Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
huguh

problema em adicionar/remover programas

Recommended Posts

ola a todos!

tenho um problema no add/remover programas do painel de controlo. Apareceram-me programas como estes:

Buffer Chm

Destinations

eSupport Q Folder

Status

Tray App

Unload

Web Fldrs XP

Web Reg

Market Research

Fax_CDA

F300

F300_Help

etc..etc..e muitos outros deste tipo..e nenhum deles dá para desinstalar!

ja corri o hijackthis,bankerFix,SDFix..todos que sao aconselhados por vocês e nada..

Corri o BankerFix e disse que nao foram encontrados arquivos infectados.

Ficam aqui os logs do hijackThis e do SDFix. Peço que os analisem e me ajudem por favor a tirar aqueles programas :(:(

aqui fica log do HijackThis:

Logfile of HijackThis v1.99.1

Scan saved at 13:37:12, on 30-07-2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe

c:\progra~1\mcafee\mcafee antispyware\massrv.exe

c:\programas\mcafee.com\agent\mcdetect.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\McAfee.com\VSO\mcvsshld.exe

C:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe

c:\progra~1\mcafee.com\vso\mcvsescn.exe

C:\Programas\HP\HP Software Update\HPWuSchd2.exe

C:\Programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Programas\Analog Devices\Core\smax4pnp.exe

C:\Programas\Microsoft IntelliType Pro\itype.exe

C:\Programas\Microsoft IntelliPoint\ipoint.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\progra~1\mcafee\MCAFEE~1\masalert.exe

C:\Programas\McAfee.com\VSO\oasclnt.exe

C:\Programas\McAfee\McAfee QuickClean\Plguni.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Programas\MSN Messenger\msnmsgr.exe

c:\progra~1\mcafee.com\vso\mcvsftsn.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Programas\WinRAR\WinRAR.exe

C:\Programas\WinRAR\WinRAR.exe

C:\DOCUME~1\Hugo\DEFINI~1\Temp\Rar$EX00.468\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

O3 - Toolbar: Barra de Ferramentas MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\MSN Toolbar\01.01.2607.0\pt-br\msntb.dll (file missing)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [VirusScan Online] C:\Programas\McAfee.com\VSO\mcvsshld.exe

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe

O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup

O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RemoteControl] C:\Programas\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [itype] "C:\Programas\Microsoft IntelliType Pro\itype.exe"

O4 - HKLM\..\Run: [intelliPoint] "C:\Programas\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Programas\DAP\DAP.EXE" /STARTUP

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe

O4 - HKLM\..\Run: [OASClnt] C:\Programas\McAfee.com\VSO\oasclnt.exe

O4 - HKLM\..\Run: [GameFace Messenger] C:\Programas\GameFace Messenger\GameFace.exe

O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] C:\Programas\McAfee\McAfee QuickClean\Plguni.exe /START

O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [updateMgr] C:\Programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [steam] "c:\programas\steam\steam.exe" -silent

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Clean Traces - C:\Programas\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Programas\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Programas\DAP\dapextie2.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Programas\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe

O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe

O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\programas\mcafee.com\agent\mcdetect.exe

O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

e do SDFix:

SDFix: Version 1.94

Run by Hugo on 30-07-2007 at 12:44

Microsoft Windows XP [VersÆo 5.1.2600]

Running From: C:\PROGRA~1\SDFIX\SDFix

Safe Mode:

Checking Services:

Restoring Windows Registry Values

Restoring Windows Default Hosts File

Restoring Missing Security Center Service

Restoring Missing SharedAccess Service

Rebooting...

Normal Mode:

Checking Files:

No Trojan Files Found

Removing Temp Files...

ADS Check:

C:\WINDOWS

No streams found.

C:\WINDOWS\system32

No streams found.

C:\WINDOWS\system32\svchost.exe

No streams found.

C:\WINDOWS\system32\ntoskrnl.exe

No streams found.

Final Check:

Remaining Services:

------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"

"C:\\Programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"

"C:\\Programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"

"C:\\Programas\\Messenger\\msmsgs.exe"="C:\\Programas\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\\Programas\\CS1.6 pod-Bot\\hl.exe"="C:\\Programas\\CS1.6 pod-Bot\\hl.exe:*:Enabled:Half-Life Launcher"

"C:\\Programas\\eMule\\emule.exe"="C:\\Programas\\eMule\\emule.exe:*:Enabled:eMule"

"C:\\Program Files\\ASUS\\GameLiveShow\\SBS.exe"="C:\\Program Files\\ASUS\\GameLiveShow\\SBS.exe:*:Enabled:ASUS SBS Application"

"C:\\Programas\\NetMeeting\\conf.exe"="C:\\Programas\\NetMeeting\\conf.exe:*:Enabled:Windows© NetMeeting©"

"C:\\Programas\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"="C:\\Programas\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe:*:Enabled:NFSC"

"C:\\Programas\\DAP\\DAP.exe"="C:\\Programas\\DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Programas\\Joost\\xulrunner\\tvprunner.exe"="C:\\Programas\\Joost\\xulrunner\\tvprunner.exe:*:Enabled:tvprunner"

"C:\\Programas\\MSN Messenger\\livecall.exe"="C:\\Programas\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\\Programas\\Steam\\Steam.exe"="C:\\Programas\\Steam\\Steam.exe:*:Enabled:Steam Client"

"C:\\Programas\\Valve\\hl.exe"="C:\\Programas\\Valve\\hl.exe:*:Enabled:Half-Life Launcher"

"C:\\Programas\\HLSW\\hlsw.exe"="C:\\Programas\\HLSW\\hlsw.exe:*:Enabled:HLSW"

"C:\\Programas\\MSN Messenger\\msnmsgr.exe"="C:\\Programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Programas\\MSN Messenger\\livecall.exe"="C:\\Programas\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\\Programas\\MSN Messenger\\msnmsgr.exe"="C:\\Programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

Remaining Files:

---------------

Files with Hidden Attributes:

Finished

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Faça o download do ComboFix

  • Dê um duplo-clique no combofix.exe e tecle "Y" para prosseguir o Fix. Vai durar uma média de 10 minutos.
  • O ComboFix reiniciará o PC automaticamente para completar o processo de remoção.
  • Quando acabar, será gerado um log, que estará em C:\ComboFix.txt.
  • Não clique na Janela do ComboFix, nem o feche clicando no X, enquanto estiver rodando, pois senão irá parar e seu desktop ficará em branco.
  • Para parar ou sair do ComboFix, tecle "N".
  • Cole o ComboFix.txt na sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • Obrigado pela sua atenção. Aqui fica o log do ComboFix:

    ComboFix 07-07-30.2 - "Hugo" 2007-08-01 0:54:43.1 [GMT 1:00] - NTFS

    Microsoft Windows XP Professional 5.1.2600.2.1252.1.2070.18.Verdadeiro

    * Created a new restore point

    ((((((((((((((((((((((((( Files Created from 2007-06-28 to 2007-07-31 )))))))))))))))))))))))))))))))

    2007-07-31 17:17 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\BitTorrent

    2007-07-30 18:38 <DIR> d-------- C:\Programas\Windows Media Connect 2

    2007-07-30 18:36 <DIR> d-------- C:\WINDOWS\system32\LogFiles

    2007-07-30 18:36 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF

    2007-07-30 12:43 <DIR> d-------- C:\WINDOWS\ERUNT

    2007-07-30 12:31 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\SUPERAntiSpyware.com

    2007-07-30 12:31 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com

    2007-07-30 12:29 <DIR> d-------- C:\Programas\SDFIX

    2007-07-29 19:33 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\URSoft

    2007-07-29 18:24 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll

    2007-07-29 18:10 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

    2007-07-29 14:14 <DIR> d-------- C:\Programas\YouTube Catcher 1.0 rc1

    2007-07-28 14:00 <DIR> d-------- C:\Programas\MSBuild

    2007-07-28 13:56 <DIR> d-------- C:\Programas\Reference Assemblies

    2007-07-28 13:54 14,048 --------- C:\WINDOWS\system32\spmsg2.dll

    2007-07-28 13:48 <DIR> d-------- C:\WINDOWS\system32\URTTemp

    2007-07-27 14:55 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\SecondLife

    2007-07-27 14:55 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\IMVU

    2007-07-27 14:55 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\DaCamYoWebcam

    2007-07-27 14:55 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\BSplayer Pro

    2007-07-27 14:55 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\BSplayer

    2007-07-27 14:42 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MCAB2.tmp

    2007-07-27 14:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MCAA2.tmp

    2007-07-27 13:00 <DIR> d-------- C:\WINDOWS\pss

    2007-07-27 01:27 <DIR> d-------- C:\Programas\MSXML 6.0

    2007-07-27 01:21 <DIR> d-------- C:\WINDOWS\system32\XPSViewer

    2007-07-21 11:33 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall

    2007-07-21 01:08 <DIR> d--h----- C:\WINDOWS\PIF

    2007-07-12 19:53 <DIR> d-------- C:\Programas\Valve

    2007-07-12 19:49 <DIR> d-------- C:\Programas\Steam

    2007-07-11 12:55 <DIR> d-------- C:\Programas\MSN Messenger

    2007-07-11 12:44 <DIR> d-------- C:\DOCUME~1\Hugo\Contacts

    2007-07-11 12:42 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE

    2007-07-10 17:55 <DIR> d-------- C:\Programas\eMule

    2007-07-01 19:05 <DIR> d-------- C:\Programas\Ficheiros comuns\HP

    2007-07-01 11:23 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

    2007-07-01 03:54 51,200 --a------ C:\WINDOWS\system32\dumphive.exe

    2007-07-01 03:54 4,280 --a------ C:\WINDOWS\system32\tmp.reg

    2007-07-01 03:54 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe

    2007-06-27 21:31 <DIR> d-------- C:\WINDOWS\system32\pt-pt

    2007-06-27 21:26 <DIR> d-------- C:\WINDOWS\network diagnostic

    2007-06-27 21:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage

    2007-06-27 18:18 <DIR> d-------- C:\Programas\Joost

    2007-06-27 18:18 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\Joost

    2007-06-26 18:26 114,464 --a------ C:\WINDOWS\system32\drivers\naiavf5x.sys

    2007-06-26 13:26 83,552 --a------ C:\WINDOWS\system32\LMIRfsClientNP.dll

    2007-06-26 13:26 46,112 --a------ C:\WINDOWS\system32\drivers\LMIRfsDriver.sys

    2007-06-26 13:26 26,176 --a------ C:\WINDOWS\system32\LMIport.dll

    2007-06-26 13:25 63,040 --a------ C:\WINDOWS\system32\LMIinit.dll

    2007-06-26 12:46 769,024 --a------ C:\WINDOWS\WebCam Sam.scr

    2007-06-26 00:26 <DIR> d--h----- C:\WINDOWS\$hf_mig$

    2007-06-26 00:26 <DIR> d-------- C:\WINDOWS\system32\PreInstall

    2007-06-26 00:21 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution

    2007-06-25 10:31 39,424 --------- C:\WINDOWS\system32\GsiDi32.dll

    2007-06-25 10:31 38,400 --a------ C:\WINDOWS\system32\CoInst.dll

    2007-06-25 10:31 30,336 --a------ C:\WINDOWS\system32\drivers\glauiad.sys

    2007-06-20 17:39 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\Apple Computer

    2007-06-20 17:35 <DIR> d-------- C:\Programas\QuickTime

    2007-06-20 17:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

    2007-06-18 19:02 98,304 --a------ C:\WINDOWS\system32\viscomtran.dll

    2007-06-18 19:02 94,208 --a------ C:\WINDOWS\system32\viscomaudiodata.dll

    2007-06-18 19:02 90,112 --a------ C:\WINDOWS\system32\viscomframe.dll

    2007-06-18 19:02 81,920 --a------ C:\WINDOWS\system32\viscomwave.dll

    2007-06-18 19:02 598,016 --a------ C:\WINDOWS\system32\viscomqtde.dll

    2007-06-18 19:02 40,960 --a------ C:\WINDOWS\system32\SSubTmr6.dll

    2007-06-18 19:02 262,144 --a------ C:\WINDOWS\system32\lame_enc.dll

    2007-06-18 19:02 147,456 --a------ C:\WINDOWS\system32\viscomqtenc.dll

    2007-06-18 19:02 110,592 --a------ C:\WINDOWS\system32\viscomaudioencoder.dll

    2007-06-18 19:02 1,703,936 --a------ C:\WINDOWS\system32\gdiplus.dll

    2007-06-13 17:24 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\Real

    2007-06-06 13:14 <DIR> d-------- C:\Programas\The Sims

    2007-06-04 12:46 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\WinRAR

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-07-31 19:44 --------- d-------- C:\DOCUME~1\Hugo\APPLIC~1\Image Zone Express

    2007-07-29 20:41 --------- d-------- C:\Programas\Ficheiros comuns\LightScribe

    2007-07-29 17:12 605066 --a------ C:\WINDOWS\system32\perfh016.dat

    2007-07-29 17:12 110284 --a------ C:\WINDOWS\system32\perfc016.dat

    2007-07-15 12:53 --------- d-------- C:\DOCUME~1\Hugo\APPLIC~1\AdobeUM

    2007-07-12 19:53 --------- d--h----- C:\Programas\InstallShield Installation Information

    2007-07-01 19:05 --------- d-------- C:\Programas\HP

    2007-07-01 11:48 --------- d-------- C:\Programas\Google

    2007-06-27 19:33 --------- d-------- C:\DOCUME~1\Hugo\APPLIC~1\Google

    2007-06-25 22:31 --------- d-------- C:\Programas\DAP

    2007-06-17 00:11 51200 --a------ C:\WINDOWS\nircmd.exe

    2007-05-25 15:22 24000 --a------ C:\WINDOWS\system32\lmimirr.dll

    2007-05-25 15:22 10304 --a------ C:\WINDOWS\system32\lmimirr2.dll

    2007-05-22 19:14 8784 --a------ C:\WINDOWS\system32\ractrlkeyhook.dll

    2007-05-16 16:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 18:18]

    "VirusScan Online"="C:\Programas\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 12:49]

    "MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29]

    "MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 12:05]

    "MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe" [2005-03-23 16:33]

    "MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [2005-03-23 15:47]

    "HP Software Update"="C:\Programas\HP\HP Software Update\HPWuSchd2.exe" [2005-12-15 12:18]

    "nwiz"="nwiz.exe" [2006-02-13 14:05 C:\WINDOWS\system32\nwiz.exe]

    "RemoteControl"="C:\Programas\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 18:35]

    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 16:21 C:\WINDOWS\system32\HdAShCut.exe]

    "SoundMAXPnP"="C:\Programas\Analog Devices\Core\smax4pnp.exe" [2005-05-20 02:11]

    "SoundMAX"="C:\Programas\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 16:35]

    "itype"="C:\Programas\Microsoft IntelliType Pro\itype.exe" [2005-12-05 01:38]

    "IntelliPoint"="C:\Programas\Microsoft IntelliPoint\ipoint.exe" [2005-12-05 01:39]

    "DownloadAccelerator"="C:\Programas\DAP\DAP.exe" [2007-04-04 12:48]

    "QuickTime Task"="C:\Programas\QuickTime\qttask.exe" [2007-04-27 09:41]

    "MPFExe"="C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-04-05 14:41]

    "_AntiSpyware"="c:\progra~1\mcafee\MCAFEE~1\masalert.exe" [2006-01-06 15:14]

    "OASClnt"="C:\Programas\McAfee.com\VSO\oasclnt.exe" [2005-08-11 22:02]

    "GameFace Messenger"="C:\Programas\GameFace Messenger\GameFace.exe" []

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "McAfee QuickClean Imonitor"="C:\Programas\McAfee\McAfee QuickClean\Plguni.exe" [2004-08-25 06:00]

    "MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-03-23 16:33]

    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]

    "swg"="C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-14 18:29]

    "updateMgr"="C:\Programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]

    "Steam"="c:\programas\steam\steam.exe" [2007-07-12 19:49]

    "BitTorrent"="C:\Programas\BitTorrent\bittorrent.exe" []

    C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\

    Adobe Reader Speed Launch.lnk - C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]

    HP Digital Imaging Monitor.lnk - C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 12:40:44]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

    LMIinit.dll 2007-05-25 15:22 63040 C:\WINDOWS\system32\LMIinit.dll

    R1 MPFIREWL;MPFIREWL;C:\WINDOWS\system32\Drivers\MpFirewall.sys

    R2 EIO;EIO;\??\C:\WINDOWS\system32\drivers\EIO.sys

    R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys

    R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service;C:\WINDOWS\system32\drivers\ADIHdAud.sys

    R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys

    R3 lmimirr;lmimirr;C:\WINDOWS\system32\DRIVERS\lmimirr.sys

    R3 MTsensor;ATK0110 ACPI UTILITY;C:\WINDOWS\system32\DRIVERS\ASACPI.sys

    R3 Point32;Microsoft IntelliPoint Filter Driver;C:\WINDOWS\system32\DRIVERS\point32.sys

    R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver;C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

    R3 SenFiltService;SenFilt Service;C:\WINDOWS\system32\drivers\Senfilt.sys

    S2 LMIInfo;LogMeIn Kernel Information Provider;\??\C:\Programas\LogMeIn\x86\RaInfo.sys

    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

    S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;C:\WINDOWS\system32\drivers\HdAudio.sys

    S3 iadusb;MT882;C:\WINDOWS\system32\DRIVERS\glauiad.sys

    S3 idsvc;Windows CardSpace;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"

    S3 k750bus;Sony Ericsson 750 driver (WDM);C:\WINDOWS\system32\DRIVERS\k750bus.sys

    S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k750mdfl.sys

    S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k750mdm.sys

    S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k750mgmt.sys

    S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k750obex.sys

    S3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys

    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"

    Contents of the 'Scheduled Tasks' folder

    2007-07-28 02:39:05 C:\WINDOWS\Tasks\mcafee antispyware.job - c:\progra~1\mcafee\MCAFEE~1\MASCon.exe

    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2007-08-01 00:56:38

    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden registry entries ...

    scanning hidden files ...

    scan completed successfully

    hidden files: 0

    **************************************************************************

    Completion time: 2007-08-01 0:57:23

    --- E O F ---

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    - Faça o download do SmitFraudFix

    • Descompacte o arquivo em uma pasta própria, mas não o execute ainda.

    - Reinicie o computador em Modo Seguro (pressione a tecla F8 intermitentemente, ou F5 em alguns casos, durante a inicialização);

    - Entre na pasta do SmitFraudFix e execute o SmitfraudFix.cmd. Aperte a opção 2 e Enter.

    • Quando aparecer a mensagem "Do you want to clean the registry?" pressione y e Enter.

    - Reinicie em modo normal, gere novo log e cole na sua resposta.

    - Na sua resposta, cole também o log do SmitFraudFix, que estará no arquivo rapport.txt em C:\.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • - Reinicie em modo normal, gere novo log e cole na sua resposta.

    não percebi esta parte..gero novo log de quê?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Fica aqui o log do smitfraudFix:

    SmitFraudFix v2.207

    Scan done at 1:21:32,48, 03-08-2007

    Run from C:\Documents and Settings\Hugo\Ambiente de trabalho\smitfraudfix\SmitfraudFix

    OS: Microsoft Windows XP [VersÆo 5.1.2600] - Windows_NT

    The filesystem type is NTFS

    Fix run in safe mode

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix

    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri

    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Killing process

    »»»»»»»»»»»»»»»»»»»»»»»» hosts

    127.0.0.1 localhost

    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

    »»»»»»»»»»»»»»»»»»»»»»»» DNS

    HKLM\SYSTEM\CCS\Services\Tcpip\..\{5C0C7D02-1AC3-4264-832F-73ACA02E46F4}: DhcpNameServer=192.168.1.1

    HKLM\SYSTEM\CS1\Services\Tcpip\..\{5C0C7D02-1AC3-4264-832F-73ACA02E46F4}: DhcpNameServer=192.168.1.1

    HKLM\SYSTEM\CS2\Services\Tcpip\..\{5C0C7D02-1AC3-4264-832F-73ACA02E46F4}: DhcpNameServer=192.168.1.1

    HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

    HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

    HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

    !!!Attention, following keys are not inevitably infected!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

    "System"=""

    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix

    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri

    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» End

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • ok..aí está:

    Logfile of HijackThis v1.99.1

    Scan saved at 4:21:15, on 04-08-2007

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\Explorer.EXE

    C:\Programas\McAfee.com\VSO\mcvsshld.exe

    C:\PROGRA~1\mcafee.com\agent\mcagent.exe

    C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe

    c:\progra~1\mcafee.com\vso\mcvsescn.exe

    C:\Programas\HP\HP Software Update\HPWuSchd2.exe

    C:\Programas\CyberLink\PowerDVD\PDVDServ.exe

    C:\Programas\Analog Devices\Core\smax4pnp.exe

    C:\Programas\Analog Devices\SoundMAX\smax4.exe

    C:\Programas\Microsoft IntelliType Pro\itype.exe

    C:\Programas\Microsoft IntelliPoint\ipoint.exe

    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

    C:\progra~1\mcafee\MCAFEE~1\masalert.exe

    C:\Programas\McAfee.com\VSO\oasclnt.exe

    C:\Programas\McAfee\McAfee QuickClean\Plguni.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe

    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

    c:\progra~1\mcafee\mcafee antispyware\massrv.exe

    c:\programas\mcafee.com\agent\mcdetect.exe

    c:\PROGRA~1\mcafee.com\vso\mcshield.exe

    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

    C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

    C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

    C:\WINDOWS\system32\nvsvc32.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\system32\svchost.exe

    C:\Programas\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\Programas\MSN Messenger\msnmsgr.exe

    c:\progra~1\mcafee.com\vso\mcvsftsn.exe

    C:\Programas\internet explorer\iexplore.exe

    C:\Programas\DAP\DAP.EXE

    C:\DOCUME~1\Hugo\DEFINI~1\Temp\Rar$EX00.078\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programas\google\googletoolbar1.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

    O3 - Toolbar: Barra de Ferramentas MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\MSN Toolbar\01.01.2607.0\pt-br\msntb.dll (file missing)

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programas\google\googletoolbar1.dll

    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

    O4 - HKLM\..\Run: [VirusScan Online] C:\Programas\McAfee.com\VSO\mcvsshld.exe

    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe

    O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe

    O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup

    O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

    O4 - HKLM\..\Run: [RemoteControl] C:\Programas\CyberLink\PowerDVD\PDVDServ.exe

    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

    O4 - HKLM\..\Run: [soundMAXPnP] C:\Programas\Analog Devices\Core\smax4pnp.exe

    O4 - HKLM\..\Run: [soundMAX] "C:\Programas\Analog Devices\SoundMAX\smax4.exe" /tray

    O4 - HKLM\..\Run: [itype] "C:\Programas\Microsoft IntelliType Pro\itype.exe"

    O4 - HKLM\..\Run: [intelliPoint] "C:\Programas\Microsoft IntelliPoint\ipoint.exe"

    O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Programas\DAP\DAP.EXE" /STARTUP

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

    O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe

    O4 - HKLM\..\Run: [OASClnt] C:\Programas\McAfee.com\VSO\oasclnt.exe

    O4 - HKLM\..\Run: [GameFace Messenger] C:\Programas\GameFace Messenger\GameFace.exe

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] C:\Programas\McAfee\McAfee QuickClean\Plguni.exe /START

    O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe

    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [swg] C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    O4 - HKCU\..\Run: [updateMgr] C:\Programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

    O4 - HKCU\..\Run: [steam] "c:\programas\steam\steam.exe" -silent

    O4 - HKCU\..\Run: [bitTorrent] "C:\Programas\BitTorrent\bittorrent.exe" --force_start_minimized

    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe

    O8 - Extra context menu item: &Clean Traces - C:\Programas\DAP\Privacy Package\dapcleanerie.htm

    O8 - Extra context menu item: &Download with &DAP - C:\Programas\DAP\dapextie.htm

    O8 - Extra context menu item: Download &all with DAP - C:\Programas\DAP\dapextie2.htm

    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

    O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O11 - Options group: [iNTERNATIONAL] International*

    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab

    O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe

    O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe

    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\programas\mcafee.com\agent\mcdetect.exe

    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe

    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

    O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    - Ok, o log está limpo :)

    - Recomendo uma manutenção no computador para exclusão dos arquivos temporários, desnecessários e entradas inválidas no registro. Faça o download do CCleaner:

    • Abra o programa e clique em Executar Limpeza;
    • Após isto, clique em Erros > Procurar erros > Corrigir Erros

    - Desative e ative novamente a Restauração do Sistema

    - Leia o artigo Proteja seu PC para mais informações sobre como evitar infecções.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • muito obrigado pela ajuda :)

    mas aqueles programas todos continuam no add/remover programas do painel de controlo! nao fazem mal?

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    Se você não reconhece os programas, veja se há alguma pasta deles e apague.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Entre para seguir isso  





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×