Temp\Perflib_Perfdata_6e4.dat

+ 2009-07-17 10:29 . 2009-07-17 10:29 16384 c:\windows\Temp\Perflib_Perfdata_120.dat

+ 2009-07-17 21:02 . 2008-04-28 08:30 29312 c:\windows\system32\spool\drivers\w32x86\3\ADREGP.DLL

+ 2009-07-17 21:02 . 2008-04-07 08:38 22872 c:\windows\system32\spool\drivers\w32x86\3\AdobePDFUI.dll

+ 2009-07-17 21:02 . 2008-04-07 08:38 45392 c:\windows\system32\spool\drivers\w32x86\3\AdobePdf.dll

+ 2009-02-05 23:59 . 2008-07-08 12:58 18296 c:\windows\system32\spmsg.dll

- 2009-02-05 23:59 . 2008-07-09 07:34 18296 c:\windows\system32\spmsg.dll

+ 2009-01-15 00:12 . 2009-07-17 20:52 85020 c:\windows\system32\Macromed\Flash\uninstall_plugin.exe

+ 2008-08-14 10:57 . 2008-08-14 10:57 74720 c:\windows\system32\drivers\adfs.sys

+ 2008-04-14 12:00 . 2009-06-16 14:39 81920 c:\windows\system32\dllcache\fontsub.dll

+ 2009-07-17 20:51 . 2009-07-17 20:51 21504 c:\windows\Installer\219fdc9.msi

+ 2009-07-17 20:45 . 2009-07-17 20:45 23552 c:\windows\Installer\219fd74.msi

+ 2009-07-17 21:02 . 2009-07-17 21:02 25214 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Distiller.exe

+ 2009-07-17 21:02 . 2009-07-17 21:02 36294 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_Standard.exe

+ 2009-07-17 21:02 . 2009-07-17 21:02 38926 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat_3D.exe

+ 2009-07-17 21:02 . 2009-07-17 21:02 38926 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

- 2009-04-23 14:08 . 2009-06-16 01:21 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

- 2009-04-23 14:08 . 2009-06-16 01:21 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe

- 2009-04-23 14:08 . 2009-06-16 01:21 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe

+ 2009-07-17 20:52 . 2009-07-17 20:52 77824 c:\windows\Installer\{3A6829EF-0791-4FDD-9382-C690DD0821B9}\ARPPRODUCTICON.exe

+ 2009-07-17 20:52 . 2009-07-17 20:52 77824 c:\windows\Installer\{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}\ARPPRODUCTICON.exe

+ 2009-05-23 13:18 . 2009-07-17 16:20 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll

- 2009-05-23 13:18 . 2009-07-11 17:11 49152 c:\windows\.jagex_cache_32\runescape\jagmisc.dll

+ 2009-05-23 13:18 . 2009-07-17 16:20 81920 c:\windows\.jagex_cache_32\runescape\jaggl.dll

- 2009-05-23 13:18 . 2009-07-11 17:11 81920 c:\windows\.jagex_cache_32\runescape\jaggl.dll

+ 2009-07-17 21:02 . 2009-07-17 21:02 7278 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_ELEMENTS_DT.exe

+ 2009-07-17 21:02 . 2008-04-13 22:20 543232 c:\windows\system32\spool\drivers\w32x86\3\PSCRIPT5.DLL

+ 2009-07-17 21:02 . 2008-04-13 22:20 728576 c:\windows\system32\spool\drivers\w32x86\3\PS5UI.DLL

+ 2009-07-17 21:02 . 2008-04-07 08:37 193904 c:\windows\system32\spool\drivers\w32x86\3\ADUIGP.DLL

+ 2008-07-31 13:16 . 2008-07-31 13:16 947472 c:\windows\system32\msjava.dll

- 2007-03-12 16:02 . 2007-03-12 16:02 947472 c:\windows\system32\msjava.dll

+ 2008-09-03 22:55 . 2008-09-03 22:55 233176 c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe

+ 2008-04-14 12:00 . 2009-06-16 14:39 119808 c:\windows\system32\dllcache\t2embed.dll

+ 2009-07-17 21:02 . 2009-07-17 21:02 335872 c:\windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\SC_Designer_PFM.70DBED24_B579_40CB_AB0B_F1221A3E9EC5.exe

+ 2009-07-16 19:48 . 2009-07-16 19:48 102400 c:\windows\Installer\{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}\iTunesIco.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

- 2009-04-23 14:08 . 2009-06-16 01:21 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

- 2009-04-23 14:08 . 2009-06-16 01:21 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe

- 2009-04-23 14:08 . 2009-06-16 01:21 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe

- 2009-04-23 14:08 . 2009-06-16 01:21 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

- 2009-04-23 14:08 . 2009-06-16 01:21 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe

- 2009-04-23 14:08 . 2009-06-16 01:21 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe

- 2009-04-23 14:08 . 2009-06-16 01:21 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe

+ 2009-07-16 19:55 . 2009-07-16 19:55 307200 c:\windows\Installer\{2D6ED011-055B-4041-B198-BB903827EBFB}\SafariIco.exe

+ 2008-09-03 22:55 . 2008-09-03 22:55 4478680 c:\windows\system32\Macromed\Flash\NPSWF32.dll

+ 2009-02-02 17:28 . 2009-07-17 23:52 2365040 c:\windows\system32\FNTCACHE.DAT

+ 2008-04-14 12:00 . 2009-06-03 19:10 1295872 c:\windows\system32\dllcache\quartz.dll

+ 2009-05-26 21:54 . 2009-05-26 21:54 4192768 c:\windows\Installer\2e5d20d.msp

+ 2009-07-02 19:23 . 2009-07-02 19:23 5027328 c:\windows\Installer\2e5d1f7.msp

+ 2009-07-17 21:28 . 2009-07-17 21:28 3568640 c:\windows\Installer\219fe7c.msi

+ 2009-07-17 21:24 . 2009-07-17 21:24 3310080 c:\windows\Installer\219fe74.msi

+ 2009-07-17 21:21 . 2009-07-17 21:21 3578880 c:\windows\Installer\219fe6d.msi

+ 2009-07-17 21:17 . 2009-07-17 21:17 3492864 c:\windows\Installer\219fe67.msi

+ 2009-07-17 21:14 . 2009-07-17 21:14 3581952 c:\windows\Installer\219fe60.msi

+ 2009-07-17 21:10 . 2009-07-17 21:10 4063232 c:\windows\Installer\219fe59.msi

+ 2009-07-17 21:08 . 2009-07-17 21:08 3094016 c:\windows\Installer\219fe52.msi

+ 2009-07-17 21:07 . 2009-07-17 21:07 3123200 c:\windows\Installer\219fe4b.msi

+ 2009-07-17 21:06 . 2009-07-17 21:06 3103744 c:\windows\Installer\219fe44.msi

+ 2009-07-17 21:06 . 2009-07-17 21:06 3095552 c:\windows\Installer\219fe3d.msi

+ 2009-07-17 21:05 . 2009-07-17 21:05 3102720 c:\windows\Installer\219fe35.msi

+ 2009-07-17 21:05 . 2009-07-17 21:05 3109888 c:\windows\Installer\219fe2d.msi

+ 2009-07-17 21:03 . 2009-07-17 21:03 3192832 c:\windows\Installer\219fe26.msi

+ 2009-07-17 21:02 . 2009-07-17 21:02 6383616 c:\windows\Installer\219fe1d.msi

+ 2009-07-17 20:53 . 2009-07-17 20:53 3084800 c:\windows\Installer\219fdfa.msi

+ 2009-07-17 20:53 . 2009-07-17 20:53 3076608 c:\windows\Installer\219fdf4.msi

+ 2009-07-17 20:52 . 2009-07-17 20:52 3082752 c:\windows\Installer\219fded.msi

+ 2009-07-17 20:52 . 2009-07-17 20:52 3097600 c:\windows\Installer\219fde7.msi

+ 2009-07-17 20:52 . 2009-07-17 20:52 1021952 c:\windows\Installer\219fde1.msi

+ 2009-07-17 20:52 . 2009-07-17 20:52 1022464 c:\windows\Installer\219fddb.msi

+ 2009-07-17 20:51 . 2009-07-17 20:51 3078656 c:\windows\Installer\219fdd5.msi

+ 2009-07-17 20:51 . 2009-07-17 20:51 3079168 c:\windows\Installer\219fdcf.msi

+ 2009-07-17 20:51 . 2009-07-17 20:51 4038656 c:\windows\Installer\219fdbb.msi

+ 2009-07-17 20:50 . 2009-07-17 20:50 3080704 c:\windows\Installer\219fdb4.msi

+ 2009-07-17 20:50 . 2009-07-17 20:50 3085312 c:\windows\Installer\219fdae.msi

+ 2009-07-17 20:50 . 2009-07-17 20:50 3082752 c:\windows\Installer\219fda8.msi

+ 2009-07-17 20:49 . 2009-07-17 20:49 3085824 c:\windows\Installer\219fda2.msi

+ 2009-07-17 20:49 . 2009-07-17 20:49 3180032 c:\windows\Installer\219fd9c.msi

+ 2009-07-17 20:48 . 2009-07-17 20:48 3102208 c:\windows\Installer\219fd96.msi

+ 2009-07-17 20:48 . 2009-07-17 20:48 4921344 c:\windows\Installer\219fd8f.msi

+ 2009-07-17 20:47 . 2009-07-17 20:47 3122688 c:\windows\Installer\219fd87.msi

+ 2009-07-17 20:47 . 2009-07-17 20:47 3837440 c:\windows\Installer\219fd81.msi

+ 2009-07-17 20:46 . 2009-07-17 20:46 4914176 c:\windows\Installer\219fd7a.msi

+ 2009-07-17 20:45 . 2009-07-17 20:45 3101184 c:\windows\Installer\219fd66.msi

+ 2009-07-17 20:44 . 2009-07-17 20:44 3095040 c:\windows\Installer\219fd60.msi

+ 2009-07-17 20:44 . 2009-07-17 20:44 3099648 c:\windows\Installer\219fd5a.msi

+ 2009-07-17 20:43 . 2009-07-17 20:43 3279360 c:\windows\Installer\219fd54.msi

+ 2009-07-17 20:43 . 2009-07-17 20:43 3078656 c:\windows\Installer\219fd4d.msi

+ 2009-07-17 20:42 . 2009-07-17 20:42 3291648 c:\windows\Installer\219fd42.msi

+ 2009-07-17 20:41 . 2009-07-17 20:41 3089408 c:\windows\Installer\219fd3c.msi

+ 2009-07-17 20:41 . 2009-07-17 20:41 3191808 c:\windows\Installer\219fd36.msi

+ 2009-07-17 20:40 . 2009-07-17 20:40 3077632 c:\windows\Installer\219fd30.msi

+ 2009-07-17 20:40 . 2009-07-17 20:40 3076096 c:\windows\Installer\219fd2a.msi

+ 2009-07-17 20:39 . 2009-07-17 20:39 3346432 c:\windows\Installer\219fd23.msi

+ 2009-07-17 20:38 . 2009-07-17 20:38 3084288 c:\windows\Installer\219fd1c.msi

+ 2009-07-17 20:38 . 2009-07-17 20:38 3521536 c:\windows\Installer\219fd15.msi

+ 2009-07-17 20:37 . 2009-07-17 20:37 3156480 c:\windows\Installer\219fd0e.msi

+ 2009-07-17 20:36 . 2009-07-17 20:36 3082752 c:\windows\Installer\219fd05.msi

+ 2009-07-17 20:36 . 2009-07-17 20:36 3079168 c:\windows\Installer\219fcff.msi

+ 2009-07-17 20:36 . 2009-07-17 20:36 3079680 c:\windows\Installer\219fcf8.msi

+ 2009-07-17 20:35 . 2009-07-17 20:35 3078656 c:\windows\Installer\219fcf1.msi

+ 2009-07-17 20:35 . 2009-07-17 20:35 3211776 c:\windows\Installer\219fcea.msi

+ 2009-07-17 20:34 . 2009-07-17 20:34 3184128 c:\windows\Installer\219fce4.msi

+ 2009-07-17 20:34 . 2009-07-17 20:34 3092992 c:\windows\Installer\219fcde.msi

+ 2009-07-17 20:33 . 2009-07-17 20:33 3116544 c:\windows\Installer\219fcd8.msi

+ 2009-07-17 20:33 . 2009-07-17 20:33 3152896 c:\windows\Installer\219fcd2.msi

+ 2009-07-17 20:32 . 2009-07-17 20:32 3233792 c:\windows\Installer\219fccc.msi

+ 2009-07-17 20:32 . 2009-07-17 20:32 3076608 c:\windows\Installer\219fcc6.msi

+ 2009-07-17 20:28 . 2009-07-17 20:28 3180544 c:\windows\Installer\219fcc0.msi

+ 2009-07-16 19:55 . 2009-07-16 19:55 2478080 c:\windows\Installer\135df41.msi

+ 2009-07-16 19:48 . 2009-07-16 19:48 4945408 c:\windows\Installer\135df2f.msi

+ 2009-07-16 19:45 . 2009-07-16 19:45 3295232 c:\windows\Installer\135dbe0.msi

- 2009-04-23 14:08 . 2009-06-16 01:21 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe

+ 2009-04-23 14:08 . 2009-07-15 20:28 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

- 2009-04-23 14:08 . 2009-06-16 01:20 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe

+ 2009-01-19 12:34 . 2009-07-07 15:10 24539592 c:\windows\system32\MRT.exe

.

-- Snapshot resetado para data atual --

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"Google Update"="c:\documents and settings\Usuario\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2009-04-04 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]

"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2009-01-15 136600]

"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-01-10 69632]

"AVG8_TRAY"="c:\arquiv~1\AVG\AVG8\avgtray.exe" [2009-06-27 1948440]

"googletalk"="c:\arquivos de programas\Google\Google Talk\googletalk.exe" [2007-01-01 3735552]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"QuickTime Task"="c:\arquivos de programas\QuickTime\QTTask.exe" [2009-05-26 413696]

"iTunesHelper"="c:\arquivos de programas\iTunes\iTunesHelper.exe" [2009-07-13 292128]

"AdobeCS4ServiceManager"="c:\arquivos de programas\Arquivos comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]

"Adobe Acrobat Speed Launcher"="e:\arquivos de programas\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]

"Acrobat Assistant 8.0"="e:\arquivos de programas\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]

"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-07-27 68096]

"SiSPower"="SiSPower.dll" - c:\windows\system32\SiSPower.dll [2004-09-02 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Usuario\Menu Iniciar\Programas\Inicializar\

Stardock ObjectDock.lnk - c:\arquivos de programas\Stardock\ObjectDock\ObjectDock.exe [2009-2-9 3450608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-06-27 13:25 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Utility Tray.lnk]

path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Utility Tray.lnk

backup=c:\windows\pss\Utility Tray.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WLSetupSvc"=3 (0x3)

"PSI_SVC_2"=2 (0x2)

"Bonjour Service"=2 (0x2)

"iPod Service"=3 (0x3)

"FLEXnet Licensing Service"=3 (0x3)

"Apple Mobile Device"=2 (0x2)

"WinVNC4"=2 (0x2)

"ose"=3 (0x3)

"odserv"=3 (0x3)

"NMIndexingService"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\WINDOWS\\system32\\lxcccoms.exe"=

"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxccPSWX.EXE"=

"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgemc.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"=

"c:\\WINDOWS\\system32\\java.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=

"c:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=

"c:\\Arquivos de programas\\Mozilla Firefox\\firefox.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=

"c:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=

"c:\\Arquivos de programas\\Microsoft Games\\Age of Empires II - The Conquerors\\age2_x1.exe"=

"c:\\Arquivos de programas\\Microsoft Games\\Age of Empires II - The Conquerors\\age2_x1\\age2_x1.exe"=

"c:\\Arquivos de programas\\Google\\Google Talk\\googletalk.exe"=

"c:\\Arquivos de programas\\Teamspeak2_RC2\\server_windows.exe"=

"c:\\WINDOWS\\system32\\dplaysvr.exe"=

"c:\\Arquivos de programas\\Rockstar Games\\GTA2\\gta2.exe"=

"c:\\Arquivos de programas\\Java\\jre6\\bin\\java.exe"=

"c:\\Arquivos de programas\\iTunes\\iTunes.exe"=

"c:\\Arquivos de programas\\Arquivos comuns\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"135:TCP"= 135:TCP:TCP Port 135

"5000:TCP"= 5000:TCP:TCP Port 5000

"5001:TCP"= 5001:TCP:TCP Port 5001

"5002:TCP"= 5002:TCP:TCP Port 5002

"5003:TCP"= 5003:TCP:TCP Port 5003

"5004:TCP"= 5004:TCP:TCP Port 5004

"5005:TCP"= 5005:TCP:TCP Port 5005

"5006:TCP"= 5006:TCP:TCP Port 5006

"5007:TCP"= 5007:TCP:TCP Port 5007

"5008:TCP"= 5008:TCP:TCP Port 5008

"5009:TCP"= 5009:TCP:TCP Port 5009

"5010:TCP"= 5010:TCP:TCP Port 5010

"5011:TCP"= 5011:TCP:TCP Port 5011

"5012:TCP"= 5012:TCP:TCP Port 5012

"5013:TCP"= 5013:TCP:TCP Port 5013

"5014:TCP"= 5014:TCP:TCP Port 5014

"5015:TCP"= 5015:TCP:TCP Port 5015

"5016:TCP"= 5016:TCP:TCP Port 5016

"5017:TCP"= 5017:TCP:TCP Port 5017

"5018:TCP"= 5018:TCP:TCP Port 5018

"5019:TCP"= 5019:TCP:TCP Port 5019

"5020:TCP"= 5020:TCP:TCP Port 5020

"1155:TCP"= 1155:TCP:VSCyber

"3050:TCP"= 3050:TCP:Firebird

"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [19/1/2009 14:17 327688]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [19/1/2009 14:17 108552]

R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [26/1/2009 20:04 100560]

R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [26/1/2009 20:04 41744]

R2 avg8emc;AVG Free8 E-mail Scanner;c:\arquiv~1\AVG\AVG8\avgemc.exe [19/1/2009 14:17 906520]

R2 avg8wd;AVG Free8 WatchDog;c:\arquiv~1\AVG\AVG8\avgwdsvc.exe [19/1/2009 14:17 298776]

R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [27/3/2009 17:16 87568]

S2 gupdate1c98655383f4042;Google Update Service (gupdate1c98655383f4042);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [3/2/2009 20:14 133104]

--- =Outros Serviços/Drivers Na Memória ---

*NewlyCreated* - ADFS

.

Conteúdo da pasta 'Tarefas Agendadas'

2009-07-16 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 14:34]

2009-07-17 c:\windows\Tasks\Google Software Updater.job

- c:\arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-03 10:30]

2009-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-02-03 23:14]

2009-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-02-03 23:14]

.

.

------- Scan Suplementar -------

.

uStart Page = about:blank

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Append to existing PDF - c:\arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert link target to existing PDF - c:\arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert to Adobe PDF - c:\arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Usuario\Dados de aplicativos\Mozilla\Firefox\Profiles\2i0zws22.default 2\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/

FF - component: c:\arquivos de programas\AVG\AVG8\Firefox\components\avgssff.dll

FF - plugin: c:\arquivos de programas\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: e:\arquivos de programas\Google\Picasa3\npPicasa3.dll

---- FIREFOX POLICIES ----

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);

c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);

c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-17 20:52

Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(664)

c:\arquivos de programas\Arquivos comuns\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(4012)

c:\arquivos de programas\Stardock\ObjectDock\DockShellHook.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Outros Processos em Execução ------------------------

.

c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\arquivos de programas\Java\jre6\bin\jqs.exe

c:\arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

c:\arquivos de programas\AVG\AVG8\avgrsx.exe

c:\arquiv~1\AVG\AVG8\avgnsx.exe

c:\arquivos de programas\AVG\AVG8\avgcsrvx.exe

c:\windows\system32\wscntfy.exe

c:\arquivos de programas\iPod\bin\iPodService.exe

.

**************************************************************************

.

Tempo para conclusão: 2009-07-17 20:59 - Máquina reiniciou

ComboFix-quarantined-files.txt 2009-07-17 23:59

ComboFix2.txt 2009-07-11 20:37

Pré-execução: 7.095.554.048 bytes disponíveis

Pós execução: 7.318.024.192 bytes disponíveis

444 --- E O F --- 2009-07-15 20:28

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:00:06, on 17/7/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16850)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\Google\Google Talk\googletalk.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

E:\Arquivos de programas\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Hijack\HiJackThis.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Arquivos de programas\Arquivos comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "E:\Arquivos de programas\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Arquivos de programas\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Usuario\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Stardock ObjectDock.lnk = C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: Append to existing PDF - res://C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate1c98655383f4042) (gupdate1c98655383f4042) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe

--

End of file - 9783 bytes

MGuitar · Julho 19, 2009

Os logs estão limpos.

Vá em Iniciar > Executar, digite ComboFix /u e dê um OK para remover a ferramenta. Delete a ferramenta DDS caso esteja salva em seu desktop.

Algum problema ainda?

Pablo RD · Julho 20, 2009

Opa, ok, muito obrigado!

Bom, o pc reinicia de vez em quando, quando estou jogando ou vendo vídeos no youtube, mas acho que ai já é problema de outra área né?

MGuitar · Julho 21, 2009

O problema com certeza está ligado a alguma peça do PC.

Sua placa de vídeo está ok?

Sugiro que poste na área de hardware do fórum.

Mário Monteiro · Agosto 23, 2009

Tópico Arquivado

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Arquivado

[Arquivado] Análise de Log

Recommended Posts

Pablo RD 5

Compartilhar este post

Link para o post

Compartilhar em outros sites

MGuitar 11

Compartilhar este post

Link para o post

Compartilhar em outros sites

Pablo RD 5

Compartilhar este post

Link para o post

Compartilhar em outros sites

MGuitar 11

Compartilhar este post

Link para o post

Compartilhar em outros sites

Pablo RD 5

Compartilhar este post

Link para o post

Compartilhar em outros sites

MGuitar 11

Compartilhar este post

Link para o post

Compartilhar em outros sites

Pablo RD 5

Compartilhar este post

Link para o post

Compartilhar em outros sites

MGuitar 11

Compartilhar este post

Link para o post

Compartilhar em outros sites

Pablo RD 5

Compartilhar este post

Link para o post

Compartilhar em outros sites

MGuitar 11

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

PHP+Codeigniter - Teclas para Salvar (atalho)

Javascript - Passar Parâmetros para uma Função.

Tem como JS executar/chamar um programa externo?

Fóruns

Tempo Real

Informação importante