pilantirn
-
Total de itens
0 -
Registro em
-
Última visita
Posts postados por pilantirn
-
-
putz, ainda continua o mesmo erro, quando tento abrir uma foto, ou até mesmo uma pasta com fotos, da erro do explorer.exe
o log limpo num quer dizer que o pc tá ok? só quer dizer que num é problema com malware?
bom, de qualquer jeito agradeço a ajuda
-
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Friday, June 20, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, June 20, 2008 21:55:17
Records in database: 879823
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
A:\
C:\
D:\
E:\
Scan statistics:
Files scanned: 46995
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 01:13:56
File name / Threat name / Threats count
C:\Documents and Settings\pilantrin\Meus documentos\WoW\AddOns\MobMapInstaller.exe Infected: Trojan-PSW.Win32.WOW.bar 1
The selected area was scanned.
estranho, o tal do virus é um addon de um jogo (world of warcraft) e uso ele desdo ano passado e nunca deu esse problema, é um addon bem conhecido, muitas pessoas usam e nunca vi ngm reclamar disso :s
otra coisa, foi um sacrificio pra conseguir passar o scan, primeiro tentei com o firefox, dava um erro no meio da atualização e fexava o firefox, tentei varias vezes e sempre a mesma coisa
depois tentei com IE, atualizou legal, mas deu erro e fexou umas 2 vezes no meio do scan, na tercera, demorou mas foi
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:55:14, on 19/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: 209.234.247.4 nprotect.acclaimdownloads.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon]RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download All with FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Serviço 'Gateway de camada de aplicativo' (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 6118 bytes
ComboFix 08-06-16.5 - pilantrin 2008-06-19 15:48:56.1 - NTFSx86Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.598 [GMT -3:00]Executando de: C:\Documents and Settings\pilantrin\Desktop\ComboFix.exe
* Criado um novo ponto de restauro
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((( Ficheiros criados de 2008-05-19 to 2008-06-19 ))))))))))))))))))))))))))))))))
.
2008-06-18 20:11 . 2008-06-18 20:11 <DIR> d-------- C:\Arquivos de programas\IrfanView
2008-06-18 19:13 . 2008-06-18 20:02 48,263,321 --a------ C:\Arquivos de programas\Arquivos comuns\Hatsu+Inu.zip
2008-06-18 10:04 . 2008-06-18 10:04 <DIR> d-------- C:\Mgame
2008-06-18 09:58 . 2008-06-18 09:58 <DIR> d-------- C:\Ongame
2008-06-18 09:58 . 2008-06-18 09:58 <DIR> d--h----- C:\Arquivos de programas\InstallShield Installation Information
2008-06-17 11:05 . 2008-06-17 11:05 <DIR> d-------- C:\Arquivos de programas\Your Freedom
2008-06-17 11:05 . 2008-06-17 11:05 <DIR> d-------- C:\Arquivos de programas\SocksCapV2
2008-06-17 09:32 . 2008-06-17 10:13 <DIR> d-------- C:\Arquivos de programas\Acclaim
2008-06-15 17:10 . 2008-06-17 10:14 <DIR> d-------- C:\Arquivos de programas\DAEMON Tools
2008-06-14 14:51 . 2008-06-14 14:51 <DIR> d-------- C:\WINDOWS\system32\pt-br
2008-06-14 14:49 . 2008-06-14 14:49 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-06-14 14:49 . 2008-06-14 14:50 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-06-13 01:03 . 2008-06-13 01:03 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Yahoo! Companion
2008-06-13 00:21 . 2008-06-13 02:52 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-06-13 00:17 . 2008-06-13 00:17 <DIR> d-------- C:\Arquivos de programas\Yahoo!
2008-06-13 00:17 . 2008-06-13 00:17 <DIR> d-------- C:\Arquivos de programas\CCleaner
2008-06-13 00:01 . 2008-06-13 00:01 <DIR> d-------- C:\Arquivos de programas\Trend Micro
2008-06-11 18:15 . 2008-06-11 18:20 <DIR> d-------- C:\Arquivos de programas\Wise Registry Cleaner 3
2008-06-11 17:03 . 2008-06-11 17:03 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard
2008-06-11 15:07 . 2008-06-11 16:02 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Lavasoft
2008-06-11 15:07 . 2008-06-11 15:07 <DIR> d-------- C:\Arquivos de programas\Lavasoft
2008-06-11 13:52 . 2008-06-11 13:52 335 --a------ C:\WINDOWS\mozregistry.dat
2008-06-11 13:44 . 2008-06-11 13:44 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-06-10 16:49 . 2008-06-10 16:49 268 --ah----- C:\sqmdata02.sqm
2008-06-10 16:49 . 2008-06-10 16:49 244 --ah----- C:\sqmnoopt02.sqm
2008-06-10 15:35 . 2008-06-10 15:35 268 --ah----- C:\sqmdata01.sqm
2008-06-10 15:35 . 2008-06-10 15:35 244 --ah----- C:\sqmnoopt01.sqm
2008-06-10 13:01 . 2008-06-10 13:01 80,525 --a------ C:\romini.dmp
2008-06-10 12:51 . 2008-06-10 12:51 <DIR> d-------- C:\Program Files
2008-06-10 12:46 . 2003-07-19 12:17 5,174 --a------ C:\WINDOWS\system32\nppt9x.vxd
2008-06-10 12:46 . 2005-01-03 03:43 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2008-06-10 11:40 . 2008-06-10 23:17 <DIR> d-------- C:\Rohan
2008-06-10 11:40 . 2008-06-10 11:40 268 --ah----- C:\sqmdata00.sqm
2008-06-10 11:40 . 2008-06-10 11:40 244 --ah----- C:\sqmnoopt00.sqm
2008-06-09 17:41 . 2004-08-03 23:45 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-06-03 13:59 . 2008-06-03 13:59 <DIR> d-------- C:\Level Up! Games
2008-05-31 00:23 . 2008-05-31 00:23 <DIR> d-------- C:\Arquivos de programas\CDisplay
2008-05-30 08:16 . 2008-05-30 08:16 <DIR> d-------- C:\WINDOWS\Sun
2008-05-30 08:16 . 2008-05-30 08:16 <DIR> d-------- C:\Documents and Settings\pilantrin\SystemRequirementsLab
2008-05-30 08:16 . 2008-05-30 08:17 <DIR> d-------- C:\Arquivos de programas\SystemRequirementsLab
2008-05-26 15:42 . 2008-05-26 15:42 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-05-26 15:42 . 2008-05-26 15:42 <DIR> d-------- C:\WINDOWS\Profiles
2008-05-26 15:42 . 2008-05-26 15:42 <DIR> d-------- C:\Documents and Settings\pilantrin\Dados de aplicativos\InterTrust
2008-05-26 15:42 . 2008-05-26 15:42 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\SWF Studio
2008-05-26 15:42 . 2008-05-26 15:43 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Adobe
2008-05-26 15:42 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-05-21 23:29 . 2008-05-29 18:57 <DIR> d-------- C:\Documents and Settings\pilantrin\Dados de aplicativos\mIRC
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-19 18:46 --------- d-----w C:\Arquivos de programas\FlashGet
2008-06-18 12:57 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield
2008-06-17 13:50 --------- d-----w C:\Arquivos de programas\ESET
2008-06-17 13:07 --------- d-----w C:\Arquivos de programas\World of Warcraft
2008-06-15 23:43 11,014,362 ----a-w C:\Arquivos de programas\Arquivos comuns\Video+Apresentacao+Alison+Angel.wmv
2008-06-11 20:03 --------- d-----w C:\Arquivos de programas\MSN Messenger
2008-05-16 14:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-05-11 05:16 --------- d-----w C:\Documents and Settings\pilantrin\Dados de aplicativos\LimeWire
2008-05-09 19:05 --------- d-----w C:\Arquivos de programas\Windows Live
2008-05-09 13:37 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\NVIDIA
2008-05-08 21:04 --------- d-----w C:\Arquivos de programas\LimeWire
2008-05-08 04:28 4,096 ----a-w C:\WINDOWS\system32\drivers\nocashio.sys
2008-05-07 14:56 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-05-07 04:15 --------- d-----w C:\Documents and Settings\pilantrin\Dados de aplicativos\MegauploadToolbar
2008-05-07 04:15 --------- d-----w C:\Arquivos de programas\MegauploadToolbar
2008-05-06 18:58 --------- d-----w C:\Arquivos de programas\Combined Community Codec Pack
2008-05-05 19:38 --------- d-----w C:\Documents and Settings\pilantrin\Dados de aplicativos\Media Player Classic
2008-05-05 19:37 --------- d-----w C:\Arquivos de programas\Real Alternative
2008-05-04 19:48 --------- d-----w C:\Arquivos de programas\Java
2008-05-04 19:47 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Java
2008-05-04 00:20 --------- d-----w C:\Documents and Settings\pilantrin\Dados de aplicativos\Winamp
2008-05-04 00:18 --------- d-----w C:\Arquivos de programas\Winamp
2008-05-03 23:57 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Blizzard Entertainment
2008-05-03 22:42 --------- d-----w C:\Arquivos de programas\VIA
2008-05-03 21:57 --------- d-----w C:\Arquivos de programas\microsoft frontpage
2008-05-03 21:55 --------- d-----w C:\Arquivos de programas\Serviços on-line
2008-05-03 21:54 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Serviços
2008-04-29 14:20 15,648 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2008-04-29 14:19 15,648 ----a-w C:\WINDOWS\system32\drivers\Awrtrd.sys
2008-04-29 14:19 12,960 ----a-w C:\WINDOWS\system32\drivers\Awrtpd.sys
.
------- Sigcheck -------
2004-08-03 22:14 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\system32\dllcache\tcpip.sys
2004-08-03 22:14 359040 6a603809f598332dbedd535bdbce313e C:\WINDOWS\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vazias & legítimas por defeito não são mostradas.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:45 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:45 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= C:\ARQUIV~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Arquivos de programas\\FlashGet\\flashget.exe"=
"C:\\Arquivos de programas\\World of Warcraft\\Repair.exe"=
"C:\\Arquivos de programas\\Java\\jre1.6.0_06\\bin\\javaw.exe"=
"C:\\Downloads\\Battlefield. Vietnam.By.DarkWatch.WWW.THEREBELS.COM.BR\\bfvietnam.exe"=
"C:\\Arquivos de programas\\Acclaim\\2moons\\minilauncher.exe"=
S3 XDva092;XDva092;C:\WINDOWS\system32\XDva092.sys []
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-19 15:50:11
Windows 5.1.2600 Service Pack 2 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros ocultos ...
Varredura completada com sucesso
Ficheiros ocultos: 0
**************************************************************************
.
Tempo para conclusão: 2008-06-19 15:50:50
ComboFix-quarantined-files.txt 2008-06-19 18:50:48
Pre-Run: 11,798,327,296 bytes disponíveis
Post-Run: 11,988,721,664 bytes disponíveis
135
-
bom, aqui to eu enxendo o saco de novo... voltou a dar erro do explorer.exe, mas dessa vez da erro sempre que eu tento abrir alguma foto, em qualquer formato
aqui o log
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 23:55:48, on 18/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe
C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: 209.234.247.4 nprotect.acclaimdownloads.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon]RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download All with FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Serviço 'Gateway de camada de aplicativo' (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 6240 bytes
eu consigo ver fotos usando algum visualizador de imagens, mas eu num posso clicar na foto pra abri se não da erro, eu tenho que abrir o visualizador e ir no diretorio da imagem, ae sim abre :s
-
não persistem não, erros do explorer e do drwtsn32 pararam e a 'lerdeza' passou também
vlw pela analise, qualquer coisa eu volto aqui enxer o saco :D
-
bom galera, meu pc tava funcionando normalmente até ontem... um amigo meu veio aqui em casa e foi usar o pc, abriu o firefox normalmente e navegou uns dois minutos antes de travar.... sumiu tudo do desktop e num dava mais pra abrir firefox, MSN, ie, nem nada, só pastas e ainda por cima demorava uns 30 segundos pra abrir uma pasta
eu resolvi a parte do desktop simplesmente clicando com o botão direito e marcando ''mostrar icones da area de trabalho'', mas ainda tava tudo lerdo e pra piorar começou a dar erro no explorer.exe cada vez que eu abria qualquer pasta e as vezes dava erro em um tal de drwtsn32.exe também
eu passei o antivirus (nod-32) e num achou nada, passei o ad-aware e achou uns 140 spyware e um virus, eu deletei tudo mas ainda assim o pc continua lento e dando erro no explorer e drwtsn32 sem parar
edit: só pra completar, hj cedo eu passei aquele scan online do bitdefender (http://www.bitdefender.com/scan8/ie.html) e num achou nada, mas depois que acabou o teste o pc tava mais lerdo que já estava antes, então fui reiniciar e naquela hora que ta carregando o windows dava erro de bluescreen e o pc reiniciava na hora
reiniciou umas 5x, pensei que já era, ia ter que formatar, então peguei o cd do windows e entrei nele e fui lá pra reparar windows, fiz um chkdsk, demorou uma hora +- mas reparou e consegui entrar de novo e os erros de explorer, pelo menos até agora, pararam
então fica ae, parece que ta tudo normal, mas se quiserem da uma ajuda mesmo assim só pra mim ter certeza, obvio que num me importo :P
aqui ta o log da hijackthis de ontem:
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 00:01:24, on 13/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe
C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\explorer.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon]RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download All with FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Serviço 'Gateway de camada de aplicativo' (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 4826 bytes
e num sei se é necessario, mas aqui ta o log de hj, depois que fiz o chkdsk:
Logfile of Trend Micro HijackThis v2.0.2Scan saved at 13:14:31, on 13/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon]RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Download All with FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O17 - HKLM\System\CS1\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O17 - HKLM\System\CS2\Services\Tcpip\..\{3EA8AC53-D71F-4E41-8006-ED07BE7489A1}: NameServer = 201.10.120.2,201.10.128.3
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Serviço 'Gateway de camada de aplicativo' (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 5800 bytes
qualquer ajuda é bem vinda, vlw :D
[Resolvido]erros e pc lento
em Casos Resolvidos
Postado
opa, problema resolvido, baxei o sp3 como você indicou e boa, ta abrindo foto normalmente e mais nada de erro do explorer ou qualquer outro erro
muito obrigado pela ajuda :D