Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
pincello

Virus

Posts recomendados

:help:

Estou tendo problemas no PC, o gerenciador de tarefas não abre direito e toda vez que abro o internet explorer abre uma página adicional tentando entrar em algum lugar...

segue o log do HiJackThis abaixo:

Logfile of HijackThis v1.99.1

Scan saved at 01:40:44, on 8/11/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\Arquivos de programas\LogMeIn\RaMaint.exe

C:\Arquivos de programas\LogMeIn\LogMeIn.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\r_server.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\LogMeIn\LogMeInSystray.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe

C:\Arquivos de programas\ASUS\PC Probe II\Probe2.exe

C:\Arquivos de programas\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Arquivos de programas\mobile PhoneTools\WatchDog.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe

C:\Arquivos de programas\D-Tools\daemon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

C:\Arquivos de programas\No-IP\DUC20.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

G:\Utilitários\Segurança\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)

O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\SearchTool\nsw77.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O2 - BHO: Banner Rotator - {E954DB82-1533-4714-92F2-59C98D5C18CC} - C:\WINDOWS\system32\brrotate.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Arquivos de programas\ASUS\PC Probe II\Probe2.exe" 1

O4 - HKLM\..\Run: [ATIPTA] "C:\Arquivos de programas\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [WatchDog] C:\Arquivos de programas\mobile PhoneTools\WatchDog.exe

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Arquivos de programas\LogMeIn\LogMeInSystray.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Arquivos de programas\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [adstart] "iexplore.exe" "http://iesettingsupdate"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

O4 - Startup: No-IP DUC.lnk = C:\Arquivos de programas\No-IP\DUC20.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxdm414YYBR

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?8be3ee2ab4384305807a0771447ea799

O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?8be3ee2ab4384305807a0771447ea799

O8 - Extra context menu item: Download All by FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {9C377DD8-8CE6-484C-975D-F4D03493EBBE} (DownloadManager Control) - http://music.msn.com.br/Download.cab

O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O17 - HKLM\System\CCS\Services\Tcpip\..\{51052819-C3C1-4574-AF32-41721D46E71D}: NameServer = 200.204.0.10 200.204.0.10

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\RaMaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\LogMeIn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)

O23 - Service: Windows Smrss Service - Unknown owner - C:\WINDOWS\svchost.exe (file missing)

Agradeço a ajuda...

Fabio Pires Pincello

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia

1) Faça o download do SDFix

http://downloads.andymanchesta.com/RemovalTools/SDFix.zip

Salve-o em seu desktop.

No modo de segurança, de um duplo clique em SDFix.zip para extrair o conteúdo, Abra a pasta e dê um duplo clique em RunThis.bat para começar o script. Clicar em Y. Então irá dar inicio a remoção dos serviços de Trojan e fará alguns reparos ao registro, alertando-o a pressionar alguma tecla para recarregar. Pressionar alguma tecla e reiniciará o PC. A ferramenta fará exame no sistema por muito tempo, aguarde com paciência para reiniciar pois estará removendo arquivos. Quando terminar, pressionar então Finished.

Finalmente abra o SDFix em seu desktop localize o Report.txt dos resultados

2) Faça o download do SUPERAntiSpyware

http://baixaki.ig.com.br/site/detail40022.htm

Instale-o. Tente seguir as ilustrações (não conheço manual em português!) para realizar a varredura.

http://www.spywarefri.dk/manualer/superant...ware-manual.htm

3) Faça o download do Dr. Web CureIt:

ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

http://download.drweb.com/drweb+cureit/

-> em seu desktop

Não rode-o ainda. Desabilitar as proteções residentes de antivírus e antispywares.

Dar um duplo clique no ícone/aranha drweb-cureit.exe . Você vai receber uma notificação, em português, para iniciar a verificação expressa, juntamente com algumas informações do produto. O Dr.Web fará um rastreamento inicial. Quando terminar clica na tecla F9, verificar, desmarcar Análise Heurística (pode haver falso/positivo). Marcar os drivers para iniciar a varredura, e os pontos vermelhos demonstram que foram escolhidos. Clica no botão verde à direita, então começará a varredura. Aguardar com paciência.

Nesta primeira fase diga não a todos. No final clica no botão vermelho

Em seguida clica no botão e remove para quarentena.

Iniciar -> executar -> cola e veja

%USERPROFILE%\DoctorWeb\Quarantine

Importante reiniciar o computador novamente!

Iniciar -> executar -> cola

%USERPROFILE%\DoctorWeb\CureIt.log

4) Se você desabilitou algo no MSConfig, reabilite todas as entradas, pois as entradas desmarcadas no MSConfig não aparecem no log. Caso elas sejam maliciosas ou problemáticas não poderemos saber que elas estão lá.

Digite no Executar msconfig, na aba Geral marque: Inicialização normal - Carregar todos os drivers de dispositivo e serviços. Clique em Aplicar e Ok;

- Reinicie, faça um novo scan hijackthis

Melhor hospedar os arquivos.

SUPERAntiSpyware Scan Log

Report.txt SDFix

Log file hijackthis

clica aqui e depois volte com o link

post-25482-13884930965961_thumb.gif

post-25482-13884930966057_thumb.gif

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde

Obrigado pela ajuda!!!!

Executei tudo, mas o SDFix acabei executando por último, porque na primeira vez eu fiz errado, não executei no modo de segurança...

dá uma olhada nos resultados:

Logfile of HijackThis v1.99.1

Scan saved at 16:19:58, on 8/11/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\Arquivos de programas\LogMeIn\RaMaint.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\LogMeIn\LogMeIn.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\r_server.exe

C:\Arquivos de programas\LogMeIn\LogMeInSystray.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe

C:\Arquivos de programas\ASUS\PC Probe II\Probe2.exe

C:\Arquivos de programas\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Arquivos de programas\mobile PhoneTools\WatchDog.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe

C:\Arquivos de programas\D-Tools\daemon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Arquivos de programas\No-IP\DUC20.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\system32\msiexec.exe

G:\Utilitários\Segurança\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Arquivos de programas\ASUS\PC Probe II\Probe2.exe" 1

O4 - HKLM\..\Run: [ATIPTA] "C:\Arquivos de programas\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [WatchDog] C:\Arquivos de programas\mobile PhoneTools\WatchDog.exe

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Arquivos de programas\LogMeIn\LogMeInSystray.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Arquivos de programas\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - Startup: No-IP DUC.lnk = C:\Arquivos de programas\No-IP\DUC20.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxdm414YYBR

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?8be3ee2ab4384305807a0771447ea799

O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?8be3ee2ab4384305807a0771447ea799

O8 - Extra context menu item: Download All by FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {9C377DD8-8CE6-484C-975D-F4D03493EBBE} (DownloadManager Control) - http://music.msn.com.br/Download.cab

O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O17 - HKLM\System\CCS\Services\Tcpip\..\{51052819-C3C1-4574-AF32-41721D46E71D}: NameServer = 200.204.0.10 200.204.0.10

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\RaMaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\LogMeIn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)

****************************************************************************

SUPERAntiSpyware Scan Log

Generated 11/08/2006 at 02:23 PM

Application Version : 3.3.1020

Core Rules Database Version : 3123

Trace Rules Database Version: 1143

Scan type : Quick Scan

Total Scan Time : 00:16:46

Memory items scanned : 498

Memory threats detected : 2

Registry items scanned : 665

Registry threats detected : 31

File items scanned : 24964

File threats detected : 89

Trojan.SearchTool

C:\WINDOWS\SYSTEM32\SEARCHTOOL\NSW77.DLL

C:\WINDOWS\SYSTEM32\SEARCHTOOL\NSW77.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}

HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}

HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}

HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\InprocServer32

HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\InprocServer32#ThreadingModel

HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\ProgID

HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\Programmable

HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\TypeLib

HKCR\CLSID\{5ED7D3DE-6DBE-4516-8712-01B1B64B7057}\VersionIndependentProgID

C:\WINDOWS\SYSTEM32\SEARCHTOOL\NSX57.DLL

Adware.AdRotate/System

C:\WINDOWS\SYSTEM32\BRROTATE.DLL

C:\WINDOWS\SYSTEM32\BRROTATE.DLL

Adware.eZula/BannerRotator

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E954DB82-1533-4714-92F2-59C98D5C18CC}

HKCR\CLSID\{E954DB82-1533-4714-92F2-59C98D5C18CC}

HKCR\CLSID\{E954DB82-1533-4714-92F2-59C98D5C18CC}

HKCR\CLSID\{E954DB82-1533-4714-92F2-59C98D5C18CC}\InprocServer32

HKCR\CLSID\{E954DB82-1533-4714-92F2-59C98D5C18CC}\InprocServer32#ThreadingModel

HKCR\CLSID\{E954DB82-1533-4714-92F2-59C98D5C18CC}\ProgID

HKCR\CLSID\{E954DB82-1533-4714-92F2-59C98D5C18CC}\Programmable

HKCR\CLSID\{E954DB82-1533-4714-92F2-59C98D5C18CC}\TypeLib

HKCR\CLSID\{E954DB82-1533-4714-92F2-59C98D5C18CC}\VersionIndependentProgID

HKCR\BannerRotator.Rotator2

HKCR\BannerRotator.Rotator2\CLSID

HKCR\BannerRotator.Rotator2\CurVer

HKCR\BannerRotator.Rotator2.1

HKCR\BannerRotator.Rotator2.1\CLSID

HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}

HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}\1.0

HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}\1.0\0

HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}\1.0\0\win32

HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}\1.0\FLAGS

HKCR\TypeLib\{7DABFFEB-649F-4077-9E03-202688D77676}\1.0\HELPDIR

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E954DB82-1533-4714-92F2-59C98D5C18CC}#NoExplorer

C:\WINDOWS\SYSTEM32\BRROT-UNINST.EXE

Adware.Tracking Cookie

C:\Documents and Settings\Administrador\Cookies\administrador@hotlog[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ad.terra.com[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@realmedia[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@atwola[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@cgi-bin[3].txt

C:\Documents and Settings\Administrador\Cookies\administrador@tribalfusion[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@mb[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@msninvite.112.2o7[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads.ibest.com[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@banner.tpi.com[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads1.mediaops.com[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@adserver.filefront[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@247realmedia[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads.abril.com[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@franceguide[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@data2.perf.overture[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ad.sensismediasmart.com[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@adinterax[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ad.adnetwork.com[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads.neodelight[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@1072568707[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@server.cpmstar[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@tripod[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads.miarroba[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@as-eu.falkag[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@bigpond.122.2o7[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@adtech[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads.gamershell[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@1068007774[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@m1.webstats4u[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@dist.belnk[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@revsci[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@weborama[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@cgi-bin[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@adserver[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@please[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@adserver.terra.com[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@belnk[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@dsml.clickexperts[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@adlegend[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@adopt.euroclick[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@revenue[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@bannerng.oi.com[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ad[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@msnportal.112.2o7[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads.pointroll[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@adserv.sapo[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@adbrite[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@tacoda[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads.realmedia.com[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@spylog[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@youtube.112.2o7[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@rotator.adjuggler[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads.lancenet.com[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@toplist[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@overture[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@perf.overture[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads.us.e-planning[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@serving-sys[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@ads.tripod.lycos.co[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@stat.onestat[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@2o7[2].txt

C:\Documents and Settings\Administrador\Cookies\administrador@burstnet[1].txt

C:\Documents and Settings\Administrador\Cookies\administrador@findwhat[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@2o7[2].txt

C:\Documents and Settings\Fabio\Cookies\fabio@ad.adnetwork.com[2].txt

C:\Documents and Settings\Fabio\Cookies\fabio@ads.abril.com[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@ads.ibest.com[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@ads.pointroll[2].txt

C:\Documents and Settings\Fabio\Cookies\fabio@ads.us.e-planning[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@ads1.mediaops.com[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@adserv.sapo[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@adserver.terra.com[2].txt

C:\Documents and Settings\Fabio\Cookies\fabio@as-eu.falkag[2].txt

C:\Documents and Settings\Fabio\Cookies\fabio@as-us.falkag[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@bannerng.oi.com[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@dsml.clickexperts[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@m1.webstats4u[2].txt

C:\Documents and Settings\Fabio\Cookies\fabio@microsofteup.112.2o7[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@msnportal.112.2o7[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@overture[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@statcounter[2].txt

C:\Documents and Settings\Fabio\Cookies\fabio@xiti[1].txt

C:\Documents and Settings\Fabio\Cookies\fabio@xml.bravenetmedianetwork[2].txt

C:\Documents and Settings\Ricardo\Cookies\ricardo@atdmt[1].txt

Adware.AdStart

HKLM\Software\Microsoft\Windows\CurrentVersion\Run#adstart [ "iexplore.exe" "http://iesettingsupdate" ]

****************************************************************************

SDFix: Version 1.36

-------------------

Scan run on:

qua 08/11/2006

Time:

16:08

Microsoft Windows XP [versÆo 5.1.2600]

Running from: G:\Utilit rios\Seguran‡a\SDFix

Stage One...

Checking Services...

Name:

-----

Windows Smrss Service

Path:

----

"C:\WINDOWS\svchost.exe"

Windows Smrss Service Deleted...

Repairing Registry...

Restoring Default Hosts File...

Stage One Complete

Rebooting...

****************************************************************************

Então, foram encontrados vários malwares, trojans, adwares, etc...

mas mesmo assim meu gerenciados de tarefas não ta normal

Muito obrigado pela ajuda Sr. Ida

Fabio Pires Pincello

post-80906-13884930990918_thumb.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde

mas mesmo assim meu gerenciados de tarefas não ta normal

Enable o Task Manager, seguindo instruções dos links

http://support.microsoft.com/?kbid=555480

http://linhadefensiva.uol.com.br/docs/gere...dor-de-tarefas/

-x-

Reinicie em Modo Seguro (aperte a tecla F8 até aparecer uma tela DOS e escolha Modo de Segurança).

Execute o HijackThis, clique em Do a System Scan Only, marque somente as entradas abaixo

O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZNxdm414YYBR

e dê o Fix Checked

Reinicie

Pronto!

Faltou o log Dr.Web, mas pelo visto parece que está normal

Seu log ficará bom! Cole-o caso queira!

Abraço

Compartilhar este post


Link para o post
Compartilhar em outros sites

:palmas:

Cara... você manja mesmo hein!!!!

Muito obrigado pela ajuda, ta funcionando tudo bem, só consegui recuperar o gerenciador de tarefas através do comando "gpupdate /force" que estava no link que você me passou. Tinha até me esquecido de olhar no gpedit.msc, mas lá estava tudo certo. Meus irmãos menores estavam reclamando do acesso no gbound, mas já está tudo OK. Deixarei o SUPERAntiSpyware junto com o Spybot que eu já tinha, pois gostei muito dele, ele achou muito adwares e pelo que percebi ele fica residente.

Postei o log do HijackThis abaixo, mas se você falou, deve estar tudo certo agora...

Logfile of HijackThis v1.99.1

Scan saved at 23:24:23, on 8/11/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

G:\Utilitários\Segurança\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [Launch PC Probe II] "C:\Arquivos de programas\ASUS\PC Probe II\Probe2.exe" 1

O4 - HKLM\..\Run: [ATIPTA] "C:\Arquivos de programas\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [WatchDog] C:\Arquivos de programas\mobile PhoneTools\WatchDog.exe

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Arquivos de programas\LogMeIn\LogMeInSystray.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Arquivos de programas\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - Startup: No-IP DUC.lnk = C:\Arquivos de programas\No-IP\DUC20.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?8be3ee2ab4384305807a0771447ea799

O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?8be3ee2ab4384305807a0771447ea799

O8 - Extra context menu item: Download All by FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {9C377DD8-8CE6-484C-975D-F4D03493EBBE} (DownloadManager Control) - http://music.msn.com.br/Download.cab

O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\RaMaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\LogMeIn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)

mais uma vez :palmas:

É muito bom saber que existem pessoas assim como você que estão dispostas a ajudar!!! Além disso, tem um bom conhecimento do assunto. Também gosto de ajudar, mas meu conhecimento especificamente nessa área é, digamos, intermediário. Costumo ajudar bastante em um grupo de estudo da certificação CCNA do yahoo e sei que é gostoso também ajudar...

Valeu mesmo, obrigado!!!

Abraço

Fabio Pires Pincello

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Aprenda_a_Ler_Resistores_e_Capacitores-capa-3d-newsletter.jpg

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!