[Resolvido!] Suspeita de Trojan,Erros!

[wallysson 0]

Vou colocar aki o log do HJT

 

Logfile of HijackThis v1.99.1

Scan saved at 07:48 Kledson, on 1/11/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Netropa\Multimedia Keyboard\nhksrv.exe

F:\Instalação\Avast\aswUpdSv.exe

F:\Instalação\Avast\ashServ.exe

F:\INSTAL~1\AVG\avgamsvr.exe

F:\INSTAL~1\AVG\avgupsvc.exe

F:\INSTAL~1\AVG\avgemc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

F:\Instalação\Spyware\Spyware Doctor\sdhelp.exe

C:\WINDOWS\system32\slserv.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

F:\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

F:\Instalação\Avast\ashMaiSv.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

F:\Instalação\Avast\ashWebSv.exe

C:\WINDOWS\System32\alg.exe

C:\Arquivos de programas\Netropa\Multimedia Keyboard\MMKeybd.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Arquivos de programas\Netropa\Multimedia Keyboard\TrayMon.exe

C:\Arquivos de programas\Netropa\Onscreen Display\OSD.exe

F:\INSTAL~1\AVG\avgcc.exe

F:\INSTAL~1\Avast\ashDisp.exe

C:\Arquivos de programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe

F:\Instalação\Daemon\DAEMON Tools\daemon.exe

C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\Arquivos de programas\Arquivos comuns\PCSuite\DataLayer\DataLayer.exe

C:\Arquivos de programas\Arquivos comuns\Nokia\Tools\NclTray.exe

C:\Arquivos de programas\MagicRotation\MagicPvt.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Arquivos de programas\Logitech\Video\LogiTray.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\lg_fwupdate\fwupdate.exe

C:\Arquivos de programas\Arquivos comuns\PCSuite\Services\ServiceLayer.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\PROGRA~2\B'SCLI~1\Win2K\BSCLIP.exe

C:\ARQUIV~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\WINDOWS\system32\iexplorer.dll.exe

C:\WINDOWS\system32\cmrss.dll.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Electronic Arts\EA Downloader\Core.exe

C:\ARQUIV~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe

C:\Arquivos de programas\Skype\Phone\Skype.exe

F:\Instalação\Spyware\Spyware Doctor\swdoctor.exe

C:\Arquivos de programas\Logitech\Video\FxSvr2.exe

C:\Arquivos de programas\PLANET\WL-3553\RtlWake.exe

C:\WINDOWS\system32\RAMASST.exe

F:\Arquivos de programas\ectaskscheduler.exe

F:\Arquivos de programas\connmngmntbox.exe

C:\Arquivos de programas\SEC\Natural Color\NaturalColorLoad.exe

F:\ARQUIV~1\Elogerr.exe

C:\Arquivos de programas\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe

C:\Arquivos de programas\SEC\MagicTune3.5_Client\GammaTray.exe

F:\Instalação\SMS Tray\SMSTray\SMSTray.exe

F:\ARQUIV~1\BROADC~1.EXE

F:\ARQUIV~1\SCRFS.exe

C:\WINDOWS\system32\isass.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Kledson Alves\Desktop\HijackThis.exe

C:\WINDOWS\system32\msbcs.exe

C:\WINDOWS\system32\dwwin.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Arquivos de programas\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Arquivos de programas\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Arquivos de programas\MyWebSearch\bar\2.bin\MWSBAR.DLL

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\INSTAL~1\Spyware\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: ohb Class - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\SearchTool\nseB.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\INSTAL~1\Spyware\SPYWAR~1\tools\iesdpb.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Arquivos de programas\ToolBar888\MyToolBar.dll (file missing)

O2 - BHO: (no name) - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\WINDOWS\system32\mpeg4dec0.dll

O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Arquivos de programas\ToolBar888\MyToolBar.dll (file missing)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Arquivos de programas\MyWebSearch\bar\2.bin\MWSBAR.DLL

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Arquivos de programas\Netropa\Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [avast! Web Scanner] C:\ARQUIV~1\ALWILS~1\Avast4\ashWebSv.exe

O4 - HKLM\..\Run: [AVG7_CC] F:\INSTAL~1\AVG\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [avast!] F:\INSTAL~1\Avast\ashDisp.exe

O4 - HKLM\..\Run: [Name of App] C:\Arquivos de programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe

O4 - HKLM\..\Run: [DAEMON Tools] "F:\Instalação\Daemon\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [DataLayer] C:\Arquivos de programas\Arquivos comuns\PCSuite\DataLayer\DataLayer.exe

O4 - HKLM\..\Run: [Nokia Tray Application] C:\Arquivos de programas\Arquivos comuns\Nokia\Tools\NclTray.exe

O4 - HKLM\..\Run: [MagicRotation] C:\Arquivos de programas\MagicRotation\MagicPvt.exe

O4 - HKLM\..\Run: [RemoteControl] "F:\Instalação\power DVD 5\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "F:\Instalação\power DVD 5\Language\Language.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Arquivos de programas\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Arquivos de programas\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" blrun

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [b'sCLiP] C:\PROGRA~2\B'SCLI~1\Win2K\BSCLIP.exe

O4 - HKLM\..\Run: [TaskList] "C:\windows\system32\tasklist32.exe"

O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\ARQUIV~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\ARQUIV~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

O4 - HKLM\..\Run: [ ] C:\WINDOWS\revali.exe

O4 - HKLM\..\Run: [isass] C:\WINDOWS\system32\isass.exe

O4 - HKLM\..\Run: [iexplorer] C:\WINDOWS\system32\iexplorer.dll.exe

O4 - HKLM\..\Run: [cmrss] C:\WINDOWS\system32\cmrss.dll.exe

O4 - HKLM\..\Run: [msbcs] C:\WINDOWS\system32\msbcs.exe

O4 - HKLM\..\RunServices: [avast!] C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [EA Core] "C:\Arquivos de programas\Electronic Arts\EA Downloader\Core.exe" -silent

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Arquivos de programas\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\ARQUIV~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\ARQUIV~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [spyware Doctor] "F:\Instalação\Spyware\Spyware Doctor\swdoctor.exe" /Q

O4 - Startup: Xfire.lnk = F:\Jogos\Xfire\Xfire.exe

O4 - Startup: SMSTray.lnk = ?

O4 - Global Startup: PLANET WL-3553.lnk = ?

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O4 - Global Startup: PCSuiteForNokia6600 TS.lnk = ?

O4 - Global Startup: PCSuiteForNokia6600 Detect.lnk = ?

O4 - Global Startup: NaturalColorLoad.lnk = ?

O4 - Global Startup: MagicTune 3.5.lnk = ?

O4 - Global Startup: Color Calibration.lnk = ?

O8 - Extra context menu item: &Google Search - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZJfox000

O8 - Extra context menu item: &Translate English Word - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?e56b602d9a5f4be48b169da36d74cd1b

O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?e56b602d9a5f4be48b169da36d74cd1b

O8 - Extra context menu item: Backward Links - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://F:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm

O8 - Extra context menu item: Similar Pages - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\INSTAL~1\Spyware\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Instalação\Avast\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - F:\Instalação\Avast\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - F:\Instalação\Avast\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - F:\Instalação\Avast\ashWebSv.exe" /service (file missing)

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\INSTAL~1\AVG\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\INSTAL~1\AVG\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - F:\INSTAL~1\AVG\avgemc.exe

O23 - Service: CameraServer - Unknown owner - C:\Arquivos de programas\Eyemail Technology Inc\CameraServer.exe

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Arquivos de programas\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - F:\Instalação\Spyware\Spyware Doctor\sdhelp.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\Alcohol 120\StarWind\StarWindService.exe

[jgarcia 1]

Opa wallysson,

 

Vamos lá.

 

Habilite o Windows para mostrar todos os arquivos (até ocultos).

 

Desinstale:

-> MyWebSearch

-> ToolBar888

 

Utilize Adicionar / Remover programas.

 

Desinstale, um a um, e reinicie após tê-los desinstalado.

 

Obs.: Caso não encontre algum dos programas acima citados na lista apenas passe para a próxima etapa.

 

1ª Etapa

 

Baixe o Killbox em:

Killbox

 

1. Execute o Killbox, clique em Delete on Reboot.

 

2. Copie a lista abaixo em negrito para a área de transferência. Selecione --> Editar --> Copiar.

C:\WINDOWS\system32\SearchTool\nseB.dll

C:\WINDOWS\system32\mpeg4dec0.dll

C:\WINDOWS\system32\winmqx32.dll

C:\windows\system32\tasklist32.exe

C:\WINDOWS\system32\isass.exe

C:\WINDOWS\system32\iexplorer.dll.exe

C:\WINDOWS\system32\cmrss.dll.exe

C:\WINDOWS\system32\msbcs.exe

C:\WINDOWS\revali.exe

3. Retorne ao Killbox. Clique em File > Paste from clipboard. Clique em All Files.

 

4. Aperte em "X". Responda "não" à pergunta.

 

É prudente que você faça a impressão deste documento ou salve-o em um lugar de fácil acesso, pois na próxima etapa entraremos em Modo de Seguro e a conexão à internet não será possível.

 

2ª Etapa

 

Reinicie o computador em Modo Seguro (após reiniciar aperte a tecla F8 até aparecer uma tela preta em DOS e escolha Modo Seguro).

 

Execute o HijackThis, clique em Do a system scan only e marque:

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Arquivos de programas\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL

O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Arquivos de programas\MyWebSearch\SrchAstt\2.bin\MWSSRCAS.DLL

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Arquivos de programas\MyWebSearch\bar\2.bin\MWSBAR.DLL

O2 - BHO: ohb Class - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\SearchTool\nseB.dll

O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Arquivos de programas\ToolBar888\MyToolBar.dll (file missing)

O2 - BHO: (no name) - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\WINDOWS\system32\mpeg4dec0.dll

O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Arquivos de programas\ToolBar888\MyToolBar.dll (file missing)

O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Arquivos de programas\MyWebSearch\bar\2.bin\MWSBAR.DLL

O4 - HKLM\..\Run: [TaskList] "C:\windows\system32\tasklist32.exe"

O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\ARQUIV~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\ARQUIV~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

O4 - HKLM\..\Run: [ ] C:\WINDOWS\revali.exe

O4 - HKLM\..\Run: [isass] C:\WINDOWS\system32\isass.exe

O4 - HKLM\..\Run: [iexplorer] C:\WINDOWS\system32\iexplorer.dll.exe

O4 - HKLM\..\Run: [cmrss] C:\WINDOWS\system32\cmrss.dll.exe

O4 - HKLM\..\Run: [msbcs] C:\WINDOWS\system32\msbcs.exe

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\ARQUIV~1\MYWEBS~1\bar\2.bin\mwsoemon.exe

O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing)

Clique em Fix Checked.

 

3ª Etapa

 

Ainda em Modo Seguro localize e delete:

 

C:\Arquivos de programas\MyWebSearch <- a pasta

C:\Arquivos de programas\ToolBar888 <- a pasta

C:\WINDOWS\system32\SearchTool <- a pasta

 

4ª Etapa

 

Reinicie em Modo Normal.

 

Poste o novo log do HijackThis.

 

Aguardo retorno.

 

Um abraço.

[wallysson 0]

agora n apareceu mais nada valeu amigo

 

vai ai o log do HJT

 

Logfile of HijackThis v1.99.1

Scan saved at 12:26 Kledson, on 1/11/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Netropa\Multimedia Keyboard\nhksrv.exe

F:\Instalação\Avast\aswUpdSv.exe

F:\Instalação\Avast\ashServ.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

C:\Arquivos de programas\Netropa\Multimedia Keyboard\MMKeybd.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Arquivos de programas\Netropa\Multimedia Keyboard\TrayMon.exe

F:\INSTAL~1\AVG\avgcc.exe

C:\Arquivos de programas\Netropa\Onscreen Display\OSD.exe

F:\INSTAL~1\Avast\ashDisp.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe

F:\Instalação\Daemon\DAEMON Tools\daemon.exe

C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\Arquivos de programas\Arquivos comuns\PCSuite\DataLayer\DataLayer.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Arquivos de programas\Arquivos comuns\Nokia\Tools\NclTray.exe

C:\Arquivos de programas\MagicRotation\MagicPvt.exe

C:\WINDOWS\system32\RunDLL32.exe

F:\INSTAL~1\AVG\avgamsvr.exe

C:\Arquivos de programas\Logitech\Video\LogiTray.exe

C:\Arquivos de programas\Arquivos comuns\PCSuite\Services\ServiceLayer.exe

C:\Arquivos de programas\lg_fwupdate\fwupdate.exe

F:\INSTAL~1\AVG\avgupsvc.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

F:\INSTAL~1\AVG\avgemc.exe

C:\PROGRA~2\B'SCLI~1\Win2K\BSCLIP.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Electronic Arts\EA Downloader\Core.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\ARQUIV~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Skype\Phone\Skype.exe

C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

F:\Instalação\Spyware\Spyware Doctor\swdoctor.exe

F:\Instalação\Spyware\Spyware Doctor\sdhelp.exe

C:\Arquivos de programas\PLANET\WL-3553\RtlWake.exe

C:\WINDOWS\system32\slserv.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\RAMASST.exe

F:\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\system32\svchost.exe

F:\Arquivos de programas\ectaskscheduler.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Arquivos de programas\Logitech\Video\FxSvr2.exe

F:\Arquivos de programas\connmngmntbox.exe

C:\Arquivos de programas\SEC\Natural Color\NaturalColorLoad.exe

F:\ARQUIV~1\Elogerr.exe

C:\Arquivos de programas\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe

C:\Arquivos de programas\SEC\MagicTune3.5_Client\GammaTray.exe

F:\Instalação\SMS Tray\SMSTray\SMSTray.exe

F:\ARQUIV~1\BROADC~1.EXE

F:\ARQUIV~1\SCRFS.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

F:\Instalação\Avast\ashMaiSv.exe

F:\Instalação\Avast\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\alg.exe

F:\Instalação\Avast\setup\avast.setup

C:\Documents and Settings\Kledson Alves\Desktop\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\INSTAL~1\Spyware\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: ohb Class - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\SearchTool\nseB.dll (file missing)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\INSTAL~1\Spyware\SPYWAR~1\tools\iesdpb.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O2 - BHO: (no name) - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\WINDOWS\system32\mpeg4dec0.dll (file missing)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Arquivos de programas\Netropa\Multimedia Keyboard\MMKeybd.exe

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [avast! Web Scanner] C:\ARQUIV~1\ALWILS~1\Avast4\ashWebSv.exe

O4 - HKLM\..\Run: [AVG7_CC] F:\INSTAL~1\AVG\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [avast!] F:\INSTAL~1\Avast\ashDisp.exe

O4 - HKLM\..\Run: [Name of App] C:\Arquivos de programas\SAMSUNG\FW LiveUpdate\Liveupdate.exe

O4 - HKLM\..\Run: [DAEMON Tools] "F:\Instalação\Daemon\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [DataLayer] C:\Arquivos de programas\Arquivos comuns\PCSuite\DataLayer\DataLayer.exe

O4 - HKLM\..\Run: [Nokia Tray Application] C:\Arquivos de programas\Arquivos comuns\Nokia\Tools\NclTray.exe

O4 - HKLM\..\Run: [MagicRotation] C:\Arquivos de programas\MagicRotation\MagicPvt.exe

O4 - HKLM\..\Run: [RemoteControl] "F:\Instalação\power DVD 5\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "F:\Instalação\power DVD 5\Language\Language.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Arquivos de programas\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Arquivos de programas\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe" blrun

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [b'sCLiP] C:\PROGRA~2\B'SCLI~1\Win2K\BSCLIP.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\RunServices: [avast!] C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [EA Core] "C:\Arquivos de programas\Electronic Arts\EA Downloader\Core.exe" -silent

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Arquivos de programas\Logitech\Video\ManifestEngine.exe" boot

O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\ARQUIV~1\Nero\NEROPH~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [spyware Doctor] "F:\Instalação\Spyware\Spyware Doctor\swdoctor.exe" /Q

O4 - Startup: Xfire.lnk = F:\Jogos\Xfire\Xfire.exe

O4 - Startup: SMSTray.lnk = ?

O4 - Global Startup: PLANET WL-3553.lnk = ?

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O4 - Global Startup: PCSuiteForNokia6600 TS.lnk = ?

O4 - Global Startup: PCSuiteForNokia6600 Detect.lnk = ?

O4 - Global Startup: NaturalColorLoad.lnk = ?

O4 - Global Startup: MagicTune 3.5.lnk = ?

O4 - Global Startup: Color Calibration.lnk = ?

O8 - Extra context menu item: &Google Search - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: &Translate English Word - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmwordtrans.html

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?e56b602d9a5f4be48b169da36d74cd1b

O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?e56b602d9a5f4be48b169da36d74cd1b

O8 - Extra context menu item: Backward Links - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://F:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Similar Pages - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://c:\arquivos de programas\google\GoogleToolbar2.dll/cmtrans.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\INSTAL~1\Spyware\SPYWAR~1\tools\iesdpb.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Instalação\Avast\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - F:\Instalação\Avast\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - F:\Instalação\Avast\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - F:\Instalação\Avast\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\INSTAL~1\AVG\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\INSTAL~1\AVG\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - F:\INSTAL~1\AVG\avgemc.exe

O23 - Service: CameraServer - Unknown owner - C:\Arquivos de programas\Eyemail Technology Inc\CameraServer.exe

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Arquivos de programas\Netropa\Multimedia Keyboard\nhksrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - F:\Instalação\Spyware\Spyware Doctor\sdhelp.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - F:\Alcohol 120\StarWind\StarWindService.exe

[jgarcia 1]

Opa wallysson,

 

O seu log está LIMPO. :thumbsup:

 

Para finalizar:

 

1. Desabilite e Reabilite a função de Restauração Automática do XP. Clique aqui para ver como.

 

PS.: Sugiro que mantenha apenas um antivírus em sua máquina (Avast ou AVG). A manutenção de dois ou mais não representa maior segurança ao PC. A sua máquina é uma prova disto, já que nenhum dos dois foi capaz de detectar e/ou remover as pragas que nela estavam.

 

Abraços.

[jgarcia 1]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto é necessário enviar uma Mensagem Privada para um Moderador com um link para o tópico.