Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
Luisera

luisera

Recommended Posts

Olá pessoal tudo bem, estou com um problema.

Hoje de manhã tive vários problemas com meu micro, além da habitual lentidão, ele dava erro toda hora, entrei no localizar arquivos ou pastas e pedi a verificação de arquivos criados hoje, apareceu este tal update32, eu o passei no submit do site, http://virusscan.jotti.org/ e deu o seguinte resultado:

Jotti's malware scan 2.99-TRANSITION_TO_3.00

File to upload & scan:

Service

Service load: 0% 100%

File: updat32.exe

Status: MIGHT BE INFECTED/MALWARE (Sandbox emulation took a long time and/or runtime packers were found, this is suspicious. Normally programs aren't packed and don't force the sandbox into lengthy emulation. Do realize no scanner issued any warning, the file can very well be harmless. Caution is advised, however.) (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)

MD5 55445e58218568be5df1f2a7f95396f7

Packers detected: -

Scanner results

AntiVir Found nothing

ArcaVir Found nothing

Avast Found nothing

AVG Antivirus Found nothing

BitDefender Found nothing

ClamAV Found nothing

Dr.Web Found nothing

F-Prot Antivirus Found nothing

Fortinet Found nothing

Kaspersky Anti-Virus Found nothing

NOD32 Found nothing

Norman Virus Control Found nothing

UNA Found nothing

VBA32 Found nothing

Powered by

Aí vai também o log do hijack this

Logfile of HijackThis v1.99.1

Scan saved at 11:06:54, on 10/02/2006

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

c:\windows\SYSTEM\KB891711\KB891711.EXE

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\SYSTEM\LEXBCES.EXE

C:\WINDOWS\SYSTEM\RPCSS.EXE

C:\ARQUIVOS DE PROGRAMAS\NORTON ANTIVIRUS\NAVAPW32.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\EXPLORER.EXE

C:\ARQUIVOS DE PROGRAMAS\IG\SYSBRAND.EXE

C:\ARQUIVOS DE PROGRAMAS\SONY CORPORATION\PICTURE PACKAGE\PICTURE PACKAGE APPLICATIONS\RESIDENCE.EXE

C:\ARQUIVOS DE PROGRAMAS\SONY CORPORATION\PICTURE PACKAGE\PICTURE PACKAGE MENU\SONYTRAY.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\ARQUIVOS DE PROGRAMAS\INTERNET EXPLORER\IEXPLORE.EXE

C:\HIJACK\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ig.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.112.5:8080

O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\GBIEHUNI.DLL

O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O4 - HKLM\..\Run: [LexStart] lexstart.exe

O4 - HKLM\..\Run: [Norton Auto-Protect] C:\ARQUIV~1\NORTON~1\NAVAPW32.EXE /LOADQUIET

O4 - HKLM\..\RunServices: [KB891711] c:\windows\SYSTEM\KB891711\KB891711.EXE

O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe

O4 - HKCU\..\Run: [sysBrand] C:\Arquivos de programas\iG\sysbrand.exe

O4 - Startup: rotaKea.pif = C:\ROTAKEA.BAT

O4 - Startup: Picture Package VCD Maker.lnk = C:\Arquivos de programas\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe

O4 - Startup: Picture Package Menu.lnk = C:\Arquivos de programas\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.unibanco.com.br/GbPlug...GbPluginUni.cab

Obrigado desde já

Luisera

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×