Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
huguh

problema em adicionar/remover programas

Recommended Posts

ola a todos!

tenho um problema no add/remover programas do painel de controlo. Apareceram-me programas como estes:

Buffer Chm

Destinations

eSupport Q Folder

Status

Tray App

Unload

Web Fldrs XP

Web Reg

Market Research

Fax_CDA

F300

F300_Help

etc..etc..e muitos outros deste tipo..e nenhum deles dá para desinstalar!

ja corri o hijackthis,bankerFix,SDFix..todos que sao aconselhados por vocês e nada..

Corri o BankerFix e disse que nao foram encontrados arquivos infectados.

Ficam aqui os logs do hijackThis e do SDFix. Peço que os analisem e me ajudem por favor a tirar aqueles programas :(:(

aqui fica log do HijackThis:

Logfile of HijackThis v1.99.1

Scan saved at 13:37:12, on 30-07-2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe

c:\progra~1\mcafee\mcafee antispyware\massrv.exe

c:\programas\mcafee.com\agent\mcdetect.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\McAfee.com\VSO\mcvsshld.exe

C:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe

c:\progra~1\mcafee.com\vso\mcvsescn.exe

C:\Programas\HP\HP Software Update\HPWuSchd2.exe

C:\Programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Programas\Analog Devices\Core\smax4pnp.exe

C:\Programas\Microsoft IntelliType Pro\itype.exe

C:\Programas\Microsoft IntelliPoint\ipoint.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\progra~1\mcafee\MCAFEE~1\masalert.exe

C:\Programas\McAfee.com\VSO\oasclnt.exe

C:\Programas\McAfee\McAfee QuickClean\Plguni.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Programas\MSN Messenger\msnmsgr.exe

c:\progra~1\mcafee.com\vso\mcvsftsn.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Programas\WinRAR\WinRAR.exe

C:\Programas\WinRAR\WinRAR.exe

C:\DOCUME~1\Hugo\DEFINI~1\Temp\Rar$EX00.468\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

O3 - Toolbar: Barra de Ferramentas MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\MSN Toolbar\01.01.2607.0\pt-br\msntb.dll (file missing)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [VirusScan Online] C:\Programas\McAfee.com\VSO\mcvsshld.exe

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe

O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup

O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RemoteControl] C:\Programas\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [itype] "C:\Programas\Microsoft IntelliType Pro\itype.exe"

O4 - HKLM\..\Run: [intelliPoint] "C:\Programas\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Programas\DAP\DAP.EXE" /STARTUP

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe

O4 - HKLM\..\Run: [OASClnt] C:\Programas\McAfee.com\VSO\oasclnt.exe

O4 - HKLM\..\Run: [GameFace Messenger] C:\Programas\GameFace Messenger\GameFace.exe

O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] C:\Programas\McAfee\McAfee QuickClean\Plguni.exe /START

O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [updateMgr] C:\Programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [steam] "c:\programas\steam\steam.exe" -silent

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Clean Traces - C:\Programas\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Programas\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Programas\DAP\dapextie2.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab

O20 - Winlogon Notify: !SASWinLogon - C:\Programas\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe

O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe

O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\programas\mcafee.com\agent\mcdetect.exe

O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

e do SDFix:

SDFix: Version 1.94

Run by Hugo on 30-07-2007 at 12:44

Microsoft Windows XP [VersÆo 5.1.2600]

Running From: C:\PROGRA~1\SDFIX\SDFix

Safe Mode:

Checking Services:

Restoring Windows Registry Values

Restoring Windows Default Hosts File

Restoring Missing Security Center Service

Restoring Missing SharedAccess Service

Rebooting...

Normal Mode:

Checking Files:

No Trojan Files Found

Removing Temp Files...

ADS Check:

C:\WINDOWS

No streams found.

C:\WINDOWS\system32

No streams found.

C:\WINDOWS\system32\svchost.exe

No streams found.

C:\WINDOWS\system32\ntoskrnl.exe

No streams found.

Final Check:

Remaining Services:

------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"

"C:\\Programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"

"C:\\Programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"

"C:\\Programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"

"C:\\Programas\\Messenger\\msmsgs.exe"="C:\\Programas\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\\Programas\\CS1.6 pod-Bot\\hl.exe"="C:\\Programas\\CS1.6 pod-Bot\\hl.exe:*:Enabled:Half-Life Launcher"

"C:\\Programas\\eMule\\emule.exe"="C:\\Programas\\eMule\\emule.exe:*:Enabled:eMule"

"C:\\Program Files\\ASUS\\GameLiveShow\\SBS.exe"="C:\\Program Files\\ASUS\\GameLiveShow\\SBS.exe:*:Enabled:ASUS SBS Application"

"C:\\Programas\\NetMeeting\\conf.exe"="C:\\Programas\\NetMeeting\\conf.exe:*:Enabled:Windows© NetMeeting©"

"C:\\Programas\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"="C:\\Programas\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe:*:Enabled:NFSC"

"C:\\Programas\\DAP\\DAP.exe"="C:\\Programas\\DAP\\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Programas\\Joost\\xulrunner\\tvprunner.exe"="C:\\Programas\\Joost\\xulrunner\\tvprunner.exe:*:Enabled:tvprunner"

"C:\\Programas\\MSN Messenger\\livecall.exe"="C:\\Programas\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\\Programas\\Steam\\Steam.exe"="C:\\Programas\\Steam\\Steam.exe:*:Enabled:Steam Client"

"C:\\Programas\\Valve\\hl.exe"="C:\\Programas\\Valve\\hl.exe:*:Enabled:Half-Life Launcher"

"C:\\Programas\\HLSW\\hlsw.exe"="C:\\Programas\\HLSW\\hlsw.exe:*:Enabled:HLSW"

"C:\\Programas\\MSN Messenger\\msnmsgr.exe"="C:\\Programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\Programas\\MSN Messenger\\livecall.exe"="C:\\Programas\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\\Programas\\MSN Messenger\\msnmsgr.exe"="C:\\Programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

Remaining Files:

---------------

Files with Hidden Attributes:

Finished

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Faça o download do ComboFix

  • Dê um duplo-clique no combofix.exe e tecle "Y" para prosseguir o Fix. Vai durar uma média de 10 minutos.
  • O ComboFix reiniciará o PC automaticamente para completar o processo de remoção.
  • Quando acabar, será gerado um log, que estará em C:\ComboFix.txt.
  • Não clique na Janela do ComboFix, nem o feche clicando no X, enquanto estiver rodando, pois senão irá parar e seu desktop ficará em branco.
  • Para parar ou sair do ComboFix, tecle "N".
  • Cole o ComboFix.txt na sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Obrigado pela sua atenção. Aqui fica o log do ComboFix:

ComboFix 07-07-30.2 - "Hugo" 2007-08-01 0:54:43.1 [GMT 1:00] - NTFS

Microsoft Windows XP Professional 5.1.2600.2.1252.1.2070.18.Verdadeiro

* Created a new restore point

((((((((((((((((((((((((( Files Created from 2007-06-28 to 2007-07-31 )))))))))))))))))))))))))))))))

2007-07-31 17:17 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\BitTorrent

2007-07-30 18:38 <DIR> d-------- C:\Programas\Windows Media Connect 2

2007-07-30 18:36 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2007-07-30 18:36 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF

2007-07-30 12:43 <DIR> d-------- C:\WINDOWS\ERUNT

2007-07-30 12:31 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\SUPERAntiSpyware.com

2007-07-30 12:31 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com

2007-07-30 12:29 <DIR> d-------- C:\Programas\SDFIX

2007-07-29 19:33 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\URSoft

2007-07-29 18:24 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll

2007-07-29 18:10 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy

2007-07-29 14:14 <DIR> d-------- C:\Programas\YouTube Catcher 1.0 rc1

2007-07-28 14:00 <DIR> d-------- C:\Programas\MSBuild

2007-07-28 13:56 <DIR> d-------- C:\Programas\Reference Assemblies

2007-07-28 13:54 14,048 --------- C:\WINDOWS\system32\spmsg2.dll

2007-07-28 13:48 <DIR> d-------- C:\WINDOWS\system32\URTTemp

2007-07-27 14:55 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\SecondLife

2007-07-27 14:55 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\IMVU

2007-07-27 14:55 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\DaCamYoWebcam

2007-07-27 14:55 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\BSplayer Pro

2007-07-27 14:55 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\BSplayer

2007-07-27 14:42 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MCAB2.tmp

2007-07-27 14:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MCAA2.tmp

2007-07-27 13:00 <DIR> d-------- C:\WINDOWS\pss

2007-07-27 01:27 <DIR> d-------- C:\Programas\MSXML 6.0

2007-07-27 01:21 <DIR> d-------- C:\WINDOWS\system32\XPSViewer

2007-07-21 11:33 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall

2007-07-21 01:08 <DIR> d--h----- C:\WINDOWS\PIF

2007-07-12 19:53 <DIR> d-------- C:\Programas\Valve

2007-07-12 19:49 <DIR> d-------- C:\Programas\Steam

2007-07-11 12:55 <DIR> d-------- C:\Programas\MSN Messenger

2007-07-11 12:44 <DIR> d-------- C:\DOCUME~1\Hugo\Contacts

2007-07-11 12:42 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE

2007-07-10 17:55 <DIR> d-------- C:\Programas\eMule

2007-07-01 19:05 <DIR> d-------- C:\Programas\Ficheiros comuns\HP

2007-07-01 11:23 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2007-07-01 03:54 51,200 --a------ C:\WINDOWS\system32\dumphive.exe

2007-07-01 03:54 4,280 --a------ C:\WINDOWS\system32\tmp.reg

2007-07-01 03:54 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe

2007-06-27 21:31 <DIR> d-------- C:\WINDOWS\system32\pt-pt

2007-06-27 21:26 <DIR> d-------- C:\WINDOWS\network diagnostic

2007-06-27 21:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Office Genuine Advantage

2007-06-27 18:18 <DIR> d-------- C:\Programas\Joost

2007-06-27 18:18 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\Joost

2007-06-26 18:26 114,464 --a------ C:\WINDOWS\system32\drivers\naiavf5x.sys

2007-06-26 13:26 83,552 --a------ C:\WINDOWS\system32\LMIRfsClientNP.dll

2007-06-26 13:26 46,112 --a------ C:\WINDOWS\system32\drivers\LMIRfsDriver.sys

2007-06-26 13:26 26,176 --a------ C:\WINDOWS\system32\LMIport.dll

2007-06-26 13:25 63,040 --a------ C:\WINDOWS\system32\LMIinit.dll

2007-06-26 12:46 769,024 --a------ C:\WINDOWS\WebCam Sam.scr

2007-06-26 00:26 <DIR> d--h----- C:\WINDOWS\$hf_mig$

2007-06-26 00:26 <DIR> d-------- C:\WINDOWS\system32\PreInstall

2007-06-26 00:21 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution

2007-06-25 10:31 39,424 --------- C:\WINDOWS\system32\GsiDi32.dll

2007-06-25 10:31 38,400 --a------ C:\WINDOWS\system32\CoInst.dll

2007-06-25 10:31 30,336 --a------ C:\WINDOWS\system32\drivers\glauiad.sys

2007-06-20 17:39 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\Apple Computer

2007-06-20 17:35 <DIR> d-------- C:\Programas\QuickTime

2007-06-20 17:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer

2007-06-18 19:02 98,304 --a------ C:\WINDOWS\system32\viscomtran.dll

2007-06-18 19:02 94,208 --a------ C:\WINDOWS\system32\viscomaudiodata.dll

2007-06-18 19:02 90,112 --a------ C:\WINDOWS\system32\viscomframe.dll

2007-06-18 19:02 81,920 --a------ C:\WINDOWS\system32\viscomwave.dll

2007-06-18 19:02 598,016 --a------ C:\WINDOWS\system32\viscomqtde.dll

2007-06-18 19:02 40,960 --a------ C:\WINDOWS\system32\SSubTmr6.dll

2007-06-18 19:02 262,144 --a------ C:\WINDOWS\system32\lame_enc.dll

2007-06-18 19:02 147,456 --a------ C:\WINDOWS\system32\viscomqtenc.dll

2007-06-18 19:02 110,592 --a------ C:\WINDOWS\system32\viscomaudioencoder.dll

2007-06-18 19:02 1,703,936 --a------ C:\WINDOWS\system32\gdiplus.dll

2007-06-13 17:24 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\Real

2007-06-06 13:14 <DIR> d-------- C:\Programas\The Sims

2007-06-04 12:46 <DIR> d-------- C:\DOCUME~1\Hugo\APPLIC~1\WinRAR

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-31 19:44 --------- d-------- C:\DOCUME~1\Hugo\APPLIC~1\Image Zone Express

2007-07-29 20:41 --------- d-------- C:\Programas\Ficheiros comuns\LightScribe

2007-07-29 17:12 605066 --a------ C:\WINDOWS\system32\perfh016.dat

2007-07-29 17:12 110284 --a------ C:\WINDOWS\system32\perfc016.dat

2007-07-15 12:53 --------- d-------- C:\DOCUME~1\Hugo\APPLIC~1\AdobeUM

2007-07-12 19:53 --------- d--h----- C:\Programas\InstallShield Installation Information

2007-07-01 19:05 --------- d-------- C:\Programas\HP

2007-07-01 11:48 --------- d-------- C:\Programas\Google

2007-06-27 19:33 --------- d-------- C:\DOCUME~1\Hugo\APPLIC~1\Google

2007-06-25 22:31 --------- d-------- C:\Programas\DAP

2007-06-17 00:11 51200 --a------ C:\WINDOWS\nircmd.exe

2007-05-25 15:22 24000 --a------ C:\WINDOWS\system32\lmimirr.dll

2007-05-25 15:22 10304 --a------ C:\WINDOWS\system32\lmimirr2.dll

2007-05-22 19:14 8784 --a------ C:\WINDOWS\system32\ractrlkeyhook.dll

2007-05-16 16:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"VSOCheckTask"="C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" [2005-07-08 18:18]

"VirusScan Online"="C:\Programas\McAfee.com\VSO\mcvsshld.exe" [2005-08-10 12:49]

"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\mcagent.exe" [2005-09-22 18:29]

"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\mcupdate.exe" [2006-01-11 12:05]

"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe" [2005-03-23 16:33]

"MSKDetectorExe"="C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe" [2005-03-23 15:47]

"HP Software Update"="C:\Programas\HP\HP Software Update\HPWuSchd2.exe" [2005-12-15 12:18]

"nwiz"="nwiz.exe" [2006-02-13 14:05 C:\WINDOWS\system32\nwiz.exe]

"RemoteControl"="C:\Programas\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 18:35]

"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 16:21 C:\WINDOWS\system32\HdAShCut.exe]

"SoundMAXPnP"="C:\Programas\Analog Devices\Core\smax4pnp.exe" [2005-05-20 02:11]

"SoundMAX"="C:\Programas\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 16:35]

"itype"="C:\Programas\Microsoft IntelliType Pro\itype.exe" [2005-12-05 01:38]

"IntelliPoint"="C:\Programas\Microsoft IntelliPoint\ipoint.exe" [2005-12-05 01:39]

"DownloadAccelerator"="C:\Programas\DAP\DAP.exe" [2007-04-04 12:48]

"QuickTime Task"="C:\Programas\QuickTime\qttask.exe" [2007-04-27 09:41]

"MPFExe"="C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" [2005-04-05 14:41]

"_AntiSpyware"="c:\progra~1\mcafee\MCAFEE~1\masalert.exe" [2006-01-06 15:14]

"OASClnt"="C:\Programas\McAfee.com\VSO\oasclnt.exe" [2005-08-11 22:02]

"GameFace Messenger"="C:\Programas\GameFace Messenger\GameFace.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"McAfee QuickClean Imonitor"="C:\Programas\McAfee\McAfee QuickClean\Plguni.exe" [2004-08-25 06:00]

"MSKAGENTEXE"="C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe" [2005-03-23 16:33]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]

"swg"="C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-14 18:29]

"updateMgr"="C:\Programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]

"Steam"="c:\programas\steam\steam.exe" [2007-07-12 19:49]

"BitTorrent"="C:\Programas\BitTorrent\bittorrent.exe" []

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\

Adobe Reader Speed Launch.lnk - C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]

HP Digital Imaging Monitor.lnk - C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 12:40:44]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

LMIinit.dll 2007-05-25 15:22 63040 C:\WINDOWS\system32\LMIinit.dll

R1 MPFIREWL;MPFIREWL;C:\WINDOWS\system32\Drivers\MpFirewall.sys

R2 EIO;EIO;\??\C:\WINDOWS\system32\drivers\EIO.sys

R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys

R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service;C:\WINDOWS\system32\drivers\ADIHdAud.sys

R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys

R3 lmimirr;lmimirr;C:\WINDOWS\system32\DRIVERS\lmimirr.sys

R3 MTsensor;ATK0110 ACPI UTILITY;C:\WINDOWS\system32\DRIVERS\ASACPI.sys

R3 Point32;Microsoft IntelliPoint Filter Driver;C:\WINDOWS\system32\DRIVERS\point32.sys

R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver;C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

R3 SenFiltService;SenFilt Service;C:\WINDOWS\system32\drivers\Senfilt.sys

S2 LMIInfo;LogMeIn Kernel Information Provider;\??\C:\Programas\LogMeIn\x86\RaInfo.sys

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;C:\WINDOWS\system32\drivers\HdAudio.sys

S3 iadusb;MT882;C:\WINDOWS\system32\DRIVERS\glauiad.sys

S3 idsvc;Windows CardSpace;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"

S3 k750bus;Sony Ericsson 750 driver (WDM);C:\WINDOWS\system32\DRIVERS\k750bus.sys

S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k750mdfl.sys

S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k750mdm.sys

S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k750mgmt.sys

S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k750obex.sys

S3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"

Contents of the 'Scheduled Tasks' folder

2007-07-28 02:39:05 C:\WINDOWS\Tasks\mcafee antispyware.job - c:\progra~1\mcafee\MCAFEE~1\MASCon.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-01 00:56:38

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

Completion time: 2007-08-01 0:57:23

--- E O F ---

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Faça o download do SmitFraudFix

  • Descompacte o arquivo em uma pasta própria, mas não o execute ainda.

- Reinicie o computador em Modo Seguro (pressione a tecla F8 intermitentemente, ou F5 em alguns casos, durante a inicialização);

- Entre na pasta do SmitFraudFix e execute o SmitfraudFix.cmd. Aperte a opção 2 e Enter.

  • Quando aparecer a mensagem "Do you want to clean the registry?" pressione y e Enter.

- Reinicie em modo normal, gere novo log e cole na sua resposta.

- Na sua resposta, cole também o log do SmitFraudFix, que estará no arquivo rapport.txt em C:\.

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Reinicie em modo normal, gere novo log e cole na sua resposta.

não percebi esta parte..gero novo log de quê?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fica aqui o log do smitfraudFix:

SmitFraudFix v2.207

Scan done at 1:21:32,48, 03-08-2007

Run from C:\Documents and Settings\Hugo\Ambiente de trabalho\smitfraudfix\SmitfraudFix

OS: Microsoft Windows XP [VersÆo 5.1.2600] - Windows_NT

The filesystem type is NTFS

Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix

!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{5C0C7D02-1AC3-4264-832F-73ACA02E46F4}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\..\{5C0C7D02-1AC3-4264-832F-73ACA02E46F4}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS2\Services\Tcpip\..\{5C0C7D02-1AC3-4264-832F-73ACA02E46F4}: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix

!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

Compartilhar este post


Link para o post
Compartilhar em outros sites

ok..aí está:

Logfile of HijackThis v1.99.1

Scan saved at 4:21:15, on 04-08-2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\McAfee.com\VSO\mcvsshld.exe

C:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe

c:\progra~1\mcafee.com\vso\mcvsescn.exe

C:\Programas\HP\HP Software Update\HPWuSchd2.exe

C:\Programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Programas\Analog Devices\Core\smax4pnp.exe

C:\Programas\Analog Devices\SoundMAX\smax4.exe

C:\Programas\Microsoft IntelliType Pro\itype.exe

C:\Programas\Microsoft IntelliPoint\ipoint.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\progra~1\mcafee\MCAFEE~1\masalert.exe

C:\Programas\McAfee.com\VSO\oasclnt.exe

C:\Programas\McAfee\McAfee QuickClean\Plguni.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

c:\progra~1\mcafee\mcafee antispyware\massrv.exe

c:\programas\mcafee.com\agent\mcdetect.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Programas\MSN Messenger\msnmsgr.exe

c:\progra~1\mcafee.com\vso\mcvsftsn.exe

C:\Programas\internet explorer\iexplore.exe

C:\Programas\DAP\DAP.EXE

C:\DOCUME~1\Hugo\DEFINI~1\Temp\Rar$EX00.078\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

O3 - Toolbar: Barra de Ferramentas MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\MSN Toolbar\01.01.2607.0\pt-br\msntb.dll (file missing)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [VirusScan Online] C:\Programas\McAfee.com\VSO\mcvsshld.exe

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe

O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup

O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [RemoteControl] C:\Programas\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Programas\Analog Devices\SoundMAX\smax4.exe" /tray

O4 - HKLM\..\Run: [itype] "C:\Programas\Microsoft IntelliType Pro\itype.exe"

O4 - HKLM\..\Run: [intelliPoint] "C:\Programas\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Programas\DAP\DAP.EXE" /STARTUP

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKLM\..\Run: [_AntiSpyware] c:\progra~1\mcafee\MCAFEE~1\masalert.exe

O4 - HKLM\..\Run: [OASClnt] C:\Programas\McAfee.com\VSO\oasclnt.exe

O4 - HKLM\..\Run: [GameFace Messenger] C:\Programas\GameFace Messenger\GameFace.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKCU\..\Run: [McAfee QuickClean Imonitor] C:\Programas\McAfee\McAfee QuickClean\Plguni.exe /START

O4 - HKCU\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [updateMgr] C:\Programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [steam] "c:\programas\steam\steam.exe" -silent

O4 - HKCU\..\Run: [bitTorrent] "C:\Programas\BitTorrent\bittorrent.exe" --force_start_minimized

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Clean Traces - C:\Programas\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Programas\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Programas\DAP\dapextie2.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe

O23 - Service: McAfee AntiSpyware Service - McAfee, Inc. - c:\progra~1\mcafee\mcafee antispyware\massrv.exe

O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\programas\mcafee.com\agent\mcdetect.exe

O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe

O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Ok, o log está limpo :)

- Recomendo uma manutenção no computador para exclusão dos arquivos temporários, desnecessários e entradas inválidas no registro. Faça o download do CCleaner:

  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Erros > Procurar erros > Corrigir Erros

- Desative e ative novamente a Restauração do Sistema

- Leia o artigo Proteja seu PC para mais informações sobre como evitar infecções.

Compartilhar este post


Link para o post
Compartilhar em outros sites

muito obrigado pela ajuda :)

mas aqueles programas todos continuam no add/remover programas do painel de controlo! nao fazem mal?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Se você não reconhece os programas, veja se há alguma pasta deles e apague.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×