Ir ao conteúdo
  • Comunicados

    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.

agostinhotorreiro

Membros Plenos
  • Total de itens

    52
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

0

Sobre agostinhotorreiro

  • Data de Nascimento 10-11-1986

Informações gerais

  • Cidade e Estado
    Recife - PE
  1. X vermelho no icone de rede na bandeja

    se voce tive usando rede sem fio desliga o roteador um tempo tira os fios coloca de novo e liga que isso estava acontecendo aqui, a rede funcionava mas não entrava em nada e a velox estava normal ai eu fiz isso e funcionou abraço
  2. Dial-up conecta mas não abri recebe dados

    opa , Rapha Carnauba eu vou testar e posto aqui por que estou entrando na casa da minha namorada, mcrae, apos formatar, que foram varias e varias vezes, eu sempre boto o avast mas sempre que formatava ele conecta mas fica na mesma situaçao sem receber dados, alias recebe sim so que bem menos do que envia mas enfim vou testar aqui e depois posto grato
  3. Dial-up conecta mas não abri recebe dados

    pessoal eu procurei ainda entre os topicos algo que podesse me ajudar mas não encontrei meu computador esta com o seguinte problema: conecta mas não entra em nada, ta enviando mais do que recebendo já formatei coloquei o pack 2 do xp troquei de modem testei em outra linha telefonica e sempre da o mesmo problema espero que alguem possa me dar uma luz grato
  4. win32:Trojan-gen, {Other}

    Opa amigo, Segue em anexo os logs FixVundo.exe, l2mfix.bat e hijackthis, agora o estranho é que o fixvundo não identificou nada! ======= FIXVUNDO Symantec Trojan.Vundo Removal Tool 1.5.0 Trojan.Vundo has not been found on your computer. ====== l2mfix L2mfix 010406 Creating Account. Comando conclu¡do com ˆxito. Adding Administrative privleges. Checking for L2MFix account(0=no 1=yes): 1 Granting SeDebugPrivilege to L2MFIX ... successful Running From: C:\WINDOWS\system32 Killing Processes! Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 364 'smss.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 452 'winlogon.exe' Killing PID 452 'winlogon.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 1376 'explorer.exe' Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright© 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 968 'rundll32.exe' Killing PID 1800 'rundll32.exe' Restoring Sedebugprivilege: Scanning First Pass. Please Wait! First Pass Completed Second Pass Scanning Second pass Completed! 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). 1 arquivo(s) copiado(s). Deleting: C:\WINDOWS\system32\Aadio3D.dll Successfully Deleted: C:\WINDOWS\system32\Aadio3D.dll Deleting: C:\WINDOWS\system32\akkctrs.dll Successfully Deleted: C:\WINDOWS\system32\akkctrs.dll Deleting: C:\WINDOWS\system32\cbgmgr32.dll Successfully Deleted: C:\WINDOWS\system32\cbgmgr32.dll Deleting: C:\WINDOWS\system32\cKbinet.dll Successfully Deleted: C:\WINDOWS\system32\cKbinet.dll Deleting: C:\WINDOWS\system32\DavX.dll Successfully Deleted: C:\WINDOWS\system32\DavX.dll Deleting: C:\WINDOWS\system32\dnband.dll Successfully Deleted: C:\WINDOWS\system32\dnband.dll Deleting: C:\WINDOWS\system32\dnpo0173e.dll Successfully Deleted: C:\WINDOWS\system32\dnpo0173e.dll Deleting: C:\WINDOWS\system32\dsdskmgr.dll Successfully Deleted: C:\WINDOWS\system32\dsdskmgr.dll Deleting: C:\WINDOWS\system32\dycompos.dll Successfully Deleted: C:\WINDOWS\system32\dycompos.dll Deleting: C:\WINDOWS\system32\dzwave.dll Successfully Deleted: C:\WINDOWS\system32\dzwave.dll Deleting: C:\WINDOWS\system32\ebcapi.dll Successfully Deleted: C:\WINDOWS\system32\ebcapi.dll Deleting: C:\WINDOWS\system32\h00q0ad5ed0.dll Successfully Deleted: C:\WINDOWS\system32\h00q0ad5ed0.dll Deleting: C:\WINDOWS\system32\i0jqla151d.dll Successfully Deleted: C:\WINDOWS\system32\i0jqla151d.dll Deleting: C:\WINDOWS\system32\ir00l5dm1.dll Successfully Deleted: C:\WINDOWS\system32\ir00l5dm1.dll Deleting: C:\WINDOWS\system32\j44oleh31h4.dll Successfully Deleted: C:\WINDOWS\system32\j44oleh31h4.dll Deleting: C:\WINDOWS\system32\j4n20e5oeh.dll Successfully Deleted: C:\WINDOWS\system32\j4n20e5oeh.dll Deleting: C:\WINDOWS\system32\j4p00e7meh.dll Successfully Deleted: C:\WINDOWS\system32\j4p00e7meh.dll Deleting: C:\WINDOWS\system32\jB4oleh31h4.dll Successfully Deleted: C:\WINDOWS\system32\jB4oleh31h4.dll Deleting: C:\WINDOWS\system32\jcsd400.dll Successfully Deleted: C:\WINDOWS\system32\jcsd400.dll Deleting: C:\WINDOWS\system32\jt2607fse.dll Successfully Deleted: C:\WINDOWS\system32\jt2607fse.dll Deleting: C:\WINDOWS\system32\k0js0a17ed.dll Successfully Deleted: C:\WINDOWS\system32\k0js0a17ed.dll Deleting: C:\WINDOWS\system32\k408ledu1h08.dll Successfully Deleted: C:\WINDOWS\system32\k408ledu1h08.dll Deleting: C:\WINDOWS\system32\ktdfo.dll Successfully Deleted: C:\WINDOWS\system32\ktdfo.dll Deleting: C:\WINDOWS\system32\l2l60c3sef.dll Successfully Deleted: C:\WINDOWS\system32\l2l60c3sef.dll Deleting: C:\WINDOWS\system32\lv2209foe.dll Successfully Deleted: C:\WINDOWS\system32\lv2209foe.dll Deleting: C:\WINDOWS\system32\lv8209loe.dll Successfully Deleted: C:\WINDOWS\system32\lv8209loe.dll Deleting: C:\WINDOWS\system32\lvj0091me.dll Successfully Deleted: C:\WINDOWS\system32\lvj0091me.dll Deleting: C:\WINDOWS\system32\lvrm0991e.dll Successfully Deleted: C:\WINDOWS\system32\lvrm0991e.dll Deleting: C:\WINDOWS\system32\m4460ehseh460.dll Successfully Deleted: C:\WINDOWS\system32\m4460ehseh460.dll Deleting: C:\WINDOWS\system32\mepbde40.dll Successfully Deleted: C:\WINDOWS\system32\mepbde40.dll Deleting: C:\WINDOWS\system32\mjieftp.dll Successfully Deleted: C:\WINDOWS\system32\mjieftp.dll Deleting: C:\WINDOWS\system32\MKIMTF.dll Successfully Deleted: C:\WINDOWS\system32\MKIMTF.dll Deleting: C:\WINDOWS\system32\mtvcrt.dll Successfully Deleted: C:\WINDOWS\system32\mtvcrt.dll Deleting: C:\WINDOWS\system32\mujet40.dll Successfully Deleted: C:\WINDOWS\system32\mujet40.dll Deleting: C:\WINDOWS\system32\mvpul9791.dll Successfully Deleted: C:\WINDOWS\system32\mvpul9791.dll Deleting: C:\WINDOWS\system32\ncshrui.dll Successfully Deleted: C:\WINDOWS\system32\ncshrui.dll Deleting: C:\WINDOWS\system32\necfg.dll Successfully Deleted: C:\WINDOWS\system32\necfg.dll Deleting: C:\WINDOWS\system32\rdm.dll Successfully Deleted: C:\WINDOWS\system32\rdm.dll Deleting: C:\WINDOWS\system32\sdclogon.dll Successfully Deleted: C:\WINDOWS\system32\sdclogon.dll Deleting: C:\WINDOWS\system32\sjssetup.dll Successfully Deleted: C:\WINDOWS\system32\sjssetup.dll Deleting: C:\WINDOWS\system32\sobcsp.dll Successfully Deleted: C:\WINDOWS\system32\sobcsp.dll Deleting: C:\WINDOWS\system32\socbase.dll Successfully Deleted: C:\WINDOWS\system32\socbase.dll Deleting: C:\WINDOWS\system32\sZmlib.dll Successfully Deleted: C:\WINDOWS\system32\sZmlib.dll Deleting: C:\WINDOWS\system32\guard.tmp Successfully Deleted: C:\WINDOWS\system32\guard.tmp msg11?.dll 0 arquivo(s) copiado(s). Desktop.ini sucessfully removed Restoring Windows Update Certificates.: The following Is the Current Export of the Winlogon notify key: **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\BITS] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\lv2209foe.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efeec] "Asynchronous"=dword:00000001 "DllName"="C:\\WINDOWS\\System32\\efeec.dll" "Impersonate"=dword:00000000 "Startup"="SysLogon" "Logoff"="SysLogoff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 The following are the files found: **************************************************************************** C:\WINDOWS\system32\Aadio3D.dll C:\WINDOWS\system32\akkctrs.dll C:\WINDOWS\system32\cbgmgr32.dll C:\WINDOWS\system32\cKbinet.dll C:\WINDOWS\system32\DavX.dll C:\WINDOWS\system32\dnband.dll C:\WINDOWS\system32\dnpo0173e.dll C:\WINDOWS\system32\dsdskmgr.dll C:\WINDOWS\system32\dycompos.dll C:\WINDOWS\system32\dzwave.dll C:\WINDOWS\system32\ebcapi.dll C:\WINDOWS\system32\h00q0ad5ed0.dll C:\WINDOWS\system32\i0jqla151d.dll C:\WINDOWS\system32\ir00l5dm1.dll C:\WINDOWS\system32\j44oleh31h4.dll C:\WINDOWS\system32\j4n20e5oeh.dll C:\WINDOWS\system32\j4p00e7meh.dll C:\WINDOWS\system32\jB4oleh31h4.dll C:\WINDOWS\system32\jcsd400.dll C:\WINDOWS\system32\jt2607fse.dll C:\WINDOWS\system32\k0js0a17ed.dll C:\WINDOWS\system32\k408ledu1h08.dll C:\WINDOWS\system32\ktdfo.dll C:\WINDOWS\system32\l2l60c3sef.dll C:\WINDOWS\system32\lv2209foe.dll C:\WINDOWS\system32\lv8209loe.dll C:\WINDOWS\system32\lvj0091me.dll C:\WINDOWS\system32\lvrm0991e.dll C:\WINDOWS\system32\m4460ehseh460.dll C:\WINDOWS\system32\mepbde40.dll C:\WINDOWS\system32\mjieftp.dll C:\WINDOWS\system32\MKIMTF.dll C:\WINDOWS\system32\mtvcrt.dll C:\WINDOWS\system32\mujet40.dll C:\WINDOWS\system32\mvpul9791.dll C:\WINDOWS\system32\ncshrui.dll C:\WINDOWS\system32\necfg.dll C:\WINDOWS\system32\rdm.dll C:\WINDOWS\system32\sdclogon.dll C:\WINDOWS\system32\sjssetup.dll C:\WINDOWS\system32\sobcsp.dll C:\WINDOWS\system32\socbase.dll C:\WINDOWS\system32\sZmlib.dll C:\WINDOWS\system32\guard.tmp Registry Entries that were Deleted: Please verify that the listing looks ok. If there was something deleted wrongly there are backups in the backreg folder. **************************************************************************** Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}] @="" [HKEY_CLASSES_ROOT\CLSID\{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}\InprocServer32] @="C:\\WINDOWS\\system32\\dsdskmgr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}] @="" [HKEY_CLASSES_ROOT\CLSID\{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}\InprocServer32] @="C:\\WINDOWS\\system32\\sZmlib.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C6192732-2BA4-4339-BDF9-83D6DE705E96}] @="" [HKEY_CLASSES_ROOT\CLSID\{C6192732-2BA4-4339-BDF9-83D6DE705E96}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C6192732-2BA4-4339-BDF9-83D6DE705E96}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C6192732-2BA4-4339-BDF9-83D6DE705E96}\InprocServer32] @="C:\\WINDOWS\\system32\\MKIMTF.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{0C3834CF-1ACE-434C-88CF-81325BEED03B}] @="" [HKEY_CLASSES_ROOT\CLSID\{0C3834CF-1ACE-434C-88CF-81325BEED03B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{0C3834CF-1ACE-434C-88CF-81325BEED03B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{0C3834CF-1ACE-434C-88CF-81325BEED03B}\InprocServer32] @="C:\\WINDOWS\\system32\\ncshrui.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}] @="" [HKEY_CLASSES_ROOT\CLSID\{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9FB9E401-6D20-43E8-82D7-2F82480EEC56}] @="" [HKEY_CLASSES_ROOT\CLSID\{9FB9E401-6D20-43E8-82D7-2F82480EEC56}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9FB9E401-6D20-43E8-82D7-2F82480EEC56}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9FB9E401-6D20-43E8-82D7-2F82480EEC56}\InprocServer32] @="C:\\WINDOWS\\system32\\sobcsp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{1BCF7526-556E-4444-8A0B-1C2790907840}] @="" [HKEY_CLASSES_ROOT\CLSID\{1BCF7526-556E-4444-8A0B-1C2790907840}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{1BCF7526-556E-4444-8A0B-1C2790907840}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{1BCF7526-556E-4444-8A0B-1C2790907840}\InprocServer32] @="C:\\WINDOWS\\system32\\cbgmgr32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5F073F13-48EC-4738-848B-A239C6B7E04F}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F073F13-48EC-4738-848B-A239C6B7E04F}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5F073F13-48EC-4738-848B-A239C6B7E04F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F073F13-48EC-4738-848B-A239C6B7E04F}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}] @="" [HKEY_CLASSES_ROOT\CLSID\{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}] @="" [HKEY_CLASSES_ROOT\CLSID\{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}] @="" [HKEY_CLASSES_ROOT\CLSID\{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}] @="" [HKEY_CLASSES_ROOT\CLSID\{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}\InprocServer32] @="C:\\WINDOWS\\system32\\dzwave.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2280F256-DC66-41D4-9C89-3FFD6E2327DA}] @="" [HKEY_CLASSES_ROOT\CLSID\{2280F256-DC66-41D4-9C89-3FFD6E2327DA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2280F256-DC66-41D4-9C89-3FFD6E2327DA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2280F256-DC66-41D4-9C89-3FFD6E2327DA}\InprocServer32] @="C:\\WINDOWS\\system32\\socbase.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{485970B1-A28B-414D-89A3-1D2FB2A20936}] @="" [HKEY_CLASSES_ROOT\CLSID\{485970B1-A28B-414D-89A3-1D2FB2A20936}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{485970B1-A28B-414D-89A3-1D2FB2A20936}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{485970B1-A28B-414D-89A3-1D2FB2A20936}\InprocServer32] @="C:\\WINDOWS\\system32\\mepbde40.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{177EEC6C-5A22-49C4-BB61-A93D312D6B39}] @="" [HKEY_CLASSES_ROOT\CLSID\{177EEC6C-5A22-49C4-BB61-A93D312D6B39}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{177EEC6C-5A22-49C4-BB61-A93D312D6B39}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{177EEC6C-5A22-49C4-BB61-A93D312D6B39}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}] @="" [HKEY_CLASSES_ROOT\CLSID\{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}\InprocServer32] @="C:\\WINDOWS\\system32\\mjieftp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C0F7E429-A07A-49A7-8779-349082F1BE82}] @="" [HKEY_CLASSES_ROOT\CLSID\{C0F7E429-A07A-49A7-8779-349082F1BE82}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C0F7E429-A07A-49A7-8779-349082F1BE82}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C0F7E429-A07A-49A7-8779-349082F1BE82}\InprocServer32] @="C:\\WINDOWS\\system32\\dycompos.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C821488C-30DD-46D3-99BF-690CAB8E22EC}] @="" [HKEY_CLASSES_ROOT\CLSID\{C821488C-30DD-46D3-99BF-690CAB8E22EC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C821488C-30DD-46D3-99BF-690CAB8E22EC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C821488C-30DD-46D3-99BF-690CAB8E22EC}\InprocServer32] @="C:\\WINDOWS\\system32\\aqvapi32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{0A2683C3-387D-4CF5-B1B8-6A174F37B040}] @="" [HKEY_CLASSES_ROOT\CLSID\{0A2683C3-387D-4CF5-B1B8-6A174F37B040}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{0A2683C3-387D-4CF5-B1B8-6A174F37B040}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{0A2683C3-387D-4CF5-B1B8-6A174F37B040}\InprocServer32] @="C:\\WINDOWS\\system32\\jB4oleh31h4.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{34A882B0-EC89-4C25-9DE7-18911CB2189B}] @="" [HKEY_CLASSES_ROOT\CLSID\{34A882B0-EC89-4C25-9DE7-18911CB2189B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{34A882B0-EC89-4C25-9DE7-18911CB2189B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{34A882B0-EC89-4C25-9DE7-18911CB2189B}\InprocServer32] @="C:\\WINDOWS\\system32\\cKbinet.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4F983EF1-176E-4E0D-8D85-E19D4ABB6C23}] @="" [HKEY_CLASSES_ROOT\CLSID\{4F983EF1-176E-4E0D-8D85-E19D4ABB6C23}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4F983EF1-176E-4E0D-8D85-E19D4ABB6C23}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4F983EF1-176E-4E0D-8D85-E19D4ABB6C23}\InprocServer32] @="C:\\WINDOWS\\system32\\sdclogon.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{093A10C8-EC4D-487F-B208-5929D3988813}] @="" [HKEY_CLASSES_ROOT\CLSID\{093A10C8-EC4D-487F-B208-5929D3988813}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{093A10C8-EC4D-487F-B208-5929D3988813}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{093A10C8-EC4D-487F-B208-5929D3988813}\InprocServer32] @="C:\\WINDOWS\\system32\\sjssetup.dll" "ThreadingModel"="Apartment" REGEDIT4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{A4321EAB-D03D-4EE6-B32B-91D74E944041}"=- "{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}"=- "{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}"=- "{C6192732-2BA4-4339-BDF9-83D6DE705E96}"=- "{0C3834CF-1ACE-434C-88CF-81325BEED03B}"=- "{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}"=- "{9FB9E401-6D20-43E8-82D7-2F82480EEC56}"=- "{1BCF7526-556E-4444-8A0B-1C2790907840}"=- "{5F073F13-48EC-4738-848B-A239C6B7E04F}"=- "{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}"=- "{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}"=- "{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}"=- "{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}"=- "{2280F256-DC66-41D4-9C89-3FFD6E2327DA}"=- "{485970B1-A28B-414D-89A3-1D2FB2A20936}"=- "{177EEC6C-5A22-49C4-BB61-A93D312D6B39}"=- "{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}"=- "{C0F7E429-A07A-49A7-8779-349082F1BE82}"=- "{C821488C-30DD-46D3-99BF-690CAB8E22EC}"=- "{0A2683C3-387D-4CF5-B1B8-6A174F37B040}"=- "{34A882B0-EC89-4C25-9DE7-18911CB2189B}"=- "{4F983EF1-176E-4E0D-8D85-E19D4ABB6C23}"=- "{093A10C8-EC4D-487F-B208-5929D3988813}"=- [-HKEY_CLASSES_ROOT\CLSID\{A4321EAB-D03D-4EE6-B32B-91D74E944041}] [-HKEY_CLASSES_ROOT\CLSID\{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}] [-HKEY_CLASSES_ROOT\CLSID\{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}] [-HKEY_CLASSES_ROOT\CLSID\{C6192732-2BA4-4339-BDF9-83D6DE705E96}] [-HKEY_CLASSES_ROOT\CLSID\{0C3834CF-1ACE-434C-88CF-81325BEED03B}] [-HKEY_CLASSES_ROOT\CLSID\{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}] [-HKEY_CLASSES_ROOT\CLSID\{9FB9E401-6D20-43E8-82D7-2F82480EEC56}] [-HKEY_CLASSES_ROOT\CLSID\{1BCF7526-556E-4444-8A0B-1C2790907840}] [-HKEY_CLASSES_ROOT\CLSID\{5F073F13-48EC-4738-848B-A239C6B7E04F}] [-HKEY_CLASSES_ROOT\CLSID\{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}] [-HKEY_CLASSES_ROOT\CLSID\{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}] [-HKEY_CLASSES_ROOT\CLSID\{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}] [-HKEY_CLASSES_ROOT\CLSID\{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}] [-HKEY_CLASSES_ROOT\CLSID\{2280F256-DC66-41D4-9C89-3FFD6E2327DA}] [-HKEY_CLASSES_ROOT\CLSID\{485970B1-A28B-414D-89A3-1D2FB2A20936}] [-HKEY_CLASSES_ROOT\CLSID\{177EEC6C-5A22-49C4-BB61-A93D312D6B39}] [-HKEY_CLASSES_ROOT\CLSID\{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}] [-HKEY_CLASSES_ROOT\CLSID\{C0F7E429-A07A-49A7-8779-349082F1BE82}] [-HKEY_CLASSES_ROOT\CLSID\{C821488C-30DD-46D3-99BF-690CAB8E22EC}] [-HKEY_CLASSES_ROOT\CLSID\{0A2683C3-387D-4CF5-B1B8-6A174F37B040}] [-HKEY_CLASSES_ROOT\CLSID\{34A882B0-EC89-4C25-9DE7-18911CB2189B}] [-HKEY_CLASSES_ROOT\CLSID\{4F983EF1-176E-4E0D-8D85-E19D4ABB6C23}] [-HKEY_CLASSES_ROOT\CLSID\{093A10C8-EC4D-487F-B208-5929D3988813}] REGEDIT4 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] **************************************************************************** Desktop.ini Contents: **************************************************************************** [.ShellClassInfo] CLSID={645FF040-5081-101B-9F08-00AA002F954E} **************************************************************************** Checking for L2MFix account(0=no 1=yes): 0 Zipping up files for submission: adding: dlls/Aadio3D.dll (deflated 5%) adding: dlls/akkctrs.dll (deflated 5%) adding: dlls/cbgmgr32.dll (deflated 5%) adding: dlls/cKbinet.dll (deflated 4%) adding: dlls/DavX.dll (deflated 5%) adding: dlls/dnband.dll (deflated 5%) adding: dlls/dnpo0173e.dll (deflated 5%) adding: dlls/dsdskmgr.dll (deflated 4%) adding: dlls/dycompos.dll (deflated 5%) adding: dlls/dzwave.dll (deflated 5%) adding: dlls/ebcapi.dll (deflated 5%) adding: dlls/h00q0ad5ed0.dll (deflated 5%) adding: dlls/i0jqla151d.dll (deflated 5%) adding: dlls/ir00l5dm1.dll (deflated 5%) adding: dlls/j44oleh31h4.dll (deflated 5%) adding: dlls/j4n20e5oeh.dll (deflated 4%) adding: dlls/j4p00e7meh.dll (deflated 5%) adding: dlls/jB4oleh31h4.dll (deflated 4%) adding: dlls/jcsd400.dll (deflated 4%) adding: dlls/jt2607fse.dll (deflated 5%) adding: dlls/k0js0a17ed.dll (deflated 5%) adding: dlls/k408ledu1h08.dll (deflated 5%) adding: dlls/ktdfo.dll (deflated 5%) adding: dlls/l2l60c3sef.dll (deflated 4%) adding: dlls/lv2209foe.dll (deflated 4%) adding: dlls/lv8209loe.dll (deflated 5%) adding: dlls/lvj0091me.dll (deflated 4%) adding: dlls/lvrm0991e.dll (deflated 5%) adding: dlls/m4460ehseh460.dll (deflated 5%) adding: dlls/mepbde40.dll (deflated 5%) adding: dlls/mjieftp.dll (deflated 4%) adding: dlls/MKIMTF.dll (deflated 4%) adding: dlls/mtvcrt.dll (deflated 4%) adding: dlls/mujet40.dll (deflated 4%) adding: dlls/mvpul9791.dll (deflated 6%) adding: dlls/ncshrui.dll (deflated 4%) adding: dlls/necfg.dll (deflated 5%) adding: dlls/rdm.dll (deflated 5%) adding: dlls/sdclogon.dll (deflated 4%) adding: dlls/sjssetup.dll (deflated 4%) adding: dlls/sobcsp.dll (deflated 5%) adding: dlls/socbase.dll (deflated 5%) adding: dlls/sZmlib.dll (deflated 5%) adding: dlls/guard.tmp (deflated 5%) adding: backregs/notibac.reg (deflated 87%) adding: backregs/shell.reg (deflated 73%) adding: backregs/503C23FA-2ECF-4C37-B58E-0EE680FAD1E8.reg (deflated 70%) adding: backregs/80AD3D84-1765-41F9-AEBE-BF7BC5A685F4.reg (deflated 70%) adding: backregs/C6192732-2BA4-4339-BDF9-83D6DE705E96.reg (deflated 70%) adding: backregs/0C3834CF-1ACE-434C-88CF-81325BEED03B.reg (deflated 70%) adding: backregs/A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C.reg (deflated 70%) adding: backregs/9FB9E401-6D20-43E8-82D7-2F82480EEC56.reg (deflated 70%) adding: backregs/1BCF7526-556E-4444-8A0B-1C2790907840.reg (deflated 70%) adding: backregs/5F073F13-48EC-4738-848B-A239C6B7E04F.reg (deflated 70%) adding: backregs/C746B440-6BDC-4ECA-A38A-63F9DE84DC89.reg (deflated 70%) adding: backregs/9E5DF6D5-854E-4F24-A6E8-45A55D735CFC.reg (deflated 70%) adding: backregs/CBF29FD1-D255-4260-8BF8-7C3F8AA95040.reg (deflated 70%) adding: backregs/0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC.reg (deflated 70%) adding: backregs/2280F256-DC66-41D4-9C89-3FFD6E2327DA.reg (deflated 70%) adding: backregs/485970B1-A28B-414D-89A3-1D2FB2A20936.reg (deflated 70%) adding: backregs/177EEC6C-5A22-49C4-BB61-A93D312D6B39.reg (deflated 70%) adding: backregs/C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA.reg (deflated 70%) adding: backregs/C0F7E429-A07A-49A7-8779-349082F1BE82.reg (deflated 70%) adding: backregs/C821488C-30DD-46D3-99BF-690CAB8E22EC.reg (deflated 70%) adding: backregs/0A2683C3-387D-4CF5-B1B8-6A174F37B040.reg (deflated 69%) adding: backregs/34A882B0-EC89-4C25-9DE7-18911CB2189B.reg (deflated 70%) adding: backregs/4F983EF1-176E-4E0D-8D85-E19D4ABB6C23.reg (deflated 70%) adding: backregs/093A10C8-EC4D-487F-B208-5929D3988813.reg (deflated 70%) ======= Hijackthis Logfile of HijackThis v1.99.1 Scan saved at 16:44:47, on 3/3/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\Arquivos de programas\Network Monitor\netmon.exe C:\WINDOWS\htpatch.exe C:\WINDOWS\System32\RunDll32.exe C:\WINDOWS\System32\pctspk.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\ctfmon.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\downlo\ha\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.br/0SEPTBR/SAOS01 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com O2 - BHO: WTLHelper Object - {75DC57F8-D831-4AB8-86B7-4F826F4A0873} - C:\WINDOWS\System32\efeec.dll O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Arquivos de programas\TheSearchAccelerator\UCMTSAIE.dll O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [background Intelligent Transfer Service] C:\WINDOWS\help\rundll32.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Network Connections] C:\WINDOWS\help\internat.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O20 - Winlogon Notify: BITS - C:\WINDOWS\system32\lv2209foe.dll (file missing) O20 - Winlogon Notify: efeec - C:\WINDOWS\System32\efeec.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Network Monitor - Unknown owner - C:\Arquivos de programas\Network Monitor\netmon.exe O23 - Service: nvsvc32.exe - Unknown owner - C:\WINDOWS\wmisp.exe
  5. win32:Trojan-gen, {Other}

    Opa amigo fix o log segue em anexo e conto com sua ajuda Grato desde já Agostinho Jr =================================== L2MFIX find log 010406 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\ 6c,00,00,00 "Logoff"="ChainWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] "Asynchronous"=dword:00000000 "Impersonate"=dword:00000000 "DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Logoff"="CryptnetWlxLogoffEvent" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] "DLLName"="cscdll.dll" "Logon"="WinlogonLogonEvent" "Logoff"="WinlogonLogoffEvent" "ScreenSaver"="WinlogonScreenSaverEvent" "Startup"="WinlogonStartupEvent" "Shutdown"="WinlogonShutdownEvent" "StartShell"="WinlogonStartShellEvent" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efeec] "Asynchronous"=dword:00000001 "DllName"="C:\\WINDOWS\\System32\\efeec.dll" "Impersonate"=dword:00000000 "Startup"="SysLogon" "Logoff"="SysLogoff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] "DLLName"="wlnotify.dll" "Logon"="SCardStartCertProp" "Logoff"="SCardStopCertProp" "Lock"="SCardSuspendCertProp" "Unlock"="SCardResumeCertProp" "Enabled"=dword:00000001 "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "StartShell"="SchedStartShell" "Logoff"="SchedEventLogOff" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] "Logoff"="WLEventLogoff" "Impersonate"=dword:00000000 "Asynchronous"=dword:00000001 "DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] "DLLName"="WlNotify.dll" "Lock"="SensLockEvent" "Logon"="SensLogonEvent" "Logoff"="SensLogoffEvent" "Safe"=dword:00000001 "MaxWait"=dword:00000258 "StartScreenSaver"="SensStartScreenSaverEvent" "StopScreenSaver"="SensStopScreenSaverEvent" "Startup"="SensStartupEvent" "Shutdown"="SensShutdownEvent" "StartShell"="SensStartShellEvent" "PostShell"="SensPostShellEvent" "Disconnect"="SensDisconnectEvent" "Reconnect"="SensReconnectEvent" "Unlock"="SensUnlockEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SharedDLLs] "Asynchronous"=dword:00000000 "DllName"="C:\\WINDOWS\\system32\\m4280efueh280.dll" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] "Asynchronous"=dword:00000000 "DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\ 6c,00,6c,00,00,00 "Impersonate"=dword:00000000 "Logoff"="TSEventLogoff" "Logon"="TSEventLogon" "PostShell"="TSEventPostShell" "Shutdown"="TSEventShutdown" "StartShell"="TSEventStartShell" "Startup"="TSEventStartup" "MaxWait"=dword:00000258 "Reconnect"="TSEventReconnect" "Disconnect"="TSEventDisconnect" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] "DLLName"="wlnotify.dll" "Logon"="RegisterTicketExpiredNotificationEvent" "Logoff"="UnregisterTicketExpiredNotificationEvent" "Impersonate"=dword:00000001 "Asynchronous"=dword:00000001 ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{AA634B28-FEFD-A565-8587-BBD5BD5C95B4}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Folha de propriedades de arquivo de multim¡dia" "{176d6597-26d3-11d1-b350-080036a75b03}"="Gerenciamento de scanner ICM" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="P gina de seguran‡a NTFS" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="P gina de propriedades do arquivo de documento OLE" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensäes do Shell para compartilhamento" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="ExtensÆo do 'Painel de controle' para adaptador de v¡deo" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="ExtensÆo do 'Painel de controle' para monitor de v¡deo" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="ExtensÆo do 'Painel de controle' para panorƒmica de v¡deo" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="P gina de seguran‡a DS" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="P gina de compatibilidade" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Manipulador de dados de recorte do shell" "{59099400-57FF-11CE-BD94-0020AF85B590}"="ExtensÆo de c¢pia de disco" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensäes do shell para objetos Microsoft Windows Network" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gerenciamento de monitor ICM" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gerenciamento de impressora ICM" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensäes do shell para compacta‡Æo de arquivos" "{77597368-7b15-11d0-a0c2-080036af3f03}"="ExtensÆo do shell de impressora na Web" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu de contexto de criptografia" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porta-arquivos" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="ExtensÆo de ¡cone do HyperTerminal" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Perfil ICC" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="P gina de seguran‡a de impressoras" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensäes do Shell para compartilhamento" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="ExtensÆo PKO de criptografia" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="ExtensÆo do sinal de criptografia" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Conexäes de rede" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Conexäes de rede" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Scanners & cƒmeras" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Scanners & cƒmeras" "{905667aa-acd6-11d2-8080-00805f6596d2}"="Scanners & cƒmeras" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Scanners & cƒmeras" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Scanners & cƒmeras" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="ExtensÆo de p gina de propriedades da atualiza‡Æo autom tica" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensäes shell para host de scripts do Windows" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Vincula‡Æo de dados Microsoft" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tarefas agendadas" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barra de tarefas e menu Iniciar" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Pesquisar" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Ajuda e suporte" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Ajuda e suporte" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Executar..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Email" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Fontes" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Ferramentas administrativas" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barra de ferramentas do Microsoft Internet Explorer" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Status do download" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Pasta do shell aumentada" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Pasta do shell aumentada 2" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Faixa de pesquisa" "{32683183-48a0-441b-a342-7c2a440a9478}"="Faixa de m¡dia" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Pesquisa no painel" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Pesquisa na Web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilit rio de op‡äes de rvore do Registro" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="E&ndere‡o" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="Caixa de edi‡Æo de endere‡o" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Preenchimento autom tico da Microsoft" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="Lista de preenchimento autom tico MRU" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Lista personalizada MRU preenchida automaticamente" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Acess¡vel" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Barra Popup de controle" "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analisador da barra de endere‡os" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Lista de preenchimento autom tico de hist¢rico da Microsoft" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Lista de preenchimento autom tico de pastas do Shell da Microsoft" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Recipiente de lista de preenchimento autom tico m£ltiplo da Microsoft" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu de site de faixa do Shell" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistˆncia ao usu rio" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Configura‡äes de pasta globais" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Servi‡o de hist¢rico de URLs da Microsoft" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Hist¢rico" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite Splash Screen" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Faixa do Explorer" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Pasta cache de ActiveX" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Pasta de inscri‡äes" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gerenciador de aplicativos do shell" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="Enumerador de aplicativos instalado" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Editor de aplicativo Darwin" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extrator de miniaturas de arquivo GDI+" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Identificador de informa‡äes de resumo de miniaturas (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extrator de miniaturas HTML" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistente para publica‡Æo na Web" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Pedido de impressÆo via Web" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objeto do assistente para publica‡Æo do shell" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Obter um Assistente do Passport" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Contas de usu rio" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Arquivo de canal" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Atalho para o canal" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Objeto manipulador de canais" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Pasta de arquivos off-line" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="&Pessoas..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{A4321EAB-D03D-4EE6-B32B-91D74E944041}"="" "{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}"="" "{472083B0-C522-11CF-8763-00608CC02F24}"="avast" "{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}"="" "{C6192732-2BA4-4339-BDF9-83D6DE705E96}"="" "{0C3834CF-1ACE-434C-88CF-81325BEED03B}"="" "{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}"="" "{9FB9E401-6D20-43E8-82D7-2F82480EEC56}"="" "{1BCF7526-556E-4444-8A0B-1C2790907840}"="" "{5F073F13-48EC-4738-848B-A239C6B7E04F}"="" "{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}"="" "{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}"="" "{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}"="" "{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}"="" "{2280F256-DC66-41D4-9C89-3FFD6E2327DA}"="" "{485970B1-A28B-414D-89A3-1D2FB2A20936}"="" "{177EEC6C-5A22-49C4-BB61-A93D312D6B39}"="" "{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}"="" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}] @="" [HKEY_CLASSES_ROOT\CLSID\{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{503C23FA-2ECF-4C37-B58E-0EE680FAD1E8}\InprocServer32] @="C:\\WINDOWS\\system32\\dsdskmgr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}] @="" [HKEY_CLASSES_ROOT\CLSID\{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{80AD3D84-1765-41F9-AEBE-BF7BC5A685F4}\InprocServer32] @="C:\\WINDOWS\\system32\\sZmlib.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C6192732-2BA4-4339-BDF9-83D6DE705E96}] @="" [HKEY_CLASSES_ROOT\CLSID\{C6192732-2BA4-4339-BDF9-83D6DE705E96}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C6192732-2BA4-4339-BDF9-83D6DE705E96}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C6192732-2BA4-4339-BDF9-83D6DE705E96}\InprocServer32] @="C:\\WINDOWS\\system32\\MKIMTF.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{0C3834CF-1ACE-434C-88CF-81325BEED03B}] @="" [HKEY_CLASSES_ROOT\CLSID\{0C3834CF-1ACE-434C-88CF-81325BEED03B}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{0C3834CF-1ACE-434C-88CF-81325BEED03B}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{0C3834CF-1ACE-434C-88CF-81325BEED03B}\InprocServer32] @="C:\\WINDOWS\\system32\\ncshrui.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}] @="" [HKEY_CLASSES_ROOT\CLSID\{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A0042E37-0E0A-46B9-83A1-02E0A1C8CC6C}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9FB9E401-6D20-43E8-82D7-2F82480EEC56}] @="" [HKEY_CLASSES_ROOT\CLSID\{9FB9E401-6D20-43E8-82D7-2F82480EEC56}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9FB9E401-6D20-43E8-82D7-2F82480EEC56}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9FB9E401-6D20-43E8-82D7-2F82480EEC56}\InprocServer32] @="C:\\WINDOWS\\system32\\sobcsp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{1BCF7526-556E-4444-8A0B-1C2790907840}] @="" [HKEY_CLASSES_ROOT\CLSID\{1BCF7526-556E-4444-8A0B-1C2790907840}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{1BCF7526-556E-4444-8A0B-1C2790907840}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{1BCF7526-556E-4444-8A0B-1C2790907840}\InprocServer32] @="C:\\WINDOWS\\system32\\cbgmgr32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5F073F13-48EC-4738-848B-A239C6B7E04F}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F073F13-48EC-4738-848B-A239C6B7E04F}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5F073F13-48EC-4738-848B-A239C6B7E04F}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5F073F13-48EC-4738-848B-A239C6B7E04F}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}] @="" [HKEY_CLASSES_ROOT\CLSID\{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C746B440-6BDC-4ECA-A38A-63F9DE84DC89}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}] @="" [HKEY_CLASSES_ROOT\CLSID\{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9E5DF6D5-854E-4F24-A6E8-45A55D735CFC}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}] @="" [HKEY_CLASSES_ROOT\CLSID\{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{CBF29FD1-D255-4260-8BF8-7C3F8AA95040}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}] @="" [HKEY_CLASSES_ROOT\CLSID\{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{0F8029F9-F3F1-4EB4-A1BD-3CAED8EC0FBC}\InprocServer32] @="C:\\WINDOWS\\system32\\dzwave.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{2280F256-DC66-41D4-9C89-3FFD6E2327DA}] @="" [HKEY_CLASSES_ROOT\CLSID\{2280F256-DC66-41D4-9C89-3FFD6E2327DA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{2280F256-DC66-41D4-9C89-3FFD6E2327DA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{2280F256-DC66-41D4-9C89-3FFD6E2327DA}\InprocServer32] @="C:\\WINDOWS\\system32\\socbase.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{485970B1-A28B-414D-89A3-1D2FB2A20936}] @="" [HKEY_CLASSES_ROOT\CLSID\{485970B1-A28B-414D-89A3-1D2FB2A20936}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{485970B1-A28B-414D-89A3-1D2FB2A20936}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{485970B1-A28B-414D-89A3-1D2FB2A20936}\InprocServer32] @="C:\\WINDOWS\\system32\\mepbde40.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{177EEC6C-5A22-49C4-BB61-A93D312D6B39}] @="" [HKEY_CLASSES_ROOT\CLSID\{177EEC6C-5A22-49C4-BB61-A93D312D6B39}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{177EEC6C-5A22-49C4-BB61-A93D312D6B39}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{177EEC6C-5A22-49C4-BB61-A93D312D6B39}\InprocServer32] @="C:\\WINDOWS\\system32\\guard.tmp" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}] @="" [HKEY_CLASSES_ROOT\CLSID\{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C7596C13-0AAB-47F3-AF5A-9B3B5E79DDDA}\InprocServer32] @="C:\\WINDOWS\\system32\\mjieftp.dll" "ThreadingModel"="Apartment" ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ dsdskmgr.dll Tue 28 Feb 2006 21:06:04 ..S.R 234.456 228,96 K jcsd400.dll Wed 1 Mar 2006 0:06:06 ..S.R 234.185 228,70 K mkimtf.dll Tue 28 Feb 2006 21:44:52 ..S.R 234.456 228,96 K ncshrui.dll Tue 28 Feb 2006 21:49:30 ..S.R 234.456 228,96 K sobcsp.dll Tue 28 Feb 2006 23:20:28 ..S.R 235.956 230,43 K dnband.dll Tue 28 Feb 2006 21:55:56 ..S.R 235.683 230,16 K cbgmgr32.dll Tue 28 Feb 2006 23:47:26 ..S.R 235.956 230,43 K mujet40.dll Wed 1 Mar 2006 0:09:12 ..S.R 234.185 228,70 K atmtd.dll Tue 28 Feb 2006 23:36:20 A.... 687.592 671,48 K akkctrs.dll Tue 28 Feb 2006 23:53:42 ..S.R 235.956 230,43 K necfg.dll Wed 1 Mar 2006 15:51:58 ..S.R 235.735 230,21 K dzwave.dll Wed 1 Mar 2006 23:10:52 ..S.R 235.735 230,21 K ebcapi.dll Wed 1 Mar 2006 23:19:52 ..S.R 235.735 230,21 K socbase.dll Thu 2 Mar 2006 13:22:52 ..S.R 235.735 230,21 K ktdfo.dll Thu 2 Mar 2006 15:49:24 ..S.R 235.735 230,21 K rdm.dll Thu 2 Mar 2006 16:51:40 ..S.R 235.735 230,21 K mepbde40.dll Thu 2 Mar 2006 18:28:44 ..S.R 236.901 231,35 K mtvcrt.dll Thu 2 Mar 2006 22:56:32 ..S.R 233.558 228,08 K mjieftp.dll Fri 3 Mar 2006 0:14:42 ..S.R 234.087 228,60 K lv8209~1.dll Tue 28 Feb 2006 21:52:38 ..S.R 235.972 230,44 K davx.dll Tue 28 Feb 2006 21:39:50 ..S.R 235.470 229,95 K i0jqla~1.dll Tue 28 Feb 2006 20:40:08 ..S.R 235.943 230,41 K k408le~1.dll Tue 28 Feb 2006 21:44:52 ..S.R 236.260 230,72 K ir00l5~1.dll Tue 28 Feb 2006 21:55:56 ..S.R 236.688 231,14 K bsmtp.dll Tue 28 Feb 2006 22:51:54 A.... 159.744 156,00 K szmlib.dll Tue 28 Feb 2006 22:07:02 ..S.R 235.683 230,16 K dnpo01~1.dll Tue 28 Feb 2006 23:54:42 ..S.R 235.956 230,43 K j4p00e~1.dll Tue 28 Feb 2006 23:06:14 ..S.R 236.513 230,97 K lvrm09~1.dll Thu 2 Mar 2006 17:05:40 ..S.R 235.735 230,21 K k0js0a~1.dll Wed 1 Mar 2006 23:11:52 ..S.R 235.735 230,21 K l2l60c~1.dll Tue 28 Feb 2006 23:20:42 ..S.R 234.126 228,64 K j44ole~1.dll Wed 1 Mar 2006 23:20:54 ..S.R 235.735 230,21 K aadio3d.dll Thu 2 Mar 2006 17:42:14 ..S.R 236.901 231,35 K n6p4lg~1.dll Fri 3 Mar 2006 0:01:20 ..S.R 233.558 228,08 K h00q0a~1.dll Thu 2 Mar 2006 20:54:46 ..S.R 236.901 231,35 K m4280e~1.dll Thu 2 Mar 2006 22:56:40 ..S.R 234.087 228,60 K awtut.dll Sun 26 Feb 2006 19:28:10 ..SH. 38.925 38,01 K iiiji.dll Sun 26 Feb 2006 21:50:26 ..SH. 38.925 38,01 K efeec.dll Tue 28 Feb 2006 18:02:14 ..SH. 577.588 564,05 K 39 items found: 39 files (37 H/S), 0 directories. Total of file sizes: 9.508.282 bytes 9,07 M Locate .tmp files: C:\WINDOWS\SYSTEM32\ ceefe.tmp Tue 28 Feb 2006 18:52:18 A.SH. 449.954 439,41 K mcrh.tmp Tue 28 Feb 2006 23:44:44 A.... 335 0,32 K guard.tmp Fri 3 Mar 2006 0:14:48 A.... 235.868 230,34 K perfst~1.tmp Mon 13 Feb 2006 23:50:56 A.... 130 0,13 K 4 items found: 4 files (1 H/S), 0 directories. Total of file sizes: 686.287 bytes 670,20 K ********************************************************************************** Directory Listing of system files: O volume na unidade C nÆo tem nome. O n£mero de s‚rie do volume ‚ 0004-5876 Pasta de C:\WINDOWS\System32 03/03/2006 00:16 448.259 ceefe.ini2 03/03/2006 00:14 234.087 mjieftp.dll 03/03/2006 00:01 233.558 n6p4lg7q16.dll 02/03/2006 22:56 234.087 m4280efueh280.dll 02/03/2006 22:56 233.558 mtvcrt.dll 02/03/2006 20:54 236.901 h00q0ad5ed0.dll 02/03/2006 18:28 236.901 mepbde40.dll 02/03/2006 17:42 236.901 Aadio3D.dll 02/03/2006 17:05 235.735 lvrm0991e.dll 02/03/2006 16:51 235.735 rdm.dll 02/03/2006 15:49 235.735 ktdfo.dll 02/03/2006 13:22 235.735 socbase.dll 01/03/2006 23:20 235.735 j44oleh31h4.dll 01/03/2006 23:19 235.735 ebcapi.dll 01/03/2006 23:11 235.735 k0js0a17ed.dll 01/03/2006 23:10 235.735 dzwave.dll 01/03/2006 15:51 235.735 necfg.dll 01/03/2006 01:22 450.029 ceefe.bak2 01/03/2006 00:09 234.185 mujet40.dll 01/03/2006 00:06 234.185 jcsd400.dll 28/02/2006 23:54 235.956 dnpo0173e.dll 28/02/2006 23:53 235.956 akkctrs.dll 28/02/2006 23:47 235.956 cbgmgr32.dll 28/02/2006 23:20 234.126 l2l60c3sef.dll 28/02/2006 23:20 235.956 sobcsp.dll 28/02/2006 23:06 236.513 j4p00e7meh.dll 28/02/2006 22:07 235.683 sZmlib.dll 28/02/2006 21:55 235.683 dnband.dll 28/02/2006 21:55 236.688 ir00l5dm1.dll 28/02/2006 21:52 235.972 lv8209loe.dll 28/02/2006 21:49 234.456 ncshrui.dll 28/02/2006 21:44 236.260 k408ledu1h08.dll 28/02/2006 21:44 234.456 MKIMTF.dll 28/02/2006 21:39 235.470 DavX.dll 28/02/2006 21:06 234.456 dsdskmgr.dll 28/02/2006 20:40 235.943 i0jqla151d.dll 28/02/2006 18:52 449.954 ceefe.tmp 28/02/2006 18:02 447.583 ceefe.bak1 28/02/2006 18:02 447.583 ceefe.ini 28/02/2006 18:02 577.588 efeec.dll 26/02/2006 21:50 38.925 iiiji.dll 26/02/2006 19:28 38.925 awtut.dll 13/02/2006 23:27 <DIR> dllcache 10/04/2003 02:36 <DIR> Microsoft 10/04/2003 00:07 234.185 j4n20e5oeh.dll 43 arquivo(s) 11.138.539 bytes 2 pasta(s) 25.200.656.384 bytes dispon¡veis
  6. win32:Trojan-gen, {Other}

    Amigos estou recorrendo a este poste por que já li os outros topicos fiz os procedimentos mas esse maldito malware sempre volta! Estou tendo problemas com o win32:Trojan-gen, {Other} o avast detectou a arquivo c:\windows\help\svchost.exe a algum tempo atras eu tinha feito todos os procedimentos com o killbox e tudo mais tende a voltar. Agora fica abrindo umas janelas o tempo inteiro como esta (http://www.ad-w-a-r-e.com/cgi-bin/PopupV3?ID={AA634B28-FEFD-A565-8587-BBD5BD5C95B4}&type=normal&mSkip=1&rnd=882) e eu não sei mais para onde recorrer! Segue o log do HijackThis para ver se vocês podem me ajudar! Espero contar com a ajuda de vocês Grato desde já Agostinho Jr ======================== Logfile of HijackThis v1.99.1 Scan saved at 23:24:27, on 1/3/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\Arquivos de programas\Network Monitor\netmon.exe C:\WINDOWS\htpatch.exe C:\WINDOWS\System32\pctspk.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\ctfmon.exe C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\rundll32.exe C:\downlo\ha\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.br/0SEPTBR/SAOS01 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com O1 - Hosts: .arial11pt { O1 - Hosts: font-family: Arial; O1 - Hosts: font-size: 11px; O1 - Hosts: } O1 - Hosts: .arial13pt { O1 - Hosts: font-family: Arial; O1 - Hosts: font-size: 13px; O1 - Hosts: } O1 - Hosts: .botline { O1 - Hosts: background-attachment: fixed; O1 - Hosts: background-image: url(../images/botline.gif); O1 - Hosts: background-repeat: repeat-x; O1 - Hosts: background-position: left top; O1 - Hosts: } O1 - Hosts: a:link { O1 - Hosts: color: #0000FF; O1 - Hosts: } O1 - Hosts: a:visited { O1 - Hosts: color: #0000FF; O1 - Hosts: } O1 - Hosts: .formsearch { O1 - Hosts: font-family: Arial; O1 - Hosts: font-size: 11px; O1 - Hosts: height: 20px; O1 - Hosts: border: 0px none; O1 - Hosts: padding: 3px 0px 0px 4px; O1 - Hosts: margin: 0px; O1 - Hosts: } O1 - Hosts: .arial11pt-16space { O1 - Hosts: font-family: Arial; O1 - Hosts: font-size: 11px; O1 - Hosts: line-height: 16px; O1 - Hosts: } O1 - Hosts: a.one:link { O1 - Hosts: color: #666666; O1 - Hosts: text-decoration: none; O1 - Hosts: } O1 - Hosts: a.one:visited { O1 - Hosts: color: #666666; O1 - Hosts: text-decoration: none; O1 - Hosts: } O1 - Hosts: a.one:hover { O1 - Hosts: color: #0000FF; O1 - Hosts: text-decoration: none; O2 - BHO: WTLHelper Object - {75DC57F8-D831-4AB8-86B7-4F826F4A0873} - C:\WINDOWS\System32\efeec.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.5000.1021\pt-br\msntb.dll O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Arquivos de programas\TheSearchAccelerator\UCMTSAIE.dll O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [background Intelligent Transfer Service] C:\WINDOWS\help\rundll32.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Network Connections] C:\WINDOWS\help\internat.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O20 - Winlogon Notify: efeec - C:\WINDOWS\System32\efeec.dll O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\enl8l13u1.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Network Monitor - Unknown owner - C:\Arquivos de programas\Network Monitor\netmon.exe
  7. sera que meu pente de memoria esta com defeito

    amigo, estava tendo o mesmo problema que você só que no meu caso era a minha memoria que eu tinha comprado já testou outras memorias ?
  8. DDR(333) 128 + DDR(400) 256

    opa amigo voce se refere as temporizacoes? se tu poder me explicar um pouco mais eu não entendo nada de memorias... eu estou ak com o everest quer que eu cole alguma informacao ? Grato desde já Agostinho Jr
  9. DDR(333) 128 + DDR(400) 256

    Elifaz, opa velho massa cara, vehh qual é teu pc ??
  10. DDR(333) 128 + DDR(400) 256

    ninguém ?
  11. DDR(333) 128 + DDR(400) 256

    aqui fala Versão 07.00T, mas mesmo assim agradecido pela sua atençao. Espero a ajuda de vocês grato desde já Agostinho Jr
  12. DDR(333) 128 + DDR(400) 256

    Tipo de processador AMD Athlon XP, 1466 MHz (11 x 133) 1700+ Nome da Placa Mãe PCChips M810DLU (2 PCI, 1 CNR, 2 DDR DIMM, Audio, Video, LAN) Chipset da Placa Mãe SiS 740 Memória do Sistema 320 MB (DDR SDRAM) Tipo de BIOS AMI (04/10/03) Versão 07.00T Tamanho 256 KB
  13. DDR(333) 128 + DDR(400) 256

    rapz, comprei no mercado livre mas ta na garantia ainda, mas ela esta pegando ta ligado, sera que não pode ser alguma modificacao que eu deva fazer?
  14. DDR(333) 128 + DDR(400) 256

    opa amigos, estou tendo problemas com a minha memoria ddr400 256. eu tenho um processador AMD Athlon XP, 1466 MHz (11 x 133) 1700+. Bem eu já tinha uma memoria de ddr333 128 (@ 166 MHz 2.5-3-3-7 (CL-RCD-RP-RAS) ) e comprei uma de 256 pc3200 DDR400 Com as seguintes temporizaçoes @ 200 MHz 3.0-4-4-8 (CL-RCD-RP-RAS) @ 166 MHz 2.5-3-3-7 (CL-RCD-RP-RAS) @ 133 MHz 2.0-3-3-6 (CL-RCD-RP-RAS) Quando eu coloco só a memoria de 256 não inicializa fica dando um erro no dos, quando utilizo as duas memorias ele pega depois de dar muita dor de cabeça, fica dando erro de protecao, entre outros erros, eu restauro o backup do registro e entra, gostaria que vocês me ajudassem a resolver este problema, pois não entendo nada de memorias. Grato desde já Agostinho Jr
  15. opa, inicializa em modo ms-dos e da um scanreg abraço Agostinho Jr.

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×