Ir ao conteúdo
  • Cadastre-se

JRS9

Membros Plenos
  • Total de itens

    43
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

0

Informações gerais

  • Cidade e Estado
    Maricá
  1. Bom dia, Sempre que rodo o AdwCleaner v2.303, no meu pc ele acusa que a chave foi removida. Gostaria de saber se é virus, pois isso sempre acontece. Se for. Por favor ajude-me. Obrigado. Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
  2. Bom dia Pessoal! Não consigo mais gravar meus filmes em formato VOB. Após excluir o Nero Star Smart e instalar o Ashampoo Burning Studio 2010 meus arquivos vob não são detectados. Eu converto o arq. com o Format Factory, aparece o arquivo em .vob, mas o ícone de abrir com... Tento gravar para DVD, mas nenhum programa detecta meus arquivos em .vob Ps.: Eu desinstalei o Nero usando o Revo Uninstaller e exclui todas as chaves e etc... Será que fiz M ! Me ajudem! Obrigado
  3. Cada arq. emite uma mensagem diferente. ex.: Word: O Word não pode iniciar o conversor mswrd632 Excel: O arq. que você está tentando abrir está em formato diferente do especificado pela extensão do arq. Verefique se está corrompido. Power Point: O power Point não pode ler o documento......... Visualizador de imagem do Windows: Visualização não disponivel Windows Media Player: O arq. que você está tentando executar possui uma extensão que não corresponde ao formato do arq. Eu uso o SP3 Windows XP Profissional. Realmente tentei copiar as pasta direto pro CD. Obrigado. Ps.: Eu não copiei direto pro CD, desculpe-me, eu usei o assistente do Windows.
  4. Caros Amigos, Bom dia, Ao salvar aquivos para o CD, recebi a seguinte mensagem: "Perda de Fluxo" (Arquivo "nome do arquivo" tem informações anexadas que podem ser perdidas se você continuar a copiar. O conteúdo do arquivo não será afetado. " Eu cliquei em sim para todos, mas depois desisti de copiar os arquivos pro CD e cliquei em excluir arquivos temporários. Só que agora não consigo mais abrir nenhum arq. no meu PC, nem Word, Excel,Imagens,Etc... Algum amigo sabe informar-me como devo proceder para recuperar estes arquivos? Obrigado!
  5. Valeu Diego! Obrigadão! Aloha!
  6. Caro Diego, Após muita insistência, consegui o scan do Panda. Segue logs, conforme seu pedido: ANALYSIS: 2009-09-24 12:35:33 PROTECTIONS: 1 MALWARE: 2 SUSPECTS: 1 ;************************************************************************* PROTECTIONS Description Version Active Updated ;================================================== AntiVir Desktop 9.0.1.32 No Yes ;================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;================================================== 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\JR Silva.LAGOMAR-02174C9\Cookies\jr_silva@atdmt[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\JR Silva.LAGOMAR-02174C9\Cookies\jr_silva@atdmt[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\JR Silva.LAGOMAR-02174C9\Cookies\jr_silva@atdmt[3].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\JR Silva.MICRO\Cookies\jr_silva@atdmt[2].txt 00170559 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Bete Kapps\Cookies\bete_kapps@uol.com[2].txt ;================================================== SUSPECTS Sent Location ;================================================== No C:\Documents and Settings\JR Silva.LAGOMAR-02174C9\Meus documentos\JR Documentos\Outros\Remoção de Virus\Programas\refog_setup_free_kl_524.exe ;================================================== VULNERABILITIES Id Severity Description ;================================================== 2 - Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:20:23, on 24/9/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\internet explorer\iexplore.exe C:\Arquivos de programas\internet explorer\iexplore.exe C:\Arquivos de programas\internet explorer\iexplore.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\notepad.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://br.search.yahoo.com/search?fr=mcafee&p=%s R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: is-1FK7N.lnk = C:\Documents and Settings\JR Silva.LAGOMAR-02174C9\Desktop\Virus Removal Tool1\is-1FK7N\startup.exe O4 - Startup: is-5FH8D.lnk = C:\Documents and Settings\JR Silva.LAGOMAR-02174C9\Desktop\Virus Removal Tool\is-5FH8D\startup.exe O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe (file missing) -- End of file - 5068 bytes Obrigado!
  7. Caro Diego, Estou desde as 5:00 hs tentando rodar o Panda, mas está difícil. Na primeira vez o PC desligou em 41%, dessa vez entrou mensagem do IE e fechou em 41%. O Panda já detectou 5 arquivos infectados, mas não consigo concluir o scan: Obrigado!
  8. Caro Amigo Diego, Tentei instalar por duas vezes este programa, pelo IE e Firefox, mas não obtive exito na hora de rodar o programa. Recebo a seguinte mensagem: O IE encontrou um problema e precisa ser fechado! Para excluir a pasta, só consegui em modo de segurança. Será que temos outra opção? Obrigado! Aloha!
  9. Caro Diego, Desinstalei o Avast, OK! Obrigado
  10. Bom dia Diego, Com certeza ainda preciso de ajuda. Sempre que vou abrir algum anti-virus o Avira envia a seguinte mensagem:Virus or unwanted program 'TR/Crypt.XPACK.Gen [trojan]' detected in file 'C:\WINDOWS\TEMP\_avast4_\unp25654823.tmp. Action performed: Deny access Segue Logs: 1- DDS DDS (Ver_09-07-30.01) - NTFSx86 Run by JR Silva at 8:16:05,31 on ter 22/09/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1023.505 [GMT -3:00] AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: avast! antivirus 4.8.1351 [VPS 090921-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe c:\arquivos de programas\avira\antivir desktop\avcenter.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\JR Silva.LAGOMAR-02174C9\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.msn.com.br/ mStart Page = hxxp://www.google.com mWindow Title = uSearchURL,(Default) = hxxp://br.search.yahoo.com/search?fr=mcafee&p=%s mWinlogon: Userinit=c:\windows\system32\userinit.exe BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [avgnt] "c:\arquivos de programas\avira\antivir desktop\avgnt.exe" /min mRun: [sunJavaUpdateSched] "c:\arquivos de programas\java\jre6\bin\jusched.exe" mRun: [soundMan] SOUNDMAN.EXE mRun: [avast!] c:\arquiv~1\alwils~1\avast4\ashDisp.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE IE: Analisar com LeechGet IE: Download usando Assistente LeechGet IE: Download usando LeechGet IE: E&xportar para o Microsoft Excel IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office11\REFIEBAR.DLL DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\arquivos de programas\hp\hpcoretech\comp\hpuiprot.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\arquiv~1\mcafee\sitead~1\McIEPlg.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-2 114768] R1 avgio;avgio;c:\arquivos de programas\avira\antivir desktop\avgio.sys [2009-5-8 11608] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\avira\antivir desktop\sched.exe [2009-5-8 108289] R2 AntiVirService;Avira AntiVir Guard;c:\arquivos de programas\avira\antivir desktop\avguard.exe [2009-5-8 185089] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-2 20560] R2 avast! Antivirus;avast! Antivirus;c:\arquivos de programas\alwil software\avast4\ashServ.exe [2009-9-2 138680] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-5-8 55656] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\arquivos de programas\mcafee\siteadvisor\McSACore.exe [2009-9-15 210216] S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\arquivos de programas\arquivos comuns\nero\nero backitup 4\nbservice.exe --> c:\arquivos de programas\arquivos comuns\nero\nero backitup 4\NBService.exe [?] S3 avast! Mail Scanner;avast! Mail Scanner;c:\arquivos de programas\alwil software\avast4\ashMaiSv.exe [2009-9-2 254040] S3 avast! Web Scanner;avast! Web Scanner;c:\arquivos de programas\alwil software\avast4\ashWebSv.exe [2009-9-2 352920] S3 getPlusHelper;getPlus® Helper;c:\windows\system32\svchost.exe -k getPlusHelper [2004-8-4 14336] =============== Created Last 30 ================ 2009-09-18 10:17 16,496 a----r-- c:\windows\system32\drivers\HPZipr12.sys 2009-09-18 10:17 51,088 a----r-- c:\windows\system32\drivers\hpzid412.sys 2009-09-18 10:17 21,744 a----r-- c:\windows\system32\drivers\HPZius12.sys 2009-09-18 10:17 15,104 ac------ c:\windows\system32\dllcache\usbscan.sys 2009-09-18 10:17 15,104 a------- c:\windows\system32\drivers\usbscan.sys 2009-09-18 10:14 626,960 a----r-- c:\windows\system32\hpvaut32.dll 2009-09-18 10:14 487,424 a----r-- c:\windows\system32\hpvcp70.dll 2009-09-18 10:14 344,064 a----r-- c:\windows\system32\hpvcr70.dll 2009-09-18 10:14 44,544 a----r-- c:\windows\system32\MSXML4a.dll 2009-09-18 10:09 104,207 -------- c:\windows\hpoins04.dat.temp 2009-09-18 10:09 17,176 -------- c:\windows\hpomdl04.dat.temp 2009-09-18 09:38 <DIR> --d----- c:\arquivos de programas\HP 2009-09-18 09:36 104,731 a------- c:\windows\hpoins04.dat 2009-09-18 09:36 17,176 -------- c:\windows\hpomdl04.dat 2009-09-18 09:34 25,856 ac------ c:\windows\system32\dllcache\usbprint.sys 2009-09-18 09:34 25,856 a------- c:\windows\system32\drivers\usbprint.sys 2009-09-18 09:33 32,128 ac------ c:\windows\system32\dllcache\usbccgp.sys 2009-09-18 09:33 32,128 a------- c:\windows\system32\drivers\usbccgp.sys 2009-09-15 18:50 <DIR> --d----- c:\arquivos de programas\McAfee 2009-09-15 18:49 <DIR> --d----- c:\arquivos de programas\Yahoo! 2009-09-14 09:24 <DIR> -cd----- C:\!KillBox 2009-09-10 19:21 <DIR> --d----- c:\arquivos de programas\File Scanner Library (Spybot - Search & Destroy) 2009-09-10 19:01 <DIR> --d----- c:\windows\system32\wbem\Repository 2009-09-09 23:15 153,088 -c------ c:\windows\system32\dllcache\triedit.dll 2009-09-09 08:36 <DIR> --d----- c:\arquivos de programas\PC Inspector File Recovery 2009-08-26 23:17 3,312 a------- c:\windows\system32\wbem\Outlook_01ca26bc79feecdc.mof 2009-08-26 19:28 <DIR> --d----- C:\LinhaDefensiva 2009-08-26 19:24 <DIR> -cd----- C:\MSNCleaner 2009-08-26 08:04 <DIR> --d----- c:\docume~1\jrsilv~1.lag\dadosd~1\VSRevoGroup 2009-08-25 16:48 3,312 a------- c:\windows\system32\wbem\Outlook_01ca25bcf8c312f6.mof 2009-08-25 13:28 74,112 a----r-- c:\windows\system32\drivers\viamraid.sys 2009-08-25 13:26 164 -------- c:\windows\avrack.ini 2009-08-25 13:26 2,304,320 a------- c:\windows\system32\drivers\ALCXWDM.SYS 2009-08-25 13:26 156,672 a------- c:\windows\system32\RTLCPAPI.dll 2009-08-25 13:26 77,824 a------- c:\windows\SOUNDMAN.EXE 2009-08-25 13:26 40,960 -------- c:\windows\system32\ChCfg.exe 2009-08-25 13:26 9,524,224 a------- c:\windows\system32\RTLCPL.EXE 2009-08-25 13:26 141,016 a------- c:\windows\system32\ALSNDMGR.WAV 2009-08-25 13:26 17,584,128 a------- c:\windows\system32\ALSNDMGR.CPL 2009-08-25 13:26 208,896 -------- c:\windows\alcupd.exe 2009-08-25 13:26 139,264 -------- c:\windows\alcrmv.exe 2009-08-25 13:26 7,040 a----r-- c:\windows\system32\ntsim.sys 2009-08-25 13:26 42,496 a----r-- c:\windows\system32\drivers\fetnd5b.sys 2009-08-25 13:26 70,912 a------- c:\windows\system32\drivers\Rtlnicxp.sys 2009-08-25 13:22 27,904 a----r-- c:\windows\system32\drivers\VIAAGP1.SYS 2009-08-25 13:08 16,832 a------- c:\windows\system32\amcompat.tlb 2009-08-25 13:08 23,392 a------- c:\windows\system32\nscompat.tlb 2009-08-25 08:33 28,040 a------- c:\windows\system32\mdimon.dll 2009-08-25 01:25 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys 2009-08-25 00:52 268,648 a------- c:\windows\system32\mucltui.dll 2009-08-25 00:52 208,744 a------- c:\windows\system32\muweb.dll 2009-08-25 00:52 27,496 a------- c:\windows\system32\mucltui.dll.mui 2009-08-24 20:21 <DIR> --d----- c:\documents and settings\jr silva.lagomar-02174c9\Tracing 2009-08-24 06:44 180,224 -c------ c:\windows\system32\dllcache\scrobj.dll 2009-08-24 06:44 172,032 -c------ c:\windows\system32\dllcache\scrrun.dll 2009-08-24 06:44 155,648 -c------ c:\windows\system32\dllcache\wscript.exe 2009-08-24 06:44 135,168 -c------ c:\windows\system32\dllcache\cscript.exe 2009-08-24 06:44 90,112 -c------ c:\windows\system32\dllcache\wshext.dll 2009-08-23 09:50 <DIR> --dsh--- c:\documents and settings\jr silva.lagomar-02174c9\IECompatCache 2009-08-23 09:46 <DIR> --dsh--- c:\documents and settings\jr silva.lagomar-02174c9\PrivacIE 2009-08-23 09:45 <DIR> --dsh--- c:\documents and settings\jr silva.lagomar-02174c9\IETldCache 2009-08-23 09:27 <DIR> --d-h--- c:\windows\msdownld.tmp 2009-08-23 09:25 55,296 -c------ c:\windows\system32\dllcache\msfeedsbs.dll 2009-08-23 09:25 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-08-23 09:25 1,985,536 -c------ c:\windows\system32\dllcache\iertutil.dll 2009-08-23 09:25 594,432 -c------ c:\windows\system32\dllcache\msfeeds.dll 2009-08-23 09:25 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-08-23 09:17 101,376 -c------ c:\windows\system32\dllcache\iecompat.dll ==================== Find3M ==================== 2009-09-10 14:54 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 14:53 19,160 a------- c:\windows\system32\drivers\mbam.sys 2009-08-26 23:17 347,648 a------- c:\windows\system32\perfh016.dat 2009-08-26 23:17 49,804 a------- c:\windows\system32\perfc016.dat 2009-08-21 11:52 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-08-21 10:39 21,844 a------- c:\windows\system32\emptyregdb.dat 2009-08-05 06:00 205,312 a------- c:\windows\system32\mswebdvd.dll 2009-07-29 01:36 119,808 a------- c:\windows\system32\t2embed.dll 2009-07-29 01:36 81,920 a------- c:\windows\system32\fontsub.dll 2009-07-28 16:33 55,656 a------- c:\windows\system32\drivers\avgntflt.sys 2009-07-26 16:44 48,448 a------- c:\windows\system32\sirenacm.dll 2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll 2009-07-17 16:03 58,880 a------- c:\windows\system32\atl.dll 2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll 2009-07-03 13:59 915,456 -------- c:\windows\system32\wininet.dll 2009-06-25 15:36 661,504 a------- c:\windows\system32\mqqm.dll 2009-06-25 15:36 523,776 a------- c:\windows\system32\mqutil.dll 2009-06-25 15:36 517,120 a------- c:\windows\system32\mqsnap.dll 2009-06-25 15:36 225,280 a------- c:\windows\system32\mqoa.dll 2009-06-25 15:36 186,880 a------- c:\windows\system32\mqtrig.dll 2009-06-25 15:36 177,152 a------- c:\windows\system32\mqrt.dll 2009-06-25 15:36 138,240 a------- c:\windows\system32\mqad.dll 2009-06-25 15:36 123,392 a------- c:\windows\system32\mqrtdep.dll 2009-06-25 15:36 95,744 a------- c:\windows\system32\mqsec.dll 2009-06-25 15:36 48,640 a------- c:\windows\system32\mqupgrd.dll 2009-06-25 15:36 47,104 a------- c:\windows\system32\mqdscli.dll 2009-06-25 15:36 16,896 a------- c:\windows\system32\mqise.dll 2009-06-25 05:27 732,672 a------- c:\windows\system32\lsasrv.dll 2009-06-25 05:27 147,456 a------- c:\windows\system32\schannel.dll 2009-06-25 05:27 136,192 a------- c:\windows\system32\msv1_0.dll 2009-06-25 05:27 56,832 a------- c:\windows\system32\secur32.dll 2009-06-25 05:27 54,272 a------- c:\windows\system32\wdigest.dll 2009-06-25 05:27 301,568 a------- c:\windows\system32\kerberos.dll 2009-05-15 11:25 155,195 a------- c:\arquivos de programas\VIAudioi.rar 2008-03-10 21:22 4,265,560 a------- c:\arquivos de programas\FLV PlayerRCATSetup.exe 2008-03-10 20:15 411,248 a------- c:\arquivos de programas\FLV PlayerRCSetup.exe 2002-04-05 15:29 1,208,320 a------- c:\arquivos de programas\SothinkHtmlEditor.exe 2001-04-26 12:00 1,340,187 a------- c:\arquivos de programas\SothinkHTMLEditor.chm 2001-04-26 12:00 561,152 a------- c:\arquivos de programas\SiteManager.exe 2001-04-26 12:00 176,128 a------- c:\arquivos de programas\TagDefine.exe 2001-04-26 12:00 17,034 a------- c:\arquivos de programas\HTMLKeyword.txt 2001-04-26 12:00 4,723 a------- c:\arquivos de programas\license.txt ============= FINISH: 8:16:45,68 =============== 2 - Gmer GMER 1.0.15.15087 - http://www.gmer.net Rootkit scan 2009-09-22 09:46:38 Windows 5.1.2600 Service Pack 3 Running: gmer.exe; Driver: C:\DOCUME~1\JRSILV~1.LAG\CONFIG~1\Temp\kwkiiaod.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF58DF6B8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF58DF574] SSDT F7C76A1C ZwCreateThread SSDT F7C76A2B ZwDeleteKey SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF58DFA52] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF58DF14C] SSDT F7C76A3A ZwLoadKey SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF58DF64E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF58DF08C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF58DF0F0] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF58DF76E] SSDT F7C76A44 ZwReplaceKey SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF58DF72E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF58DF8AE] SSDT F7C76A17 ZwTerminateProcess ---- User code sections - GMER 1.0.15 ---- .text C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe[1540] kernel32.dll!GetProcAddress 7C80AE40 5 Bytes JMP 0118EDC0 C:\Arquivos de programas\McAfee\SiteAdvisor\saPlugin.dll ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\services.exe[584] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002 IAT C:\WINDOWS\system32\services.exe[584] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000 ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) ---- EOF - GMER 1.0.15 ---- Obrigado,
  11. Bom dia, Estou com um problema, o Avira detecta um trojan nos temporários do Avast, mas não consegue excluir. Com isso, meu PC desliga e desconfigura várias vezes ao dia. Segue logs, conforme instrução do Fórum: Obrigado! 1- DDS DDS (Ver_09-07-30.01) - NTFSx86 Run by JR Silva at 8:30:19,04 on qua 16/09/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1023.638 [GMT -3:00] AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} AV: avast! antivirus 4.8.1351 [VPS 090915-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\JR Silva.LAGOMAR-02174C9\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.msn.com.br/ mStart Page = hxxp://www.google.com mWindow Title = uSearchURL,(Default) = hxxp://br.search.yahoo.com/search?fr=mcafee&p=%s mWinlogon: Userinit=c:\windows\system32\userinit.exe BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\arquiv~1\mcafee\sitead~1\mcieplg.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [avgnt] "c:\arquivos de programas\avira\antivir desktop\avgnt.exe" /min mRun: [sunJavaUpdateSched] "c:\arquivos de programas\java\jre6\bin\jusched.exe" mRun: [soundMan] SOUNDMAN.EXE mRun: [avast!] c:\arquiv~1\alwils~1\avast4\ashDisp.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE IE: Analisar com LeechGet IE: Download usando Assistente LeechGet IE: Download usando LeechGet IE: E&xportar para o Microsoft Excel IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\arquiv~1\micros~2\office11\REFIEBAR.DLL DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\arquiv~1\mcafee\sitead~1\McIEPlg.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-2 114768] R1 avgio;avgio;c:\arquivos de programas\avira\antivir desktop\avgio.sys [2009-5-8 11608] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\avira\antivir desktop\sched.exe [2009-5-8 108289] R2 AntiVirService;Avira AntiVir Guard;c:\arquivos de programas\avira\antivir desktop\avguard.exe [2009-5-8 185089] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-2 20560] R2 avast! Antivirus;avast! Antivirus;c:\arquivos de programas\alwil software\avast4\ashServ.exe [2009-9-2 138680] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-5-8 55656] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\arquivos de programas\mcafee\siteadvisor\McSACore.exe [2009-9-15 210216] S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\arquivos de programas\arquivos comuns\nero\nero backitup 4\nbservice.exe --> c:\arquivos de programas\arquivos comuns\nero\nero backitup 4\NBService.exe [?] S3 avast! Mail Scanner;avast! Mail Scanner;c:\arquivos de programas\alwil software\avast4\ashMaiSv.exe [2009-9-2 254040] S3 avast! Web Scanner;avast! Web Scanner;c:\arquivos de programas\alwil software\avast4\ashWebSv.exe [2009-9-2 352920] S3 getPlusHelper;getPlus® Helper;c:\windows\system32\svchost.exe -k getPlusHelper [2004-8-4 14336] =============== Created Last 30 ================ 2009-09-15 18:50 <DIR> --d----- c:\arquivos de programas\McAfee 2009-09-15 18:49 <DIR> --d----- c:\arquivos de programas\Yahoo! 2009-09-14 09:24 <DIR> -cd----- C:\!KillBox 2009-09-10 19:21 <DIR> --d----- c:\arquivos de programas\File Scanner Library (Spybot - Search & Destroy) 2009-09-10 19:01 <DIR> --d----- c:\windows\system32\wbem\Repository 2009-09-09 23:15 153,088 -c------ c:\windows\system32\dllcache\triedit.dll 2009-09-09 08:36 <DIR> --d----- c:\arquivos de programas\PC Inspector File Recovery 2009-08-26 23:17 3,312 a------- c:\windows\system32\wbem\Outlook_01ca26bc79feecdc.mof 2009-08-26 19:28 <DIR> --d----- C:\LinhaDefensiva 2009-08-26 19:24 <DIR> -cd----- C:\MSNCleaner 2009-08-26 08:04 <DIR> --d----- c:\docume~1\jrsilv~1.lag\dadosd~1\VSRevoGroup 2009-08-25 16:48 3,312 a------- c:\windows\system32\wbem\Outlook_01ca25bcf8c312f6.mof 2009-08-25 13:28 74,112 a----r-- c:\windows\system32\drivers\viamraid.sys 2009-08-25 13:26 164 -------- c:\windows\avrack.ini 2009-08-25 13:26 2,304,320 a------- c:\windows\system32\drivers\ALCXWDM.SYS 2009-08-25 13:26 156,672 a------- c:\windows\system32\RTLCPAPI.dll 2009-08-25 13:26 77,824 a------- c:\windows\SOUNDMAN.EXE 2009-08-25 13:26 40,960 -------- c:\windows\system32\ChCfg.exe 2009-08-25 13:26 9,524,224 a------- c:\windows\system32\RTLCPL.EXE 2009-08-25 13:26 141,016 a------- c:\windows\system32\ALSNDMGR.WAV 2009-08-25 13:26 17,584,128 a------- c:\windows\system32\ALSNDMGR.CPL 2009-08-25 13:26 208,896 -------- c:\windows\alcupd.exe 2009-08-25 13:26 139,264 -------- c:\windows\alcrmv.exe 2009-08-25 13:26 7,040 a----r-- c:\windows\system32\ntsim.sys 2009-08-25 13:26 42,496 a----r-- c:\windows\system32\drivers\fetnd5b.sys 2009-08-25 13:26 70,912 a------- c:\windows\system32\drivers\Rtlnicxp.sys 2009-08-25 13:22 27,904 a----r-- c:\windows\system32\drivers\VIAAGP1.SYS 2009-08-25 13:08 16,832 a------- c:\windows\system32\amcompat.tlb 2009-08-25 13:08 23,392 a------- c:\windows\system32\nscompat.tlb 2009-08-25 08:33 28,040 a------- c:\windows\system32\mdimon.dll 2009-08-25 01:25 26,368 ac------ c:\windows\system32\dllcache\usbstor.sys 2009-08-25 00:52 268,648 a------- c:\windows\system32\mucltui.dll 2009-08-25 00:52 208,744 a------- c:\windows\system32\muweb.dll 2009-08-25 00:52 27,496 a------- c:\windows\system32\mucltui.dll.mui 2009-08-24 20:21 <DIR> --d----- c:\documents and settings\jr silva.lagomar-02174c9\Tracing 2009-08-24 06:44 180,224 -c------ c:\windows\system32\dllcache\scrobj.dll 2009-08-24 06:44 172,032 -c------ c:\windows\system32\dllcache\scrrun.dll 2009-08-24 06:44 155,648 -c------ c:\windows\system32\dllcache\wscript.exe 2009-08-24 06:44 135,168 -c------ c:\windows\system32\dllcache\cscript.exe 2009-08-24 06:44 90,112 -c------ c:\windows\system32\dllcache\wshext.dll 2009-08-23 09:50 <DIR> --dsh--- c:\documents and settings\jr silva.lagomar-02174c9\IECompatCache 2009-08-23 09:46 <DIR> --dsh--- c:\documents and settings\jr silva.lagomar-02174c9\PrivacIE 2009-08-23 09:45 <DIR> --dsh--- c:\documents and settings\jr silva.lagomar-02174c9\IETldCache 2009-08-23 09:27 <DIR> --d-h--- c:\windows\msdownld.tmp 2009-08-23 09:25 55,296 -c------ c:\windows\system32\dllcache\msfeedsbs.dll 2009-08-23 09:25 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-08-23 09:25 1,985,536 -c------ c:\windows\system32\dllcache\iertutil.dll 2009-08-23 09:25 594,432 -c------ c:\windows\system32\dllcache\msfeeds.dll 2009-08-23 09:25 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-08-23 09:17 101,376 -c------ c:\windows\system32\dllcache\iecompat.dll 2009-08-23 07:01 701,440 -------- c:\windows\system32\drivers\ati2mtag.sys 2009-08-23 06:27 221,184 a------- c:\windows\system32\wmpns.dll 2009-08-22 10:23 411,368 a------- c:\windows\system32\deploytk.dll 2009-08-22 10:23 73,728 a------- c:\windows\system32\javacpl.cpl 2009-08-22 10:02 <DIR> --d----- c:\docume~1\alluse~1.win\dadosd~1\Nero 2009-08-21 23:39 227,840 -c------ c:\windows\system32\dllcache\wmiprvse.exe 2009-08-21 23:39 2,193,280 -c------ c:\windows\system32\dllcache\ntoskrnl.exe 2009-08-21 23:39 286,208 -c------ c:\windows\system32\dllcache\pdh.dll 2009-08-21 23:39 401,408 -c------ c:\windows\system32\dllcache\rpcss.dll 2009-08-21 23:39 111,104 -c------ c:\windows\system32\dllcache\services.exe 2009-08-21 23:39 473,600 -c------ c:\windows\system32\dllcache\fastprox.dll 2009-08-21 23:39 683,520 -c------ c:\windows\system32\dllcache\advapi32.dll 2009-08-21 23:39 732,672 -c------ c:\windows\system32\dllcache\lsasrv.dll 2009-08-21 23:39 453,120 -c------ c:\windows\system32\dllcache\wmiprvsd.dll 2009-08-21 23:39 730,624 -c------ c:\windows\system32\dllcache\ntdll.dll 2009-08-21 23:39 2,149,376 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe 2009-08-21 23:39 2,028,032 -c------ c:\windows\system32\dllcache\ntkrpamp.exe 2009-08-21 22:51 272,384 -c------ c:\windows\system32\dllcache\bthport.sys 2009-08-21 22:51 272,384 -------- c:\windows\system32\drivers\bthport.sys 2009-08-21 22:50 138,496 -c------ c:\windows\system32\dllcache\afd.sys 2009-08-21 22:46 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys 2009-08-21 22:46 1,315,328 -c------ c:\windows\system32\dllcache\msoe.dll 2009-08-21 22:26 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys 2009-08-21 22:17 216,064 -c------ c:\windows\system32\dllcache\wordpad.exe 2009-08-21 22:08 333,952 -c------ c:\windows\system32\dllcache\srv.sys 2009-08-21 22:06 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll 2009-08-21 21:32 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll 2009-08-21 21:23 <DIR> --d----- c:\docume~1\alluse~1.win\dadosd~1\Avira 2009-08-21 19:45 <DIR> --d----- c:\docume~1\jrsilv~1.lag\dadosd~1\Malwarebytes 2009-08-21 19:45 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-21 19:45 19,160 a------- c:\windows\system32\drivers\mbam.sys 2009-08-21 19:45 <DIR> --d----- c:\docume~1\alluse~1.win\dadosd~1\Malwarebytes 2009-08-21 18:38 87,808 a------- c:\windows\system32\cpwmon2k.dll 2009-08-21 18:34 161 a------- c:\windows\rec-net.ini 2009-08-21 18:24 306,688 a------- c:\windows\IsUninst.exe 2009-08-21 18:02 <DIR> --d----- c:\docume~1\alluse~1.win\dadosd~1\Spybot - Search & Destroy 2009-08-21 17:46 26,144 a------- c:\windows\system32\spupdsvc.exe 2009-08-21 11:35 772 a------- c:\windows\ODBC.INI 2009-08-21 10:51 <DIR> --d-hr-- c:\documents and settings\jr silva.lagomar-02174c9\Dados de aplicativos 2009-08-21 10:51 <DIR> --d-h--- c:\documents and settings\jr silva.lagomar-02174c9\Modelos 2009-08-21 10:51 <DIR> --d-h--- c:\documents and settings\jr silva.lagomar-02174c9\Configurações locais 2009-08-21 10:51 <DIR> --d-h--- c:\documents and settings\jr silva.lagomar-02174c9\Ambiente de rede 2009-08-21 10:51 <DIR> --d-h--- c:\documents and settings\jr silva.lagomar-02174c9\Ambiente de impressão 2009-08-21 10:51 <DIR> --d--r-- c:\documents and settings\jr silva.lagomar-02174c9\Meus documentos 2009-08-21 10:51 <DIR> --d--r-- c:\documents and settings\jr silva.lagomar-02174c9\Menu Iniciar 2009-08-21 10:51 <DIR> --d--r-- c:\documents and settings\jr silva.lagomar-02174c9\Favoritos 2009-08-21 10:51 <DIR> --d----- c:\documents and settings\JR Silva.LAGOMAR-02174C9 2009-08-21 10:44 571,392 ac------ c:\windows\system32\dllcache\tintlgnt.ime 2009-08-21 10:43 134,339 ac------ c:\windows\system32\dllcache\imekr.lex 2009-08-21 10:42 3,018 a------- c:\windows\system32\CONFIG.NT 2009-08-21 10:42 0 a------- c:\windows\control.ini 2009-08-21 10:42 316,640 a------- c:\windows\WMSysPr9.prx 2009-08-21 10:41 <DIR> --dsh--- c:\documents and settings\all users.windows\DRM 2009-08-21 10:41 488 a---hr-- c:\windows\system32\WindowsLogon.manifest 2009-08-21 10:41 488 a---hr-- c:\windows\system32\logonui.exe.manifest 2009-08-21 10:41 749 a---hr-- c:\windows\WindowsShell.Manifest 2009-08-21 10:41 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest 2009-08-21 10:41 749 a---hr-- c:\windows\system32\sapi.cpl.manifest 2009-08-21 10:41 749 a---hr-- c:\windows\system32\nwc.cpl.manifest 2009-08-21 10:41 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest 2009-08-21 10:41 749 a---hr-- c:\windows\system32\cdplayer.exe.manifest 2009-08-21 10:39 21,844 a------- c:\windows\system32\emptyregdb.dat 2009-08-21 10:39 63 a------- c:\windows\vbaddin.ini 2009-08-21 10:39 36 a------- c:\windows\vb.ini 2009-08-21 07:32 3,072 a------- c:\windows\system32\drivers\audstub.sys 2009-08-21 07:31 58,240 a------- c:\windows\system32\drivers\redbook.sys 2009-08-21 07:31 1,897,408 a------- c:\windows\system32\drivers\nv4_mini.sys 2009-08-21 07:31 4,274,816 a------- c:\windows\system32\nv4_disp.dll 2009-08-21 07:31 20,992 a------- c:\windows\system32\drivers\RTL8139.sys 2009-08-21 07:30 27,165 a------- c:\windows\system32\drivers\fetnd5.sys 2009-08-21 07:30 76,288 a------- c:\windows\system32\usbui.dll 2009-08-21 07:30 46,464 a------- c:\windows\system32\drivers\gagp30kx.sys 2009-08-21 07:27 <DIR> --d-h--- c:\documents and settings\all users.windows\Modelos 2009-08-21 07:27 <DIR> --d--r-- c:\documents and settings\all users.windows\Menu Iniciar 2009-08-21 07:27 <DIR> --d--r-- c:\documents and settings\all users.windows\Documentos 2009-08-21 07:27 <DIR> --d----- c:\documents and settings\all users.windows\Favoritos 2009-08-21 07:27 8,599 ac------ c:\windows\system32\dllcache\IASNT4.CAT 2009-08-21 07:27 7,407 ac------ c:\windows\system32\dllcache\OEMBIOS.CAT 2009-08-21 07:27 1,014,492 ac------ c:\windows\system32\dllcache\SP2.CAT 2009-08-21 07:27 809,104 ac------ c:\windows\system32\dllcache\NT5IIS.CAT 2009-08-21 07:27 399,670 ac------ c:\windows\system32\dllcache\MAPIMIG.CAT 2009-08-21 07:27 37,509 ac------ c:\windows\system32\dllcache\MW770.CAT 2009-08-21 07:27 13,497 ac------ c:\windows\system32\dllcache\HPCRDP.CAT 2009-08-21 07:27 7,334 ac------ c:\windows\system32\dllcache\wmerrenu.cat 2009-08-21 07:27 <DIR> --d-hr-- c:\documents and settings\all users.windows\Dados de aplicativos 2009-08-21 07:26 261 a------- c:\windows\system32\$winnt$.inf 2009-08-20 10:52 <DIR> -cd----- C:\$WIN_NT$.~BT 2009-08-20 10:52 <DIR> --d----- c:\windows\setup.pss 2009-08-18 16:47 <DIR> --d----- c:\windows\NV1032980.TMP ==================== Find3M ==================== 2009-08-26 23:17 347,648 a------- c:\windows\system32\perfh016.dat 2009-08-26 23:17 49,804 a------- c:\windows\system32\perfc016.dat 2009-08-21 11:52 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-08-05 06:00 205,312 a------- c:\windows\system32\mswebdvd.dll 2009-07-29 01:36 119,808 a------- c:\windows\system32\t2embed.dll 2009-07-29 01:36 81,920 a------- c:\windows\system32\fontsub.dll 2009-07-28 16:33 55,656 a------- c:\windows\system32\drivers\avgntflt.sys 2009-07-26 16:44 48,448 a------- c:\windows\system32\sirenacm.dll 2009-07-17 16:03 58,880 a------- c:\windows\system32\atl.dll 2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll 2009-07-03 13:59 915,456 -------- c:\windows\system32\wininet.dll 2009-06-25 15:36 661,504 a------- c:\windows\system32\mqqm.dll 2009-06-25 15:36 523,776 a------- c:\windows\system32\mqutil.dll 2009-06-25 15:36 517,120 a------- c:\windows\system32\mqsnap.dll 2009-06-25 15:36 225,280 a------- c:\windows\system32\mqoa.dll 2009-06-25 15:36 186,880 a------- c:\windows\system32\mqtrig.dll 2009-06-25 15:36 177,152 a------- c:\windows\system32\mqrt.dll 2009-06-25 15:36 138,240 a------- c:\windows\system32\mqad.dll 2009-06-25 15:36 123,392 a------- c:\windows\system32\mqrtdep.dll 2009-06-25 15:36 95,744 a------- c:\windows\system32\mqsec.dll 2009-06-25 15:36 48,640 a------- c:\windows\system32\mqupgrd.dll 2009-06-25 15:36 47,104 a------- c:\windows\system32\mqdscli.dll 2009-06-25 15:36 16,896 a------- c:\windows\system32\mqise.dll 2009-06-25 05:27 732,672 a------- c:\windows\system32\lsasrv.dll 2009-06-25 05:27 147,456 a------- c:\windows\system32\schannel.dll 2009-06-25 05:27 136,192 a------- c:\windows\system32\msv1_0.dll 2009-06-25 05:27 56,832 a------- c:\windows\system32\secur32.dll 2009-06-25 05:27 54,272 a------- c:\windows\system32\wdigest.dll 2009-06-25 05:27 301,568 a------- c:\windows\system32\kerberos.dll 2009-06-22 08:49 117,248 a------- c:\windows\system32\mqtgsvc.exe 2009-06-22 08:49 19,968 a------- c:\windows\system32\mqbkup.exe 2009-06-22 08:49 4,608 a------- c:\windows\system32\mqsvc.exe 2009-05-15 11:25 155,195 a------- c:\arquivos de programas\VIAudioi.rar 2008-03-10 21:22 4,265,560 a------- c:\arquivos de programas\FLV PlayerRCATSetup.exe 2008-03-10 20:15 411,248 a------- c:\arquivos de programas\FLV PlayerRCSetup.exe 2002-04-05 15:29 1,208,320 a------- c:\arquivos de programas\SothinkHtmlEditor.exe 2001-04-26 12:00 1,340,187 a------- c:\arquivos de programas\SothinkHTMLEditor.chm 2001-04-26 12:00 561,152 a------- c:\arquivos de programas\SiteManager.exe 2001-04-26 12:00 176,128 a------- c:\arquivos de programas\TagDefine.exe 2001-04-26 12:00 17,034 a------- c:\arquivos de programas\HTMLKeyword.txt 2001-04-26 12:00 4,723 a------- c:\arquivos de programas\license.txt ============= FINISH: 8:30:56,82 =============== 2 - Gmer GMER 1.0.15.15087 - http://www.gmer.net Rootkit scan 2009-09-16 09:45:51 Windows 5.1.2600 Service Pack 3 Running: gmer.exe; Driver: C:\DOCUME~1\JRSILV~1.LAG\CONFIG~1\Temp\kwkiiaod.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF52B06B8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF52B0574] SSDT F7C23614 ZwCreateThread SSDT F7C23623 ZwDeleteKey SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF52B0A52] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF52B014C] SSDT F7C23632 ZwLoadKey SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF52B064E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF52B008C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF52B00F0] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF52B076E] SSDT F7C2363C ZwReplaceKey SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF52B072E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF52B08AE] SSDT F7C2360F ZwTerminateProcess ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\services.exe[584] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002 IAT C:\WINDOWS\system32\services.exe[584] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000 ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) ---- EOF - GMER 1.0.15 ----
  12. Valeu Diego! Obrigadão! Desculpe a demora em responder estava com alguns probleminhas. Ps.: Ai galera aproveitem o tópico e não se contaminem com o vírus do planalto, pois o precisa de vocês. Aloha!
  13. Boa tarde Diego, Só consegui na alternativa 1, pois o primeiro realmente está muito congestionado. Antes de mais nada, obrigado por sua atenção. Aloha! Arquivo DPTJDMLLFV-173.pms.dll.SVD recebido em 2009.05.22 18:00:12 (UTC) Andamento: terminado Resultado: 0/39 (0.00%) Modo compacto Modo compacto Imprimir resultados Imprimir resultados Antivírus Versão Última Atualização Resultado AhnLab-V3 5.0.0.2 2009.05.22 - AntiVir 7.9.0.168 2009.05.22 - Antiy-AVL 2.0.3.1 2009.05.22 - Authentium 5.1.2.4 2009.05.22 - Avast 4.8.1335.0 2009.05.22 - AVG 8.5.0.339 2009.05.22 - BitDefender 7.2 2009.05.22 - CAT-QuickHeal 10.00 2009.05.22 - ClamAV 0.94.1 2009.05.22 - Comodo 1157 2009.05.08 - DrWeb 5.0.0.12182 2009.05.22 - eSafe 7.0.17.0 2009.05.21 - eTrust-Vet 31.6.6518 2009.05.22 - F-Prot 4.4.4.56 2009.05.22 - F-Secure 8.0.14470.0 2009.05.22 - Fortinet 3.117.0.0 2009.05.22 - GData 19 2009.05.22 - Ikarus T3.1.1.49.0 2009.05.22 - K7AntiVirus 7.10.741 2009.05.21 - Kaspersky 7.0.0.125 2009.05.22 - McAfee 5622 2009.05.21 - McAfee+Artemis 5623 2009.05.22 - McAfee-GW-Edition 6.7.6 2009.05.22 - Microsoft 1.4701 2009.05.22 - NOD32 4097 2009.05.22 - Norman 2009.05.22 - nProtect 2009.1.8.0 2009.05.22 - Panda 10.0.0.14 2009.05.22 - PCTools 4.4.2.0 2009.05.21 - Prevx 3.0 2009.05.22 - Rising 21.30.42.00 2009.05.22 - Sophos 4.42.0 2009.05.22 - Sunbelt 3.2.1858.2 2009.05.22 - Symantec 1.4.4.12 2009.05.22 - TheHacker 6.3.4.3.331 2009.05.22 - TrendMicro 8.950.0.1092 2009.05.22 - VBA32 3.12.10.5 2009.05.22 - ViRobot 2009.5.22.1747 2009.05.22 - VirusBuster 4.6.5.0 2009.05.22 - Informações adicionais File size: 15256 bytes MD5 : 554a4fb41046f6653ca5a6fd410e92cc SHA1 : f7c2bfa2347bafbfda7d9c7812f5efe4add868c3 SHA256: 06aa54d9d4e78dde5ab755f28d46672612f7cd53d35434bfb86b50d975f33283 PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x0 timedatestamp.....: 0x4A03E52C (Fri May 8 09:54:20 2009) machinetype.......: 0x14C (Intel I386) ( 1 sections ) name viradd virsiz rawdsiz ntrpy md5 .rsrc 0x1000 0x2018 0x2200 5.68 3ddfc872e8fa25b6fc333cd52fa9983f ( 0 imports ) ( 0 exports ) TrID : File type identification Generic Win/DOS Executable (49.9%) DOS Executable Generic (49.8%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) ssdeep: 192:dFW0UMWUclr5HXqYIx2QCcZ1bSl74QKPnEtTIXXYxehjXHUz1Tr2NK9PT:zW0UMWU0r530xOcZYELz4qjXHUfT PEiD : - RDS : NSRL Reference Data Set -
  14. Final - (((((((((((((((( Arquivos/Ficheiros criados de 2009-06-13 to 2009-07-13 )))))))))))))))))))))))))))) . 2009-07-09 21:58 . 2008-12-11 11:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2009-07-09 21:58 . 2009-04-03 14:18 130936 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2009-07-09 21:58 . 2008-12-18 15:16 73840 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-07-09 21:58 . 2009-07-09 22:15 -------- d-----w- c:\arquivos de programas\Arquivos comuns\PC Tools 2009-07-09 21:58 . 2008-12-10 14:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2009-07-09 21:58 . 2009-07-12 00:02 -------- d-----w- c:\arquivos de programas\Spyware Doctor 2009-07-09 21:58 . 2009-07-09 21:58 -------- d-----w- c:\documents and settings\JR Silva.MICRO\Dados de aplicativos\PC Tools 2009-07-09 21:58 . 2009-07-09 21:58 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\PC Tools 2009-07-05 13:08 . 2009-07-06 17:52 -------- d-----w- c:\documents and settings\JR Silva.MICRO\Dados de aplicativos\Windows Live Writer 2009-07-05 12:56 . 2009-07-13 05:47 -------- d-----w- c:\documents and settings\JR Silva.MICRO\Tracing 2009-07-05 12:52 . 2009-07-05 12:52 -------- d-----w- c:\arquivos de programas\Microsoft Office Outlook Connector 2009-07-05 12:50 . 2009-07-05 12:52 -------- d-----w- c:\arquivos de programas\Microsoft 2009-07-05 11:45 . 2009-07-05 11:45 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Windows Live 2009-07-02 05:48 . 2009-07-02 05:48 15256 ----a-w- c:\documents and settings\JR Silva.MICRO\Dados de aplicativos\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll 2009-06-25 08:22 . 2009-07-02 14:52 -------- d-----w- c:\arquivos de programas\a-squared Free 2009-06-22 13:12 . 2009-06-22 13:12 -------- d-----w- c:\documents and settings\JR Silva.MICRO\Dados de aplicativos\Greyfirst 2009-06-22 13:12 . 2009-06-23 20:48 -------- d-----w- c:\arquivos de programas\Celtx . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-13 05:53 . 2007-05-23 12:14 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP 2009-07-12 22:42 . 2009-05-05 05:25 16434872 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-07-12 22:42 . 2009-05-05 05:25 1639151648 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-07-10 02:21 . 2006-09-03 01:46 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Spybot - Search & Destroy 2009-07-05 19:26 . 2008-09-09 22:10 -------- d-----w- c:\documents and settings\LocalService\Dados de aplicativos\SACore 2009-07-05 12:52 . 2008-02-15 18:22 -------- d-----w- c:\arquivos de programas\Windows Live 2009-07-01 13:44 . 2009-06-10 11:02 -------- d-----w- c:\arquivos de programas\SpywareBlaster 2009-06-30 17:16 . 2008-10-31 19:09 -------- d-----w- c:\arquivos de programas\DreaMule 2009-06-19 03:10 . 2009-04-30 22:07 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware 2009-06-19 03:08 . 2009-05-27 12:53 3561743 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-06-17 14:27 . 2009-04-30 22:07 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 14:27 . 2009-04-30 22:07 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-12 16:20 . 2001-10-28 18:07 39076 ----a-w- c:\windows\system32\perfc016.dat 2009-06-12 16:20 . 2001-10-28 18:07 152918 ----a-w- c:\windows\system32\perfh016.dat 2009-06-11 01:03 . 2007-03-18 01:36 -------- d-----w- c:\arquivos de programas\Google 2009-06-08 14:10 . 2009-06-08 14:06 -------- d-----w- c:\arquivos de programas\Microsoft User Agent String Utility 2009-06-02 13:27 . 2009-06-02 12:36 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Hewlett-Packard 2009-06-02 13:17 . 2006-09-03 01:24 -------- d-----w- c:\arquivos de programas\Hewlett-Packard 2009-06-02 12:36 . 2006-09-03 01:24 -------- d-----w- c:\arquivos de programas\HP 2009-06-01 12:27 . 2009-06-01 12:27 -------- d-----w- c:\documents and settings\JR Silva.MICRO\Dados de aplicativos\Anthropics 2009-05-21 14:43 . 2006-09-02 12:50 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information 2009-05-21 14:42 . 2009-05-21 14:42 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Sony Ericsson 2009-05-21 14:42 . 2009-05-21 14:42 -------- d-----w- c:\arquivos de programas\Sony Ericsson 2009-05-21 14:41 . 2009-05-21 14:41 -------- d-----w- c:\documents and settings\JR Silva.MICRO\Dados de aplicativos\InstallShield 2009-05-21 01:11 . 2008-05-25 16:43 -------- d-----w- c:\arquivos de programas\AvRack 2009-05-20 22:16 . 2009-05-20 22:16 -------- d-----w- c:\arquivos de programas\VIA 2009-05-19 02:59 . 2009-05-18 12:22 -------- d-----w- c:\arquivos de programas\McAfee 2009-05-18 21:44 . 2009-05-18 21:44 -------- d-----w- c:\arquivos de programas\LeechGet 2007 2009-05-18 12:22 . 2008-03-03 19:25 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\McAfee 2009-05-18 12:22 . 2009-05-18 12:22 -------- d-----w- c:\arquivos de programas\Arquivos comuns\McAfee 2009-05-15 14:25 . 2009-05-15 14:25 155195 ----a-w- c:\arquivos de programas\VIAudioi.rar 2009-05-15 13:18 . 2009-05-15 13:18 -------- d-----w- c:\arquivos de programas\GPLGS 2009-05-15 13:13 . 2007-06-07 07:04 -------- d-----w- c:\arquivos de programas\Acro Software 2009-05-15 12:36 . 2009-05-15 12:36 -------- d-----w- c:\documents and settings\JR Silva.MICRO\Dados de aplicativos\VSRevoGroup 2009-05-13 05:03 . 2004-08-04 00:45 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-08 21:10 . 2009-05-08 21:13 102664 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2009-05-07 15:33 . 2004-08-04 00:45 347136 ----a-w- c:\windows\system32\localspl.dll 2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr 2009-04-19 19:50 . 2004-08-04 00:38 1847296 ----a-w- c:\windows\system32\win32k.sys 2009-04-16 02:45 . 2009-04-16 02:45 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-04-16 02:44 . 2009-04-16 02:44 152576 ----a-w- c:\documents and settings\JR Silva.MICRO\Dados de aplicativos\Sun\Java\jre1.6.0_13\lzma.dll 2009-04-15 14:53 . 2004-08-04 00:45 585216 ----a-w- c:\windows\system32\rpcrt4.dll 2008-03-11 00:22 . 2008-03-11 00:16 4265560 ----a-w- c:\arquivos de programas\FLV PlayerRCATSetup.exe 2008-03-10 23:15 . 2008-03-10 23:14 411248 ----a-w- c:\arquivos de programas\FLV PlayerRCSetup.exe 2002-04-05 18:29 . 2008-03-15 15:09 1208320 ------w- c:\arquivos de programas\SothinkHtmlEditor.exe 2001-04-26 15:00 . 2008-03-15 15:09 4723 ------w- c:\arquivos de programas\license.txt 2001-04-26 15:00 . 2008-03-15 15:09 561152 ------w- c:\arquivos de programas\SiteManager.exe 2001-04-26 15:00 . 2008-03-15 15:09 176128 ------w- c:\arquivos de programas\TagDefine.exe 2001-04-26 15:00 . 2008-03-15 15:09 17034 ------w- c:\arquivos de programas\HTMLKeyword.txt 2001-04-26 15:00 . 2008-03-15 15:09 1340187 ------w- c:\arquivos de programas\SothinkHTMLEditor.chm . ------- Sigcheck ------- [-] 2006-04-20 12:18 360576 B2220C618B42A2212A59D91EBD6FC4B4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys [-] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys [-] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys [-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys [-] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys [-] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\$NtServicePackUninstall$\tcpip.sys [7] 2004-08-03 23:14 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB941644$\tcpip.sys [7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\$NtUninstallKB951748$\tcpip.sys [-] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys [7] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys [-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\dllcache\tcpip.sys [-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\drivers\tcpip.sys . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2009-04-16 148888] "avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\arquiv~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk] backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Inicialização rápida do HP Image Zone.lnk] backup=c:\windows\pss\Inicialização rápida do HP Image Zone.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Inicialização Rápida do Microsoft Office OneNote 2003.lnk] backup=c:\windows\pss\Inicialização Rápida do Microsoft Office OneNote 2003.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^VIA RAID TOOL.lnk] backup=c:\windows\pss\VIA RAID TOOL.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^JR Silva.MICRO^Menu Iniciar^Programas^Inicializar^is-U92T7.lnk] backup=c:\windows\pss\is-U92T7.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^JR Silva.MICRO^Menu Iniciar^Programas^Inicializar^Microsoft Office OneNote 2003 Quick Launch.lnk] backup=c:\windows\pss\Microsoft Office OneNote 2003 Quick Launch.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^MICRO1^Menu Iniciar^Programas^Inicializar^Adobe Gamma.lnk] backup=c:\windows\pss\Adobe Gamma.lnkStartup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Arquivos de programas\\DreaMule\\emule.exe"= "c:\\Arquivos de programas\\LeechGet 2007\\LeechGet.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [9/7/2009 18:58 130936] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2/5/2009 18:48 114768] R1 is-G7D0Sdrv;is-G7D0Sdrv;c:\windows\system32\drivers\82533934.sys [6/5/2009 04:19 148496] R1 is-U92T7drv;is-U92T7drv;c:\windows\system32\drivers\08750997.sys [5/5/2009 02:24 148496] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [8/5/2009 18:50 108289] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/5/2009 18:48 20560] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\arquivos de programas\McAfee\SiteAdvisor\McSACore.exe [18/5/2009 09:22 210216] S1 SASDIFSV;SASDIFSV;\??\c:\arquivos de programas\SUPERAntiSpyware\SASDIFSV.SYS --> c:\arquivos de programas\SUPERAntiSpyware\SASDIFSV.SYS [?] S1 SASKUTIL;SASKUTIL;\??\c:\arquivos de programas\SUPERAntiSpyware\SASKUTIL.sys --> c:\arquivos de programas\SUPERAntiSpyware\SASKUTIL.sys [?] S2 gupdate1c985ddf42d753a;Google Update Service (gupdate1c985ddf42d753a);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [3/2/2009 06:01 133104] S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [2/11/2007 10:47 83496] S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [2/11/2007 10:47 15016] S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [2/11/2007 10:47 109992] S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [21/5/2009 11:43 103976] S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [21/5/2009 11:43 100008] S3 SASENUM;SASENUM;\??\c:\arquivos de programas\SUPERAntiSpyware\SASENUM.SYS --> c:\arquivos de programas\SUPERAntiSpyware\SASENUM.SYS [?] S3 sdAuxService;PC Tools Auxiliary Service;c:\arquivos de programas\Spyware Doctor\pctsAuxs.exe [9/7/2009 18:58 348752] --- =Outros Serviços/Drivers Na Memória --- *Deregistered* - mchInjDrv [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Conteúdo da pasta 'Tarefas Agendadas' 2009-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-02-03 09:00] 2009-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2009-02-03 09:00] 2009-07-13 c:\windows\Tasks\User_Feed_Synchronization-{437FF51F-8055-478F-AF75-34D986490EF9}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 07:31] . . ------- Scan Suplementar ------- . uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = <local> IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Analisar com LeechGet - file://c:\arquivos de programas\LeechGet 2007\\Parser.html IE: Download usando Assistente LeechGet - file://c:\arquivos de programas\LeechGet 2007\\Wizard.html IE: Download usando LeechGet - file://c:\arquivos de programas\LeechGet 2007\\AddUrl.html DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java FF - ProfilePath - c:\documents and settings\JR Silva.MICRO\Dados de aplicativos\Mozilla\Firefox\Profiles\d7y5ujmh.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://pt-BR.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pt-BR:official FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - component: c:\arquivos de programas\McAfee\SiteAdvisor\components\McFFPlg.dll FF - plugin: c:\arquivos de programas\Google\Picasa3\npPicasa3.dll FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\arquivos de programas\Microsoft\Office Live\npOLW.dll FF - plugin: c:\arquivos de programas\Unity\WebPlayer\loader\npUnity3D32.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\arquivos de programas\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br"); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-13 03:27 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•6~*] "6140710900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" "6140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . Tempo para conclusão: 2009-07-13 3:30 ComboFix-quarantined-files.txt 2009-07-13 06:30 Pré-execução: 20 pasta(s) 28.887.818.240 bytes disponíveis Pós execução: 20 pasta(s) 28.871.983.104 bytes disponíveis 2706 --- E O F --- 2009-07-06 22:13
  15. Parte 4 -c:\windows\Installer\d185b.msp c:\windows\Installer\d185f.msp c:\windows\Installer\d20988.msp c:\windows\Installer\d2098c.msp c:\windows\Installer\d20990.msp c:\windows\Installer\d3f54a.msp c:\windows\Installer\d3f54e.msp c:\windows\Installer\d3f552.msp c:\windows\Installer\d43466.msp c:\windows\Installer\d43783.msp c:\windows\Installer\d43787.msp c:\windows\Installer\d446c6.msp c:\windows\Installer\d446ca.msp c:\windows\Installer\d446ce.msp c:\windows\Installer\d446d2.msp c:\windows\Installer\d446d6.msp c:\windows\Installer\d446da.msp c:\windows\Installer\d446de.msp c:\windows\Installer\d4ac17.msp c:\windows\Installer\d6f74.msp c:\windows\Installer\d74129.msp c:\windows\Installer\d7412d.msp c:\windows\Installer\d74131.msp c:\windows\Installer\d74135.msp c:\windows\Installer\d74139.msp c:\windows\Installer\d7413d.msp c:\windows\Installer\d7792.msp c:\windows\Installer\d7796.msp c:\windows\Installer\d779a.msp c:\windows\Installer\d7da5c.msp c:\windows\Installer\d7f595.msp c:\windows\Installer\d7f599.msp c:\windows\Installer\d7f59d.msp c:\windows\Installer\d7f5a1.msp c:\windows\Installer\d7f5a5.msp c:\windows\Installer\d7f5a9.msp c:\windows\Installer\d7f5ad.msp c:\windows\Installer\d9fffb.msp c:\windows\Installer\d9ffff.msp c:\windows\Installer\da0003.msp c:\windows\Installer\da0007.msp c:\windows\Installer\da000b.msp c:\windows\Installer\da000f.msp c:\windows\Installer\da3a3.msp c:\windows\Installer\da3a7.msp c:\windows\Installer\dac251.msp c:\windows\Installer\dac255.msp c:\windows\Installer\dac259.msp c:\windows\Installer\dac25d.msp c:\windows\Installer\dac261.msp c:\windows\Installer\dac265.msp c:\windows\Installer\dac269.msp c:\windows\Installer\dac26d.msp c:\windows\Installer\dac271.msp c:\windows\Installer\dac275.msp c:\windows\Installer\dac279.msp c:\windows\Installer\dac27d.msp c:\windows\Installer\dac281.msp c:\windows\Installer\dac285.msp c:\windows\Installer\dbc673.msp c:\windows\Installer\dbc677.msp c:\windows\Installer\dbc67b.msp c:\windows\Installer\de264c.msp c:\windows\Installer\de2650.msp c:\windows\Installer\dee007.msp c:\windows\Installer\dee00b.msp c:\windows\Installer\dee00f.msp c:\windows\Installer\dee013.msp c:\windows\Installer\dee017.msp c:\windows\Installer\dee01b.msp c:\windows\Installer\df4eaf.msp c:\windows\Installer\e2289b.msp c:\windows\Installer\e2b4fc.msp c:\windows\Installer\e2b500.msp c:\windows\Installer\e2b504.msp c:\windows\Installer\e2b508.msp c:\windows\Installer\e2b50c.msp c:\windows\Installer\e2b510.msp c:\windows\Installer\e2b514.msp c:\windows\Installer\e2b518.msp c:\windows\Installer\e2b51c.msp c:\windows\Installer\e2b520.msp c:\windows\Installer\e2b524.msp c:\windows\Installer\e2b528.msp c:\windows\Installer\e2b52c.msp c:\windows\Installer\e2b530.msp c:\windows\Installer\e4b9b.msp c:\windows\Installer\e4b9f.msp c:\windows\Installer\e5187.msp c:\windows\Installer\e518b.msp c:\windows\Installer\e518f.msp c:\windows\Installer\e5193.msp c:\windows\Installer\e5197.msp c:\windows\Installer\e519b.msp c:\windows\Installer\e519f.msp c:\windows\Installer\e51a3.msp c:\windows\Installer\e73024.msp c:\windows\Installer\e73028.msp c:\windows\Installer\e7302c.msp c:\windows\Installer\e73030.msp c:\windows\Installer\e73034.msp c:\windows\Installer\e73038.msp c:\windows\Installer\e7303c.msp c:\windows\Installer\e74041.msp c:\windows\Installer\e74045.msp c:\windows\Installer\e74049.msp c:\windows\Installer\e7404d.msp c:\windows\Installer\e74051.msp c:\windows\Installer\e74055.msp c:\windows\Installer\e74059.msp c:\windows\Installer\e8500b.msp c:\windows\Installer\e8500f.msp c:\windows\Installer\e92472.msp c:\windows\Installer\e92476.msp c:\windows\Installer\e9247a.msp c:\windows\Installer\e9247e.msp c:\windows\Installer\e92482.msp c:\windows\Installer\e92486.msp c:\windows\Installer\e97477.msp c:\windows\Installer\e991a3.msp c:\windows\Installer\e9e532.msp c:\windows\Installer\e9e536.msp c:\windows\Installer\e9e53a.msp c:\windows\Installer\e9e53e.msp c:\windows\Installer\e9e542.msp c:\windows\Installer\e9e546.msp c:\windows\Installer\e9e54a.msp c:\windows\Installer\e9e54e.msp c:\windows\Installer\e9e552.msp c:\windows\Installer\e9e556.msp c:\windows\Installer\e9e55a.msp c:\windows\Installer\e9e55e.msp c:\windows\Installer\e9e562.msp c:\windows\Installer\e9e566.msp c:\windows\Installer\e9e56a.msp c:\windows\Installer\eaa90f.msp c:\windows\Installer\eaa913.msp c:\windows\Installer\eaa917.msp c:\windows\Installer\eaa91b.msp c:\windows\Installer\eaa91f.msp c:\windows\Installer\eaa923.msp c:\windows\Installer\eaa927.msp c:\windows\Installer\eab16b.msp c:\windows\Installer\eab16f.msp c:\windows\Installer\eab173.msp c:\windows\Installer\eab177.msp c:\windows\Installer\eab17b.msp c:\windows\Installer\eab17f.msp c:\windows\Installer\eadfbf.msp c:\windows\Installer\eadfc3.msp c:\windows\Installer\ebbf32.msp c:\windows\Installer\ebbf36.msp c:\windows\Installer\ebbf3a.msp c:\windows\Installer\ebbf3e.msp c:\windows\Installer\ebbf42.msp c:\windows\Installer\ebbf46.msp c:\windows\Installer\ec1ca4.msp c:\windows\Installer\ec494.msp c:\windows\Installer\ec498.msp c:\windows\Installer\ee635.msp c:\windows\Installer\eeef0d.msp c:\windows\Installer\eeef11.msp c:\windows\Installer\eeef15.msp c:\windows\Installer\eeef19.msp c:\windows\Installer\eeef1d.msp c:\windows\Installer\eeef21.msp c:\windows\Installer\eeef25.msp c:\windows\Installer\f01aac.msp c:\windows\Installer\f01ab0.msp c:\windows\Installer\f01ab4.msp c:\windows\Installer\f01ab8.msp c:\windows\Installer\f01abc.msp c:\windows\Installer\f01ac0.msp c:\windows\Installer\f01ac4.msp c:\windows\Installer\f325c9.msp c:\windows\Installer\f325cd.msp c:\windows\Installer\f88a19.msp c:\windows\Installer\f88a1d.msp c:\windows\Installer\fb0d1a.msp c:\windows\Installer\fb0d1e.msp c:\windows\Installer\fb0d22.msp c:\windows\Installer\fb0d26.msp c:\windows\Installer\fb0d2a.msp c:\windows\Installer\fb0d2e.msp c:\windows\Installer\fb0d32.msp c:\windows\Installer\fb0d36.msp c:\windows\Installer\fb0d3a.msp c:\windows\Installer\fb482.msp c:\windows\Installer\fb486.msp c:\windows\Installer\fb8966f.msp c:\windows\Installer\fc105.msp c:\windows\Installer\fc109.msp c:\windows\Installer\fc7296.msp c:\windows\Installer\fc729a.msp c:\windows\Installer\fc729e.msp c:\windows\Installer\fc72a2.msp c:\windows\Installer\fc72a6.msp c:\windows\Installer\fc72aa.msp c:\windows\Installer\fc72ae.msp

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

GRÁTIS: minicurso “Como ganhar dinheiro montando computadores”

Gabriel TorresGabriel Torres, fundador e editor executivo do Clube do Hardware, acaba de lançar um minicurso totalmente gratuito: "Como ganhar dinheiro montando computadores".

Você aprenderá sobre o quanto pode ganhar, como cobrar, como lidar com a concorrência, como se tornar um profissional altamente qualificado e muito mais!

Inscreva-se agora!