[Resolvido!] Virus convite como retirar o que ele faz de danos no

[andressa1403 0]

cliquei neste virus e nao sei como retira-lo alguns arquivos da pasta c:\ estao com nomes estranhos e muitos arquivos tem nome de eula

 

segue log

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 01:57:10, on 9/11/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16915)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\WinRAR\WinRAR.exe

C:\DOCUME~1\Adm\CONFIG~1\Temp\Rar$EX00.535\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1249659269835

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail....ol/MSNPUpld.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 4393 bytes

 

 

fico no aguardo

 

grata

[DigRam 144]

Boa Noite! andressa1403

 

<@> Baixe: < > Malwarebytes

 

<@> < Link - 2 >

 

<@> < Link - 3 >

 

<@> Atualize o programa!

<@> Escolha o escaneamento Completo!

<@> Desabilite programas de proteção,ao executar o malwarebytes.

<@> Ps: Para determinadas infecções,a ferramenta pedirá reboot. <-- Confirme!

<@> Procure enviar os ítens detectados para a quarentena,clicando em Remover itens.

<@> Para maiores detalhes: < Link >

<><><><><><><><><><><>

<@> Poste,os relatórios: mbam-log-2009-xx-xx (00-00-00).txt + HijackThis,atualizado.

 

Abraços!

[andressa1403 0]

Obrigada

Mas o anti malware nao detectou nada

 

segue logs

 

Malwarebytes' Anti-Malware 1.41

Versão do banco de dados: 3140

Windows 5.1.2600 Service Pack 2

 

10/11/2009 17:32:32

mbam-log-2009-11-10 (17-32-32).txt

 

Tipo de Verificação: Completa (C:\|)

Objetos verificados: 131931

Tempo decorrido: 50 minute(s), 48 second(s)

 

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 0

Valores do Registro infectados: 0

Ítens do Registro infectados: 0

Pastas infectadas: 0

Arquivos infectados: 0

 

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

 

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

 

Chaves do Registro infectadas:

(Nenhum ítem malicioso foi detectado)

 

Valores do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Ítens do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Pastas infectadas:

(Nenhum ítem malicioso foi detectado)

 

Arquivos infectados:

(Nenhum ítem malicioso foi detectado)

 

 

 

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\Arquivos de programas\WinRAR\WinRAR.exe

C:\DOCUME~1\Adm\CONFIG~1\Temp\Rar$EX00.914\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249659269835

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 4368 bytes

 

 

 

grata desde ja..

[DigRam 144]

Bom Dia! andressa1403

 

<@> Faça um scan online em: < > <-- Link!

<@> Utilize para isso,o navegador Internet Explorer.

<@> Acesse o site,e clique em Verificação On-line Kaspersky.

<@> Na próxima página,clique em: I Accept

<@> Isto,para que se instale o controle ActiveX e,em seguida,atualize o banco de dados.

<@> Na próxima página,clique em: My Computer e faça o scan.

<@> Tenha paciência!

<@> Aguarde a atualização da base de dados,e também do exame,que é demorado.

<@> Terminando,salve e poste o relatório.

<@> Clique em Save Report As... para salvar o log. ( Kaspersky_Online_Scanner_7_Report.txt )

<@> Salve o resultado como .txt,segundo a imagem abaixo:

 

 

<@> Poste,também,HijackThis atualizado.

 

Abraços!

[andressa1403 0]

O procedimento anterior foi feito mas nao detectou nada tamb nao consegui salvar relatorio pois nao achou nenhum virus ou malware

 

aguardo sua resposta grata

 

segue log hijackthis atualizado

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:43:27, on 12/11/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16915)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\WinRAR\WinRAR.exe

C:\Arquivos de programas\WinRAR\WinRAR.exe

C:\DOCUME~1\Adm\CONFIG~1\Temp\Rar$EX00.112\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249659269835

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 5218 bytes

[DigRam 144]

Bom Dia! andressa1403

 

<!> Seus logs estão limpos! :thumbsup:

<!> Utilize o TuneUp,para otimizar o computador.

<><><><><><><><><><><>

<@> Baixe: < TuneUp Utilities 2009 >

<@> Para baixar,digite o seu E-Mail e clique em Start download.

<@> Salve o executável,TU2009TrialEN.exe,em Arquivos de Programas.

<@> O programa é Trial! Mas...haverá tempo,para a otimização do computador.

<@> Procure desfragmentar o Disco e Registro.

<@> Ps: Este utilitário realiza muitas funções,que são úteis ao computador. Procure utilizá-las!

 

Abraços!

[andressa1403 0]

Obrigada ... se meus logs estao limpos quer dizer q nao tenho virus ?

 

é que alguns arquivos do C:\ estao com nomes estranho ????

 

Muito obrigada . :rolleyes:

[DigRam 144]

Obrigada ... se meus logs estao limpos quer dizer q nao tenho virus ?

 

é que alguns arquivos do C:\ estao com nomes estranho ????

 

Muito obrigada . :rolleyes:

<><><><><><><><><><>

Boa Noite! andressa1403

 

<!> Não há vírus em sua máquina.

<!> Ps: Que arquivos estranhos são esses?

<><><><><><><><><><>

<@> Baixe: < HJTScanList >

<@> Salve-o no desktop!

<@> Extraia,seu conteúdo para a área de trabalho. ( hjtscanlist.bat )

<@> Execute: hjtscanlist.bat

<@> Aperte o "X" --> Enter. <-- Windows-XP

<@> Aperte o "1" --> Enter.

<@> Aguarde a finalização,e poste o relatório. ( hjtscanlist.txt ) <--

 

Abraços!

[andressa1403 0]

Boa noite, Digram

segue relatorio....

 

 

                         $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$                         º                                    º                                     hjtscanlist v2.0                                      º                                    º                         $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Microsoft Windows XP [versão 5.1.2600]  C:  13/11/2009 18:32      C:\Config.Msi --------- 0   13/11/2009 18:27      C:\Arquivos de programas --------- 0   13/11/2009 18:26      C:\WINDOWS --------- 0         C:\hiberfil.sys ---------          C:\pagefile.sys ---------    09/11/2009 17:05      C:\LinhaDefensiva --------- 0   09/11/2009 16:44      C:\ComboFix --------- 0   09/11/2009 16:44      C:\Qoobox --------- 0   09/11/2009 01:14      C:\KillBox --------- 0   09/11/2009 00:21      C:\ComboFix.txt --------- 6868   09/11/2009 00:04      C:\boot.ini --------- 281   09/11/2009 00:04      C:\cmdcons --------- 0   30/10/2009 23:13      C:\sqmdata11.sqm --------- 268   30/10/2009 23:13      C:\sqmnoopt10.sqm --------- 244   30/10/2009 19:23      C:\sqmdata10.sqm --------- 268   30/10/2009 19:23      C:\sqmnoopt09.sqm --------- 244   30/10/2009 18:01      C:\sqmdata09.sqm --------- 136   30/10/2009 18:01      C:\sqmdata08.sqm --------- 148   30/10/2009 18:01      C:\sqmnoopt08.sqm --------- 136   30/10/2009 18:01      C:\sqmdata07.sqm --------- 148   30/10/2009 18:01      C:\sqmnoopt07.sqm --------- 172   30/10/2009 18:01      C:\sqmdata06.sqm --------- 268   30/10/2009 18:01      C:\sqmnoopt06.sqm --------- 244   01/10/2009 23:41      C:\sqmdata05.sqm --------- 268   01/10/2009 23:41      C:\sqmnoopt05.sqm --------- 244   06/09/2009 12:26      C:\d0b9675ae1559cf26c --------- 0   05/09/2009 17:19      C:\ee638ef2d62dfba1f60b6f7fa53ec3 --------- 0   05/09/2009 17:18      C:\45ebe5bf97cadb9d0db4108f0f38 --------- 0   04/09/2009 18:19      C:\873c116de603540bc33843de52e6b147 --------- 0   04/09/2009 17:54      C:\8b556892f0d3ec23014f9be4 --------- 0   04/09/2009 17:53      C:\f1a7c98496f6d05c784a --------- 0   02/09/2009 23:32      C:\sqmdata04.sqm --------- 268   02/09/2009 23:32      C:\sqmdata03.sqm --------- 268   02/09/2009 23:32      C:\sqmnoopt04.sqm --------- 244   02/09/2009 23:32      C:\sqmnoopt03.sqm --------- 244   02/09/2009 18:32      C:\sqmdata02.sqm --------- 148   02/09/2009 18:32      C:\sqmdata01.sqm --------- 268   02/09/2009 18:32      C:\sqmnoopt02.sqm --------- 244   02/09/2009 18:32      C:\sqmnoopt01.sqm --------- 244   22/08/2009 22:37      C:\Free Audio Pack --------- 0   07/08/2009 13:29      C:\sqmdata00.sqm --------- 268   07/08/2009 13:29      C:\sqmnoopt00.sqm --------- 244   07/08/2009 12:50      C:\MSOCache --------- 0   07/08/2009 12:27      C:\RECYCLER --------- 0   07/08/2009 10:51      C:\Documents and Settings --------- 0   07/08/2009 10:49      C:\System Volume Information --------- 0   07/08/2009 10:42      C:\IO.SYS --------- 0   07/08/2009 10:42      C:\MSDOS.SYS --------- 0   07/08/2009 10:42      C:\AUTOEXEC.BAT --------- 0   07/08/2009 10:42      C:\CONFIG.SYS --------- 0   07/08/2009 10:33      C:\Boot.bak --------- 211   03/08/2004 23:59      C:\ntldr --------- 251168   03/08/2004 23:38      C:\NTDETECT.COM --------- 47564   03/08/2004 23:00      C:\cmldr --------- 261856   28/10/2001 13:06      C:\Bootfont.bin --------- 4952 ---------------------------------------- C:\WINDOWS  13/11/2009 21:38     C:\WINDOWS\WindowsUpdate.log --------- 1391811   13/11/2009 16:55     C:\WINDOWS\0.log --------- 0   13/11/2009 16:54     C:\WINDOWS\bootstat.dat --------- 2048   13/11/2009 16:53     C:\WINDOWS\SchedLgU.Txt --------- 32626   13/11/2009 16:16     C:\WINDOWS\iis6.log --------- 605685   13/11/2009 16:16     C:\WINDOWS\comsetup.log --------- 181918   13/11/2009 16:16     C:\WINDOWS\ntdtcsetup.log --------- 109176   13/11/2009 16:16     C:\WINDOWS\tsoc.log --------- 241186   13/11/2009 16:16     C:\WINDOWS\imsins.log --------- 1393   13/11/2009 16:16     C:\WINDOWS\tabletoc.log --------- 26132   13/11/2009 16:16     C:\WINDOWS\ocmsn.log --------- 32264   13/11/2009 16:16     C:\WINDOWS\KB961503.log --------- 12800   13/11/2009 16:16     C:\WINDOWS\MedCtrOC.log --------- 36269   13/11/2009 16:16     C:\WINDOWS\netfxocm.log --------- 90508   13/11/2009 16:16     C:\WINDOWS\ocgen.log --------- 259672   13/11/2009 16:16     C:\WINDOWS\msgsocm.log --------- 26159   13/11/2009 16:16     C:\WINDOWS\FaxSetup.log --------- 511016   13/11/2009 16:15     C:\WINDOWS\msmqinst.log --------- 169484   13/11/2009 16:14     C:\WINDOWS\updspapi.log --------- 68896   12/11/2009 03:01     C:\WINDOWS\imsins.BAK --------- 1393   12/11/2009 03:01     C:\WINDOWS\KB969947.log --------- 15923   11/11/2009 17:09     C:\WINDOWS\wiaservc.log --------- 50   11/11/2009 17:09     C:\WINDOWS\wiadebug.log --------- 368   11/11/2009 17:07     C:\WINDOWS\DirectX.log --------- 95712   11/11/2009 17:06     C:\WINDOWS\KB954708.log --------- 613   10/11/2009 17:42     C:\WINDOWS\mbr.log --------- 195   09/11/2009 16:44     C:\WINDOWS\SWXCACLS.exe --------- 0   09/11/2009 00:17     C:\WINDOWS\system.ini --------- 227   09/11/2009 00:10     C:\WINDOWS\setupapi.log --------- 324060   08/11/2009 21:47     C:\WINDOWS\NeroDigital.ini --------- 116   06/11/2009 10:53     C:\WINDOWS\PEV.exe --------- 267264   05/11/2009 07:12     C:\WINDOWS\DtcInstall.log --------- 12526   05/11/2009 07:12     C:\WINDOWS\EventSystem.log --------- 7884   05/11/2009 06:44     C:\WINDOWS\KB976749-IE7.log --------- 14802   02/11/2009 19:18     C:\WINDOWS\wmsetup.log --------- 21715   25/10/2009 06:11     C:\WINDOWS\MBR.exe --------- 77312   15/10/2009 11:00     C:\WINDOWS\KB958869.log --------- 15324   15/10/2009 10:59     C:\WINDOWS\KB954155.log --------- 17543   15/10/2009 10:51     C:\WINDOWS\KB969059.log --------- 23649   15/10/2009 10:50     C:\WINDOWS\KB974112.log --------- 22777   15/10/2009 10:49     C:\WINDOWS\KB975025.log --------- 22755   15/10/2009 10:47     C:\WINDOWS\KB974455-IE7.log --------- 101097   15/10/2009 10:40     C:\WINDOWS\KB974571.log --------- 13337   15/10/2009 10:39     C:\WINDOWS\KB971486.log --------- 10295   15/10/2009 10:37     C:\WINDOWS\KB973525.log --------- 7057   15/10/2009 10:37     C:\WINDOWS\KB975467.log --------- 13789   26/09/2009 08:18     C:\WINDOWS\KB968389.log --------- 19953   21/09/2009 19:02     C:\WINDOWS\svcpack.log --------- 50285   08/09/2009 20:04     C:\WINDOWS\KB956844.log --------- 7974   08/09/2009 20:01     C:\WINDOWS\KB968816.log --------- 7660   08/09/2009 20:01     C:\WINDOWS\KB971961.log --------- 6430   05/09/2009 20:09     C:\WINDOWS\KB961118.log --------- 7209   05/09/2009 20:05     C:\WINDOWS\msxml6-KB954459-enu-x86.LOG --------- 516700   05/09/2009 20:05     C:\WINDOWS\KB925720.log --------- 10827   04/09/2009 18:54     C:\WINDOWS\ie8_main.log --------- 1784   04/09/2009 18:37     C:\WINDOWS\spupdsvc.log --------- 10041   04/09/2009 17:51     C:\WINDOWS\KB952069.log --------- 25317   04/09/2009 17:51     C:\WINDOWS\KB973540.log --------- 19280   04/09/2009 17:49     C:\WINDOWS\KB972260-IE7.log --------- 92734   04/09/2009 17:45     C:\WINDOWS\KB967715.log --------- 15713   04/09/2009 17:40     C:\WINDOWS\KB939683.log --------- 7767   04/09/2009 17:37     C:\WINDOWS\KB923561.log --------- 10424   03/09/2009 01:13     C:\WINDOWS\KB951376-v2.log --------- 32911   03/09/2009 01:12     C:\WINDOWS\KB952954.log --------- 38355   03/09/2009 01:12     C:\WINDOWS\KB959426.log --------- 39555   03/09/2009 01:12     C:\WINDOWS\KB946648.log --------- 32344   03/09/2009 01:12     C:\WINDOWS\KB956803.log --------- 32822   03/09/2009 01:11     C:\WINDOWS\KB960859.log --------- 38498   03/09/2009 01:11     C:\WINDOWS\KB961371-v2.log --------- 38873   03/09/2009 01:11     C:\WINDOWS\KB950974.log --------- 38436   03/09/2009 01:10     C:\WINDOWS\KB938127-v2-IE7.log --------- 31331   03/09/2009 01:10     C:\WINDOWS\KB971657.log --------- 37986   03/09/2009 01:10     C:\WINDOWS\KB971557.log --------- 37467   03/09/2009 01:10     C:\WINDOWS\KB960225.log --------- 37417   03/09/2009 01:09     C:\WINDOWS\KB973346.log --------- 30634   03/09/2009 01:09     C:\WINDOWS\KB956572.log --------- 37122   03/09/2009 01:09     C:\WINDOWS\KB961501.log --------- 32539   03/09/2009 01:08     C:\WINDOWS\KB938464-v2.log --------- 28907   03/09/2009 01:08     C:\WINDOWS\KB971633.log --------- 31854   03/09/2009 01:08     C:\WINDOWS\KB973869.log --------- 27069   03/09/2009 01:08     C:\WINDOWS\KB952004.log --------- 33912   03/09/2009 01:07     C:\WINDOWS\KB973507.log --------- 30520   03/09/2009 01:07     C:\WINDOWS\KB941569.log --------- 24869   03/09/2009 01:07     C:\WINDOWS\KB950762.log --------- 25271   03/09/2009 01:07     C:\WINDOWS\KB957097.log --------- 25333   03/09/2009 01:06     C:\WINDOWS\KB958687.log --------- 25250   03/09/2009 01:06     C:\WINDOWS\KB952287.log --------- 24962   03/09/2009 01:06     C:\WINDOWS\KB973354.log --------- 24939   03/09/2009 01:06     C:\WINDOWS\KB929399.log --------- 23292   03/09/2009 01:05     C:\WINDOWS\KB951066.log --------- 24938   03/09/2009 01:05     C:\WINDOWS\KB951748.log --------- 32508   03/09/2009 01:05     C:\WINDOWS\KB970238.log --------- 25251   03/09/2009 01:04     C:\WINDOWS\KB958470.log --------- 26719   03/09/2009 01:04     C:\WINDOWS\KB960803.log --------- 24599   03/09/2009 01:04     C:\WINDOWS\KB973815.log --------- 23981   03/09/2009 01:04     C:\WINDOWS\KB968537.log --------- 24159   03/09/2009 01:03     C:\WINDOWS\KB971032.log --------- 24220   03/09/2009 01:03     C:\WINDOWS\KB954600.log --------- 10681   03/09/2009 01:03     C:\WINDOWS\KB958644.log --------- 11046   03/09/2009 01:02     C:\WINDOWS\KB955069.log --------- 10497   03/09/2009 01:02     C:\WINDOWS\KB956802.log --------- 14653   03/09/2009 01:02     C:\WINDOWS\KB954154.log --------- 4173   03/09/2009 01:02     C:\WINDOWS\KB944338-v2.log --------- 12913   03/09/2009 01:02     C:\WINDOWS\KB970653-v3.log --------- 3706   22/08/2009 22:50     C:\WINDOWS\setupact.log --------- 179394   07/08/2009 14:18     C:\WINDOWS\ntbtlog.txt --------- 87736   07/08/2009 14:02     C:\WINDOWS\KB898461.log --------- 7151   07/08/2009 14:01     C:\WINDOWS\KB892130.log --------- 4625   07/08/2009 14:01     C:\WINDOWS\KB893803v2.log --------- 5978   07/08/2009 12:58     C:\WINDOWS\ODBC.INI --------- 421   07/08/2009 12:57     C:\WINDOWS\win.ini --------- 603   07/08/2009 12:41     C:\WINDOWS\DPINST.LOG --------- 6456   07/08/2009 11:47     C:\WINDOWS\vminst.log --------- 2101   07/08/2009 11:39     C:\WINDOWS\KB926239.log --------- 5731   07/08/2009 11:38     C:\WINDOWS\MSCompPackV1.log --------- 3449   07/08/2009 11:38     C:\WINDOWS\wmp11.log --------- 15094   07/08/2009 11:38     C:\WINDOWS\wmsetup10.log --------- 2538   07/08/2009 11:37     C:\WINDOWS\WMFDist11.log --------- 25881   07/08/2009 11:36     C:\WINDOWS\Wudf01000Inst.log --------- 6895   07/08/2009 11:17     C:\WINDOWS\ie7_main.log --------- 14604   07/08/2009 11:16     C:\WINDOWS\ie7.log --------- 61865   07/08/2009 11:14     C:\WINDOWS\IDNMitigationAPIs.log --------- 4231   07/08/2009 11:13     C:\WINDOWS\NLSDownlevelMapping.log --------- 3949   07/08/2009 11:13     C:\WINDOWS\KB915865.log --------- 5962   07/08/2009 10:51     C:\WINDOWS\OEWABLog.txt --------- 841   07/08/2009 10:51     C:\WINDOWS\setuplog.txt --------- 757809   07/08/2009 10:49     C:\WINDOWS\REGLOCS.OLD --------- 8192   07/08/2009 10:42     C:\WINDOWS\control.ini --------- 0   07/08/2009 10:42     C:\WINDOWS\WMSysPr9.prx --------- 316640   07/08/2009 10:42     C:\WINDOWS\ODBCINST.INI --------- 4205   07/08/2009 10:39     C:\WINDOWS\WindowsShell.Manifest --------- 749   07/08/2009 10:37     C:\WINDOWS\sessmgr.setup.log --------- 1022   07/08/2009 10:36     C:\WINDOWS\vbaddin.ini --------- 37   07/08/2009 10:36     C:\WINDOWS\vb.ini --------- 36   07/08/2009 10:34     C:\WINDOWS\cmsetacl.log --------- 200   07/08/2009 07:29     C:\WINDOWS\Sti_Trace.log --------- 0   07/08/2009 07:25     C:\WINDOWS\regopt.log --------- 1282   07/08/2009 07:22     C:\WINDOWS\setuperr.log --------- 0   10/07/2009 12:25     C:\WINDOWS\WLXPGSS.SCR --------- 307056   20/04/2009 12:56     C:\WINDOWS\NIRCMD.exe --------- 31232   30/07/2008 17:09     C:\WINDOWS\avisplitter.ini --------- 38   04/08/2004 02:40     C:\WINDOWS\SET3.tmp --------- 1014492   04/08/2004 02:34     C:\WINDOWS\SET8.tmp --------- 14043   04/08/2004 02:31     C:\WINDOWS\SET4.tmp --------- 1086058   04/08/2004 01:45     C:\WINDOWS\winhlp32.exe --------- 287744   04/08/2004 01:45     C:\WINDOWS\regedit.exe --------- 150528   04/08/2004 01:45     C:\WINDOWS\NOTEPAD.EXE --------- 70144   04/08/2004 01:45     C:\WINDOWS\hh.exe --------- 10752   04/08/2004 01:45     C:\WINDOWS\explorer.exe --------- 1034240   04/08/2004 01:45     C:\WINDOWS\twain_32.dll --------- 50688   18/02/2002 11:23     C:\WINDOWS\setdebug.exe --------- 46352   18/02/2002 08:35     C:\WINDOWS\jautoexp.dat --------- 6550   28/10/2001 13:07     C:\WINDOWS\_default.pif --------- 707   28/10/2001 13:07     C:\WINDOWS\Tapete.bmp --------- 9522   28/10/2001 13:07     C:\WINDOWS\wmprfPTB.prx --------- 34666   28/10/2001 13:07     C:\WINDOWS\winhelp.exe --------- 304000   28/10/2001 13:07     C:\WINDOWS\winnt.bmp --------- 48680   28/10/2001 13:07     C:\WINDOWS\winnt256.bmp --------- 48680   28/10/2001 13:07     C:\WINDOWS\vmmreg32.dll --------- 18944   28/10/2001 13:07     C:\WINDOWS\twunk_32.exe --------- 25600   28/10/2001 13:07     C:\WINDOWS\twunk_16.exe --------- 49680   28/10/2001 13:07     C:\WINDOWS\twain.dll --------- 94832   28/10/2001 13:07     C:\WINDOWS\TASKMAN.EXE --------- 15360   28/10/2001 13:07     C:\WINDOWS\desktop.ini --------- 2   28/10/2001 13:07     C:\WINDOWS\Deserto.bmp --------- 65832   28/10/2001 13:07     C:\WINDOWS\Rododentro.bmp --------- 17362   28/10/2001 13:07     C:\WINDOWS\Leques.bmp --------- 26680   28/10/2001 13:07     C:\WINDOWS\Bruma.bmp --------- 65954   28/10/2001 13:07     C:\WINDOWS\msdfmap.ini --------- 1405   28/10/2001 13:06     C:\WINDOWS\Pescaria.bmp --------- 17336   28/10/2001 13:06     C:\WINDOWS\Areia.bmp --------- 26582   28/10/2001 13:06     C:\WINDOWS\Seda.bmp --------- 16730   28/10/2001 13:06     C:\WINDOWS\explorer.scf --------- 80   28/10/2001 13:06     C:\WINDOWS\Cafezinho.bmp --------- 17062   28/10/2001 13:06     C:\WINDOWS\clock.avi --------- 82944   28/10/2001 13:06     C:\WINDOWS\Renda azul 16.bmp --------- 1272   28/10/2001 13:06     C:\WINDOWS\Bolhas de sabão.bmp --------- 65978   31/08/2000 08:00     C:\WINDOWS\SWSC.exe --------- 136704   31/08/2000 08:00     C:\WINDOWS\grep.exe --------- 80412   31/08/2000 08:00     C:\WINDOWS\SWREG.exe --------- 161792   31/08/2000 08:00     C:\WINDOWS\zip.exe --------- 68096   31/08/2000 08:00     C:\WINDOWS\sed.exe --------- 98816 ---------------------------------------- C:\WINDOWS\System 04/08/2004 01:45    C:\WINDOWS\System\WINSPOOL.DRV --------- 146944  04/08/2004 01:35    C:\WINDOWS\System\MMSYSTEM.DLL --------- 70080  28/10/2001 13:07    C:\WINDOWS\System\WFWNET.DRV --------- 13600  28/10/2001 13:07    C:\WINDOWS\System\VER.DLL --------- 9072  28/10/2001 13:07    C:\WINDOWS\System\VGA.DRV --------- 2176  28/10/2001 13:07    C:\WINDOWS\System\TIMER.DRV --------- 4096  28/10/2001 13:07    C:\WINDOWS\System\TAPI.DLL --------- 19200  28/10/2001 13:07    C:\WINDOWS\System\SYSTEM.DRV --------- 3360  28/10/2001 13:07    C:\WINDOWS\System\stdole.tlb --------- 5532  28/10/2001 13:07    C:\WINDOWS\System\SOUND.DRV --------- 1744  28/10/2001 13:07    C:\WINDOWS\System\setup.inf --------- 59167  28/10/2001 13:07    C:\WINDOWS\System\SHELL.DLL --------- 5120  28/10/2001 13:07    C:\WINDOWS\System\OLESVR.DLL --------- 24064  28/10/2001 13:07    C:\WINDOWS\System\OLECLI.DLL --------- 83456  28/10/2001 13:07    C:\WINDOWS\System\MSVIDEO.DLL --------- 127120  28/10/2001 13:07    C:\WINDOWS\System\MOUSE.DRV --------- 2032  28/10/2001 13:07    C:\WINDOWS\System\MMTASK.TSK --------- 1152  28/10/2001 13:06    C:\WINDOWS\System\MCIAVI.DRV --------- 73632  28/10/2001 13:06    C:\WINDOWS\System\MCIWAVE.DRV --------- 28160  28/10/2001 13:06    C:\WINDOWS\System\MCISEQ.DRV --------- 25296  28/10/2001 13:06    C:\WINDOWS\System\LZEXPAND.DLL --------- 9936  28/10/2001 13:06    C:\WINDOWS\System\KEYBOARD.DRV --------- 2000  28/10/2001 13:06    C:\WINDOWS\System\COMMDLG.DLL --------- 33504  28/10/2001 13:06    C:\WINDOWS\System\AVICAP.DLL --------- 70144  28/10/2001 13:06    C:\WINDOWS\System\AVIFILE.DLL --------- 109536 ---------------------------------------- C:\WINDOWS\System32 13/11/2009 16:53     C:\WINDOWS\system32\CatRoot2 --------- 0  13/11/2009 16:14     C:\WINDOWS\system32\dllcache --------- 0  13/11/2009 09:51     C:\WINDOWS\system32\TURegOpt.exe --------- 29512  13/11/2009 09:45     C:\WINDOWS\system32\uxtuneup.dll --------- 30024  12/11/2009 03:27     C:\WINDOWS\system32\FNTCACHE.DAT --------- 267800  11/11/2009 17:07     C:\WINDOWS\system32\DirectX --------- 0  10/11/2009 16:39     C:\WINDOWS\system32\drivers --------- 0  05/11/2009 15:36     C:\WINDOWS\system32\MRT.exe --------- 26768832  31/10/2009 23:11     C:\WINDOWS\system32\d3d9caps.dat --------- 2068  28/10/2009 16:28     C:\WINDOWS\system32\perfc016.dat --------- 99480  28/10/2009 16:28     C:\WINDOWS\system32\perfh016.dat --------- 67314  28/10/2009 16:28     C:\WINDOWS\system32\perfh009.dat --------- 492192  28/10/2009 16:28     C:\WINDOWS\system32\perfc009.dat --------- 84540  28/10/2009 16:28     C:\WINDOWS\system32\PerfStringBackup.INI --------- 71844  28/10/2009 16:17     C:\WINDOWS\system32\wpa.dbl --------- 2206  21/10/2009 02:07     C:\WINDOWS\system32\mshtml.dll --------- 3598336  15/10/2009 10:45     C:\WINDOWS\system32\pt-br --------- 0  21/09/2009 19:02     C:\WINDOWS\system32\CatRoot_bak --------- 0  21/09/2009 19:02     C:\WINDOWS\system32\CatRoot --------- 0  11/09/2009 12:35     C:\WINDOWS\system32\msv1_0.dll --------- 133632  04/09/2009 18:46     C:\WINDOWS\system32\msasn1.dll --------- 58880  04/09/2009 18:26     C:\WINDOWS\system32\XPSViewer --------- 0  04/09/2009 18:25     C:\WINDOWS\system32\en-US --------- 0  04/09/2009 18:18     C:\WINDOWS\system32\spool --------- 0  04/09/2009 18:04     C:\WINDOWS\system32\mui --------- 0  03/09/2009 17:20     C:\WINDOWS\system32\wbem --------- 0  03/09/2009 17:20     C:\WINDOWS\system32\Setup --------- 0  03/09/2009 01:02     C:\WINDOWS\system32\TZLog.log --------- 1196  02/09/2009 23:38     C:\WINDOWS\system32\CONFIG.NT --------- 3018  01/09/2009 12:34     C:\WINDOWS\system32\msaud32.acm --------- 282654  29/08/2009 05:29     C:\WINDOWS\system32\urlmon.dll --------- 1168384  29/08/2009 05:29     C:\WINDOWS\system32\webcheck.dll --------- 233472  29/08/2009 05:29     C:\WINDOWS\system32\wininet.dll --------- 832512  29/08/2009 05:29     C:\WINDOWS\system32\occache.dll --------- 102912  29/08/2009 05:29     C:\WINDOWS\system32\mstime.dll --------- 671232  29/08/2009 05:29     C:\WINDOWS\system32\pngfilt.dll --------- 44544  29/08/2009 05:29     C:\WINDOWS\system32\url.dll --------- 105984  29/08/2009 05:29     C:\WINDOWS\system32\mshtmled.dll --------- 477696  29/08/2009 05:29     C:\WINDOWS\system32\msrating.dll --------- 193024  29/08/2009 05:29     C:\WINDOWS\system32\msfeedsbs.dll --------- 52224  29/08/2009 05:29     C:\WINDOWS\system32\iertutil.dll --------- 268288  29/08/2009 05:29     C:\WINDOWS\system32\inetcpl.cpl --------- 1830912  29/08/2009 05:29     C:\WINDOWS\system32\iernonce.dll --------- 44544  29/08/2009 05:29     C:\WINDOWS\system32\msfeeds.dll --------- 459264  29/08/2009 05:29     C:\WINDOWS\system32\ieframe.dll --------- 6067200  29/08/2009 05:29     C:\WINDOWS\system32\jsproxy.dll --------- 27648  29/08/2009 05:29     C:\WINDOWS\system32\ieencode.dll --------- 78336  29/08/2009 05:29     C:\WINDOWS\system32\ieapfltr.dll --------- 380928  29/08/2009 05:29     C:\WINDOWS\system32\iedkcs32.dll --------- 385024  29/08/2009 05:29     C:\WINDOWS\system32\extmgr.dll --------- 133120  29/08/2009 05:29     C:\WINDOWS\system32\ieaksie.dll --------- 230400  29/08/2009 05:29     C:\WINDOWS\system32\dxtmsft.dll --------- 347136  29/08/2009 05:29     C:\WINDOWS\system32\corpol.dll --------- 17408  29/08/2009 05:29     C:\WINDOWS\system32\icardie.dll --------- 63488  29/08/2009 05:29     C:\WINDOWS\system32\advpack.dll --------- 124928  29/08/2009 05:29     C:\WINDOWS\system32\ieakeng.dll --------- 153088  29/08/2009 05:29     C:\WINDOWS\system32\dxtrans.dll --------- 214528  28/08/2009 08:33     C:\WINDOWS\system32\html.iec --------- 389120  28/08/2009 08:32     C:\WINDOWS\system32\ieudinit.exe --------- 13824  28/08/2009 08:32     C:\WINDOWS\system32\ie4uinit.exe --------- 70656  27/08/2009 03:18     C:\WINDOWS\system32\ieakui.dll --------- 161792  26/08/2009 06:15     C:\WINDOWS\system32\strmdll.dll --------- 247326  21/08/2009 04:51     C:\WINDOWS\system32\jscript.dll --------- 450560  17/08/2009 14:10     C:\WINDOWS\system32\aswBoot.exe --------- 1279456  17/08/2009 14:02     C:\WINDOWS\system32\AvastSS.scr --------- 97480  14/08/2009 13:22     C:\WINDOWS\system32\win32k.sys --------- 1850240  07/08/2009 14:02     C:\WINDOWS\system32\PreInstall --------- 0  07/08/2009 13:35     C:\WINDOWS\system32\SoftwareDistribution --------- 0  07/08/2009 12:41     C:\WINDOWS\system32\DRVSTORE --------- 0  07/08/2009 12:20     C:\WINDOWS\system32\config --------- 0  07/08/2009 12:09     C:\WINDOWS\system32\IOSUBSYS --------- 0  07/08/2009 11:38     C:\WINDOWS\system32\amcompat.tlb --------- 16832  07/08/2009 11:38     C:\WINDOWS\system32\nscompat.tlb --------- 23392  07/08/2009 11:35     C:\WINDOWS\system32\LogFiles --------- 0  07/08/2009 11:28     C:\WINDOWS\system32\javaws.exe --------- 148888  07/08/2009 11:28     C:\WINDOWS\system32\javaw.exe --------- 144792  07/08/2009 11:28     C:\WINDOWS\system32\javacpl.cpl --------- 73728  07/08/2009 11:28     C:\WINDOWS\system32\java.exe --------- 144792  07/08/2009 11:28     C:\WINDOWS\system32\deploytk.dll --------- 410984  07/08/2009 10:49     C:\WINDOWS\system32\Restore --------- 0  07/08/2009 10:49     C:\WINDOWS\system32\Microsoft --------- 0  07/08/2009 10:48     C:\WINDOWS\system32\$winnt$.inf --------- 261  07/08/2009 10:43     C:\WINDOWS\system32\xircom --------- 0  07/08/2009 10:41     C:\WINDOWS\system32\ias --------- 0  07/08/2009 10:40     C:\WINDOWS\system32\logonui.exe.manifest --------- 488  07/08/2009 10:40     C:\WINDOWS\system32\WindowsLogon.manifest --------- 488  07/08/2009 10:39     C:\WINDOWS\system32\wuaucpl.cpl.manifest --------- 749  07/08/2009 10:39     C:\WINDOWS\system32\sapi.cpl.manifest --------- 749  07/08/2009 10:39     C:\WINDOWS\system32\nwc.cpl.manifest --------- 749  07/08/2009 10:39     C:\WINDOWS\system32\cdplayer.exe.manifest --------- 749  07/08/2009 10:39     C:\WINDOWS\system32\ncpa.cpl.manifest --------- 749  07/08/2009 10:38     C:\WINDOWS\system32\oobe --------- 0  07/08/2009 10:38     C:\WINDOWS\system32\Macromed --------- 0  07/08/2009 10:36     C:\WINDOWS\system32\Com --------- 0  07/08/2009 10:36     C:\WINDOWS\system32\emptyregdb.dat --------- 21844  07/08/2009 10:36     C:\WINDOWS\system32\MsDtc --------- 0  07/08/2009 07:33     C:\WINDOWS\system32\h323log.txt --------- 0  07/08/2009 07:21     C:\WINDOWS\system32\usmt --------- 0  07/08/2009 07:20     C:\WINDOWS\system32\1046 --------- 0  07/08/2009 07:20     C:\WINDOWS\system32\npp --------- 0 ---------------------------------------- C:\WINDOWS\Prefetch 13/11/2009 22:50     C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf --------- 18120  13/11/2009 22:50     C:\WINDOWS\Prefetch\WINRAR.EXE-09D6614C.pf --------- 34766  13/11/2009 22:34     C:\WINDOWS\Prefetch\WLTUSER.EXE-0792DAA8.pf --------- 50132  13/11/2009 22:34     C:\WINDOWS\Prefetch\IEXPLORE.EXE-2B53DE18.pf --------- 105038  13/11/2009 22:00     C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf --------- 34362  13/11/2009 22:00     C:\WINDOWS\Prefetch\ONECLICKSTARTER.EXE-390AE376.pf --------- 65828  13/11/2009 21:52     C:\WINDOWS\Prefetch\TUNEUPSYSTEMSTATUSCHECK.EXE-1CA400EA.pf --------- 77138  13/11/2009 21:37     C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf --------- 57794  13/11/2009 21:04     C:\WINDOWS\Prefetch\AVAST.SETUP-26C2652C.pf --------- 99780  13/11/2009 18:36     C:\WINDOWS\Prefetch\RUNDLL32.EXE-30535D22.pf --------- 15906  13/11/2009 18:36     C:\WINDOWS\Prefetch\RUNDLL32.EXE-22C14824.pf --------- 17684  13/11/2009 18:32     C:\WINDOWS\Prefetch\UPDATEWIZARD.EXE-2AA638E7.pf --------- 69060  13/11/2009 18:32     C:\WINDOWS\Prefetch\INTEGRATOR.EXE-032DA08B.pf --------- 68792  13/11/2009 18:32     C:\WINDOWS\Prefetch\MSIF.TMP-151ACEE6.pf --------- 16162  13/11/2009 18:32     C:\WINDOWS\Prefetch\TUNEUPUTILITIESAPP32.EXE-37110B7F.pf --------- 18750  13/11/2009 18:32     C:\WINDOWS\Prefetch\TUNEUPUTILITIESSERVICE32.EXE-0AFBC351.pf --------- 17530  13/11/2009 18:31     C:\WINDOWS\Prefetch\TUINSTALLHELPER.EXE-1F91138B.pf --------- 82494  13/11/2009 18:28     C:\WINDOWS\Prefetch\WMPLAYER.EXE-0366FBE9.pf --------- 20564  13/11/2009 18:26     C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf --------- 54274  13/11/2009 18:25     C:\WINDOWS\Prefetch\TU2010TRIALEN-US.EXE-1042442E.pf --------- 40360  13/11/2009 18:24     C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf --------- 15110  13/11/2009 17:42     C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf --------- 24424  13/11/2009 17:42     C:\WINDOWS\Prefetch\WINDVD.EXE-2F2CE620.pf --------- 64568  13/11/2009 17:15     C:\WINDOWS\Prefetch\WLCOMM.EXE-0889FC35.pf --------- 45100  13/11/2009 17:14     C:\WINDOWS\Prefetch\MSNMSGR.EXE-304664B4.pf --------- 80262  13/11/2009 17:14     C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf --------- 33630  13/11/2009 17:14     C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf --------- 15738  13/11/2009 17:14     C:\WINDOWS\Prefetch\READER_SL.EXE-074FC50A.pf --------- 12138  13/11/2009 17:14     C:\WINDOWS\Prefetch\ASHDISP.EXE-2F45066D.pf --------- 29280  13/11/2009 17:14     C:\WINDOWS\Prefetch\NEROCHECK.EXE-092C6DFA.pf --------- 6368  13/11/2009 17:14     C:\WINDOWS\Prefetch\RUNDLL32.EXE-2229EF0D.pf --------- 13000  13/11/2009 17:14     C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf --------- 82164  13/11/2009 17:14     C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf --------- 38530  13/11/2009 17:09     C:\WINDOWS\Prefetch\layout.ini --------- 233516  13/11/2009 17:04     C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf --------- 6522  13/11/2009 16:57     C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 1311114  13/11/2009 16:53     C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf --------- 20976  13/11/2009 16:26     C:\WINDOWS\Prefetch\SEAPORT.EXE-090117AD.pf --------- 19818  13/11/2009 16:24     C:\WINDOWS\Prefetch\RUNDLL32.EXE-252EF7B7.pf --------- 15868  13/11/2009 16:24     C:\WINDOWS\Prefetch\RUNDLL32.EXE-188DF14E.pf --------- 18120  13/11/2009 16:22     C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf --------- 31662  13/11/2009 16:11     C:\WINDOWS\Prefetch\UPDATE.EXE-05DF0A69.pf --------- 29632  12/11/2009 23:43     C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf --------- 16778  12/11/2009 23:42     C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-3A888546.pf --------- 25452  12/11/2009 17:54     C:\WINDOWS\Prefetch\SCANNINGPROCESS.EXE-020FF92F.pf --------- 65520  12/11/2009 17:07     C:\WINDOWS\Prefetch\UPDATE.EXE-120D9768.pf --------- 79960  12/11/2009 16:56     C:\WINDOWS\Prefetch\JAVA.EXE-348EE6DF.pf --------- 77604  12/11/2009 16:31     C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf --------- 16760  12/11/2009 16:31     C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf --------- 41736  12/11/2009 16:31     C:\WINDOWS\Prefetch\ASHWEBSV.EXE-13A80AA4.pf --------- 20580  12/11/2009 16:31     C:\WINDOWS\Prefetch\ASHMAISV.EXE-1A593E3B.pf --------- 16102  12/11/2009 03:04     C:\WINDOWS\Prefetch\MRT.EXE-1B4A8D49.pf --------- 53744  12/11/2009 03:04     C:\WINDOWS\Prefetch\WINDOWS-KB890830-V3.1-DELTA.E-235AB1D8.pf --------- 22954  12/11/2009 03:04     C:\WINDOWS\Prefetch\MRTSTUB.EXE-07E187A9.pf --------- 50974  12/11/2009 03:04     C:\WINDOWS\Prefetch\OFFICE2003-KB969615-FULLFILE--274AC589.pf --------- 44024  12/11/2009 03:04     C:\WINDOWS\Prefetch\MSOHTMED.EXE-2191BB2C.pf --------- 8508  12/11/2009 03:03     C:\WINDOWS\Prefetch\OSE.EXE-1F0D4A21.pf --------- 5552  12/11/2009 03:00     C:\WINDOWS\Prefetch\UPDATE.EXE-01A19168.pf --------- 56198  12/11/2009 00:37     C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf --------- 16540  12/11/2009 00:09     C:\WINDOWS\Prefetch\RUNDLL32.EXE-36272C28.pf --------- 18614  11/11/2009 22:46     C:\WINDOWS\Prefetch\OFFICELIVESIGNIN.EXE-2B7DDB91.pf --------- 18474  11/11/2009 22:46     C:\WINDOWS\Prefetch\WINWORD.EXE-2F4074DC.pf --------- 68778  11/11/2009 22:32     C:\WINDOWS\Prefetch\INFOCARD.EXE-14622E55.pf --------- 54312  11/11/2009 21:35     C:\WINDOWS\Prefetch\UPDATE.EXE-04A7373B.pf --------- 76576  11/11/2009 17:35     C:\WINDOWS\Prefetch\MSCORSVW.EXE-1BF30400.pf --------- 117710  11/11/2009 16:25     C:\WINDOWS\Prefetch\USNSVC.EXE-23426FC1.pf --------- 22888 ---------------------------------------- C:\WINDOWS\Tasks 13/11/2009 21:52     C:\WINDOWS\Tasks\Automatic troubleshooting.job --------- 498  13/11/2009 16:54     C:\WINDOWS\Tasks\SA.DAT --------- 6  28/10/2001 13:07     C:\WINDOWS\Tasks\desktop.ini --------- 65 ---------------------------------------- C:\WINDOWS\Temp 13/11/2009 22:51     C:\WINDOWS\Temp\_avast4_ --------- 0  13/11/2009 16:54     C:\WINDOWS\Temp\Perflib_Perfdata_6a4.dat --------- 16384  12/11/2009 16:29     C:\WINDOWS\Temp\Perflib_Perfdata_bc.dat --------- 16384  12/11/2009 03:28     C:\WINDOWS\Temp\Perflib_Perfdata_6d4.dat --------- 16384  12/11/2009 03:28     C:\WINDOWS\Temp\Perflib_Perfdata_528.dat --------- 16384  11/11/2009 17:24     C:\WINDOWS\Temp\Perflib_Perfdata_174.dat --------- 16384  11/11/2009 17:24     C:\WINDOWS\Temp\Perflib_Perfdata_524.dat --------- 16384  11/11/2009 16:14     C:\WINDOWS\Temp\Perflib_Perfdata_6d0.dat --------- 16384  11/11/2009 16:14     C:\WINDOWS\Temp\Perflib_Perfdata_4f8.dat --------- 16384  11/11/2009 07:00     C:\WINDOWS\Temp\Perflib_Perfdata_51c.dat --------- 16384  10/11/2009 22:13     C:\WINDOWS\Temp\Perflib_Perfdata_4fc.dat --------- 16384  10/11/2009 16:18     C:\WINDOWS\Temp\Perflib_Perfdata_6dc.dat --------- 16384  10/11/2009 16:18     C:\WINDOWS\Temp\Perflib_Perfdata_504.dat --------- 16384  09/11/2009 16:38     C:\WINDOWS\Temp\Perflib_Perfdata_520.dat --------- 16384  09/11/2009 01:52     C:\WINDOWS\Temp\Perflib_Perfdata_17c.dat --------- 16384  09/11/2009 01:51     C:\WINDOWS\Temp\Perflib_Perfdata_500.dat --------- 16384  09/11/2009 01:35     C:\WINDOWS\Temp\Perflib_Perfdata_108.dat --------- 16384  09/11/2009 01:34     C:\WINDOWS\Temp\Perflib_Perfdata_4f4.dat --------- 16384  09/11/2009 01:17     C:\WINDOWS\Temp\Perflib_Perfdata_534.dat --------- 16384 ---------------------------------------- C:\DOCUME~1\Adm\CONFIG~1\Temp 13/11/2009 22:50      C:\DOCUME~1\Adm\CONFIG~1\Temp\Rar$DI00.342 --------- 0  13/11/2009 22:07      C:\DOCUME~1\Adm\CONFIG~1\Temp\MessengerCache --------- 0  13/11/2009 18:30      C:\DOCUME~1\Adm\CONFIG~1\Temp\wmplog00.sqm --------- 1648  13/11/2009 18:26      C:\DOCUME~1\Adm\CONFIG~1\Temp\Windows Live Toolbar --------- 0  13/11/2009 18:26      C:\DOCUME~1\Adm\CONFIG~1\Temp\TUM8.tmp --------- 2337792  13/11/2009 17:14      C:\DOCUME~1\Adm\CONFIG~1\Temp\WPDNSE --------- 0  12/11/2009 17:53      C:\DOCUME~1\Adm\CONFIG~1\Temp\KAV Updater update files --------- 0  12/11/2009 17:51      C:\DOCUME~1\Adm\CONFIG~1\Temp\hsperfdata_Adm --------- 0  12/11/2009 16:56      C:\DOCUME~1\Adm\CONFIG~1\Temp\java_install_reg.log --------- 4574  11/11/2009 22:46      C:\DOCUME~1\Adm\CONFIG~1\Temp\VBE --------- 0  11/11/2009 22:34      C:\DOCUME~1\Adm\CONFIG~1\Temp\jkos-Adm --------- 0  11/11/2009 17:52      C:\DOCUME~1\Adm\CONFIG~1\Temp\~DF9FE2.tmp --------- 512  11/11/2009 17:52      C:\DOCUME~1\Adm\CONFIG~1\Temp\~DF9FD0.tmp --------- 16384  11/11/2009 17:11      C:\DOCUME~1\Adm\CONFIG~1\Temp\Silverlight0.log --------- 800  11/11/2009 07:20      C:\DOCUME~1\Adm\CONFIG~1\Temp\{A8461E28-C0B2-43ED-9BA8-3BC140ED39AD} --------- 0  10/11/2009 16:29      C:\DOCUME~1\Adm\CONFIG~1\Temp\~DFB0E3.tmp --------- 512  10/11/2009 16:29      C:\DOCUME~1\Adm\CONFIG~1\Temp\~DFB0D1.tmp --------- 376832  10/11/2009 16:29      C:\DOCUME~1\Adm\CONFIG~1\Temp\~DF703B.tmp --------- 512  10/11/2009 16:29      C:\DOCUME~1\Adm\CONFIG~1\Temp\~DF7029.tmp --------- 376832  10/11/2009 16:29      C:\DOCUME~1\Adm\CONFIG~1\Temp\6541.tmp --------- 153600  09/11/2009 17:10      C:\DOCUME~1\Adm\CONFIG~1\Temp\Microsoft .NET Framework 2.0-KB958481_20091109_191041129.html --------- 29496  09/11/2009 01:19      C:\DOCUME~1\Adm\CONFIG~1\Temp\_avast4_ --------- 0  09/11/2009 01:12      C:\DOCUME~1\Adm\CONFIG~1\Temp\~DFD5A3.tmp --------- 16384 ---------------------------------------- C:\Arquivos de programas---------------------------------------- C:\Documents and Settings\All Users\.. Adm    LocalService    NetworkService    Default User    All Users    ---------------------------------------- C:\WINDOWS\system32\drivers\etc\hosts127.0.0.1       localhost---------------------------------------- Nome da imagem            Identi Nome da sessÆo    SessÆo# Uso de mem¢r========================= ====== ================ ======== ============System Idle Process            0 Console                 0         16 KSystem                         4 Console                 0         32 Ksmss.exe                     496 Console                 0        100 Kcsrss.exe                    560 Console                 0      2.540 Kwinlogon.exe                 584 Console                 0      1.700 Kservices.exe                 628 Console                 0        968 Klsass.exe                    640 Console                 0      2.152 Ksvchost.exe                  792 Console                 0      1.520 Ksvchost.exe                  836 Console                 0      1.396 Ksvchost.exe                  928 Console                 0     10.764 Ksvchost.exe                  984 Console                 0      1.124 Ksvchost.exe                 1120 Console                 0        848 KaswUpdSv.exe                1220 Console                 0         96 KashServ.exe                 1268 Console                 0     22.860 Kspoolsv.exe                 1564 Console                 0        496 Ksvchost.exe                 1648 Console                 0        580 Kjqs.exe                     1700 Console                 0      1.372 KSeaPort.exe                 1740 Console                 0      2.652 KashMaiSv.exe                 368 Console                 0        788 KashWebSv.exe                 384 Console                 0     44.056 Kalg.exe                      516 Console                 0        128 Kwmiapsrv.exe                 916 Console                 0        668 Kexplorer.exe                2736 Console                 0      9.368 KashDisp.exe                 2820 Console                 0      1.364 Kctfmon.exe                  2896 Console                 0      1.852 Kmsnmsgr.exe                 3176 Console                 0     34.260 Kwlcomm.exe                  3660 Console                 0     16.020 KWinDVD.exe                  3652 Console                 0      7.132 KTuneUpUtilitiesService32.   1504 Console                 0      3.508 KTuneUpUtilitiesApp32.exe     768 Console                 0      2.164 Kiexplore.exe                3332 Console                 0     12.404 Kiexplore.exe                1760 Console                 0     62.060 Kwltuser.exe                 2112 Console                 0      3.636 KWinRAR.exe                  2836 Console                 0      8.152 Kcmd.exe                     2588 Console                 0      2.100 Ktasklist.exe                3200 Console                 0      4.252 Kwmiprvse.exe                2800 Console                 0      5.588 K ***** Ende des Scans --- 13/11/2009 um 22:51:45,92 ***    

 

 

Abracos e obrigada...

[DigRam 144]

Bom Dia! andressa1403

 

<@> Baixe: < PureRa 1.4 > ( ...by Paul McLain & Fred de Vries )

<@> Salve-o no desktop! <-- Tire-o do zip!

<@> Execute: PureRa.exe --> Clique em Clean.

<@> Á direita,marque a opção: "Check All"

 

< > <-- Link - 2

 

<@> Clique no botão Clean Selected --> Aguarde!

<@> Terminando ( Finished ),clique em Exit.

<@> Poste o relatório: PureRa.txt <--

 

Abraços!

[andressa1403 0]

boa tarde ...conseguiu ver o que sao estes arquivos?

 

 

segue log

 

C:\sqmnoopt08.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\sqmnoopt09.sqm <- Acesso negado.

C:\sqmnoopt10.sqm <- Successfully deleted.Successfully deleted.

C:\sqmnoopt10.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Configurações locais\Dados de aplicativos\IconCache.db <- Successfully deleted.

C:\Documents and Settings\Adm\Configurações locais\Dados de aplicativos\Microsoft\Windows Live\SqmApi\SqmData720896_01.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Configurações locais\Dados de aplicativos\Microsoft\Windows Live\SqmApi\SqmData720896_02.sqm <-

C:\Documents and Settings\Adm\Configurações locais\Dados de aplicativos\Microsoft\Windows Live\SqmApi\SqmData720896_01.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Configurações locais\Dados de aplicativos\Microsoft\Windows Live\SqmApi\SqmData720896_02.sqm <- Successfully deleted.O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\sqmnoopt00.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt00.sqm <-

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt00.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt01.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt01.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt02.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt03.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt02.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt03.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt04.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt05.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt06.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt04.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt05.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt06.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt07.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt08.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt07.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt08.sqm <- Acesso negado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt09.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt09.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt10.sqm <- Successfully deleted.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2983908363\sqmnoopt00.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2328083548\sqmnoopt10.sqm <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Dados de aplicativos\Microsoft\MSN Messenger\2983908363\sqmnoopt00.sqm <- Successfully deleted.O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Meus documentos\Andressa\fotos sthe\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Andressa\Skins\Buttons\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Andressa\Skins\Buttons\Thumbs.db <- Successfully deleted.O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Meus documentos\Andressa\Skins\Default\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Andressa\Skins\Default\Thumbs.db <- Successfully deleted.O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Meus documentos\Andressa\Skins\SteelRain\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Andressa\Skins\SteelRain\Thumbs.db <- Acesso negado. Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Andressa\Skins\Titanium\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Andressa\Skins\Titanium\Thumbs.db <- Acesso negado. Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Meus arquivos recebidos\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Meus arquivos recebidos\Thumbs.db <- Successfully deleted.O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Meus documentos\Meus vídeos\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Meus vídeos\Thumbs.db <- Acesso negado. Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\Thumbs.db <- Successfully deleted.O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\eu e sthe\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\facul\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\festas famila\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\Figuras\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\Figuras\Thumbs.db <- O sistema não pode encontrar o arquivo especificado. Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\fotos\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\fotos\Thumbs.db <- Successfully deleted.O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\fotos sthe\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\fotos sthe\Thumbs.db <- Successfully deleted.Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\so eu\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas imagens\trabalho\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\Chris Brow\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\Chris Brow\Thumbs.db <- Successfully deleted.O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\César Menotti e Fabiano\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\César Menotti e Fabiano\Thumbs.db <- Acesso negado. Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\Eletronica\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\Eletronica\Thumbs.db <- Acesso negado. Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\Fernado e Sorocaba\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\Jeito Muleque\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\Jeito Muleque\Thumbs.db <- Acesso negado. Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\joao bosco e vinicios\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\musicas baixadas\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\musicas baixadas\Thumbs.db <- Successfully deleted.O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\rap\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\Victor e Léo\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\musicas\Victor e Léo\Thumbs.db <- O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\Musicas n\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\Musicas n\Thumbs.db <- Successfully deleted.O sistema não pode encontrar o arquivo especificado.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\Musicas n\Shakira\Thumbs.db <- Successfully deleted.

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\My Playlists\Nova pasta\Thumbs.db <-

C:\Documents and Settings\Adm\Meus documentos\Minhas músicas\My Playlists\Nova pasta\Thumbs.db <- O sistema não pode encontrar o arquivo especificado. Successfully deleted.

C:\Documents and Settings\All Users\Documentos\Minhas imagens\Amostras de imagens\Thumbs.db <- Successfully deleted.

 

Total space cleaned: 503081314 bytes

 

-=E.O.F=-

[DigRam 144]

Boa Noite! andressa1403

 

boa tarde ...conseguiu ver o que sao estes arquivos?

<!> Os nomeados como Eula,que foram citados,não apareceram nos relatórios.

 

<@> Baixe: < > (...par A.Rothstein & dj Quiou )

<@> Salve-o no desktop!

<@> Feche programas que estejam abertos,e execute a ferramenta.

<@> Clique no botão Recherche,para iniciar o scan. <-- Aguarde!

<@> Terminando,teremos relacionados os itens que serão removidos.

<@> Clique no botão Supression para remover os itens encontrados.

<@> Clique,à seguir,em Quitter.

<@> Poste o relatório: ( C:\TCleaner.txt ) <--

<@> Poste,também,um novo log do hjtscanlist.

 

Abraços!

[andressa1403 0]

Desculpe pela demora da resposta, :rolleyes: semana de provas na faculdade nao da tempo pra nada mas aqui esta ...

 

[ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ]

 

--> Recherche:

 

C:\Combofix.txt: trouvé !

C:\Combofix: trouvé !

C:\!Killbox: trouvé !

C:\Qoobox: trouvé !

C:\Documents and Settings\Adm\Desktop\Jogos\Combofix: trouvé !

C:\Documents and Settings\Adm\Meus documentos\KillBox.exe: trouvé !

C:\Documents and Settings\Adm\Meus documentos\ComboFix.exe: trouvé !

C:\Documents and Settings\Adm\Meus documentos\hijackthis.log: trouvé !

C:\Documents and Settings\Adm\Recent\HijackThis.lnk: trouvé !

C:\Qoobox\Quarantine\catchme.log: trouvé !

C:\WINDOWS\mbr.log: trouvé !

C:\WINDOWS\mbr.exe: trouvé !

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:54:41, on 18/11/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16915)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\notepad.exe

C:\Arquivos de programas\WinRAR\WinRAR.exe

C:\DOCUME~1\Adm\CONFIG~1\Temp\Rar$EX00.581\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1249659269835

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 5251 bytes

 

 

 

 

OBRIGADA PELA ATENCAO

[DigRam 144]

Bom Dia! andressa1403

 

<!> Seus logs estão limpos! :thumbsup:

<!> Tudo Ok?

 

Abraços!

[andressa1403 0]

Muito Obrigada ... :thumbsup:

ele ta muito lento mas da p/ usar bem ...

 

muito obrigada mesmo. :rolleyes:

[DigRam 144]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.