Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
f4bynhu

Me Ajudem Por Favor

Posts recomendados

Esses dias eu acabei pegando virus no pc e um dos efeitos foi que meu gerenciador de tarefas foi desativado, contudo, por meio indiretamente deste forum eu consegui resolver essa questao do gerenciador de tarefas. porém, meu computador ficou MUITO LERDO depois do ocorrido e mais, creio eu que o virus ainda permanece em minha maquina. Peço que alguem me ajude, pois necessito solucionar isso o mais rápido possivel.

Obrigado

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Faça o download do HijackThis

  • Coloque o arquivo numa pasta própria em C:\;
  • Dê um duplo clique no HijackThis e clique em Do a system scan and save a logfile;
  • Copie o conteúdo do bloco de notas cole na sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

JoseMELO, segue o conteúdo....

Logfile of HijackThis v1.99.1

Scan saved at 03:32:45, on 31/12/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\Arquivos de programas\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Eset\nod32kui.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

E:\setup32.exe

C:\Arquivos de programas\WinRAR\WinRAR.exe

C:\Arquivos de programas\WinRAR\WinRAR.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\socorro\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~3\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Arquivos de programas\D-Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O8 - Extra context menu item: &Download All with FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Download with FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1178714600828

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} (GbPluginObj Class) - https://imagem.caixa.gov.br/cab/GbPluginCef.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~3\Office12\GR99D3~1.DLL

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\ARQUIV~1\Google\GOOGLE~3\GOEC62~1.DLL

O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Arquivos de programas\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe

O23 - Service: GoogleDesktopManager - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Arquivos de programas\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\svcntaux.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\swdsvc.exe

obrigado

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Faça o download do ComboFix

  • Desative, temporariamente, o antivírus;
  • Feche todas as janelas abertas;
  • Dê um duplo-clique no combofix.exe e tecle "1" para prosseguir o Fix. Pode demorar algum tempo.
  • O ComboFix poderá reiniciar o PC automaticamente para completar o processo de remoção.
  • Quando acabar, será gerado um log, que estará em C:\ComboFix.txt.
  • Não clique na Janela do ComboFix, nem o feche clicando no X, enquanto estiver rodando, não mova o mouse e não use o teclado, pois senão irá parar e seu desktop ficará em branco.
  • Para parar ou sair do ComboFix, tecle "N".
  • Cole o ComboFix.txt na sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

aqui está...

ComboFix 07-12-31.4 - FABIO RENAN MIRANDA 2007-12-31 17:06:16.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1046.18.136 [GMT -2:00]

Executando de: C:\Documents and Settings\FABIO RENAN MIRANDA\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\WINDOWS\dat.txt

C:\WINDOWS\fvkwdrt.exe

C:\WINDOWS\rs.txt

D:\Autorun.inf

.

((((((((((((((((((((((( Ficheiros criados de 2007-11-28 to 2007-12-31 ))))))))))))))))))))))))))))))))

.

2007-12-31 17:05 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe

2007-12-31 05:52 . 2007-12-31 05:52 <DIR> d-------- C:\Documents and Settings\FABIO RENAN MIRANDA\DesktopTE

2007-12-31 04:13 . 2007-12-31 04:14 568 --a------ C:\WINDOWS\eReg.dat

2007-12-31 02:23 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll

2007-12-31 01:56 . 2007-12-31 01:56 <DIR> d-------- C:\Arquivos de programas\D-Tools

2007-12-31 01:56 . 2004-08-22 16:31 155,136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys

2007-12-31 01:56 . 2004-08-22 16:31 5,248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys

2007-12-30 20:40 . 2007-12-30 20:34 502,208 --a------ C:\WINDOWS\system32\drivers\amon.sys

2007-12-30 20:40 . 2007-12-30 20:34 270,336 --a------ C:\WINDOWS\system32\imon.dll

2007-12-30 03:00 . 2007-12-30 03:00 <DIR> d-------- C:\Arquivos de programas\CCleaner

2007-12-30 02:10 . 2007-12-30 02:11 <DIR> d-------- C:\LinhaDefensiva

2007-12-30 01:47 . 2007-12-31 03:32 <DIR> d-------- C:\socorro

2007-12-29 01:45 . 2007-10-04 17:10 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys

2007-12-29 01:45 . 2007-10-04 17:10 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys

2007-12-29 01:45 . 2007-10-04 17:10 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys

2007-12-29 01:45 . 2007-10-04 17:11 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys

2007-12-29 01:44 . 2007-12-29 01:44 <DIR> d-------- C:\Documents and Settings\FABIO RENAN MIRANDA\Dados de aplicativos\PC Tools

2007-12-29 01:44 . 2007-12-30 20:22 <DIR> d-------- C:\Arquivos de programas\Spyware Doctor

2007-12-28 19:56 . 2007-12-28 19:57 <DIR> d-------- C:\Documents and Settings\FABIO RENAN MIRANDA\Dados de aplicativos\Arcsoft

2007-12-28 19:56 . 2007-12-28 20:01 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\ArcSoft

2007-12-28 19:56 . 2007-12-28 20:01 <DIR> d-------- C:\Arquivos de programas\ArcSoft

2007-12-28 19:43 . 2007-12-28 19:46 104,188 --a------ C:\WINDOWS\hpqins13.dat

2007-12-28 18:15 . 2007-12-28 18:16 1,190 --a------ C:\WINDOWS\mozver.dat

2007-12-28 17:24 . 2007-12-28 17:24 <DIR> d-------- C:\Arquivos de programas\Positivo

2007-12-28 17:16 . 2007-12-28 17:16 <DIR> d-------- C:\Documents and Settings\FABIO RENAN MIRANDA\Dados de aplicativos\Talkback

2007-12-28 17:09 . 2007-12-28 17:09 0 --a------ C:\WINDOWS\nsreg.dat

2007-12-28 13:19 . 2007-12-28 13:19 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\xing shared

2007-12-28 13:16 . 2007-12-28 13:16 <DIR> d-------- C:\Arquivos de programas\Real

2007-12-28 13:16 . 2007-12-28 13:18 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Real

2007-12-28 12:50 . 2007-12-30 03:37 <DIR> d-------- C:\Arquivos de programas\Norton Security Scan

2007-12-28 12:37 . 2007-12-31 03:23 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Google Updater

2007-12-28 12:37 . 2007-12-29 01:23 <DIR> d-------- C:\Arquivos de programas\Google

2007-12-28 02:44 . 2007-12-28 02:44 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Avg7

2007-12-28 02:22 . 2007-12-30 20:37 <DIR> d-a------ C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2007-12-28 02:06 . 2005-09-23 08:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll

2007-12-28 01:59 . 2007-12-04 10:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr

2007-12-28 01:59 . 2007-12-04 12:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys

2007-12-28 01:59 . 2007-12-04 12:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys

2007-12-28 01:59 . 2007-12-04 12:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys

2007-12-28 01:59 . 2007-12-04 12:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys

2007-12-28 01:59 . 2007-12-04 12:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys

2007-12-28 01:58 . 2007-12-04 11:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe

2007-12-28 01:58 . 2004-01-09 07:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx

2007-12-27 18:20 . 2007-12-27 18:20 <DIR> d-------- C:\Arquivos de programas\Maxis

2007-12-27 18:08 . 2007-12-27 18:09 <DIR> d-------- C:\Documents and Settings\FABIO RENAN MIRANDA\DesktopSS

2007-12-27 00:52 . 2007-12-27 00:52 <DIR> d-------- C:\Arquivos de programas\EA GAMES

2007-12-25 16:42 . 2007-12-27 12:35 69 --a------ C:\WINDOWS\NeroDigital.ini

2007-12-24 19:07 . 2007-12-31 03:22 <DIR> d-------- C:\Arquivos de programas\Microsoft Games

2007-12-24 18:16 . 2007-12-24 18:16 <DIR> d-------- C:\Arquivos de programas\UltraISO

2007-12-24 18:16 . 2007-12-24 18:16 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\EZB Systems

2007-12-24 12:40 . 2007-12-24 12:40 <DIR> d-------- C:\Documents and Settings\FABIO RENAN MIRANDA\Dados de aplicativos\Nero

2007-12-24 12:36 . 2007-12-28 03:01 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Nero

2007-12-24 12:36 . 2007-12-28 03:01 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Nero

2007-12-24 12:17 . 2007-12-24 12:17 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Ahead

2007-12-23 19:10 . 2007-12-31 17:06 <DIR> d-------- C:\Arquivos de programas\FlashGet

2007-12-23 19:10 . 2006-04-20 09:51 359,808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys.flg

2007-12-23 17:31 . 2007-12-23 17:36 70,656 --a------ C:\WINDOWS\ScUnin.exe

2007-12-23 17:31 . 2007-12-23 17:36 32,988 --a------ C:\WINDOWS\scunin.dat

2007-12-23 17:31 . 2007-12-23 17:36 967 --a------ C:\WINDOWS\ScUnin.pif

2007-12-16 03:06 . 2007-12-16 03:06 <DIR> d-------- C:\Arquivos de programas\Microsoft CAPICOM 2.1.0.2

2007-12-11 19:46 . 2007-12-11 19:46 0 --a------ C:\WINDOWS\QuickInstall.INI

2007-12-11 19:25 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll

2007-12-11 19:25 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll

2007-12-11 19:25 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

2007-12-11 03:08 . 2004-05-11 10:53 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll

2007-12-11 03:08 . 2004-05-11 10:53 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll

2007-12-11 03:08 . 2004-05-11 10:53 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll

2007-12-11 03:03 . 2004-06-21 15:40 581,632 -ra------ C:\WINDOWS\system32\hpotscl.dll

2007-12-11 03:03 . 2004-06-21 15:40 278,528 -ra------ C:\WINDOWS\system32\hpgwiamd.dll

2007-12-11 03:03 . 2007-12-11 03:21 104,285 --a------ C:\WINDOWS\hpoins04.dat

2007-12-11 03:03 . 2004-06-21 15:40 90,112 -ra------ C:\WINDOWS\system32\hpovst08.dll

2007-12-11 03:03 . 2004-06-21 15:40 17,176 --------- C:\WINDOWS\hpomdl04.dat

2007-12-11 02:28 . 2007-12-11 02:28 268 --ah----- C:\sqmdata16.sqm

2007-12-11 02:28 . 2007-12-11 02:28 244 --ah----- C:\sqmnoopt16.sqm

2007-12-11 02:26 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll

2007-12-11 02:25 . 2007-12-11 02:25 <DIR> d-------- C:\Arquivos de programas\Microsoft SQL Server Compact Edition

2007-12-11 02:14 . 2007-12-11 02:19 <DIR> d--hsc--- C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller

2007-12-11 02:13 . 2007-12-11 11:59 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller

2007-12-04 17:03 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll

2007-12-04 17:01 . 2007-12-04 17:01 <DIR> d-------- C:\Arquivos de programas\MSBuild

2007-12-04 17:00 . 2007-12-04 17:00 <DIR> d-------- C:\Arquivos de programas\Microsoft.NET

2007-12-04 16:57 . 2007-12-04 17:01 <DIR> d-------- C:\WINDOWS\SHELLNEW

2007-12-04 16:55 . 2007-12-04 16:55 <DIR> dr-h----- C:\MSOCache

2007-12-04 16:42 . 2007-12-16 03:04 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

2007-11-25 12:47 . 2007-11-25 12:47 268 --ah----- C:\sqmdata15.sqm

2007-11-25 12:47 . 2007-11-25 12:47 244 --ah----- C:\sqmnoopt15.sqm

2007-11-07 15:39 . 2007-11-07 15:39 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico

2007-11-07 15:39 . 2007-11-07 15:39 1,406 --a------ C:\WINDOWS\system32\Help.ico

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-12-31 06:38 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin

2007-12-31 05:22 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

2007-12-30 03:14 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Symantec Shared

2007-12-28 21:39 --------- d-----w C:\Documents and Settings\FABIO RENAN MIRANDA\Dados de aplicativos\Image Zone Express

2007-12-24 14:48 --------- d-----w C:\Arquivos de programas\Arquivos comuns\LightScribe

2007-12-11 22:18 --------- d-----w C:\Arquivos de programas\Windows Live

2007-12-11 22:18 --------- d-----w C:\Arquivos de programas\Palm

2007-12-11 22:18 --------- d-----w C:\Arquivos de programas\Backup Sicadi

2007-12-11 22:16 --------- d-----w C:\Arquivos de programas\Arquivos comuns\DataViz

2007-12-11 05:44 --------- d-----w C:\Documents and Settings\FABIO RENAN MIRANDA\Dados de aplicativos\Printer Info Cache

2007-12-11 05:08 --------- d-----w C:\Arquivos de programas\HP

2007-12-11 05:02 --------- d-----w C:\Arquivos de programas\Messenger Plus! Live

2007-12-04 19:02 --------- d-----w C:\Arquivos de programas\Microsoft Works

2007-11-28 13:01 --------- d-----w C:\Arquivos de programas\OnGame

2007-11-14 07:28 450,560 ------w C:\WINDOWS\system32\dllcache\jscript.dll

2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys

2007-11-09 14:08 --------- d-----w C:\Arquivos de programas\GbPlugin

2007-10-30 10:18 3,079,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll

2007-10-29 22:44 1,292,288 ----a-w C:\WINDOWS\system32\quartz.dll

2007-10-29 22:44 1,292,288 ------w C:\WINDOWS\system32\dllcache\quartz.dll

2007-10-25 16:57 8,484,352 ------w C:\WINDOWS\system32\dllcache\shell32.dll

2007-10-23 19:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR

2007-10-20 08:01 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll

2007-10-20 08:01 227,328 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll

2007-10-18 13:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll

2007-10-11 06:13 96,768 ------w C:\WINDOWS\system32\dllcache\inseng.dll

2007-10-11 06:13 661,504 ------w C:\WINDOWS\system32\dllcache\wininet.dll

2007-10-11 06:13 616,448 ------w C:\WINDOWS\system32\dllcache\urlmon.dll

2007-10-11 06:13 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll

2007-10-11 06:13 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll

2007-10-11 06:13 474,112 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll

2007-10-11 06:13 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll

2007-10-11 06:13 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll

2007-10-11 06:13 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll

2007-10-11 06:13 251,392 ------w C:\WINDOWS\system32\dllcache\iepeers.dll

2007-10-11 06:13 205,312 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll

2007-10-11 06:13 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll

2007-10-11 06:13 151,552 ------w C:\WINDOWS\system32\dllcache\cdfview.dll

2007-10-11 06:13 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll

2007-10-11 06:13 1,494,528 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll

2007-10-11 06:13 1,055,744 ------w C:\WINDOWS\system32\dllcache\danim.dll

2007-10-11 06:13 1,024,000 ------w C:\WINDOWS\system32\dllcache\browseui.dll

2007-10-10 11:16 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe

2007-08-24 12:32 0 ----a-w C:\Documents and Settings\FABIO RENAN MIRANDA\Dados de aplicativos\wklnhst.dat

2005-09-24 11:49 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll

2007-07-02 19:49 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & legítimas por defeito não são mostradas.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 19:00 15360]

"swg"="C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-28 12:37 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 11:00 79224]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-18 06:00 7585792]

"nod32kui"="C:\Arquivos de programas\Eset\nod32kui.exe" [2007-12-30 20:34 917504]

"DAEMON Tools-1033"="C:\Arquivos de programas\D-Tools\daemon.exe" [2004-08-22 17:05 81920]

"Flashget"="C:\Arquivos de programas\FlashGet\flashget.exe" [2007-09-25 06:10 2007088]

"TkBellExe"="C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" [2007-12-28 13:16 185632]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 19:00 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399003}"= C:\Arquivos de programas\GbPlugin\gbiehcef.dll [2007-08-09 16:39 207944]

"{E37CB5F0-51F5-4395-A808-5FA49E399F83}"= C:\Arquivos de programas\GbPlugin\gbieh.dll [2007-08-08 14:29 209224]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]

avldr.dll 2007-02-15 21:02 50736 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\ARQUIV~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Reader Speed Launch.lnk

backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^DataViz Inc Messenger.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\DataViz Inc Messenger.lnk

backup=C:\WINDOWS\pss\DataViz Inc Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Google Updater.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Google Updater.lnk

backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HOTSYNCSHORTCUTNAME.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HOTSYNCSHORTCUTNAME.lnk

backup=C:\WINDOWS\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^HP Digital Imaging Monitor.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\HP Digital Imaging Monitor.lnk

backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Inicialização rápida do HP Photosmart Premier.lnk]

path=C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Inicialização rápida do HP Photosmart Premier.lnk

backup=C:\WINDOWS\pss\Inicialização rápida do HP Photosmart Premier.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^FABIO RENAN MIRANDA^Menu Iniciar^Programas^Inicializar^Palm Registration.lnk]

path=C:\Documents and Settings\FABIO RENAN MIRANDA\Menu Iniciar\Programas\Inicializar\Palm Registration.lnk

backup=C:\WINDOWS\pss\Palm Registration.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APVXDWIN]

C:\Arquivos de programas\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE /s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Backup Sicadi]

C:\Arquivos de programas\Backup Sicadi\Util\SicadiDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

c:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]

2006-05-30 17:02 40960 --a------ C:\Arquivos de programas\Hewlett-Packard\Default Settings\cpqset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

2004-08-04 19:00 15360 --a------ C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]

C:\Arquivos de programas\FlashGet\flashget.exe /min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]

C:\Arquivos de programas\Windows Live\Proteção para a Família\fssui.exe -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2006-10-27 00:47 31016 --a------ C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]

CHDAudPropShortcut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]

2004-05-12 15:18 241664 --a------ C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-05-08 17:24 54840 --a------ C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]

2007-08-22 16:31 80896 --a------ C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSRMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]

2006-05-03 23:58 458752 --a------ C:\Arquivos de programas\hpq\HP Wireless Assistant\HP Wireless Assistant.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]

C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /installquiet /nodetect

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]

C:\Arquivos de programas\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]

2006-07-11 22:55 102400 --a------ C:\Arquivos de programas\HP\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RecGuard]

2005-10-11 11:23 1187840 --------- C:\Windows\SMINST\RecGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]

2007-10-02 16:27 1065288 --a------ C:\Arquivos de programas\Spyware Doctor\SDTrayApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2005-11-10 22:03 36975 --a------ C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2007-12-28 12:37 68856 --a------ C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

2006-04-01 03:01 761946 --a------ C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe -osboot

R2 GbpSv;Gbp Service;C:\Arquivos de programas\GbPlugin\GbpSv.exe [2007-08-09 16:43]

R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-05 21:49]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{172a7a10-6b5d-11dc-9ca1-001a731ffec9}]

\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe

\Shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{462ec6f2-815b-11dc-9ccb-001a731ffec9}]

\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe

\Shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4e27a7de-51ac-11dc-9c74-0019bbf881c3}]

\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe

\Shell\Open(&0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ff0afe19-a35d-11dc-9cf4-001a731ffec9}]

\Shell\Auto\command - MicrosoftPowerPoint.exe

\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe

*Newly Created Service* - PROCEXP90

.

Conteúdo da pasta 'Tarefas Agendadas'

"2007-12-28 19:03:51 C:\WINDOWS\Tasks\Norton Security Scan.job"

- C:\Arquivos de programas\Norton Security Scan\Nss.exe

.

**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-12-31 17:11:21

Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso

Ficheiros ocultos: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]

-> C:\Arquivos de programas\Eset\pr_imon.dll

.

Tempo para conclusão: 2007-12-31 17:13:38

C:\qoobox\ComboFix-quarantined-files.txt 2007-12-31 19:13:29

.

2007-12-23 05:02:07 --- E O F ---

obrigado

Compartilhar este post


Link para o post
Compartilhar em outros sites

Logfile of HijackThis v1.99.1

Scan saved at 20:24:17, on 31/12/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\Arquivos de programas\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Eset\nod32kui.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\socorro\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~3\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Arquivos de programas\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [Flashget] C:\Arquivos de programas\FlashGet\flashget.exe /min

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O8 - Extra context menu item: &Download All with FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Download with FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1178714600828

O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} (GbPluginObj Class) - https://imagem.caixa.gov.br/cab/GbPluginCef.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~3\Office12\GR99D3~1.DLL

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\ARQUIV~1\Google\GOOGLE~3\GOEC62~1.DLL

O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Arquivos de programas\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe

O23 - Service: GoogleDesktopManager - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Arquivos de programas\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Arquivos de programas\Arquivos comuns\LightScribe\LSSrvc.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\svcntaux.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\swdsvc.exe

AQUI ESTÁ...

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Ok, o log está limpo :)

- Digite no Executar combofix /u e clique em Ok. Na próxima janela clique em "Executar" e aguarde a remoção do programa;

- Atualize o Internet Explorer:

http://www.microsoft.com/downloads/details.aspx?FamilyId=9AE91EBE-3385-447C-8A30-081805B2F90B&displaylang=pt-br

- Recomendo uma manutenção no computador para exclusão dos arquivos temporários, desnecessários e entradas inválidas no registro. Faça o download do CCleaner:

  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Registro > Procurar erros > Corrigir Erros

- Desative e ative novamente a Restauração do Sistema

- Leia o artigo Proteja seu PC para mais informações sobre como evitar infecções.

Compartilhar este post


Link para o post
Compartilhar em outros sites

OBRIGADO....

Sem querer abusar, mas já abusando, seguinte...Eu tenho um outro pc, porém ele liga somente no modo de segurança... Toda vez que eu tento ligar no modo normal ele até inicia legal, mas quando eu faço login para entrar no windows o pc reinicia automaticamente... uq será isso? uq eu faço?

mais uma vez, obrigado

Compartilhar este post


Link para o post
Compartilhar em outros sites

Provavelmente, falha em algum componente de hardware.

Compartilhar este post


Link para o post
Compartilhar em outros sites

entendi... há alguma maneira pela qual eu possa proceder para tentar solucionar tal problema?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Recomendo que consulte a assistência técnica.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...