Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
Kley Santiago

Trojan horse Downloader.Generic6.VZU - Por favor analizem meu log!

Recommended Posts

Boa tarde pessoal!

Pois é, meu AVG detecta mas não exclui. O que que eu faço?

O Trojan horse Downloader.Generic6.VZU está em C:/Windows/System32/d3d.dll

Alguém pode analisar meu log do Combofix e me ajudar?

Obrigado!

_________________________________________________________________

ComboFix 07-11-19.4 - mestre 2007-11-30 15:29:35.10 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.1649 [GMT -2:00]

Executando de: C:\Arquivos de programas\ComboFix\ComboFix.exe

.

((((((((((((((((((((((( Ficheiros criados de 2007-10-28 to 2007-11-30 ))))))))))))))))))))))))))))))))

.

2007-11-27 10:36 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Nero

2007-11-26 10:53 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos\Nero

2007-11-26 10:50 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2007-11-26 10:41 <DIR> d-------- C:\Arquivos de programas\Nero

2007-11-23 23:30 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Nullsoft

2007-11-23 14:33 <DIR> d-------- C:\Arquivos de programas\ComboFix

2007-11-23 14:29 <DIR> d-------- C:\Arquivos de programas\Hijack This

2007-11-23 13:46 <DIR> d-------- C:\Documents and Settings\NetworkService\Dados de aplicativos

2007-11-23 13:37 <DIR> d-------- C:\Documents and Settings\LocalService\Dados de aplicativos\AVG7

2007-11-23 10:54 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos\AVG7

2007-11-23 10:54 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\avg7

2007-11-23 10:06 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos\Grisoft

2007-11-23 10:06 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft

2007-11-23 10:06 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys

2007-11-22 18:19 <DIR> d-------- C:\Arquivos de programas\AVG Normal

2007-11-22 18:17 <DIR> d-------- C:\Arquivos de programas\AVG AntSpyware

2007-11-22 17:31 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe

2007-11-22 17:31 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx

2007-11-22 17:31 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr

2007-11-22 17:31 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys

2007-11-22 17:31 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys

2007-11-22 17:31 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys

2007-11-22 17:31 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys

2007-11-22 17:31 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys

2007-11-22 12:34 <DIR> d--hs---- C:\heap41a

2007-11-22 10:12 <DIR> d-------- C:\Documents and Settings\mestre\Incomplete

2007-11-22 10:12 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos\LimeWire

2007-11-22 09:43 <DIR> d-------- C:\Arquivos de programas\Java

2007-11-22 09:32 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Java

2007-11-20 23:17 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos\Media Player Classic

2007-11-20 23:16 <DIR> d-------- C:\Arquivos de programas\K-Lite Codec Pack

2007-11-20 23:16 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll

2007-11-20 23:16 164,352 --a------ C:\WINDOWS\system32\unrar.dll

2007-11-20 23:16 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm

2007-11-20 23:16 81,920 --a------ C:\WINDOWS\system32\dpl100.dll

2007-11-20 17:01 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2007-11-20 16:44 <DIR> d-------- C:\Arquivos de programas\SpayBot

2007-11-17 16:39 <DIR> d-------- C:\Arquivos de programas\UEBBI.com

2007-11-12 13:17 <DIR> d-------- C:\BACKUP_DVDs

2007-11-08 20:53 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE

2007-11-07 17:59 <DIR> d-a------ C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2007-11-07 17:35 368,640 --a------ C:\WINDOWS\system32\ReWire.dll

2007-11-07 15:43 <DIR> d-------- C:\Arquivos de programas\Puxa Rápido

2007-11-07 15:23 <DIR> d-------- C:\Arquivos de programas\Windows Media Player 11

2007-11-07 15:19 <DIR> d-------- C:\Arquivos de programas\Internet Explorer 7

2007-11-07 15:13 <DIR> d-------- C:\Arquivos de programas\Orkut Cute

2007-11-05 13:45 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos\CyberLink

2007-11-04 12:15 <DIR> d-------- C:\Arquivos de programas\Alwil Software

2007-11-02 21:20 <DIR> d-------- C:\Arquivos de programas\MSXML 4.0

2007-10-31 12:32 <DIR> d---s---- C:\Documents and Settings\mestre\UserData

2007-10-31 10:49 196,608 --a------ C:\WINDOWS\system32\ssleay32.dll

2007-10-30 22:00 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos\Ableton

2007-10-30 15:15 <DIR> d-------- C:\Arquivos de programas\Common Files

2007-10-30 15:14 6,365,184 --a------ C:\WINDOWS\system32\PSP VintageWarmer2.dll

2007-10-30 15:14 6,356,992 --a------ C:\WINDOWS\system32\PSP VintageWarmer.dll

2007-10-30 14:49 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos\Sony

2007-10-30 14:49 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos\Publish Providers

2007-10-30 14:11 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos\Corel

2007-10-30 12:52 <DIR> d-------- C:\Documents and Settings\mestre\Contacts

2007-10-30 12:37 <DIR> d--h----- C:\WINDOWS\$hf_mig$

2007-10-30 12:25 <DIR> d-------- C:\Documents and Settings\mestre\Modelos

2007-10-30 12:25 <DIR> dr------- C:\Documents and Settings\mestre\Meus documentos

2007-10-30 12:25 <DIR> dr------- C:\Documents and Settings\mestre\Menu Iniciar

2007-10-30 12:25 <DIR> dr------- C:\Documents and Settings\mestre\Favoritos

2007-10-30 12:25 <DIR> d-------- C:\Documents and Settings\mestre\Dados de aplicativos

2007-10-30 12:25 <DIR> d--h----- C:\Documents and Settings\mestre\Configurações locais

2007-10-30 12:25 <DIR> d-------- C:\Documents and Settings\mestre\Ambiente de rede

2007-10-30 12:25 <DIR> d-------- C:\Documents and Settings\mestre\Ambiente de impressão

2007-10-30 11:02 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Ableton

2007-10-27 11:05 93,184 --a------ C:\WINDOWS\system32\d3d.dll

2007-10-27 11:05 18,688 C:\WINDOWS\system32\drivers\zizqatay.dat

2007-10-27 11:05 5,120 C:\WINDOWS\system32\drivers\hmibjcjx.dat

2007-10-27 10:50 <DIR> d-------- C:\Arquivos de programas\Vintage plugin

2007-10-27 10:15 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\WinZip

2007-10-23 14:20 972,072 --a------ C:\WINDOWS\UNNeroMediaHome.exe

2007-10-22 08:51 972,072 --a------ C:\WINDOWS\UNRecode.exe

2007-10-16 12:43 <DIR> d-------- C:\Arquivos de programas\Digidesign

2007-10-07 13:49 <DIR> d-------- C:\Arquivos de programas\FreeRIP3

2007-10-07 12:46 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Real

2007-10-07 11:35 <DIR> d-------- C:\Arquivos de programas\Real Player

2007-10-06 00:47 <DIR> d-------- C:\Arquivos de programas\Online_TV

2007-10-05 23:48 <DIR> d-------- C:\Arquivos de programas\iZotope

2007-10-05 23:45 543,232 --a------ C:\WINDOWS\LOOP.exe

2007-10-05 18:09 <DIR> d-------- C:\Arquivos de programas\Meus Plugins

2007-10-03 18:40 <DIR> d--h----- C:\Arquivos de programas\C AP

2007-10-03 00:09 <DIR> d-------- C:\Arquivos de programas\MP3 Player Sony

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-11-29 13:31 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\DVD Shrink

2007-11-26 12:43 --------- d-----w C:\Arquivos de programas\Ahead

2007-11-23 15:37 --------- d-----w C:\Arquivos de programas\microsoft frontpage

2007-11-21 16:18 --------- d-----w C:\Arquivos de programas\Soulseek

2007-11-07 19:34 --------- d-----w C:\Arquivos de programas\Ableton Live 6

2007-11-06 16:25 --------- d-----w C:\Arquivos de programas\Winamp

2007-10-31 12:49 1,040,384 ----a-w C:\WINDOWS\system32\libeay32.dll

2007-10-30 20:54 --------- d-----w C:\Arquivos de programas\Google

2007-10-25 16:16 --------- d-----w C:\Arquivos de programas\eMule

2007-10-17 15:44 --------- d-----w C:\Arquivos de programas\Sony

2007-10-07 15:02 --------- d-----w C:\Arquivos de programas\FreeRip

2007-10-05 18:37 --------- d-----w C:\Arquivos de programas\SonyVegas 4.0

2007-09-28 20:05 739,840 ----a-w C:\WINDOWS\system32\divx.dll

2007-09-25 23:21 45,056 ----a-w C:\WINDOWS\NCUNINST.EXE

2007-09-20 10:55 95,600 ----a-w C:\WINDOWS\system32\NeroCo.dll

2007-09-12 00:28 16,516 ----a-w C:\Arquivos de programas\Beam disc.JPG

2007-09-05 04:32 6,656 ----a-w C:\WINDOWS\system32\haspvdd.dll

2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias & legítimas por defeito não são mostradas.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9E66EF0D-E149-40B1-A7BB-DA8886D09025}]

2004-08-04 01:45 93184 --a------ C:\WINDOWS\system32\d3d.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMax"="C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 16:35]

"!AVG Anti-Spyware"="C:\Arquivos de programas\AVG AntSpyware\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 07:25]

"AVG7_CC"="C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe" [2007-11-23 10:54]

"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 01:45 C:\WINDOWS\system32\rundll32.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"AVG7_Run"="C:\ARQUIV~1\Grisoft\AVG7\avgw.exe" [2007-11-23 10:54]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]

C:\Arquivos de programas\AVG AntSpyware\AVG Anti-Spyware 7.5\avgas.exe /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Atualizador - Puxa Rápido]

C:\Arquivos de programas\Puxa Rápido\Atualiza.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]

2007-09-06 07:06 79224 --a------ C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2007-10-23 14:18 202024 --a------ C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

HDAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\Arquivos de programas\Messenger\msmsgs.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

2007-09-20 08:51 1836328 --a------ C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 14:57 153136 --a------ C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]

Rundll32 P17.dll,P17Helper

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RavAV]

C:\WINDOWS\AdobeR.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]

2006-04-05 07:36 565248 -ra------ C:\WINDOWS\sm56hlpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

2005-05-20 07:11 925696 -ra------ C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2007-07-12 04:00 132496 --a------ C:\Arquivos de programas\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uebTUBE]

2007-11-16 16:58 273920 --a------ C:\Arquivos de programas\UEBBI.com\uebTUBE\uebTUBE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"avast! Web Scanner"=3 (0x3)

"avast! Mail Scanner"=3 (0x3)

"avast! Antivirus"=2 (0x2)

"aswUpdSv"=2 (0x2)

"usnjsvc"=3 (0x3)

"seclogon"=2 (0x2)

"Netlogon"=3 (0x3)

"wuauserv"=2 (0x2)

"wscsvc"=2 (0x2)

R0 parxvtvu;parxvtvu;C:\WINDOWS\system32\drivers\zizqatay.dat

R1 Asapi;Asapi;C:\WINDOWS\system32\drivers\Asapi.sys

R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3;C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys

R3 P17;Sound Blaster Audigy;C:\WINDOWS\system32\drivers\P17.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0a707c0-5fba-11dc-b3a6-d58ccb1d1d9d}]

\Shell\Auto\command - MicrosoftPowerPoint.exe

\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe

.

**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-11-30 15:30:27

Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso

Ficheiros ocultos: 0

**************************************************************************

.

Tempo para conclusão: 2007-11-30 15:30:58

.

--- E O F ---

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Faça o download do HijackThis

  • Coloque o arquivo numa pasta própria em C:\;
  • Dê um duplo clique no HijackThis e clique em Do a system scan and save a logfile;
  • Copie o conteúdo do bloco de notas cole na sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:14:27, on 2/12/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\AVG AntSpyware\AVG Anti-Spyware 7.5\guard.exe

C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Hijack This\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {9E66EF0D-E149-40B1-A7BB-DA8886D09025} - C:\WINDOWS\system32\d3d.dll

O3 - Toolbar: Discador iBest - {4F869C58-D71D-4850-8BDD-7B5CDF8EC911} - C:\Arquivos de programas\Discador iBest\ibestbar.dll

O4 - HKLM\..\Run: [soundMax] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\AVG AntSpyware\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/br/securityadvisor/virusinfo/webscan.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://www.sisdera.com/stream/ampx2.6.1.11_en_dl.cab

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Arquivos de programas\AVG AntSpyware\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--

End of file - 4499 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Tuesday, December 04, 2007 9:41:44 AM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 4/12/2007

Kaspersky Anti-Virus database records: 441991

-------------------------------------------------------------------------------

Scan Settings:

Scan using the following antivirus database: standard

Scan Archives: true

Scan Mail Bases: true

Scan Target - My Computer:

C:\

D:\

E:\

Scan Statistics:

Total number of scanned objects: 57374

Number of viruses found: 1

Number of infected objects: 1

Number of suspicious objects: 0

Duration of the scan process: 00:42:01

Infected Object Name / Virus Name / Last Action

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\BIU1.txt Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\avg7\Log\emc.log Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft\Avg7Data\avg7log.log Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Dr Watson\user.dmp Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Histórico\History.IE5\MSHist012007120420071205\index.dat Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\AcrF.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\Perflib_Perfdata_938.dat Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DF12D.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DF183B.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DF2FF3.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DF3009.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DF5D8.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DF9A2E.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DFA49E.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DFB749.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DFC94C.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DFCF09.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~DFD8C9.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temp\~WRS1121.tmp Object is locked skipped

C:\Documents and Settings\mestre\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\mestre\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\mestre\Dados de aplicativos\Microsoft\Templates\Normal.dot Object is locked skipped

C:\Documents and Settings\mestre\Dados de aplicativos\Microsoft\Word\Salvamento de AutoRecuperação de ISO.asd Object is locked skipped

C:\Documents and Settings\mestre\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\mestre\NTUSER.DAT.LOG Object is locked skipped

C:\Documents and Settings\mestre\UserData\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\heap41a\reproduce.txt Infected: Virus.Win32.AutoHK.a skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{3F8F064D-11A5-4EFD-830F-D92E3AAA612A}\RP2\A0000152.dll Object is locked skipped

C:\System Volume Information\_restore{3F8F064D-11A5-4EFD-830F-D92E3AAA612A}\RP9\change.log Object is locked skipped

C:\WINDOWS\CSC\00000001 Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\d3d.dll Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\ISO.doc Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL0276.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL0918.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL1211.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL1569.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL1658.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL2392.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL2413.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL2449.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL2560.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL2729.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL3073.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL3129.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL3192.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL4024.tmp Object is locked skipped

D:\Mestre\Word\Curso Técnico\GEQ\~WRL4025.tmp Object is locked skipped

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Configure o computador para exibir todos os arquivos

- Apague a pasta em destaque:

C:\heap41a

- No mais, o log está limpo :)

- Atualize o Internet Explorer:

http://www.microsoft.com/downloads/details.aspx?FamilyId=9AE91EBE-3385-447C-8A30-081805B2F90B&displaylang=pt-br

- Recomendo uma manutenção no computador para exclusão dos arquivos temporários, desnecessários e entradas inválidas no registro. Faça o download do CCleaner:

  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Registro > Procurar erros > Corrigir Erros

- Desative e ative novamente a Restauração do Sistema

- Leia o artigo Proteja seu PC para mais informações sobre como evitar infecções.

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

Então....

Segui todos os passos que você me indicou...atualizei o IE, Limpei com o Ccleaner, sobre a restauração de sistema..fiz tudo...

-eu passo o Spybot (não pega nada)

-eu passo o AVG Antispy (não pega nada)

-passei o Avast (não pegou nada)

-mas quando passo o AVG 7.5 (ele acusa o generic6.vzu)

Por enquanto não estou mais usando o AVG 7.5 porque quando o AVG 7.5 estava atuando, cada vez que eu abria o Internet Explorer ou qualquer pasta de meus arquivos, ele ficava dando a mensagem do generic6.vzu...apenas o AVG Antispay, o Avast e o SpyBot.

Fiquei esses dias todos testando...não me incomodei com nada...

será que estou correndo algum risco???

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

- Digite no Executar combofix /u e clique em Ok. Na próxima janela clique em "Executar" e aguarde a remoção do programa;

- Faça o download do ComboFix e salve-o na área de trabalho;

- Selecione o texto abaixo e copie para o bloco de notas. Salve-o como CFScript.txt;

Driver::
parxvtvu
RootKit::
C:\WINDOWS\system32\drivers\zizqatay.dat
C:\WINDOWS\system32\drivers\hmibjcjx.dat
File::
C:\WINDOWS\system32\d3d.dll

- Reinicie o computador em Modo Seguro (pressione a tecla F8 intermitentemente, ou F5 em alguns casos, durante a inicialização);

- Arraste o CFScript.txt para o ComboFix conforme a imagem abaixo:

CFScript.gif

O ComboFix irá rodar e reiniciará o PC automaticamente para completar o processo de remoção.

Não use o mouse nem o teclado quando o ComboFix estiver rodando.

Quando acabar, será gerado um log, que estará em C:\ComboFix.txt.

Obs: Se o Combofix não reiniciar seu computador automaticamente, faça-o manualmente.

Cole novo log do Combofix e do HijackThis na sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

Aí está o log do Combofix:

ComboFix 08-01-14.1 - mestre 2008-01-15 9:06:13.18 - NTFSx86 MINIMAL

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.1782 [GMT -2:00]

Executando de: C:\Documents and Settings\mestre\Desktop\ComboFix.exe

Command switches used :: C:\Documents and Settings\mestre\Desktop\CFScript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE

C:\WINDOWS\system32\d3d.dll

.

((((((((((((((((((((((((((((((((((((( Outras Exclusäes )))))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\WINDOWS\system32\d3d.dll

C:\WINDOWS\system32\drivers\hmibjcjx.dat

C:\WINDOWS\system32\drivers\zizqatay.dat

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\LEGACY_PARXVTVU

-------\parxvtvu

((((((((((((((((((((((( Ficheiros criados de 2007-12-15 to 2008-01-15 ))))))))))))))))))))))))))))))))

.

2008-01-14 22:51 . 2008-01-14 22:54 <DIR> d-------- C:\Arquivos de programas\Autoruns

2008-01-14 13:58 . 2008-01-14 22:24 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Configurações locais

2008-01-14 13:58 . 2008-01-14 22:24 <DIR> d-------- C:\Documents and Settings\NetworkService\Configurações locais

2008-01-14 13:58 . 2008-01-14 22:24 <DIR> d-------- C:\Documents and Settings\mestre\Configurações locais

2008-01-14 13:58 . 2008-01-14 22:24 <DIR> d-------- C:\Documents and Settings\LocalService\Configurações locais

2008-01-14 13:58 . 2008-01-14 22:24 <DIR> d-------- C:\Documents and Settings\Default User\Configurações locais

2008-01-12 18:25 . 2008-01-12 18:25 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Avg7

2008-01-12 01:08 . 2008-01-12 01:42 <DIR> d-------- C:\Arquivos de programas\YoutubeDownloader

2007-12-21 17:40 . 2007-09-06 07:09 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe

2007-12-21 17:40 . 2004-01-09 08:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx

2007-12-21 17:40 . 2007-09-06 07:00 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr

2007-12-21 17:40 . 2007-09-06 07:05 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys

2007-12-21 17:40 . 2007-09-06 07:05 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys

2007-12-21 17:40 . 2007-09-06 07:02 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys

2007-12-21 17:40 . 2007-09-06 07:00 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys

2007-12-21 17:40 . 2007-09-06 07:03 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys

2007-12-17 21:41 . 2007-12-17 21:51 <DIR> d-------- C:\Arquivos de programas\Desktop Video Capture

2007-12-17 20:38 . 2007-12-17 20:44 <DIR> d-------- C:\Arquivos de programas\Desktop Copy Shup

2007-12-17 18:54 . 2007-12-17 18:56 <DIR> d-------- C:\Arquivos de programas\Royale Noir

2007-12-15 17:35 . 2007-12-15 17:35 <DIR> d--hs---- C:\WINDOWS\ftpcache

.

((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-01-15 10:53 --------- d-----w C:\Arquivos de programas\ComboFix

2008-01-15 01:03 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2008-01-15 00:40 --------- d-----w C:\Arquivos de programas\Hijack This

2008-01-13 23:01 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\DVD Shrink

2008-01-13 01:06 --------- d-----w C:\Arquivos de programas\Meu Avast

2008-01-12 20:24 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Grisoft

2008-01-12 00:50 --------- d-----w C:\Arquivos de programas\Winamp

2008-01-11 23:38 --------- d-----w C:\Arquivos de programas\Google

2008-01-11 20:49 --------- d--h--w C:\Arquivos de programas\C AP

2008-01-09 12:22 --------- d-----w C:\Arquivos de programas\Soulseek

2007-12-14 14:12 --------- d-----w C:\Arquivos de programas\Microsoft.NET

2007-12-14 01:00 --------- d-----w C:\Documents and Settings\mestre\Dados de aplicativos\Propellerhead Software

2007-12-14 00:44 --------- d-----w C:\Arquivos de programas\Propellerhead

2007-12-14 00:35 --------- d-----w C:\Arquivos de programas\Syncrosoft

2007-12-14 00:35 --------- d-----w C:\Arquivos de programas\Steinberg

2007-12-13 12:29 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Native Instruments

2007-12-13 12:29 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Digidesign

2007-12-13 12:28 --------- d-----w C:\Arquivos de programas\Native Instruments

2007-12-13 12:28 --------- d-----w C:\Arquivos de programas\FM8

2007-12-13 11:55 --------- d-----w C:\Arquivos de programas\SaxLab Linplug

2007-12-13 11:47 --------- d-----w C:\Arquivos de programas\Windows Media Connect 2

2007-12-13 11:43 --------- d-----w C:\Arquivos de programas\Windows Media Player 11

2007-12-07 17:17 --------- d-----w C:\Documents and Settings\mestre\Dados de aplicativos\Steinberg

2007-12-07 16:21 --------- d-----w C:\Arquivos de programas\Asio

2007-12-06 00:00 --------- d-----w C:\Arquivos de programas\FruityLoops 3.56

2007-12-05 15:03 --------- d-----w C:\Arquivos de programas\DVD Shrink

2007-12-05 00:39 --------- d-----w C:\Arquivos de programas\CCleaner

2007-12-04 16:42 --------- d-----w C:\Arquivos de programas\Simulador

2007-12-04 01:47 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab

2007-11-28 20:17 --------- d-----w C:\Arquivos de programas\Internet Explorer 7

2007-11-27 12:37 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Nero

2007-11-27 12:36 --------- d-----w C:\Arquivos de programas\Nero

2007-11-27 11:29 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2007-11-26 19:06 --------- d-----w C:\Arquivos de programas\Online_TV

2007-11-26 12:53 --------- d-----w C:\Documents and Settings\mestre\Dados de aplicativos\Nero

2007-11-26 12:43 --------- d-----w C:\Arquivos de programas\Ahead

2007-11-24 01:30 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Nullsoft

2007-11-23 15:37 --------- d-----w C:\Arquivos de programas\microsoft frontpage

2007-11-22 12:51 --------- d-----w C:\Arquivos de programas\Real Player

2007-11-22 12:31 --------- d-----w C:\Documents and Settings\mestre\Dados de aplicativos\LimeWire

2007-11-22 11:44 --------- d-----w C:\Arquivos de programas\Java

2007-11-22 11:32 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Java

2007-11-21 01:17 --------- d-----w C:\Documents and Settings\mestre\Dados de aplicativos\Media Player Classic

2007-11-21 01:16 --------- d-----w C:\Arquivos de programas\K-Lite Codec Pack

2007-11-21 01:16 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Real

2007-11-21 00:58 --------- d-----w C:\Arquivos de programas\UEBBI.com

2007-11-20 19:01 --------- d-----w C:\Arquivos de programas\SpayBot

2007-10-23 16:20 972,072 ----a-w C:\WINDOWS\UNNeroMediaHome.exe

2007-10-22 10:51 972,072 ----a-w C:\WINDOWS\UNRecode.exe

2007-09-12 00:28 16,516 ----a-w C:\Arquivos de programas\Beam disc.JPG

.

((((((((((((((((((((((((((((( snapshot@2008-01-15_ 8.57.53,06 )))))))))))))))))))))))))))))))))))))))))

.

- 2008-01-15 00:18:16 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT

+ 2008-01-15 11:06:07 229,376 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT

- 2008-01-15 00:18:16 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat

+ 2008-01-15 11:06:07 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat

- 2008-01-15 00:18:18 4,550,656 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT

+ 2008-01-15 11:06:09 4,550,656 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT

- 2008-01-15 00:18:18 151,552 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat

+ 2008-01-15 11:06:09 151,552 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat

+ 2000-08-31 10:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE

- 2008-01-15 09:57:43 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_478.dat

+ 2008-01-15 11:10:33 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_478.dat

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:45 15360]

"MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [2004-10-13 14:24 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMax"="C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 16:35 716800]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-19 03:26 7700480]

"avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 07:06 79224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Atualizador - Puxa Rápido]

C:\Arquivos de programas\Puxa Rápido\Atualiza.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]

C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

--a------ 2007-10-23 14:18 202024 C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

--a------ 2007-01-01 20:54 3735552 C:\Arquivos de programas\Google\Google Talk\googletalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

--------- 2004-10-27 16:21 61952 C:\WINDOWS\system32\HdAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

--a------ 2004-10-13 14:24 1694208 C:\Arquivos de programas\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

--a------ 2007-09-20 08:51 1836328 C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2007-03-01 14:57 153136 C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

--a------ 2007-04-19 03:26 7700480 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

--a------ 2007-04-19 03:26 86016 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

--a------ 2007-04-19 03:26 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]

-ra------ 2005-05-03 09:38 64512 C:\WINDOWS\system32\P17.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RavAV]

C:\WINDOWS\AdobeR.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]

-ra------ 2006-04-05 07:36 565248 C:\WINDOWS\sm56hlpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

-ra------ 2005-05-20 07:11 925696 C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

--a------ 2007-07-12 04:00 132496 C:\Arquivos de programas\Java\jre1.6.0_02\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uebTUBE]

--a------ 2007-11-16 16:58 273920 C:\Arquivos de programas\UEBBI.com\uebTUBE\uebTUBE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"usnjsvc"=3 (0x3)

"seclogon"=2 (0x2)

"Netlogon"=3 (0x3)

"wuauserv"=2 (0x2)

"wscsvc"=2 (0x2)

"AVGEMS"=2 (0x2)

"Avg7UpdSvc"=2 (0x2)

"Avg7Alrt"=2 (0x2)

"WMPNetworkSvc"=3 (0x3)

"ose"=3 (0x3)

"Nero BackItUp Scheduler 3"=2 (0x2)

"AVG Anti-Spyware Guard"=2 (0x2)

R1 Asapi;Asapi;C:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 21:27]

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-01-15 09:11:04

Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializ*veis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso

Ficheiros ocultos: 0

**************************************************************************

.

Tempo para conclusÆo: 2008-01-15 9:13:31 - machine was rebooted

ComboFix-quarantined-files.txt 2008-01-15 11:13:28

ComboFix2.txt 2008-01-15 10:58:13

.

2008-01-14 16:12:28 --- E O F ---

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

Aí vai o log do HijackThis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:16:28, on 15/1/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Arquivos de programas\Hijack This\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SpayBot\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Discador iBest - {4F869C58-D71D-4850-8BDD-7B5CDF8EC911} - C:\Arquivos de programas\Discador iBest\ibestbar.dll

O4 - HKLM\..\Run: [soundMax] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\MEUOFF~1\OFFICE~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\MEUOFF~1\OFFICE~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--

End of file - 4005 bytes

Estou no aguardo!

Obrigado!

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Digite no Executar msconfig, na aba Geral marque Inicialização normal - carregar todos os drivers de dispositivo e serviços, clique em "Aplicar" e "Ok";

- Gere novo log e cole na sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:01:35, on 16/1/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Google\Google Talk\googletalk.exe

C:\Arquivos de programas\Windows Media Player\wmplayer.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe

C:\Arquivos de programas\Hijack This\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SpayBot\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [soundMax] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [uebTUBE] C:\Arquivos de programas\UEBBI.com\uebTUBE\uebTUBE.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [sMSERIAL] C:\WINDOWS\sm56hlpr.exe

O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe

O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [Atualizador - Puxa Rápido] C:\Arquivos de programas\Puxa Rápido\Atualiza.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMBgMonitor.exe"

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\MEUOFF~1\OFFICE~1\OFFICE11\EXCEL.EXE/3000

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--

End of file - 5085 bytes

O vírus já era!

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Ok, o log está limpo :)

- Recomendo uma manutenção no computador para exclusão dos arquivos temporários, desnecessários e entradas inválidas no registro. Faça o download do CCleaner:

  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Registro > Procurar erros > Corrigir Erros

- Desative e ative novamente a Restauração do Sistema

- Leia o artigo Proteja seu PC para mais informações sobre como evitar infecções.

Compartilhar este post


Link para o post
Compartilhar em outros sites
 

Está tudo ok agora!!!

(quase tudo)..

Não sei se foi por causa do vírus.....mas não consigo ouvir o som dos vídeos do youtube e outros sites de lojas virtuais com www.beatport.com

- a placa está configurada corretamente, valumes

- o volume dos vídeos do youtube está no máximo

- o Windows midia player funciona corretamente

o ícone que ficava junto ao relógio não aparece mais mesmo indo e configurando-o para aparecer...

Sabe o que pode ser????

Compartilhar este post


Link para o post
Compartilhar em outros sites
 
 
 
 
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×