/alexandre_eng/

"Select * from Backup WHERE DataHora = '23/02/2009 20:45:09' "

não funciona.....

DataHora é um campo data/hora...

como escrever a pesquisa ?

Estou com um problema...

O Windows XP não está acessando a internet wireless, com segurança WPA.

Consigo efetuar a conexão wireless e inclusive faço acesso as configurações do modem (DSL-2640B) e do roteador (DI-524).
MAS a internet não carrega nenhum site ... tentei inclusive colocar o IP da máquina na DMZ, mesmo assim não carregou nada.

O Windows XP já está com SP3 e suporte a segurança WPA da rede wireless.

Há outras máquinas com Win Vista e Seven que acessam normalmente a internet ...

Alguém já passou por isso?

Não tenho como trocar o SO da máquina ...

Como faço para retirar essas DLLs Carregadas Sob os Processos em Execução?

São necessárias?

ComboFix 09-06-14.02 - alexandre 16/06/2009 9:56.7 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2046.1644 [GMT -3:00]
Executando de: c:\documents and settings\alexandre.XXXXX-XX\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Anti-Virus *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

ATENÇAO - ESTA MAQUINA não tem O CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

(((((((((((((((( Arquivos/Ficheiros criados de 2009-05-16 to 2009-06-16 ))))))))))))))))))))))))))))
.

2009-06-08 11:49 . 2008-04-13 14:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-06-08 11:49 . 2008-04-13 14:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-06-04 20:47 . 2003-08-28 12:07 49152 ----a-w- c:\windows\system32\xrscom12.dll
2009-06-04 20:47 . 2003-05-15 00:19 540672 ----a-w- c:\windows\system32\rst23.dll
2009-06-04 20:47 . 2003-03-26 05:09 278528 ----a-w- c:\windows\system32\tifffx23.dll
2009-06-04 20:47 . 2002-12-09 17:34 69632 ----a-w- c:\windows\system32\tifwrap23.dll
2009-06-04 20:47 . 2003-08-28 12:10 94208 ----a-w- c:\windows\system32\xrsslm12.exe
2009-06-04 20:47 . 2003-08-28 12:09 98304 ----a-w- c:\windows\system32\xrsslm12.dll
2009-06-04 20:47 . 2003-08-28 12:08 28672 ----a-w- c:\windows\system32\xrsatr12.dll
2009-06-04 20:47 . 2003-08-28 12:08 188416 ----a-w- c:\windows\system32\xrsasn12.dll
2009-06-04 20:47 . 2003-08-28 12:08 86016 ----a-w- c:\windows\system32\xrsfns12.dll
2009-06-04 20:47 . 2003-08-28 12:08 122880 ----a-w- c:\windows\system32\xrsmai12.drv
2009-05-28 19:03 . 2009-05-28 19:03 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\MSScanAppDataDir
2009-05-27 18:09 . 2009-05-27 18:09 -------- dc----w- C:\SetupDWGTrueView2007
2009-05-26 18:21 . 2008-10-31 02:15 227840 ----a-w- c:\windows\system32\bzFlRdr.dll
2009-05-26 18:21 . 2008-09-26 23:44 126976 ----a-w- c:\windows\system32\bzpdfc.dll
2009-05-26 18:21 . 2008-07-10 03:19 103424 ----a-w- c:\windows\system32\bzDCT.dll
2009-05-26 18:21 . 2009-04-22 22:53 194560 ----a-w- c:\windows\system32\bzpdf.dll
2009-05-26 18:21 . 2009-05-26 18:21 -------- d-----w- c:\arquivos de programas\Bullzip
2009-05-21 18:29 . 2009-05-21 18:29 -------- d-----w- c:\documents and settings\alexandre.XXXXX-XX\Dados de aplicativos\Bullzip
2009-05-21 11:35 . 2009-05-21 11:35 -------- d-----w- c:\documents and settings\alexandre.XXXXX-XX\Dados de aplicativos\Nero
2009-05-18 19:59 . 2009-05-20 11:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\GbPlugin
2009-05-18 17:45 . 2009-05-18 17:45 -------- d-----w- c:\documents and settings\alexandre.XXXXX-XX\Dados de aplicativos\Roxio
2009-05-18 12:53 . 2009-06-15 14:03 -------- d-----w- c:\arquivos de programas\MV RegClean 5.9

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-16 12:57 . 2009-05-15 17:29 341024 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-06-16 12:57 . 2009-05-15 17:29 5652000 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-16 12:27 . 2009-05-15 17:29 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab
2009-06-16 12:20 . 2009-05-15 17:29 79232 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-16 12:20 . 2009-05-15 17:29 35648 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-06-15 19:46 . 2008-10-23 17:46 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help
2009-06-10 12:46 . 2004-08-04 10:00 539970 ----a-w- c:\windows\system32\perfh016.dat
2009-06-10 12:46 . 2004-08-04 10:00 103158 ----a-w- c:\windows\system32\perfc016.dat
2009-06-04 20:47 . 2008-10-22 16:54 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information
2009-05-26 18:21 . 2008-10-29 17:53 -------- d-----w- c:\arquivos de programas\GSLITE
2009-05-20 16:07 . 2009-05-15 17:29 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-05-20 16:07 . 2009-05-15 17:29 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-05-15 18:46 . 2007-07-18 18:39 112144 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-05-15 18:46 . 2009-05-15 18:46 112144 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab\AVP6\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\6.0.3.830\X86\kl1.sys
2009-05-15 18:46 . 2009-05-15 18:45 715280 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab\AVP6\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\6.0.3.830\updater.dll
2009-05-15 18:45 . 2009-05-15 18:45 158224 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab\AVP6\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\6.0.3.830\scrchpg.dll
2009-05-15 18:45 . 2009-05-15 18:45 201504 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab\AVP6\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\6.0.3.830\klif.sys
2009-05-15 18:44 . 2009-05-15 18:44 41488 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab\AVP6\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\6.0.3.830\fssync.dll
2009-05-15 18:44 . 2009-05-15 18:44 342544 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab\AVP6\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\6.0.3.830\ckahum.dll
2009-05-15 18:44 . 2009-05-15 18:44 231952 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab\AVP6\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav6\6.0.3.830\avp.exe
2009-05-15 17:29 . 2009-05-15 17:29 -------- d-----w- c:\arquivos de programas\Kaspersky Lab
2009-03-26 16:29 . 2009-03-26 16:29 0 ----a-w- c:\documents and settings\alexandre.XXXXX-XX\backup.bin
2009-03-26 12:38 . 2009-03-26 12:38 0 ----a-w- c:\documents and settings\alexandre\_backup.bin
.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\arquivos de programas\Analog Devices\Core\smax4pnp.exe" [2007-08-01 1036288]

[HKEY_LOCAL_MACHINE\software\Microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Arquivos de programas\\JustVoip.com\\JustVoip\\JustVoip.exe"=

R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [30/5/2007 18:49 24344]
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [23/5/2007 03:15 547744]
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com.br/
uInternet Settings,ProxyServer = 192.168.254.254:8080
uInternet Settings,ProxyOverride = <local>
IE: Adicionar ao Anti-Banner - c:\arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm
FF - ProfilePath -

---- FIREFOX POLICIES ----
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-16 09:57
Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso
arquivos/ficheiros ocultos: 0

**************************************************************************
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'winlogon.exe'(664)
c:\windows\system32\klogon.dll

- - - - - - - > 'explorer.exe'(3600)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Tempo para conclusão: 2009-06-16 9:58
ComboFix-quarantined-files.txt 2009-06-16 12:58
ComboFix2.txt 2009-06-16 12:26

Pré-execução: 8.766.783.488 bytes disponíveis
Pós execução: 8.748.937.216 bytes disponíveis

118 --- E O F --- 2009-03-26 16:36

---------------------------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:59:25, on 16/6/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe
d:\Meus documentos\pendrive\Painel de Controle\Programas Portable\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.Microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.Microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.Microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.254.254:8080
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [AVP] "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Adicionar ao Anti-Banner - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\ie_banner_deny.htm
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.Microsof...ss/allinone.asp
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = XXXXX-XX
O17 - HKLM\Software\..\Telephony: DomainName = XXXXX-XX
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = XXXXX-XX
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations\avp.exe

--
End of file - 2751 bytes

----------------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.37
Versão do banco de dados: 2182
Windows 5.1.2600 Service Pack 3

16/6/2009 10:32:39
mbam-log-2009-06-16 (10-32-39).txt

Tipo de Verificação: Completa (C:\|D:\|)
Objetos verificados: 164697
Tempo decorrido: 15 minute(s), 31 second(s)

Processos da Memória infectados: 0
Módulos de Memória Infectados: 0
Chaves do Registro infectadas: 0
Valores do Registro infectados: 0
Ítens do Registro infectados: 0
Pastas infectadas: 0
Arquivos infectados: 0

Processos da Memória infectados:
(Nenhum ítem malicioso foi detectado)

Módulos de Memória Infectados:
(Nenhum ítem malicioso foi detectado)

Chaves do Registro infectadas:
(Nenhum ítem malicioso foi detectado)

Valores do Registro infectados:
(Nenhum ítem malicioso foi detectado)

Ítens do Registro infectados:
(Nenhum ítem malicioso foi detectado)

Pastas infectadas:
(Nenhum ítem malicioso foi detectado)

Arquivos infectados:
(Nenhum ítem malicioso foi detectado)

limpei o sistema com o ccleaner e ...
executei o combofix e após reiniciar executei o hijackthis...

sobrou alguma coisa suspeita?

Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 12:07:56, on 20/2/2009
 Platform: Windows XP SP2 (WinNT 5.01.2600)
 MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 Boot mode: Safe mode with network support
 
 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.exe
 C:\WINDOWS\system32\services.exe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.exe
 C:\WINDOWS\system32\svchost.exe
 C:\WINDOWS\system32\winlogon.exe
 C:\WINDOWS\explorer.exe
 C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
 
 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.Microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.Microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.Microsoft.com/fwlink/?LinkId=54896
 O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
 O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
 O4 - HKUS\S-1-5-21-583907252-152049171-1060284298-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrador')
 O4 - HKUS\S-1-5-21-583907252-152049171-1060284298-500\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe (User 'Administrador')
 O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
 O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.Microsoft.com/intl/br/access/allinone.asp
 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
 O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
 O23 - Service: avast! antivírus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
 O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
 O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
 O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe
 O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe
 O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe
 
 --
 End of file - 3206 bytes

ComboFix 09-02-19.01 - Juliene 2009-02-20 11:54:54.1 - NTFSx86 NETWORK
 Microsoft Windows XP Professional  5.1.2600.2.1252.55.1046.18.511.356 [GMT -3:00]
 Executando de: c:\documents and settings\Juliene\Desktop\ComboFix.exe
 AV: avast! antivírus 4.6.763 [VPS 0616-2] *On-access scanning enabled* (Outdated)
 
 ATENÇAO - ESTA MAQUINA não tem O CONSOLE DE RECUPERAÇÃO INSTALADA !!
 .
 
 (((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
 .
 
 C:\2u.com
 C:\Autorun.inf
 
 .
 ((((((((((((((((   Arquivos/Ficheiros criados de 2009-01-20 to 2009-02-20  ))))))))))))))))))))))))))))
 .
 
 2009-02-20 11:50 . 2006-01-31 09:22	<DIR>	d--h-----	c:\documents and settings\Administrador\Modelos
 2009-02-20 11:50 . 2005-12-08 00:35	<DIR>	d--------	c:\documents and settings\Administrador\Meus documentos
 2009-02-20 11:50 . 2005-12-08 00:35	<DIR>	dr-------	c:\documents and settings\Administrador\Menu Iniciar
 2009-02-20 11:50 . 2005-12-08 00:35	<DIR>	d--------	c:\documents and settings\Administrador\Favoritos
 2009-02-20 11:50 . 2005-12-08 00:35	<DIR>	dr-h-----	c:\documents and settings\Administrador\Dados de aplicativos
 2009-02-20 11:50 . 2009-02-20 11:58	<DIR>	d--h-----	c:\documents and settings\Administrador\Configurações locais
 2009-02-20 11:50 . 2005-12-08 00:35	<DIR>	d--h-----	c:\documents and settings\Administrador\Ambiente de rede
 2009-02-20 11:50 . 2005-12-08 00:35	<DIR>	d--h-----	c:\documents and settings\Administrador\Ambiente de impressão
 2009-02-20 11:50 . 2009-02-20 11:50	<DIR>	d--------	c:\documents and settings\Administrador
 2009-02-20 10:31 . 2009-02-20 10:31	<DIR>	d--------	c:\arquivos de programas\Trend Micro
 2009-02-20 10:07 . 2009-02-20 10:06	106,970	-r-hs----	C:\w2.com
 2009-02-12 19:59 . 2009-02-12 19:59	<DIR>	d--------	c:\windows\system32\QuickTime
 2009-02-12 19:59 . 2009-02-12 19:59	<DIR>	d--------	c:\documents and settings\All Users\Dados de aplicativos\TechSmith
 2009-02-12 19:59 . 2007-07-12 04:54	107,864	--a------	c:\windows\system32\tsccvid.dll
 2009-02-12 19:57 . 2009-02-12 19:57	<DIR>	d--------	c:\arquivos de programas\TechSmith
 2009-02-12 19:55 . 2006-07-11 17:01	66,048	--a------	c:\documents and settings\Luiz Rezende\keygen.exe
 2009-02-12 19:44 . 2009-02-12 19:53	<DIR>	d--------	c:\documents and settings\Luiz Rezende\Camtasia
 
 .
 (((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
 .
 2009-02-20 13:58	---------	d---a-w	c:\documents and settings\All Users\Dados de aplicativos\TEMP
 2009-02-20 13:42	---------	d-----w	c:\arquivos de programas\Spyware Doctor
 2009-02-20 13:31	---------	d-----w	c:\arquivos de programas\Google
 2009-02-19 23:35	---------	d-----w	c:\documents and settings\All Users\Dados de aplicativos\Google Updater
 2008-09-07 12:33	78,768	----a-w	c:\documents and settings\Juliene\Dados de aplicativos\GDIPFONTCACHEV1.DAT
 2007-11-28 20:21	67,696	----a-w	c:\arquivos de programas\mozilla firefox\components\jar50.dll
 2007-11-28 20:21	54,376	----a-w	c:\arquivos de programas\mozilla firefox\components\jsd3250.dll
 2007-11-28 20:21	34,952	----a-w	c:\arquivos de programas\mozilla firefox\components\myspell.dll
 2007-11-28 20:21	46,720	----a-w	c:\arquivos de programas\mozilla firefox\components\spellchk.dll
 2007-11-28 20:21	172,144	----a-w	c:\arquivos de programas\mozilla firefox\components\xpinstal.dll
 .
 
 (((((((((((((((((((((((((((((((((((((((((((((   AWF   ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
 .
 ----a-w		 1,237,042 2003-12-05 10:25:56  c:\arquivos de programas\Ahead\InCD\bak\InCD.exe
 ----a-w			36,633 2007-02-21 19:20:15  c:\arquivos de programas\Ahead\InCD\InCD.exe
 
 ----a-w		   102,448 2006-01-27 22:35:49  c:\arquivos de programas\Alwil Software\Avast4\bak\ashDisp.exe
 ----a-w			36,633 2007-02-21 19:20:15  c:\arquivos de programas\Alwil Software\Avast4\ashDisp.exe
 
 ----a-w			15,360 2004-08-04 03:45:32  c:\windows\system32\bak\ctfmon.exe
 ----a-w			15,360 2004-08-04 03:45:32  c:\windows\system32\ctfmon.exe
 
 ----a-r		   155,648 2001-07-09 09:50:42  c:\windows\system32\bak\NeroCheck.exe
 ----a-w			36,633 2007-02-21 19:20:15  c:\windows\system32\NeroCheck.exe
 
 .
 ((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
 .
 .
 *Nota* entradas vazias e legítimas por defeito não são mostradas. 
 REGEDIT4
 
 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "MsnMsgr"="c:\arquivos de programas\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
 
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2007-02-21 36633]
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\windows nt\currentversion\drivers32]
 "vidc.I420"= vdrcodec.dll
 "VIDC.MJPG"= Pvmjpg21.dll
 "VIDC.PIM1"= pclepim1.dll
 
 [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
 path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Reader Speed Launch.lnk
 backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
 
 [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Image Transfer.lnk]
 path=c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\Image Transfer.lnk
 backup=c:\windows\pss\Image Transfer.lnkCommon Startup
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
 NvQTwk [X]
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\cmrss]
 c:\windows\system32\cmrss.exe [N/A]
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
 --a------ 2004-08-04 00:45 15360 c:\windows\system32\ctfmon.exe
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\LtMoh]
 --a------ 2002-05-30 16:23 163840 c:\arquivos de programas\ltmoh\ltmoh.exe
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\MSMSGS]
 --ahs---- 2004-10-13 13:24 1694208 c:\arquivos de programas\Messenger\msmsgs.exe
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\NeroCheck]
 --a------ 2007-02-21 16:20 36633 c:\windows\system32\NeroCheck.exe
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
 --a------ 2005-04-13 02:48 36975 c:\arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\taskmgr]
 c:\windows\system32\msbcs.exe [N/A]
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\MsmqIntCert]
 --a------ 2004-08-04 00:45 177152 c:\windows\system32\mqrt.dll
 
 [HKEY_LOCAL_MACHINE\software\Microsoft\shared tools\msconfig\startupreg\nwiz]
 --a------ 2002-04-19 13:13 364544 c:\windows\system32\nwiz.exe
 
 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
 "%windir%\\system32\\sessmgr.exe"=
 "c:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe"=
 "c:\\WINDOWS\\system32\\mqsvc.exe"=
 
 R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [2002-06-10 31232]
 S3 autorun;autorun;\??\c:\huadio.tmp --> c:\huadio.tmp [?]
 S3 sdAuxService;PC Tools Auxiliary Service;c:\arquivos de programas\Spyware Doctor\pctsAuxs.exe [2008-03-10 747912]
 
 [HKEY_CURRENT_USER\software\Microsoft\windows\currentversion\explorer\mountpoints2\{2ab5a790-ff52-11dd-873d-000039666aad}]
 \Shell\AutoRun\command - D:\2u.com
 \Shell\explore\Command - D:\2u.com
 \Shell\open\Command - D:\2u.com
 
 [HKEY_CURRENT_USER\software\Microsoft\windows\currentversion\explorer\mountpoints2\{34f7c122-d023-11d3-85e2-000039666aad}]
 \Shell\AutoRun\command - D:\6fnlpetp.exe
 \Shell\explore\Command - D:\6fnlpetp.exe
 \Shell\open\Command - D:\6fnlpetp.exe
 .
 Conteúdo da pasta 'Tarefas Agendadas'
 
 2008-05-23 c:\windows\Tasks\Norton Security Scan.job
 - c:\arquivos de programas\Norton Security Scan\Nss.exe [2007-09-18 23:42]
 .
 .
 ------- Scan Suplementar -------
 .
 uStart Page = hxxp://www.google.com.br/
 uInternet Connection Wizard,ShellNext = iexplore
 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
 FF - ProfilePath - c:\documents and settings\Juliene\Dados de aplicativos\Mozilla\Firefox\Profiles\ijc1myo1.default\
 FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
 FF - prefs.js: browser.search.selectedEngine - Google
 FF - component: c:\arquivos de programas\Mozilla Firefox\components\xpinstal.dll
 FF - component: c:\arquivos de programas\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
 FF - component: c:\arquivos de programas\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
 FF - component: c:\arquivos de programas\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll
 .
 
 **************************************************************************
 
 catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2009-02-20 11:58:58
 Windows 5.1.2600 Service Pack 2 NTFS
 
 Procurando processos ocultos ... 
 
 Procurando entradas auto inicializáveis ocultas ... 
 
 Procurando ficheiros/arquivos ocultos ... 
 
 Varredura completada com sucesso
 arquivos/ficheiros ocultos: 0
 
 **************************************************************************
 
 [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\autorun]
 "ImagePath"="\??\C:\huadio.tmp"
 .
 Tempo para conclusão: 2009-02-20 12:01:24
 ComboFix-quarantined-files.txt  2009-02-20 15:00:56
 
 Pré-execução: 796,205,056 bytes disponíveis
 Pós execução: 1,353,822,208 bytes disponíveis
 
 426	--- E O F ---	2008-03-10 22:28:06

Tenho um notebook que não está encontrando a rede sem fio... mando atualizar as redes e ele não encontra nada.

A placa está funcionando normalmente.

Alguém já passou por isso?

os outros reconhecem normalmente.