Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Analise de LOG, não consigo rodar malwares-bytes e nem desinstalar.
Segue LOG
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:26:30, on 19/10/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\ARQUIV~1\GbPlugin\GbpSv.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Arquivos de programas\Ahead\InCD\InCDsrv.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\System32\SCardSvr.exe
D:\WINDOWS\system32\svchost.exe
D:\Arquivos de programas\Java\jre7\bin\jqs.exe
D:\Arquivos de programas\McAfee\SiteAdvisor\McSACore.exe
D:\Arquivos de programas\Arquivos comuns\McAfee\McSvcHost\McSvHost.exe
D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\system32\mfevtps.exe
D:\WINDOWS\system32\svchost.exe
D:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mcshield.exe
D:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\mfefire.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\System32\alg.exe
D:\Arquivos de programas\McAfee.com\Agent\mcagent.exe
D:\WINDOWS\system32\aetcrss1.exe
D:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Arquivos de programas\Baidu Security\PC Faster\3.7.0.0\PCFasterSvc.exe
D:\Arquivos de programas\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe
D:\WINDOWS\system32\msiexec.exe
D:\Documents and Settings\Sidnei\Meus documentos\Downloads\HijackThis.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - D:\Arquivos de programas\Scpad\scpsssh2.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Arquivos de programas\Java\jre7\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - D:\Arquivos de programas\Arquivos comuns\McAfee\SystemCore\ScriptSn.20120627080103.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - d:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - D:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbiehcef.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - D:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - d:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - D:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [mcui_exe] "D:\Arquivos de programas\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [CertificateRegistration] aetcrss1.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [baidu PC Faster 3.7.0.0] "D:\Arquivos de programas\Baidu Security\PC Faster\3.7.0.0\PCFaster.exe" -auto -start
O4 - HKLM\..\RunOnce: [Del2294187] cmd.exe /Q /D /c del "D:\DOCUME~1\Sidnei\CONFIG~1\Temp\0.del"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Sidnei\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [Del2294125] cmd.exe /Q /D /c del "D:\DOCUME~1\Sidnei\CONFIG~1\Temp\0.del"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - D:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O15 - Trusted Zone: *.caixa.gov.br
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - d:\ARQUIV~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - d:\ARQUIV~1\mcafee\msc\mcsniepl.dll
O20 - Winlogon Notify: GbPluginCef - D:\Arquivos de programas\GbPlugin\gbiehcef.dll
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - D:\Arquivos de programas\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - D:\Arquivos de programas\Scpad\scpLIB.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - D:\ARQUIV~1\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - D:\Arquivos de programas\Google\Update\GoogleUpdate.exe--
End of file - 9982 bytes
Carregando comentários...