gutoowl

JackSSA Ok's... vlw pela atenção...

JackSSA ainda não funcioou.. e agora ele começou a reiniciar a qse todo o tempo... então entrei no setup do windows e tirei a opção de reinicializar automaticamente, caso o windows encontre erros você axa q terei q formatar pra resolver o meu problema ???

JackSSA O PC ficou um pouco mais rápido... porém ao problema persiste ...creio que a restaução não está sendo possível, devido a perca de arquivos do sistema...

DAFT Log saved on 2008-05-02 09:56:07 ----------------------------------------------------------------------- All associations okay! JackSSA obrigado pela atenção mas o problema persiste... não seria o caso de quando ter instalado o programa, ele ter sobreposto e/ou subistuido os aruivos do sistema !?!?!? Até mais... abraços...

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:00:41, on 30/4/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\Arquivos de programas\DAP\DAP.EXE C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\FreezeScreenSaver.exe C:\WINDOWS\system32\hzrController.exe C:\WINDOWS\system32\hzrService.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\Arquivos de programas\AutoCAD 2008\acad.exe C:\DOCUME~1\ESTAO3~1\CONFIG~1\Temp\AdskCleanup.0001 C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe C:\DOCUME~1\ESTAO3~1\CONFIG~1\Temp\AdskCleanup.0001 C:\Arquivos de programas\Trend Micro\HijackThis\Estação 3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file) O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Google Update Class - {6F282C89-3BD3-4387-92D9-C76428B07E07} - C:\Arquivos de programas\Google\Update\1.1.25.0\GoopdateBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NuonSoft ShellEnhancer StartupHelper] C:\Arquivos de programas\NuonSoft\ShellEnhancer\StartupHelper.exe O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Arquivos de programas\DAP\DAP.EXE" /STARTUP O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [skinClock] C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe O4 - HKCU\..\Run: [FreeRAM XP] "C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" -autorun O8 - Extra context menu item: &Clean Traces - C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Download with &DAP - C:\Arquivos de programas\DAP\dapextie.htm O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Download &all with DAP - C:\Arquivos de programas\DAP\dapextie2.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{C38814E6-97DA-4F0B-B173-F1E3276EE860}: NameServer = 200.153.74.195,200.153.74.196 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe O23 - Service: FreezeScreenSaver - Unknown owner - C:\WINDOWS\system32\FreezeScreenSaver.exe O23 - Service: Google Update Service (gupdate1c86358d4cde2d6) (gupdate1c86358d4cde2d6) - Google Inc. - C:\Arquivos de programas\Google\Update\1.1.25.0\GoogleUpdate.exe O23 - Service: HazardShield - Unknown owner - C:\WINDOWS\system32\hzrController.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe O23 - Service: NMSAccessU - Unknown owner - C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe O23 - Service: Symantec Core LC - Unknown owner - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Serviço de Partilha de Rede do Windows Media Player (WMPNetworkSvc) - Unknown owner - C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe (file missing) -- End of file - 7379 bytes

JackSSA Aparentemente não houve nenhuma mudança.... obrigado pelo a atenção....

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:21:20, on 29/4/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Arquivos de programas\DAP\DAP.EXE C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\WINDOWS\system32\FreezeScreenSaver.exe C:\WINDOWS\system32\hzrController.exe C:\WINDOWS\system32\hzrService.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Trend Micro\HijackThis\Estação 3.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\INTERNAT.EXE C:\Arquivos de programas\AutoCAD 2008\acad.exe C:\DOCUME~1\ESTAO3~1\CONFIG~1\Temp\AdskCleanup.0001 C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe C:\Arquivos de programas\VS Revo Group\Revo Uninstaller\revouninstaller.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file) O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Arquivos de programas\ShoppingReport\Bin\2.5.0\ShoppingReport.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Google Update Class - {6F282C89-3BD3-4387-92D9-C76428B07E07} - C:\Arquivos de programas\Google\Update\1.1.25.0\GoopdateBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NuonSoft ShellEnhancer StartupHelper] C:\Arquivos de programas\NuonSoft\ShellEnhancer\StartupHelper.exe O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Arquivos de programas\DAP\DAP.EXE" /STARTUP O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [skinClock] C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe O4 - HKCU\..\Run: [FreeRAM XP] "C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKCU\..\Run: [Longhorn SideBar] C:\WINDOWS\SideBar\SideBar.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" -autorun O8 - Extra context menu item: &Clean Traces - C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Download with &DAP - C:\Arquivos de programas\DAP\dapextie.htm O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Download &all with DAP - C:\Arquivos de programas\DAP\dapextie2.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Arquivos de programas\ShoppingReport\Bin\2.5.0\ShoppingReport.dll O9 - Extra button: (no name) - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Arquivos de programas\ShoppingReport\Bin\2.5.0\ShoppingReport.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C38814E6-97DA-4F0B-B173-F1E3276EE860}: NameServer = 200.153.74.195,200.153.74.196 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe O23 - Service: FreezeScreenSaver - Unknown owner - C:\WINDOWS\system32\FreezeScreenSaver.exe O23 - Service: Google Update Service (gupdate1c86358d4cde2d6) (gupdate1c86358d4cde2d6) - Google Inc. - C:\Arquivos de programas\Google\Update\1.1.25.0\GoogleUpdate.exe O23 - Service: HazardShield - Unknown owner - C:\WINDOWS\system32\hzrController.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe O23 - Service: NMSAccessU - Unknown owner - C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe O23 - Service: Symantec Core LC - Unknown owner - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Serviço de Partilha de Rede do Windows Media Player (WMPNetworkSvc) - Unknown owner - C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe (file missing) -- End of file - 9051 bytes

Desculpa mas esqueci de mencionar que o meu Office também parou de funcionar e me dá uma mensagem de "windows installer" e depois fala que o aplicativo naão pode ser aberto

Depois que instalei um daqueles programinhas idiotas pra fazer meu XP ficar com a cara do Vista, e logo que retirei o mesmo...nunca mais consegui criar nenhum atalho e nem ao menos usar os já existentes. Esses por suas vez aparecem assim: nome_do_arquivo.LNk Enfim... esse programa acabou com minha máquina... alguém PODE ME AJUDAR !?!?!? Tá aih o LOG: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:29:43, on 26/4/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ctfmon.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe C:\Arquivos de programas\DAP\DAP.EXE C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\FreezeScreenSaver.exe C:\WINDOWS\system32\hzrController.exe C:\WINDOWS\system32\hzrService.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\AutoCAD 2008\acad.exe C:\DOCUME~1\ESTAO3~1\CONFIG~1\Temp\AdskCleanup.0001 C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\SoftwareDistribution\Download\Install\IE7-WindowsXP-x86-ptb.exe c:\170a4f2f24f876277f2da318f700ce31\update\iesetup.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\ARQUIV~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\INTERNAT.EXE C:\gmer.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file) O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Arquivos de programas\ShoppingReport\Bin\2.5.0\ShoppingReport.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Google Update Class - {6F282C89-3BD3-4387-92D9-C76428B07E07} - C:\Arquivos de programas\Google\Update\1.1.25.0\GoopdateBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NuonSoft ShellEnhancer StartupHelper] C:\Arquivos de programas\NuonSoft\ShellEnhancer\StartupHelper.exe O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Arquivos de programas\DAP\DAP.EXE" /STARTUP O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [skinClock] C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe O4 - HKCU\..\Run: [FreeRAM XP] "C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKCU\..\Run: [Longhorn SideBar] C:\WINDOWS\SideBar\SideBar.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" -autorun O8 - Extra context menu item: &Clean Traces - C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Download with &DAP - C:\Arquivos de programas\DAP\dapextie.htm O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: Download &all with DAP - C:\Arquivos de programas\DAP\dapextie2.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Arquivos de programas\ShoppingReport\Bin\2.5.0\ShoppingReport.dll O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Arquivos de programas\ShoppingReport\Bin\2.5.0\ShoppingReport.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C38814E6-97DA-4F0B-B173-F1E3276EE860}: NameServer = 200.153.74.195,200.153.74.196 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe O23 - Service: FreezeScreenSaver - Unknown owner - C:\WINDOWS\system32\FreezeScreenSaver.exe O23 - Service: Google Update Service (gupdate1c86358d4cde2d6) (gupdate1c86358d4cde2d6) - Google Inc. - C:\Arquivos de programas\Google\Update\1.1.25.0\GoogleUpdate.exe O23 - Service: HazardShield - Unknown owner - C:\WINDOWS\system32\hzrController.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe O23 - Service: Symantec Core LC - Unknown owner - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: Serviço de Partilha de Rede do Windows Media Player (WMPNetworkSvc) - Unknown owner - C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe (file missing) -- End of file - 8845 bytes

Depois que instalei um daqueles programinhas idiotas pra fazer meu XP ficar com a cara do Vista, e logo que retirei o mesmo...nunca mais consegui criar nenhum atalho e nem ao menos usar os já existentes. Esses por suas vez aparecem assim: nome_do_arquivo.LNk Enfim... esse programa acabou com minha máquina... alguém PODE ME AJUDAR !?!?!? Tá aih o LOG ComboFix 08-04-20.5 - Estação 3 2008-04-22 11:19:44.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.524 [GMT -3:00] Executando de: C:\Documents and Settings\Estação 3\Desktop\ComboFix.exe * Criado um novo ponto de restauro WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\pskill.exe . ((((((((((((((((((((((( Ficheiros criados de 2008-03-22 to 2008-04-22 )))))))))))))))))))))))))))))))) . 2008-04-22 07:08 . 2008-04-22 07:18 <DIR> d-------- C:\v 2008-04-18 16:30 . 2008-01-08 17:06 41,050 --a------ C:\TRANSFORMAR RUMO EM AZIMUTE.dwg 2008-04-18 16:16 . 2008-04-18 16:45 27,662 --a------ C:\MORRO ALTO.dwg 2008-04-18 13:50 . 2004-08-04 02:45 220,672 --a------ C:\WINDOWS\system32\logon.scr 2008-04-18 13:50 . 2004-08-04 02:45 220,672 --a--c--- C:\WINDOWS\system32\dllcache\logon.scr 2008-04-18 13:49 . 2004-08-04 02:45 220,672 --a------ C:\logon.scr 2008-04-18 12:14 . 2008-04-18 12:14 <DIR> d-------- C:\WINDOWS\system32\VIRepair 2008-04-18 09:35 . 2008-04-18 16:03 <DIR> d-------- C:\pm de igarapava 2008-04-16 16:17 . 2008-04-16 16:18 <DIR> d-------- C:\Documents and Settings\Estação 3\Dados de aplicativos\ViStart 2008-04-16 16:13 . 2008-04-16 16:13 <DIR> d-------- C:\Documents and Settings\Estação 3\Dados de aplicativos\Styler 2008-04-16 16:13 . 2008-04-16 16:13 <DIR> d-------- C:\Arquivos de programas\WinFlip 2008-04-16 16:13 . 2008-04-16 16:13 <DIR> d-------- C:\Arquivos de programas\TrueTransparency 2008-04-16 16:13 . 2008-04-18 12:14 <DIR> d-------- C:\Arquivos de programas\Styler 2008-04-16 16:12 . 2008-04-18 12:19 <DIR> d-------- C:\WINDOWS\system32\VITrans 2008-04-16 16:12 . 2008-04-16 16:13 <DIR> d-------- C:\VTPFiles 2008-04-16 16:12 . 2006-12-03 17:15 69,632 --a------ C:\WINDOWS\system32\moveex.exe 2008-04-16 16:12 . 2006-12-03 17:14 8,636 --a------ C:\WINDOWS\system32\modifype.exe 2008-04-16 15:41 . 2007-02-28 13:02 2,155,264 --a--c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-04-16 15:41 . 2007-02-28 13:02 2,032,512 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2008-04-16 15:41 . 2008-02-29 06:00 545,280 --a--c--- C:\WINDOWS\system32\dllcache\iexplore.exe 2008-04-16 15:41 . 2008-04-16 15:34 219,648 --a--c--- C:\WINDOWS\system32\dllcache\uxtheme.dll 2008-04-16 15:41 . 2004-08-04 00:44 210,944 --a--c--- C:\WINDOWS\system32\dllcache\moricons.dll 2008-04-16 15:34 . 2004-04-02 19:11 3,066,368 --a------ C:\WINDOWS\system32\longhornui.exe 2008-04-16 15:34 . 2003-12-13 00:40 1,485,312 --a------ C:\WINDOWS\system32\LonghornM5.scr 2008-04-16 15:34 . 2003-12-13 00:40 903,680 --a------ C:\WINDOWS\system32\Longhorn.scr 2008-04-16 15:34 . 2001-10-20 19:00 74,752 --a------ C:\WINDOWS\system32\LonghornPDC.scr 2008-04-16 15:34 . 2006-12-03 17:15 19,968 --a------ C:\WINDOWS\system32\reico.exe 2008-04-16 15:33 . 2008-04-16 15:41 <DIR> d-------- C:\WINDOWS\system32\LHTrans 2008-04-16 15:33 . 2008-04-16 15:33 <DIR> d-------- C:\WINDOWS\SideBar 2008-04-16 15:32 . 2008-04-16 15:41 <DIR> d-------- C:\LTPFiles 2008-04-16 15:32 . 2006-12-03 17:15 111,104 --a------ C:\WINDOWS\system32\Uharc.exe 2008-04-16 15:29 . 2004-09-03 23:43 199 --a------ C:\WINDOWS\system32\paypal.url 2008-04-16 15:29 . 2005-01-28 01:49 111 --a------ C:\WINDOWS\system32\winx.url 2008-04-16 12:06 . 2008-04-18 15:52 <DIR> d-------- C:\Arquivos de programas\Wise Disk Cleaner 2008-04-16 11:09 . 2008-04-18 15:49 <DIR> d-------- C:\Arquivos de programas\Wise Registry Cleaner 3 2008-04-16 10:44 . 2008-04-18 13:19 <DIR> d-------- C:\Arquivos de programas\CCleaner 2008-04-16 10:42 . 2008-04-16 10:42 <DIR> d-------- C:\Arquivos de programas\Nuganics 2008-04-16 10:42 . 2008-04-16 10:42 1,807,938 --a------ C:\WINDOWS\system32\Licking Dog Screen Clean.scr 2008-04-11 11:33 . 2008-04-11 11:33 <DIR> d-------- C:\4822937234827c0f8f 2008-04-11 08:32 . 2000-04-26 13:34 1,050,896 --a------ C:\Arquivos de programas\msjet35.dll 2008-04-10 09:41 . 2008-04-10 09:41 <DIR> d-------- C:\Documents and Settings\ESTAO3~2\dados de aplicativos 2008-04-10 09:41 . 2008-04-10 09:41 <DIR> d-------- C:\Documents and Settings\esta????o 3 2008-04-09 07:14 . 2000-09-14 21:05 303,616 --a------ C:\WINDOWS\IsUninst.exe 2008-04-05 08:12 . 2008-04-05 08:12 0 --ah----- C:\WINDOWS\SwSys2.bmp 2008-04-05 08:12 . 2008-04-05 08:12 0 --ah----- C:\WINDOWS\SwSys1.bmp 2008-03-28 12:46 . 2008-03-28 12:46 268 --ah----- C:\sqmdata01.sqm 2008-03-28 12:46 . 2008-03-28 12:46 244 --ah----- C:\sqmnoopt01.sqm 2008-03-27 13:30 . 2008-03-27 13:30 268 --ah----- C:\sqmdata00.sqm 2008-03-27 13:30 . 2008-03-27 13:30 244 --ah----- C:\sqmnoopt00.sqm 2008-03-27 07:10 . 2008-03-27 07:10 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb 2008-03-27 07:10 . 2008-03-27 07:10 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb 2008-03-26 14:37 . 2008-03-05 14:19 89,382 --a------ C:\WINDOWS\Wudf01000Inst111.html 2008-03-26 11:58 . 2008-04-16 13:20 <DIR> d-------- C:\Arquivos de programas\Orbitdownloader 2008-03-22 09:06 . 2008-03-22 08:57 691,545 --a------ C:\WINDOWS\unins000.exe 2008-03-22 09:06 . 2008-03-22 09:06 2,552 --a------ C:\WINDOWS\unins000.dat . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-18 16:56 --------- d-----w C:\Arquivos de programas\Houaiss 2008-04-17 10:53 --------- d-----w C:\Documents and Settings\Estação 3\Dados de aplicativos\Orbit 2008-04-16 18:34 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll 2008-04-16 18:16 --------- d-----w C:\Arquivos de programas\Windows Live 2008-04-16 16:20 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Symantec Shared 2008-04-16 16:19 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller 2008-04-15 11:14 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE 2008-04-02 18:33 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe 2008-04-02 18:31 --------- d-----w C:\Documents and Settings\Estação 3\Dados de aplicativos\AdobeUM 2008-04-01 14:54 --------- d-----w C:\Arquivos de programas\Google 2008-03-26 14:53 --------- d---a-w C:\Documents and Settings\All Users\Dados de aplicativos\TEMP 2008-03-24 10:02 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy 2008-03-24 10:02 --------- d-----w C:\Arquivos de programas\Spybot - Search & Destroy 2008-03-20 14:47 --------- d-----w C:\Arquivos de programas\Free Slideshow Screensaver 2008-03-20 14:46 --------- d-----w C:\Arquivos de programas\Exclusive Car Screensaver 2008-03-20 14:44 --------- d-----w C:\Arquivos de programas\Free Sporting Life Screensaver 2008-03-20 14:43 --------- d-----w C:\Arquivos de programas\Free Stereogram Screensaver 2008-03-20 14:43 --------- d-----w C:\Arquivos de programas\Free Abstractions Screensaver 2008-03-20 14:36 --------- d-----w C:\Arquivos de programas\Free Nude Screensaver 2008-03-20 14:00 --------- d-----w C:\Arquivos de programas\Free Da Vinci Code Screensaver 2008-03-20 14:00 --------- d-----w C:\Arquivos de programas\[AAA] Savers 2008-03-20 13:59 --------- d-----w C:\Arquivos de programas\Free Mercedes Screensaver 2008-03-20 13:55 --------- d-----w C:\Arquivos de programas\Free Ladybug Screensaver 2008-03-20 13:54 --------- d-----w C:\Arquivos de programas\Animal Angels Screensaver 2008-03-20 13:49 --------- d-----w C:\Arquivos de programas\Space Flight 3D Screensaver 2008-03-20 13:48 --------- d-----w C:\Arquivos de programas\Sunny Beach Screensaver 2008-03-20 13:34 --------- d-----w C:\Arquivos de programas\Planet Earth 3D Screensaver 2008-03-20 13:21 --------- d-----w C:\Arquivos de programas\Warm Summer Screensaver 2008-03-20 13:16 --------- d-----w C:\Arquivos de programas\Free Futurama Screensaver 2008-03-20 13:01 --------- d-----w C:\Arquivos de programas\Free Fairy Screensaver 2008-03-20 12:55 --------- d-----w C:\Arquivos de programas\Free Mountain Screensaver 2008-03-20 12:50 --------- d-----w C:\Arquivos de programas\Free Underwater Screensaver 2008-03-20 12:49 --------- d-----w C:\Arquivos de programas\Free Aquatic Screensaver 2008-03-20 12:48 --------- d-----w C:\Arquivos de programas\Free Goldfish Screensaver 2008-03-20 12:48 --------- d-----w C:\Arquivos de programas\Free Aquarium Screensaver 2008-03-20 12:48 --------- d-----w C:\Arquivos de programas\Fish Tank Screensaver 2008-03-20 12:02 --------- d-----w C:\Arquivos de programas\Freeze.com 2008-03-20 11:57 --------- d-----w C:\Arquivos de programas\OneStepSearch 2008-03-20 11:51 --------- d-----w C:\Arquivos de programas\Solar System Structure Screensaver 2008-03-20 11:44 --------- d-----w C:\Arquivos de programas\Free Snowy Mountain Screensaver 2008-03-20 11:42 --------- d-----w C:\Arquivos de programas\Free Solar System Screensaver 2008-03-20 11:34 --------- d-----w C:\Arquivos de programas\Free Cosmic Screensaver 2008-03-20 11:27 --------- d-----w C:\Arquivos de programas\Free Earth ScreenSaver 2008-03-20 11:26 --------- d-----w C:\Arquivos de programas\Free Space Screensaver 2008-03-20 11:24 --------- d-----w C:\Arquivos de programas\Free Winter Spirit Screensaver 2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-18 13:24 --------- d-----w C:\Arquivos de programas\MAsoft 2008-03-14 10:28 --------- d-----w C:\Documents and Settings\Estação 3\Dados de aplicativos\VSRevoGroup 2008-03-11 18:01 296,448 ----a-w C:\WINDOWS\system32\midas.dll 2008-03-10 13:16 --------- d-----w C:\Arquivos de programas\UberIcon 2008-03-06 17:49 --------- d-----w C:\Arquivos de programas\Alwil Software 2008-03-06 14:04 --------- d-----w C:\Arquivos de programas\GPLGS 2008-03-06 13:59 --------- d-----w C:\Arquivos de programas\Acro Software 2008-03-01 13:02 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-03-01 10:25 --------- d-----w C:\Arquivos de programas\MSXML 6.0 2008-02-29 15:50 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Symantec 2008-02-28 16:40 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus! 2008-02-28 16:04 --------- d-----w C:\Arquivos de programas\Windows Media Connect 2 2008-02-28 10:20 --------- d-----w C:\Arquivos de programas\NuonSoft 2008-02-27 13:50 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Babylon 2008-02-26 17:10 --------- d-----w C:\Documents and Settings\Estação 3\Dados de aplicativos\Aston 2008-02-26 16:52 --------- d-----w C:\Arquivos de programas\Java 2008-02-25 14:32 --------- d-----w C:\Documents and Settings\Estação 3\Dados de aplicativos\OtakuSoftware 2008-02-25 14:19 --------- d-----w C:\Arquivos de programas\Free Desktop Clock 2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll 2008-02-20 05:37 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll 2008-02-16 10:14 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE 2008-02-16 10:14 249,856 ------w C:\WINDOWS\Setup1.exe 2008-02-15 10:07 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL 2008-01-26 10:51 40,960 ----a-w C:\WINDOWS\system32\hzrService.exe 2008-01-26 10:51 32,768 ----a-w C:\WINDOWS\system32\hzrTray.exe 2008-01-26 10:51 15,360 ----a-w C:\WINDOWS\system32\hzrController.exe 2008-01-15 19:23 194,628,672 ----a-w C:\Arquivos de programas\Nero-8.2.8.0_ptb_trial(2).exe 1999-10-08 20:12 2,073 ----a-w C:\Arquivos de programas\Elemag.txt 1999-08-31 16:46 589 ----a-w C:\Arquivos de programas\Coef-i2000 1999-08-31 16:46 589 ----a-w C:\Arquivos de programas\Coef-f2000 1999-08-31 16:46 589 ----a-w C:\Arquivos de programas\Coef-d2000 . ------- Sigcheck ------- 2005-03-02 15:13 2061184 aed7b3aa86ad031cf39c6e4bba37e818 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe 2007-02-28 13:08 2063616 d027f0097b8f099c09369b8cc97d7c32 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe 2007-02-28 13:02 2061824 1683af18422f7de34575ee95be882ad1 C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe 2007-02-28 13:02 2032512 823a99c14ccaf4b9805a77b147124fd7 C:\WINDOWS\system32\ntkrnlpa.exe 2007-02-28 13:02 2032512 823a99c14ccaf4b9805a77b147124fd7 C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2007-02-28 13:02 2061824 1683af18422f7de34575ee95be882ad1 C:\WINDOWS\system32\LHTrans\ntkrnlpa.exe 2005-03-02 15:13 2183808 6e3ab4241e058b248cb7cdc5157449c3 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe 2007-02-28 13:08 2186368 bfb4c8761976cce0b544d557b4c70825 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe 2007-02-28 13:02 2184576 986c40660057a2bac752ed4f97cf4a10 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe 2007-02-28 13:02 2155264 7828e498247fbdd1b6f683758dbdbade C:\WINDOWS\system32\ntoskrnl.exe 2007-02-28 13:02 2155264 7828e498247fbdd1b6f683758dbdbade C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2007-02-28 13:02 2184576 986c40660057a2bac752ed4f97cf4a10 C:\WINDOWS\system32\LHTrans\ntoskrnl.exe . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* entradas vazias & legítimas por defeito não são mostradas. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] 2007-08-25 00:51 316784 --a------ C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] 2008-02-14 14:20 116088 --a------ C:\ARQUIV~1\ARQUIV~1\SYMANT~1\IDS\IPSBHO.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6F282C89-3BD3-4387-92D9-C76428B07E07}] 2008-03-14 07:24 156144 --a----t- C:\Arquivos de programas\Google\Update\1.1.25.0\GoopdateBho.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll" [2007-08-25 00:51 316784] [HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-25 00:51 316784] [HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360] "SpybotSD TeaTimer"="C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] "SkinClock"="C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe" [2006-10-01 16:50 334848] "FreeRAM XP"="C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [2006-03-22 23:13 1591808] "Longhorn SideBar"="C:\WINDOWS\SideBar\SideBar.exe" [2005-05-13 18:21 122880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 15:37 79224] "NuonSoft ShellEnhancer StartupHelper"="C:\Arquivos de programas\NuonSoft\ShellEnhancer\StartupHelper.exe" [2006-12-16 11:46 65536] "ccApp"="C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe" [2008-02-14 11:01 51048] "Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Arquivos de programas\\Orbitdownloader\\orbitnet.exe"= "C:\\Arquivos de programas\\Boltuha\\Boltuha\\Boltuha.exe"= R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 15:31] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 15:35] R2 FreezeScreenSaver;FreezeScreenSaver;C:\WINDOWS\system32\FreezeScreenSaver.exe [2005-09-29 14:55] R2 HazardShield;HazardShield;C:\WINDOWS\system32\hzrController.exe [2008-01-26 07:51] R2 Proteq;Proteq;C:\WINDOWS\system32\drivers\Proteq.sys [2003-07-17 15:02] S2 gupdate1c86358d4cde2d6;Google Update Service (gupdate1c86358d4cde2d6);"C:\Arquivos de programas\Google\Update\1.1.25.0\GoogleUpdate.exe" /svc /lang en [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c2d3892-bd50-11dc-8adb-0011d81b659e}] \Shell\AutoRun\command - 1i.com \Shell\explore\Command - 1i.com \Shell\open\Command - 1i.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0da33a5-06eb-11dd-8b75-0011d81b659e}] \Shell\AutoRun\command - cfv90h.com \Shell\explore\Command - cfv90h.com \Shell\open\Command - cfv90h.com *Newly Created Service* - CATCHME . Conteúdo da pasta 'Tarefas Agendadas' "2008-04-22 12:18:40 C:\WINDOWS\Tasks\GoogleUpdateTask.job" - C:\Arquivos de programas\Google\Update\1.1.25.0\GoogleUpdate.exe "2008-04-14 10:30:00 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Estação 3.job" - C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\Navw32.exel/TASK: "2008-02-08 11:35:26 C:\WINDOWS\Tasks\SmartDefrag.job" - C:\Arquivos de programas\IObit\IObit SmartDefrag\schedule.exe "2008-04-22 14:20:00 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0F9D0BDB-FA9C-41C7-9869-C24676DEACEB}.job" - C:\WINDOWS\system32\msfeedssync.exe . ************************************************************************** catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-22 11:21:24 Windows 5.1.2600 Service Pack 2 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros ocultos ... Varredura completada com sucesso Ficheiros ocultos: 0 ************************************************************************** . Tempo para conclusão: 2008-04-22 11:23:41 ComboFix-quarantined-files.txt 2008-04-22 14:23:17 Pre-Run: 60,093,378,560 bytes disponíveis Post-Run: 60,094,377,984 bytes disponíveis 242 --- E O F --- 2008-04-17 10:14:34

Tah aih o Log: