Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
carlosibarreto

Pc Infectado Por Malware

Recommended Posts

Olá meu Pc anda lento esses dias e toda hora o Avast acusa um Malware, ele acusa esse erro

HTML: Malware-gen e não consigo retirar de maneira alguma! Tenta me ajudar ae na moral!

Grato

Ae abaixo vai o LOG do HijackThis

________________________________

Logfile of HijackThis v1.99.1

Scan saved at 10:35, on 2008-04-07

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\AlienGUIse\wbload.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe

C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\Keyboard\Ikeymain.exe

C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe

C:\Arquivos de programas\RSSoft\RedSwoosh.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe

C:\Arquivos de programas\uTorrent\uTorrent.exe

C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe

C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Arquivos de programas\HP\Smart Web Printing\hpswp_clipbook.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Carlos\Desktop\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Arquivos de programas\HP\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Arquivos de programas\HP\Smart Web Printing\hpswp_framework.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: (no name) - {F156768E-81EF-470C-9057-481BA8380DBA} - (no file)

O2 - BHO: Banco do Brasil S.A. - {FCAAAC14-BC46-40CA-9CB2-CBB12C6739EB} - (no file)

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

O3 - Toolbar: (no name) - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - (no file)

O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [iKeyWorks] C:\ARQUIV~1\Keyboard\Ikeymain.exe

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe" -H

O4 - HKLM\..\Run: [Red Swoosh] C:\Arquivos de programas\RSSoft\RedSwoosh.exe /S

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [GameXL] C:\Arquivos de programas\FlashGet\FlashGet.exe /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [Red Swoosh] C:\Arquivos de programas\RSSoft\RedSwoosh.exe /S

O4 - HKCU\..\Run: [iSUSPM] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -scheduler

O4 - HKCU\..\Run: [uTorrent] "C:\Arquivos de programas\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Startup: hamachi.lnk = C:\Arquivos de programas\Hamachi\hamachi.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Monitor Apache Servers.lnk = C:\Arquivos de programas\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O8 - Extra context menu item: &Download All with FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Download by NetAnts - C:\ARQUIV~1\NETANTS\NAGet.htm

O8 - Extra context menu item: &Download with FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Download &All by NetAnts - C:\ARQUIV~1\NETANTS\NAGetAll.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\ARQUIV~1\NETANTS\NetAnts.exe (file missing)

O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\ARQUIV~1\NETANTS\NetAnts.exe (file missing)

O9 - Extra button: Livro de recortes HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Arquivos de programas\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: Seleção HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Arquivos de programas\HP\Smart Web Printing\hpswp_extensions.dll

O9 - Extra button: (no name) - {85e1f530-48f4-11d9-9629-08ff2ffc9f67} - (no file)

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe (file missing)

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe (file missing)

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra button: Barra do iG - {FD1672E0-AE0D-465B-B345-F7B0944A121D} - (no file)

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfweb_activex.camfrogweb.com-advanced_instmodule.exe

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab

O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://www.file2you.net/applet.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www2.driveragent.com/files/driveragent.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WB - C:\Arquivos de programas\AlienGUIse\fastload.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Apache2.2 - Unknown owner - C:\Arquivos de programas\Apache Software Foundation\Apache2.2\bin\httpd.exe" -k runservice (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Arquivos de programas\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe

O23 - Service: MySQL - Unknown owner - C:\Arquivos.exe (file missing)

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

__________________________________________

Aguardo Ajuda...

valeu ae

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Faça o download do ComboFix

  • Desative, temporariamente, o antivírus;
  • Feche todas as janelas abertas;
  • Dê um duplo-clique no ComboFix.exe, clique em "Executar" e digite "1" + Enter para prosseguir o Fix. Pode demorar algum tempo.
  • O ComboFix poderá reiniciar o PC automaticamente para completar o processo de remoção.
  • Quando terminar, será gerado um log, que estará em C:\ComboFix.txt.
  • Não clique na Janela do ComboFix, nem o feche clicando no X, enquanto estiver rodando, não mova o mouse e não use o teclado, pois senão irá parar e seu desktop ficará em branco.
  • Para parar ou sair do ComboFix, tecle "N".
  • Cole o ComboFix.txt na sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites
  • Autor do tópico
  • ComboFix 08-04-08.7 - Carlos 2008-04-08 20:49:52.4 - FAT32x86

    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.246 [GMT -3:00]

    Executando de: C:\Documents and Settings\Carlos\Desktop\ComboFix.exe

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

    .

    Apareceu isso ae no combofix.txt

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • Eita, Foi mesmo, bem que eu achei estranho!

    Foi mal ae!

    Ta ae o certo agora.

    _______________________________________

    ComboFix 08-04-08.7 - Carlos 2008-04-10 8:53:23.5 - FAT32x86

    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.197 [GMT -3:00]

    Executando de: C:\Documents and Settings\Carlos\Desktop\ComboFix.exe

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

    .

    ((((((((((((((((((((((( Ficheiros criados de 2008-03-10 to 2008-04-10 ))))))))))))))))))))))))))))))))

    .

    2008-04-09 21:47 . 2008-04-09 21:49 1,355 --a------ C:\WINDOWS\imsins.BAK

    2008-04-09 08:21 . 2008-04-09 08:21 360,064 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS.ORIGINAL

    2008-04-08 17:48 . 2008-04-08 17:48 <DIR> d-------- C:\WINDOWS\Application Data\HP

    2008-04-06 17:03 . 2008-04-06 17:03 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\WEBREG

    2008-04-06 17:01 . 2008-04-06 17:01 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Hewlett-Packard

    2008-04-06 17:01 . 2007-03-28 14:01 118,272 --a------ C:\WINDOWS\SYSTEM32\hpz3l5ha.dll

    2008-04-06 16:58 . 2008-04-06 16:58 <DIR> d-------- C:\WINDOWS\Application Data\HPAppData

    2008-04-06 16:58 . 2008-04-06 16:59 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\HPSSUPPLY

    2008-04-06 16:55 . 2008-04-06 16:55 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\HP Product Assistant

    2008-04-06 16:55 . 2008-04-06 16:55 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\HP

    2008-04-06 16:55 . 2008-04-06 16:55 <DIR> d-------- C:\Arquivos de programas\Hewlett-Packard

    2008-04-06 16:55 . 2008-04-06 16:55 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\HP

    2008-04-06 16:54 . 2008-04-06 16:54 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard

    2008-04-06 16:54 . 2007-03-08 16:20 49,920 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\HPZid412.sys

    2008-04-06 16:54 . 2007-03-08 16:20 21,568 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\HPZius12.sys

    2008-04-06 16:54 . 2007-03-08 16:20 16,496 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\HPZipr12.sys

    2008-04-06 16:53 . 2008-04-06 16:53 <DIR> d-------- C:\Arquivos de programas\HP

    2008-04-06 16:53 . 2007-03-17 17:39 958,464 --a------ C:\WINDOWS\SYSTEM32\hpotiop4.dll

    2008-04-06 16:53 . 2007-03-17 17:39 675,840 --a------ C:\WINDOWS\SYSTEM32\hpowiax4.dll

    2008-04-06 16:53 . 2007-03-08 16:20 364,544 --a------ C:\WINDOWS\SYSTEM32\hppldcoi.dll

    2008-04-06 16:53 . 2007-03-17 17:39 303,104 --a------ C:\WINDOWS\SYSTEM32\hpovst11.dll

    2008-04-06 16:53 . 2007-03-31 02:29 267,864 --a------ C:\WINDOWS\SYSTEM32\hpzids01.dll

    2008-04-06 16:53 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\usbprint.sys

    2008-04-06 16:53 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\SYSTEM32\dllcache\usbprint.sys

    2008-04-06 08:38 . 2008-04-06 10:26 150,092 --------- C:\WINDOWS\hpoins15.dat.temp

    2008-04-06 08:38 . 2007-09-20 17:06 1,039 --------- C:\WINDOWS\hpomdl15.dat.temp

    2008-04-06 08:20 . 2008-04-06 17:03 150,657 --a------ C:\WINDOWS\hpoins15.dat

    2008-04-06 08:20 . 2007-09-21 10:35 1,039 --------- C:\WINDOWS\hpomdl15.dat

    2008-04-05 14:24 . 2008-04-05 14:24 <DIR> d-------- C:\WINDOWS\SYSTEM32\Temp

    2008-04-05 14:24 . 2008-04-05 14:24 376,832 --a------ C:\WINDOWS\SYSTEM32\MPIWIN32.DLL

    2008-04-05 14:24 . 2008-04-05 14:24 45,056 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\CBUSB.SYS

    2008-04-05 14:24 . 2008-04-05 14:24 43,520 --a------ C:\WINDOWS\SYSTEM32\CBNDLL.DLL

    2008-04-05 08:51 . 2008-04-05 08:44 691,545 --a------ C:\WINDOWS\unins000.exe

    2008-04-05 06:26 . 2008-03-29 15:31 75,856 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\aswSP.sys

    2008-04-05 06:26 . 2008-03-29 15:35 20,560 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\aswFsBlk.sys

    2008-04-02 10:20 . 2008-04-02 10:20 <DIR> d--hs---- C:\FOUND.053

    2008-03-31 22:08 . 2008-03-31 22:08 <DIR> d-------- C:\Arquivos de programas\Gogglebox TV

    2008-03-28 23:28 . 2008-03-28 23:28 <DIR> d-------- C:\Arquivos de programas\Infogrames

    2008-03-27 16:53 . 2008-03-27 16:53 <DIR> d-------- C:\Arquivos de programas\Orkut Lite

    2008-03-25 21:47 . 2008-03-25 21:47 <DIR> d--hs---- C:\FOUND.052

    2008-03-24 14:59 . 2008-03-24 15:35 107,888 --a------ C:\WINDOWS\SYSTEM32\CmdLineExt.dll

    2008-03-24 14:38 . 2008-03-24 14:38 <DIR> d-------- C:\Arquivos de programas\KONAMI

    2008-03-24 13:05 . 2003-07-20 15:17 5,174 --a------ C:\WINDOWS\SYSTEM32\nppt9x.vxd

    2008-03-24 13:05 . 2005-01-04 06:43 4,682 --a------ C:\WINDOWS\SYSTEM32\npptNT2.sys

    2008-03-23 15:00 . 2008-03-23 15:00 <DIR> d-------- C:\Arquivos de programas\Aspyr

    2008-03-23 14:57 . 2008-03-23 14:57 <DIR> d-------- C:\Arquivos de programas\DAEMON Tools Lite

    2008-03-22 07:30 . 2008-03-22 07:30 <DIR> d--hs---- C:\FOUND.051

    2008-03-18 12:50 . 2008-03-18 12:50 <DIR> d-------- C:\Arquivos de programas\uTorrent

    2008-03-18 06:18 . 2008-03-18 06:18 <DIR> d--hs---- C:\FOUND.050

    2008-03-16 09:10 . 2008-03-16 09:10 <DIR> d--hs---- C:\FOUND.049

    2008-03-15 23:17 . 2008-03-15 23:17 <DIR> d--hs---- C:\FOUND.048

    2008-03-15 19:43 . 2008-03-15 19:43 <DIR> d--hs---- C:\FOUND.047

    2008-03-14 12:52 . 2008-03-14 12:52 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Thraex Software

    2008-03-12 08:23 . 2008-03-12 08:23 <DIR> d-------- C:\Arquivos de programas\Apache Software Foundation

    2008-03-11 08:10 . 2008-03-11 08:10 <DIR> d-------- C:\WINDOWS\Application Data\InstallShield

    2008-03-11 08:09 . 2008-03-11 08:09 <DIR> d-------- C:\WINDOWS\Application Data\DAEMON Tools

    2008-03-11 08:09 . 2008-03-11 08:09 <DIR> d-------- C:\Arquivos de programas\LG Electronics

    2008-03-11 08:09 . 2008-03-11 08:09 <DIR> d-------- C:\Arquivos de programas\DAEMON Tools

    2008-03-10 23:16 . 2008-03-10 23:16 <DIR> d--hs---- C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller

    2008-03-10 23:15 . 2008-03-10 23:15 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller

    2008-03-10 12:19 . 2008-04-05 08:51 6,739 --a------ C:\WINDOWS\unins000.dat

    .

    ((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2017-09-18 17:32 --------- d-----w C:\WINDOWS\Application Data\Symantec

    2017-09-18 17:32 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Symantec

    2017-09-18 17:32 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Symantec Shared

    2017-09-18 17:26 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

    2017-09-18 17:25 --------- d-----w C:\Arquivos de programas\VIA

    2017-09-18 17:25 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield

    2017-09-18 17:08 --------- d-----w C:\Arquivos de programas\microsoft frontpage

    2017-09-18 17:06 --------- d-----w C:\Arquivos de programas\Serviços on-line

    2017-09-18 02:30 33,792 --sh--w C:\VIDEOROM.BIN

    2017-09-18 02:29 --------- d-----w C:\Arquivos de programas\DirectX

    2017-09-18 02:28 266 --sh--w C:\Arquivos de programas\desktop.ini

    2017-09-18 02:28 11,280 ---h--w C:\Arquivos de programas\folder.htt

    2017-09-18 02:22 --------- d-----w C:\Arquivos de programas\Arquivos comuns\SERVIÇOS

    2017-09-18 02:19 --------- d-----w C:\Arquivos de programas\PLUS!

    2017-09-18 02:19 --------- d-----w C:\Arquivos de programas\CHAT

    2017-09-18 02:19 --------- d-----r C:\Arquivos de programas\Acessórios

    2008-04-09 11:21 360,064 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS

    2008-04-09 11:21 360,064 ----a-w C:\WINDOWS\SYSTEM32\dllcache\TCPIP.SYS

    2008-03-29 18:45 1,146,232 ----a-w C:\WINDOWS\SYSTEM32\aswBoot.exe

    2008-03-29 18:35 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys

    2008-03-29 18:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys

    2008-03-29 18:27 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys

    2008-03-29 18:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys

    2008-03-29 18:23 95,608 ----a-w C:\WINDOWS\SYSTEM32\AvastSS.scr

    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\SYSTEM32\win32k.sys

    2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\SYSTEM32\dllcache\win32k.sys

    2008-03-08 12:01 83,208 ----a-w C:\WINDOWS\SYSTEM32\S32EVNT1.DLL

    2008-03-07 02:28 --------- d-----w C:\WINDOWS\Application Data\TVU networks

    2008-03-07 02:28 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\TVU networks

    2008-03-07 01:25 --------- d-----w C:\Arquivos de programas\Project64 1.6

    2008-03-01 21:32 3,591,680 ------w C:\WINDOWS\SYSTEM32\dllcache\mshtml.dll

    2008-02-29 09:00 625,664 ------w C:\WINDOWS\SYSTEM32\dllcache\iexplore.exe

    2008-02-29 08:59 70,656 ------w C:\WINDOWS\SYSTEM32\dllcache\ie4uinit.exe

    2008-02-29 04:45 --------- d-----w C:\WINDOWS\Application Data\GetRightToGo

    2008-02-29 00:32 --------- d-----w C:\WINDOWS\Application Data\Nvu

    2008-02-29 00:07 --------- d-----w C:\WINDOWS\Application Data\FileZilla

    2008-02-29 00:06 --------- d-----w C:\Arquivos de programas\FileZilla FTP Client

    2008-02-27 14:34 --------- d-----w C:\Arquivos de programas\Green Land Studios

    2008-02-27 14:04 716,272 ----a-w C:\WINDOWS\system32\drivers\SPTD.sys

    2008-02-26 23:14 936 ----a-w C:\logMX500.dat

    2008-02-26 22:40 --------- d-----w C:\Arquivos de programas\LG Link

    2008-02-22 10:00 13,824 ------w C:\WINDOWS\SYSTEM32\dllcache\ieudinit.exe

    2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\SYSTEM32\gdi32.dll

    2008-02-20 06:51 282,624 ------w C:\WINDOWS\SYSTEM32\dllcache\gdi32.dll

    2008-02-20 05:38 45,568 ----a-w C:\WINDOWS\SYSTEM32\dnsrslvr.dll

    2008-02-20 05:38 45,568 ------w C:\WINDOWS\SYSTEM32\dllcache\dnsrslvr.dll

    2008-02-20 05:38 148,992 ------w C:\WINDOWS\SYSTEM32\dllcache\dnsapi.dll

    2008-02-15 05:44 161,792 ------w C:\WINDOWS\SYSTEM32\dllcache\ieakui.dll

    2007-03-27 02:19 87,608 ----a-w C:\WINDOWS\Application Data\ezpinst.exe

    2007-03-27 02:19 47,360 ----a-w C:\WINDOWS\Application Data\pcouffin.sys

    2005-07-05 21:49 925,572 ----a-w C:\Documents and Settings\Carlos\SmSerial.sys

    2005-07-05 21:47 81,920 ----a-w C:\Documents and Settings\Carlos\sm56co.dll

    2005-07-05 21:47 69,632 ----a-w C:\Documents and Settings\Carlos\sm56spn.dll

    2005-07-05 21:47 69,632 ----a-w C:\Documents and Settings\Carlos\sm56itl.dll

    2005-07-05 21:47 69,632 ----a-w C:\Documents and Settings\Carlos\sm56eng.dll

    2005-07-05 21:47 69,632 ----a-w C:\Documents and Settings\Carlos\sm56brz.dll

    2005-07-05 21:47 61,440 ----a-w C:\Documents and Settings\Carlos\sm56ger.dll

    2005-07-05 21:47 61,440 ----a-w C:\Documents and Settings\Carlos\sm56fra.dll

    2005-07-05 21:47 544,768 ----a-w C:\Documents and Settings\Carlos\sm56hlpr.exe

    2005-07-05 21:47 53,248 ----a-w C:\Documents and Settings\Carlos\sm56jpn.dll

    2005-07-05 21:47 49,152 ----a-w C:\Documents and Settings\Carlos\sm56cht.dll

    2005-07-05 21:47 49,152 ----a-w C:\Documents and Settings\Carlos\sm56chs.dll

    2005-07-05 21:47 258,048 ----a-w C:\Documents and Settings\Carlos\sm56unst.exe

    2005-07-05 05:47 286,975 ----a-w C:\Documents and Settings\Carlos\sm56.reg

    .

    ------- Sigcheck -------

    2008-04-09 08:21 360064 482ab7f9cd41702e8f856c11cfefb02d C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS

    2008-04-09 08:21 360064 482ab7f9cd41702e8f856c11cfefb02d C:\WINDOWS\SYSTEM32\dllcache\TCPIP.SYS

    2007-10-30 15:20 360064 90caff4b094573449a0872a0f919b178 C:\WINDOWS\SoftwareDistribution.old\Download\b9fafcb4f08309cfc9fe52fdea805e5a\sp2gdr\tcpip.sys

    2007-10-30 14:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\SoftwareDistribution.old\Download\b9fafcb4f08309cfc9fe52fdea805e5a\sp2qfe\tcpip.sys

    2006-04-20 09:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

    2007-10-30 14:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys

    2006-04-20 08:51 359808 b4e29943b4b04bd5e7381546848e6669 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys

    2004-08-04 02:14 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys

    .

    (((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

    .

    .

    REGEDIT4

    *Nota* entradas vazias & legítimas por defeito não são mostradas.

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FCAAAC14-BC46-40CA-9CB2-CBB12C6739EB}]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SlowFile Icon Overlay]

    @={7D688A77-C613-11D0-999B-00C04FD655E1}

    [HKEY_CLASSES_ROOT\CLSID\{7D688A77-C613-11D0-999B-00C04FD655E1}]

    2007-10-25 14:43 8489984 --a------ C:\WINDOWS\SYSTEM32\SHELL32.DLL

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:45 15360]

    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 11:28 139264]

    "Red Swoosh"="C:\Arquivos de programas\RSSoft\RedSwoosh.exe" [2007-04-20 23:11 62436]

    "ISUSPM"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" [2007-08-30 10:50 205480]

    "uTorrent"="C:\Arquivos de programas\uTorrent\uTorrent.exe" [2008-03-18 12:50 219952]

    "DAEMON Tools Lite"="C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" [2008-02-13 20:09 486856]

    "SpybotSD TeaTimer"="C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

    "swg"="C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-23 16:43 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "SystemTray"="SysTray.Exe" [2001-10-28 12:07 3072 C:\WINDOWS\SYSTEM32\systray.exe]

    "VTTimer"="VTTimer.exe" [2006-09-21 16:36 53248 C:\WINDOWS\SYSTEM32\VTTimer.exe]

    "VTTrayp"="VTtrayp.exe" [2007-05-15 10:31 200704 C:\WINDOWS\SYSTEM32\VTTrayp.exe]

    "SoundMan"="SOUNDMAN.EXE" [2005-05-17 07:48 77824 C:\WINDOWS\SOUNDMAN.EXE]

    "SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

    "NeroFilterCheck"="C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]

    "GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]

    "iKeyWorks"="C:\ARQUIV~1\Keyboard\Ikeymain.exe" [2004-08-17 13:49 61440]

    "UnlockerAssistant"="C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe" [2006-09-07 14:19 15872]

    "Red Swoosh"="C:\Arquivos de programas\RSSoft\RedSwoosh.exe" [2007-04-20 23:11 62436]

    "ISUSScheduler"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" [2007-08-28 17:43 73728]

    "QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2007-10-01 22:08 286720]

    "avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 15:37 79224]

    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 17:14 8491008]

    "ISUSPM Startup"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" [2007-08-30 10:50 205480]

    "HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152]

    "nwiz"="nwiz.exe" [2007-10-04 17:14 1626112 C:\WINDOWS\SYSTEM32\nwiz.exe]

    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 17:14 81920]

    "GameXL"="C:\Arquivos de programas\FlashGet\FlashGet.exe" [ ]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 03:45 15360]

    C:\WINDOWS\Menu Iniciar\Programas\Iniciar\

    Adobe Gamma.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

    Recorte de tela e Iniciador do OneNote 2007.lnk - C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632]

    hamachi.lnk - C:\Arquivos de programas\Hamachi\hamachi.exe [2008-01-09 12:34:58 624416]

    C:\WINDOWS\All Users\Menu Iniciar\Programas\Iniciar\

    HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520]

    Monitor Apache Servers.lnk - C:\Arquivos de programas\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2008-01-18 00:38:50 41041]

    Adobe Reader Speed Launch.lnk - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "SynchronousMachineGroupPolicy"= 1 (0x1)

    "SynchronousUserGroupPolicy"= 1 (0x1)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

    "DisableLockWorkstation"= 0 (0x0)

    "DisableChangePassword"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

    "NoChangeAnimation"= 0 (0x0)

    "NoStrCmpLogical"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

    "gbieh.1"= rundll32 C:\WINDOWS\gbiehbsb.dll ForcarNotify

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

    "NoStrCmpLogical"= 0 (0x0)

    "MemCheckBoxInRunDlg"= 0 (0x0)

    "NoLogoff"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]

    C:\Arquivos de programas\AlienGUIse\fastload.dll 2001-12-20 23:34 24576 C:\Arquivos de programas\AlienGUIse\fastload.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

    "AppInit_DLLs"=wbsys.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

    "VIDC.X264"= x264vfw.dll

    "msacm.ac3acm"= ac3acm.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hide-The-IP]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\µTorrent]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]

    "LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

    "C:\\Arquivos de programas\\Motorola\\RSD Lite\\SDL.exe"=

    "C:\\Arquivos de programas\\Internet Explorer\\IEXPLORE.EXE"=

    "C:\\Arquivos de programas\\Hamachi\\hamachi.exe"=

    "C:\\Arquivos de programas\\iMesh Applications\\iMesh\\iMesh.exe"=

    "C:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

    "C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

    "C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

    "C:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=

    "C:\\Arquivos de programas\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=

    "C:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

    "C:\\Arquivos de programas\\Infogrames\\Grand Prix 4\\GP4.exe"=

    "C:\\Arquivos de programas\\Knight Online\\Launcher.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

    "9420:TCP"= 9420:TCP:Red Swoosh

    "5000:UDP"= 5000:UDP:Red Swoosh

    "6432:TCP"= 6432:TCP:neoemule

    "6442:UDP"= 6442:UDP:neomule

    R0 ViBus;ViBus;C:\WINDOWS\system32\DRIVERS\ViBus.sys [2007-03-26 15:26]

    R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-03-29 11:36]

    R0 ViPrt;VIA SATA IDE Device Driver;C:\WINDOWS\system32\DRIVERS\ViPrt.sys [2007-03-26 15:26]

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 15:31]

    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 15:35]

    R2 Proteq;Proteq;C:\WINDOWS\system32\drivers\Proteq.sys [1997-11-05 17:24]

    R3 PSXGamepadEnabler;Psx Hid to Gamepad Port Enabler;C:\WINDOWS\system32\drivers\psxpad.sys [2002-05-15 13:24]

    R3 PsxPortEnumerator;Psx Port Enumerator;C:\WINDOWS\system32\Drivers\psxenum.sys [2002-09-26 05:36]

    R3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 23:01]

    S2 Apache2.2;Apache2.2;"C:\Arquivos de programas\Apache Software Foundation\Apache2.2\bin\httpd.exe" -k runservice []

    S3 C-Dilla;C-Dilla;C:\WINDOWS\system32\drivers\CDANT.SYS [2003-01-07 17:28]

    S3 mo_abus;Motorola USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\mo_abus.sys [2003-12-11 00:45]

    S3 mo_amdfl;Motorola 1xEV-DO Handset Filter;C:\WINDOWS\system32\DRIVERS\mo_amdfl.sys [2003-12-11 00:46]

    S3 mo_amdm;Motorola 1xEV-DO Handset Drivers;C:\WINDOWS\system32\DRIVERS\mo_amdm.sys [2003-12-11 00:46]

    S3 mo_aserd;Motorola 1xEV-DO Handset Diagnostic Serial Port Drivers (WDM);C:\WINDOWS\system32\DRIVERS\mo_aserd.sys [2003-12-11 00:47]

    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]

    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]

    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]

    S3 usb2vcom;USB to Serial Bridge Controller;C:\WINDOWS\system32\Drivers\usb2vcom.sys [2006-07-16 22:53]

    S3 XDva090;XDva090;C:\WINDOWS\system32\XDva090.sys []

    S3 XDva095;XDva095;C:\WINDOWS\system32\XDva095.sys []

    S3 XDva098;XDva098;C:\WINDOWS\system32\XDva098.sys []

    S3 XDva099;XDva099;C:\WINDOWS\system32\XDva099.sys []

    S3 XDva104;XDva104;C:\WINDOWS\system32\XDva104.sys []

    S3 XDva114;XDva114;C:\WINDOWS\system32\XDva114.sys []

    S3 XDva128;XDva128;C:\WINDOWS\system32\XDva128.sys []

    S3 XDva131;XDva131;C:\WINDOWS\system32\XDva131.sys []

    S3 XDva136;XDva136;C:\WINDOWS\system32\XDva136.sys []

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{527041fa-f1d6-11dc-a5a7-000fea28a47d}]

    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe

    \Shell\Open(&0)\command - Recycled\ctfmon.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82b19ee4-fcc3-11db-a68b-000fea28a47d}]

    \Shell\readit\command - notepad readme.doc

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0c65af4-f902-11dc-a5cf-000fea28a47d}]

    \Shell\AutoRun\command - F:\PlayDiskStart.exe

    .

    Conteúdo da pasta 'Tarefas Agendadas'

    "2008-04-06 02:00:02 C:\WINDOWS\Tasks\Aplicativo de ajuste.job"

    "2017-09-18 17:15:34 C:\WINDOWS\Tasks\Lembrete de expiração de desinstalação.job"

    - C:\WINDOWS\system32\OOBE\oobebaln.exe

    "2008-04-09 18:30:36 C:\WINDOWS\Tasks\User_Feed_Synchronization-{EC16AD92-3EAB-41F8-AF6A-A91206BC9202}.job"

    - C:\WINDOWS\system32\msfeedssync.exe

    .

    **************************************************************************

    catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2008-04-10 08:56:22

    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    Procurando processos ocultos ...

    Procurando entradas auto inicializáveis ocultas ...

    Procurando ficheiros ocultos ...

    Varredura completada com sucesso

    Ficheiros ocultos: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet007\Services\MySQL]

    "ImagePath"="\"C:\Arquivos de programas\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"C:\Arquivos de programas\MySQL\MySQL Server 5.0\my.ini\" MySQL"

    .

    Tempo para conclusão: 2008-04-10 8:57:13

    ComboFix-quarantined-files.txt 2008-04-10 11:57:10

    Pre-Run: 12,945,358,848 bytes disponíveis

    Post-Run: 12,928,614,400 bytes disponíveis

    .

    2008-04-10 00:51:13 --- E O F ---

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    - Selecione o texto abaixo e copie para o bloco de notas. Salve-o como CFScript.txt;

    Registry::
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
    "gbieh.1"=-

    - Arraste o CFScript.txt para o ComboFix conforme a imagem abaixo:

    CF_Script.gif

    Clique em Executar, digite "1" e pressione "Enter" quando solicitado para iniciar o processo de remoção;

    Não use o mouse nem o teclado quando o ComboFix estiver rodando.

    Quando terminar, será gerado um log, que estará em C:\ComboFix.txt.

    Obs: Se o Combofix não reiniciar seu computador automaticamente, faça-o manualmente.

    Na sua próxima resposta, cole o ComboFix.txt e um novo log do HijackThis.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
  • Autor do tópico
  • O ComboFix.txt ta ae e logo abaixo o do HijackThis

    ComboFix.txt

    ______________________

    ComboFix 08-04-08.7 - Carlos 2008-04-10 21:23:32.6 - FAT32x86

    Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.180 [GMT -3:00]

    Executando de: C:\Documents and Settings\Carlos\Desktop\ComboFix.exe

    Command switches used :: C:\Documents and Settings\Carlos\Desktop\CFScript.txt

    * Criado um novo ponto de restauro

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

    .

    ((((((((((((((((((((((( Ficheiros criados de 2008-03-11 to 2008-04-11 ))))))))))))))))))))))))))))))))

    .

    2008-04-09 21:47 . 2008-04-09 21:49 1,355 --a------ C:\WINDOWS\imsins.BAK

    2008-04-09 08:21 . 2008-04-09 08:21 360,064 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS.ORIGINAL

    2008-04-08 17:48 . 2008-04-08 17:48 <DIR> d-------- C:\WINDOWS\Application Data\HP

    2008-04-06 17:03 . 2008-04-06 17:03 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\WEBREG

    2008-04-06 17:01 . 2008-04-06 17:01 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Hewlett-Packard

    2008-04-06 17:01 . 2007-03-28 14:01 118,272 --a------ C:\WINDOWS\SYSTEM32\hpz3l5ha.dll

    2008-04-06 16:58 . 2008-04-06 16:58 <DIR> d-------- C:\WINDOWS\Application Data\HPAppData

    2008-04-06 16:58 . 2008-04-06 16:59 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\HPSSUPPLY

    2008-04-06 16:55 . 2008-04-06 16:55 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\HP Product Assistant

    2008-04-06 16:55 . 2008-04-06 16:55 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\HP

    2008-04-06 16:55 . 2008-04-06 16:55 <DIR> d-------- C:\Arquivos de programas\Hewlett-Packard

    2008-04-06 16:55 . 2008-04-06 16:55 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\HP

    2008-04-06 16:54 . 2008-04-06 16:54 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard

    2008-04-06 16:54 . 2007-03-08 16:20 49,920 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\HPZid412.sys

    2008-04-06 16:54 . 2007-03-08 16:20 21,568 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\HPZius12.sys

    2008-04-06 16:54 . 2007-03-08 16:20 16,496 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\HPZipr12.sys

    2008-04-06 16:53 . 2008-04-06 16:53 <DIR> d-------- C:\Arquivos de programas\HP

    2008-04-06 16:53 . 2007-03-17 17:39 958,464 --a------ C:\WINDOWS\SYSTEM32\hpotiop4.dll

    2008-04-06 16:53 . 2007-03-17 17:39 675,840 --a------ C:\WINDOWS\SYSTEM32\hpowiax4.dll

    2008-04-06 16:53 . 2007-03-08 16:20 364,544 --a------ C:\WINDOWS\SYSTEM32\hppldcoi.dll

    2008-04-06 16:53 . 2007-03-17 17:39 303,104 --a------ C:\WINDOWS\SYSTEM32\hpovst11.dll

    2008-04-06 16:53 . 2007-03-31 02:29 267,864 --a------ C:\WINDOWS\SYSTEM32\hpzids01.dll

    2008-04-06 16:53 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\usbprint.sys

    2008-04-06 16:53 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\SYSTEM32\dllcache\usbprint.sys

    2008-04-06 08:38 . 2008-04-06 10:26 150,092 --------- C:\WINDOWS\hpoins15.dat.temp

    2008-04-06 08:38 . 2007-09-20 17:06 1,039 --------- C:\WINDOWS\hpomdl15.dat.temp

    2008-04-06 08:20 . 2008-04-06 17:03 150,657 --a------ C:\WINDOWS\hpoins15.dat

    2008-04-06 08:20 . 2007-09-21 10:35 1,039 --------- C:\WINDOWS\hpomdl15.dat

    2008-04-05 14:24 . 2008-04-05 14:24 <DIR> d-------- C:\WINDOWS\SYSTEM32\Temp

    2008-04-05 14:24 . 2008-04-05 14:24 376,832 --a------ C:\WINDOWS\SYSTEM32\MPIWIN32.DLL

    2008-04-05 14:24 . 2008-04-05 14:24 45,056 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\CBUSB.SYS

    2008-04-05 14:24 . 2008-04-05 14:24 43,520 --a------ C:\WINDOWS\SYSTEM32\CBNDLL.DLL

    2008-04-05 08:51 . 2008-04-05 08:44 691,545 --a------ C:\WINDOWS\unins000.exe

    2008-04-05 06:26 . 2008-03-29 15:31 75,856 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\aswSP.sys

    2008-04-05 06:26 . 2008-03-29 15:35 20,560 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\aswFsBlk.sys

    2008-04-02 10:20 . 2008-04-02 10:20 <DIR> d--hs---- C:\FOUND.053

    2008-03-31 22:08 . 2008-03-31 22:08 <DIR> d-------- C:\Arquivos de programas\Gogglebox TV

    2008-03-28 23:28 . 2008-03-28 23:28 <DIR> d-------- C:\Arquivos de programas\Infogrames

    2008-03-27 16:53 . 2008-03-27 16:53 <DIR> d-------- C:\Arquivos de programas\Orkut Lite

    2008-03-25 21:47 . 2008-03-25 21:47 <DIR> d--hs---- C:\FOUND.052

    2008-03-24 14:59 . 2008-03-24 15:35 107,888 --a------ C:\WINDOWS\SYSTEM32\CmdLineExt.dll

    2008-03-24 14:38 . 2008-03-24 14:38 <DIR> d-------- C:\Arquivos de programas\KONAMI

    2008-03-24 13:05 . 2003-07-20 15:17 5,174 --a------ C:\WINDOWS\SYSTEM32\nppt9x.vxd

    2008-03-24 13:05 . 2005-01-04 06:43 4,682 --a------ C:\WINDOWS\SYSTEM32\npptNT2.sys

    2008-03-23 15:00 . 2008-03-23 15:00 <DIR> d-------- C:\Arquivos de programas\Aspyr

    2008-03-23 14:57 . 2008-03-23 14:57 <DIR> d-------- C:\Arquivos de programas\DAEMON Tools Lite

    2008-03-22 07:30 . 2008-03-22 07:30 <DIR> d--hs---- C:\FOUND.051

    2008-03-18 12:50 . 2008-03-18 12:50 <DIR> d-------- C:\Arquivos de programas\uTorrent

    2008-03-18 06:18 . 2008-03-18 06:18 <DIR> d--hs---- C:\FOUND.050

    2008-03-16 09:10 . 2008-03-16 09:10 <DIR> d--hs---- C:\FOUND.049

    2008-03-15 23:17 . 2008-03-15 23:17 <DIR> d--hs---- C:\FOUND.048

    2008-03-15 19:43 . 2008-03-15 19:43 <DIR> d--hs---- C:\FOUND.047

    2008-03-14 12:52 . 2008-03-14 12:52 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Thraex Software

    2008-03-12 08:23 . 2008-03-12 08:23 <DIR> d-------- C:\Arquivos de programas\Apache Software Foundation

    2008-03-11 08:10 . 2008-03-11 08:10 <DIR> d-------- C:\WINDOWS\Application Data\InstallShield

    2008-03-11 08:09 . 2008-03-11 08:09 <DIR> d-------- C:\WINDOWS\Application Data\DAEMON Tools

    2008-03-11 08:09 . 2008-03-11 08:09 <DIR> d-------- C:\Arquivos de programas\LG Electronics

    2008-03-11 08:09 . 2008-03-11 08:09 <DIR> d-------- C:\Arquivos de programas\DAEMON Tools

    .

    ((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2017-09-18 17:32 --------- d-----w C:\WINDOWS\Application Data\Symantec

    2017-09-18 17:32 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Symantec

    2017-09-18 17:32 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Symantec Shared

    2017-09-18 17:26 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

    2017-09-18 17:25 --------- d-----w C:\Arquivos de programas\VIA

    2017-09-18 17:25 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield

    2017-09-18 17:08 --------- d-----w C:\Arquivos de programas\microsoft frontpage

    2017-09-18 17:06 --------- d-----w C:\Arquivos de programas\Serviços on-line

    2017-09-18 02:30 33,792 --sh--w C:\VIDEOROM.BIN

    2017-09-18 02:29 --------- d-----w C:\Arquivos de programas\DirectX

    2017-09-18 02:28 266 --sh--w C:\Arquivos de programas\desktop.ini

    2017-09-18 02:28 11,280 ---h--w C:\Arquivos de programas\folder.htt

    2017-09-18 02:22 --------- d-----w C:\Arquivos de programas\Arquivos comuns\SERVIÇOS

    2017-09-18 02:19 --------- d-----w C:\Arquivos de programas\PLUS!

    2017-09-18 02:19 --------- d-----w C:\Arquivos de programas\CHAT

    2017-09-18 02:19 --------- d-----r C:\Arquivos de programas\Acessórios

    2008-04-09 11:21 360,064 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS

    2008-04-09 11:21 360,064 ----a-w C:\WINDOWS\SYSTEM32\dllcache\TCPIP.SYS

    2008-03-29 18:45 1,146,232 ----a-w C:\WINDOWS\SYSTEM32\aswBoot.exe

    2008-03-29 18:35 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys

    2008-03-29 18:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys

    2008-03-29 18:27 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys

    2008-03-29 18:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys

    2008-03-29 18:23 95,608 ----a-w C:\WINDOWS\SYSTEM32\AvastSS.scr

    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\SYSTEM32\win32k.sys

    2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\SYSTEM32\dllcache\win32k.sys

    2008-03-11 02:16 --------- d-sh--w C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller

    2008-03-11 02:15 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller

    2008-03-08 12:01 83,208 ----a-w C:\WINDOWS\SYSTEM32\S32EVNT1.DLL

    2008-03-07 02:28 --------- d-----w C:\WINDOWS\Application Data\TVU networks

    2008-03-07 02:28 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\TVU networks

    2008-03-07 01:25 --------- d-----w C:\Arquivos de programas\Project64 1.6

    2008-03-01 21:32 3,591,680 ------w C:\WINDOWS\SYSTEM32\dllcache\mshtml.dll

    2008-02-29 09:00 625,664 ------w C:\WINDOWS\SYSTEM32\dllcache\iexplore.exe

    2008-02-29 08:59 70,656 ------w C:\WINDOWS\SYSTEM32\dllcache\ie4uinit.exe

    2008-02-29 04:45 --------- d-----w C:\WINDOWS\Application Data\GetRightToGo

    2008-02-29 00:32 --------- d-----w C:\WINDOWS\Application Data\Nvu

    2008-02-29 00:07 --------- d-----w C:\WINDOWS\Application Data\FileZilla

    2008-02-29 00:06 --------- d-----w C:\Arquivos de programas\FileZilla FTP Client

    2008-02-27 14:34 --------- d-----w C:\Arquivos de programas\Green Land Studios

    2008-02-27 14:04 716,272 ----a-w C:\WINDOWS\system32\drivers\SPTD.sys

    2008-02-26 23:14 936 ----a-w C:\logMX500.dat

    2008-02-26 22:40 --------- d-----w C:\Arquivos de programas\LG Link

    2008-02-22 10:00 13,824 ------w C:\WINDOWS\SYSTEM32\dllcache\ieudinit.exe

    2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\SYSTEM32\gdi32.dll

    2008-02-20 06:51 282,624 ------w C:\WINDOWS\SYSTEM32\dllcache\gdi32.dll

    2008-02-20 05:38 45,568 ----a-w C:\WINDOWS\SYSTEM32\dnsrslvr.dll

    2008-02-20 05:38 45,568 ------w C:\WINDOWS\SYSTEM32\dllcache\dnsrslvr.dll

    2008-02-20 05:38 148,992 ------w C:\WINDOWS\SYSTEM32\dllcache\dnsapi.dll

    2008-02-15 05:44 161,792 ------w C:\WINDOWS\SYSTEM32\dllcache\ieakui.dll

    2007-03-27 02:19 87,608 ----a-w C:\WINDOWS\Application Data\ezpinst.exe

    2007-03-27 02:19 47,360 ----a-w C:\WINDOWS\Application Data\pcouffin.sys

    2005-07-05 21:49 925,572 ----a-w C:\Documents and Settings\Carlos\SmSerial.sys

    2005-07-05 21:47 81,920 ----a-w C:\Documents and Settings\Carlos\sm56co.dll

    2005-07-05 21:47 69,632 ----a-w C:\Documents and Settings\Carlos\sm56spn.dll

    2005-07-05 21:47 69,632 ----a-w C:\Documents and Settings\Carlos\sm56itl.dll

    2005-07-05 21:47 69,632 ----a-w C:\Documents and Settings\Carlos\sm56eng.dll

    2005-07-05 21:47 69,632 ----a-w C:\Documents and Settings\Carlos\sm56brz.dll

    2005-07-05 21:47 61,440 ----a-w C:\Documents and Settings\Carlos\sm56ger.dll

    2005-07-05 21:47 61,440 ----a-w C:\Documents and Settings\Carlos\sm56fra.dll

    2005-07-05 21:47 544,768 ----a-w C:\Documents and Settings\Carlos\sm56hlpr.exe

    2005-07-05 21:47 53,248 ----a-w C:\Documents and Settings\Carlos\sm56jpn.dll

    2005-07-05 21:47 49,152 ----a-w C:\Documents and Settings\Carlos\sm56cht.dll

    2005-07-05 21:47 49,152 ----a-w C:\Documents and Settings\Carlos\sm56chs.dll

    2005-07-05 21:47 258,048 ----a-w C:\Documents and Settings\Carlos\sm56unst.exe

    2005-07-05 05:47 286,975 ----a-w C:\Documents and Settings\Carlos\sm56.reg

    .

    ------- Sigcheck -------

    2008-04-09 08:21 360064 482ab7f9cd41702e8f856c11cfefb02d C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS

    2008-04-09 08:21 360064 482ab7f9cd41702e8f856c11cfefb02d C:\WINDOWS\SYSTEM32\dllcache\TCPIP.SYS

    2007-10-30 15:20 360064 90caff4b094573449a0872a0f919b178 C:\WINDOWS\SoftwareDistribution.old\Download\b9fafcb4f08309cfc9fe52fdea805e5a\sp2gdr\tcpip.sys

    2007-10-30 14:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\SoftwareDistribution.old\Download\b9fafcb4f08309cfc9fe52fdea805e5a\sp2qfe\tcpip.sys

    2006-04-20 09:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

    2007-10-30 14:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys

    2006-04-20 08:51 359808 b4e29943b4b04bd5e7381546848e6669 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys

    2004-08-04 02:14 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys

    .

    ((((((((((((((((((((((((((((( snapshot@2008-04-10_ 8.56.45.59 )))))))))))))))))))))))))))))))))))))))))

    .

    - 2008-04-10 11:45:58 3,346 ----a-w C:\WINDOWS\Application Data\HPAppData\ClipData.dat

    + 2008-04-11 00:21:42 3,346 ----a-w C:\WINDOWS\Application Data\HPAppData\ClipData.dat

    + 2008-04-10 17:42:46 16,384 ----a-w C:\WINDOWS\TEMP\Perflib_Perfdata_4bc.dat

    .

    (((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

    .

    .

    REGEDIT4

    *Nota* entradas vazias & legítimas por defeito não são mostradas.

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FCAAAC14-BC46-40CA-9CB2-CBB12C6739EB}]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SlowFile Icon Overlay]

    @={7D688A77-C613-11D0-999B-00C04FD655E1}

    [HKEY_CLASSES_ROOT\CLSID\{7D688A77-C613-11D0-999B-00C04FD655E1}]

    2007-10-25 14:43 8489984 --a------ C:\WINDOWS\SYSTEM32\SHELL32.DLL

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:45 15360]

    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 11:28 139264]

    "Red Swoosh"="C:\Arquivos de programas\RSSoft\RedSwoosh.exe" [2007-04-20 23:11 62436]

    "ISUSPM"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" [2007-08-30 10:50 205480]

    "uTorrent"="C:\Arquivos de programas\uTorrent\uTorrent.exe" [2008-03-18 12:50 219952]

    "DAEMON Tools Lite"="C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" [2008-02-13 20:09 486856]

    "SpybotSD TeaTimer"="C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

    "swg"="C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-23 16:43 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "SystemTray"="SysTray.Exe" [2001-10-28 12:07 3072 C:\WINDOWS\SYSTEM32\systray.exe]

    "VTTimer"="VTTimer.exe" [2006-09-21 16:36 53248 C:\WINDOWS\SYSTEM32\VTTimer.exe]

    "VTTrayp"="VTtrayp.exe" [2007-05-15 10:31 200704 C:\WINDOWS\SYSTEM32\VTTrayp.exe]

    "SoundMan"="SOUNDMAN.EXE" [2005-05-17 07:48 77824 C:\WINDOWS\SOUNDMAN.EXE]

    "SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

    "NeroFilterCheck"="C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]

    "GrooveMonitor"="C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016]

    "iKeyWorks"="C:\ARQUIV~1\Keyboard\Ikeymain.exe" [2004-08-17 13:49 61440]

    "UnlockerAssistant"="C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe" [2006-09-07 14:19 15872]

    "Red Swoosh"="C:\Arquivos de programas\RSSoft\RedSwoosh.exe" [2007-04-20 23:11 62436]

    "ISUSScheduler"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" [2007-08-28 17:43 73728]

    "QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2007-10-01 22:08 286720]

    "avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 15:37 79224]

    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-04 17:14 8491008]

    "ISUSPM Startup"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" [2007-08-30 10:50 205480]

    "HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 21:34 49152]

    "nwiz"="nwiz.exe" [2007-10-04 17:14 1626112 C:\WINDOWS\SYSTEM32\nwiz.exe]

    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-04 17:14 81920]

    "GameXL"="C:\Arquivos de programas\FlashGet\FlashGet.exe" [ ]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 03:45 15360]

    C:\WINDOWS\Menu Iniciar\Programas\Iniciar\

    Adobe Gamma.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

    Recorte de tela e Iniciador do OneNote 2007.lnk - C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632]

    hamachi.lnk - C:\Arquivos de programas\Hamachi\hamachi.exe [2008-01-09 12:34:58 624416]

    C:\WINDOWS\All Users\Menu Iniciar\Programas\Iniciar\

    HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 21:26:24 210520]

    Monitor Apache Servers.lnk - C:\Arquivos de programas\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2008-01-18 00:38:50 41041]

    Adobe Reader Speed Launch.lnk - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "SynchronousMachineGroupPolicy"= 1 (0x1)

    "SynchronousUserGroupPolicy"= 1 (0x1)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

    "DisableLockWorkstation"= 0 (0x0)

    "DisableChangePassword"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

    "NoChangeAnimation"= 0 (0x0)

    "NoStrCmpLogical"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

    "NoStrCmpLogical"= 0 (0x0)

    "MemCheckBoxInRunDlg"= 0 (0x0)

    "NoLogoff"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]

    C:\Arquivos de programas\AlienGUIse\fastload.dll 2001-12-20 23:34 24576 C:\Arquivos de programas\AlienGUIse\fastload.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

    "AppInit_DLLs"=wbsys.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

    "VIDC.X264"= x264vfw.dll

    "msacm.ac3acm"= ac3acm.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hide-The-IP]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\µTorrent]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]

    "LoadPowerProfile"=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

    "C:\\Arquivos de programas\\Motorola\\RSD Lite\\SDL.exe"=

    "C:\\Arquivos de programas\\Internet Explorer\\IEXPLORE.EXE"=

    "C:\\Arquivos de programas\\Hamachi\\hamachi.exe"=

    "C:\\Arquivos de programas\\iMesh Applications\\iMesh\\iMesh.exe"=

    "C:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

    "C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

    "C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"=

    "C:\\Arquivos de programas\\uTorrent\\uTorrent.exe"=

    "C:\\Arquivos de programas\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=

    "C:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

    "C:\\Arquivos de programas\\Infogrames\\Grand Prix 4\\GP4.exe"=

    "C:\\Arquivos de programas\\Knight Online\\Launcher.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

    "9420:TCP"= 9420:TCP:Red Swoosh

    "5000:UDP"= 5000:UDP:Red Swoosh

    "6432:TCP"= 6432:TCP:neoemule

    "6442:UDP"= 6442:UDP:neomule

    R0 ViBus;ViBus;C:\WINDOWS\system32\DRIVERS\ViBus.sys [2007-03-26 15:26]

    R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-03-29 11:36]

    R0 ViPrt;VIA SATA IDE Device Driver;C:\WINDOWS\system32\DRIVERS\ViPrt.sys [2007-03-26 15:26]

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 15:31]

    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 15:35]

    R2 Proteq;Proteq;C:\WINDOWS\system32\drivers\Proteq.sys [1997-11-05 17:24]

    R3 PSXGamepadEnabler;Psx Hid to Gamepad Port Enabler;C:\WINDOWS\system32\drivers\psxpad.sys [2002-05-15 13:24]

    R3 PsxPortEnumerator;Psx Port Enumerator;C:\WINDOWS\system32\Drivers\psxenum.sys [2002-09-26 05:36]

    S2 Apache2.2;Apache2.2;"C:\Arquivos de programas\Apache Software Foundation\Apache2.2\bin\httpd.exe" -k runservice []

    S3 C-Dilla;C-Dilla;C:\WINDOWS\system32\drivers\CDANT.SYS [2003-01-07 17:28]

    S3 mo_abus;Motorola USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\mo_abus.sys [2003-12-11 00:45]

    S3 mo_amdfl;Motorola 1xEV-DO Handset Filter;C:\WINDOWS\system32\DRIVERS\mo_amdfl.sys [2003-12-11 00:46]

    S3 mo_amdm;Motorola 1xEV-DO Handset Drivers;C:\WINDOWS\system32\DRIVERS\mo_amdm.sys [2003-12-11 00:46]

    S3 mo_aserd;Motorola 1xEV-DO Handset Diagnostic Serial Port Drivers (WDM);C:\WINDOWS\system32\DRIVERS\mo_aserd.sys [2003-12-11 00:47]

    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]

    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]

    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]

    S3 usb2vcom;USB to Serial Bridge Controller;C:\WINDOWS\system32\Drivers\usb2vcom.sys [2006-07-16 22:53]

    S3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 23:01]

    S3 XDva090;XDva090;C:\WINDOWS\system32\XDva090.sys []

    S3 XDva095;XDva095;C:\WINDOWS\system32\XDva095.sys []

    S3 XDva098;XDva098;C:\WINDOWS\system32\XDva098.sys []

    S3 XDva099;XDva099;C:\WINDOWS\system32\XDva099.sys []

    S3 XDva104;XDva104;C:\WINDOWS\system32\XDva104.sys []

    S3 XDva114;XDva114;C:\WINDOWS\system32\XDva114.sys []

    S3 XDva128;XDva128;C:\WINDOWS\system32\XDva128.sys []

    S3 XDva131;XDva131;C:\WINDOWS\system32\XDva131.sys []

    S3 XDva136;XDva136;C:\WINDOWS\system32\XDva136.sys []

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{527041fa-f1d6-11dc-a5a7-000fea28a47d}]

    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe

    \Shell\Open(&0)\command - Recycled\ctfmon.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82b19ee4-fcc3-11db-a68b-000fea28a47d}]

    \Shell\readit\command - notepad readme.doc

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0c65af4-f902-11dc-a5cf-000fea28a47d}]

    \Shell\AutoRun\command - F:\PlayDiskStart.exe

    .

    Conteúdo da pasta 'Tarefas Agendadas'

    "2008-04-06 02:00:02 C:\WINDOWS\Tasks\Aplicativo de ajuste.job"

    "2017-09-18 17:15:34 C:\WINDOWS\Tasks\Lembrete de expiração de desinstalação.job"

    - C:\WINDOWS\system32\OOBE\oobebaln.exe

    "2008-04-10 19:40:24 C:\WINDOWS\Tasks\User_Feed_Synchronization-{EC16AD92-3EAB-41F8-AF6A-A91206BC9202}.job"

    - C:\WINDOWS\system32\msfeedssync.exe

    .

    **************************************************************************

    catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2008-04-10 21:26:40

    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    Procurando processos ocultos ...

    Procurando entradas auto inicializáveis ocultas ...

    Procurando ficheiros ocultos ...

    Varredura completada com sucesso

    Ficheiros ocultos: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet007\Services\MySQL]

    "ImagePath"="\"C:\Arquivos de programas\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"C:\Arquivos de programas\MySQL\MySQL Server 5.0\my.ini\" MySQL"

    .

    --------------------- DLLs Loaded Under Running Processes ---------------------

    PROCESS: C:\WINDOWS\explorer.exe

    -> C:\Arquivos de programas\Unlocker\UnlockerHook.dll

    .

    Tempo para conclusão: 2008-04-10 21:27:34

    ComboFix-quarantined-files.txt 2008-04-11 00:27:30

    Pre-Run: 13,482,885,120 bytes disponíveis

    Post-Run: 13,462,503,424 bytes disponíveis

    .

    2008-04-10 00:51:13 --- E O F ---

    HijackThis (LOG)

    _______________________

    Logfile of HijackThis v1.99.1

    Scan saved at 21:33:23, on 10/4/2008

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v7.00 (7.00.6000.16640)

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\Arquivos de programas\AlienGUIse\wbload.exe

    C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

    C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe

    C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

    C:\WINDOWS\system32\svchost.exe

    C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

    C:\Arquivos de programas\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\nvsvc32.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\VTTimer.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\SOUNDMAN.EXE

    C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe

    C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

    C:\ARQUIV~1\Keyboard\Ikeymain.exe

    C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe

    C:\Arquivos de programas\RSSoft\RedSwoosh.exe

    C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

    C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

    C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe

    C:\Arquivos de programas\uTorrent\uTorrent.exe

    C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe

    C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

    C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

    C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

    C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

    C:\Arquivos de programas\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe

    C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    C:\WINDOWS\system32\wuauclt.exe

    C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

    C:\WINDOWS\system32\wuauclt.exe

    C:\Documents and Settings\Carlos\Desktop\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.yahoo.com

    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

    R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Arquivos de programas\HP\Smart Web Printing\hpswp_printenhancer.dll

    O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Arquivos de programas\HP\Smart Web Printing\hpswp_framework.dll

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

    O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)

    O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL

    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

    O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

    O2 - BHO: (no name) - {F156768E-81EF-470C-9057-481BA8380DBA} - (no file)

    O2 - BHO: Banco do Brasil S.A. - {FCAAAC14-BC46-40CA-9CB2-CBB12C6739EB} - (no file)

    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

    O3 - Toolbar: (no name) - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - (no file)

    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL

    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

    O4 - HKLM\..\Run: [systemTray] SysTray.Exe

    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

    O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe"

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

    O4 - HKLM\..\Run: [iKeyWorks] C:\ARQUIV~1\Keyboard\Ikeymain.exe

    O4 - HKLM\..\Run: [unlockerAssistant] "C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe" -H

    O4 - HKLM\..\Run: [Red Swoosh] C:\Arquivos de programas\RSSoft\RedSwoosh.exe /S

    O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

    O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

    O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup

    O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [GameXL] C:\Arquivos de programas\FlashGet\FlashGet.exe /min

    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

    O4 - HKCU\..\Run: [Red Swoosh] C:\Arquivos de programas\RSSoft\RedSwoosh.exe /S

    O4 - HKCU\..\Run: [iSUSPM] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -scheduler

    O4 - HKCU\..\Run: [uTorrent] "C:\Arquivos de programas\uTorrent\uTorrent.exe"

    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" -autorun

    O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

    O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

    O4 - Startup: hamachi.lnk = C:\Arquivos de programas\Hamachi\hamachi.exe

    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

    O4 - Global Startup: Monitor Apache Servers.lnk = C:\Arquivos de programas\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe

    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

    O8 - Extra context menu item: &Download All with FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

    O8 - Extra context menu item: &Download by NetAnts - C:\ARQUIV~1\NETANTS\NAGet.htm

    O8 - Extra context menu item: &Download with FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

    O8 - Extra context menu item: Download &All by NetAnts - C:\ARQUIV~1\NETANTS\NAGetAll.htm

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

    O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\ARQUIV~1\NETANTS\NetAnts.exe (file missing)

    O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:\ARQUIV~1\NETANTS\NetAnts.exe (file missing)

    O9 - Extra button: Livro de recortes HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Arquivos de programas\HP\Smart Web Printing\hpswp_extensions.dll

    O9 - Extra button: Seleção HP Smart - {700259D7-1666-479a-93B1-3250410481E8} - C:\Arquivos de programas\HP\Smart Web Printing\hpswp_extensions.dll

    O9 - Extra button: (no name) - {85e1f530-48f4-11d9-9629-08ff2ffc9f67} - (no file)

    O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe (file missing)

    O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe (file missing)

    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll

    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

    O9 - Extra button: Barra do iG - {FD1672E0-AE0D-465B-B345-F7B0944A121D} - (no file)

    O11 - Options group: [iNTERNATIONAL] International*

    O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab

    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab

    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

    O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/advanced/cfweb_activex.camfrogweb.com-advanced_instmodule.exe

    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab

    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

    O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab

    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab

    O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://www.file2you.net/applet.cab

    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab

    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www2.driveragent.com/files/driveragent.cab

    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL

    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

    O20 - Winlogon Notify: WB - C:\Arquivos de programas\AlienGUIse\fastload.dll

    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

    O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

    O23 - Service: Apache2.2 - Unknown owner - C:\Arquivos de programas\Apache Software Foundation\Apache2.2\bin\httpd.exe" -k runservice (file missing)

    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exe

    O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

    O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

    O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

    O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

    O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Arquivos de programas\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe

    O23 - Service: MySQL - Unknown owner - C:\Arquivos.exe (file missing)

    O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

    ___________________________________

    Ta ae

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites

    - Abra o HijackThis, clique em Do a system scan only e marque as entradas abaixo:

    O2 - BHO: Banco do Brasil S.A. - {FCAAAC14-BC46-40CA-9CB2-CBB12C6739EB} - (no file)

    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

    O3 - Toolbar: (no name) - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - (no file)

    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

    - Feche todas as janelas, clique em ht-fix.png e em Sim;

    - No mais, o log está limpo :)

    - Digite no Executar combofix /u e clique em Ok. Na próxima janela clique em "Executar" e aguarde a remoção do programa;

    - Apague a pasta backups que está em C:\Documents and Settings\Carlos\Desktop\HijackThis;

    - Recomendo uma manutenção no computador para exclusão dos arquivos temporários, desnecessários e entradas inválidas no registro. Faça o download do CCleaner:

    • Abra o programa e clique em Executar Limpeza;
    • Após isto, clique em Registro > Procurar erros > Corrigir erros selecionados

    - Desative e ative novamente a Restauração do Sistema

    - Leia o artigo Proteja seu PC para mais informações sobre como evitar infecções.

    Compartilhar este post


    Link para o post
    Compartilhar em outros sites
    Entre para seguir isso  





    Sobre o Clube do Hardware

    No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

    Direitos autorais

    Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

    ×