Publicado em 14 de set.

[Resolvido] &nbspWIN32 não é um aplicativo valido

Olá,

estou com um problema e acho que é devido a algum virus. Ao tentar instalar alguns programas aparece a seguinte mensagem

WIN32 não é um aplicativo valido, eu já rodei o avg e o malwerebits mas não apareceu nada. espero por alguma ajuda.

DESDE JÁ AGRADEÇO A ATENÇÃO.

Discussão (12)

Entre ou cadastre-se para participar da discussão

Entrar Criar conta

Power Max· 14 de set.

:) Olá!

:seta: Crie uma pasta própria (como por exemplo C:\Arquivos de Programas\HijackThis).

Faça o download do HijackThis e no momento de salvá-lo escolha a opção de salvá-lo nesta pasta que você acabou de criar e descompacte o hijackthis.zip dentro dela.

Dê um duplo clique no instalador do Hijackthis > clique na opção I Accept.

Clique no botão: Do a system scan and save a logfile. Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar).

Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado.

Ficamos no aguardo de sua resposta.

vandinhoneves· 14 de set.

Logfile of HijackThis v1.99.1

Scan saved at 19:44:01, on 14/9/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\AVG\AVG9\avgchsvx.exe

C:\Arquivos de programas\AVG\AVG9\avgrsx.exe

C:\Arquivos de programas\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxsrvc.exe

C:\ARQUIV~1\AVG\AVG9\avgtray.exe

C:\Arquivos de programas\USB Disk Win98 Driver\Res.EXE

C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe

C:\Arquivos de programas\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Arquivos de programas\Internet Download Manager\IDMan.exe

C:\Arquivos de programas\AVG\AVG9\avgwdsvc.exe

C:\Arquivos de programas\Gigabyte\EasySaver\ESSVR.EXE

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\AVG\AVG9\avgnsx.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

C:\Arquivos de programas\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Arquivos de programas\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\Internet Download Manager\IEMonitor.exe

C:\Documents and Settings\PhD\Desktop\HijackThis\HijackThis.exe

C:\Arquivos de programas\AVG\AVG9\avgupd.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss&affID=100339&mntrId=94fbefbc0000000000006cf049f23579

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG9\Toolbar\IEToolbar.dll

R3 - URLSearchHook: Messenger Plus Toolbar - {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Arquivos de programas\Messenger_Plus\prxtbMess.dll

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Arquivos de programas\Internet Download Manager\IDMIECC.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Arquivos de programas\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG9\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG9\Toolbar\IEToolbar.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\ARQUIV~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Messenger Plus - {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Arquivos de programas\Messenger_Plus\prxtbMess.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Arquivos de programas\AVG\AVG9\Toolbar\IEToolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Messenger Plus Toolbar - {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - C:\Arquivos de programas\Messenger_Plus\prxtbMess.dll

O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Arquivos de programas\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [AVG9_TRAY] C:\ARQUIV~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [uSB Storage Toolbox] C:\Arquivos de programas\USB Disk Win98 Driver\Res.EXE

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Arquivos de programas\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PhD\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Arquivos de programas\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [iDMan] C:\Arquivos de programas\Internet Download Manager\IDMan.exe /onboot

O4 - Startup: Registros Seagate 2GH1LVAF.lnk = C:\Documents and Settings\PhD\Dados de aplicativos\Leadertech\PowerRegister\Registros Seagate 2GH1LVAF.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Enviar para o OneNote - res://C:\ARQUIV~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Arquivos de programas\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Fazer o download usando o IDM - C:\Arquivos de programas\Internet Download Manager\IEExt.htm

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Arquivos de programas\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Arquivos de programas\AVG\AVG9\Toolbar\IEToolbar.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG9\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Arquivos de programas\AVG\AVG9\Toolbar\ToolbarBroker.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Arquivos de programas\AVG\AVG9\avgwdsvc.exe

O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Arquivos de programas\Gigabyte\EasySaver\ESSVR.EXE

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: Microsoft SharePoint Workspace Audit Service - Unknown owner - C:\Arquivos de programas\Microsoft Office\Office14\GROOVE.EXE" /auditservice (file missing)

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: ServiceLayer - Nokia - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

Power Max· 15 de set.

:seta: Abra o HijackThis, clique em Do a system scan only, marque as entradas abaixo e clique em Fix checked:

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

_____________________

:seta: Siga também, por gentileza, as dicas deste tutorial para fazer uma limpeza de seu PC com o Findykill:

Tutorial do Findykill

Na sua próxima resposta poste o log do Findykill que estará em C:\FindyKill.txt e nos diga como está o seu Pc depois disto.

Ficamos no aguardo.

vandinhoneves· 16 de set.

############################## | FindyKill V5.053 |

User : PhD (Usuários) # PHD-9FAE5951927

Update on 23/10/2010 by El Desaparecido

Start at: 20:59:50 | 15/9/2011

Website : http://www.teamxscript.org/

Contact : eldesaparecido@teamxscript.org

Processador Intel Pentium II

Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3

Internet Explorer 8.0.6001.18702

Windows Firewall Status : Enabled

AV : AVG Anti-Virus Free 9.0 [ Enabled | Updated ]

C:\ # Disco fixo local # 48,83 Go (28,71 Go free) # NTFS

D:\ # Disco fixo local # 100,21 Go (72,3 Go free) # NTFS

E:\ # Disco CD-ROM

G:\ # Disco removível # 3,76 Go (3,36 Go free) # FAT32

H:\ # Disco removível # 44,84 Mo (44,69 Mo free) # FAT

I:\ # Disco removível # 13,8 Mo (3,45 Mo free) [PMBPORTABLE] # FAT

J:\ # Disco fixo local # 232,88 Go (40,99 Go free) [Vandinho-armazenagem] # NTFS

################## | Ficheiros infeciosos |

################## | Bagle Trace ... |

################## | Registro |

################## | Estado |

Safe mode restaurado !

ainda não estou conseguindo instalar o programa MXONE, aparece a mesma mensagem.

Power Max· 16 de set.

:seta: Siga, por gentileza, as dicas deste tutorial para fazer um escaneamento de seu PC pelo Nod32 Online:

Tutorial do antivirus Nod32 Online

Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:

C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt

Na sua próxima resposta poste este log do Nod32 Online juntamente com um novo log do Hijackthis e nos diga, por gentileza, como está o seu PC após seguir este procedimento. Ficamos no aguardo de sua resposta.

vandinhoneves· 17 de set.

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

version=7

iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

OnlineScanner.ocx=1.0.0.6528

api_version=3.0.2

EOSSerial=80412c878d079b428d0d72002d80a338

end=finished

remove_checked=true

archives_checked=true

unwanted_checked=true

unsafe_checked=true

antistealth_checked=true

utc_time=2011-09-17 03:30:37

local_time=2011-09-17 12:30:37 (-0300, Hora oficial do Brasil)

country="Brazil"

lang=1033

osver=5.1.2600 NT Service Pack 3

compatibility_mode=1024 16777191 100 0 41746920 41746920 0 0

compatibility_mode=8192 67108863 100 0 0 0 0 0

scanned=70735

found=18

cleaned=18

scan_time=7184

C:\Arquivos de programas\VideoScavenger_1eEI\Installr\4.bin\1eEIPlug.dll a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\PhD\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\11\668e8acb-6df39c88 Java/TrojanDownloader.Agent.JX trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Documents and Settings\PhD\Dados de aplicativos\Sun\Java\Deployment\cache\6.0\3\13d3a3c3-1d6d66f2 Java/TrojanDownloader.Agent.JX trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{DD5DAC96-F4E0-46F7-94D6-7A0C80AB3736}\RP228\A0071447.dll a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

D:\Meus Arquivos\Meus programas\Alcohol.120.v1.9.5.3105 (With Crack) - TORRENTLOUNGE.COM\beleza-a120_1953105-patch.exe a variant of Win32/HackTool.Patcher.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

D:\Meus Arquivos\Meus programas\Alcohol.120.v1.9.5.3105 (With Crack) - TORRENTLOUNGE.COM\beleza-a120_1953105-patch.exe.BAK a variant of Win32/HackTool.Patcher.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

D:\Meus Arquivos\Meus programas\Everest Ultimate Edition v4.00.976_by_rubenssoto\Keygen\keygen.exe probably a variant of Win32/Agent.HLKGIJY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

D:\Meus Arquivos\Meus programas\free rip\freeripmp3.exe Win32/AdInstaller application (deleted - quarantined) 00000000000000000000000000000000 C

D:\Meus Arquivos\Meus programas\Msg plus live-423\MsgPlusLive-423.exe a variant of Win32/MessengerPlus application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

D:\Meus Arquivos\Meus programas\Nero 8\Nero-8.1.1.0b_ptb_trial.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C

D:\Meus Arquivos\Meus programas\Nero 8\Nero-8.3.2.1_ptb_trial.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C

D:\Meus Arquivos\Meus programas\PowerISO.v4.2\PowerISO.v4.2 - By sghugo - theevolution.org.rar a variant of Win32/Keygen.AF application (deleted - quarantined) 00000000000000000000000000000000 C

D:\System Volume Information\_restore{DD5DAC96-F4E0-46F7-94D6-7A0C80AB3736}\RP228\A0071448.exe a variant of Win32/HackTool.Patcher.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

D:\System Volume Information\_restore{DD5DAC96-F4E0-46F7-94D6-7A0C80AB3736}\RP228\A0071449.exe probably a variant of Win32/Agent.HLKGIJY trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

D:\System Volume Information\_restore{DD5DAC96-F4E0-46F7-94D6-7A0C80AB3736}\RP228\A0071450.exe Win32/AdInstaller application (deleted - quarantined) 00000000000000000000000000000000 C

D:\System Volume Information\_restore{DD5DAC96-F4E0-46F7-94D6-7A0C80AB3736}\RP228\A0071451.exe a variant of Win32/MessengerPlus application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

D:\System Volume Information\_restore{DD5DAC96-F4E0-46F7-94D6-7A0C80AB3736}\RP228\A0071452.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C

D:\System Volume Information\_restore{DD5DAC96-F4E0-46F7-94D6-7A0C80AB3736}\RP228\A0071453.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C

Logfile of HijackThis v1.99.1

Scan saved at 13:04:57, on 17/9/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\AVG\AVG9\avgchsvx.exe

C:\Arquivos de programas\AVG\AVG9\avgrsx.exe

C:\Arquivos de programas\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\RTHDCPL.EXE

C:\ARQUIV~1\AVG\AVG9\avgtray.exe

C:\Arquivos de programas\USB Disk Win98 Driver\Res.EXE

C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe

C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

C:\Arquivos de programas\AVG\AVG9\avgwdsvc.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe

C:\Arquivos de programas\Nokia\Nokia PC Suite 7\PCSuite.exe

C:\Arquivos de programas\Internet Download Manager\IDMan.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Gigabyte\EasySaver\ESSVR.EXE

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\IoctlSvc.exe

C:\Arquivos de programas\AVG\AVG9\avgnsx.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\Documents and Settings\PhD\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

C:\Arquivos de programas\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\Arquivos de programas\Internet Download Manager\IEMonitor.exe

C:\Documents and Settings\PhD\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\NOTEPAD.EXE