Publicado em 7 de abr.

[Arquivado] Muitos Malwares !

Olá Imasters, boa noite !

Bom, estou com esse computador emprestado, e o mesmo está lotado de vírus... E progamas indesejáveis, tais como, o "BoBrowser", que não permite eu usar o google chorne, anuncios abrem do nada... Entre outros...

Gostaria que me ajudasse quanto antes ! Por favor ><, valeu mesmo pela ajuda

Segue os logs do HijackThis :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:40:48, on 07/04/2015
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16561)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\UPCleaner\0.4.50.7548\UGTray.exe
C:\Program Files\XTab\cmdshell.exe
C:\Users\Meninos\AppData\Local\gmsd_br_339\upgmsd_br_339.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\XTab\HPNotify.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\gmsd_br_339\gmsd_br_339.exe
C:\Program Files\gmsd_br_342\gmsd_br_342.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Infigo\Infigo.exe
C:\Program Files\MyPC Backup\MyPC Backup.exe
C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Browser Good\bin\BrowserGood.BrowserAdapter.exe
C:\Program Files\Browser Good\bin\BrowserGood.BOASHelper.exe
C:\Program Files\Browser Good\bin\BrowserGood.expext.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sm23mS\2ac1cfbc-f31f-4b03-b886-f0ff1dd51d5e-10.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\gmsd_br_342\gmsd_br_342.exe
C:\Users\Meninos\AppData\Local\BoBrowser\Application\bobrowser.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\wermgr.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.navegaki.com/?bd=hp&oem=Cube&uid=WDCXWD1200BEVS-60UST0_WD-WXEY07N4971349713&version=2.2.0.7859&pid=414031160&tid=295

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.navegaki.com/?bd=hp&oem=Cube&uid=WDCXWD1200BEVS-60UST0_WD-WXEY07N4971349713&version=2.2.0.7859&pid=414031160&tid=295

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.navegaki.com/?bd=hp&oem=Cube&uid=WDCXWD1200BEVS-60UST0_WD-WXEY07N4971349713&version=2.2.0.7859&pid=414031160&tid=295

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=dspp&ts=1427157324&from=slbnew&uid=WDCXWD1200BEVS-60UST0_WD-WXEY07N4971349713&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=dspp&ts=1427157324&from=slbnew&uid=WDCXWD1200BEVS-60UST0_WD-WXEY07N4971349713&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchult.com/?bd=hp&oem=Somo&uid=WDCXWD1200BEVS-60UST0_WD-WXEY07N4971349713&version=2.0.0.1288&pid=414031160&cs=c7c873af2bd2c720a25ff1c7824a2a30

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Browser Good 1.0.0.7 - {2dd0916f-60de-4413-8198-d3c9d9b959d1} - (no file)
O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O3 - Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - (no file)
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [gmsd_br_339] "C:\Program Files\gmsd_br_339\gmsd_br_339.exe"
O4 - HKLM\..\Run: [gmsd_br_342] "C:\Program Files\gmsd_br_342\gmsd_br_342.exe"
O4 - HKLM\..\Run: [baidu PC Faster 5.1.0.0] "C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe" -auto -start
O4 - HKLM\..\Run: [baidu PC Faster 4.0.0.0] "C:\Program Files\PC Faster\5.1.0.0\PCFTray.exe" -auto -start
O4 - HKLM\..\RunOnce: [upgmsd_br_339.exe] C:\Users\Meninos\AppData\Local\gmsd_br_339\upgmsd_br_339.exe -runonce
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [boBrowser] "C:\Users\Meninos\AppData\Local\BoBrowser\Application\bobrowser.exe"
O4 - HKCU\..\Run: [infigo] C:\Program Files\Infigo\Infigo.exe onrun
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - Startup: MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe
O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files\MyPC Backup\BackupStack.exe
O23 - Service: ClaraUpdater - ClaraLabs - C:\Program Files\Common Files\ClaraUpdater\ClaraUpdater.exe

O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: IHProtect Service - XTab system - C:\Program Files\XTab\ProtectService.exe
O23 - Service: Infigo Operator (InfigoOperator) - Unknown owner - C:\Program Files\Infigo\InfigoOperator.exe
O23 - Service: KqyarGrMe - Small Island Development - C:\ProgramData\LxaEtehZsG\KqyarGrMe.exe
O23 - Service: Baidu PC Faster Service 5.1.0.0 (PCFasterSvc_{PCFaster_5.1.0.0}) - Baidu Inc. - C:\Program Files\PC Faster\5.1.0.0\PCFasterSvc.exe
O23 - Service: Net Service Event Handler (Sed) - Navigation Co., Ltd. - C:\Users\Meninos\AppData\Roaming\ntsvc\ntsvc.exe
O23 - Service: UPCleaner SVC (UGSVC) - Unknown owner - C:\Program Files\UPCleaner\0.4.50.7548\UGSvc.exe
O23 - Service: Update Browser Good - Unknown owner - C:\Program Files\Browser Good\updateBrowserGood.exe
O23 - Service: Util Browser Good - Unknown owner - C:\Program Files\Browser Good\bin\utilBrowserGood.exe

--
End of file - 8832 bytes

(Estou usando o bo browser para postar, pois não tenho também nenhum outro navegador)

Discussão (4)

Entre ou cadastre-se para participar da discussão

Entrar Criar conta

Carregando comentários...