Weird System Config Erros - Boa Geek Desafio! X3

GMB · #1 25 de janeiro de 2008, 17:47

Assim, em um discussão sobre um site diferente, Eu estava tentando se livrar de um corredor de erro, e foi dado alguns conselhos para ir em Executar e editar o arranque coisa e un-clique na opção Atualizações da HP. Eu fiz isso, e que resolveu o problema, mas agora fico com isto:

Tentei um monte de coisas diferentes, mas geralmente apenas piorar as coisas. Aqui está o que a inicialização coisa parece agora:

e

Alguém sugeriu que poderia ser vírus-relacionados. Eu fiz encontrar um trojan, mas foi facilmente tratada, mas ainda estou recebendo erros.

Eu sei que isto é muito, mas é realmente a começar a abrandar bastante tudo e é só me dar inferno quando eu tentar arranjar alguma coisa. Qualquer ajuda seria muito apreciada.

**evilfantasy** · #2 25 de janeiro de 2008, 18:29

Vá e alterá-lo para modo de arranque normal.

Instalar StartUp Tool

Abra a ferramenta direita e clique em qualquer coisa que você já não deseja executar na inicialização, em seguida, escolher Remover.

Qual é fqvcil?

GMB · #3 25 de janeiro de 2008, 18:45

Honestamente, eu não tenho idéia. Estou muito mal com os computadores, por isso eu nem sequer sei o que a maioria das coisas que significa. x3 eu tinha sobre ela antes Normal, e ainda estava a fazê-lo, mas deixe-me verificar que a ferramenta e reinicie e veja se isso ajuda.

Muito obrigado pelo conselho, pelo caminho. :) Eu agradeço.

**evilfantasy** · #4 25 de janeiro de 2008, 18:50

Essa entrada não parecem corretas. Permite ter um olhar mais atento.

Download e renomear HijackThis (HJT)

Dê um duplo clique sobre HJTInstall.
Clique sobre a Instalar botão.
Será automaticamente no lugar HJT C: \ Program Files \ TrendMicro \ HijackThis \ HijackThis.exe.
Após a instalação, HijackThis deve abrir para você.
- Fechar HijackThis e renomeá-lo.
- Vá para C: \ Program Files \ Trend Micro \HijackThis.exe
- Clique direito sobre HijackThis.exe e selecione Renomeie.
- Tipo de sniper.exe e pressione Digite.
- Botão direito do mouse ligado sniper.exe e selecione Enviar para > Desktop (criar atalho)
Na área de trabalho aberto HiajckThis.
Se utilizar o Windows Vista, certifique-se de Executar como administrador
Clique sobre a Faça um sistema de digitalizar e salvar um arquivo de log botão
HijackThis fará a varredura e, em seguida, será aberto um log no Bloco de Notas.
Copie e cole o log na sua postagem.
- Não HijackThis correção tem nada ainda. A maior parte do que ele encontra serão inofensivos ou mesmo exigido.

Mesmo que temos HijackThis renomeado para sniper, vamos ainda se referem a ele como HijackThis ou HJT.

GMB · #5 25 de janeiro de 2008, 19:07

Uau ... isso é um monte de coisas.

Logfile da Trend Micro HijackThis v2.0.2
Scan guardado em 9:05:38, em 1/25/2008
Plataforma: Windows XP SP2 (WinNT 5/01/2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Executando processos:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ ewido \ security suite \ ewidoctrl.exe
c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ Mdm.exe
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeper.exe
C: \ WINDOWS \ system32 \ Dllhost.exe
C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe
C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ windows \ system \ hpsysdrv.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ ALCMTR.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Arquivos de Programas \ Winamp \ winampa.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Program Files \ QuickTime \ QTTask.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Program Files \ interMute \ SpySubtract \ SpySub.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ AIM \ aim.exe
C: \ Program Files \ BitLord \ BitLord.exe
C: \ Arquivos de Programas \ Winamp \ winamp.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ SSU.EXE
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no arquivo)
F2 - REG: system.ini: UserInit = C: \ WINDOWS \ system32 \ userinit.exe, hvtjsqo. exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ SpyBot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: HP vista - (B2847E28-5D7D-4DEB-8B67-05D28BCF79F5) - c: \ Program Files \ HP \ Digital Imaging \ bin \ HPDTLK02.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Arquivos de Programas \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [fiasij] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [engenheiro de gravação de som] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Reminder] "C: \ Windows \ Creator \ Remind_XP.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ windows \ system \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HPHUPD06] "c: \ Program Files \ HP \ (AAC4FC36-8F89-4587-8DD3-EBC57C83374D) \ hphupd06.exe"
O4 - HKLM \ .. \ Run: [HPHmon06] C: \ WINDOWS \ system32 \ hphmon06.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Property Page Shortcut] Hdaudpropshortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [ITipo] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Arquivos de Programas \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [Spysweeper] C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe / startintray
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [bfhuj] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run
O4 - HKCU \ .. \ Run: [swg] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [bfhuj] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [swg] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe" (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.exe (User '? ')
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background (User '? ")
O4 - S-1-5-21-2639814213-3213438571-147013170-1008 Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe (User '? ")
O4 - Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Program Files \ interMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Actualizações de HP.lnk = C: \ Program Files \ Updates da HP \ 309731 \ Programas \ Updates de HP.exe
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O12 - Plugin for. Spop: C: \ Arquivos de Programas \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6A344D34-5231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / ActiveX / symdlmgr.cab
O16 - DPF: (DBFF771D-3F92-4C70-9978-508738536F38) (CSConn Classe) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
O16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (CCProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: ewido segurança suite control - ewido networks - C: \ Program Files \ ewido \ security suite \ ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeper.exe

--
Fim do arquivo - 14608 bytes

**evilfantasy** · #6 25 de janeiro de 2008, 19:33

Abrir HJT e seleccione Faça um sistema de verificação só em seguida, colocar uma marca de verificação ao lado:

F2 - REG: system.ini: UserInit = C: \ WINDOWS \ system32 \ userinit.exe, hvtjsqo. exe

Feche todas as janelas exceto para HJT, em seguida, clique em Fix controlados.

----------

Baixar ViewpointKiller

Descompacte o programa e todos os componentes da ViewpointKiller.zip para uma localização como a sua área de trabalho.
Dê um clique duplo no ícone para executar ViewpointKiller ViewpointKiller.exe.
Selecione o Arquivo menu, e seleccione Verifique para ver se você tiver instalado Viewpoint.
Se ViewpointKiller indica que qualquer uma das variantes Viewpoint estão instalados, seleccione o correcto Matar opção no Arquivo menu.

Siga as instruções e as instruções muito cuidadosamente, respondendo Sim ou Não dependendo da opção que você está mais confortável.
O Msconfig instruções são muito importantes, por isso não deixe de lê-las cuidadosamente.

Nota: Quando feito com ViewpointKiller clique direito e apagar todos os arquivos que foram unzipped.

----------

Faça o download do Combofix por subcategorias de um dos links abaixo.
(Experimente todos os três, se necessário)

IMPORTANTE - Combofix.exe DEVE ser guardadas até à sua Desktop.

Feche todos os browsers abertos. (Firefox, Internet Explorer, etc)
Fechar / desativar todos os anti virus e anti malware programas para que não interfiram com Combofix. <- IMPORTANTE
- Clique em este link para ver uma lista dos programas que devem ser desativados e como desativá-los. Se o seu caso não está listado e você não sabe como desativá-lo, por favor, pergunte.
Dê um clique duplo combofix.exe e siga as instruções.
- A partir do teclado selecione 1 e pressione Digite
Quando terminar, ela irá produzir um log para você.
Post que a log na sua próxima resposta.

Não mouseclick combofix da janela enquanto está a rodar.
O scan irá desativar temporariamente seu desktop.
Se interrompida, pode deixar o seu computador congelado.
Se isto ocorrer, por favor, reinicie para restaurar a área de trabalho.

----------

Próximo post adicione
Combofix log

**evilfantasy** · #7 25 de janeiro de 2008, 19:37

Transferido para o vírus, spyware e Segurança fórum.

GMB · #8 25 de janeiro de 2008, 21:15

Temos um êxito parcial! Algo que eu não trabalhava. Não tem a certeza que era um, mas é um começo. Eu reiniciado após o ComboFix foi feito, e agora todos os outros erros sumiram, só agora que estou recebendo esta:

Eu já vi isso antes, mas não me lembro como eu fixo ele.

Aqui está o arquivo de log do ComboFix:

ComboFix 08-01-23.1C - HP_Administrator 2008-01-25 22:50:00.1 - NTFSx86

Executando de: C: \ Documents and Settings \ HP_Administrator \ Desktop \ ComboFix.exe
.

((((((((((((((((((((((((( Arquivos criados a partir de 2007/12/26 a 2008/01/26 ))))))))))) ))))))))))))))))))))
.

2008/01/25 22:48. 2000/08/31 08:00 51,200 - a ------ C: \ WINDOWS \ Nircmd.exe
2008/01/25 21:01. 2008/01/25 21:01 <dir> d -------- C: \ Program Files \ Trend Micro
2008/01/23 18:27. 2008/01/23 18:27 <dir> d -------- C: \ Program Files \ DivX
2008/01/21 01:48. 2008/01/21 01:48 <dir> d -------- C: \ WINDOWS \ «AøŽ O'-ø
2008/01/21 01:48. 2008/01/21 01:48 <dir> d -------- C: \ MOON PARROT
2008/01/04 00:51. 2008/01/04 00:53 <dir> d -------- C: \ Arquivos de Programas \ Winamp
2008/01/04 00:50. 2008/01/04 00:50 8759168 - a ------ C: \ Program Files \ winamp551_full_emusic-7plus_en-us.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008/01/26 03:38 --------- d ----- w C: \ Program Files \ Viewpoint
2008/01/26 03:06 --------- d ----- w C: \ Program Files \ Hewlett-Packard
2008/01/25 16:55 --------- d ----- w C: \ Program Files \ Norton Internet Security
2008/01/25 12:16 --------- d ----- w C: \ Program Files \ Common Files \ Symantec Shared
2008/01/22 03:23 --------- d ----- w C: \ Program Files \ LimeWire
2008-01-19 23:36 164 ---- aw C: \ install.dat
2008/01/19 23:35 --------- d ----- w C: \ Program Files \ Webroot
2008/01/05 01:56 1.526.640 ---- aw C: \ WINDOWS \ WRSetup.dll
2008/01/05 01:34 23,920 ---- aw C: \ WINDOWS \ system32 \ drivers \ sskbfd.sys
2008/01/05 01:34 21,872 ---- aw C: \ WINDOWS \ system32 \ drivers \ sshrmd.sys
2008/01/05 01:34 20,336 ---- aw C: \ WINDOWS \ system32 \ drivers \ SSFS0BB9.sys
2008/01/05 01:34 163,696 ---- aw C: \ WINDOWS \ system32 \ drivers \ ssidrv.sys
2007/12/26 04:47 --------- d ----- w C: \ Program Files \ AIM
2007/12/17 00:44 --------- d ----- w C: \ Program Files \ QuickTime
2007-12-16 18:36 805 ---- aw C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.INF
2007/12/16 18:36 60,800 ---- aw C: \ WINDOWS \ system32 \ S32EVNT1.DLL
2007/12/16 18:36 123,952 ---- aw C: \ WINDOWS \ system32 \ drivers \ Symevent.sys
2007/12/16 18:36 10,740 ---- aw C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.CAT
2007/12/16 18:36 --------- d ----- w C: \ Program Files \ Symantec
2007/12/02 23:38 --------- d ----- w C: \ Program Files \ Plant Tycoon
2007/11/29 22:30 200,704 ---- aw C: \ WINDOWS \ system32 \ ssldivx.dll
2007/11/29 22:30 1.044.480 ---- aw C: \ WINDOWS \ system32 \ libdivx.dll
2007/11/07 09:26 721,920 ---- aw C: \ WINDOWS \ system32 \ lsasrv.dll
2007/11/07 09:26 721,920 ---- aw C: \ WINDOWS \ system32 \ dllcache \ lsasrv.dll
2007/10/30 23:42 3.590.656 ---- aw C: \ WINDOWS \ system32 \ dllcache \ mshtml.dll
2007/10/30 17:20 360,064 ---- aw C: \ WINDOWS \ system32 \ dllcache \ tcpip.sys
2007/10/29 22:35 1.287.680 ---- aw C: \ WINDOWS \ system32 \ Quartz.dll
2007/10/29 22:35 1.287.680 ---- aw C: \ WINDOWS \ system32 \ dllcache \ Quartz.dll
2007/10/27 22:40 222,720 ---- aw C: \ WINDOWS \ system32 \ Wmasf.dll
2007/10/27 22:40 222,720 ---- aw C: \ WINDOWS \ system32 \ dllcache \ Wmasf.dll
2007/06/27 20:23 318,904-c - aw C: \ Program Files \ wmpfirefoxplugin.exe
2007/02/19 21:57 12887872-c - aw C: \ Program Files \ sspsetup1_.exe
2007/02/10 23:31 2599088-c - aw C: \ Program Files \ Shockwave_Installer_Slim.exe
2007/02/10 23:26 12711440-c - aw C: \ Program Files \ RealPlayer10-5GOLD.exe
2007/02/10 23:20 19666504-c - aw C: \ Program Files \ QuickTimeInstaller.exe
2007/02/10 23:08 1410680-c - aw C: \ Program Files \ install_flash_player.exe
2007/02/10 17:58 25755448-c - aw C: \ Program Files \ wmp11-windowsxp-x86-enu.exe
2006/10/11 00:51 774,144-c - aw C: \ Program Files \ RngInterstitial.dll
2006/09/16 02:12 811,584-c - aw C: \ Program Files \ GoogleToolbarInstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Nota * entradas vazias & legit entradas padrão não são mostrados
REGEDIT4

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ actuais ntVersion \ Run]
"ctfmon.exe" = "C: \ WINDOWS \ system32 \ ctfmon.exe" [2004-08-09 23:00 15360]
"Creative Detector" = "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" [2004-12-02 17:23 102400]
"swg" = "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe" []
"SsAAD.exe" = "C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.e xe" [2006-11-02 13:43 472632]
"MSMSGS" = "C: \ Program Files \ Messenger \ msmsgs.exe" [2004-10-13 11:24 1694208]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"(0228e555-4f9c-4e35-a3ec-b109a192b4c2)" = "C: \ Arquivos de Programas \ Google \ Gmail Notifier \ gnotify.exe" [2005-07-15 16:48 479232]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe" [2005-03-15 13:37 32881]
"ccApp" = "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe" [2008-01-08 17:33 53096]
"Symantec PIF AlertEng" = "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" [2007-03-12 17:30 517768]
"Engenheiro de gravação de som" = "SOUNDMAN.EXE" [2005-04-06 17:57 90112 C: \ WINDOWS \ SOUNDMAN.EXE]
"Reminder" = "C: \ Windows \ Creator \ Remind_XP.exe" [2004-12-13 21:23 663552]
"Recguard" = "C: \ WINDOWS \ SMINST \ RECGUARD.EXE" [2004-04-14 08:43 233472]
"hpsysdrv" = "c: \ windows \ system \ hpsysdrv.exe" [1998-05-07 04:04 52736]
"HotKeysCmds" = "C: \ WINDOWS \ system32 \ hkcmd.exe" [2004-12-01 05:55 126976]
"High Definition Audio Property Page Shortcut" = "Hdaudpropshortcut.exe" [2004-03-17 19:10 61952 C: \ WINDOWS \ system32 \ Hdaudpropshortcut.exe]
"ehTray" = "C: \ WINDOWS \ ehome \ ehtray.exe" [2005-08-05 13:56 64512]
"AlcWzrd" = "ALCWZRD.EXE" [2005-04-06 17:53 2805248 C: \ WINDOWS \ ALCWZRD.EXE]
"AGRSMMSG" = "AGRSMMSG.exe" [2004-06-29 05:06 88363 C: \ WINDOWS \ AGRSMMSG.exe]
"ITipo" = "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe" [2006-11-21 20:08 813912]
"IntelliPoint" = "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe" [2007-02-05 18:52 849280]
"WinampAgent" = "C: \ Arquivos de Programas \ Winamp \ winampa.exe" [2007-12-20 10:16 37376]
"KBD" = "C: \ HP \ KBD \ KBD.EXE" [2005-02-02 16:44 61440]
"Spysweeper" = "C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" [2008-01-04 20:56 5367664]
"AutoTBar" = "C: \ Program Files \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE" []

C: \ Documents and Settings \ All Users \ Menu Iniciar \ Programas \ Startup \
Adobe Gamma Loader.lnk - C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe [2004-10-04 00:12:18 113664]
Adobe Reader Speed Launch.lnk - C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe [2005-09-23 21:05:26 29696]
SpySubtract.lnk - C: \ Program Files \ interMute \ SpySubtract \ sslaunch.exe [2005-03-15 14:14:11 73728]
Atualizações a partir de HP.lnk - C: \ Program Files \ Updates da HP \ 309731 \ Programas \ Updates de HP.exe [2005-03-15 14:15:23 45056]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ policies \ system]
"InstallVisualStyle" = C: \ WINDOWS \ Resources \ Temas \ Royale \ Royale.msstyles
"InstallTheme" = C: \ WINDOWS \ Resources \ Temas \ Royale.theme

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ run-]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe"

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntversion \ explorer \ mountpoints2 \ (749df047-9937-11db-9221-0013d408ae3c)]
\ Shell \ AutoRun \ command - L: \ wd_windows_tools \ setup.exe

* Serviço recém-criado * - COMHOST
* Serviço recém-criado * - PROCEXP90
.
Conteúdo da 'Tarefas agendadas' pasta
"2008-01-19 15:35:02 C: \ WINDOWS \ Tasks \ AppleSoftwareUpdate.job"
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe
"2008-01-26 01:09:39 C: \ WINDOWS \ Tasks \ Norton AntiVirus - Run Full System Scan - HP_Administrator.job"
- C: \ PROGRA ~ 1 \ NORTON ~ 1 \ NORTON ~ 1 \ Navw32.exeh/TASK:
.
************************************************** ************************

CatchMe 0.3.1344 W2K/XP/Vista - rootkit / stealth malware detector por Gmer, http://www.gmer.net
Rootkit scan 2008-01-25 22:54:40
5/1/2600 Windows Service Pack 2 NTFS

digitalizar processos escondidos ...

escaneamento automático entradas escondidas ...

digitalizar os arquivos ocultos ...

varredura foi concluída com êxito
ficheiros ocultos: 0

************************************************** ************************
.
Conclusão time: 2008-01-25 22:55:28
.
2008-01-09 13:11:47 --- EOF ---

[IMG] file: / / / C: / DOCUME% 7E1/HP_ADM% 7E1/LOCALS% 7E1/Temp/moz-screenshot.jpg [/ IMG] [IMG] file: / / / C: / DOCUME% 7E1/HP_ADM % 7E1/LOCALS% 7E1/Temp/moz-screenshot-1.jpg [/ IMG]

**evilfantasy** · #9 25 de janeiro de 2008, 21:48

Isso aconteceu logo após o download do Winamp?

Por favor, execute uma novo HJT digitalizar e publicar esse registo.

GMB · #10 25 de janeiro de 2008, 22:32

Tive Winamp por um longo tempo, antes que esta começou acontecer. Eu tinha de voltar a instalá-lo algum tempo atrás, antes que os erros, mas eu não posso recordar como logo após os erros ocorreram.

Aqui está o HJT log:

Logfile da Trend Micro HijackThis v2.0.2
Scan guardado em 12:29:23, em 1/26/2008
Plataforma: Windows XP SP2 (WinNT 5/01/2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Executando processos:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe
C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ windows \ system \ hpsysdrv.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Arquivos de Programas \ Winamp \ winampa.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ ewido \ security suite \ ewidoctrl.exe
c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ Mdm.exe
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeper.exe
C: \ WINDOWS \ system32 \ Dllhost.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Program Files \ Webroot \ Spy Sweeper \ SSU.EXE
C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe
C: \ Program Files \ interMute \ SpySubtract \ SpySub.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ AIM \ aim.exe
C: \ Program Files \ Encore \ Hoyle Card Games 2005 \ HoyleCardGames2005.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe
C: \ Program Files \ Messenger \ msmsgs.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no arquivo)
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ SpyBot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Arquivos de Programas \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [engenheiro de gravação de som] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Reminder] "C: \ Windows \ Creator \ Remind_XP.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ windows \ system \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Property Page Shortcut] Hdaudpropshortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [ITipo] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Arquivos de Programas \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [AutoTBar] C: \ Program Files \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE
O4 - HKLM \ .. \ Run: [Spysweeper] "C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" / startintray
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [swg] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Arquivos de Programas \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Program Files \ interMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Actualizações de HP.lnk = C: \ Program Files \ Updates da HP \ 309731 \ Programas \ Updates de HP.exe
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O12 - Plugin for. Spop: C: \ Arquivos de Programas \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6A344D34-5231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / ActiveX / symdlmgr.cab
O16 - DPF: (DBFF771D-3F92-4C70-9978-508738536F38) (CSConn Classe) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
O16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (CCProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: ewido segurança suite control - ewido networks - C: \ Program Files \ ewido \ security suite \ ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeper.exe

--
Fim do arquivo - 12852 bytes