Logo Hardware.com.br
Rubens Kamimura
Rubens Kamim... Novo Membro Registrado
22 Mensagens 0 Curtidas

Mais um Notebook "svchost.exe - Erro de aplicativo"

#1 Por Rubens Kamim... 23/12/2009 - 13:25
Boa tarde,
Caros especialistas, tive lendo, mas não entendi nada, visto posto, solicito ajuda dos especialistas, pois cremos que cada especialista no seu ramo ("galho"). Segue abaixo o log do HIJACKTHIS, solicito recomendações:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:01:33, on 23/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Altiris\Altiris Agent\AeXNSAgent.exe
C:\WINDOWS\system32\cisvc.exe
C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
C:\Arquivos de programas\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\hasplms.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\Arquivos de programas\Borland\InterBase\bin\ibguard.exe
C:\Arquivos de programas\Borland\InterBase\bin\ibserver.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\McAfee\Common Framework\FrameworkService.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Arquivos de programas\Microsoft SQL Server\MSSQL$PCMSERVER\Binn\sqlservr.exe
C:\WINDOWS\system32\OpcEnum.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE
C:\Arquivos de programas\ABB\PCM600\bin\Services\PCMMessengerService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
C:\Arquivos de programas\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Arquivos de programas\Intel\Wireless\bin\ZCfgSvc.exe
C:\Arquivos de programas\Microsoft SQL Server\MSSQL$PCMSERVER\Binn\sqlagent.EXE
C:\Arquivos de programas\Intel\Wireless\Bin\ifrmewrk.exe
C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\WINDOWS\system32\svchost.exe
C:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\WINDOWS\system32\dllhost.exe
C:\Arquivos de programas\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Arquivos de programas\McAfee\Common Framework\udaterui.exe
C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Arquivos de programas\McAfee\Common Framework\McTray.exe
C:\Arquivos de programas\BOINC\boinctray.exe
C:\Arquivos de programas\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\rundll32.exe
C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\kamimura\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Arquivos de programas\PowerArchiver\PASTARTER.EXE
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE
C:\Arquivos de programas\Microsoft Office\Office14\OfficeSAS\officeSASscheduler.exe
C:\Arquivos de programas\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Arquivos de programas\Microsoft Office\Office14\OfficeSAS\OfficeSAS.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Arquivos de programas\PowerArchiver\POWERARC.EXE
C:\Arquivos de programas\PowerArchiver\POWERARC.EXE
C:\Arquivos de programas\PowerArchiver\POWERARC.EXE
C:\Arquivos de programas\PowerArchiver\POWERARC.EXE
C:\Arquivos de programas\PowerArchiver\POWERARC.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\DOCUME~1\kamimura\CONFIG~1\Temp\_PA283\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxycesp:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;netcesp;172.16.7.53;10.*;10*;172*;10.102.253.81;cespger;10.136.20.20;
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P1.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_P.dll
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\ARQUIV~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_P.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P1.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_P.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Arquivos de programas\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Arquivos de programas\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AeXAgentLogon] "C:\Arquivos de programas\Altiris\Altiris Agent\AeXAgentActivate.exe" /logon
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Arquivos de programas\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Arquivos de programas\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [boincmgr] "C:\Arquivos de programas\BOINC\boincmgr.exe" /a /s
O4 - HKLM\..\Run: [boinctray] "C:\Arquivos de programas\BOINC\boinctray.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Arquivos de programas\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\kamimura\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PowerArchiver Tray] C:\Arquivos de programas\PowerArchiver\PASTARTER.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Inicialização do Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: LIMPEZA.lnk = C:\WINDOWS\system32\LIMPEZA.CMD
O4 - Global Startup: Localização acelerada da Microsoft.lnk = C:\Arquivos de programas\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: OfficeSAS.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Arquivos de programas\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Windows Search.lnk = C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Se&nd to OneNote - res:///105
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1234113319468
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{20C28119-5378-4DA0-BC45-AC9D1B8EEDA6}: Domain = intra.cesp.com.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = intracesp.br,intra.cesp.com.br
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Altiris Agent (AeXNSClient) - Altiris, Inc. - C:\Arquivos de programas\Altiris\Altiris Agent\AeXNSAgent.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Arquivos de programas\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Arquivos de programas\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Arquivos de programas\Borland\InterBase\bin\ibserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Serviço McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Arquivos de programas\McAfee\Common Framework\FrameworkService.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: PCMMessengerService - - C:\Arquivos de programas\ABB\PCM600\bin\Services\PCMMessengerService.exe
O23 - Service: PCMSchedulerService - Unknown owner - C:\Arquivos de programas\ABB\PCM600\bin\SchedulerService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Arquivos de programas\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Arquivos de programas\Intel\Wireless\Bin\S24EvMon.exe
--
End of file - 17409 bytes

Notebook: Sony Vaio VGN-FS52B, 2GB, HD 160G, Win XP, SP3, MS OFFICE 2010 Beta.

Sds Fraternais, Boas Festas!!!

Rubens
erro notebook boa exe svchost especialistas solicito hijackthis tarde
Djoni Filho
Djoni Filho General de Pijama Registrado
2.9K Mensagens 209 Curtidas
#2 Por Djoni Filho
23/12/2009 - 13:50
Boa tarde, Rubens Kamimura.

*Desative temporariamente seu antivírus
*Baixe o ComboFix e salve-o no desktop
*Feche o Internet Explorer e o Windows Explorer
*Duplo-clique no arquivo Combofix.exe
*Aceite o contrato
*Importante: enquanto o ComboFix estiver em execução, não use o mouse nem o teclado!!..... Para interromper o procedimento tecle N.
*O programa será fechado automaticamente
*Cole o relatório criado em C:\combofix.txt



Fico no aguardo. Abraços.
Cordialmente,
Djoni Filho.
Rubens Kamimura
Rubens Kamim... Novo Membro Registrado
22 Mensagens 0 Curtidas
#4 Por Rubens Kamim...
08/01/2010 - 15:01
Djoni Filho disse:

ComboFix 09-12-23.06 - kamimura 24/12/2009 22:22:48.2.1 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2038.1641 [GMT -2:00]
Executando de: c:\documents and settings\kamimura\Desktop\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

ATENÇAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-11-25 to 2009-12-25 ))))))))))))))))))))))))))))
.

2009-12-24 18:01 . 2009-12-24 18:01 88 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\BOINC\slots\0\libfftw3f-3-1-1a_upx.dll
2009-12-24 18:01 . 2009-12-24 18:01 100 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\BOINC\slots\0\setiathome_6.03_windows_intelx86.exe
2009-12-24 16:30 . 2009-12-24 16:31 -------- d-----w- c:\windows\ERUNT
2009-12-24 16:19 . 2009-12-24 17:03 -------- dc----w- C:\SDFix
2009-12-18 09:10 . 2006-10-26 21:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2009-12-18 09:10 . 2008-11-10 13:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2009-12-18 09:05 . 2009-12-18 09:05 -------- dc----w- c:\arquivos de programas\Microsoft.NET
2009-12-18 09:01 . 2009-12-18 16:17 -------- d-----w- c:\windows\SHELLNEW
2009-12-17 21:39 . 2009-12-17 21:39 -------- d-----w- c:\windows\system32\wbem\Repository
2009-12-16 15:55 . 2009-12-16 16:00 -------- d-----w- c:\windows\forms
2009-12-16 15:55 . 2009-12-16 15:55 -------- dc----w- c:\arquivos de programas\Windows Messaging
2009-12-16 03:16 . 2009-12-16 03:16 -------- dc----w- c:\arquivos de programas\Microsoft Synchronization Services
2009-12-16 03:15 . 2009-12-18 16:07 -------- d-----w- c:\documents and settings\All Users\Microsoft
2009-12-16 03:07 . 2009-12-16 03:07 -------- dc----w- c:\arquivos de programas\Microsoft Analysis Services

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-24 23:58 . 2009-06-28 03:48 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\BOINC
2009-12-24 23:57 . 2008-09-27 17:26 -------- d-----w- c:\documents and settings\kamimura\Dados de aplicativos\Skype
2009-12-24 18:03 . 2008-09-27 17:28 -------- d-----w- c:\documents and settings\kamimura\Dados de aplicativos\skypePM
2009-12-24 03:27 . 2001-10-28 15:07 521588 ----a-w- c:\windows\system32\perfh016.dat
2009-12-24 03:27 . 2001-10-28 15:07 101154 ----a-w- c:\windows\system32\perfc016.dat
2009-12-24 00:28 . 2008-08-20 04:54 -------- d-----w- c:\arquivos de programas\PowerArchiver
2009-12-23 20:46 . 2008-11-29 12:37 -------- dc----w- c:\arquivos de programas\ACAD2000
2009-12-23 20:46 . 2008-08-20 04:34 -------- dc----w- c:\arquivos de programas\Arquivos comuns\Autodesk Shared
2009-12-22 10:16 . 2008-08-20 04:03 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help
2009-12-18 09:36 . 2008-09-30 19:08 -------- dc----w- c:\arquivos de programas\Java
2009-12-18 09:35 . 2009-11-16 00:31 152576 ----a-w- c:\documents and settings\kamimura\Dados de aplicativos\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-18 09:35 . 2009-11-16 00:30 79488 ----a-w- c:\documents and settings\kamimura\Dados de aplicativos\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-17 23:43 . 2008-10-17 21:18 -------- dc----w- c:\arquivos de programas\MSBuild
2009-12-17 23:40 . 2008-11-18 10:50 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Apple Computer
2009-12-17 23:38 . 2009-05-02 15:46 -------- dc----w- c:\arquivos de programas\QsoNet
2009-12-17 23:37 . 2009-06-29 12:17 -------- dc----w- c:\arquivos de programas\Opera
2009-12-17 23:33 . 2008-08-25 14:55 -------- dc----w- c:\arquivos de programas\HP
2009-12-17 23:31 . 2008-08-20 04:34 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Autodesk
2009-12-17 23:27 . 2008-08-20 02:45 -------- dc-h--w- c:\arquivos de programas\InstallShield Installation Information
2009-12-17 23:26 . 2008-08-20 04:34 -------- dc----w- c:\arquivos de programas\Autodesk
2009-12-17 23:26 . 2008-08-20 04:34 -------- dc----w- c:\arquivos de programas\AutoCAD Architecture 2008
2009-12-17 23:22 . 2008-08-20 04:35 -------- d-----w- c:\documents and settings\kamimura\Dados de aplicativos\Autodesk
2009-12-17 08:49 . 2008-08-21 21:28 -------- dc----w- c:\arquivos de programas\Arquivos comuns\Symantec Shared
2009-12-17 02:33 . 2008-09-15 15:48 -------- d-----w- c:\arquivos de programas\Yahoo!
2009-12-16 03:15 . 2009-07-11 15:49 -------- dc----w- c:\arquivos de programas\Microsoft SQL Server Compact Edition
2009-11-21 15:58 . 2004-08-04 03:45 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-16 15:04 . 2009-11-16 00:33 -------- d-----w- c:\documents and settings\kamimura\Dados de aplicativos\BSplayer
2009-11-16 00:38 . 2009-11-16 00:33 -------- dc----w- c:\arquivos de programas\BS_Player
2009-11-16 00:33 . 2009-11-16 00:33 -------- d-----w- c:\documents and settings\kamimura\Dados de aplicativos\BSplayer Pro
2009-11-16 00:32 . 2009-11-16 00:32 -------- dc----w- c:\arquivos de programas\Webteh
2009-11-12 19:38 . 2009-11-12 19:40 974848 ----a-w- c:\windows\system32\MFC70.DLL
2009-11-08 20:33 . 2009-11-08 20:33 -------- dc----w- c:\arquivos de programas\Arquivos comuns\Aladdin Shared
2009-11-08 20:33 . 2009-11-08 20:33 -------- dc----w- c:\arquivos de programas\OMICRON
2009-11-08 20:33 . 2009-11-08 20:33 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\OMICRON
2009-11-05 21:41 . 2008-08-20 04:25 -------- dc----w- c:\arquivos de programas\Messenger Plus! Live
2009-11-05 16:02 . 2009-11-04 21:15 -------- dc----w- c:\arquivos de programas\Microsoft SQL Server
2009-11-05 16:01 . 2008-12-16 01:52 -------- dc----w- c:\arquivos de programas\Arquivos comuns\Business Objects
2009-11-05 16:01 . 2009-11-05 16:01 -------- dc----w- c:\arquivos de programas\Arquivos comuns\ABB
2009-11-05 16:01 . 2009-11-05 16:01 -------- dc----w- c:\arquivos de programas\Arquivos comuns\OPC Foundation
2009-11-05 15:59 . 2009-11-04 21:13 -------- dc----w- c:\arquivos de programas\Arquivos comuns\Wise Installation Wizard
2009-11-04 21:35 . 2009-08-14 12:50 -------- dc----w- c:\arquivos de programas\ABB
2009-10-30 12:31 . 2009-02-11 18:24 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP
2009-10-29 07:42 . 2004-08-04 03:45 916480 ------w- c:\windows\system32\wininet.dll
2009-10-27 17:36 . 2009-04-18 14:38 -------- dc----w- c:\arquivos de programas\Arquivos comuns\Adobe
2009-10-21 05:39 . 2004-08-04 03:45 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2004-08-04 03:45 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-04 02:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2004-08-04 03:45 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:39 . 2004-08-04 03:45 150016 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:39 . 2004-08-04 03:45 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-11 06:17 . 2009-01-08 12:09 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-08 16:57 . 2007-10-09 15:03 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-08 16:57 . 2001-10-28 15:07 22016 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-08 16:57 . 2001-10-28 15:07 220160 ----a-w- c:\windows\system32\oleacc.dll
2009-09-26 05:32 . 2009-09-26 05:32 1205080 ----a-w- c:\windows\system32\FM20.DLL
2009-09-26 05:32 . 2009-09-26 05:32 31600 ----a-w- c:\windows\system32\FM20ENU.DLL
.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\arquivos de programas\P2P_Energy\tbP2P1.dll" [2009-11-08 2166296]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\arquivos de programas\BS_Player\tbBS_P.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
2009-11-08 03:07 2166296 -c--a-w- c:\arquivos de programas\P2P_Energy\tbP2P1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2009-11-03 23:12 556432 -c--a-w- c:\arquiv~1\MICROS~2\Office14\URLREDIR.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2009-07-02 12:18 2215960 -c--a-w- c:\arquivos de programas\BS_Player\tbBS_P.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\arquivos de programas\P2P_Energy\tbP2P1.dll" [2009-11-08 2166296]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\arquivos de programas\BS_Player\tbBS_P.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{2BAE58C2-79F9-45D1-A286-81F911301C3A}"= "c:\arquivos de programas\P2P_Energy\tbP2P1.dll" [2009-11-08 2166296]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\arquivos de programas\BS_Player\tbBS_P.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
"Google Update"="c:\documents and settings\kamimura\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" [2008-09-06 133104]
"FreeRAM XP"="c:\arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" [2006-03-23 1591808]
"Skype"="c:\arquivos de programas\Skype\Phone\Skype.exe" [2008-08-12 21741864]
"PowerArchiver Tray"="c:\arquivos de programas\PowerArchiver\PASTARTER.EXE" [2008-11-30 148288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168]
"IntelZeroConfig"="c:\arquivos de programas\Intel\Wireless\bin\ZCfgSvc.exe" [2008-03-04 999424]
"IntelWireless"="c:\arquivos de programas\Intel\Wireless\Bin\ifrmewrk.exe" [2008-03-04 1101824]
"egui"="c:\arquivos de programas\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"RemoteControl"="c:\arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"FinePrint Dispatcher v5"="c:\windows\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2004-04-12 417792]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2004-04-12 425984]
"GhostStartTrayApp"="c:\arquivos de programas\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2003-05-28 94208]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"AeXAgentLogon"="c:\arquivos de programas\Altiris\Altiris Agent\AeXAgentActivate.exe" [2005-01-18 143360]
"ToolBoxFX"="c:\arquivos de programas\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2006-10-06 53248]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 16125440]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2007-03-30 262144]
"NWTRAY"="NWTRAY.EXE" [2002-03-12 28672]
"McAfeeUpdaterUI"="c:\arquivos de programas\McAfee\Common Framework\udaterui.exe" [2009-03-10 136512]
"TkBellExe"="c:\arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" [2009-03-30 198160]
"boincmgr"="c:\arquivos de programas\BOINC\boincmgr.exe" [2009-06-10 4182784]
"boinctray"="c:\arquivos de programas\BOINC\boinctray.exe" [2009-06-10 58112]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"GrooveMonitor"="c:\arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"BCSSync"="c:\arquivos de programas\Microsoft Office\Office14\BCSSync.exe" [2009-09-27 83312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
Inicializa‡Æo do Office.lnk - c:\arquivos de programas\Microsoft Office\Office\OSA.EXE [1998-1-30 51984]
LIMPEZA.lnk - c:\windows\system32\LIMPEZA.CMD [2008-8-20 369]
Localiza‡Æo acelerada da Microsoft.lnk - c:\arquivos de programas\Microsoft Office\Office\FINDFAST.EXE [1998-1-30 111376]
Service Manager.lnk - c:\arquivos de programas\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-5-3 81920]
Windows Search.lnk - c:\arquivos de programas\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"CompatibleRUPSecurity"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\arquivos de programas\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwv1_0

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Arquivos de programas\\QsoNet\\CQ100\\CQ100.exe"=
"c:\\Arquivos de programas\\K1RFD\\EchoLink\\EchoLink.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Arquivos de programas\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1947:TCP"= 1947:TCP:HASP SRM
"1947:UDP"= 1947:UDP:HASP SRM

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [7/11/2008 14:34 149376]
R1 GhPciScan;GhostPciScanner;c:\arquivos de programas\Symantec\Norton Ghost 2003\GhPciScan.sys [28/5/2003 20:01 5632]
S2 ekrn;Eset Service;c:\arquivos de programas\ESET\ESET Smart Security\ekrn.exe [21/12/2007 09:21 468224]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
S2 MICOMPar;MICOMPar;c:\windows\system32\drivers\micompar.sys [3/9/2003 10:44 13488]
S2 MSSQL$PCMSERVER;MSSQL$PCMSERVER;c:\arquivos de programas\Microsoft SQL Server\MSSQL$PCMSERVER\Binn\sqlservr.exe [4/5/2005 00:04 9158656]
S2 osppsvc;Office Software Protection Platform;c:\arquivos de programas\Arquivos comuns\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [26/9/2009 04:28 4639136]
S2 PCMMessengerService;PCMMessengerService;c:\arquivos de programas\ABB\PCM600\bin\Services\PCMMessengerService.exe [18/3/2005 11:29 28672]
S2 PCMSchedulerService;PCMSchedulerService;c:\arquivos de programas\ABB\PCM600\bin\SchedulerService.exe [8/5/2006 13:01 24576]
S2 SQLAgent$PCMSERVER;SQLAgent$PCMSERVER;c:\arquivos de programas\Microsoft SQL Server\MSSQL$PCMSERVER\Binn\sqlagent.EXE [3/5/2005 21:42 323584]
S3 memcard;PCMCIA Memory Card Driver;c:\windows\system32\drivers\memcard.sys [12/7/2009 22:55 8320]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6/11/2007 18:22 34064]
S3 OMRMp50;OMRMp50 NDIS Protocol Driver;c:\windows\system32\drivers\OMRMp50.sys [2/7/2008 03:55 25400]
S3 OMRSp50;OMRSp50 NDIS Protocol Driver;c:\windows\system32\drivers\OMRSp50.sys [2/7/2008 03:55 24248]
S4 AcSELeratorSoftwareDB;AcSELerator Software Database;c:\arquiv~1\ARQUIV~1\SEL\ACSELE~1\db\bin\pg_ctl.exe runservice -N AcSELeratorSoftwareDB -D c:\arquiv~1\ARQUIV~1\SEL\ACSELE~1\db\data --> c:\arquiv~1\ARQUIV~1\SEL\ACSELE~1\db\bin\pg_ctl.exe runservice -N AcSELeratorSoftwareDB -D c:\arquiv~1\ARQUIV~1\SEL\ACSELE~1\db\data [?]

--- =Outros Serviços/Drivers Na Memória ---

*NewlyCreated* - MDMXSDK
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com.br/
uInternet Settings,ProxyServer = proxycesp:8080
uInternet Settings,ProxyOverride = 127.0.0.1;netcesp;172.16.7.53;10.*;10*;172*;10.102.253.81;cespger;10.136.20.20;
IE: E&xport to Microsoft Excel
IE: E&xportar para o Microsoft Excel
IE: Se&nd to OneNote - /105
Trusted Zone: itaipu.gov.br\www2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-24 22:33
Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso
arquivos/ficheiros ocultos: 0

**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-746137067-1060284298-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'explorer.exe'(1008)
c:\windows\system32\WININET.dll
.
Tempo para conclusão: 2009-12-24 22:39:32
ComboFix-quarantined-files.txt 2009-12-25 00:39
ComboFix2.txt 2009-12-24 16:13

Pré-execução: 9.492.783.104 bytes disponíveis
Pós execução: 9.456.066.560 bytes disponíveis

- - End Of File - - 640148471091890E292CB62BA64FFEDC
Rubens Kamimura
Rubens Kamim... Novo Membro Registrado
22 Mensagens 0 Curtidas
#6 Por Rubens Kamim...
13/04/2010 - 15:49
Erro que está dando no meu notebook (Vaio): Sempre ocorre ao liga-lo.
"svchost.exe - Erro de aplicativo. A instrução no "0x7c91b21a" fez referencia à memória no "0x00000010". A memória não pode ser "written".
Segue o Log do HijackThis:

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 15:39:38, on 13/4/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\pg_ctl.exe
C:\Arquivos de programas\Altiris\Altiris Agent\AeXNSAgent.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\cusrvc.exe
C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
C:\Arquivos de programas\Intel\Wireless\Bin\EvtEng.exe
C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\hasplms.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Arquivos de programas\Borland\InterBase\bin\ibguard.exe
C:\Arquivos de programas\Borland\InterBase\bin\ibserver.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\McAfee\Common Framework\FrameworkService.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Arquivos de programas\Microsoft SQL Server\MSSQL$PCMSERVER\Binn\sqlservr.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE
C:\Arquivos de programas\ABB\PCM600\bin\Services\PCMMessengerService.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
C:\Arquivos de programas\Intel\Wireless\Bin\RegSrvc.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\tlntsvr.exe
C:\WINDOWS\System32\vssvc.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Arquivos de programas\Intel\Wireless\bin\ZCfgSvc.exe
C:\Arquivos de programas\Intel\Wireless\Bin\ifrmewrk.exe
C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Arquivos de programas\McAfee\Common Framework\udaterui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\Arquivos de programas\McAfee\Common Framework\McTray.exe
C:\Arquivos de programas\Windows Defender\MSASCui.exe
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
C:\Arquivos de programas\Skype\Phone\Skype.exe
C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE
C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Arquivos de programas\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Arquivos de programas\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\kamimura\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\kamimura\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\ARQUIV~1\MICROS~2\Office14\OUTLOOK.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Arquivos de programas\Microsoft Office\Office14\POWERPNT.EXE
C:\Documents and Settings\kamimura\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxycesp:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;netcesp;172.16.7.53;10.*;10*;172*;10.102.253.81;cespger;10.136.20.20;
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_0.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_0.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Arquivos de programas\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Arquivos de programas\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AeXAgentLogon] "C:\Arquivos de programas\Altiris\Altiris Agent\AeXAgentActivate.exe" /logon
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Arquivos de programas\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Arquivos de programas\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Windows Defender] "C:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\kamimura\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Inicialização do Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: LIMPEZA.lnk = C:\WINDOWS\system32\LIMPEZA.CMD
O4 - Global Startup: Localização acelerada da Microsoft.lnk = C:\Arquivos de programas\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Arquivos de programas\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Windows Search.lnk = C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Google Search - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Se&nd to OneNote - res:///105
O8 - Extra context menu item: Similar Pages - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1234113319468
O16 - DPF: {8A177687-28EB-48DB-9CCB-5C5254D10568} (EduSpeak Recognizer ActiveX) - http://br.yappr.com/practice/core/EduSpeakX.cab
O16 - DPF: {9C9AC92C-5DDC-4BF1-B2A5-A36A9691EBB4} (BrowserPrint.clsWebPrint) - http://sistemas.anatel.gov.br/Apoio_Sitarweb/Includes/Impressao/BrowserPrint.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{20C28119-5378-4DA0-BC45-AC9D1B8EEDA6}: Domain = intra.cesp.com.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = intracesp.br,intra.cesp.com.br
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\ARQUIV~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AcSELerator Software Database (AcSELeratorSoftwareDB) - PostgreSQL Global Development Group - C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\pg_ctl.exe
O23 - Service: Altiris Agent (AeXNSClient) - Altiris, Inc. - C:\Arquivos de programas\Altiris\Altiris Agent\AeXNSAgent.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Arquivos de programas\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Arquivos de programas\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Arquivos de programas\Borland\InterBase\bin\ibserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Serviço McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Arquivos de programas\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Arquivos de programas\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: PCMMessengerService - - C:\Arquivos de programas\ABB\PCM600\bin\Services\PCMMessengerService.exe
O23 - Service: PCMSchedulerService - Unknown owner - C:\Arquivos de programas\ABB\PCM600\bin\SchedulerService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Arquivos de programas\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Arquivos de programas\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 18600 bytes
Rubens Kamimura
Rubens Kamim... Novo Membro Registrado
22 Mensagens 0 Curtidas
#7 Por Rubens Kamim...
13/04/2010 - 15:50
Não está resolvido, ainda!

Erro que está dando no meu notebook (Vaio): Sempre ocorre ao liga-lo.
"svchost.exe - Erro de aplicativo. A instrução no "0x7c91b21a" fez referencia à memória no "0x00000010". A memória não pode ser "written".
Segue o Log do HijackThis:

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 15:39:38, on 13/4/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\pg_ctl.exe
C:\Arquivos de programas\Altiris\Altiris Agent\AeXNSAgent.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\cusrvc.exe
C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
C:\Arquivos de programas\Intel\Wireless\Bin\EvtEng.exe
C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\hasplms.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\postgres.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Arquivos de programas\Borland\InterBase\bin\ibguard.exe
C:\Arquivos de programas\Borland\InterBase\bin\ibserver.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\McAfee\Common Framework\FrameworkService.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Arquivos de programas\Microsoft SQL Server\MSSQL$PCMSERVER\Binn\sqlservr.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE
C:\Arquivos de programas\ABB\PCM600\bin\Services\PCMMessengerService.exe
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
C:\Arquivos de programas\Intel\Wireless\Bin\RegSrvc.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\tlntsvr.exe
C:\WINDOWS\System32\vssvc.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Arquivos de programas\Intel\Wireless\bin\ZCfgSvc.exe
C:\Arquivos de programas\Intel\Wireless\Bin\ifrmewrk.exe
C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Arquivos de programas\McAfee\Common Framework\udaterui.exe
C:\WINDOWS\system32\rundll32.exe
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\Arquivos de programas\McAfee\Common Framework\McTray.exe
C:\Arquivos de programas\Windows Defender\MSASCui.exe
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe
C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
C:\Arquivos de programas\Skype\Phone\Skype.exe
C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE
C:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Arquivos de programas\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Arquivos de programas\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\kamimura\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\kamimura\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\ARQUIV~1\MICROS~2\Office14\OUTLOOK.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Arquivos de programas\Microsoft Office\Office14\POWERPNT.EXE
C:\Documents and Settings\kamimura\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\TrendMicro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxycesp:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;netcesp;172.16.7.53;10.*;10*;172*;10.102.253.81;cespger;10.136.20.20;
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_0.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_0.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Arquivos de programas\BS_Player\tbBS_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Arquivos de programas\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Arquivos de programas\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AeXAgentLogon] "C:\Arquivos de programas\Altiris\Altiris Agent\AeXAgentActivate.exe" /logon
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Arquivos de programas\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Arquivos de programas\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Windows Defender] "C:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Arquivos de programas\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\kamimura\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Inicialização do Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: LIMPEZA.lnk = C:\WINDOWS\system32\LIMPEZA.CMD
O4 - Global Startup: Localização acelerada da Microsoft.lnk = C:\Arquivos de programas\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Arquivos de programas\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: Windows Search.lnk = C:\Arquivos de programas\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: &Google Search - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Se&nd to OneNote - res:///105
O8 - Extra context menu item: Similar Pages - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Arquivos de programas\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1234113319468
O16 - DPF: {8A177687-28EB-48DB-9CCB-5C5254D10568} (EduSpeak Recognizer ActiveX) - http://br.yappr.com/practice/core/EduSpeakX.cab
O16 - DPF: {9C9AC92C-5DDC-4BF1-B2A5-A36A9691EBB4} (BrowserPrint.clsWebPrint) - http://sistemas.anatel.gov.br/Apoio_Sitarweb/Includes/Impressao/BrowserPrint.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{20C28119-5378-4DA0-BC45-AC9D1B8EEDA6}: Domain = intra.cesp.com.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = intracesp.br,intra.cesp.com.br
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\ARQUIV~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AcSELerator Software Database (AcSELeratorSoftwareDB) - PostgreSQL Global Development Group - C:\ARQUIV~1\ARQUIV~1\SEL\ACSELE~1\db\bin\pg_ctl.exe
O23 - Service: Altiris Agent (AeXNSClient) - Altiris, Inc. - C:\Arquivos de programas\Altiris\Altiris Agent\AeXNSAgent.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Arquivos de programas\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\Arquivos de programas\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\Arquivos de programas\Borland\InterBase\bin\ibserver.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: Serviço McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Arquivos de programas\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Arquivos de programas\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: PCMMessengerService - - C:\Arquivos de programas\ABB\PCM600\bin\Services\PCMMessengerService.exe
O23 - Service: PCMSchedulerService - Unknown owner - C:\Arquivos de programas\ABB\PCM600\bin\SchedulerService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Arquivos de programas\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Arquivos de programas\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 18600 bytes
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal