Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

mi.ka

[Arquivado] analisem meu log, acho qe meu computador foi infectad

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

mi.ka    0

mi.ka
Postado

Logfile of HijackThis v1.99.1

Scan saved at 22:50:28, on 22/5/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\Arquivos de programas\Logitech\G-series Software\LGDCore.exe

C:\Arquivos de programas\Logitech\G-series Software\LCDMon.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\Search Settings\SearchSettings.exe

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe

C:\Arquivos de programas\Arquivos comuns\LightScribe\LightScribeControlPanel.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDClock.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDMedia.exe

C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\LogicoolDesktopMessenger.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Arquivos de programas\Application Updater\ApplicationUpdater.exe

C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

C:\ARQUIV~1\Magentic\bin\MgApp.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe

C:\Arquivos de programas\Logicool\SetPoint\SetPoint.exe

C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Assistente Tecnico Speedy\bin\mpbtn.exe

C:\Arquivos de programas\Arquivos comuns\Logicool\khalshared\KHALMNPR.EXE

C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wmiapsrv.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

d:\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.msn.com/?ocid=iehp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\SearchSettings.dll

O2 - BHO: Windows® Internet Explorer - {0137B574-1292-43DE-8B02-6F24D0BA7DA1} - (no file)

O2 - BHO: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Windows® Internet Explorer - {59F68C05-50C1-47EE-B505-80531CDC7302} - C:\WINDOWS\system32\wbem\essclis.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: (no name) - {C60D515C-2658-48E1-A5D4-F2DDF457B07F}A5D4-F2DDF457B07F} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\Search Settings\SearchSettings.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RemoteControl8] "C:\Arquivos de programas\CyberLink\PowerDVD8\PDVD8Serv.exe"

O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD8\Language\Language.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Arquivos de programas\Arquivos comuns\Logicool\khalshared\KHALMNPR.EXE"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Arquivos de programas\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Arquivos de programas\Logitech\G-series Software\LCDMon.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [Motive SmartBridge] "C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe" /restart

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [searchSettings] C:\Arquivos de programas\Search Settings\SearchSettings.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\RunOnce: [b Register C:\Arquivos de programas\DivX\DivX Plus DirectShow Filters\DivXDecH264.ax] "C:\WINDOWS\system32\rundll32.exe" "C:\Arquivos de programas\DivX\DivX Plus DirectShow Filters\DivXDecH264.ax",DllRegisterServer

O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Arquivos de programas\Arquivos comuns\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [LDM] C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\LogicoolDesktopMessenger.exe

O4 - HKCU\..\Run: [Magentic] C:\ARQUIV~1\Magentic\bin\Magentic.exe /c

O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon

O4 - Global Startup: Assistente Tecnico Speedy.lnk = C:\Arquivos de programas\Assistente Tecnico Speedy\bin\matcli.exe

O4 - Global Startup: Logicool Desktop Messenger.lnk = C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logicool SetPoint.lnk = ?

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{9A4FCD1B-AE12-4BB5-9F4F-1B1046541BCB}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: bw+0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Arquivos de programas\Application Updater\ApplicationUpdater.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Emma Device Management (EmmaDevMgmtSvc) - Sony Ericsson Mobile Communications - C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe

O23 - Service: Emma Update Management (EmmaUpdMgmtSvc) - Sony Ericsson Mobile Communications - C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: WmiApsrv32 - Unknown owner - C:\WINDOWS\system32\wmiapsrv.exe

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Boa noite....

 

 

*Baixe o AD-Remover e salve-o no desktop

*Duplo clique em AD-R.exe

*Clique em [Clean]...aguarde o término

*Cole o relatório criado em C:\Ad-Report-CLEAN.log e novo log do hijack

Compartilhar este post

Link para o post
Compartilhar em outros sites

mi.ka    0

mi.ka
Postado

Boa Noite

Segue abaixo o que foi pedido.

 

Eu acho que clonaram minhas senhas

 

.

======= LOGFILE OF AD-REMOVER 2.0.0.0,D | ONLY XP/VISTA/7 =======

.

Updated by C_XX on 19/05/10 à 19:20

Contact: AdRemover.contact@gmail.com

Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html

.

Started: 21:27:25 le 27/05/2010 | Normal boot | Option: CLEAN

Executed from: C:\Ad-Remover\ADR.exe

OS: Microsoft Windows XP Professional (Service Pack 3 - X86)

Computer name: COMPUTADOR

Current user: Ferreira

.

============== FIXED ELEMENTS ==============

.

Service: *Application Updater*

.

C:\Arquivos de programas\Application Updater

C:\Arquivos de programas\Dealio Toolbar

C:\Arquivos de programas\Search Settings

C:\Documents and Settings\All Users\Dados de aplicativos\Trymedia

C:\Documents and Settings\Ferreira\Dados de aplicativos\Search Settings

 

(!) -- Deleted temporary files.

.

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

HKCU\Software\Search Settings

HKLM\Software\Application Updater

HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

HKLM\Software\Classes\Installer\Products\96DC878CBD58B624183A7E1157AABE19

HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}

HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}

HKLM\Software\Classes\SearchSettings.BHO

HKLM\Software\Classes\SearchSettings.BHO.1

HKLM\Software\Classes\TypeLib\{338BFB9A-EA66-7554-FB44-DF75BA3936AC}

HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}

HKLM\Software\Dealio

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\96DC878CBD58B624183A7E1157AABE19

HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C878CD69-85DB-426B-81A3-E71175AAEB91}

HKLM\Software\Search Settings

HKLM\Software\Trymedia Systems

HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{E312764E-7706-43F1-8DAB-FCDD2B1E416D}

HKLM\Software\Microsoft\Internet Explorer\Toolbar|{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}

HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings

HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Arquivos de programas\Application Updater\ApplicationUpdater.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Arquivos de programas\Search Settings\SearchSettings.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Arquivos de programas\Search Settings\SearchSettings.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Arquivos de programas\Search Settings\SearchSettingsRes409.dll

.

.

============== ADDITIONNAL SCAN ==============

.

.

* Internet Explorer Version 8.0.6001.18702 *

.

[HKCU\Software\Microsoft\Internet Explorer\Main]

.

AutoHide: yes

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

.

[HKLM\Software\Microsoft\Internet Explorer\Main]

.

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Local Page: C:\WINDOWS\system32\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

.

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

.

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

.

========================================

.

C:\Ad-Remover\Quarantine: 0 Files

C:\Ad-Remover\Backup: 12 Files

.

C:\Ad-Report-CLEAN[1].txt - 4019 Byte(s)

.

End at: 21:30:36, 27/05/2010

.

============== E.O.F - CLEAN[1] ==============

 

 

Logfile of HijackThis v1.99.1

Scan saved at 21:37:40, on 27/5/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe

C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wmiapsrv.exe

C:\Arquivos de programas\Logitech\G-series Software\LGDCore.exe

C:\Arquivos de programas\Logitech\G-series Software\LCDMon.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDClock.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDMedia.exe

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe

C:\Arquivos de programas\Arquivos comuns\LightScribe\LightScribeControlPanel.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\LogicoolDesktopMessenger.exe

C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

C:\Arquivos de programas\Logicool\SetPoint\SetPoint.exe

C:\ARQUIV~1\Magentic\bin\MgApp.exe

C:\Arquivos de programas\Arquivos comuns\Logicool\khalshared\KHALMNPR.EXE

C:\Arquivos de programas\Assistente Tecnico Speedy\bin\mpbtn.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe

d:\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: Windows® Internet Explorer - {0137B574-1292-43DE-8B02-6F24D0BA7DA1} - (no file)

O2 - BHO: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Windows® Internet Explorer - {570628E0-191D-42E4-9250-D477EAAAFF63} - C:\WINDOWS\system32\wbem\essclis.dll

O2 - BHO: Windows® Internet Explorer - {59F68C05-50C1-47EE-B505-80531CDC7302} - C:\WINDOWS\system32\wbem\essclis.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: (no name) - {C60D515C-2658-48E1-A5D4-F2DDF457B07F}A5D4-F2DDF457B07F} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RemoteControl8] "C:\Arquivos de programas\CyberLink\PowerDVD8\PDVD8Serv.exe"

O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD8\Language\Language.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Arquivos de programas\Arquivos comuns\Logicool\khalshared\KHALMNPR.EXE"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Arquivos de programas\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Arquivos de programas\Logitech\G-series Software\LCDMon.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [Motive SmartBridge] "C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe" /restart

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Arquivos de programas\Arquivos comuns\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [LDM] C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\LogicoolDesktopMessenger.exe

O4 - HKCU\..\Run: [Magentic] C:\ARQUIV~1\Magentic\bin\Magentic.exe /c

O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon

O4 - Global Startup: Assistente Tecnico Speedy.lnk = C:\Arquivos de programas\Assistente Tecnico Speedy\bin\matcli.exe

O4 - Global Startup: Logicool Desktop Messenger.lnk = C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logicool SetPoint.lnk = ?

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{9A4FCD1B-AE12-4BB5-9F4F-1B1046541BCB}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: bw+0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Emma Device Management (EmmaDevMgmtSvc) - Sony Ericsson Mobile Communications - C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe

O23 - Service: Emma Update Management (EmmaUpdMgmtSvc) - Sony Ericsson Mobile Communications - C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: WmiApsrv32 - Unknown owner - C:\WINDOWS\system32\wmiapsrv.exe

 

Aguardo com URGÊNCIA

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

1.

*Execute novamente o AD-Remover

*Clique em [uninstall]

 

2.

*Baixe o MalwareBytes Anti-malware e salve-o no desktop

*Instale o programa

*Se alguma atualização existir,o download será automático. Aguarde...

*O programa será aberto automaticamente.

*Na aba [Verificação], selecione a opção [Verificação completa]

*Clique em [Verificar] e selecione as unidades a serem examinadas

*Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados]

*Clique em [Remover Selecionados]

*Um relatório (mbam-log-ano-mês-data.txt) será apresentado.

*Cole-o na sua próxima resposta

Compartilhar este post

Link para o post
Compartilhar em outros sites

mi.ka    0

mi.ka
Postado

segue abaixo o log solicitado e também estou mandando o log do hijackthis por que o meu avg esta detectando infecção o CAVALO DE TROIA BANKER 5

 

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Versão da Base de Dados: 4156

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

30/5/2010 13:11:41

mbam-log-2010-05-30 (13-11-41).txt

 

Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|)

Objetos escaneados: 218986

Tempo decorrido: 38 minuto(s), 43 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 0

Valores de Registro Infectados: 0

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 0

Arquivos Infectados: 2

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

(Não foram detectados ítens maliciosos)

 

Valores de Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Pastas Infectadas:

(Não foram detectados ítens maliciosos)

 

Arquivos Infectados:

C:\System Volume Information\_restore{FEED49C2-DE63-4B15-AE37-5F0BBB2E4EDB}\RP449\A0111000.exe (Adware.BHO) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{FEED49C2-DE63-4B15-AE37-5F0BBB2E4EDB}\RP450\A0111037.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

 

 

 

 

E o outro log para analise ( com urgencia toda hora fica dando infecçao)

 

Logfile of HijackThis v1.99.1

Scan saved at 13:15:05, on 30/5/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\Arquivos de programas\Logitech\G-series Software\LGDCore.exe

C:\Arquivos de programas\Logitech\G-series Software\LCDMon.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe

C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDClock.exe

C:\Arquivos de programas\Arquivos comuns\LightScribe\LightScribeControlPanel.exe

C:\Arquivos de programas\Logitech\G-series Software\Applets\LCDMedia.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe

C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe

C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe

C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\LogicoolDesktopMessenger.exe

C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

C:\Arquivos de programas\Logicool\SetPoint\SetPoint.exe

C:\Arquivos de programas\Arquivos comuns\Logicool\khalshared\KHALMNPR.EXE

C:\Arquivos de programas\Assistente Tecnico Speedy\bin\mpbtn.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wmiapsrv.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe

C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe

C:\WINDOWS\system32\NOTEPAD.EXE

d:\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

R3 - URLSearchHook: (no name) - *{EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: Windows® Internet Explorer - {0137B574-1292-43DE-8B02-6F24D0BA7DA1} - (no file)

O2 - BHO: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Windows® Internet Explorer - {570628E0-191D-42E4-9250-D477EAAAFF63} - C:\WINDOWS\system32\wbem\essclis.dll

O2 - BHO: Windows® Internet Explorer - {59F68C05-50C1-47EE-B505-80531CDC7302} - C:\WINDOWS\system32\wbem\essclis.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: Windows® Internet Explorer - {ABF75EC6-3081-46BF-A6E8-4280FD9FC0E3} - C:\WINDOWS\system32\wbem\essclis.dll

O2 - BHO: (no name) - {C60D515C-2658-48E1-A5D4-F2DDF457B07F}A5D4-F2DDF457B07F} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RemoteControl8] "C:\Arquivos de programas\CyberLink\PowerDVD8\PDVD8Serv.exe"

O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD8\Language\Language.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] "C:\Arquivos de programas\Arquivos comuns\Logicool\khalshared\KHALMNPR.EXE"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Launch LGDCore] "C:\Arquivos de programas\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE

O4 - HKLM\..\Run: [Launch LCDMon] "C:\Arquivos de programas\Logitech\G-series Software\LCDMon.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [Motive SmartBridge] "C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe" /restart

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Arquivos de programas\Arquivos comuns\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [LDM] C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\LogicoolDesktopMessenger.exe

O4 - HKCU\..\Run: [Magentic] C:\ARQUIV~1\Magentic\bin\Magentic.exe /c

O4 - HKCU\..\Run: [sony Ericsson PC Suite] "C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon

O4 - Global Startup: Assistente Tecnico Speedy.lnk = C:\Arquivos de programas\Assistente Tecnico Speedy\bin\matcli.exe

O4 - Global Startup: Logicool Desktop Messenger.lnk = C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Logicool SetPoint.lnk = ?

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - http://launch.gamespyarcade.com/software/launch/alaunch.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{9A4FCD1B-AE12-4BB5-9F4F-1B1046541BCB}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: bw+0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: offline-8876480 - {EB9C5515-ED80-4A59-92F7-27147891BB85} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: Emma Device Management (EmmaDevMgmtSvc) - Sony Ericsson Mobile Communications - C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe

O23 - Service: Emma Update Management (EmmaUpdMgmtSvc) - Sony Ericsson Mobile Communications - C:\Arquivos de programas\Arquivos comuns\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Arquivos de programas\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: WmiApsrv32 - Unknown owner - C:\WINDOWS\system32\wmiapsrv.exe

Compartilhar este post

Link para o post
Compartilhar em outros sites

mi.ka    0

mi.ka
Postado

Arquivo esscli.dll recebido em 2010.05.31 03:28:56 (UTC)

Andamento: Carregando ... na fila aguardando analisando terminado NÃO ENCONTRADO PARADO

 

 

Resultado: 0/41 (0%)

Carregando informação do servidor...

O seu arquivo está na posição: 1.

Tempo estimado de início é entre 42 e 60 segundos.

Não feche a janela até que a análise esteja completa.

O mecanismo que estava processando o arquivo parou, nós esperaremos alguns segundos para tentar recuperar o resultado.

Se estiver esperando por mais de cinco minutos, você terá que reenviar o arquivo.

O seu arquivo está sendo analisado por VirusTotal no momento,

os resultados serão exibidos assim que forem gerados.

Modo compacto Imprimir resultados

O seu arquivo expirou ou não existe.

O serviço está parado no momento, o seu arquivo está esperando para ser analisado (posição: ) por tempo indeterminado.

 

Você pode aguardar por resposta na página (atualização automática) ou digite o seu email no campo abaixo e clique em "enviar" para que o sistema envie uma notificação quando a análise terminar.

Email:

 

 

Antivírus Versão Última Atualização Resultado

a-squared 4.5.0.50 2010.05.10 -

AhnLab-V3 2010.05.30.00 2010.05.29 -

AntiVir 8.2.1.242 2010.05.30 -

Antiy-AVL 2.0.3.7 2010.05.26 -

Authentium 5.2.0.5 2010.05.31 -

Avast 4.8.1351.0 2010.05.30 -

Avast5 5.0.332.0 2010.05.30 -

AVG 9.0.0.787 2010.05.31 -

BitDefender 7.2 2010.05.31 -

CAT-QuickHeal 10.00 2010.05.29 -

ClamAV 0.96.0.3-git 2010.05.30 -

Comodo 4959 2010.05.31 -

DrWeb 5.0.2.03300 2010.05.31 -

eSafe 7.0.17.0 2010.05.30 -

eTrust-Vet 35.2.7519 2010.05.29 -

F-Prot 4.6.0.103 2010.05.31 -

F-Secure 9.0.15370.0 2010.05.31 -

Fortinet 4.1.133.0 2010.05.30 -

GData 21 2010.05.31 -

Ikarus T3.1.1.84.0 2010.05.31 -

Jiangmin 13.0.900 2010.05.30 -

Kaspersky 7.0.0.125 2010.05.31 -

McAfee 5.400.0.1158 2010.05.31 -

McAfee-GW-Edition 2010.1 2010.05.31 -

Microsoft 1.5802 2010.05.31 -

NOD32 5156 2010.05.30 -

Norman 6.04.12 2010.05.30 -

nProtect 2010-05-30.01 2010.05.30 -

Panda 10.0.2.7 2010.05.30 -

PCTools 7.0.3.5 2010.05.31 -

Prevx 3.0 2010.05.31 -

Rising 22.50.00.01 2010.05.31 -

Sophos 4.53.0 2010.05.31 -

Sunbelt 6380 2010.05.31 -

Symantec 20101.1.0.89 2010.05.31 -

TheHacker 6.5.2.0.290 2010.05.30 -

TrendMicro 9.120.0.1004 2010.05.30 -

TrendMicro-HouseCall 9.120.0.1004 2010.05.31 -

VBA32 3.12.12.5 2010.05.29 -

ViRobot 2010.5.20.2326 2010.05.28 -

VirusBuster 5.0.27.0 2010.05.30 -

Informações adicionais

File size: 247808 bytes

MD5...: 59cb21d51408ca313208254a955bf93c

SHA1..: c82e444e77bec535f9dbac9ab164da85af8f4f40

SHA256: c2d7996432640cd3674437401ad18af9f62138b7358a4d639af70e1b3835b703

ssdeep: 3072:R5f69pA/H0EN38TSLKr4EbOI3SqrlFCaoPaDm8fwmwSx:RNPNoIuxySSoSd

8

 

PEiD..: -

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x2d702

timedatestamp.....: 0x4802bf1a (Mon Apr 14 02:19:06 2008)

machinetype.......: 0x14c (I386)

 

( 4 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x37ebd 0x38000 6.53 0d92c889cf91bc0950d2155d5965f261

.data 0x39000 0x3bc 0x400 2.58 7ef83f87b8ff1ce5b037c892a2958dce

.rsrc 0x3a000 0x3c0 0x400 3.25 6dccd33c73e12b71188f42ab91ca6088

.reloc 0x3b000 0x3b1c 0x3c00 5.51 c1a0bdda43c375f40a64271d484a25d2

 

( 8 imports )

> msvcrt.dll: atol, sscanf, _vsnprintf, wcsncpy, _onexit, __dllonexit, __1type_info@@UAE@XZ, _terminate@@YAXXZ, _adjust_fdiv, malloc, _initterm, free, _except_handler3, _vsnwprintf, wcscmp, _ftol, wcslen, wcschr, fprintf, iswspace, _CxxThrowException, __CxxFrameHandler, _purecall

> MSVCP60.dll: __1_Lockit@std@@QAE@XZ, __0_Lockit@std@@QAE@XZ

> wbemcomn.dll: _GetText@QL_LEVEL_1_TOKEN@@QAEPAGXZ, _ChangeTypeTo@CVar@@QAEHG@Z, _IsDataNull@CVar@@QAEHXZ, _SetVariant@CVar@@QAEHPAUtagVARIANT@@H@Z, __0CPropertyName@@QAE@XZ, _GetText@QL_LEVEL_1_RPN_EXPRESSION@@QAEPAGXZ, _Empty@CWStringArray@@QAEXXZ, _Union@CWStringArray@@SGXAAV1@00@Z, __4CWStringArray@@QAEAAV0@AAV0@@Z, __0QL_LEVEL_1_RPN_EXPRESSION@@QAE@XZ, _NormalizeCimDateTime@@YGHPBGPAPAG@Z, _FindStr@CWStringArray@@QAEHPBGH@Z, __0CDateTimeParser@@QAE@PBG@Z, _FillDMTF@CDateTimeParser@@QAEHPAGI@Z, _SetDMTF@CWbemTime@@QAEHPBG@Z, __1CDateTimeParser@@QAE@XZ, __0QL_LEVEL_1_TOKEN@@QAE@XZ, _AddToken@QL_LEVEL_1_RPN_EXPRESSION@@QAEXABUQL_LEVEL_1_TOKEN@@@Z, __0QL1_Parser@@QAE@PAVCGenLexSource@@@Z, _Parse@QL1_Parser@@QAEHPAPAUQL_LEVEL_1_RPN_EXPRESSION@@@Z, __1QL1_Parser@@UAE@XZ, _ChangeVariantToCIMTYPE@@YGJPAUtagVARIANT@@0J@Z, __4CLike@@QAEAAV0@ABV0@@Z, __1CLike@@QAE@XZ, __0WString@@QAE@XZ, _UnbindPtr@WString@@QAEPAGXZ, _Init@CVar@@AAEXXZ, __1CVar@@QAE@XZ, __8CPropertyName@@QAEHABU_tag_WbemPropertyName@@@Z, __4WString@@QAEAAV0@ABV0@@Z, _Match@CLike@@QAE_NPBG@Z, __1QL_LEVEL_1_RPN_EXPRESSION@@QAE@XZ, _SetExpression@CLike@@QAEXPBGG@Z, __4WString@@QAEAAV0@PBG@Z, __0CLike@@QAE@PBGG@Z, _AddElement@CPropertyName@@QAEXPBG@Z, _Init@CPropertyName@@QAEXXZ, _RemoveAt@CFlexArray@@QAEHH@Z, _EnsureExtent@CFlexArray@@QAEHH@Z, _Empty@CPropertyName@@QAEXXZ, _Add@CWStringArray@@QAEHPBG@Z, __0WString@@QAE@PAGH@Z, __0WString@@QAE@PBG@Z, _ReadI64@@YGHPBGAA_J@Z, _ReadUI64@@YGHPBGAA_K@Z, _DeleteString@WString@@AAEXPAG@Z, __1WString@@QAE@XZ, __4CPropertyName@@QAEXABV0@@Z, __0CFlexArray@@QAE@AAV0@@Z, _CopyDataFrom@CFlexArray@@QAEHABV1@@Z, _UnbindPtr@CFlexArray@@QAEPAPAXXZ, __4CFlexArray@@QAEAAV0@AAV0@@Z, __0CPropertyName@@QAE@ABV0@@Z, __0CWStringArray@@QAE@HH@Z, __1CPropertyName@@QAE@XZ, __1CWStringArray@@QAE@XZ, __0QL_LEVEL_1_TOKEN@@QAE@ABU0@@Z, _Empty@CFlexArray@@QAEXXZ, _InsertAt@CFlexArray@@QAEHHPAX@Z, _GetNumElements@CPropertyName@@QBEJXZ, __0CFlexArray@@QAE@HH@Z, __1CFlexArray@@QAE@XZ, __1QL_LEVEL_1_TOKEN@@QAE@XZ, _Enqueue@CFlexQueue@@QAE_NPAX@Z, __0CInCritSec@@QAE@PAU_RTL_CRITICAL_SECTION@@@Z, _GetQueueSize@CFlexQueue@@QBEHXZ, _Unqueue@CFlexQueue@@QAEPAXXZ, __1CInCritSec@@QAE@XZ, __0CCritSec@@QAE@XZ, __0CFlexQueue@@QAE@H@Z, _ErrorTrace@@YAHDPBDZZ, _Enter@CWbemCriticalSection@@QAEHK@Z, _Leave@CWbemCriticalSection@@QAEXXZ, __1CNtSid@@QAE@XZ, __0CNtSid@@QAE@W4SidType@0@@Z, __1CWbemCriticalSection@@QAE@XZ, __0CWbemCriticalSection@@QAE@XZ, _Release@CUnkInternal@@UAGKXZ, _AddRef@CUnkInternal@@UAGKXZ, _QueryInterface@CUnkInternal@@UAGJABU_GUID@@PAPAX@Z, __0CUnkInternal@@QAE@PAVCLifeControl@@@Z, ___7CUnkInternal@@6B@, _GetStringAt@CPropertyName@@QBEPBGJ@Z, __1CCritSec@@QAE@XZ, __1CFlexQueue@@QAE@XZ, _WbemMemFree@CWin32DefaultArena@@SAHPAX@Z, _WbemMemAlloc@CWin32DefaultArena@@SAPAXK@Z, __1CUnkInternal@@UAE@XZ

> FastProx.dll: _WbemStringCopy@@YGPAGPBG@Z, _GetVARTYPE@CType@@SGGK@Z, __0CInternalString@@QAE@PBG@Z, __4CInternalString@@QAEAAV0@ABV0@@Z, _GetLength@CCompressedString@@QBEHXZ, _CreateBSTRCopy@CCompressedString@@QBEPAGXZ, _ComputeNecessarySpace@CCompressedString@@SGHPBG@Z, _GetParentAtIndex@CWbemObject@@QAEPAVCCompressedString@@H@Z, _SetFromUnicode@CCompressedString@@QAEXPBG@Z, _CheapCompare@CCompressedString@@QBEHABV1@@Z, _AcquireCompressedString@CInternalString@@QAEXPAVCCompressedString@@@Z, __BCInternalString@@QBE_AVWString@@XZ, __0CInternalString@@QAE@ABV0@@Z, __1CInternalString@@QAE@XZ, _CompareNoCase@CCompressedString@@QBEHABV1@@Z, _CreateWStringCopy@CCompressedString@@QBE_AVWString@@XZ

> KERNEL32.dll: CreateThread, WaitForMultipleObjects, Sleep, ResetEvent, CloseHandle, SetEvent, EnterCriticalSection, VirtualAlloc, VirtualQuery, VirtualFree, LCMapStringW, DeleteCriticalSection, LeaveCriticalSection, InterlockedDecrement, InterlockedIncrement, WaitForSingleObject, HeapReAlloc, HeapFree, GetProcessHeap, HeapAlloc, GetModuleFileNameW, DisableThreadLibraryCalls, lstrlenW, InitializeCriticalSection, DebugBreak, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, GetSystemTimeAsFileTime, LoadLibraryW, GetProcAddress, FreeLibrary, SetLastError, GetLastError, GetCurrentProcessId, CreateEventW

> ADVAPI32.dll: GetSecurityDescriptorLength, RegOpenKeyW, RegSetValueExW, GetLengthSid, InitializeSecurityDescriptor, InitializeAcl, AddAccessAllowedAce, IsValidAcl, SetSecurityDescriptorDacl, SetSecurityDescriptorGroup, SetSecurityDescriptorOwner, RegCreateKeyW, RegCloseKey, AllocateAndInitializeSid, EqualSid, FreeSid, IsValidSecurityDescriptor, RegDeleteKeyW

> OLEAUT32.dll: -, -, -, -, -, -

> ole32.dll: CoInitialize, CoMarshalInterThreadInterfaceInStream, CoGetCallContext, CoUnmarshalInterface, CoCreateInstance, CoInitializeEx, CoGetInterfaceAndReleaseStream, CoUninitialize, CoReleaseMarshalData, CoMarshalInterface, CoGetMarshalSizeMax, CoTaskMemFree, StringFromGUID2

 

( 167 exports )

__0CClassInfoArray@@QAE@XZ, __0CClassInformation@@QAE@ABU0@@Z, __0CClassInformation@@QAE@XZ, __0CContextMetaData@@QAE@PAVCMetaData@@PAUIWbemContext@@@Z, __0CEvalNode@@QAE@ABV0@@Z, __0CEvalNode@@QAE@XZ, __0CEvalTree@@QAE@ABV0@@Z, __0CEvalTree@@QAE@XZ, __0CMetaData@@QAE@ABV0@@Z, __0CMetaData@@QAE@XZ, __0CObjectInfo@@QAE@XZ, __0CPropertyProjectionFilter@@QAE@ABV0@@Z, __0CPropertyProjectionFilter@@QAE@XZ, __0CReuseMemoryManager@@QAE@II@Z, __0CSortedArray@@QAE@AAV0@@Z, __0CSortedArray@@QAE@HH@Z, __0CSortedArray@@QAE@IPAK@Z, __0CStandardMetaData@@QAE@ABV0@@Z, __0CStandardMetaData@@QAE@PAUIWbemServices@@@Z, __0CTempMemoryManager@@QAE@XZ, __0CTimeKeeper@@QAE@XZ, __1CClassInfoArray@@QAE@XZ, __1CClassInformation@@QAE@XZ, __1CContextMetaData@@QAE@XZ, __1CEvalNode@@UAE@XZ, __1CEvalTree@@QAE@XZ, __1CMetaData@@UAE@XZ, __1CObjectInfo@@QAE@XZ, __1CPropertyProjectionFilter@@QAE@XZ, __1CReuseMemoryManager@@QAE@XZ, __1CSortedArray@@QAE@XZ, __1CStandardMetaData@@UAE@XZ, __1CTempMemoryManager@@QAE@XZ, __1CTimeKeeper@@QAE@XZ, __4CClassInfoArray@@QAE_NAAV0@@Z, __4CClassInformation@@QAEAAU0@ABU0@@Z, __4CContextMetaData@@QAEAAV0@ABV0@@Z, __4CEvalTree@@QAEXABV0@@Z, __4CMetaData@@QAEAAV0@ABV0@@Z, __4CObjectInfo@@QAEAAV0@ABV0@@Z, __4CPropertyProjectionFilter@@QAEAAV0@ABV0@@Z, __4CQueryAnalyser@@QAEAAV0@ABV0@@Z, __4CReuseMemoryManager@@QAEAAV0@ABV0@@Z, __4CSortedArray@@QAEXABV0@@Z, __4CStandardMetaData@@QAEAAV0@ABV0@@Z, __4CTempMemoryManager@@QAEAAV0@ABV0@@Z, __4CTimeKeeper@@QAEAAV0@ABV0@@Z, ___7CEvalNode@@6B@, ___7CMetaData@@6B@, ___7CPropertyProjectionFilter@@6B@, ___7CStandardMetaData@@6B@, ___FCSortedArray@@QAEXXZ, _Add@CSortedArray@@QAEHK@Z, _AddClass@CClassInfoArray@@QAE_NPAUCClassInformation@@@Z, _AddDataFrom@CSortedArray@@QAEHABV1@@Z, _AddDataFrom@CSortedArray@@QAEHPBKI@Z, _AddProperty@CPropertyProjectionFilter@@QAE_NABVCPropertyName@@@Z, _AddRef@CMetaData@@UAGKXZ, _Allocate@CReuseMemoryManager@@QAEPAXXZ, _Allocate@CTempMemoryManager@@QAEPAXI@Z, _AndDefiniteClassArrays@CQueryAnalyser@@KGJPAVCClassInfoArray@@00@Z, _AndPossibleClassArrays@CQueryAnalyser@@KGJPAVCClassInfoArray@@00@Z, _AndQueryExpressions@CQueryAnalyser@@KGJPAUQL_LEVEL_1_RPN_EXPRESSION@@00@Z, _AppendQueryExpression@CQueryAnalyser@@KGXPAUQL_LEVEL_1_RPN_EXPRESSION@@0@Z, _ApplyPredicate@CEvalTree@@QAEJPAVCLeafPredicate@@@Z, _BuildFromToken@CEvalTree@@SGJPAVCContextMetaData@@AAVCImplicationList@@AAUQL_LEVEL_1_TOKEN@@PAPAVCEvalNode@@@Z, _BuildTwoPropFromToken@CEvalTree@@SGJPAVCContextMetaData@@AAVCImplicationList@@AAUQL_LEVEL_1_TOKEN@@PAPAVCEvalNode@@@Z, _CanPointToClass@CQueryAnalyser@@SGJPAUIWbemClassObject@@PBG1PAVCContextMetaData@@@Z, _Clear@CClassInfoArray@@QAEXXZ, _Clear@CEvalTree@@QAE_NXZ, _Clear@CObjectInfo@@QAEXXZ, _Clear@CReuseMemoryManager@@QAEXXZ, _Clear@CStandardMetaData@@QAEXXZ, _Clear@CTempMemoryManager@@QAEXXZ, _CloneNode@CEvalNode@@SGPAV1@PBV1@@Z, _Combine@CEvalTree@@SGJPAVCEvalNode@@0HPAVCContextMetaData@@AAVCImplicationList@@_N3PAPAV2@@Z, _CombineLeafWithBranch@CEvalTree@@KGJPAVCValueNode@@PAVCBranchingNode@@HPAVCContextMetaData@@AAVCImplicationList@@_N4PAPAVCEvalNode@@@Z, _CombineWith@CEvalTree@@QAEJAAV1@PAVCContextMetaData@@HJ@Z, _Compare@CEvalTree@@SGHPAVCEvalNode@@0@Z, _Compare@CSortedArray@@QAEHAAV1@@Z, _CompareRequestedToProvided@CQueryAnalyser@@SGHAAVCClassInfoArray@@0@Z, _CopyDataFrom@CSortedArray@@QAEHABV1@@Z, _CopyDataFrom@CSortedArray@@QAEHPBKI@Z, _CopyTo@CSortedArray@@QAEIPAKI@Z, _CreateFromConjunction@CEvalTree@@SGJPAVCContextMetaData@@AAVCImplicationList@@PAVCConjunction@@PAPAVCEvalNode@@@Z, _CreateFromDNF@CEvalTree@@QAEJPAVCContextMetaData@@AAVCImplicationList@@PAVCDNFExpression@@PAPAVCEvalNode@@@Z, _CreateFromQuery@CEvalTree@@QAEJPAVCContextMetaData@@PAUQL_LEVEL_1_RPN_EXPRESSION@@JJ@Z, _CreateFromQuery@CEvalTree@@QAEJPAVCContextMetaData@@PBGHPAUQL_LEVEL_1_TOKEN@@JJ@Z, _CreateFromQuery@CEvalTree@@QAEJPAVCContextMetaData@@PBGJJ@Z, _CreateProjection@CEvalTree@@QAEJAAV1@PAVCContextMetaData@@PAVCProjectionFilter@@W4EProjectionType@@_N@Z, _DecorateObject@CTimeKeeper@@QAE_NPAU_IWmiObject@@@Z, _Empty@CSortedArray@@QAEXXZ, _Evaluate@CEvalTree@@QAEJPAUIWbemObjectAccess@@AAVCSortedArray@@@Z, _Evaluate@CEvalTree@@SGJAAVCObjectInfo@@PAVCEvalNode@@AAVCSortedArray@@@Z, _Find@CSortedArray@@QAEIK@Z, _Free@CReuseMemoryManager@@QAEXPAX@Z, _Free@CTempMemoryManager@@QAEXPAXI@Z, _GetAccessMask@@YGJPAXPAU_ACL@@PAK@Z, _GetArrayPtr@CSortedArray@@QAEPAKXZ, _GetAt@CSortedArray@@QAEKH@Z, _GetClass@CClassInfoArray@@QAEPAUCClassInformation@@H@Z, _GetClass@CContextMetaData@@QAEJPBGPAPAU_IWmiObject@@@Z, _GetClass@CMetaData@@UAGJPBGPAUIWbemContext@@PAPAUIWbemClassObject@@@Z, _GetClass@CStandardMetaData@@UAEJPBGPAUIWbemContext@@PAPAU_IWmiObject@@@Z, _GetDefiniteInstanceClasses@CQueryAnalyser@@SGJPAUQL_LEVEL_1_RPN_EXPRESSION@@AAPAVCClassInfoArray@@@Z, _GetInstanceClasses@CQueryAnalyser@@KGJAAUQL_LEVEL_1_TOKEN@@AAVCClassInfoArray@@@Z, _GetLength@CObjectInfo@@QAEJXZ, _GetLimitingQueryForInstanceClass@CQueryAnalyser@@SGJPAUQL_LEVEL_1_RPN_EXPRESSION@@AAUCClassInformation@@AAPAG@Z, _GetNecessaryQueryForClass@CQueryAnalyser@@SGJPAUQL_LEVEL_1_RPN_EXPRESSION@@PAUIWbemClassObject@@AAVCWStringArray@@AAPAU2@@Z, _GetNecessaryQueryForProperty@CQueryAnalyser@@SGJPAUQL_LEVEL_1_RPN_EXPRESSION@@AAVCPropertyName@@AAPAU2@@Z, _GetNumClasses@CClassInfoArray@@QAEHXZ, _GetObjectAt@CObjectInfo@@QAEPAU_IWmiObject@@J@Z, _GetPossibleInstanceClasses@CQueryAnalyser@@SGJPAUQL_LEVEL_1_RPN_EXPRESSION@@AAPAVCClassInfoArray@@@Z, _GetPropertiesThatMustDiffer@CQueryAnalyser@@KGJPAUQL_LEVEL_1_RPN_EXPRESSION@@AAUCClassInformation@@AAVCWStringArray@@@Z, _GetType@CEvalNode@@SGHPAV1@@Z, _InnerCombine@CEvalTree@@KGJPAVCEvalNode@@0HPAVCContextMetaData@@AAVCImplicationList@@_N3PAPAV2@@Z, _Insert@CSortedArray@@QAEXK@Z, _IsAllFalse@CEvalNode@@SG_NPAV1@@Z, _IsAllFalse@CEvalNode@@UAE_NXZ, _IsFalse@CEvalTree@@QAE_NXZ, _IsInSet@CPropertyProjectionFilter@@UAE_NPAVCEvalNode@@@Z, _IsInvalid@CEvalNode@@SG_NPAV1@@Z, _IsInvalid@CEvalNode@@UAE_NXZ, _IsLimited@CClassInfoArray@@QAEHXZ, _IsMergeAdvisable@CEvalTree@@SGJPAVCEvalNode@@0AAVCImplicationList@@@Z, _IsNoop@CEvalNode@@SG_NPAV1@H@Z, _IsNoop@CEvalNode@@UAE_NH@Z, _IsPropertyInClass@CQueryAnalyser@@KGHAAVCPropertyName@@PAUIWbemClassObject@@AAVCWStringArray@@@Z, _IsTokenAboutClass@CQueryAnalyser@@KGHAAUQL_LEVEL_1_TOKEN@@PAUIWbemClassObject@@AAVCWStringArray@@@Z, _IsTokenAboutProperty@CQueryAnalyser@@KGHAAUQL_LEVEL_1_TOKEN@@AAVCPropertyName@@@Z, _IsUserAdministrator@@YGJPAX@Z, _IsUserInGroup@@YGJPAX0@Z, _IsValid@CEvalTree@@QAE_NXZ, _NegateDefiniteClassArray@CQueryAnalyser@@KGJPAVCClassInfoArray@@0@Z, _NegatePossibleClassArray@CQueryAnalyser@@KGJPAVCClassInfoArray@@0@Z, _NegateQueryExpression@CQueryAnalyser@@KGJPAUQL_LEVEL_1_RPN_EXPRESSION@@0@Z, _Optimize@CEvalNode@@UAEJPAVCContextMetaData@@PAPAV1@@Z, _Optimize@CEvalTree@@QAEJPAVCContextMetaData@@@Z, _OrDefiniteClassArrays@CQueryAnalyser@@KGJPAVCClassInfoArray@@00@Z, _OrPossibleClassArrays@CQueryAnalyser@@KGJPAVCClassInfoArray@@00@Z, _OrQueryExpressions@CQueryAnalyser@@KGJPAUQL_LEVEL_1_RPN_EXPRESSION@@00@Z, _PrintOffset@CEvalNode@@SGXPAU_iobuf@@H@Z, _Project@CEvalTree@@SGJPAVCContextMetaData@@AAVCImplicationList@@PAVCEvalNode@@PAVCProjectionFilter@@W4EProjectionType@@_NPAPAV4@@Z, _QueryInterface@CMetaData@@UAGJABU_GUID@@PAPAX@Z, _Rebase@CEvalTree@@QAEXK@Z, _Rebase@CSortedArray@@QAEXK@Z, _Release@CMetaData@@UAGKXZ, _Remove@CSortedArray@@QAE_NK@Z, _RemoveClass@CClassInfoArray@@QAEXH@Z, _RemoveIndex@CEvalTree@@QAEJH@Z, _RoundUp@CTempMemoryManager@@IAEII@Z, _SetBool@CEvalTree@@QAE_NH@Z, _SetLength@CObjectInfo@@QAE_NJ@Z, _SetLimited@CClassInfoArray@@QAEXH@Z, _SetObjectAt@CObjectInfo@@QAEXJPAU_IWmiObject@@@Z, _SetOne@CClassInfoArray@@QAE_NPBGH@Z, _SetSize@CSortedArray@@QAEXH@Z, _SimplifyQueryForChild@CQueryAnalyser@@SGJPAUQL_LEVEL_1_RPN_EXPRESSION@@PBGPAUIWbemClassObject@@PAVCContextMetaData@@AAPAU2@@Z, _SimplifyTokenForChild@CQueryAnalyser@@KGHAAUQL_LEVEL_1_TOKEN@@PBGPAUIWbemClassObject@@PAVCContextMetaData@@@Z, _Size@CSortedArray@@QBEHXZ, _UnbindPtr@CSortedArray@@QAEPAKXZ, _UtilizeGuarantee@CEvalTree@@QAEJAAV1@PAVCContextMetaData@@@Z, _ValidateSQLDateTime@CQueryAnalyser@@KGHPBG@Z, DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer

 

RDS...: NSRL Reference Data Set

-

pdfid.: -

trid..: DirectShow filter (52.6%)

Windows OCX File (32.2%)

Win32 Executable MS Visual C++ (generic) (9.8%)

Win32 Executable Generic (2.2%)

Win32 Dynamic Link Library (generic) (1.9%)

sigcheck:

publisher....: Microsoft Corporation

copyright....: © Microsoft Corporation. All rights reserved.

product......: Microsoft_ Windows_ Operating System

description..: WMI

original name: esscli.dll

internal name: esscli.dll

file version.: 5.1.2600.5512 (xpsp.080413-2108)

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

 

 

 

ATENÇÃO: VirusTotal é um serviço gratuito oferecido por Hispasec Sistemas. Não há garantias quanto à disponibilidade e continuidade desse serviço. Apesar da taxa de detecção proporcionada pelo uso de múltiplos mecanismos de antivírus ser muito superior àquela oferecida por um único produto, os resultados NÃO garantem a possibilidade de um arquivo ser inofensivo. Atualmente, não há qualquer solução que ofereça 100% de eficiência na detecção de vírus e arquivos maliciosos..

 

analisis/c2d7996432640cd3674437401ad18af9f62138b7358a4d639af70e1b3835b703-1275276536

Compartilhar este post

Link para o post
Compartilhar em outros sites

wings    22

wings
Postado

Você enviou o arquivo errado.

 

Observe:

 

O arquivo enviado foi:

C:\WINDOWS\system32\wbem\esscli.dll

 

O arquivo que desejamos é:

C:\WINDOWS\system32\wbem\essclis.dll

 

Repita novamente a análise no virustotal.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito