[Resolvido!]Mirar Toolbar

[denilsonunes 0]

Ola a todos, sou novo por aqui e estou com um grande problema!Meu pc foi infectado por um tal de "Mirar toolbar".Não entendo quase nada de Pc's e sistemas, gostaria de obter a ajuda de vcs.Desde já agradeço a atenção!Denilson Nunes

[jgarcia 1]

Opa denilsonunes,

 

Faça o seguinte:

 

Baixe o HijackThis versão 1.99.1.

 

Depois > Iniciar > Meu Computador > 02 cliques no C > Coloca o HijackThis no C (extraindo do zip --> para uma pasta própria tipo c:/Hijack).

 

Execute o Hijack a partir do C, fechando os demais programas (deixando somente a área de trabalho).

 

Clique em Do a system scan and save a logfile, mas não marque nada, apenas poste o log gerado aqui neste mesmo tópico.

 

Abraços.

[denilsonunes 0]

Jgarcia,

Muito grato por sua atenção!

 

Abaixo o log, conforme sua instrução!

 

 

Logfile of HijackThis v1.99.1

Scan saved at 15:59:08, on 21/12/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\cisvc.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\Arquivos de programas\Softwin\BitDefender8\bdmcon.exe

C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeperUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Skype\Phone\Skype.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

C:\Arquivos de programas\K-LiteNitro\K-LiteNitro.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\TerraVOIP\TerraVOIP.EXE

C:\ARQUIV~1\INCRED~1\bin\IMApp.exe

C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe

C:\Arquivos de programas\K-LiteNitro\giFT\giFTl.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SSU.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\cidaemon.exe

C:\hijack\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.flyordie.com/getmsvm

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: RunBus Class - {4865F155-CE00-4E93-A414-147844D7C81A} - C:\WINDOWS\system32\tcblidaw.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [soundMAXPnP] "C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe"

O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [\\Ted-cb6\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P36 "\\Ted-cb6\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Auto EPSON Stylus CX4100 Series em TED] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P38 "Auto EPSON Stylus CX4100 Series em TED" /O14 "\\TED\EPSONSty" /M "Stylus CX4100"

O4 - HKLM\..\Run: [\\TED\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P32 "\\Ted\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [\\TED-386\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P36 "\\TED-386\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [Auto EPSON Stylus CX4100 Series em TED-386] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P42 "Auto EPSON Stylus CX4100 Series em TED-386" /O18 "\\TED-386\EPSONSty" /M "Stylus CX4100"

O4 - HKLM\..\Run: [Auto EPSON Stylus CX4100 Series em TED-27D] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P42 "Auto EPSON Stylus CX4100 Series em TED-27D" /O18 "\\TED-27D\EPSONSty" /M "Stylus CX4100"

O4 - HKLM\..\Run: [\\TED-27D\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P36 "\\TED-27D\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bDMCon] "C:\Arquivos de programas\Softwin\BitDefender8\bdmcon.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe"

O4 - HKLM\..\Run: [spySweeper] "C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [incrediMail] "C:\Arquivos de programas\IncrediMail\bin\IncMail.exe" /c

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [K-Lite Nitro BETA] "C:\Arquivos de programas\K-LiteNitro\K-LiteNitro.exe" /hide

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [googletalk] "C:\Arquivos de programas\Google\Google Talk\googletalk.exe" /autostart

O4 - HKCU\..\Run: [TerraVOIP] "C:\Arquivos de programas\TerraVOIP\TerraVOIP.EXE"

O4 - HKCU\..\Run: [Chckup] C:\WINDOWS\system32\Netverchk.exe

O4 - HKCU\..\Run: [eyeBeam SIP Client] "C:\Arquivos de programas\CounterPath\eyeBeam\eyeBeam.exe"

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?ed579856f8f74ae9869582c043cbcf6d

O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?ed579856f8f74ae9869582c043cbcf6d

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...923/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{EFEADBDE-4F26-46E4-9599-4A31722BCE53}: NameServer = 192.168.0.1

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

[jgarcia 1]

Opa denilsonunes,

 

1. Baixe o SmitfraudFix;

 

2. Desabilite a proteção do seu anti-vírus (temporariamente);

 

3. Extraia o arquivo SmitfraudFix para o seu desktop;

 

4. Execute o SmitfraudFix dando um duplo clique sobre smitfraudfix.cmd --> escolha a Opção 1;

 

5. Reabilite o seu anti-vírus;

 

6. Poste o log gerado pelo SmitfraudFix (opção 1).

 

Aguardo retorno.

 

Abraços.

[denilsonunes 0]

Ok! Jgarcia, feito.SmitFraudFix v2.131Scan done at 19:13:50,23, qui 21/12/2006Run from C:\Documents and Settings\Denilson\Desktop\SmitfraudFixOS: Microsoft Windows XP [versÆo 5.1.2600] - Windows_NTThe filesystem type is NTFSFix run in normal mode»»»»»»»»»»»»»»»»»»»»»»»» C:\»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Denilson»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Denilson\Application Data»»»»»»»»»»»»»»»»»»»»»»»» Start Menu»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Denilson\FAVORI~1»»»»»»»»»»»»»»»»»»»»»»»» Desktop»»»»»»»»»»»»»»»»»»»»»»»» C:\Arquivos de programas »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components]"Source"="About:Home""SubscribedURL"="About:Home""FriendlyName"="Minha p gina inicial atual" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler!!!Attention, following keys are not inevitably infected!!!SrchSTS.exe by S!RiSearch SharedTaskScheduler's .dll»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs!!!Attention, following keys are not inevitably infected!!![HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLs"=""»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System!!!Attention, following keys are not inevitably infected!!![HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]"System"=""»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection»»»»»»»»»»»»»»»»»»»»»»»» End

[jgarcia 1]

Opa denilsonunes,

 

1. Desabilite a proteção do seu antivírus (temporariamente);

 

2. Reinicie em Modo Seguro;

 

3. Execute o SmitfraudFix dando um duplo clique sobre smitfraudfix.cmd --> escolha a Opção 2;

 

4. Responda sim (y) à pergunta sobre a limpeza no registro (Do you want to clean the registry?);

 

5. Aguarde o término do scan e a geração do log;

 

6. Reinicie em Modo Normal;

 

7. Reabilite seu antivírus;

 

8. Poste o log do SmitfraudFix (opção 2) + log HijackThis (gerado em Modo Normal).

 

Aguardo retorno.

 

Abraços.

[denilsonunes 0]

Ok!

 

Jgracia conforme suas instruções.

 

Forte abraço! :natal_smile:

 

SmitFraudFix v2.131

 

Scan done at 9:59:05,01, s b 23/12/2006

Run from C:\Documents and Settings\Denilson\Desktop\SmitfraudFix

OS: Microsoft Windows XP [versÆo 5.1.2600] - Windows_NT

The filesystem type is NTFS

Fix run in normal mode

 

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix

!!!Attention, following keys are not inevitably infected!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

 

GenericRenosFix by S!Ri

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System

!!!Attention, following keys are not inevitably infected!!!

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"System"=""

 

 

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

 

Registry Cleaning done.

 

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix

!!!Attention, following keys are not inevitably infected!!!

 

SrchSTS.exe by S!Ri

Search SharedTaskScheduler's .dll

 

 

»»»»»»»»»»»»»»»»»»»»»»»» End

 

 

Hijackthis

 

 

Logfile of HijackThis v1.99.1

Scan saved at 10:04:06, on 23/12/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\cisvc.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE

C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

C:\WINDOWS\System32\svchost.exe

C:\ARQUIV~1\INCRED~1\bin\IMApp.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Softwin\BitDefender8\bdmcon.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeperUI.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SSU.EXE

C:\WINDOWS\system32\cidaemon.exe

C:\WINDOWS\explorer.exe

C:\hijack\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.flyordie.com/getmsvm

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: RunBus Class - {4865F155-CE00-4E93-A414-147844D7C81A} - C:\WINDOWS\system32\tcblidaw.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [soundMAXPnP] "C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe"

O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [\\Ted-cb6\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P36 "\\Ted-cb6\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Auto EPSON Stylus CX4100 Series em TED] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P38 "Auto EPSON Stylus CX4100 Series em TED" /O14 "\\TED\EPSONSty" /M "Stylus CX4100"

O4 - HKLM\..\Run: [\\TED\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P32 "\\Ted\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [\\TED-386\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P36 "\\TED-386\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [Auto EPSON Stylus CX4100 Series em TED-386] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P42 "Auto EPSON Stylus CX4100 Series em TED-386" /O18 "\\TED-386\EPSONSty" /M "Stylus CX4100"

O4 - HKLM\..\Run: [Auto EPSON Stylus CX4100 Series em TED-27D] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P42 "Auto EPSON Stylus CX4100 Series em TED-27D" /O18 "\\TED-27D\EPSONSty" /M "Stylus CX4100"

O4 - HKLM\..\Run: [\\TED-27D\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P36 "\\TED-27D\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bDMCon] "C:\Arquivos de programas\Softwin\BitDefender8\bdmcon.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe"

O4 - HKLM\..\Run: [spySweeper] "C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [incrediMail] "C:\Arquivos de programas\IncrediMail\bin\IncMail.exe" /c

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [K-Lite Nitro BETA] "C:\Arquivos de programas\K-LiteNitro\K-LiteNitro.exe" /hide

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [googletalk] "C:\Arquivos de programas\Google\Google Talk\googletalk.exe" /autostart

O4 - HKCU\..\Run: [TerraVOIP] "C:\Arquivos de programas\TerraVOIP\TerraVOIP.EXE"

O4 - HKCU\..\Run: [Chckup] C:\WINDOWS\system32\Netverchk.exe

O4 - HKCU\..\Run: [eyeBeam SIP Client] "C:\Arquivos de programas\CounterPath\eyeBeam\eyeBeam.exe"

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?ed579856f8f74ae9869582c043cbcf6d

O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?ed579856f8f74ae9869582c043cbcf6d

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...923/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{EFEADBDE-4F26-46E4-9599-4A31722BCE53}: NameServer = 192.168.0.1

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

[jgarcia 1]

Opa denilsonunes,

 

Vamos lá.

 

Habilite o Windows para mostrar todos os arquivos (até ocultos).

 

1ª Etapa

 

Baixe o Killbox em:

Killbox

 

1. Execute o Killbox, clique em Delete on Reboot.

 

2. Copie a lista abaixo em negrito para a área de transferência. Selecione --> Editar --> Copiar.

 

C:\WINDOWS\system32\Netverchk.exe

C:\WINDOWS\system32\tcblidaw.dll

 

3. Retorne ao Killbox. Clique em File > Paste from clipboard. Clique em All Files.

 

4. Aperte em "X". Responda "não" à pergunta.

 

É prudente que você faça a impressão deste documento ou salve-o em um lugar de fácil acesso, pois na próxima etapa entraremos em Modo de Seguro e a conexão à internet não será possível.

 

2ª Etapa

 

Reinicie o computador em Modo Seguro (após reiniciar aperte a tecla F8 até aparecer uma tela preta em DOS e escolha Modo Seguro).

 

Execute o HijackThis, clique em Do a system scan only e marque:

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.flyordie.com/getmsvm

O2 - BHO: RunBus Class - {4865F155-CE00-4E93-A414-147844D7C81A} - C:\WINDOWS\system32\tcblidaw.dll

O4 - HKCU\..\Run: [Chckup] C:\WINDOWS\system32\Netverchk.exe

Clique em Fix Checked.

 

3ª Etapa

 

Reinicie em Modo Normal.

 

Poste um novo log do HijackThis.

 

Aguardo retorno.

 

Um abraço.

[denilsonunes 0]

:natal_smile: Caro Jgracia!

 

Boas festas para você!

 

Abaixo os novos dados conforme sua instruções.

 

Forte abraço!

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 13:58:00, on 25/12/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\cisvc.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\Arquivos de programas\Softwin\BitDefender8\bdmcon.exe

C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeperUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\TerraVOIP\TerraVOIP.EXE

C:\ARQUIV~1\INCRED~1\bin\IMApp.exe

C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Webroot\Spy Sweeper\SSU.EXE

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wuauclt.exe

C:\ARQUIV~1\INCRED~1\bin\IncMail.exe

C:\hijack\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar2.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar2.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [soundMAXPnP] "C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe"

O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [\\Ted-cb6\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P36 "\\Ted-cb6\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Auto EPSON Stylus CX4100 Series em TED] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P38 "Auto EPSON Stylus CX4100 Series em TED" /O14 "\\TED\EPSONSty" /M "Stylus CX4100"

O4 - HKLM\..\Run: [\\TED\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P32 "\\Ted\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [\\TED-386\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P36 "\\TED-386\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [Auto EPSON Stylus CX4100 Series em TED-386] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P42 "Auto EPSON Stylus CX4100 Series em TED-386" /O18 "\\TED-386\EPSONSty" /M "Stylus CX4100"

O4 - HKLM\..\Run: [Auto EPSON Stylus CX4100 Series em TED-27D] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P42 "Auto EPSON Stylus CX4100 Series em TED-27D" /O18 "\\TED-27D\EPSONSty" /M "Stylus CX4100"

O4 - HKLM\..\Run: [\\TED-27D\EPSON Stylus CX4100 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEL.EXE" /P36 "\\TED-27D\EPSON Stylus CX4100 Series" /O6 "USB001" /M "Stylus CX4100"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bDMCon] "C:\Arquivos de programas\Softwin\BitDefender8\bdmcon.exe"

O4 - HKLM\..\Run: [bDNewsAgent] "C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe"

O4 - HKLM\..\Run: [spySweeper] "C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [incrediMail] "C:\Arquivos de programas\IncrediMail\bin\IncMail.exe" /c

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [K-Lite Nitro BETA] "C:\Arquivos de programas\K-LiteNitro\K-LiteNitro.exe" /hide

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [googletalk] "C:\Arquivos de programas\Google\Google Talk\googletalk.exe" /autostart

O4 - HKCU\..\Run: [TerraVOIP] "C:\Arquivos de programas\TerraVOIP\TerraVOIP.EXE"

O4 - HKCU\..\Run: [eyeBeam SIP Client] "C:\Arquivos de programas\CounterPath\eyeBeam\eyeBeam.exe"

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?ed579856f8f74ae9869582c043cbcf6d

O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?ed579856f8f74ae9869582c043cbcf6d

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...923/mcfscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{EFEADBDE-4F26-46E4-9599-4A31722BCE53}: NameServer = 192.168.0.1

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Arquivos de programas\Webroot\Spy Sweeper\SpySweeper.exe

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

[jgarcia 1]

Opa denilsonunes,

 

O seu log está LIMPO. :thumbsup:

 

Para finalizar:

 

1. Desabilite e Reabilite a função de Restauração Automática do XP. Clique aqui para ver como.

 

Abraços.

[denilsonunes 0]

:clap: :clap: Valeu mesmo Jgarcia!!!Muito grato por sua gentileza e presteza.Um excelente 2007 para você e sua familia!Que Deus o ilumine, hoje e sempre.Um forte abraço!Denilson Nunes

[jgarcia 1]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto é necessário enviar uma Mensagem Privada para um Moderador com um link para o tópico.