Jump to content


Photo

Csrcs.exe Não Encontrado Na Inicialização Do Pc

Started By canab, 15/08/2009, 16:57

  • This topic is locked This topic is locked
8 replies to this topic

#1 canab

canab

    Novato no fórum

  • Usuários
  • 4 posts
  • Sexo:Não informado

Posted 15/08/2009, 16:57

Estou tendo um problema na inicialização do pc. Quando Ligo aparece essa msg que o windows nao consegue localizar o arquivo csrcs.exe. Isso aconteceu depois que o avg detectou um trojan

segue o arquivo do Hijack


Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\ARQUIV~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe
C:\ARQUIV~1\AVG\AVG8\avgrsx.exe
C:\Arquivos de programas\Arquivos comuns\BinarySense\hldasvc.exe
C:\Arquivos de programas\Arquivos comuns\BinarySense\hldasvc.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\ARQUIV~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\HijackThis\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsof...ss/allinone.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B367FB38-A687-422D-A1B7-87770D18B85B}: NameServer = 201.7.225.31,201.7.225.32
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Arquivos de programas\Arquivos comuns\BinarySense\hlAPP.dll" (file missing)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Arquivos de programas\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Arquivos de programas\Arquivos comuns\BinarySense\hldasvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Arquivos de programas\Arquivos comuns\SolidWorks Shared\Service\SolidWorksLicensing.exe

--
End of file - 7183 bytes


se for de alguma ajuda tenho como sistema windows Xp e a versao do hijack é a 2.2

vlw

#2 Leone Fernandes

Leone Fernandes

    (y)

  • Usuários
  • 585 posts
  • Sexo:Masculino
  • Localidade:Belo Horizonte - MG

Posted 16/08/2009, 00:13

Selecione as entradas abaixo e clique em Fix Checked.

[X] - F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
[?] - O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
[N] - O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
[?] - O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Arquivos de programas\AskBarDis\bar\bin\askBar.dll
[X] - O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
[?] - O17 - HKLM\System\CCS\Services\Tcpip\..\{B367FB38-A687-422D-A1B7-87770D18B85B}: NameServer = 201.7.225.31,201.7.225.32


Baixe o ComboFix em: Combofix

1) Acesse a guia a seguir para saber como usar o Combofix:
http://www.bleepingc...usar-o-combofix
2) Preciso que você cole o conteúdo do ComboFix.txt em sua próxima resposta, juntamente com um novo log do HijackThis.

Edição feita por: Leone Fernandes, 16/08/2009, 00:13.


#3 canab

canab

    Novato no fórum

  • Usuários
  • 4 posts
  • Sexo:Não informado

Posted 20/08/2009, 16:21

dei o fix com o hijack e logo apos rodei o combo fix como solicitado
pelo que parece o problema do csrcs.exe acabou, pois a msg nao aparece mais
mas agora a conexao da net nao funciona..
tenho net em 2 pontos da casa, uma funciona normalmente e a do pc q estava com o problema nao.
ja tentei trocar manualmente as redes e nada
até nao estou postando os log files por estar em outro pc para responder o forum.
alguma dica?

#4 Beraldinho

Beraldinho

    12 Horas

  • Usuários
  • 186 posts
  • Sexo:Masculino
  • Interesses:Amizade

Posted 20/08/2009, 16:25

dei o fix com o hijack e logo apos rodei o combo fix como solicitado
pelo que parece o problema do csrcs.exe acabou, pois a msg nao aparece mais
mas agora a conexao da net nao funciona..
tenho net em 2 pontos da casa, uma funciona normalmente e a do pc q estava com o problema nao.
ja tentei trocar manualmente as redes e nada
até nao estou postando os log files por estar em outro pc para responder o forum.
alguma dica?


Já verificou o cabo de entrada da internet??
"Guerreiro que está na frente lutando e nunca volta pra trás, o pode, a unção, a majestade seja dada totalmente para Jesus Cristo, porque ele é o Rei do Exércitos, e eu pertenço a esse exército, sou Guerreiro de Jesus, que luta contra o inimigo e nunca abaixa a cabeça, pode vim os problemas que sempre vou vencer. Te amo Jesus!" Venha você também conhecer Jesus Cristo, Ele morreu por você na cruz.

#5 Allex Severino

Allex Severino

    Será?!?!?!

  • Usuários
  • 793 posts
  • Sexo:Masculino
  • Localidade:São Luís de Montes Belos - GO

Posted 20/08/2009, 22:16

Tente também verificicar se não foi alterado o IP de seu computador.
Meu post lhe ajudou? Clicar no Posted Image é uma das formas de agradecer.

#6 Leone Fernandes

Leone Fernandes

    (y)

  • Usuários
  • 585 posts
  • Sexo:Masculino
  • Localidade:Belo Horizonte - MG

Posted 21/08/2009, 22:04

O problema parece ser no DNS, pode postar aqui a imagem com as propriedades do TCP/IP da sua conexão?


#7 canab

canab

    Novato no fórum

  • Usuários
  • 4 posts
  • Sexo:Não informado

Posted 24/08/2009, 16:53

O problema parece ser no DNS, pode postar aqui a imagem com as propriedades do TCP/IP da sua conexão?


Pois é, o problema estava no DNS, por algum motivo foi desabilitado. Aparentemente agora parece que está tudo ok.

Obrigado pela ajuda gurizada

segue o arquivo do combofix e do HIjack:

ComboFix 09-08-10.06 - Administrador 17/08/2009 14:03.1.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.3325.2862 [GMT -3:00]
Executando de: c:\documents and settings\Administrador\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

ATENÇAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\2a6247.msp
c:\windows\jestertb.dll

.
(((((((((((((((( Arquivos/Ficheiros criados de 2009-07-17 to 2009-08-17 ))))))))))))))))))))))))))))
.

2009-08-13 18:18 . 2009-08-17 16:40 -------- d-----w- C:\HijackThis
2009-08-10 01:45 . 2008-09-24 15:32 626 ----a-w- C:\sw2009.reg
2009-08-10 01:34 . 2009-08-11 22:23 -------- d-----w- c:\arquivos de programas\Arquivos comuns\SolidWorks Shared
2009-08-10 01:34 . 2009-08-10 01:34 -------- d-----w- c:\arquivos de programas\Arquivos comuns\eDrawings2009
2009-08-10 01:33 . 2009-08-11 22:23 -------- d-----w- c:\arquivos de programas\Arquivos comuns\DWGpartner
2009-08-10 01:33 . 2009-08-10 01:33 -------- d-----w- C:\Solidworks Data
2009-08-07 23:11 . 2009-08-07 23:11 -------- d--h--w- c:\windows\PIF
2009-08-03 01:38 . 2009-08-03 01:38 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\DAEMON Tools Pro
2009-08-01 23:17 . 2009-08-01 23:17 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\Ubisoft
2009-08-01 20:28 . 2009-08-01 20:28 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-08-01 20:28 . 2009-08-01 20:28 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-08-01 20:28 . 2009-03-09 18:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-08-01 20:28 . 2009-03-09 18:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-08-01 20:28 . 2009-03-16 17:18 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-08-01 20:28 . 2009-03-16 17:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-08-01 20:28 . 2009-03-09 18:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-08-01 20:28 . 2009-03-16 17:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-08-01 20:28 . 2009-03-16 17:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-08-01 20:28 . 2008-10-15 09:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-08-01 20:28 . 2008-10-15 09:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2009-08-01 20:27 . 2008-10-15 10:03 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2009-08-01 20:27 . 2008-10-15 10:03 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2009-08-01 20:27 . 2008-10-15 09:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2009-08-01 20:27 . 2008-10-15 10:03 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2009-08-01 20:27 . 2008-10-15 10:03 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2009-08-01 20:27 . 2008-07-30 09:20 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2009-08-01 20:27 . 2008-07-30 09:20 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2009-08-01 20:27 . 2008-07-30 09:20 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2009-08-01 20:27 . 2008-07-10 14:01 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-08-01 20:27 . 2008-07-10 14:00 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-08-01 20:27 . 2008-07-10 14:00 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-08-01 20:23 . 2009-08-01 20:23 -------- d-----w- c:\arquivos de programas\Ubisoft
2009-07-31 17:37 . 2009-07-31 17:41 -------- d-----w- c:\windows\system32\Adobe
2009-07-29 17:52 . 2009-07-29 17:52 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\VitySoft
2009-07-29 17:49 . 2009-07-29 17:49 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-29 17:49 . 2009-07-29 17:49 -------- d-----w- c:\arquivos de programas\Java
2009-07-29 17:49 . 2009-07-29 17:49 152576 ----a-w- c:\documents and settings\Administrador\Dados de aplicativos\Sun\Java\jre1.6.0_14\lzma.dll
2009-07-28 20:59 . 2009-07-28 20:59 -------- d--h--r- c:\documents and settings\Administrador\Dados de aplicativos\SecuROM
2009-07-28 20:59 . 2009-07-28 20:59 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-07-28 20:55 . 2009-07-28 20:55 -------- d-----w- C:\d8d033e98f8fbab535
2009-07-28 20:55 . 2009-07-28 20:55 -------- d-----w- C:\e2eee2fdc6aa09924aa490
2009-07-28 20:55 . 2009-07-28 20:55 -------- d-----w- c:\windows\system32\xlive
2009-07-28 20:55 . 2009-07-29 17:15 -------- d-----w- c:\arquivos de programas\Microsoft Games for Windows - LIVE
2009-07-27 01:47 . 2007-04-04 21:55 261480 ----a-w- c:\windows\system32\xactengine2_7.dll
2009-07-27 01:43 . 2009-07-27 01:43 -------- d--h--w- c:\arquivos de programas\Zero G Registry
2009-07-27 01:43 . 2009-07-27 01:43 -------- d-----w- c:\arquivos de programas\Sports Interactive
2009-07-27 01:42 . 2009-07-27 01:42 -------- d--h--w- c:\documents and settings\Administrador\InstallAnywhere
2009-07-27 01:40 . 2009-07-27 01:40 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DAEMON Tools Lite
2009-07-27 01:40 . 2009-07-27 01:40 -------- d-----w- c:\arquivos de programas\DAEMON Tools Toolbar
2009-07-26 23:58 . 2009-07-26 23:58 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-26 23:58 . 2009-07-27 01:42 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\DAEMON Tools Lite

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-17 16:19 . 2009-07-14 22:19 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP
2009-08-15 15:21 . 2009-06-24 11:54 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-15 15:21 . 2009-06-24 11:54 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-15 15:21 . 2009-06-24 11:54 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-12 23:53 . 2009-06-24 11:54 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\avg8
2009-08-11 22:31 . 2009-06-22 01:22 -------- d-----w- c:\arquivos de programas\SolidWorks
2009-08-11 22:29 . 2009-06-24 13:04 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\SolidWorks
2009-08-11 22:24 . 2009-06-24 11:48 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help
2009-08-03 03:21 . 2009-06-23 15:40 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\BitTorrent
2009-08-03 01:30 . 2008-04-14 12:00 76414 ----a-w- c:\windows\system32\perfc016.dat
2009-08-03 01:30 . 2008-04-14 12:00 465986 ----a-w- c:\windows\system32\perfh016.dat
2009-08-03 01:20 . 2009-06-24 11:35 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information
2009-07-27 02:00 . 2009-07-27 01:48 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\Sports Interactive
2009-07-27 01:57 . 2009-07-27 01:48 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Sports Interactive
2009-07-14 22:19 . 2009-07-14 22:19 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\BinarySense
2009-07-09 17:47 . 2009-07-02 20:24 -------- d-----w- c:\arquivos de programas\PokerStars
2009-07-03 16:08 . 2009-07-03 16:08 696 ----a-w- c:\documents and settings\Administrador\haspemul.reg
2009-07-03 15:43 . 2009-07-03 15:43 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\InstallShield
2009-07-03 15:43 . 2009-07-03 15:43 -------- d-----w- c:\arquivos de programas\Codejock Software
2009-07-03 15:43 . 2009-07-03 15:43 -------- d-----w- c:\arquivos de programas\Arquivos comuns\WinMain
2009-07-03 15:43 . 2009-06-24 11:35 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield
2009-07-02 15:35 . 2009-07-02 15:35 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\CyberLink
2009-07-02 13:49 . 2009-07-02 13:49 -------- d-----w- c:\arquivos de programas\Microsoft
2009-07-02 13:49 . 2009-07-02 13:49 -------- d-----w- c:\arquivos de programas\Windows Live SkyDrive
2009-07-02 13:49 . 2009-06-24 12:08 -------- d-----w- c:\arquivos de programas\Windows Live
2009-07-02 13:35 . 2009-07-02 13:35 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Windows Live
2009-07-02 13:02 . 2009-07-02 13:02 -------- d-----w- c:\arquivos de programas\Belarc
2009-06-25 19:50 . 2009-06-25 19:50 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Wise Installation Wizard
2009-06-25 17:50 . 2009-06-25 17:50 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Hewlett-Packard
2009-06-25 13:00 . 2009-07-14 22:19 -------- d-----w- c:\arquivos de programas\Arquivos comuns\BinarySense
2009-06-24 19:23 . 2009-06-24 14:12 2516 --sha-w- c:\documents and settings\All Users\Dados de aplicativos\KGyGaAvL.sys
2009-06-24 19:23 . 2009-06-24 14:12 2516 --sha-w- c:\documents and settings\All Users\Dados de aplicativos\KGyGaAvL.sys
2009-06-24 17:12 . 2009-06-24 17:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DassaultSystemes
2009-06-24 17:12 . 2009-06-24 17:12 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\DassaultSystemes
2009-06-24 16:28 . 2009-06-24 16:27 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Macromedia
2009-06-24 16:27 . 2009-06-24 16:27 -------- d-----w- c:\arquivos de programas\Macromedia
2009-06-24 16:27 . 2009-06-24 16:27 45056 ----a-r- c:\documents and settings\Administrador\Dados de aplicativos\Microsoft\Installer\{91057632-CA70-413C-B628-2D3CDBBB906B}\ARPPRODUCTICON.exe
2009-06-24 16:27 . 2009-06-24 16:27 45056 ----a-r- c:\documents and settings\Administrador\Dados de aplicativos\Microsoft\Installer\{885A63EA-382B-4DD4-A755-14809B8557D6}\ARPPRODUCTICON.exe
2009-06-24 14:46 . 2009-06-24 14:46 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\SolidWorksNewsReader
2009-06-24 14:17 . 2009-06-24 12:00 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe
2009-06-24 14:12 . 2009-06-24 14:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Corel
2009-06-24 14:12 . 2009-06-24 14:12 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\Corel
2009-06-24 14:12 . 2009-06-24 14:12 8 --sh--r- c:\documents and settings\All Users\Dados de aplicativos\6823AD04CC.sys
2009-06-24 14:12 . 2009-06-24 14:12 8 --sh--r- c:\documents and settings\All Users\Dados de aplicativos\6823AD04CC.sys
2009-06-24 14:12 . 2009-06-24 14:12 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Protexis
2009-06-24 14:08 . 2009-06-24 14:08 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Corel
2009-06-24 14:08 . 2009-06-24 14:08 -------- d-----w- c:\arquivos de programas\Corel
2009-06-24 13:05 . 2009-06-24 13:05 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\DWGeditor
2009-06-24 13:00 . 2009-06-24 13:00 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Solidworks Data
2009-06-24 12:49 . 2009-06-24 12:04 -------- d-----w- c:\arquivos de programas\CyberLink
2009-06-24 12:40 . 2009-06-24 07:07 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-24 12:08 . 2009-06-24 12:08 -------- dcsh--w- c:\arquivos de programas\Arquivos comuns\WindowsLiveInstaller
2009-06-24 12:08 . 2009-06-24 12:08 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\WLInstaller
2009-06-24 12:06 . 2009-06-24 12:06 -------- d-----w- c:\arquivos de programas\Ahead
2009-06-24 12:06 . 2009-06-24 12:06 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Ahead
2009-06-24 12:05 . 2009-06-24 12:05 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DVD Shrink
2009-06-24 12:05 . 2009-06-24 12:05 -------- d-----w- c:\arquivos de programas\DVD Shrink
2009-06-24 12:05 . 2009-06-24 12:05 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\CyberLink
2009-06-24 12:04 . 2009-06-24 12:04 2678 ----a-w- c:\windows\java\Packages\Data\8RTJHN7Z.DAT
2009-06-24 12:04 . 2009-06-24 12:04 2678 ----a-w- c:\windows\java\Packages\Data\Y817T3XJ.DAT
2009-06-24 12:04 . 2009-06-24 12:04 2678 ----a-w- c:\windows\java\Packages\Data\UH3HJ397.DAT
2009-06-24 12:04 . 2009-06-24 12:04 2678 ----a-w- c:\windows\java\Packages\Data\TJJXFDBP.DAT
2009-06-24 12:04 . 2009-06-24 12:04 2678 ----a-w- c:\windows\java\Packages\Data\3XVDJP3L.DAT
2009-06-24 12:04 . 2009-06-24 12:04 2232 ----a-w- c:\windows\java\Packages\Data\1FN1JPFN.DAT
2009-06-24 12:04 . 2009-06-24 12:04 155995 ----a-w- c:\windows\java\Packages\6GUHFXR9.ZIP
2009-06-24 12:00 . 2009-06-24 12:00 -------- d-----w- c:\arquivos de programas\Marcos Velasco Security
2009-06-24 11:54 . 2009-06-24 11:54 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-06-24 11:54 . 2009-06-24 11:54 -------- d-----w- c:\arquivos de programas\AVG
2009-06-24 11:49 . 2009-06-24 11:49 -------- d-----w- c:\arquivos de programas\Microsoft Works
2009-06-24 11:49 . 2009-06-24 11:49 -------- d-----w- c:\arquivos de programas\MSBuild
2009-06-24 11:35 . 2009-06-24 11:35 -------- d-----w- c:\arquivos de programas\Realtek
2009-06-24 11:28 . 2009-06-24 11:28 -------- d-----w- c:\arquivos de programas\Intel
2009-06-24 07:08 . 2009-06-24 07:08 -------- d-----w- c:\arquivos de programas\microsoft frontpage
2009-06-24 07:07 . 2009-06-24 07:07 -------- d-----w- c:\arquivos de programas\Serviços on-line
2009-06-24 07:06 . 2009-06-24 07:06 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços
2009-06-24 07:05 . 2009-06-24 07:05 21844 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-23 23:24 . 2009-06-23 23:24 -------- d-----w- c:\arquivos de programas\BitTorrent Turbo Accelerator
2009-06-23 15:40 . 2009-06-23 15:40 -------- d-----w- c:\arquivos de programas\AskBarDis
2009-06-22 15:11 . 2009-06-22 15:11 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\CircuitWorks
2009-06-22 01:17 . 2009-06-21 15:33 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\SolidWorks
2009-06-22 01:04 . 2009-06-24 13:00 -------- d-----w- c:\arquivos de programas\Windows Desktop Search
2009-06-22 00:56 . 2009-06-22 00:56 -------- d-----w- c:\arquivos de programas\Microsoft Visual Studio 8
2009-06-22 00:56 . 2009-06-22 00:56 -------- d-----w- c:\arquivos de programas\Microsoft.NET
2009-06-22 00:53 . 2009-06-22 00:53 -------- d-----w- c:\arquivos de programas\MSECache
2009-06-22 00:45 . 2009-06-22 00:45 -------- d-----w- c:\arquivos de programas\Reference Assemblies
2009-06-21 15:54 . 2009-06-21 15:54 -------- d-----w- c:\documents and settings\Administrador\Dados de aplicativos\SolidWorks 2009
2009-06-21 15:33 . 2009-06-25 19:50 -------- d-----w- c:\arquivos de programas\AGEIA Technologies
2009-06-21 15:16 . 2009-06-24 13:03 -------- d-----w- c:\arquivos de programas\Arquivos comuns\eDrawings2007
2009-06-16 15:05 . 2009-06-24 11:34 53248 ----a-w- c:\windows\system32\CSVer.dll
.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\arquiv~1\AVG\AVG8\avgtray.exe" [2009-08-15 2007832]
"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2009-07-29 148888]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-09-17 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\arquivos de programas\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-15 15:21 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Administrador^Menu Iniciar^Programas^Inicializar^HDDlife.lnk]
path=c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\HDDlife.lnk
backup=c:\windows\pss\HDDlife.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Windows Desktop Search.lnk]
backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup
path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Windows Desktop Search.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"SolidWorks Licensing Service"=3 (0x3)
"RichVideo"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"=
"c:\\Arquivos de programas\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Central\\Programas\\BitTorrent\\bittorrent.exe"=
"c:\\Central\\Jogos\\Football Manager 2009\\fm.exe"=
"c:\\Central\\Jogos\\GTA IV\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Central\\Jogos\\GTA San Andreas\\Rockstar Games Social Club\\RGSCLauncher.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [24/06/2009 08:54 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [24/06/2009 08:54 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\arquiv~1\AVG\AVG8\avgwdsvc.exe [24/06/2009 08:54 297752]
R2 HDDlife HDD Access service;HDDlife HDD Access service;c:\arquivos de programas\Arquivos comuns\BinarySense\hldasvc.exe [24/04/2009 16:03 818840]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [24/06/2009 08:35 1684736]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\arquivos de programas\SolidWorks\swScheduler\DTSCoordinatorService.exe [24/06/2009 07:43 83240]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\arquivos de programas\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [23/09/2005 07:01 2799808]
.
- - - - ORFÃOS REMOVIDOS - - - -

WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - c:\arquivos de programas\AskBarDis\bar\bin\askBar.dll


.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com.br/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - c:\arquivos de programas\Arquivos comuns\BinarySense\hlAPP.dll
DPF: Microsoft XML Parser for Java
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-17 14:07
Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso
arquivos/ficheiros ocultos: 0

**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-1202660629-2111687655-682003330-500\Software\SecuROM\License information*]
"datasecu"=hex:4f,0e,c9,7c,99,ed,ba,10,62,80,1f,3e,1f,17,56,63,32,b4,bf,8e,6e,
85,9f,51,03,ee,63,82,c6,1f,b3,ed,2a,30,5d,38,49,b3,0b,be,96,60,c8,d3,e0,fd,\
"rkeysecu"=hex:d3,3d,4b,f0,89,53,a7,46,85,a3,2c,96,35,f4,56,fc
.
Tempo para conclusão: 2009-08-17 14:07
ComboFix-quarantined-files.txt 2009-08-17 17:07

Pré-execução: 11 pasta(s) 418.922.184.704 bytes disponíveis
Pós execução: 11 pasta(s) 421.438.824.448 bytes disponíveis

247



LOG DO HIJACK

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:52:09, on 24/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\ARQUIV~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe
C:\ARQUIV~1\AVG\AVG8\avgrsx.exe
C:\ARQUIV~1\AVG\AVG8\avgnsx.exe
C:\Arquivos de programas\Arquivos comuns\BinarySense\hldasvc.exe
C:\Arquivos de programas\Arquivos comuns\BinarySense\hldasvc.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B367FB38-A687-422D-A1B7-87770D18B85B}: NameServer = 201.7.225.31,201.7.225.32
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Arquivos de programas\Arquivos comuns\BinarySense\hlAPP.dll" (file missing)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - C:\Arquivos de programas\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Arquivos de programas\Arquivos comuns\BinarySense\hldasvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Arquivos de programas\Arquivos comuns\SolidWorks Shared\Service\SolidWorksLicensing.exe

--
End of file - 6312 bytes

#8 Leone Fernandes

Leone Fernandes

    (y)

  • Usuários
  • 585 posts
  • Sexo:Masculino
  • Localidade:Belo Horizonte - MG

Posted 24/08/2009, 22:36

- O logfile está limpo. :D
- Recomendo uma manutenção no computador para exclusão dos arquivos temporários, desnecessários e entradas inválidas no registro.

Faça o download do CCleaner:
  • Clique em Salvar e quando terminado o download, faça a instalação;
  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Registro > Procurar erros > Corrigir erros selecionados.
- Se o tudo está ok, diga que o problema está resolvido.
Abraços.


#9 Leone Fernandes

Leone Fernandes

    (y)

  • Usuários
  • 585 posts
  • Sexo:Masculino
  • Localidade:Belo Horizonte - MG

Posted 27/08/2009, 21:21

Problema Resolvido!

Caso o autor necessite que seu tópico seja reaberto, entrar em contato com a equipe de moderação.


Voltar para Casos Solucionados


1 user(s) are reading this topic

0 membro(s), 1 visitante(s) e 0 membros anônimo(s)

  1. Fórum WMO
  2. Troubleshooting - resolvendo problemas
  3. Segurança
  4. Remoção de Pragas Virtuais
  5. Casos Solucionados
  6. Privacy Policy
  7. Regras ·
IPB Skin By Virteq