Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
cjgrana

NÃO SEI MAIS O QUE FAZER AJUDEM POR FAVOR

Posts recomendados

:bandeira:

GOSTARIA DA AJUDA DE ALGUEM PARA analisar ESTE LOG DO HIJACKTHIS E DO L2MFIX

E ME DIZER O QUE DEVO FAZER ESTOU DESESPERADO ESSES POP-UPS PULANDO DIRETO NA TELA.

já PASSEIO ( a-squared StartCenter , AVAST (NO BOOT DO SISTEMA) , SPYBOT , Ad-Aware SE Personal E Trend Micro - Free online virus Scan - Scan Now ) E NÃO RESOLVEU NADA ELES CONTINUAM PULANDO NA TELA, TÁ ######.

SE ALGUEM TIVER COMO ME AJUDAR EU AGRADEÇO DESDE JÁ.

ESSE SÃO OS LOG:

Logfile of HijackThis v1.99.1

Scan saved at 13:16:54, on 30/10/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Arquivos de programas\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Java\jre1.5.0_04\bin\jusched.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Free Download Manager\fdm.exe

C:\Arquivos de programas\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE

C:\WINDOWS\System32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Documents and Settings\carlos\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bol.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O3 - Toolbar: UltraDiscador iBest - {4F869C58-D71D-4850-8BDD-7B5CDF8EC911} - C:\Arquivos de programas\UltraDiscador iBest\ibestbar.dll (file missing)

O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no file)

O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Arquivos de programas\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [HbTools] C:\Arquivos de programas\HbTools\Bin\4.7.0.0\HbtOEAddOn.exe

O4 - HKLM\..\Run: [WeatherOnTray] C:\Arquivos de programas\HbTools\Bin\4.7.0.0\HbtWeatherOnTray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [svchosts.scr] C:\WINDOWS\svchosts.scr

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [Yahoo! Acesso Gratis] "C:\Arquivos de programas\Yahoo! Acesso Gratis\autoupdate.exe"

O4 - HKCU\..\Run: [ultraDiscador iBest] "C:\Arquivos de programas\UltraDiscador iBest\autoupdate.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [Free Download Manager] C:\Arquivos de programas\Free Download Manager\fdm.exe -autorun

O4 - Startup: Inicialização do Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE

O4 - Startup: Localização acelerada da Microsoft.lnk = C:\Arquivos de programas\Microsoft Office\Office\FINDFAST.EXE

O4 - Global Startup: Acrobat Assistant.lnk = C:\Arquivos de programas\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlpage.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1094557453078

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102...all/xscan53.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - https://www14.bancobrasil.com.br/plugin/GbPluginBb.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\en04l1dq1.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: hpdj - HP - C:\DOCUME~1\carlos\CONFIG~1\Temp\hpdj.exe

O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

#####################################################

L2MFIX find log 1.04a

These are the registry keys present

**********************************************************************************

Winlogon/notify:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

"Asynchronous"=dword:00000000

"DllName"=""

"Impersonate"=dword:00000000

"Logon"="WinLogon"

"Logoff"="WinLogoff"

"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Shell Extensions]

"Asynchronous"=dword:00000000

"DllName"="C:\\WINDOWS\\system32\\en04l1dq1.dll"

"Impersonate"=dword:00000000

"Logon"="WinLogon"

"Logoff"="WinLogoff"

"Shutdown"="WinShutdown"

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above

Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)

This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:

(NI) ALLOW Full access AUTORIDADE NT\SYSTEM

(IO) ALLOW Full access AUTORIDADE NT\SYSTEM

(NI) ALLOW Full access AUTORIDADE NT\SYSTEM

(IO) ALLOW Full access AUTORIDADE NT\SYSTEM

(ID-NI) ALLOW Read BUILTIN\Usu rios

(ID-IO) ALLOW Read BUILTIN\Usu rios

(ID-NI) ALLOW Read BUILTIN\Usu rios avan‡ados

(ID-IO) ALLOW Read BUILTIN\Usu rios avan‡ados

(ID-NI) ALLOW Full access BUILTIN\Administradores

(ID-IO) ALLOW Full access BUILTIN\Administradores

(ID-NI) ALLOW Full access AUTORIDADE NT\SYSTEM

(ID-IO) ALLOW Full access AUTORIDADE NT\SYSTEM

(ID-IO) ALLOW Full access PROPRIETµRIO CRIADOR

**********************************************************************************

useragent:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]

"{6A89CF29-5671-A178-B802-56BDC08ED641}"=""

**********************************************************************************

Shell Extension key:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]

"{00022613-0000-0000-C000-000000000046}"="Folha de propriedades de arquivo de multim¡dia"

"{176d6597-26d3-11d1-b350-080036a75b03}"="Gerenciamento de scanner ICM"

"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="P gina de seguran‡a NTFS"

"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="P gina de propriedades do arquivo de documento OLE"

"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensäes do Shell para compartilhamento"

"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"

"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="ExtensÆo do 'Painel de controle' para adaptador de v¡deo"

"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="ExtensÆo do 'Painel de controle' para monitor de v¡deo"

"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="ExtensÆo do 'Painel de controle' para panorƒmica de v¡deo"

"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="P gina de seguran‡a DS"

"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="P gina de compatibilidade"

"{56117100-C0CD-101B-81E2-00AA004AE837}"="Manipulador de dados de recorte do shell"

"{59099400-57FF-11CE-BD94-0020AF85B590}"="ExtensÆo de c¢pia de disco"

"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensäes do shell para objetos Microsoft Windows Network"

"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gerenciamento de monitor ICM"

"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gerenciamento de impressora ICM"

"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensäes do shell para compacta‡Æo de arquivos"

"{77597368-7b15-11d0-a0c2-080036af3f03}"="ExtensÆo do shell de impressora na Web"

"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"

"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu de contexto de criptografia"

"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porta-arquivos"

"{88895560-9AA2-1069-930E-00AA0030EBC8}"="ExtensÆo de ¡cone do HyperTerminal"

"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"

"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Perfil ICC"

"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="P gina de seguran‡a de impressoras"

"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensäes do Shell para compartilhamento"

"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"

"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="ExtensÆo PKO de criptografia"

"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="ExtensÆo do sinal de criptografia"

"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Conexäes de rede"

"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Conexäes de rede"

"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Scanners & cƒmeras"

"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Scanners & cƒmeras"

"{905667aa-acd6-11d2-8080-00805f6596d2}"="Scanners & cƒmeras"

"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Scanners & cƒmeras"

"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Scanners & cƒmeras"

"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"

"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"

"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensäes de interpretador de comando para o Windows Script Host"

"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Vincula‡Æo de dados Microsoft"

"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"

"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"

"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tarefas agendadas"

"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barra de tarefas e menu Iniciar"

"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Pesquisar"

"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Ajuda e suporte"

"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Ajuda e suporte"

"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Executar..."

"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"

"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Email"

"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Fontes"

"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Ferramentas administrativas"

"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"

"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"

"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"

"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"

"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"

"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"

"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barra de ferramentas do Microsoft Internet Explorer"

"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Status do download"

"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Pasta do shell aumentada"

"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Pasta do shell aumentada 2"

"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"

"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand"

"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Faixa de pesquisa"

"{32683183-48a0-441b-a342-7c2a440a9478}"="Faixa de m¡dia"

"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Pesquisa no painel"

"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Pesquisa na Web"

"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilit rio de op‡äes de  rvore do Registro"

"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="E&ndere‡o"

"{A08C11D2-A228-11d0-825B-00AA005B4383}"="Caixa de edi‡Æo de endere‡o"

"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Preenchimento autom tico da Microsoft"

"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"

"{6756A641-DE71-11d0-831B-00AA005B4383}"="Lista de preenchimento autom tico MRU"

"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Lista personalizada MRU preenchida automaticamente"

"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Acess¡vel"

"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barra Popup de controle"

"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Analisador da barra de endere‡os"

"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Lista de preenchimento autom tico de hist¢rico da Microsoft"

"{03C036F1-A186-11D0-824A-00AA005B4383}"="Lista de preenchimento autom tico de pastas do Shell da Microsoft"

"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Recipiente de lista de preenchimento autom tico m£ltiplo da Microsoft"

"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu de site de faixa do Shell"

"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"

"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar"

"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"

"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistˆncia ao usu rio"

"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Configura‡äes de pasta globais"

"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"

"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"

"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"

"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"

"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"

"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Servi‡o de hist¢rico de URLs da Microsoft"

"{FF393560-C2A7-11CF-BFF4-444553540000}"="Hist¢rico"

"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"

"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"

"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"

"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite Splash Screen"

"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"

"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"

"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"

"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"

"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"

"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Faixa do Explorer"

"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"

"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"

"{88C6C381-2E85-11D0-94DE-444553540000}"="Pasta cache de ActiveX"

"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"

"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"

"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Pasta de inscri‡äes"

"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"

"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"

"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"

"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"

"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"

"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"

"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"

"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gerenciador de aplicativos do shell"

"{0B124F8F-91F0-11D1-B8B5-006008059382}"="Enumerador de aplicativos instalado"

"{CFCCC7A0-A282-11D1-9082-006008059382}"="Editor de aplicativo Darwin"

"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"

"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"

"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extrator de miniaturas de arquivo GDI+"

"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Identificador de informa‡äes de resumo de miniaturas (DOCFILES)"

"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extrator de miniaturas HTML"

"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"

"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistente para publica‡Æo na Web"

"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Pedido de impressÆo via Web"

"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objeto do assistente para publica‡Æo do shell"

"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Obter um Assistente do Passport"

"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Contas de usu rio"

"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"

"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"

"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"

"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"

"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"

"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"

"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"

"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"

"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"

"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"

"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"

"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"

"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"

"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"

"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"

"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"

"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"

"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"

"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"

"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"

"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Pasta de arquivos off-line"

"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"

"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"

"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"

"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"

"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"

"{32714800-2E5F-11d0-8B85-00AA0044F941}"="&Pessoas..."

"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"

"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"

"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"

"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Arquivo de canal"

"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Atalho para o canal"

"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Objeto manipulador de canais"

"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"

"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"

"{5E44E225-A408-11CF-B581-008029601108}"="Adaptec DirectCD Shell Extension"

"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"

"{BB7DF450-F119-11CD-8465-00AA00425D90}"="Microsoft Access Custom Icon Handler"

"{59850401-6664-101B-B21C-00AA004BA90B}"="Microsoft Office Binder Explode"

"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"

"{A70C977A-BF00-412C-90B7-034C51DA2439}"="NvCpl DesktopContext Class"

"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Previous Versions Property Page"

"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Previous Versions"

"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"

"{472083B0-C522-11CF-8763-00608CC02F24}"="avast"

"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"

"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"

"{E37CB5F0-51F5-4395-A808-5FA49E399F83}"="GbPlugin ShlObj"

"{4CCEFB41-18FA-11D3-9EF3-00A0C9E897FD}"="Componente da extensÆo do shell do CorelDRAW"

"{1CDB2949-8F65-4355-8456-263E7C208A5D}"="Desktop Explorer"

"{1E9B04FB-F9E5-4718-997B-B8DA88302A47}"="Desktop Explorer Menu"

"{1E9B04FB-F9E5-4718-997B-B8DA88302A48}"="nView Desktop Context Menu"

"{780BCB64-0CAF-473c-A9FC-E08C03D75515}"="Matroska Shell Extension, Properties Page CLSID"

"{78DC191E-EFC1-4532-9A71-224577A86A7D}"="Matroska Shell Extension, Thumbnail Handler CLSID"

"{794D04CA-70AC-4020-80EB-FFD59DEF8027}"="Matroska Shell Extension, Tooltip Provider CLSID"

"{789111D8-68A3-46a3-9663-145A3FF4C9C9}"="Matroska Shell Extension, ContextMenu CLSID"

"{781395AF-A127-469f-A06F-59B482AF4F3F}"="Matroska Shell Extension, Column Provider CLSID"

"{FFB699E0-306A-11d3-8BD1-00104B6F7516}"="Play on my TV helper"

"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"

"{9464960C-6DEE-423B-B50C-47F631B968AA}"=""

"{BF3072F4-6F8C-4B17-A41F-A89125151628}"=""

"{AB77609F-2178-4E6F-9C4B-44AC179D937A}"="aý Context Menu Shell Extension"

**********************************************************************************

HKEY ROOT CLASSIDS:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{9464960C-6DEE-423B-B50C-47F631B968AA}]

@=""

[HKEY_CLASSES_ROOT\CLSID\{9464960C-6DEE-423B-B50C-47F631B968AA}\Implemented Categories]

@=""

[HKEY_CLASSES_ROOT\CLSID\{9464960C-6DEE-423B-B50C-47F631B968AA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]

@=""

[HKEY_CLASSES_ROOT\CLSID\{9464960C-6DEE-423B-B50C-47F631B968AA}\InprocServer32]

@="C:\\WINDOWS\\system32\\dBd8thk.dll"

"ThreadingModel"="Apartment"

**********************************************************************************

Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\

abmfd.dll Sun 30 Oct 2005 10:35:36 ..S.R 233.644 228,17 K

adpdazel.dll Sun 23 Oct 2005 9:58:20 A.... 45.056 44,00 K

browseui.dll Fri 2 Sep 2005 22:05:24 A.... 1.020.416 996,50 K

cdfview.dll Fri 2 Sep 2005 22:05:24 A.... 151.552 148,00 K

cdosys.dll Fri 9 Sep 2005 23:55:12 A.... 2.067.968 1,97 M

danim.dll Fri 2 Sep 2005 22:05:24 A.... 1.055.232 1,00 M

dbd8thk.dll Sun 30 Oct 2005 12:46:44 ..... 233.644 228,17 K

dn2201~1.dll Mon 24 Oct 2005 22:41:16 ..... 234.271 228,78 K

dxtrans.dll Fri 2 Sep 2005 22:05:24 A.... 205.312 200,50 K

e4jm0e~1.dll Sat 29 Oct 2005 20:10:32 ..S.R 233.644 228,17 K

en04l1~1.dll Sat 29 Oct 2005 21:01:46 ..S.R 233.644 228,17 K

en4ml1~1.dll Mon 24 Oct 2005 8:14:42 ..S.R 236.522 230,98 K

extmgr.dll Fri 2 Sep 2005 22:05:24 ..... 55.808 54,50 K

hr4q05~1.dll Fri 28 Oct 2005 23:58:48 ..S.R 234.189 228,70 K

iepeers.dll Fri 2 Sep 2005 22:05:24 A.... 251.392 245,50 K

inseng.dll Fri 2 Sep 2005 22:05:24 A.... 96.768 94,50 K

ir04l5~1.dll Sat 29 Oct 2005 14:13:16 ..S.R 233.644 228,17 K

ktrml7~1.dll Fri 28 Oct 2005 17:41:50 ..S.R 236.545 231,00 K

linkinfo.dll Wed 31 Aug 2005 23:43:36 A.... 19.968 19,50 K

mshtml.dll Tue 4 Oct 2005 18:26:18 A.... 3.013.120 2,87 M

mshtmled.dll Fri 2 Sep 2005 22:05:24 A.... 448.512 438,00 K

msrating.dll Fri 2 Sep 2005 22:05:24 A.... 146.432 143,00 K

mstime.dll Fri 2 Sep 2005 22:05:24 A.... 530.432 518,00 K

netman.dll Mon 22 Aug 2005 16:34:58 A.... 197.632 193,00 K

nv4_disp.dll Tue 2 Aug 2005 17:35:00 A.... 3.908.864 3,73 M

nvcod.dll Tue 2 Aug 2005 17:35:00 A.... 32.768 32,00 K

nvcodins.dll Tue 2 Aug 2005 17:35:00 A.... 32.768 32,00 K

nvcpl.dll Tue 2 Aug 2005 17:35:00 A.... 7.110.656 6,78 M

nvhwvid.dll Tue 2 Aug 2005 17:35:00 A.... 540.672 528,00 K

nview.dll Tue 2 Aug 2005 17:35:00 A.... 1.466.368 1,40 M

nvmctray.dll Tue 2 Aug 2005 17:35:00 A.... 86.016 84,00 K

nvnt4cpl.dll Tue 2 Aug 2005 17:35:00 A.... 286.720 280,00 K

nvoglnt.dll Tue 2 Aug 2005 17:35:00 A.... 5.140.480 4,90 M

nvrsar.dll Tue 2 Aug 2005 17:35:00 A.... 315.392 308,00 K

nvrscs.dll Tue 2 Aug 2005 17:35:00 A.... 233.472 228,00 K

nvrsda.dll Tue 2 Aug 2005 17:35:00 A.... 241.664 236,00 K

nvrsde.dll Tue 2 Aug 2005 17:35:00 A.... 266.240 260,00 K

nvrsel.dll Tue 2 Aug 2005 17:35:00 A.... 270.336 264,00 K

nvrseng.dll Tue 2 Aug 2005 17:35:00 A.... 237.568 232,00 K

nvrses.dll Tue 2 Aug 2005 17:35:00 A.... 270.336 264,00 K

nvrsesm.dll Tue 2 Aug 2005 17:35:00 A.... 262.144 256,00 K

nvrsfi.dll Tue 2 Aug 2005 17:35:00 A.... 237.568 232,00 K

nvrsfr.dll Tue 2 Aug 2005 17:35:00 A.... 270.336 264,00 K

nvrshe.dll Tue 2 Aug 2005 17:35:00 A.... 311.296 304,00 K

nvrshu.dll Tue 2 Aug 2005 17:35:00 A.... 245.760 240,00 K

nvrsit.dll Tue 2 Aug 2005 17:35:00 A.... 270.336 264,00 K

nvrsja.dll Tue 2 Aug 2005 17:35:00 A.... 253.952 248,00 K

nvrsko.dll Tue 2 Aug 2005 17:35:00 A.... 249.856 244,00 K

nvrsnl.dll Tue 2 Aug 2005 17:35:00 A.... 262.144 256,00 K

nvrsno.dll Tue 2 Aug 2005 17:35:00 A.... 241.664 236,00 K

nvrspl.dll Tue 2 Aug 2005 17:35:00 A.... 241.664 236,00 K

nvrspt.dll Tue 2 Aug 2005 17:35:00 A.... 262.144 256,00 K

nvrsptb.dll Tue 2 Aug 2005 17:35:00 A.... 253.952 248,00 K

nvrsru.dll Tue 2 Aug 2005 17:35:00 A.... 258.048 252,00 K

nvrssk.dll Tue 2 Aug 2005 17:35:00 A.... 245.760 240,00 K

nvrssl.dll Tue 2 Aug 2005 17:35:00 A.... 241.664 236,00 K

nvrssv.dll Tue 2 Aug 2005 17:35:00 A.... 241.664 236,00 K

nvrstr.dll Tue 2 Aug 2005 17:35:00 A.... 245.760 240,00 K

nvrszhc.dll Tue 2 Aug 2005 17:35:00 A.... 212.992 208,00 K

nvrszht.dll Tue 2 Aug 2005 17:35:00 A.... 114.688 112,00 K

nvshell.dll Tue 2 Aug 2005 17:35:00 A.... 466.944 456,00 K

nvwddi.dll Tue 2 Aug 2005 17:35:00 A.... 81.920 80,00 K

nvwdmcpl.dll Tue 2 Aug 2005 17:35:00 A.... 1.662.976 1,59 M

nvwimg.dll Tue 2 Aug 2005 17:35:00 A.... 1.019.904 996,00 K

nvwrsar.dll Tue 2 Aug 2005 17:35:00 A.... 282.624 276,00 K

nvwrscs.dll Tue 2 Aug 2005 17:35:00 A.... 286.720 280,00 K

nvwrsda.dll Tue 2 Aug 2005 17:35:00 A.... 294.912 288,00 K

nvwrsde.dll Tue 2 Aug 2005 17:35:00 A.... 311.296 304,00 K

nvwrsel.dll Tue 2 Aug 2005 17:35:00 A.... 335.872 328,00 K

nvwrseng.dll Tue 2 Aug 2005 17:35:00 A.... 286.720 280,00 K

nvwrses.dll Tue 2 Aug 2005 17:35:00 A.... 335.872 328,00 K

nvwrsesm.dll Tue 2 Aug 2005 17:35:00 A.... 327.680 320,00 K

nvwrsfi.dll Tue 2 Aug 2005 17:35:00 A.... 303.104 296,00 K

nvwrsfr.dll Tue 2 Aug 2005 17:35:00 A.... 327.680 320,00 K

nvwrshe.dll Tue 2 Aug 2005 17:35:00 A.... 278.528 272,00 K

nvwrshu.dll Tue 2 Aug 2005 17:35:00 A.... 315.392 308,00 K

nvwrsit.dll Tue 2 Aug 2005 17:35:00 A.... 323.584 316,00 K

nvwrsja.dll Tue 2 Aug 2005 17:35:00 A.... 212.992 208,00 K

nvwrsko.dll Tue 2 Aug 2005 17:35:00 A.... 196.608 192,00 K

nvwrsnl.dll Tue 2 Aug 2005 17:35:00 A.... 319.488 312,00 K

nvwrsno.dll Tue 2 Aug 2005 17:35:00 A.... 299.008 292,00 K

nvwrspl.dll Tue 2 Aug 2005 17:35:00 A.... 294.912 288,00 K

nvwrspt.dll Tue 2 Aug 2005 17:35:00 A.... 323.584 316,00 K

nvwrsptb.dll Tue 2 Aug 2005 17:35:00 A.... 319.488 312,00 K

nvwrsru.dll Tue 2 Aug 2005 17:35:00 A.... 315.392 308,00 K

nvwrssk.dll Tue 2 Aug 2005 17:35:00 A.... 299.008 292,00 K

nvwrssl.dll Tue 2 Aug 2005 17:35:00 A.... 303.104 296,00 K

nvwrssv.dll Tue 2 Aug 2005 17:35:00 A.... 294.912 288,00 K

nvwrstr.dll Tue 2 Aug 2005 17:35:00 A.... 303.104 296,00 K

nvwrszhc.dll Tue 2 Aug 2005 17:35:00 A.... 163.840 160,00 K

nvwrszht.dll Tue 2 Aug 2005 17:35:00 A.... 167.936 164,00 K

nwwks.dll Thu 11 Aug 2005 13:11:20 A.... 65.024 63,50 K

o6lulg~1.dll Sun 30 Oct 2005 11:45:16 ..S.R 233.644 228,17 K

pncrt.dll Thu 6 Oct 2005 20:43:10 A.... 278.528 272,00 K

pndx5016.dll Thu 6 Oct 2005 20:43:10 A.... 6.656 6,50 K

pndx5032.dll Thu 6 Oct 2005 20:43:10 A.... 5.632 5,50 K

pngfilt.dll Fri 2 Sep 2005 22:05:24 A.... 39.424 38,50 K

quartz.dll Tue 30 Aug 2005 1:55:38 A.... 1.291.776 1,23 M

rmoc3260.dll Thu 6 Oct 2005 20:43:22 A.... 176.167 172,04 K

shdocvw.dll Fri 2 Sep 2005 22:05:24 A.... 1.483.776 1,41 M

shell32.dll Fri 23 Sep 2005 1:07:08 A.... 8.480.256 8,09 M

shlwapi.dll Fri 2 Sep 2005 22:05:26 A.... 473.600 462,50 K

sirenacm.dll Sat 13 Aug 2005 22:41:12 A.... 118.784 116,00 K

umpnpmgr.dll Tue 23 Aug 2005 1:39:54 A.... 124.416 121,50 K

urlmon.dll Fri 2 Sep 2005 22:05:26 A.... 604.672 590,50 K

wininet.dll Fri 2 Sep 2005 22:05:26 A.... 660.480 645,00 K

winsrv.dll Wed 31 Aug 2005 23:43:36 A.... 292.352 285,50 K

107 items found: 107 files (8 H/S), 0 directories.

Total of file sizes: 62.169.350 bytes 59,29 M

Locate .tmp files:

C:\WINDOWS\SYSTEM32\

guard.tmp Sun 30 Oct 2005 12:47:44 ..S.R 233.644 228,17 K

1 item found: 1 file (1 H/S), 0 directories.

Total of file sizes: 233.644 bytes 228,17 K

**********************************************************************************

Directory Listing of system files:

O volume na unidade C ‚ CARLOS4

O n£mero de s‚rie do volume ‚ 0C03-E46A

Pasta de C:\WINDOWS\System32

30/10/2005 12:47 233.644 guard.tmp

30/10/2005 11:45 233.644 o6lulg3916.dll

30/10/2005 10:35 233.644 abmfd.dll

29/10/2005 21:01 233.644 en04l1dq1.dll

29/10/2005 20:10 233.644 e4jm0e11eh.dll

29/10/2005 14:13 233.644 ir04l5dq1.dll

28/10/2005 23:58 234.189 hr4q05h5e.dll

28/10/2005 17:41 236.545 ktrml7911.dll

24/10/2005 08:14 236.522 en4ml1h11.dll

15/10/2005 09:25 <DIR> dllcache

21/12/2003 16:15 <DIR> Microsoft

9 arquivo(s) 2.109.120 bytes

2 pasta(s) 10.540.892.160 bytes dispon¡veis

Compartilhar este post


Link para o post
Compartilhar em outros sites

Rode o arquivo l2mfix.bat, aperte <Enter>, então digite 2 e aperte Enter novamente. Após isso, você deverá apertar qualquer tecla e o computador será reiniciado.

Após reiniciar, sua área de trabalho deve sumir e reaparecer. A correção ainda não terminou. Quando ela terminar o Bloco de Notas deve abrir com um log. Cole este log na sua resposta como você fez antes, junto com um log do HijackThis.

Vá até a pasta l2mfix que foi criada e copie o arquivo ntrights para o C:\

Agora clique em Iniciar -> Executar, digite cmd e clique em OK.

Um prompt de comando vai aparecer.

Digite o seguinte:

cd c:\

Aperte enter. Agora digite o comando:

ntrights -u Administradores +r SeDebugPrivilege > log.txt

OBS: Tenha CERTEZA de digitar exatamente este comando.

Aperte Enter novamente. Agora deve exisitr um arquivo chamado c:\log.txt. Abra-o e cole o conteúdo aqui.

Compartilhar este post


Link para o post
Compartilhar em outros sites

VALEU POR ME AJUDAR AI ESTA OS LOGS QUE você PEDIU:

L2Mfix 1.04a

Running From:

C:\Documents and Settings\carlos\Desktop\l2mfix

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above

Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)

This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:

(NI) ALLOW Full access AUTORIDADE NT\SYSTEM

(IO) ALLOW Full access AUTORIDADE NT\SYSTEM

(NI) ALLOW Full access AUTORIDADE NT\SYSTEM

(IO) ALLOW Full access AUTORIDADE NT\SYSTEM

(ID-NI) ALLOW Read BUILTIN\Usu rios

(ID-IO) ALLOW Read BUILTIN\Usu rios

(ID-NI) ALLOW Read BUILTIN\Usu rios avan‡ados

(ID-IO) ALLOW Read BUILTIN\Usu rios avan‡ados

(ID-NI) ALLOW Full access BUILTIN\Administradores

(ID-IO) ALLOW Full access BUILTIN\Administradores

(ID-NI) ALLOW Full access AUTORIDADE NT\SYSTEM

(ID-IO) ALLOW Full access AUTORIDADE NT\SYSTEM

(ID-IO) ALLOW Full access PROPRIETµRIO CRIADOR

Setting registry permissions:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above

Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)

This program is Freeware, use it on your own risk!

Denying C(CI) access for predefined group "Administrators"

- adding new ACCESS DENY entry

Registry Permissions set too:

RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above

Copyright © 1999-2001 Frank Heyne Software (http://www.heysoft.de)

This program is Freeware, use it on your own risk!

Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:

(CI) DENY --C------- BUILTIN\Administradores

(NI) ALLOW Full access AUTORIDADE NT\SYSTEM

(IO) ALLOW Full access AUTORIDADE NT\SYSTEM

(NI) ALLOW Full access AUTORIDADE NT\SYSTEM

(IO) ALLOW Full access AUTORIDADE NT\SYSTEM

(ID-NI) ALLOW Read BUILTIN\Usu rios

(ID-IO) ALLOW Read BUILTIN\Usu rios

(ID-NI) ALLOW Read BUILTIN\Usu rios avan‡ados

(ID-IO) ALLOW Read BUILTIN\Usu rios avan‡ados

(ID-NI) ALLOW Full access BUILTIN\Administradores

(ID-IO) ALLOW Full access BUILTIN\Administradores

(ID-NI) ALLOW Full access AUTORIDADE NT\SYSTEM

(ID-IO) ALLOW Full access AUTORIDADE NT\SYSTEM

(ID-IO) ALLOW Full access PROPRIETµRIO CRIADOR

Setting up for Reboot

Starting Reboot!

#####################################################

Logfile of HijackThis v1.99.1

Scan saved at 14:42:38, on 30/10/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Arquivos de programas\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Java\jre1.5.0_04\bin\jusched.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Free Download Manager\fdm.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\Arquivos de programas\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE

C:\WINDOWS\System32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Documents and Settings\carlos\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bol.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O3 - Toolbar: UltraDiscador iBest - {4F869C58-D71D-4850-8BDD-7B5CDF8EC911} - C:\Arquivos de programas\UltraDiscador iBest\ibestbar.dll (file missing)

O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no file)

O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Arquivos de programas\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [HbTools] C:\Arquivos de programas\HbTools\Bin\4.7.0.0\HbtOEAddOn.exe

O4 - HKLM\..\Run: [WeatherOnTray] C:\Arquivos de programas\HbTools\Bin\4.7.0.0\HbtWeatherOnTray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [svchosts.scr] C:\WINDOWS\svchosts.scr

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [Yahoo! Acesso Gratis] "C:\Arquivos de programas\Yahoo! Acesso Gratis\autoupdate.exe"

O4 - HKCU\..\Run: [ultraDiscador iBest] "C:\Arquivos de programas\UltraDiscador iBest\autoupdate.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [Free Download Manager] C:\Arquivos de programas\Free Download Manager\fdm.exe -autorun

O4 - Startup: Inicialização do Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE

O4 - Startup: Localização acelerada da Microsoft.lnk = C:\Arquivos de programas\Microsoft Office\Office\FINDFAST.EXE

O4 - Global Startup: Acrobat Assistant.lnk = C:\Arquivos de programas\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlpage.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1094557453078

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102...all/xscan53.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - https://www14.bancobrasil.com.br/plugin/GbPluginBb.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: hpdj - HP - C:\DOCUME~1\carlos\CONFIG~1\Temp\hpdj.exe

O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

####################################################

ESSE É O LOG DO

Ntrights :

Granting SeDebugPrivilege to Administradores ... successful

#####################################################

OBRIGADO ESPERO QUE NÃO SEJA MUITO GRAVE.

VALEU PELA ATENÇÃO.

ESPERO RESPOSTA.

Compartilhar este post


Link para o post
Compartilhar em outros sites

CARO JOSEMELO ,

DEPOIS QUE você ME DEU A DICA ACHO QUE RESOLVEU.

PORQUE PAROU DE APARECER OS POP-UPS.

COM ISSO AGRADEÇO desde JÁ .

OBRIGADO.

SOMOS :bandeira: E NÃO DESISTIMO NUNCA.

VALEU!!!!!!!!!!!!!!!!!!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Crie uma nova pasta em C:\ e mova o HijackThis para ela;

- Configure o computador para exibir todos os arquivos

- Faça o download do Killbox e execute-o.

Marque a opção Delete on Reboot. Em Full Path of File to Delete, coloque:

C:\WINDOWS\svchosts.scr

Clique no X e então clique em Sim e depois Não.

- Reinicie o computador em modo seguro (pressione F8 durante a inicialização);

- Abra o HijackThis, clique em Do a system scan only, marque a entrada abaixo e clique em Fix checked:

O4 - HKLM\..\Run: [svchosts.scr] C:\WINDOWS\svchosts.scr

- Reinicie em modo normal, gere novo log do HijackThis e cole na sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

beleza CARA VOU FAZER O Q você ESTA FALANDO E POSTA O LOG DEPOIS.

AGORA TENHO QUE IR TRABALAHAR SÃO 6:45 DA MANHA QUANDO EU VOLTAR AS 21:00 EU FAÇO E COLOCO.

UM ABRAÇO E MUITO OBRIGADO. :bandeira:

Compartilhar este post


Link para o post
Compartilhar em outros sites

CARO JOSEMELO,

ESTÁ AQUI O QUE você ME PEDIU, ESPERO QUE ESTEJA TUDO EM ORDEM AGORA MUITO OBRIGADO PELA SUA ATENÇÃO.

UM ABRAÇO.

PS. AQUELE ARQUIVO ERA O QUE EXATAMENTE ( SVCHOSTS.SCR )

ESSE É LOG: :bandeira:

Logfile of HijackThis v1.99.1

Scan saved at 06:49:08, on 1/11/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Arquivos de programas\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Java\jre1.5.0_04\bin\jusched.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Free Download Manager\fdm.exe

C:\Arquivos de programas\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE

C:\WINDOWS\System32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\HIJACK\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bol.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - (no file)

O3 - Toolbar: UltraDiscador iBest - {4F869C58-D71D-4850-8BDD-7B5CDF8EC911} - C:\Arquivos de programas\UltraDiscador iBest\ibestbar.dll (file missing)

O3 - Toolbar: (no name) - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - (no file)

O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Arquivos de programas\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [HbTools] C:\Arquivos de programas\HbTools\Bin\4.7.0.0\HbtOEAddOn.exe

O4 - HKLM\..\Run: [WeatherOnTray] C:\Arquivos de programas\HbTools\Bin\4.7.0.0\HbtWeatherOnTray.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_04\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [Yahoo! Acesso Gratis] "C:\Arquivos de programas\Yahoo! Acesso Gratis\autoupdate.exe"

O4 - HKCU\..\Run: [ultraDiscador iBest] "C:\Arquivos de programas\UltraDiscador iBest\autoupdate.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [Free Download Manager] C:\Arquivos de programas\Free Download Manager\fdm.exe -autorun

O4 - Startup: Inicialização do Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA.EXE

O4 - Startup: Localização acelerada da Microsoft.lnk = C:\Arquivos de programas\Microsoft Office\Office\FINDFAST.EXE

O4 - Global Startup: Acrobat Assistant.lnk = C:\Arquivos de programas\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlpage.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_04\bin\npjpi150_04.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1094557453078

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102...all/xscan53.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - https://www14.bancobrasil.com.br/plugin/GbPluginBb.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE

O23 - Service: hpdj - HP - C:\DOCUME~1\carlos\CONFIG~1\Temp\hpdj.exe

O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Ok, seu log está limpo;

- Desative e ative novamente a Restauração do Sistema. Abra o Painel de Controle > Sistema > Restauração do Sistema. Marque: Desativar a restauração do sistema, clique em Aplicar e Ok. Em seguida desmarque novamente a opção;

- O arquivo svchosts.scr era um trojan downloader que normalmente é inserido no PC quando você clica em mensagens falsas de cartões virtuais e outras formas de de golpes em que são exigidos que você instale algum arquivo para visualizar a mensagem;

- Leia o artigo Proteja seu PC para mais informações sobre como evitar novas infecções.

Compartilhar este post


Link para o post
Compartilhar em outros sites

CARA MUITO OBRIGADO PELA AJUDA.

GRAÇAS A você PAROU DE PULAR AQUELAS JANELAS NA MINHA CARA.

VALEU PELA AJUDA E MUITO OBRIGADO !!!!!!

:bandeira: :palmas: :palmas: :palmas: :palmas: :palmas:

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

GRÁTIS: minicurso “Como ganhar dinheiro montando computadores”

Gabriel TorresGabriel Torres, fundador e editor executivo do Clube do Hardware, acaba de lançar um minicurso totalmente gratuito: "Como ganhar dinheiro montando computadores".

Você aprenderá sobre o quanto pode ganhar, como cobrar, como lidar com a concorrência, como se tornar um profissional altamente qualificado e muito mais!

Inscreva-se agora!