Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
bbaixista

Ñ consigo visualizar arquivos ocultos...me ajudem pf

Recommended Posts

Estou postando meu log do HijackThis e do Combofix...

Ja passei os dois e queria saber se preciso fazer mais alguma coisa ou se ja estou livre dessas pagras nocivas....desde ja agradeço a atenção de vocês...obg

Logfile of HijackThis v1.99.1

Scan saved at 12:46:37, on 14/8/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:

C:\windows\System32\smss.exe

C:\windows\system32\winlogon.exe

C:\windows\system32\services.exe

C:\windows\system32\lsass.exe

C:\windows\system32\svchost.exe

C:\windows\System32\svchost.exe

C:\windows\system32\svchost.exe

C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe

C:\windows\system32\spoolsv.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Arquivos de programas\NetLimiter 2 Pro\nlsvc.exe

C:\windows\system32\svchost.exe

C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe

C:\windows\system32\ctfmon.exe

C:\Arquivos de programas\Free Download Manager\fdm.exe

C:\Arquivos de programas\Internet Download Manager\IDMan.exe

C:\Program Files\Caffe\Server.exe

C:\Arquivos de programas\NetLimiter 2 Pro\NLClient.exe

C:\windows\explorer.exe

C:\windows\system32\notepad.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Bruno\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Arquivos de programas\Internet Download Manager\IDMIECC.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\fgiebar.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Arquivos de programas\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [Free Download Manager] "C:\Arquivos de programas\Free Download Manager\fdm.exe" -autorun

O4 - HKCU\..\Run: [iDMan] C:\Arquivos de programas\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [Caffe-Server] C:\Program Files\Caffe\Server.exe

O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Arquivos de programas\MP3 Player Utilities 4.00\AMVConverter\grab.html

O8 - Extra context menu item: Baixar com o FDM - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o FDM - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: Download all links with IDM - C:\Arquivos de programas\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download FLV video content with IDM - C:\Arquivos de programas\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Download selecionado pelo FDM - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Download with IDM - C:\Arquivos de programas\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.00\MediaManager\grab.html

O8 - Extra context menu item: Translate with &Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1208913888859

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{17DC0B0C-C2E9-4DC2-B1A8-0AF7B43453BC}: NameServer = 192.168.254.254

O17 - HKLM\System\CCS\Services\Tcpip\..\{77875576-00F8-4C78-B3D9-A69551DBCAC9}: NameServer = 192.168.254.254

O17 - HKLM\System\CS1\Services\Tcpip\..\{17DC0B0C-C2E9-4DC2-B1A8-0AF7B43453BC}: NameServer = 192.168.254.254

O17 - HKLM\System\CS2\Services\Tcpip\..\{17DC0B0C-C2E9-4DC2-B1A8-0AF7B43453BC}: NameServer = 192.168.254.254

O17 - HKLM\System\CS3\Services\Tcpip\..\{17DC0B0C-C2E9-4DC2-B1A8-0AF7B43453BC}: NameServer = 192.168.254.254

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\windows\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32\WgaLogon.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Arquivos de programas\NetLimiter 2 Pro\nlsvc.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe

ComboFix 08-08-13.02 - Bruno 2008-08-14 12:35:13.7 - NTFSx86 NETWORK

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.1235 [GMT -3:00]

Executando de: C:\Documents and Settings\Bruno\Desktop\ComboFix.exe

ATENÇAO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!

.

((((((((((((((((((((((((((((((((((((( Outras Exclusäes )))))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\Bruno\Abn.gpc, Cef.gpc, gbieh.gmd, gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, gbpdist.dll', PChar('Abn.gpc, Cef.gpc, gbieh.gmd, gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, gbpdist.dll

C:\Documents and Settings\Bruno\Abn.gpc, Cef.gpc, gbieh.gmd, gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, gbpdist.dll', PChar('Abn.gpc, Cef.gpc, gbieh.gmd, gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, gbpdist.dll\desktop.ini

C:\Documents and Settings\Bruno\Abn.gpc, Cef.gpc, gbieh.gmd, gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, gbpdist.dll', PChar('Abn.gpc, Cef.gpc, gbieh.gmd, gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, gbpdist.dll\FP_AX_CAB_INSTALLER.exe

C:\Documents and Settings\Bruno\Abn.gpc, Cef.gpc, gbieh.gmd, gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, gbpdist.dll', PChar('Abn.gpc, Cef.gpc, gbieh.gmd, gbiehuni.dll , GBIEHCEF.DLL , gbiehabn.dll, gbpdist.dll\swflash.inf

C:\windows\ponto.DLL

C:\windows\system32\MEGATRON.ini

.

((((((((((((((((((((((( Ficheiros criados de 2008-07-14 to 2008-08-14 ))))))))))))))))))))))))))))))))

.

2009-03-04 09:03 . 2009-03-04 09:03 73,728 -r-hs---- C:\WINDOWS\system32\avc37.exe

2008-08-14 09:32 . 2008-08-14 10:00 <DIR> d-------- C:\Arquivos de programas\EsetOnlineScanner

2008-08-13 09:58 . 2008-08-14 09:32 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files

2008-08-13 04:56 . 2008-05-01 11:36 331,776 -----c--- C:\WINDOWS\system32\dllcache\msadce.dll

2008-08-13 04:54 . 2008-04-11 16:05 691,712 -----c--- C:\WINDOWS\system32\dllcache\inetcomm.dll

2008-08-08 19:37 . 2008-08-08 19:40 <DIR> d-------- C:\Nova pasta

2008-08-08 17:31 . 2008-08-14 00:14 <DIR> d-------- C:\lost 2 temporada

2008-08-07 13:01 . 2008-08-07 13:01 357,624 --a------ C:\WINDOWS\iexplorerconfigwin.exe

2008-08-06 17:16 . 2008-08-06 17:16 <DIR> d-------- C:\Documents and Settings\Bruno\Configuraes locais

2008-08-06 17:15 . 2008-08-06 17:15 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe Systems

2008-08-06 17:11 . 2008-08-06 17:11 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared

2008-08-02 00:42 . 2008-08-02 00:43 0 --a------ C:\WINDOWS\system32\avc.lst

2008-07-22 13:16 . 2006-07-14 14:36 172,115 --a------ C:\WINDOWS\system32\ZS211Prp.Ax

2008-07-19 22:07 . 2008-07-19 22:07 <DIR> d-------- C:\Arquivos de programas\VSO

2008-07-19 22:07 . 2004-05-04 11:53 1,645,320 --a------ C:\WINDOWS\gdiplus.dll

2008-07-19 22:07 . 2006-05-20 16:16 1,184,984 --a------ C:\WINDOWS\system32\wvc1dmod.dll

2008-07-19 22:07 . 2006-05-11 19:21 626,688 --a------ C:\WINDOWS\system32\vp7vfw.dll

2008-07-19 22:07 . 2006-09-29 12:24 217,127 --a------ C:\WINDOWS\system32\drv43260.dll

2008-07-19 22:07 . 2006-09-29 12:25 208,935 --a------ C:\WINDOWS\system32\drv33260.dll

2008-07-19 22:07 . 2006-09-29 12:26 176,165 --a------ C:\WINDOWS\system32\drv23260.dll

2008-07-19 22:07 . 2007-03-18 20:37 65,602 --a------ C:\WINDOWS\system32\cook3260.dll

2008-07-18 14:33 . 2008-07-18 14:33 <DIR> d-------- C:\Arquivos de programas\MP3 Player Utilities 4.00

.

((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-08-14 15:38 --------- d-----w C:\Documents and Settings\Bruno\Dados de aplicativos\DMCache

2008-08-14 15:29 --------- d-----w C:\Documents and Settings\Bruno\Dados de aplicativos\Free Download Manager

2008-08-14 13:19 --------- d-----w C:\Arquivos de programas\MuGNN

2008-08-14 12:33 --------- d-----w C:\Documents and Settings\Bruno\Dados de aplicativos\uTorrent

2008-08-13 15:34 3,350 --sha-w C:\windows\system32\KGyGaAvL.sys

2008-08-13 11:39 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

2008-08-12 15:06 --------- d-----w C:\Documents and Settings\Bruno\Dados de aplicativos\Vso

2008-08-12 13:43 --------- d-----w C:\Arquivos de programas\Fast AVI MPEG Splitter

2008-08-10 11:07 --------- d-----w C:\Arquivos de programas\Free Download Manager

2008-08-07 15:19 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\DVD Shrink

2008-08-06 20:13 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe

2008-08-04 11:41 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

2008-08-04 11:41 --------- d-----w C:\Arquivos de programas\DVDlabPro2

2008-08-01 21:37 --------- d-----w C:\Arquivos de programas\FairUse Wizard 2

2008-07-29 20:39 --------- d-----w C:\Arquivos de programas\eMule

2008-07-25 18:13 --------- d-----w C:\Arquivos de programas\Messenger Plus! Live

2008-07-23 00:11 --------- d---a-w C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2008-07-20 01:07 47,360 ----a-w C:\windows\system32\drivers\pcouffin.sys

2008-07-20 01:07 47,360 ----a-w C:\Documents and Settings\Bruno\Dados de aplicativos\pcouffin.sys

2008-07-13 12:21 --------- d-----w C:\Arquivos de programas\Java

2008-07-11 15:43 --------- d-----w C:\Documents and Settings\Bruno\Dados de aplicativos\Ahead

2008-07-11 15:43 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Ahead

2008-07-10 18:39 --------- d-----w C:\Documents and Settings\Bruno\Dados de aplicativos\DivX

2008-07-10 18:39 --------- d-----w C:\Arquivos de programas\DivX

2008-07-10 13:37 --------- d-----w C:\Arquivos de programas\iHU Games

2008-07-08 17:09 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Babylon

2008-07-07 23:43 --------- d-----w C:\Arquivos de programas\FlashGet

2008-07-07 22:37 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\vsosdk

2008-07-07 20:28 253,952 ----a-w C:\windows\system32\es.dll

2008-07-06 19:04 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\FLEXnet

2008-07-02 14:21 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Lavasoft

2008-07-02 14:18 --------- d-----w C:\Arquivos de programas\Lavasoft

2008-07-02 14:18 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard

2008-07-01 16:46 --------- d-----w C:\Documents and Settings\Bruno\Dados de aplicativos\Babylon

2008-06-27 14:02 --------- d-----w C:\Arquivos de programas\AAALOGO2008

2008-06-26 12:25 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Office Genuine Advantage

2008-06-25 12:27 --------- d-----w C:\Documents and Settings\Bruno\Dados de aplicativos\BSplayer PRO

2008-06-24 16:43 74,240 ----a-w C:\windows\system32\mscms.dll

2008-06-23 16:29 826,368 ----a-w C:\windows\system32\wininet.dll

2008-06-22 22:19 --------- d-----w C:\Documents and Settings\Bruno\Dados de aplicativos\IDM

2008-06-21 12:38 --------- d-----w C:\Arquivos de programas\LD-Anime

2008-06-21 12:35 --------- d-----w C:\Arquivos de programas\Software Informer

2008-06-21 01:56 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\FreeDownloadManager.ORG

2008-06-20 17:48 247,808 ----a-w C:\windows\system32\mswsock.dll

2008-06-20 11:51 361,600 ----a-w C:\windows\system32\drivers\tcpip.sys

2008-06-20 11:40 138,496 ----a-w C:\windows\system32\drivers\afd.sys

2008-06-20 11:08 225,856 ----a-w C:\windows\system32\drivers\tcpip6.sys

2008-06-19 16:55 --------- d-----w C:\Arquivos de programas\CloneDVD

2008-06-18 17:52 161,096 ----a-w C:\windows\system32\DivXCodecVersionChecker.exe

2008-06-18 14:39 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Ahead

2008-06-18 14:37 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2008-06-18 14:03 --------- d-----w C:\Documents and Settings\Bruno\Dados de aplicativos\Talkback

2008-06-18 13:48 --------- d-----w C:\Arquivos de programas\Real

2008-06-17 22:04 --------- d-----w C:\Arquivos de programas\Xvid

2008-06-17 21:59 --------- d-----w C:\Arquivos de programas\Gabest

2008-06-17 18:24 --------- d-----w C:\Arquivos de programas\ACE Mega CoDecS Pack

2008-06-16 23:56 --------- d-----w C:\Arquivos de programas\AviSynth 2.5

2008-06-16 12:35 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Real

2008-06-14 17:34 272,384 ------w C:\windows\system32\drivers\bthport.sys

2008-06-11 00:07 524,288 ----a-w C:\windows\system32\DivXsm.exe

2008-06-11 00:07 3,596,288 ----a-w C:\windows\system32\qt-dx331.dll

2008-06-11 00:07 129,784 ------w C:\windows\system32\pxafs.dll

2008-06-11 00:07 120,056 ------w C:\windows\system32\pxcpyi64.exe

2008-06-11 00:07 118,520 ------w C:\windows\system32\pxinsi64.exe

2008-06-11 00:04 200,704 ----a-w C:\windows\system32\ssldivx.dll

2008-06-11 00:04 1,044,480 ----a-w C:\windows\system32\libdivx.dll

2008-06-06 12:52 499,712 ----a-w C:\windows\system32\msvcp71.dll

2008-06-03 02:06 219,648 ----a-w C:\windows\system32\uxtheme.dll

2008-05-22 22:18 12,288 ----a-w C:\windows\system32\DivXWMPExtType.dll

2008-05-16 14:58 12,632 ----a-w C:\windows\system32\lsdelete.exe

2008-04-10 23:16 81,920 ----a-w C:\Documents and Settings\Bruno\Dados de aplicativos\ezpinst.exe

2007-02-01 21:02 313,344 ----a-w C:\Arquivos de programas\HJSplit 2.3.exe

2006-05-12 18:04 271,312 ----a-w C:\Arquivos de programas\vncviewer.exe

2008-04-11 01:55 56 --sh--r C:\windows\system32\05E4BE60B6.sys

2008-05-11 11:44 32,768 --sha-w C:\windows\system32\config\systemprofile\Configurações locais\Histórico\History.IE5\MSHist012008051120080512\index.dat

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\windows\system32\ctfmon.exe" [2008-04-13 23:20 15360]

"uTorrent"="C:\Arquivos de programas\uTorrent\uTorrent.exe" [2008-04-11 13:37 219952]

"Free Download Manager"="C:\Arquivos de programas\Free Download Manager\fdm.exe" [2008-05-20 17:27 2474031]

"IDMan"="C:\Arquivos de programas\Internet Download Manager\IDMan.exe" [2008-04-10 20:04 2586032]

"Caffe-Server"="C:\Program Files\Caffe\Server.exe" [2008-07-07 23:23 5387776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]

"egui"="C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe" [2008-02-20 11:06 1443072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 23:20 15360]

C:\Documents and Settings\Bruno\Menu Iniciar\Programas\Inicializar\

Adobe Gamma.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.iac2"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\iac25_32.ax

"vidc.avrn"= C:\ARQUIV~1\ACEMEG~1\SystemS\AVIDAV~1.DLL

"vidc.advj"= C:\ARQUIV~1\ACEMEG~1\SystemS\AVIDAV~1.DLL

"vidc.mszh"= C:\ARQUIV~1\ACEMEG~1\SystemS\avimszh.dll

"vidc.zlib"= C:\ARQUIV~1\ACEMEG~1\SystemS\avizlib.dll

"vidc.cscd"= C:\ARQUIV~1\ACEMEG~1\SystemS\camcodec.dll

"vidc.cvid"= C:\ARQUIV~1\ACEMEG~1\SystemS\iccvid.dll

"msacm.trspch"= C:\ARQUIV~1\ACEMEG~1\SystemS\tssoft32.acm

"vidc.em2v"= C:\ARQUIV~1\ACEMEG~1\SystemS\etxcodec.dll

"vidc.mkvc"= C:\ARQUIV~1\ACEMEG~1\SystemS\kmvidc32.dll

"vidc.hfyu"= C:\ARQUIV~1\ACEMEG~1\SystemS\huffyuv.dll

"msacm.lameacm"= C:\ARQUIV~1\ACEMEG~1\SystemS\lameacm.acm

"msacm.lhacm"= C:\ARQUIV~1\ACEMEG~1\SystemS\lhacm.acm

"msacm.l3acm"= C:\ARQUIV~1\ACEMEG~1\SystemS\l3codecp.acm

"vidc.sjpg"= C:\ARQUIV~1\ACEMEG~1\SystemS\pmjpeg32.dll

"vidc.dmb2"= C:\ARQUIV~1\ACEMEG~1\SystemS\pmjpeg32.dll

"vidc.gepj"= C:\ARQUIV~1\ACEMEG~1\SystemS\pmjpeg32.dll

"vidc.qpeg"= C:\ARQUIV~1\ACEMEG~1\SystemS\Qpeg32.dll

"vidc.q1.0"= C:\ARQUIV~1\ACEMEG~1\SystemS\Qpeg32.dll

"msacm.sl_anet"= C:\ARQUIV~1\ACEMEG~1\SystemS\sl_anet.acm

"vidc.tscc"= C:\ARQUIV~1\ACEMEG~1\SystemS\tsccvid.dll

"vidc.vifp"= C:\ARQUIV~1\ACEMEG~1\SystemS\vfcodec.dll

"vidc.wrpr"= C:\ARQUIV~1\ACEMEG~1\SystemS\aviwrap.dll

"vidc.wnv1"= C:\ARQUIV~1\ACEMEG~1\SystemS\wnvplay1.dll

"vidc.advs"= C:\ARQUIV~1\ACEMEG~1\SystemS\Adaptec\Dvc.dll

"vidc.aflc"= C:\ARQUIV~1\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL

"vidc.afli"= C:\ARQUIV~1\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL

"vidc.aasc"= C:\ARQUIV~1\ACEMEG~1\SystemS\Autodesk\Aasc32.dll

"vidc.aas4"= C:\ARQUIV~1\ACEMEG~1\SystemS\Autodesk\Aasc32.dll

"vidc.asv1"= C:\ARQUIV~1\ACEMEG~1\SystemS\ASUS\asusasv1.dll

"vidc.asv2"= C:\ARQUIV~1\ACEMEG~1\SystemS\ASUS\asusasv2.dll

"vidc.asvx"= C:\ARQUIV~1\ACEMEG~1\SystemS\ASUS\asusasv2.dll

"vidc.vcr1"= C:\ARQUIV~1\ACEMEG~1\SystemS\ATI\ativcr1.dll

"vidc.vcr2"= C:\ARQUIV~1\ACEMEG~1\SystemS\ATI\ativcr2.dll

"vidc.mwv1"= C:\ARQUIV~1\ACEMEG~1\SystemS\Aware\icmw_32.dll

"vidc.bt20"= C:\ARQUIV~1\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv

"vidc.y41p"= C:\ARQUIV~1\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv

"msacm.pcdv"= C:\ARQUIV~1\ACEMEG~1\SystemS\Canopus\pcdv.acm

"vidc.cdvc"= C:\ARQUIV~1\ACEMEG~1\SystemS\Canopus\CSCCDVC.DLL

"vidc.ddvc"= C:\ARQUIV~1\ACEMEG~1\SystemS\Canopus\CSCdvsd.DLL

"vidc.png1"= C:\ARQUIV~1\ACEMEG~1\SystemS\Core\COREPN~1.DLL

"msacm.CoreFLAC_ACM"= C:\ARQUIV~1\ACEMEG~1\SystemS\Core\COREFL~1.ACM

"vidc.davc"= C:\ARQUIV~1\ACEMEG~1\SystemS\dicas\davcvfw.dll

"vidc.div3"= C:\ARQUIV~1\ACEMEG~1\SystemS\DivX\DivXc32.dll

"vidc.div5"= C:\ARQUIV~1\ACEMEG~1\SystemS\DivX\DivXc32.dll

"vidc.mpg3"= C:\ARQUIV~1\ACEMEG~1\SystemS\DivX\DivXc32.dll

"vidc.div4"= C:\ARQUIV~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll

"vidc.div6"= C:\ARQUIV~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll

"vidc.ap41"= C:\ARQUIV~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll

"vidc.dvx4"= C:\ARQUIV~1\ACEMEG~1\SystemS\DivX\divx4.dll

"msacm.divxa32"= C:\ARQUIV~1\ACEMEG~1\SystemS\DivX\divxa32.acm

"vidc.frwd"= C:\ARQUIV~1\ACEMEG~1\SystemS\Forward\frwd.dll

"vidc.frwt"= C:\ARQUIV~1\ACEMEG~1\SystemS\Forward\frwd.dll

"vidc.frwa"= C:\ARQUIV~1\ACEMEG~1\SystemS\Forward\frwt.dll

"vidc.frwu"= C:\ARQUIV~1\ACEMEG~1\SystemS\Forward\frwu.dll

"vidc.glzw"= C:\ARQUIV~1\ACEMEG~1\SystemS\Gabest\GLZW.dll

"vidc.gpeg"= C:\ARQUIV~1\ACEMEG~1\SystemS\Gabest\GPEG.dll

"vidc.i263"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\i263_32.drv

"vidc.iv30"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv31"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv32"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv33"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv34"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv35"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv36"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv37"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv38"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv39"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir32_32.dll

"vidc.iv40"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv41"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv42"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv43"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv44"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv45"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv46"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv47"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv48"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv49"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir41_32.dll

"vidc.iv50"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\ir50_32.dll

"vidc.ir21"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\IR21_R.DLL

"vidc.rt21"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\IR21_R.DLL

"msacm.imc"= C:\ARQUIV~1\ACEMEG~1\SystemS\Intel\IMC32.ACM

"vidc.lead"= C:\ARQUIV~1\ACEMEG~1\SystemS\LEAD\LCODCCMP.DLL

"vidc.dvsd"= C:\ARQUIV~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL

"vidc.dvc"= C:\ARQUIV~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL

"vidc.dvcs"= C:\ARQUIV~1\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL

"vidc.dcmj"= C:\ARQUIV~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL

"vidc.avi1"= C:\ARQUIV~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL

"vidc.avi2"= C:\ARQUIV~1\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL

"vidc.dv25"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.dv50"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.msmc"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mmjp"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mtx1"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mtx2"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mtx3"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mtx4"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mtx5"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mtx6"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mtx7"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mtx8"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mtx9"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"vidc.mmes"= C:\ARQUIV~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

"msacm.msadpcm"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\msadp32.acm

"msacm.imaadpcm"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\imaadp32.acm

"msacm.msg711"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\msg711.acm

"msacm.msg723"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\msg723.acm

"msacm.msgsm610"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\msgsm32.acm

"vidc.m261"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\msh261.drv

"vidc.m263"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\msh263.drv

"vidc.mrle"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\msrle32.dll

"vidc.msvc"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\msvidc32.dll

"vidc.cram"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\msvidc32.dll

"vidc.mpg4"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.mp41"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.mp42"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.mp43"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.mp4s"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.mp4v"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

"vidc.wmv3"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\WMV9VCM.dll

"msacm.msaudio1"= C:\ARQUIV~1\ACEMEG~1\SystemS\MICROS~1\msaud32.acm

"vidc.vixl"= C:\ARQUIV~1\ACEMEG~1\SystemS\Miro\miroxl32.dll

"vidc.nt00"= C:\ARQUIV~1\ACEMEG~1\SystemS\Newtek\ntcodec.dll

"msacm.vorbis"= C:\ARQUIV~1\ACEMEG~1\SystemS\OGG\vorbis.acm

"vidc.vp30"= C:\ARQUIV~1\ACEMEG~1\SystemS\ON2TEC~1\vp31vfw.dll

"vidc.vp31"= C:\ARQUIV~1\ACEMEG~1\SystemS\ON2TEC~1\vp31vfw.dll

"vidc.vp60"= C:\ARQUIV~1\ACEMEG~1\SystemS\ON2TEC~1\vp6vfw.dll

"vidc.vp61"= C:\ARQUIV~1\ACEMEG~1\SystemS\ON2TEC~1\vp6vfw.dll

"vidc.pdvc"= C:\ARQUIV~1\ACEMEG~1\SystemS\PANASO~1\idvcodec.dll

"vidc.ipdv"= C:\ARQUIV~1\ACEMEG~1\SystemS\PANASO~1\idvcodec.dll

"vidc.pvw2"= C:\ARQUIV~1\ACEMEG~1\SystemS\Pegasus\pvwv220.dll

"vidc.pimj"= C:\ARQUIV~1\ACEMEG~1\SystemS\Pegasus\pvljpg20.dll

"vidc.mjpx"= C:\ARQUIV~1\ACEMEG~1\SystemS\Pegasus\pvmjpg21.dll

"vidc.miro"= C:\ARQUIV~1\ACEMEG~1\SystemS\Pinnacle\MIRODV~1.DLL

"vidc.dcap"= C:\ARQUIV~1\ACEMEG~1\SystemS\Pinnacle\MIRODV~1.DLL

"vidc.mjpa"= C:\ARQUIV~1\ACEMEG~1\SystemS\Pinnacle\RTMJPG~1.DLL

"vidc.gpjm"= C:\ARQUIV~1\ACEMEG~1\SystemS\Pinnacle\RTMJPG~1.DLL

"vidc.pim1"= C:\ARQUIV~1\ACEMEG~1\SystemS\Pinnacle\pclepim1.dll

"msacm.qmpeg"= C:\ARQUIV~1\ACEMEG~1\SystemS\QDesign\qmpeg.acm

"vidc.rmp4"= C:\ARQUIV~1\ACEMEG~1\SystemS\REALMA~1\rmp4.dll

"vidc.rud0"= C:\ARQUIV~1\ACEMEG~1\SystemS\Rududu\rududu.dll

"msacm.at3"= C:\ARQUIV~1\ACEMEG~1\SystemS\SONY\atrac3.acm

"vidc.sony"= C:\ARQUIV~1\ACEMEG~1\SystemS\SONY\sonydv.dll

"vidc.dvcp"= C:\ARQUIV~1\ACEMEG~1\SystemS\SONY\sonydv.dll

"vidc.s422"= C:\ARQUIV~1\ACEMEG~1\SystemS\Tekram\tekyuv.dll

"vidc.t420"= C:\ARQUIV~1\ACEMEG~1\SystemS\Toshiba\tsbyuv.dll

"vidc.y411"= C:\ARQUIV~1\ACEMEG~1\SystemS\Toshiba\tsbyuv.dll

"vidc.vssv"= C:\ARQUIV~1\ACEMEG~1\SystemS\VANGUA~1\vsscodec.dll

"msacm.voxacm160"= C:\ARQUIV~1\ACEMEG~1\SystemS\VoxWare\vct3216.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Reader Speed Launch.lnk

backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

--a------ 2007-06-27 19:03 152872 C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX7300 Series]

--a------ 2007-02-15 03:00 179200 C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATICDL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus CX7300 Series (cópia 1)]

--a------ 2007-02-15 03:00 179200 C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATICDL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

--a------ 2005-08-11 16:30 249856 C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2007-03-01 15:57 153136 C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=

"C:\\Arquivos de programas\\Counter-Strike 1.6\\hl.exe"=

"C:\\Arquivos de programas\\eMule\\emule.exe"=

"C:\\Program Files\\Caffe\\Server.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

"C:\\Arquivos de programas\\Internet Download Manager\\IDMan.exe"=

"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=

"C:\\Arquivos de programas\\Free Download Manager\\fdm.exe"=

"C:\\Arquivos de programas\\MuGNN\\Update.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015

"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016

"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R1 epfwtdir;epfwtdir;C:\windows\system32\DRIVERS\epfwtdir.sys [2008-02-20 11:11]

R1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [2007-04-23 08:03]

S2 NOD32FiXTemDono;Eset Nod32 Boot;C:\WINDOWS\system32\regedt32.exe [2001-09-28 09:00]

S3 slnt;Kaiomy KM8139D 10/100Mbps PCI Fast Ethernet Adapter;C:\windows\system32\DRIVERS\slnt.sys [2006-10-03 21:35]

S3 SNP325;USB PC Camera (SNPSTD325);C:\windows\system32\DRIVERS\snp325.sys []

S3 usb2vcom;USB to Serial Bridge Controller;C:\windows\system32\Drivers\usb2vcom.sys [2006-07-16 22:53]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23fa5cf3-3957-11dd-8447-001d7df7bf25}]

\Shell\AutoRun\command - I:\avc37.exe

\Shell\explore\command - I:\avc37.exe explore

\Shell\find\command - I:\avc37.exe

\Shell\open\command - I:\avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2944c0cc-0d4c-11dd-9033-001d7d87e31c}]

\Shell\AutoRun\command - H:\b3b9u.com

\Shell\explore\Command - H:\b3b9u.com

\Shell\open\Command - H:\b3b9u.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{405f13fb-53ab-11dd-845e-001d7df7bf25}]

\Shell\AutoRun\command - F:\avc37.exe

\Shell\explore\command - F:\avc37.exe explore

\Shell\find\command - F:\avc37.exe

\Shell\open\command - F:\avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{562afe26-48aa-11dd-8458-001d7df7bf25}]

\Shell\AutoRun\command - F:\avc37.exe

\Shell\explore\command - F:\avc37.exe explore

\Shell\find\command - F:\avc37.exe

\Shell\open\command - F:\avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{844a597e-5a88-11dd-8467-001d7df7bf25}]

\Shell\AutoRun\command - H:\avc37.exe

\Shell\explore\command - H:\avc37.exe explore

\Shell\find\command - H:\avc37.exe

\Shell\open\command - H:\avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{844a597f-5a88-11dd-8467-001d7df7bf25}]

\Shell\AutoRun\command - I:\avc37.exe

\Shell\explore\command - I:\avc37.exe explore

\Shell\find\command - I:\avc37.exe

\Shell\open\command - I:\avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f3140c5-2db2-11dd-9074-000000000000}]

\Shell\AutoRun\command - avc35.exe

\Shell\explore\command - avc35.exe explore

\Shell\find\command - avc35.exe

\Shell\open\command - avc35.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a315dbbb-0982-11dd-9032-001d7d87e31c}]

\Shell\AutoRun\command - H:\avc37.exe

\Shell\explore\command - H:\avc37.exe explore

\Shell\find\command - H:\avc37.exe

\Shell\open\command - H:\avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a59d7310-1bbc-11dd-9061-001d7df7bf25}]

\Shell\AutoRun\command - H:\avc37.exe

\Shell\explore\command - H:\avc37.exe explore

\Shell\find\command - H:\avc37.exe

\Shell\open\command - H:\avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b05ab307-5678-11dd-8463-001d7df7bf25}]

\Shell\AutoRun\command - F:\avc37.exe

\Shell\explore\command - F:\avc37.exe explore

\Shell\find\command - F:\avc37.exe

\Shell\open\command - F:\avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b05ab391-5678-11dd-8463-001d7df7bf25}]

\Shell\AutoRun\command - F:\avc37.exe

\Shell\explore\command - F:\avc37.exe explore

\Shell\find\command - F:\avc37.exe

\Shell\open\command - F:\avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b6c2245a-0750-11dd-8422-001d7d87e31c}]

\Shell\AutoRun\command - H:\avc37.exe

\Shell\explore\command - H:\avc37.exe explore

\Shell\find\command - H:\avc37.exe

\Shell\open\command - H:\avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c92393e4-2101-11dd-906b-001d7df7bf25}]

\Shell\AutoRun\command - avc37.exe

\Shell\explore\command - avc37.exe explore

\Shell\find\command - avc37.exe

\Shell\open\command - avc37.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1f33847-07d9-11dd-8433-001d7d87e31c}]

\Shell\Auto\Command - program.exe e

\Shell\AutoRun\command - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL program.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e1f33848-07d9-11dd-8433-001d7d87e31c}]

\Shell\Auto\Command - program.exe e

\Shell\AutoRun\command - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL program.exe e

.

.

------- Ccan Suplementar -------

.

FireFox -: Profile - C:\Documents and Settings\Bruno\Dados de aplicativos\Mozilla\Firefox\Profiles\ywomo7va.default\

FF -: plugin - C:\Arquivos de programas\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll

FF -: plugin - C:\Arquivos de programas\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll

FF -: plugin - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-08-14 12:38:34

Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializ veis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso

Ficheiros ocultos: 0

**************************************************************************

.

------------------------ Outros Processos em Execu‡Æo ------------------------

.

C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe

C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Arquivos de programas\NetLimiter 2 Pro\nlsvc.exe

C:\Arquivos de programas\NetLimiter 2 Pro\NLClient.exe

C:\WINDOWS\system32\wscntfy.exe

.

**************************************************************************

.

Tempo para conclusÆo: 2008-08-14 12:43:08 - Maquina reiniciou

ComboFix-quarantined-files.txt 2008-08-14 15:43:05

Pre-Run: 4,999,598,080 bytes disponíveis

Post-Run: 5,024,444,416 bytes dispon¡veis

426 --- E O F --- 2008-08-13 11:39:55

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×