Ir ao conteúdo
  • Cadastre-se
neatita

Analisem por favor

Recommended Posts

Segue meu log... por favor alguem me da uma ajudinha

Logfile of HijackThis v1.99.1

Scan saved at 19:56:59, on 13/10/2008

Platform: Unknown Windows (WinNT 6.00.1905 SP1)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Spybot\SDWinSec.exe

C:\Windows\system32\taskeng.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\VM302Snap.exe

C:\Windows\Domino.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Media

Player\wmpnscfg.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Spybot\TeaTimer.exe

C:\Program Files\Windows Media

Player\wmpnetwk.exe

C:\Program Files\Windows

Live\Messenger\msnmsgr.exe

C:\Program Files\Common Files\Microsoft

Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Windows

Live\Messenger\usnsvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Tatinha\AppData\Local\Microsoft\Window

s\Temporary Internet Files\Content.IE5

\M5FWMUJE\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet

Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet

Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet

Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet

Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet

Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-

4283-A596-FA578C2EBDC3} - C:\Program

Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dl

l

O2 - BHO: Skype add-on (mastermind) -

{22BF413B-C6D2-4d91-82A9-A0F997BA588C} -

C:\Program Files\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962

-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1

\Spybot\SDHelper.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-

B68D-6309F01C5231} - C:\Program

Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868

-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live -

{9030D464-4C02-4ABF-8ECC-5164760863C6} -

C:\Program Files\Common Files\Microsoft

Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense ABN AMRO -

{C41A1C0E-EA6C-11D4-B1B8-444553540007} -

C:\Windows\Downloaded Program Files\CONFLICT.1

\gbiehabn.dll

O4 - HKLM\..\Run: [Windows Defender] %

ProgramFiles%\Windows Defender\MSASCui.exe -

hide

O4 - HKLM\..\Run: [bigDogPath]

C:\Windows\VM302Snap.exe Vimicro USB PC Camera

(ZC0302)

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 9.0

\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Domino]

C:\Windows\Domino.exe

O4 - HKLM\..\Run: [mcagent_exe] C:\Program

Files\McAfee.com\Agent\mcagent.exe /runkey

O4 - HKLM\..\Run: [igfxTray]

C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds]

C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence]

C:\Windows\system32\igfxpers.exe

O4 - HKCU\..\Run: [sidebar] C:\Program

Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter]

rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program

Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer]

C:\Program Files\Spybot\TeaTimer.exe

O9 - Extra button: Skype - {77BF5300-1474-4EC7

-9980-D32B190E9B07} - C:\Program

Files\Skype\Toolbars\Internet

Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-

48C4-A200-58CAB36FD2A2} - C:\PROGRA~1

\Spybot\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search &

Destroy Configuration - {DFB852A3-47F8-48C4-

A200-58CAB36FD2A2} - C:\PROGRA~1

\Spybot\SDHelper.dll

O10 - Unknown file in Winsock LSP:

c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP:

c:\windows\system32\napinsp.dll

O11 - Options group: [iNTERNATIONAL]

International*

O13 - Gopher Prefix:

O16 - DPF: {2D8ED06D-3C30-438B-96AE-

4D110FDC1FB8} (ActiveScan 2.0 Installer Class)

-

http://acs.pandasoftware.com/activescan/cabs/as

2stubie.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-

E099162EEEC5} (Symantec RuFSI Utility Class) -

http://security.symantec.com/sscv6/SharedConten

t/common/bin/cabsa.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-

3EE46475B072} (MessengerStatsClient Class) -

http://messenger.zone.msn.com/binary/MessengerS

tatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-

444553540000} (Shockwave Flash Object) -

http://fpdownload2.macromedia.com/get/shockwave

/cabs/flash/swflash.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-

5FA49E399007} (GbPluginObj Class) -

https://wwws.realsecureweb.com.br/mpr/plugin/Ca

b/GbPluginABN.cab

O18 - Protocol: livecall - {828030A1-22C1-4009

-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1

\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-

854F-8E305202313F} - C:\PROGRA~1\WI1F86~1

\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-

4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1

\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: igfxcui -

C:\Windows\SYSTEM32\igfxdev.dll

O23 - Service: @%SystemRoot%

\ehome\ehstart.dll,-101 (ehstart) - Unknown

owner - %windir%\system32\svchost.exe (file

missing)

O23 - Service: InstallDriver Table Manager

(IDriverT) - Macrovision Corporation -

C:\Program Files\Common

Files\InstallShield\Driver\1150\Intel 32

\IDriverT.exe

O23 - Service: McAfee Services (mcmscsvc) -

McAfee, Inc. - C:\PROGRA~1

\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) -

McAfee, Inc. - c:\PROGRA~1\COMMON~1

\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee,

Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) -

McAfee, Inc. - c:\PROGRA~1\COMMON~1

\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner

(McShield) - McAfee, Inc. - C:\PROGRA~1

\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) -

McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1

\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service

(MpfService) - McAfee, Inc. - C:\Program

Files\McAfee\MPF\MPFSrv.exe

O23 - Service: @%SystemRoot%\system32

\qwave.dll,-1 (QWAVE) - Unknown owner - %

windir%\system32\svchost.exe (file missing)

O23 - Service: SBSD Security Center Service

(SBSDWSCService) - Safer Networking Ltd. -

C:\Program Files\Spybot\SDWinSec.exe

O23 - Service: @%SystemRoot%\system32

\seclogon.dll,-7001 (seclogon) - Unknown owner

- %windir%\system32\svchost.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media

Player\wmpnetwk.exe,-101 (WMPNetworkSvc) -

Unknown owner - %ProgramFiles%\Windows Media

Player\wmpnetwk.exe (file missing)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia... segue atualizado

Logfile of HijackThis v1.99.1

Scan saved at 09:48:03, on 22/10/2008

Platform: Unknown Windows (WinNT 6.00.1905 SP1)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Spybot\SDWinSec.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskeng.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\VM302Snap.exe

C:\Windows\Domino.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Spybot\TeaTimer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Tatinha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2UUD8F5\HijackThis[1].exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Windows\Downloaded Program Files\CONFLICT.1\gbiehabn.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [bigDogPath] C:\Windows\VM302Snap.exe Vimicro USB PC Camera (ZC0302)

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.exe

O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot\TeaTimer.exe

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O13 - Gopher Prefix:

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot\SDWinSec.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Aba do IE abre sozinha.... de tempos em tempos eu to navegando em alguma coisa e começa abrir um monte de abas do IE que só consigo parar finalizando tarefa no gerenciados de tarefas.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá,

Faça o download de OTListIt e salve no desktop.

  • Duplo clique no icone da ferrameta que está no seu desktop.
  • Clique emk Run Scan e deixe a ferramenta ser executada.
  • Quando a ferramenta finalizar o the scan, gerará dois arquivos texto:
    • OTViewIt.Txt <- Será automaticamente aberto no Bloco de Notas
    • Extras.txt <- estará no desktop

    [*] Copie (Ctrl+C) e cole (Ctrl+V) todo o conteudo do arquivo OTViewIt.Txt e do Extras.txt

    na sua proxima resposta.

Abraço

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fatal error: Maximum execution time of 30 seconds exceeded in /www/forum/includes/functions.php on line 1736

Daqui a pouco tento colocar os logs de novo

Compartilhar este post


Link para o post
Compartilhar em outros sites

Lusitano,

Não consigo mandar o log de jeito nenhum. Fica dando o erro acima.

Tem outra forma que possa te mandar?

Obrigada

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá,

Baixe o ATF-Cleaner.

  • Clique em ATF-Cleaner.exe .
  • Em "Select Files To Delete", marque Select All.
  • Clique em Empty Selected.
  • Na janela Done Cleaning dê o OK e Exit.

Atenção: Se utiliza o Firefox:

  • No topo clique em Firefox e escolha: Select All
  • Depois, clique em Empty Selected.

Atenção: Se utiliza o Opera:

  • No topo clique em Opera e escolha: Select All
  • Depois, clique em Empty Selected.

Temporariamente desactive o seu anti-virus!

Faça um Online Scan em kaspersky Virusscanner

  • Clique em Clipboard01-1.jpg
  • Quando questionando para instalar o ActiveX, clique Clipboard015.jpg
  • Aguarde a instalação e a actualização e depois clique em Clipboard013.jpg
  • Clique agora em Clipboard016.jpg
  • Nas opções do scan (settings), certifique-se que as entradas abaixo estão selecionadas:
    • Scan using the following Anti-Virus database:

    • Extended (if available otherwise Standard)

    • Scan Options:

    • Scan Archives
      Scan Mail Bases

    [*]Clique Clipboard014.jpg

    [*]Clique em My Computer para que seja feito um Scan completo no seu Sistema.

    [*]Será inciaido o scan e poderá demorar um pouco. Seja paciente e aguarde.

    [*]No final do Scan, clique no botão Save as Text

    [*]Salve o log com os resultados e cole-o na sua próxima mensagem.

    [*]Gere e cole também um novo log do HijackThis.

Abraços

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia,

Seguem os logs

--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7 REPORT

Sunday, October 26, 2008

Operating System: Microsoft Windows Vista Ultimate Edition, 32-bit Service Pack 1 (build 6001)

Kaspersky Online Scanner 7 version: 7.0.25.0

Program database last update: Sunday, October 26, 2008 02:36:02

Records in database: 1346576

--------------------------------------------------------------------------------

Scan settings:

Scan using the following database: extended

Scan archives: yes

Scan mail databases: yes

Scan area - My Computer:

A:\

C:\

D:\

E:\

F:\

G:\

H:\

I:\

Scan statistics:

Files scanned: 158550

Threat name: 1

Infected objects: 1

Suspicious objects: 0

Duration of the scan: 02:09:28

File name / Threat name / Threats count

D:\Outra_Maquina\Programas\Nero 8 Ultra Edition 8.2.8.0\Nero-8.2.8.0_all_trial.exe Infected: not-a-virus:WebToolbar.Win32.MyWebSearch.bm 1

The selected area was scanned.

e

Logfile of HijackThis v1.99.1

Scan saved at 04:11:05, on 26/10/2008

Platform: Unknown Windows (WinNT 6.00.1905 SP1)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\Explorer.EXE

C:\Program Files\Spybot\SDWinSec.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\VM302Snap.exe

C:\Windows\Domino.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

C:\Program Files\McAfee\MPF\MPFSrv.exe

c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

c:\PROGRA~1\mcafee\msc\mcuimgr.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Tatinha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PTMG494L\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Windows\Downloaded Program Files\CONFLICT.1\gbiehabn.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [bigDogPath] C:\Windows\VM302Snap.exe Vimicro USB PC Camera (ZC0302)

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Domino] C:\Windows\Domino.exe

O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot\TeaTimer.exe

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O13 - Gopher Prefix:

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: igfxcui - C:\Windows\SYSTEM32\igfxdev.dll

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot\SDWinSec.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá,

Apenas o Java está desatualizado. No mais o seu log está limpo!

Versões antigas e desatualizadas, estão mais vulneráveis aos malwares.

  • Faça o download da última versão do Java Runtime Environment (JRE) 6 Update 10 e salve no seu ambiente de trabalho (Desktop).
  • Navegue até "Java Runtime Environment (JRE) 6 Update 10...allows end-users to run Java applications".
  • Clique em "Download". (está do lado direito)
  • Selecione a sua Plataforma: "Windows".
  • Selecione a sua linguagem: "Português".
  • Leia a Licença de uso e marque a caixa: "Accept License Agreement".
  • Clique "Continue".
  • Clique no link para download Windows Offline Installation e salve o arquivo no seu Ambiente de Trabalho.
  • Feche todos os programas que esteja usar. Especialmente o seu Navegador (IE, Firefox, etc)
  • Clique em Iniciar -> Configurações -> Painel de Controle, duplo clique em Adicionar/Remover Programas e remova todas as versões antigas de Java.
  • Marque qualquer item , que tenha no nome: Java Runtime Environment (JRE ou J2SE). Deverá ter um icone como este javaicon.jpg
  • Clique em Remover ou Modificar/Remover.
  • Repita quantas vezes for necessário, até que tenha removido todas as versões antigas de Java que existam no seu PC.
  • Reinicie o seu computador, após ter removido as versões antigas de Java.
  • Dê agora o duplo-clique em jre-6u10-windows-i586-p.exe (está no seu desktop), para instalar a nova e mais segura versão de Java.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×