I can't believe this was not answered yet ... one week later ...
Anyways, I don't know if this was what you was going to tell me to do, but I did run a scan with ComboFix and with
HJT one more time.
I hope this can help to bring a quicker answer ... I'm so tired to see my PC blocking ...
ComboFix log:
ComboFix 08-04-18.3 - Teresa Calado 2008-04-20 13:33:45.12 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.0.1252.1.2070.18.50 [GMT 1:00]Executando de: C:\Documents and Settings\Teresa Calado\Ambiente de trabalho\ComboFix.exe
* Criado um novo ponto de restauro
.
((((((((((((((((((((((((((((((((((((( Outras Exclusäes )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
C:\Documents and Settings\All Users\Menu Iniciar\Online Security Guide.url
C:\Documents and Settings\All Users\Menu Iniciar\Security Troubleshooting.url
C:\WINDOWS\system32\drivers\svchost.exe
.
((((((((((((((((((((((( Ficheiros criados de 2008-03-20 to 2008-04-20 ))))))))))))))))))))))))))))))))
.
2008-04-07 19:36 . 2008-04-07 19:36 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-07 19:36 . 2008-04-07 19:36 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-21 21:22 . 2008-03-21 21:22 <DIR> d-------- C:\WINDOWS\system32\xir
2008-03-21 21:22 . 2008-03-21 21:22 <DIR> d-------- C:\WINDOWS\system32\pex3
2008-03-21 21:22 . 2008-03-21 21:22 <DIR> d-------- C:\WINDOWS\system32\imd4
2008-03-21 21:21 . 2008-03-24 17:27 <DIR> d-------- C:\WINDOWS\system32\aqVreo01
.
((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-04-20 12:31 --------- d-----w C:\Documents and Settings\Teresa Calado\Application Data\MegauploadToolbar
2008-04-20 12:22 --------- d-----w C:\Documents and Settings\Teresa Calado\Application Data\AVG7
2008-04-13 18:47 --------- d-----w C:\Programas\MSN Messenger
2008-04-13 18:47 --------- d-----w C:\Programas\Messenger Plus! Live
2008-03-25 19:05 --------- d-----w C:\Programas\Ficheiros comuns\Adobe
2008-03-25 18:58 --------- d-----w C:\Documents and Settings\Teresa Calado\Application Data\AdobeUM
2008-03-19 17:06 --------- d-----w C:\Programas\eMule
2008-03-06 12:26 --------- d-----w C:\Programas\Java
2008-02-25 23:05 --------- d-----w C:\Programas\Real
2008-02-25 23:05 --------- d-----w C:\Programas\Ficheiros comuns\xing shared
2008-02-25 23:04 --------- d-----w C:\Programas\Ficheiros comuns\Real
2001-11-23 04:08 712,704 ----a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
2007-02-10 16:02 848 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((( snapshot@2008-03-26_14.01.11,10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-04 14:14:33 2,560 ----a-w C:\WINDOWS\_MSRSTRT.EXE
+ 2008-04-20 12:42:32 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2000-08-31 08:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2005-10-20 19:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE
+ 2000-08-31 07:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe
+ 2000-08-31 07:00:00 80,412 ----a-w C:\WINDOWS\grep.exe
- 2000-08-31 08:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2000-08-31 07:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe
+ 2005-08-04 22:24:54 2,072 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\SkuStore. bin
+ 2000-08-31 07:00:00 98,816 ----a-w C:\WINDOWS\sed.exe
+ 2000-08-31 07:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe
+ 2000-08-31 07:00:00 136,704 ----a-w C:\WINDOWS\swsc.exe
+ 2000-08-31 07:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe
+ 2001-11-20 12:00:00 2,000 ----a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2001-11-20 12:00:00 2,032 ----a-w C:\WINDOWS\system\MOUSE.DRV
+ 2001-11-20 12:00:00 1,744 ----a-w C:\WINDOWS\system\SOUND.DRV
+ 2001-11-20 12:00:00 2,176 ----a-w C:\WINDOWS\system\VGA.DRV
- 2008-03-26 13:33:22 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\i ndex.dat
+ 2008-04-13 18:40:20 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\i ndex.dat
- 2008-03-26 13:33:22 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Definiçõe s locais\Histórico\History.IE5\index.dat
+ 2008-04-13 18:40:20 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Definiçõe s locais\Histórico\History.IE5\index.dat
- 2008-03-26 13:51:52 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.da t
+ 2008-04-20 12:33:39 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.da t
+ 2001-08-17 20:01:16 2,816 -c--a-w C:\WINDOWS\system32\dllcache\drmkaud.sys
+ 2001-11-20 12:00:00 2,000 -c--a-w C:\WINDOWS\system32\dllcache\keyboard.drv
+ 2001-11-20 12:00:00 2,560 -c--a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2001-11-20 12:00:00 2,032 -c--a-w C:\WINDOWS\system32\dllcache\mouse.drv
+ 2001-11-20 12:00:00 2,944 -c--a-w C:\WINDOWS\system32\dllcache\null.sys
+ 2001-11-20 12:00:00 1,744 -c--a-w C:\WINDOWS\system32\dllcache\sound.drv
+ 2001-11-20 12:00:00 2,176 -c--a-w C:\WINDOWS\system32\dllcache\vga.drv
+ 2001-11-20 12:00:00 2,864 -c--a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2001-11-20 12:00:00 2,112 -c--a-w C:\WINDOWS\system32\dllcache\winspool.exe
+ 2001-11-20 12:00:00 2,736 -c--a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
+ 2006-05-19 21:16:24 2,432 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
+ 2006-05-19 21:16:24 2,560 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
+ 2001-08-17 20:01:16 2,816 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
+ 2001-11-20 12:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
+ 2001-11-20 12:00:00 2,000 ----a-w C:\WINDOWS\system32\keyboard.drv
+ 2001-11-20 12:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
+ 2001-11-20 12:00:00 2,032 ----a-w C:\WINDOWS\system32\mouse.drv
- 2008-01-18 14:32:30 40,836 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-03-30 12:35:35 40,836 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-01-18 14:32:30 52,400 ----a-w C:\WINDOWS\system32\perfc016.dat
+ 2008-03-30 12:35:35 52,400 ----a-w C:\WINDOWS\system32\perfc016.dat
- 2008-01-18 14:32:30 314,508 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-03-30 12:35:35 314,508 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-01-18 14:32:30 362,420 ----a-w C:\WINDOWS\system32\perfh016.dat
+ 2008-03-30 12:35:35 362,420 ----a-w C:\WINDOWS\system32\perfh016.dat
+ 2001-11-20 12:00:00 1,744 ----a-w C:\WINDOWS\system32\sound.drv
+ 2006-10-27 12:17:24 2,368 ----a-w C:\WINDOWS\system32\SVKP.sys
+ 2001-11-20 12:00:00 2,176 ----a-w C:\WINDOWS\system32\vga.drv
+ 2001-11-20 12:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
+ 2001-11-20 12:00:00 2,112 ----a-w C:\WINDOWS\system32\winspool.exe
+ 2001-11-20 12:00:00 2,736 ----a-w C:\WINDOWS\system32\wowdeb.exe
+ 2000-08-31 07:00:00 49,152 ----a-w C:\WINDOWS\VFind.exe
+ 2000-08-31 07:00:00 68,096 ----a-w C:\WINDOWS\zip.exe
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-11-20 13:00 13312]
"msnmsgr"="C:\Programas\MSN Messenger\msnmsgr.exe" [2007-01-19 13:54 5674352]
"SVCHOST.EXE"="C:\WINDOWS\System32\drivers\svchost .exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"VTTimer"="VTTimer.exe" [2004-10-22 04:53 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-01-11 00:33 143360 C:\WINDOWS\system32\VTTrayp.exe]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 11:20 77824 C:\WINDOWS\SOUNDMAN.EXE]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40 2577632]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.e xe" [2001-07-09 11:50 155648]
"iTunesHelper"="C:\Programas\iTunes\iTunesHelper.e xe" [2006-02-23 16:45 278528]
"QuickTime Task"="C:\Programas\QuickTime\qttask.exe" [2006-06-02 12:20 282624]
"Cmaudio"="cmicnfg.cpl" []
"SunJavaUpdateSched"="C:\Programas\Java\jre1.6.0_0 5\bin\jusched.exe" [2008-02-22 05:25 144784]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-15 12:29 579584]
"TkBellExe"="C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe" [2008-02-26 00:03 185896]
"Adobe Reader Speed Launcher"="C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-11-20 13:00 13312]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-12-26 18:57 219136]
C:\Documents and Settings\Teresa Calado\Menu Iniciar\Programas\Arranque\
Ferramenta de Verifica‡Æo de M¡dia do Cyber-shot Viewer.lnk - C:\Programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2006-07-28 22:21:00 155648]
C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\
VIA RAID TOOL.lnk - C:\Programas\VIA\RAID\raid_tool.exe [2005-08-04 22:45:17 565248]
WinZip Quick Pick.lnk - C:\Programas\WinZip\WZQKPICK.EXE [2005-08-05 23:31:10 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
R2 SVKP;SVKP;C:\WINDOWS\System32\SVKP.sys [2006-10-27 13:17]
S2 DP1112
P1112;C:\WINDOWS\System32\Drivers\DP.sys []
S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\System32\PavSRK.s ys []
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Conte£do da pasta 'Tarefas Agendadas'
"2008-03-21 17:17:07 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Programas\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-04-01 00:00:00 C:\WINDOWS\Tasks\At26.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At27.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At28.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At29.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At30.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At31.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At32.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At33.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At34.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-03-28 10:00:01 C:\WINDOWS\Tasks\At35.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-18 10:00:01 C:\WINDOWS\Tasks\At36.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-18 11:00:00 C:\WINDOWS\Tasks\At37.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-18 12:00:00 C:\WINDOWS\Tasks\At38.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-18 13:00:00 C:\WINDOWS\Tasks\At39.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-18 14:00:04 C:\WINDOWS\Tasks\At40.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-17 15:00:00 C:\WINDOWS\Tasks\At41.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-17 16:00:00 C:\WINDOWS\Tasks\At42.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-17 17:00:00 C:\WINDOWS\Tasks\At43.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-17 18:00:00 C:\WINDOWS\Tasks\At44.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-17 19:00:00 C:\WINDOWS\Tasks\At45.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-19 20:00:00 C:\WINDOWS\Tasks\At46.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-19 21:00:02 C:\WINDOWS\Tasks\At47.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-04-19 22:00:00 C:\WINDOWS\Tasks\At48.job"
- C:\WINDOWS\System32\o83Gmp01.exe
.
************************************************** ************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-04-20 13:43:12
Windows 5.1.2600 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializ veis ocultas ...
Procurando ficheiros ocultos ...
Varredura completada com sucesso
Ficheiros ocultos: 95
************************************************** ************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\v sdatant]
"ImagePath"=""
.
------------------------ Other Running Processes ------------------------
.
C:\Programas\Sygate\SPF\Smc.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programas\iPod\bin\iPodService.exe
.
************************************************** ************************
.
Tempo para conclusÆo: 2008-04-20 13:53:30 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-20 12:53:21
ComboFix2.txt 2008-03-26 14:01:37
ComboFix3.txt 2008-02-20 01:05:58
Pre-Run: 4,482,146,304 bytes livres
Post-Run: 5,133,553,664 bytes livres
216
HJT log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:54:52, on 20-04-2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\VTTimer.exe
C:\WINDOWS\System32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programas\iTunes\iTunesHelper.exe
C:\Programas\QuickTime\qttask.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Programas\Java\jre1.6.0_05\bin\jusched.exe
C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programas\MSN Messenger\msnmsgr.exe
C:\Programas\VIA\RAID\raid_tool.exe
C:\Programas\iPod\bin\iPodService.exe
C:\Programas\WinZip\WZQKPICK.EXE
C:\Programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\explorer.exe
C:\Programas\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programas\MegauploadToolbar\megauploadtoolbar.d ll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Programas\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programas\MegauploadToolbar\megauploadtoolbar.d ll
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Programas\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programas\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_05\bin\jusched.exe "
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\System32\drivers\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ferramenta de Verificação de Mídia do Cyber-shot Viewer.lnk = C:\Programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Programas\VIA\RAID\raid_tool.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programas\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/wind...?1198687186843
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://download.macromedia.com/pub/...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B64F3E3-5868-4FF7-AAAD-D206FEA34C21}: NameServer = 85.255.116.171,85.255.112.179
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD19D259-31D4-4F8B-AE93-284CEB45E1C2}: NameServer = 85.255.116.171,85.255.112.179
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.171 85.255.112.179
O17 - HKLM\System\CS1\Services\Tcpip\..\{3B64F3E3-5868-4FF7-AAAD-D206FEA34C21}: NameServer = 85.255.116.171,85.255.112.179
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.171 85.255.112.179
O17 - HKLM\System\CS2\Services\Tcpip\..\{3B64F3E3-5868-4FF7-AAAD-D206FEA34C21}: NameServer = 85.255.116.171,85.255.112.179
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.171 85.255.112.179
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programas\iPod\bin\iPodService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programas\Sygate\SPF\smc.exe
--
End of file - 7302 bytes
PC Help Forum
» Operating Systems
» Windows XP/2000
»
Something is wrong here ...
Something is wrong here ...
Linear Mode
