[Resolvido]Não consigo criar nenhum tipo de atalho no windows

gutoowl · Abril 24, 2008

Depois que instalei um daqueles programinhas idiotas pra fazer meu XP ficar com a cara do Vista, e logo que retirei o mesmo...nunca mais consegui criar nenhum atalho e nem ao menos usar os já existentes.

Esses por suas vez aparecem assim: nome_do_arquivo.LNk

Enfim... esse programa acabou com minha máquina...

alguém PODE ME AJUDAR !?!?!?

Tá aih o LOG

ComboFix 08-04-20.5 - Estação 3 2008-04-22 11:19:44.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.524 [GMT -3:00]

Executando de: C:\Documents and Settings\Estação 3\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\WINDOWS\system32\pskill.exe

.

((((((((((((((((((((((( Ficheiros criados de 2008-03-22 to 2008-04-22 ))))))))))))))))))))))))))))))))

.

2008-04-22 07:08 . 2008-04-22 07:18 <DIR> d-------- C:\v

2008-04-18 16:30 . 2008-01-08 17:06 41,050 --a------ C:\TRANSFORMAR RUMO EM AZIMUTE.dwg

2008-04-18 16:16 . 2008-04-18 16:45 27,662 --a------ C:\MORRO ALTO.dwg

2008-04-18 13:50 . 2004-08-04 02:45 220,672 --a------ C:\WINDOWS\system32\logon.scr

2008-04-18 13:50 . 2004-08-04 02:45 220,672 --a--c--- C:\WINDOWS\system32\dllcache\logon.scr

2008-04-18 13:49 . 2004-08-04 02:45 220,672 --a------ C:\logon.scr

2008-04-18 12:14 . 2008-04-18 12:14 <DIR> d-------- C:\WINDOWS\system32\VIRepair

2008-04-18 09:35 . 2008-04-18 16:03 <DIR> d-------- C:\pm de igarapava

2008-04-16 16:17 . 2008-04-16 16:18 <DIR> d-------- C:\Documents and Settings\Estação 3\Dados de aplicativos\ViStart

2008-04-16 16:13 . 2008-04-16 16:13 <DIR> d-------- C:\Documents and Settings\Estação 3\Dados de aplicativos\Styler

2008-04-16 16:13 . 2008-04-16 16:13 <DIR> d-------- C:\Arquivos de programas\WinFlip

2008-04-16 16:13 . 2008-04-16 16:13 <DIR> d-------- C:\Arquivos de programas\TrueTransparency

2008-04-16 16:13 . 2008-04-18 12:14 <DIR> d-------- C:\Arquivos de programas\Styler

2008-04-16 16:12 . 2008-04-18 12:19 <DIR> d-------- C:\WINDOWS\system32\VITrans

2008-04-16 16:12 . 2008-04-16 16:13 <DIR> d-------- C:\VTPFiles

2008-04-16 16:12 . 2006-12-03 17:15 69,632 --a------ C:\WINDOWS\system32\moveex.exe

2008-04-16 16:12 . 2006-12-03 17:14 8,636 --a------ C:\WINDOWS\system32\modifype.exe

2008-04-16 15:41 . 2007-02-28 13:02 2,155,264 --a--c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe

2008-04-16 15:41 . 2007-02-28 13:02 2,032,512 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

2008-04-16 15:41 . 2008-02-29 06:00 545,280 --a--c--- C:\WINDOWS\system32\dllcache\iexplore.exe

2008-04-16 15:41 . 2008-04-16 15:34 219,648 --a--c--- C:\WINDOWS\system32\dllcache\uxtheme.dll

2008-04-16 15:41 . 2004-08-04 00:44 210,944 --a--c--- C:\WINDOWS\system32\dllcache\moricons.dll

2008-04-16 15:34 . 2004-04-02 19:11 3,066,368 --a------ C:\WINDOWS\system32\longhornui.exe

2008-04-16 15:34 . 2003-12-13 00:40 1,485,312 --a------ C:\WINDOWS\system32\LonghornM5.scr

2008-04-16 15:34 . 2003-12-13 00:40 903,680 --a------ C:\WINDOWS\system32\Longhorn.scr

2008-04-16 15:34 . 2001-10-20 19:00 74,752 --a------ C:\WINDOWS\system32\LonghornPDC.scr

2008-04-16 15:34 . 2006-12-03 17:15 19,968 --a------ C:\WINDOWS\system32\reico.exe

2008-04-16 15:33 . 2008-04-16 15:41 <DIR> d-------- C:\WINDOWS\system32\LHTrans

2008-04-16 15:33 . 2008-04-16 15:33 <DIR> d-------- C:\WINDOWS\SideBar

2008-04-16 15:32 . 2008-04-16 15:41 <DIR> d-------- C:\LTPFiles

2008-04-16 15:32 . 2006-12-03 17:15 111,104 --a------ C:\WINDOWS\system32\Uharc.exe

2008-04-16 15:29 . 2004-09-03 23:43 199 --a------ C:\WINDOWS\system32\paypal.url

2008-04-16 15:29 . 2005-01-28 01:49 111 --a------ C:\WINDOWS\system32\winx.url

2008-04-16 12:06 . 2008-04-18 15:52 <DIR> d-------- C:\Arquivos de programas\Wise Disk Cleaner

2008-04-16 11:09 . 2008-04-18 15:49 <DIR> d-------- C:\Arquivos de programas\Wise Registry Cleaner 3

2008-04-16 10:44 . 2008-04-18 13:19 <DIR> d-------- C:\Arquivos de programas\CCleaner

2008-04-16 10:42 . 2008-04-16 10:42 <DIR> d-------- C:\Arquivos de programas\Nuganics

2008-04-16 10:42 . 2008-04-16 10:42 1,807,938 --a------ C:\WINDOWS\system32\Licking Dog Screen Clean.scr

2008-04-11 11:33 . 2008-04-11 11:33 <DIR> d-------- C:\4822937234827c0f8f

2008-04-11 08:32 . 2000-04-26 13:34 1,050,896 --a------ C:\Arquivos de programas\msjet35.dll

2008-04-10 09:41 . 2008-04-10 09:41 <DIR> d-------- C:\Documents and Settings\ESTAO3~2\dados de aplicativos

2008-04-10 09:41 . 2008-04-10 09:41 <DIR> d-------- C:\Documents and Settings\esta????o 3

2008-04-09 07:14 . 2000-09-14 21:05 303,616 --a------ C:\WINDOWS\IsUninst.exe

2008-04-05 08:12 . 2008-04-05 08:12 0 --ah----- C:\WINDOWS\SwSys2.bmp

2008-04-05 08:12 . 2008-04-05 08:12 0 --ah----- C:\WINDOWS\SwSys1.bmp

2008-03-28 12:46 . 2008-03-28 12:46 268 --ah----- C:\sqmdata01.sqm

2008-03-28 12:46 . 2008-03-28 12:46 244 --ah----- C:\sqmnoopt01.sqm

2008-03-27 13:30 . 2008-03-27 13:30 268 --ah----- C:\sqmdata00.sqm

2008-03-27 13:30 . 2008-03-27 13:30 244 --ah----- C:\sqmnoopt00.sqm

2008-03-27 07:10 . 2008-03-27 07:10 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb

2008-03-27 07:10 . 2008-03-27 07:10 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb

2008-03-26 14:37 . 2008-03-05 14:19 89,382 --a------ C:\WINDOWS\Wudf01000Inst111.html

2008-03-26 11:58 . 2008-04-16 13:20 <DIR> d-------- C:\Arquivos de programas\Orbitdownloader

2008-03-22 09:06 . 2008-03-22 08:57 691,545 --a------ C:\WINDOWS\unins000.exe

2008-03-22 09:06 . 2008-03-22 09:06 2,552 --a------ C:\WINDOWS\unins000.dat

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-04-18 16:56 --------- d-----w C:\Arquivos de programas\Houaiss

2008-04-17 10:53 --------- d-----w C:\Documents and Settings\Estação 3\Dados de aplicativos\Orbit

2008-04-16 18:34 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll

2008-04-16 18:16 --------- d-----w C:\Arquivos de programas\Windows Live

2008-04-16 16:20 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Symantec Shared

2008-04-16 16:19 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller

2008-04-15 11:14 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE

2008-04-02 18:33 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe

2008-04-02 18:31 --------- d-----w C:\Documents and Settings\Estação 3\Dados de aplicativos\AdobeUM

2008-04-01 14:54 --------- d-----w C:\Arquivos de programas\Google

2008-03-26 14:53 --------- d---a-w C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2008-03-24 10:02 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2008-03-24 10:02 --------- d-----w C:\Arquivos de programas\Spybot - Search & Destroy

2008-03-20 14:47 --------- d-----w C:\Arquivos de programas\Free Slideshow Screensaver

2008-03-20 14:46 --------- d-----w C:\Arquivos de programas\Exclusive Car Screensaver

2008-03-20 14:44 --------- d-----w C:\Arquivos de programas\Free Sporting Life Screensaver

2008-03-20 14:43 --------- d-----w C:\Arquivos de programas\Free Stereogram Screensaver

2008-03-20 14:43 --------- d-----w C:\Arquivos de programas\Free Abstractions Screensaver

2008-03-20 14:36 --------- d-----w C:\Arquivos de programas\Free Nude Screensaver

2008-03-20 14:00 --------- d-----w C:\Arquivos de programas\Free Da Vinci Code Screensaver

2008-03-20 14:00 --------- d-----w C:\Arquivos de programas\[AAA] Savers

2008-03-20 13:59 --------- d-----w C:\Arquivos de programas\Free Mercedes Screensaver

2008-03-20 13:55 --------- d-----w C:\Arquivos de programas\Free Ladybug Screensaver

2008-03-20 13:54 --------- d-----w C:\Arquivos de programas\Animal Angels Screensaver

2008-03-20 13:49 --------- d-----w C:\Arquivos de programas\Space Flight 3D Screensaver

2008-03-20 13:48 --------- d-----w C:\Arquivos de programas\Sunny Beach Screensaver

2008-03-20 13:34 --------- d-----w C:\Arquivos de programas\Planet Earth 3D Screensaver

2008-03-20 13:21 --------- d-----w C:\Arquivos de programas\Warm Summer Screensaver

2008-03-20 13:16 --------- d-----w C:\Arquivos de programas\Free Futurama Screensaver

2008-03-20 13:01 --------- d-----w C:\Arquivos de programas\Free Fairy Screensaver

2008-03-20 12:55 --------- d-----w C:\Arquivos de programas\Free Mountain Screensaver

2008-03-20 12:50 --------- d-----w C:\Arquivos de programas\Free Underwater Screensaver

2008-03-20 12:49 --------- d-----w C:\Arquivos de programas\Free Aquatic Screensaver

2008-03-20 12:48 --------- d-----w C:\Arquivos de programas\Free Goldfish Screensaver

2008-03-20 12:48 --------- d-----w C:\Arquivos de programas\Free Aquarium Screensaver

2008-03-20 12:48 --------- d-----w C:\Arquivos de programas\Fish Tank Screensaver

2008-03-20 12:02 --------- d-----w C:\Arquivos de programas\Freeze.com

2008-03-20 11:57 --------- d-----w C:\Arquivos de programas\OneStepSearch

2008-03-20 11:51 --------- d-----w C:\Arquivos de programas\Solar System Structure Screensaver

2008-03-20 11:44 --------- d-----w C:\Arquivos de programas\Free Snowy Mountain Screensaver

2008-03-20 11:42 --------- d-----w C:\Arquivos de programas\Free Solar System Screensaver

2008-03-20 11:34 --------- d-----w C:\Arquivos de programas\Free Cosmic Screensaver

2008-03-20 11:27 --------- d-----w C:\Arquivos de programas\Free Earth ScreenSaver

2008-03-20 11:26 --------- d-----w C:\Arquivos de programas\Free Space Screensaver

2008-03-20 11:24 --------- d-----w C:\Arquivos de programas\Free Winter Spirit Screensaver

2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys

2008-03-18 13:24 --------- d-----w C:\Arquivos de programas\MAsoft

2008-03-14 10:28 --------- d-----w C:\Documents and Settings\Estação 3\Dados de aplicativos\VSRevoGroup

2008-03-11 18:01 296,448 ----a-w C:\WINDOWS\system32\midas.dll

2008-03-10 13:16 --------- d-----w C:\Arquivos de programas\UberIcon

2008-03-06 17:49 --------- d-----w C:\Arquivos de programas\Alwil Software

2008-03-06 14:04 --------- d-----w C:\Arquivos de programas\GPLGS

2008-03-06 13:59 --------- d-----w C:\Arquivos de programas\Acro Software

2008-03-01 13:02 826,368 ----a-w C:\WINDOWS\system32\wininet.dll

2008-03-01 10:25 --------- d-----w C:\Arquivos de programas\MSXML 6.0

2008-02-29 15:50 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Symantec

2008-02-28 16:40 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Messenger Plus!

2008-02-28 16:04 --------- d-----w C:\Arquivos de programas\Windows Media Connect 2

2008-02-28 10:20 --------- d-----w C:\Arquivos de programas\NuonSoft

2008-02-27 13:50 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Babylon

2008-02-26 17:10 --------- d-----w C:\Documents and Settings\Estação 3\Dados de aplicativos\Aston

2008-02-26 16:52 --------- d-----w C:\Arquivos de programas\Java

2008-02-25 14:32 --------- d-----w C:\Documents and Settings\Estação 3\Dados de aplicativos\OtakuSoftware

2008-02-25 14:19 --------- d-----w C:\Arquivos de programas\Free Desktop Clock

2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll

2008-02-20 05:37 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll

2008-02-16 10:14 73,216 ----a-w C:\WINDOWS\ST6UNST.EXE

2008-02-16 10:14 249,856 ------w C:\WINDOWS\Setup1.exe

2008-02-15 10:07 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL

2008-01-26 10:51 40,960 ----a-w C:\WINDOWS\system32\hzrService.exe

2008-01-26 10:51 32,768 ----a-w C:\WINDOWS\system32\hzrTray.exe

2008-01-26 10:51 15,360 ----a-w C:\WINDOWS\system32\hzrController.exe

2008-01-15 19:23 194,628,672 ----a-w C:\Arquivos de programas\Nero-8.2.8.0_ptb_trial(2).exe

1999-10-08 20:12 2,073 ----a-w C:\Arquivos de programas\Elemag.txt

1999-08-31 16:46 589 ----a-w C:\Arquivos de programas\Coef-i2000

1999-08-31 16:46 589 ----a-w C:\Arquivos de programas\Coef-f2000

1999-08-31 16:46 589 ----a-w C:\Arquivos de programas\Coef-d2000

.

------- Sigcheck -------

2005-03-02 15:13 2061184 aed7b3aa86ad031cf39c6e4bba37e818 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe

2007-02-28 13:08 2063616 d027f0097b8f099c09369b8cc97d7c32 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe

2007-02-28 13:02 2061824 1683af18422f7de34575ee95be882ad1 C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe

2007-02-28 13:02 2032512 823a99c14ccaf4b9805a77b147124fd7 C:\WINDOWS\system32\ntkrnlpa.exe

2007-02-28 13:02 2032512 823a99c14ccaf4b9805a77b147124fd7 C:\WINDOWS\system32\dllcache\ntkrnlpa.exe

2007-02-28 13:02 2061824 1683af18422f7de34575ee95be882ad1 C:\WINDOWS\system32\LHTrans\ntkrnlpa.exe

2005-03-02 15:13 2183808 6e3ab4241e058b248cb7cdc5157449c3 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe

2007-02-28 13:08 2186368 bfb4c8761976cce0b544d557b4c70825 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe

2007-02-28 13:02 2184576 986c40660057a2bac752ed4f97cf4a10 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe

2007-02-28 13:02 2155264 7828e498247fbdd1b6f683758dbdbade C:\WINDOWS\system32\ntoskrnl.exe

2007-02-28 13:02 2155264 7828e498247fbdd1b6f683758dbdbade C:\WINDOWS\system32\dllcache\ntoskrnl.exe

2007-02-28 13:02 2184576 986c40660057a2bac752ed4f97cf4a10 C:\WINDOWS\system32\LHTrans\ntoskrnl.exe

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

REGEDIT4

*Nota* entradas vazias & legítimas por defeito não são mostradas.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

2007-08-25 00:51 316784 --a------ C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

2008-02-14 14:20 116088 --a------ C:\ARQUIV~1\ARQUIV~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6F282C89-3BD3-4387-92D9-C76428B07E07}]

2008-03-14 07:24 156144 --a----t- C:\Arquivos de programas\Google\Update\1.1.25.0\GoopdateBho.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll" [2007-08-25 00:51 316784]

[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-25 00:51 316784]

[HKEY_CLASSES_ROOT\clsid\{7febefe3-6b19-4349-98d2-ffb09d4b49ca}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360]

"SpybotSD TeaTimer"="C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

"SkinClock"="C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe" [2006-10-01 16:50 334848]

"FreeRAM XP"="C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [2006-03-22 23:13 1591808]

"Longhorn SideBar"="C:\WINDOWS\SideBar\SideBar.exe" [2005-05-13 18:21 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 15:37 79224]

"NuonSoft ShellEnhancer StartupHelper"="C:\Arquivos de programas\NuonSoft\ShellEnhancer\StartupHelper.exe" [2006-12-16 11:46 65536]

"ccApp"="C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe" [2008-02-14 11:01 51048]

"Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"C:\\Arquivos de programas\\Orbitdownloader\\orbitnet.exe"=

"C:\\Arquivos de programas\\Boltuha\\Boltuha\\Boltuha.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 15:31]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 15:35]

R2 FreezeScreenSaver;FreezeScreenSaver;C:\WINDOWS\system32\FreezeScreenSaver.exe [2005-09-29 14:55]

R2 HazardShield;HazardShield;C:\WINDOWS\system32\hzrController.exe [2008-01-26 07:51]

R2 Proteq;Proteq;C:\WINDOWS\system32\drivers\Proteq.sys [2003-07-17 15:02]

S2 gupdate1c86358d4cde2d6;Google Update Service (gupdate1c86358d4cde2d6);"C:\Arquivos de programas\Google\Update\1.1.25.0\GoogleUpdate.exe" /svc /lang en []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1c2d3892-bd50-11dc-8adb-0011d81b659e}]

\Shell\AutoRun\command - 1i.com

\Shell\explore\Command - 1i.com

\Shell\open\Command - 1i.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a0da33a5-06eb-11dd-8b75-0011d81b659e}]

\Shell\AutoRun\command - cfv90h.com

\Shell\explore\Command - cfv90h.com

\Shell\open\Command - cfv90h.com

*Newly Created Service* - CATCHME

.

Conteúdo da pasta 'Tarefas Agendadas'

"2008-04-22 12:18:40 C:\WINDOWS\Tasks\GoogleUpdateTask.job"

- C:\Arquivos de programas\Google\Update\1.1.25.0\GoogleUpdate.exe

"2008-04-14 10:30:00 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Estação 3.job"

- C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\Navw32.exel/TASK:

"2008-02-08 11:35:26 C:\WINDOWS\Tasks\SmartDefrag.job"

- C:\Arquivos de programas\IObit\IObit SmartDefrag\schedule.exe

"2008-04-22 14:20:00 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0F9D0BDB-FA9C-41C7-9869-C24676DEACEB}.job"

- C:\WINDOWS\system32\msfeedssync.exe

.

**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-22 11:21:24

Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso

Ficheiros ocultos: 0

**************************************************************************

.

Tempo para conclusão: 2008-04-22 11:23:41

ComboFix-quarantined-files.txt 2008-04-22 14:23:17

Pre-Run: 60,093,378,560 bytes disponíveis

Post-Run: 60,094,377,984 bytes disponíveis

242 --- E O F --- 2008-04-17 10:14:34

JackSSA · Abril 25, 2008

Queira por gentileza postar um Log do Hijackthis neste Tópico, conforme é solicitado no tópico a seguir:

http://scriptbrasil.com.br/forum/index.php?showtopic=86007

gutoowl · Abril 26, 2008

Depois que instalei um daqueles programinhas idiotas pra fazer meu XP ficar com a cara do Vista, e logo que retirei o mesmo...nunca mais consegui criar nenhum atalho e nem ao menos usar os já existentes.

Esses por suas vez aparecem assim: nome_do_arquivo.LNk

Enfim... esse programa acabou com minha máquina...

alguém PODE ME AJUDAR !?!?!?

Tá aih o LOG:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 08:29:43, on 26/4/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\ctfmon.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

C:\Arquivos de programas\DAP\DAP.EXE

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe

C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe

C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe

C:\WINDOWS\system32\FreezeScreenSaver.exe

C:\WINDOWS\system32\hzrController.exe

C:\WINDOWS\system32\hzrService.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\AutoCAD 2008\acad.exe

C:\DOCUME~1\ESTAO3~1\CONFIG~1\Temp\AdskCleanup.0001

C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\SoftwareDistribution\Download\Install\IE7-WindowsXP-x86-ptb.exe

c:\170a4f2f24f876277f2da318f700ce31\update\iesetup.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\ARQUIV~1\MOZILL~1\FIREFOX.EXE

C:\WINDOWS\system32\INTERNAT.EXE

C:\gmer.exe

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - (no file)

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Arquivos de programas\ShoppingReport\Bin\2.5.0\ShoppingReport.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\IDS\IPSBHO.dll

O2 - BHO: Google Update Class - {6F282C89-3BD3-4387-92D9-C76428B07E07} - C:\Arquivos de programas\Google\Update\1.1.25.0\GoopdateBho.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll

O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NuonSoft ShellEnhancer StartupHelper] C:\Arquivos de programas\NuonSoft\ShellEnhancer\StartupHelper.exe

O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Arquivos de programas\DAP\DAP.EXE" /STARTUP

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [skinClock] C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe

O4 - HKCU\..\Run: [FreeRAM XP] "C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win

O4 - HKCU\..\Run: [Longhorn SideBar] C:\WINDOWS\SideBar\SideBar.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" -autorun

O8 - Extra context menu item: &Clean Traces - C:\Arquivos de programas\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Download with &DAP - C:\Arquivos de programas\DAP\dapextie.htm

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: Download &all with DAP - C:\Arquivos de programas\DAP\dapextie2.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll

O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Arquivos de programas\Google\Google Gears\Internet Explorer.3.13.0\gears.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Arquivos de programas\ShoppingReport\Bin\2.5.0\ShoppingReport.dll

O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Arquivos de programas\ShoppingReport\Bin\2.5.0\ShoppingReport.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C38814E6-97DA-4F0B-B173-F1E3276EE860}: NameServer = 200.153.74.195,200.153.74.196

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: FreezeScreenSaver - Unknown owner - C:\WINDOWS\system32\FreezeScreenSaver.exe

O23 - Service: Google Update Service (gupdate1c86358d4cde2d6) (gupdate1c86358d4cde2d6) - Google Inc. - C:\Arquivos de programas\Google\Update\1.1.25.0\GoogleUpdate.exe

O23 - Service: HazardShield - Unknown owner - C:\WINDOWS\system32\hzrController.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: Symantec Core LC - Unknown owner - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\CCPD-LC\symlcsvc.exe

O23 - Service: Serviço de Partilha de Rede do Windows Media Player (WMPNetworkSvc) - Unknown owner - C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe (file missing)

--

End of file - 8845 bytes

gutoowl · Abril 26, 2008

Desculpa mas esqueci de mencionar que o meu Office também parou de funcionar e me dá uma mensagem de "windows installer" e depois fala que o aplicativo naão pode ser aberto

JackSSA · Abril 26, 2008

Amigo, por gentileza, poste as repostas neste Tópico clicando no botão RESPONDER. Obrigado.

Baixe Deckard's System Scanner

http://www.techsupportforum.com/sectools/Deckard/dss.exe

Feche todos os programas e janelas
Dê duplo-clique no arquivo dss.exe para executá-lo e vá seguindo os prompts.
Quando o exame terminar o bloco de notas irá abrir com o nome Main.txt
Salve este arquivo e feche o bloco de notas.
Vai abrir uma pasta também -> C:\Deckard
Dentro dela haverá um outro arquivo de texto chamado Extra.txt
Salve este arquivo também e feche o bloco de notas.

Obs: Alguns Firewalls podem alertar sobre o processo sigcheck.exe tentando se conectar à internet.

Certifique-se de permitir este acesso.

Copie o arquivo C:\Deckard\Extra.txt e cole na sua resposta.

Anexe o arquivo main.txt

gutoowl · Abril 28, 2008

JackSSA · Abril 28, 2008

Faça o download do Hotbar Uninstaller:

http://client.hotbar.com/downloads/Uninsta...Uninstaller.exe

Execute-o e confirme para desinstalar o Hotbar.

Faça o download do RegSeeker

http://www.hoverdesk.net/dl/en/RegSeeker.zip

Após o Download, extraia os arquivos para uma pasta qualquer e execute o programa clicando sobre RegSeeker.exe.
Abra o RegSeeker. Clique em Languages... e selecione Português do Brasil.
Clique em Procurar.
Na caixa Procurar por: coloque ShopperReports, clique em Procurar.
Aguarde o término da busca.
Clique em Select e em seguida Selecionar Tudo.
Clique em Action, em seguida Apagar entradas selecionadas, clique em Ok e novamente em Ok.

Reinicie e poste um novo Log do Hijackthis feito em Modo Normal.

gutoowl · Abril 29, 2008

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 08:21:20, on 29/4/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Arquivos de programas\DAP\DAP.EXE

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Free Desktop Clock\DesktopClock.exe

C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe

C:\WINDOWS\system32\FreezeScreenSaver.exe

C:\WINDOWS\system32\hzrController.exe

C:\WINDOWS\system32\hzrService.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Arquivos de programas\CDBurnerXP\NMSAccessU.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Trend Micro\HijackThis\Estação 3.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\INTERNAT.EXE

C:\Arquivos de programas\AutoCAD 2008\acad.exe

C:\DOCUME~1\ESTAO3~1\CONFIG~1\Temp\AdskCleanup.0001

C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe

C:\Arquivos de programas\VS Revo Group\Revo Uninstaller\revouninstaller.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =