Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
Renato Caldas

analizem meus log por favor

Recommended Posts

ola pessoal peço a vocês q por favor de uma olhada nesses meus logs (DDS e Gmer) meu pc esta muito estranho reinicia do nada não reconhece meu 2º hd q ja tenho a muito tempo e fica lento

*******************************************************

DDS (Version 1.0.1) - NTFSx86

Run by Administrador at 14:39:01,48 on seg 15/12/2008

Internet Explorer: 7.0.5730.13

Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.1023.659 [GMT -2:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\Arquivos de programas\Eset\nod32kui.exe

C:\Arquivos de programas\VIA Technologies, INC\Audio Deck\ADeck.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\UberIcon\UberIcon Manager.exe

C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Administrador\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = www.google.com.br/

mWinlogon: SfcDisable=-99 (0xffffff9d)

BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\arquiv~1\micros~1\office12\GRA8E1~1.DLL

BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [uberIcon] "c:\arquivos de programas\ubericon\UberIcon Manager.exe"

uRun: [MsnMsgr] "c:\arquivos de programas\windows live\messenger\MsnMsgr.Exe" /background

mRun: [nod32kui] "c:\arquivos de programas\eset\nod32kui.exe" /WAITSERVICE

mRun: [amd_dc_opt] c:\arquivos de programas\amd\dual-core optimizer\amd_dc_opt.exe

mRun: [QuickTime Task] "c:\arquivos de programas\quicktime\qttask.exe" -atboottime

mRun: [AudioDeck] c:\arquivos de programas\via technologies, inc\audio deck\ADeck.exe

dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32

dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

uPolicies-explorer: ForceClassicControlPanel = 1 (0x1)

uPolicies-explorer: NoSMHelp = 1 (0x1)

uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)

dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)

dPolicies-explorer: NoSMHelp = 1 (0x1)

dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~1\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\arquiv~1\micros~1\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~1\office12\REFIEBAR.DLL

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

LSP: c:\windows\system32\imon.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquiv~1\micros~1\office12\GR99D3~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\arquiv~1\micros~1\office12\GRA8E1~1.DLL

================= FIREFOX ===================

============= SERVICES / DRIVERS ===============

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-11-27 15424]

R2 NOD32krn;NOD32 Kernel Service;"c:\arquivos de programas\eset\nod32krn.exe" [2008-11-27 552064]

S3 npkycryp;npkycryp;\??\c:\arquivos de programas\ragnarok online\npkycryp.sys []

=============== Created Last 30 ================

2008-12-14 17:39 <DIR> --d----- c:\arquivos de programas\Flash Slideshow Maker Professional

2008-12-14 17:38 1,409 a------- c:\windows\system32\tmp639BD.FOT

2008-12-14 17:38 1,409 a------- c:\windows\system32\tmpE35BD.FOT

2008-12-14 17:38 1,409 a------- c:\windows\system32\tmpB58BD.FOT

2008-12-14 17:38 1,409 a------- c:\windows\system32\tmp676BD.FOT

2008-12-14 17:38 1,409 a------- c:\windows\system32\tmp167BD.FOT

2008-12-12 23:58 <DIR> --d----- c:\arquivos de programas\NeoInter

2008-12-12 19:34 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Anvsoft

2008-12-12 19:11 <DIR> --d----- c:\windows\SlideShow Ultra Gold Data

2008-12-12 19:09 307,200 -------- c:\windows\Setup1.exe

2008-12-12 19:09 73,216 a------- c:\windows\ST6UNST.EXE

2008-12-12 18:51 499,712 a------- c:\windows\system32\msvcp71.dll

2008-12-12 18:49 <DIR> --d----- c:\windows\system32\Adobe

2008-12-12 18:47 1,409 a------- c:\windows\system32\tmpBAB54.FOT

2008-12-12 18:47 1,409 a------- c:\windows\system32\tmp6D954.FOT

2008-12-12 18:47 1,409 a------- c:\windows\system32\tmp1CA54.FOT

2008-12-12 18:47 1,409 a------- c:\windows\system32\tmpCF854.FOT

2008-12-12 18:47 1,409 a------- c:\windows\system32\tmp2E754.FOT

2008-12-12 18:00 2,423 a------- c:\windows\BorisFX9.2.ini

2008-12-12 17:23 237,568 a----r-- c:\windows\system32\qtmlClient.dll

2008-12-12 17:23 69,632 a------- c:\windows\system32\MtxPreview.dll

2008-12-12 17:23 49,152 a------- c:\windows\system32\MtxParhBFXPreview.dll

2008-12-12 17:23 49,152 a------- c:\windows\system32\CvoAPI.dll

2008-12-12 17:23 45,056 a------- c:\windows\system32\BFXSrcFilter.ax

2008-12-12 17:23 <DIR> --d----- C:\Presets

2008-12-12 13:48 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Apple

2008-12-12 13:38 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\SmartSound Software Inc

2008-12-12 13:04 <DIR> --d----- c:\docume~1\admini~1\dadosd~1\VSRevoGroup

2008-12-11 20:31 <DIR> --d----- c:\windows\Downloaded Installations

2008-12-11 13:46 311,296 a------- c:\windows\system32\AegisI5.exe

2008-12-11 13:46 290,918 a------- c:\windows\system32\Install7x.dll

2008-12-11 13:46 245,376 a------- c:\windows\system32\drivers\rt2500usb.sys

2008-12-11 13:46 138 a------- c:\windows\filespec7x

2008-12-11 13:46 252,928 a------- c:\windows\system32\drivers\rt73.sys

2008-12-11 13:46 2,048 a------- c:\windows\system32\drivers\rt73.bin

2008-12-11 13:45 20,747 a------- c:\windows\system32\drivers\AegisP.sys

2008-12-11 13:45 <DIR> --d----- c:\arquivos de programas\RALINK

2008-12-10 23:21 268 a---h--- C:\sqmdata04.sqm

2008-12-10 23:21 244 a---h--- C:\sqmnoopt04.sqm

2008-12-10 20:31 90,112 a------- c:\windows\unvise32.exe

2008-12-10 20:26 <DIR> --d----- c:\arquivos de programas\Pinnacle

2008-12-10 11:46 38 a------- c:\windows\AviSplitter.INI

2008-12-09 12:02 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Napster

2008-12-07 00:19 <DIR> --d----- c:\arquivos de programas\VS Revo Group

2008-12-07 00:08 34,304 a------- c:\windows\system32\drivers\AmdLLD.sys

2008-12-07 00:08 <DIR> --d----- c:\arquivos de programas\AMD

2008-12-06 21:31 <DIR> --d----- c:\arquivos de programas\Ragnarok Online

2008-12-05 00:36 268 a---h--- C:\sqmdata03.sqm

2008-12-05 00:36 244 a---h--- C:\sqmnoopt03.sqm

2008-12-03 20:17 <DIR> --d----- c:\arquivos de programas\SpeedBit Video Accelerator

2008-12-03 01:28 <DIR> a-d----- c:\windows\system32\Shell

2008-12-03 01:28 1,062,032 a------- c:\windows\system32\Pattern.msstyles

2008-12-03 00:37 <DIR> --d----- c:\docume~1\admini~1\dadosd~1\ADPHONE

2008-11-29 17:44 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Real

2008-11-28 03:48 2,901 a------- c:\windows\system32\Oemlogo.BMP

2008-11-28 03:30 <DIR> --d-h--- c:\windows\system32\GroupPolicy

2008-11-27 16:16 717,296 a------- c:\windows\system32\drivers\sptd.sys

2008-11-27 14:29 512,096 a------- c:\windows\system32\drivers\amon.sys

2008-11-27 14:29 298,104 a------- c:\windows\system32\imon.dll

2008-11-27 14:29 15,424 a------- c:\windows\system32\drivers\nod32drv.sys

2008-11-27 14:28 <DIR> --d----- c:\arquivos de programas\ESET

2008-11-27 14:27 421,888 a------- c:\windows\system32\ac3filter.acm

2008-11-27 14:26 <DIR> --d----- c:\arquivos de programas\XP Codec Pack

2008-11-26 23:52 <DIR> --d----- c:\arquivos de programas\Enigma Software Group

2008-11-26 13:23 268 a---h--- C:\sqmdata02.sqm

2008-11-26 13:23 244 a---h--- C:\sqmnoopt02.sqm

2008-11-26 13:05 268 a---h--- C:\sqmdata01.sqm

2008-11-26 13:05 244 a---h--- C:\sqmnoopt01.sqm

2008-11-26 12:19 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Avg8

2008-11-25 23:41 2,455,488 -------- c:\windows\system32\dllcache\ieapfltr.dat

2008-11-25 23:41 1,024,000 -------- c:\windows\system32\dllcache\ieframe.dll.mui

2008-11-25 23:41 267,776 -------- c:\windows\system32\dllcache\iertutil.dll

2008-11-25 23:41 63,488 -------- c:\windows\system32\dllcache\icardie.dll

2008-11-25 23:41 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe

2008-11-25 23:41 459,264 -------- c:\windows\system32\dllcache\msfeeds.dll

2008-11-25 23:41 52,224 -------- c:\windows\system32\dllcache\msfeedsbs.dll

2008-11-25 23:41 6,068,224 -------- c:\windows\system32\dllcache\ieframe.dll

2008-11-25 23:41 380,928 -------- c:\windows\system32\dllcache\ieapfltr.dll

2008-11-25 01:45 144,896 a------- c:\windows\hotplug.dll

2008-11-24 23:21 <DIR> --d----- c:\arquivos de programas\MSXML 4.0

2008-11-24 23:03 <DIR> --d----- c:\arquivos de programas\Trend Micro

2008-11-24 22:52 <DIR> --d----- c:\windows\pss

2008-11-24 19:03 <DIR> --d----- c:\arquivos de programas\NitroPC

2008-11-24 18:32 <DIR> --d----- c:\docume~1\admini~1\dadosd~1\Samsung

2008-11-24 18:29 <DIR> --d----- c:\arquivos de programas\Samsung

2008-11-24 18:29 <DIR> --d----- c:\arquivos de programas\eMule

2008-11-24 17:52 <DIR> --d----- c:\arquivos de programas\Messenger

2008-11-24 17:51 <DIR> --d----- c:\windows\l2schemas

2008-11-24 17:45 <DIR> --d----- c:\windows\ServicePackFiles

2008-11-24 17:27 67,866 -------- c:\windows\system32\drivers\netwlan5.img

2008-11-24 17:26 64,352 -------- c:\windows\system32\drivers\ativmc20.cod

2008-11-24 16:38 27,496 a------- c:\windows\system32\mucltui.dll.mui

2008-11-24 12:34 <DIR> --d----- c:\arquivos de programas\Mozilla Firefox(2)

2008-11-23 16:20 <DIR> --d----- C:\Program Files

2008-11-23 15:59 <DIR> --d----- c:\arquivos de programas\LevelUpGames

2008-11-23 13:33 4,682 a------- c:\windows\system32\npptNT2.sys

2008-11-23 13:33 5,174 a------- c:\windows\system32\nppt9x.vxd

2008-11-22 19:11 <DIR> --d----- c:\arquivos de programas\arquivos comuns\InstallShield

2008-11-22 16:54 <DIR> --d----- c:\arquivos de programas\Gravity

2008-11-22 13:55 <DIR> --d----- c:\windows\system32\appmgmt

2008-11-22 12:10 <DIR> --d----- c:\arquivos de programas\BS.Player ControlBar

2008-11-22 12:10 <DIR> --d----- c:\arquivos de programas\Webteh

2008-11-22 11:58 69 a------- c:\windows\NeroDigital.ini

2008-11-22 11:29 32,592 a------- c:\windows\system32\msonpmon.dll

2008-11-22 11:21 <DIR> --d----- c:\arquivos de programas\Microsoft Visual Studio 8

2008-11-22 11:20 <DIR> --d----- c:\windows\SHELLNEW

2008-11-22 11:16 16,496 a----r-- c:\windows\system32\drivers\HPZipr12.sys

2008-11-22 11:16 49,920 a----r-- c:\windows\system32\drivers\HPZid412.sys

2008-11-22 11:15 364,544 a----r-- c:\windows\system32\hppldcoi.dll

2008-11-22 11:15 21,568 a----r-- c:\windows\system32\drivers\HPZius12.sys

2008-11-22 11:12 267,864 a----r-- c:\windows\system32\hpzids01.dll

2008-11-22 11:12 118,272 a------- c:\windows\system32\hpz3l5ha.dll

2008-11-21 22:00 <DIR> -cdsh--- c:\arquivos de programas\arquivos comuns\WindowsLiveInstaller

2008-11-21 21:53 <DIR> --d----- c:\documents and settings\administrador\Contacts

2008-11-21 04:03 <DIR> --d----- c:\arquivos de programas\Nero

2008-11-21 01:31 129,784 -------- c:\windows\system32\pxafs.dll

2008-11-21 01:24 <DIR> --d----- c:\docume~1\alluse~1\dadosd~1\Nero

2008-11-21 01:20 <DIR> --d----- c:\arquivos de programas\VideoLAN

2008-11-21 01:10 <DIR> --d----- c:\docume~1\admini~1\dadosd~1\Desktopicon

2008-11-21 01:10 <DIR> --d----- c:\arquivos de programas\Unlocker

2008-11-21 00:43 <DIR> --d----- c:\windows\system32\SoftwareDistribution

2008-11-21 00:43 115,840 a----r-- c:\windows\system32\drivers\viaudios.sys

2008-11-21 00:43 36,864 a------- c:\windows\system32\UnAudioNT.dll

2008-11-21 00:43 <DIR> --d----- c:\arquivos de programas\VIA Technologies, INC

2008-11-21 00:42 308,224 a------- c:\windows\IsUn0416.exe

2008-11-21 00:42 <DIR> --d----- c:\arquivos de programas\Gigabyte

2008-11-21 00:42 7,040 a----r-- c:\windows\system32\ntsim.sys

2008-11-21 00:42 41,984 a----r-- c:\windows\system32\drivers\fetnd5b.sys

2008-11-21 00:41 <DIR> --ds---- c:\windows\system32\Microsoft

2008-11-21 00:40 <DIR> --d----- c:\windows\system32\ReinstallBackups

2008-11-21 00:40 306,688 a------- c:\windows\IsUninst.exe

2008-11-21 00:40 <DIR> --d----- c:\documents and settings\administrador\WINDOWS

2008-11-21 00:38 268 a---h--- C:\sqmdata00.sqm

2008-11-21 00:38 244 a---h--- C:\sqmnoopt00.sqm

2008-11-21 00:35 25,856 a------- c:\windows\system32\drivers\usbprint.sys

2008-11-21 00:35 31,616 a------- c:\windows\system32\drivers\usbccgp.sys

2008-11-21 00:25 <DIR> --d-hr-- c:\documents and settings\administrador\Dados de aplicativos

2008-11-21 00:25 <DIR> --d-h--- c:\documents and settings\administrador\Modelos

2008-11-21 00:25 <DIR> --d-h--- c:\documents and settings\administrador\Configurações locais

2008-11-21 00:25 <DIR> --d-h--- c:\documents and settings\administrador\Ambiente de rede

2008-11-21 00:25 <DIR> --d-h--- c:\documents and settings\administrador\Ambiente de impressão

2008-11-21 00:25 <DIR> --d--r-- c:\documents and settings\administrador\Meus documentos

2008-11-21 00:25 <DIR> --d--r-- c:\documents and settings\administrador\Menu Iniciar

2008-11-21 00:25 <DIR> --d--r-- c:\documents and settings\administrador\Favoritos

2008-11-21 00:25 <DIR> --d----- c:\documents and settings\Administrador

2008-11-21 00:22 57,344 -------- c:\windows\system32\dllcache\agentdpv.dll

2008-11-21 00:22 <DIR> --d-h--- c:\windows\$hf_mig$

2008-11-21 00:22 <DIR> --d----- c:\arquivos de programas\Foxit Reader

2008-11-21 00:21 <DIR> --d----- c:\arquivos de programas\VisualTaskTips

2008-11-21 00:21 <DIR> --d----- c:\arquivos de programas\UberIcon

2008-11-21 00:21 <DIR> --d----- c:\windows\HDbar

2008-11-21 00:21 49,265 a------- c:\windows\system32\jpicpl32.cpl

2008-11-21 00:14 <DIR> --d----- c:\windows\system32\URTTemp

2008-11-21 00:14 1,197,294 -------- c:\windows\system32\dllcache\sysmain.sdb

2008-11-21 00:14 764,868 -------- c:\windows\system32\dllcache\apph_sp.sdb

2008-11-21 00:14 217,118 -------- c:\windows\system32\dllcache\apphelp.sdb

2008-11-21 00:14 <DIR> --d----- c:\windows\system32\LogFiles

2008-11-21 00:13 316,640 a------- c:\windows\WMSysPr9.prx

2008-11-21 00:13 <DIR> --d----- c:\arquivos de programas\Windows Media Connect 2

2008-11-21 00:13 23,856 a------- c:\windows\system32\spupdsvc.exe

2008-11-21 00:11 <DIR> --dsh--- c:\documents and settings\all users\DRM

2008-11-21 00:11 488 a---hr-- c:\windows\system32\WindowsLogon.manifest

2008-11-21 00:11 488 a---hr-- c:\windows\system32\logonui.exe.manifest

2008-11-21 00:11 749 a---hr-- c:\windows\WindowsShell.Manifest

2008-11-21 00:11 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest

2008-11-21 00:11 749 a---hr-- c:\windows\system32\sapi.cpl.manifest

2008-11-21 00:11 749 a---hr-- c:\windows\system32\nwc.cpl.manifest

2008-11-21 00:11 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest

2008-11-21 00:11 749 a---hr-- c:\windows\system32\cdplayer.exe.manifest

2008-11-21 00:11 <DIR> --d-h--- c:\arquivos de programas\WindowsUpdate

2008-11-21 00:10 <DIR> --d----- c:\arquivos de programas\Serviços on-line

2008-11-21 00:10 <DIR> --d----- c:\arquivos de programas\arquivos comuns\Serviços

2008-11-21 00:10 <DIR> --d----- c:\arquivos de programas\arquivos comuns\MSSoap

2008-11-21 00:08 <DIR> --d----- c:\arquivos de programas\CCleaner

2008-11-21 00:08 <DIR> --d----- c:\arquivos de programas\MSN Gaming Zone

2008-11-21 00:07 <DIR> --d----- c:\arquivos de programas\Windows NT

2008-11-20 22:02 <DIR> --d----- c:\arquivos de programas\arquivos comuns\ODBC

2008-11-20 22:02 <DIR> --d----- c:\arquivos de programas\arquivos comuns\SpeechEngines

2008-11-20 22:01 <DIR> --d-h--- c:\documents and settings\all users\Modelos

2008-11-20 22:01 <DIR> --d--r-- c:\documents and settings\all users\Menu Iniciar

2008-11-20 22:01 <DIR> --d--r-- c:\documents and settings\all users\Documentos

2008-11-20 22:01 <DIR> --d----- c:\documents and settings\all users\Favoritos

2008-11-20 22:01 <DIR> --d-hr-- c:\documents and settings\all users\Dados de aplicativos

==================== Find3M ====================

2008-12-09 00:53 436,754 a------- c:\windows\system32\perfh016.dat

2008-12-09 00:53 71,938 a------- c:\windows\system32\perfc016.dat

2008-11-25 01:42 144,896 a------- c:\windows\system32\hotplug.dll

2008-11-23 15:28 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

2008-11-21 00:08 21,844 a------- c:\windows\system32\emptyregdb.dat

============= FINISH: 14:39:27,04 ===============

*********************************************************

ComboFix 08-12-14.05 - Administrador 2008-12-15 15:03:59.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.1023.710 [GMT -2:00]

Executando de: c:\documents and settings\Administrador\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

* Resident AV is active

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\arquivos de programas\Gravity\Ragnarok Online\BGM\_desktop.ini

c:\arquivos de programas\Gravity\Ragnarok Online\GameGuard\_desktop.ini

c:\arquivos de programas\Gravity\Ragnarok Online\PatchClient\_desktop.ini

c:\arquivos de programas\Gravity\Ragnarok Online\skin\_desktop.ini

c:\arquivos de programas\Gravity\Ragnarok Online\skin\default\_desktop.ini

c:\arquivos de programas\Gravity\Ragnarok Online\skin\default\basic_interface\_desktop.ini

c:\arquivos de programas\Gravity\Ragnarok Online\skin\Scribbling Kid\_desktop.ini

c:\arquivos de programas\Gravity\Ragnarok Online\skin\Scribbling Kid\basic_interface\_desktop.ini

.

(((((((((((((((( Arquivos/Ficheiros criados de 2008-11-15 to 2008-12-15 ))))))))))))))))))))))))))))

.

2008-12-14 17:39 . 2008-12-14 17:40 <DIR> d-------- c:\arquivos de programas\Flash Slideshow Maker Professional

2008-12-14 17:38 . 2008-12-14 17:38 1,409 --a------ c:\windows\system32\tmpE35BD.FOT

2008-12-14 17:38 . 2008-12-14 17:38 1,409 --a------ c:\windows\system32\tmpB58BD.FOT

2008-12-14 17:38 . 2008-12-14 17:38 1,409 --a------ c:\windows\system32\tmp676BD.FOT

2008-12-14 17:38 . 2008-12-14 17:38 1,409 --a------ c:\windows\system32\tmp639BD.FOT

2008-12-14 17:38 . 2008-12-14 17:38 1,409 --a------ c:\windows\system32\tmp167BD.FOT

2008-12-12 23:58 . 2008-12-12 23:58 <DIR> d-------- c:\arquivos de programas\NeoInter

2008-12-12 19:34 . 2008-12-14 17:06 <DIR> d-a------ c:\documents and settings\All Users\Dados de aplicativos\TEMP

2008-12-12 19:34 . 2008-12-12 19:34 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Anvsoft

2008-12-12 19:11 . 2008-12-12 19:11 <DIR> d-------- c:\windows\SlideShow Ultra Gold Data

2008-12-12 19:09 . 2008-12-12 19:10 307,200 --------- c:\windows\Setup1.exe

2008-12-12 19:09 . 2008-12-12 19:10 73,216 --a------ c:\windows\ST6UNST.EXE

2008-12-12 18:51 . 2008-12-05 22:18 499,712 --a------ c:\windows\system32\msvcp71.dll

2008-12-12 18:49 . 2008-12-12 18:53 <DIR> d-------- c:\windows\system32\Adobe

2008-12-12 18:47 . 2008-12-12 18:47 1,409 --a------ c:\windows\system32\tmpCF854.FOT

2008-12-12 18:47 . 2008-12-12 18:47 1,409 --a------ c:\windows\system32\tmpBAB54.FOT

2008-12-12 18:47 . 2008-12-12 18:47 1,409 --a------ c:\windows\system32\tmp6D954.FOT

2008-12-12 18:47 . 2008-12-12 18:47 1,409 --a------ c:\windows\system32\tmp2E754.FOT

2008-12-12 18:47 . 2008-12-12 18:47 1,409 --a------ c:\windows\system32\tmp1CA54.FOT

2008-12-12 18:00 . 2008-12-12 18:02 2,423 --a------ c:\windows\BorisFX9.2.ini

2008-12-12 17:23 . 2008-12-12 17:23 <DIR> d-------- C:\Presets

2008-12-12 17:23 . 2003-06-26 09:04 237,568 -ra------ c:\windows\system32\qtmlClient.dll

2008-12-12 17:23 . 2003-07-01 15:49 69,632 --a------ c:\windows\system32\MtxPreview.dll

2008-12-12 17:23 . 2003-07-01 15:49 49,152 --a------ c:\windows\system32\MtxParhBFXPreview.dll

2008-12-12 17:23 . 2003-01-20 08:08 49,152 --a------ c:\windows\system32\CvoAPI.dll

2008-12-12 17:23 . 2003-07-09 09:43 45,056 --a------ c:\windows\system32\BFXSrcFilter.ax

2008-12-12 13:48 . 2008-12-12 13:48 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer

2008-12-12 13:48 . 2008-12-12 13:49 <DIR> d-------- c:\arquivos de programas\QuickTime

2008-12-12 13:48 . 2008-12-12 13:48 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\Apple

2008-12-12 13:38 . 2008-12-12 14:14 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\SmartSound Software Inc

2008-12-12 13:04 . 2008-12-12 13:04 <DIR> d-------- c:\documents and settings\Administrador\Dados de aplicativos\VSRevoGroup

2008-12-11 20:31 . 2008-12-11 20:31 <DIR> d-------- c:\windows\Downloaded Installations

2008-12-11 13:46 . 2005-05-17 15:24 311,296 --a------ c:\windows\system32\AegisI5.exe

2008-12-11 13:46 . 2006-01-18 09:08 290,918 --a------ c:\windows\system32\Install7x.dll

2008-12-11 13:46 . 2006-01-12 19:46 252,928 --a------ c:\windows\system32\drivers\rt73.sys

2008-12-11 13:46 . 2005-10-17 19:50 245,376 --a------ c:\windows\system32\drivers\rt2500usb.sys

2008-12-11 13:46 . 2005-11-30 11:33 2,048 --a------ c:\windows\system32\drivers\rt73.bin

2008-12-11 13:46 . 2005-08-19 15:51 138 --a------ c:\windows\filespec7x

2008-12-11 13:45 . 2008-12-11 13:45 <DIR> d-------- c:\arquivos de programas\RALINK

2008-12-11 13:45 . 2008-12-11 13:45 20,747 --a------ c:\windows\system32\drivers\AegisP.sys

2008-12-10 23:21 . 2008-12-10 23:21 268 --ah----- C:\sqmdata04.sqm

2008-12-10 23:21 . 2008-12-10 23:21 244 --ah----- C:\sqmnoopt04.sqm

2008-12-10 20:31 . 2003-03-15 22:15 90,112 --a------ c:\windows\unvise32.exe

2008-12-10 20:26 . 2008-12-10 20:26 <DIR> d-------- c:\arquivos de programas\Pinnacle

2008-12-10 11:46 . 2008-12-10 11:46 38 --a------ c:\windows\AviSplitter.INI

2008-12-09 23:29 . 2008-12-09 23:31 <DIR> d-------- c:\documents and settings\Administrador\Dados de aplicativos\Roxio

2008-12-09 18:34 . 2008-12-09 18:34 <DIR> d-------- c:\arquivos de programas\Microsoft Silverlight

2008-12-09 12:02 . 2008-12-12 13:02 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Napster

2008-12-07 00:19 . 2008-12-07 00:19 <DIR> d-------- c:\arquivos de programas\VS Revo Group

2008-12-07 00:08 . 2008-12-07 00:08 <DIR> d-------- c:\arquivos de programas\AMD

2008-12-07 00:08 . 2007-06-29 14:47 34,304 --a------ c:\windows\system32\drivers\AmdLLD.sys

2008-12-06 21:31 . 2008-12-06 21:36 <DIR> d-------- c:\arquivos de programas\Ragnarok Online

2008-12-05 00:36 . 2008-12-05 00:36 268 --ah----- C:\sqmdata03.sqm

2008-12-05 00:36 . 2008-12-05 00:36 244 --ah----- C:\sqmnoopt03.sqm

2008-12-03 20:17 . 2008-12-05 00:36 <DIR> d-------- c:\arquivos de programas\SpeedBit Video Accelerator

2008-12-03 01:28 . 2008-12-03 01:28 <DIR> d-a------ c:\windows\system32\Shell

2008-12-03 01:28 . 2008-12-01 17:34 1,062,032 --a------ c:\windows\system32\Pattern.msstyles

2008-12-03 00:37 . 2008-12-05 00:41 <DIR> d-------- c:\documents and settings\Administrador\Dados de aplicativos\ADPHONE

2008-11-29 17:44 . 2008-11-29 17:44 <DIR> d-------- c:\arquivos de programas\Real

2008-11-29 17:44 . 2008-12-05 00:42 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\Real

2008-11-28 03:48 . 2008-11-28 03:48 2,901 --a------ c:\windows\system32\Oemlogo.BMP

2008-11-28 03:30 . 2008-12-05 23:48 <DIR> d--h----- c:\windows\system32\GroupPolicy

2008-11-27 16:16 . 2008-11-27 16:16 <DIR> d-------- c:\documents and settings\Administrador\Dados de aplicativos\DAEMON Tools

2008-11-27 16:16 . 2008-11-27 16:16 717,296 --a------ c:\windows\system32\drivers\sptd.sys

2008-11-27 14:29 . 2008-11-27 14:28 512,096 --a------ c:\windows\system32\drivers\amon.sys

2008-11-27 14:29 . 2008-11-27 14:28 298,104 --a------ c:\windows\system32\imon.dll

2008-11-27 14:29 . 2008-11-27 14:28 15,424 --a------ c:\windows\system32\drivers\nod32drv.sys

2008-11-27 14:28 . 2008-12-11 23:36 <DIR> d-------- c:\arquivos de programas\ESET

2008-11-27 14:27 . 2008-07-09 06:05 421,888 --a------ c:\windows\system32\ac3filter.acm

2008-11-27 14:26 . 2008-11-27 14:27 <DIR> d-------- c:\arquivos de programas\XP Codec Pack

2008-11-26 23:52 . 2008-11-26 23:52 <DIR> d-------- c:\arquivos de programas\Enigma Software Group

2008-11-26 13:23 . 2008-11-26 13:23 268 --ah----- C:\sqmdata02.sqm

2008-11-26 13:23 . 2008-11-26 13:23 244 --ah----- C:\sqmnoopt02.sqm

2008-11-26 13:05 . 2008-11-26 13:05 268 --ah----- C:\sqmdata01.sqm

2008-11-26 13:05 . 2008-11-26 13:05 244 --ah----- C:\sqmnoopt01.sqm

2008-11-26 12:26 . 2008-11-26 12:26 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Eset

2008-11-26 12:19 . 2008-11-26 12:19 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Avg8

2008-11-25 23:41 . 2008-10-03 14:22 6,068,224 --------- c:\windows\system32\dllcache\ieframe.dll

2008-11-25 23:41 . 2007-04-17 07:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat

2008-11-25 23:41 . 2007-03-08 03:12 1,024,000 --------- c:\windows\system32\dllcache\ieframe.dll.mui

2008-11-25 23:41 . 2008-08-26 07:10 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll

2008-11-25 23:41 . 2008-08-26 07:10 380,928 --------- c:\windows\system32\dllcache\ieapfltr.dll

2008-11-25 23:41 . 2008-08-26 07:10 267,776 --------- c:\windows\system32\dllcache\iertutil.dll

2008-11-25 23:41 . 2008-08-26 07:10 63,488 --------- c:\windows\system32\dllcache\icardie.dll

2008-11-25 23:41 . 2008-08-26 07:10 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll

2008-11-25 23:41 . 2008-08-25 06:43 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe

2008-11-25 01:45 . 2008-11-25 01:42 144,896 --a------ c:\windows\hotplug.dll

2008-11-24 23:21 . 2008-11-24 23:21 <DIR> d-------- c:\arquivos de programas\MSXML 4.0

2008-11-24 23:03 . 2008-11-24 23:03 <DIR> d-------- c:\arquivos de programas\Trend Micro

2008-11-24 19:03 . 2008-12-05 00:42 <DIR> d-------- c:\arquivos de programas\NitroPC

2008-11-24 18:32 . 2008-11-24 18:32 <DIR> d-------- c:\documents and settings\Administrador\Dados de aplicativos\Samsung

2008-11-24 18:29 . 2008-11-24 18:29 <DIR> d-------- c:\arquivos de programas\Samsung

2008-11-24 18:29 . 2008-12-15 07:44 <DIR> d-------- c:\arquivos de programas\eMule

2008-11-24 17:51 . 2008-11-24 17:51 <DIR> d-------- c:\windows\l2schemas

2008-11-24 17:45 . 2008-11-24 17:45 <DIR> d-------- c:\windows\ServicePackFiles

2008-11-24 17:27 . 2004-07-17 11:35 67,866 --------- c:\windows\system32\drivers\netwlan5.img

2008-11-24 17:26 . 2004-07-17 11:36 64,352 --------- c:\windows\system32\drivers\ativmc20.cod

2008-11-24 16:38 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui

2008-11-24 13:11 . 2008-11-24 13:11 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\Adobe

2008-11-24 12:35 . 2008-11-24 12:35 0 --a------ c:\windows\nsreg.dat

2008-11-24 12:34 . 2008-12-07 00:41 <DIR> d-------- c:\arquivos de programas\Mozilla Firefox(2)

2008-11-23 16:20 . 2008-11-23 16:20 <DIR> d-------- C:\Program Files

2008-11-23 15:59 . 2008-11-23 15:59 <DIR> d-------- c:\arquivos de programas\LevelUpGames

2008-11-23 13:33 . 2003-07-20 07:17 5,174 --a------ c:\windows\system32\nppt9x.vxd

2008-11-23 13:33 . 2005-01-03 22:43 4,682 --a------ c:\windows\system32\npptNT2.sys

2008-11-22 19:11 . 2008-12-12 17:11 <DIR> d--h----- c:\arquivos de programas\InstallShield Installation Information

2008-11-22 19:11 . 2008-12-09 12:02 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\InstallShield

2008-11-22 16:54 . 2008-11-22 19:11 <DIR> d-------- c:\arquivos de programas\Gravity

2008-11-22 12:10 . 2008-11-22 12:10 <DIR> d-------- c:\arquivos de programas\Webteh

2008-11-22 12:10 . 2008-11-22 14:13 <DIR> d-------- c:\arquivos de programas\BS.Player ControlBar

2008-11-22 12:00 . 2008-11-22 12:00 <DIR> d-------- c:\documents and settings\Administrador\Dados de aplicativos\Media Player Classic

2008-11-22 11:58 . 2008-12-15 09:13 69 --a------ c:\windows\NeroDigital.ini

2008-11-22 11:46 . 2008-11-22 11:48 <DIR> d-------- c:\documents and settings\Administrador\Dados de aplicativos\vlc

2008-11-22 11:29 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll

2008-11-22 11:27 . 2008-11-22 11:27 <DIR> d-------- c:\arquivos de programas\MSBuild

2008-11-22 11:27 . 2008-11-22 11:27 <DIR> d-------- c:\arquivos de programas\Microsoft Works

2008-11-22 11:25 . 2008-11-22 11:25 <DIR> d-------- c:\arquivos de programas\Microsoft.NET

2008-11-22 11:21 . 2008-11-22 11:21 <DIR> d-------- c:\arquivos de programas\Microsoft Visual Studio 8

2008-11-22 11:20 . 2008-11-22 11:26 <DIR> d-------- c:\windows\SHELLNEW

2008-11-22 11:19 . 2008-11-22 11:19 <DIR> dr-h----- C:\MSOCache

2008-11-22 11:19 . 2008-11-22 11:30 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2008-11-22 11:16 . 2007-03-08 02:20 49,920 -ra------ c:\windows\system32\drivers\HPZid412.sys

2008-11-22 11:16 . 2007-03-08 02:20 16,496 -ra------ c:\windows\system32\drivers\HPZipr12.sys

2008-11-22 11:15 . 2007-03-08 02:20 364,544 -ra------ c:\windows\system32\hppldcoi.dll

2008-11-22 11:15 . 2007-03-08 02:20 21,568 -ra------ c:\windows\system32\drivers\HPZius12.sys

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-11-25 03:42 144,896 ----a-w c:\windows\system32\hotplug.dll

2008-11-21 23:59 --------- d-----w c:\arquivos de programas\Windows Live

2008-11-21 02:53 --------- d-----w c:\arquivos de programas\UberIcon

2008-11-21 02:43 --------- d-----w c:\arquivos de programas\VIA Technologies, INC

2008-11-21 02:42 --------- d-----w c:\arquivos de programas\Gigabyte

2008-11-21 02:22 --------- d-----w c:\arquivos de programas\Foxit Reader

2008-11-21 02:21 --------- d-----w c:\arquivos de programas\VisualTaskTips

2008-11-21 02:21 --------- d-----w c:\arquivos de programas\Java

2008-11-21 02:20 --------- d-----w c:\arquivos de programas\Arquivos comuns\Java

2008-11-21 02:13 --------- d-----w c:\arquivos de programas\Windows Media Connect 2

2008-11-21 02:10 --------- d-----w c:\arquivos de programas\Serviços on-line

2008-11-21 02:10 --------- d-----w c:\arquivos de programas\Arquivos comuns\Serviços

2008-11-21 02:08 --------- d-----w c:\arquivos de programas\CCleaner

2008-10-16 16:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 16:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 16:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 16:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 16:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 16:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 16:08 34,328 ----a-w c:\windows\system32\wups.dll

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

"UberIcon"="c:\arquivos de programas\UberIcon\UberIcon Manager.exe" [2006-02-23 188416]

"MsnMsgr"="c:\arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AudioDeck"="c:\arquivos de programas\VIA Technologies" [X]

"nod32kui"="c:\arquivos de programas\Eset\nod32kui.exe" [2008-11-27 949376]

"amd_dc_opt"="c:\arquivos de programas\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 77824]

"QuickTime Task"="c:\arquivos de programas\QuickTime\qttask.exe" [2008-09-06 413696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nltide_2"="shell32" [X]

"nltide_3"="advpack.dll" [2008-08-26 c:\windows\system32\advpack.dll]

c:\windows\system32\config\systemprofile\Menu Iniciar\Programas\Inicializar\

UberIcon.lnk - c:\arquivos de programas\UberIcon\UberIcon Manager.exe [2008-11-21 188416]

VisualTaskTips.lnk - c:\arquivos de programas\VisualTaskTips\VisualTaskTips.exe [2008-11-21 36864]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"ForceClassicControlPanel"= 1 (0x1)

"NoSMHelp"= 1 (0x1)

"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"ForceClassicControlPanel"= 1 (0x1)

"NoSMHelp"= 1 (0x1)

"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.ffds"= ffdshow.ax

"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Arquivos de programas\\XP Codec Pack\\filters\\ac3config.exe"=

"c:\\Arquivos de programas\\LevelUpGames\\Grand Chase\\main.exe"=

"c:\\Arquivos de programas\\eMule\\emule.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-11-27 15424]

S3 npkycryp;npkycryp;\??\c:\arquivos de programas\Ragnarok Online\npkycryp.sys []

*Newly Created Service* - CATCHME

*Newly Created Service* - PROCEXP90

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{0DA3B9B7-3DB5-97A1-DA31-969D6950BB42}]

c:\windows\system32:winsock32.exe

.

.

------- Scan Suplementar -------

.

uStart Page = www.google.com.br/

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~1\Office12\EXCEL.EXE/3000

LSP: c:\windows\system32\imon.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-15 15:05:49

Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Messenger]

"ImagePath"="%\00S\00y\00s\00t\00e\00m\00R\00o\00o\00t\00%\00\\00s\00y\00s\00t\00e\00m\003\002\00\\00s\00v\00c\00h\00o\00s\00t\00.\00e\00x\00e\00 \00-\00k\00 \00n\00e\00t\00s\00v\00c\00s"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Messenger]

"ImagePath"="%\00S\00y\00s\00t\00e\00m\00R\00o\00o\00t\00%\00\\00s\00y\00s\00t\00e\00m\003\002\00\\00s\00v\00c\00h\00o\00s\00t\00.\00e\00x\00e\00 \00-\00k\00 \00n\00e\00t\00s\00v\00c\00s"

"ServiceDll"="%\00S\00y\00s\00t\00e\00m\00R\00o\00o\00t\00%\00\\00S\00y\00s\00t\00e\00m\003\002\00\\00m\00s\00g\00s\00v\00c\00.\00d\00l\00l"

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(648)

c:\windows\system32\SETUPAPI.dll

- - - - - - - > 'lsass.exe'(712)

c:\windows\system32\SETUPAPI.dll

c:\windows\system32\imon.dll

c:\arquivos de programas\Eset\pr_imon.dll

.

Tempo para conclusão: 2008-12-15 15:07:09

ComboFix-quarantined-files.txt 2008-12-15 17:06:46

Pré-execução: 12 pasta(s) 13.469.286.400 bytes disponíveis

Pós execução: 12 pasta(s) 13,510,070,272 bytes disponíveis

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

266

Compartilhar este post


Link para o post
Compartilhar em outros sites

De acordo com as regras deste fórum, tópicos inativos são arquivados, isto é, fechados e movidos para um fórum de "tópicos arquivados". Caso o autor do tópico necessite poderá entrar em contato com a moderação solicitando a reabertura deste tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×