[Arquivado]Popup CID mercado livre e party friend

[Jarnaud1986 0]

Meu pc esta com esse problema de novo..

segue o log do hijackthis em modo normal...

 

Logfile of HijackThis v1.99.1

Scan saved at 12:41:42, on 24/6/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\WINNT\Explorer.EXE

C:\Arquivos de programas\Eset\nod32krn.exe

C:\WINNT\system32\nvsvc32.exe

C:\WINNT\system32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe

C:\WINNT\SOUNDMAN.EXE

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\WINNT\system32\pctspk.exe

C:\Arquivos de programas\Arquivos comuns\Nokia\Tools\NclTray.exe

C:\Arquivos de programas\Musicmatch\Musicmatch Jukebox\mmtask.exe

C:\Arquivos de programas\Logitech\Video\LogiTray.exe

C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb04.exe

C:\Arquivos de programas\Arquivos comuns\PCSuite\DataLayer\DataLayer.exe

C:\Arquivos de programas\Eset\nod32kui.exe

C:\WINNT\system32\ctfmon.exe

C:\WINNT\system32\LVComS.exe

C:\Arquivos de programas\Arquivos comuns\PCSuite\Services\ServiceLayer.exe

c:\arquiv~1\intern~1\iexplore.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Velox\Discador\discador.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\WinRAR\WinRAR.exe

C:\DOCUME~1\JOOALB~1\CONFIG~1\Temp\Rar$EX02.328\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe

O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install

O4 - HKLM\..\Run: [NvMediaCenter] "RunDLL32.exe" NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINNT\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [Nokia Tray Application] "C:\Arquivos de programas\Arquivos comuns\Nokia\Tools\NclTray.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe

O4 - HKLM\..\Run: [mmtask] "C:\Arquivos de programas\Musicmatch\Musicmatch Jukebox\mmtask.exe"

O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Arquivos de programas\Logitech\Video\LogiTray.exe"

O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Arquivos de programas\Logitech\Video\ISStart.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb04.exe

O4 - HKLM\..\Run: [DataLayer] "C:\Arquivos de programas\Arquivos comuns\PCSuite\DataLayer\DataLayer.exe"

O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe

O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe

O4 - HKCU\..\Run: [hope spam] C:\DOCUME~1\JOOALB~1\DADOSD~1\GRIDER~1\softaxisjugs.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jin...ows-i586-jc.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} - https://imagem.caixa.gov.br/cab/GbPluginCef.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{96D6F78A-480B-4711-8B9D-3A75DE94E9A2}: NameServer = 200.165.132.154 200.149.55.140

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINNT\SYSTEM32\WgaLogon.dll

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINNT\system32\WPDShServiceObj.dll

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe

[jgarcia 1]

Opa Jarnaud1986,

 

Baixe o ComboFix em:

ComboFix

 

1) Dê um duplo-clique no combofix.exe e tecle "Y" para prosseguir. O processo vai durar, em média, 10 minutos;

2) O ComboFix reiniciará o PC automaticamente, a fim de que o processo de remoção seja finalizado;

3) Quando a varredura acabar, será gerado um log, que estará em C:\ComboFix.txt;

4) Não clique na janela do ComboFix, nem feche clicando no X, enquanto a ferramenta estiver sendo executada, pois isto implicará na desconfiguração de seu desktop (ele ficará todo branco);

5) Para parar ou sair do ComboFix, tecle "N";

6) Preciso que você cole o conteúdo do ComboFix.txt em sua próxima resposta.

 

Abraços.

[morato20 0]

olá, bom eu estou com o mesmo problema (Pop up - CiD)

fiz o download do ComboFix e ai esta o log:

 

 

"Administrador" - 2007-07-21 21:05:32 - ComboFix 07-07-17.8 - Service Pack 2 NTFS

 

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

C:\svchost.exe

 

 

((((((((((((((((((((((((( Files Created from 2007-06-22 to 2007-07-22 )))))))))))))))))))))))))))))))

 

 

2007-07-21 21:04 51,200 --a------ C:\WINDOWS\nircmd.exe

2007-07-21 16:34 228,314 --a------ C:\WINDOWS\ADDONS SITECS (NONSTEAM) Uninstaller.exe

2007-07-21 16:34 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Thraex Software

2007-07-21 13:55 <DIR> dr------- C:\Mu Angles

2007-07-21 10:29 <DIR> d-------- C:\GTA San Andreas

2007-07-21 10:17 <DIR> d-------- C:\Arquivos de programas\Valve

2007-07-20 20:41 <DIR> d--h----- C:\WINDOWS\$hf_mig$

2007-07-20 20:37 43,352 --a------ C:\WINDOWS\system32\wups2.dll

2007-07-20 20:37 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution

2007-07-19 21:29 <DIR> d--hs---- C:\RECYCLER

2007-07-19 20:03 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys

2007-07-19 20:03 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys

2007-07-19 20:03 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS

2007-07-19 20:03 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys

2007-07-19 20:03 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys

2007-07-19 20:03 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys

2007-07-19 20:03 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys

2007-07-19 20:02 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll

2007-07-19 19:59 94,208 --a------ C:\WINDOWS\amcap.exe

2007-07-19 19:59 61,440 --a------ C:\WINDOWS\system32\csnpstd3.dll

2007-07-19 19:59 57,344 --a------ C:\WINDOWS\system32\rsnpstd3.dll

2007-07-19 19:59 498,432 --a------ C:\WINDOWS\system32\drivers\snpstd3.sys

2007-07-19 19:59 36,864 --a------ C:\WINDOWS\system32\vsnpstd3.dll

2007-07-19 19:59 339,968 --a------ C:\WINDOWS\vsnpstd3.exe

2007-07-19 19:59 20,480 --a------ C:\WINDOWS\usnpstd3.exe

2007-07-19 19:59 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\snpstd3

2007-07-19 18:32 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll

2007-07-19 18:32 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll

2007-07-19 18:32 6,144 --a------ C:\WINDOWS\system32\kbd106.dll

2007-07-19 18:32 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll

2007-07-19 18:32 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll

2007-07-19 18:32 5,632 --a------ C:\WINDOWS\system32\kbd103.dll

2007-07-19 15:59 <DIR> d-------- C:\DOCUME~1\ADMINI~1\.jSMS

2007-07-18 16:00 42,776 --a------ C:\WINDOWS\mssadv.dll

2007-07-18 16:00 11,776 --a------ C:\svchost2.exe

2007-07-18 16:00 10,752 --a------ C:\WINDOWS\msscan.dll

2007-07-18 16:00 10,752 --a------ C:\WINDOWS\msiemon.dll

2007-07-18 16:00 10,752 --a------ C:\WINDOWS\msfw.dll

2007-07-18 16:00 10,752 --a------ C:\WINDOWS\msctrl.dll

2007-07-18 16:00 10,752 --a------ C:\WINDOWS\msavsc.dll

2007-07-18 16:00 <DIR> d-------- C:\Arquivos de programas\Microsoft Security Adviser

2007-07-18 12:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Messenger Plus!

2007-07-18 12:31 <DIR> d-------- C:\Arquivos de programas\Windows Live

2007-07-18 12:31 <DIR> d-------- C:\Arquivos de programas\Shim Bits

2007-07-18 12:31 <DIR> d-------- C:\Arquivos de programas\Messenger Plus! Live

2007-07-18 12:29 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\joy four nurb dead

2007-07-18 12:28 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Shim Bits

2007-07-18 12:27 <DIR> d-------- C:\Arquivos de programas\MessengerPlus! 3

2007-07-18 12:27 <DIR> d-------- C:\Arquivos de programas\Adverts

2007-07-17 21:27 <DIR> d-------- C:\MuTrix

2007-07-17 21:03 <DIR> d-------- C:\WINDOWS\pss

2007-07-17 20:48 4,005,756,928 --ahs---- C:\gobackio.bin

2007-07-17 20:47 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll

2007-07-17 20:47 4,092 --a------ C:\WINDOWS\system32\drivers\GBDevice.sys

2007-07-17 20:47 158,752 --a------ C:\WINDOWS\system32\drivers\GoBack2K.sys

2007-07-17 20:47 15,811 --a------ C:\WINDOWS\system32\drivers\GBFSHook.sys

2007-07-17 20:47 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Symantec

2007-07-17 20:47 <DIR> d-------- C:\Arquivos de programas\Symantec

2007-07-17 20:47 <DIR> d-------- C:\Arquivos de programas\Norton SystemWorks

2007-07-17 20:47 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Symantec Shared

2007-07-17 20:41 <DIR> d-------- C:\Driver de Video ATI RADEON

2007-07-17 20:41 <DIR> d-------- C:\DOCUME~1\ADMINI~1\DADOSD~1\Help

2007-07-17 20:26 <DIR> d-------- C:\DOCUME~1\ADMINI~1\Contacts

2007-07-17 20:25 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE

2007-07-17 20:16 114,688 --------- C:\WINDOWS\system32\ati2sgag.exe

2007-07-17 20:16 <DIR> d-------- C:\Arquivos de programas\ATI Technologies

2007-07-17 20:13 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys

2007-07-17 20:13 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys

2007-07-17 20:13 6,016 -ra------ C:\WINDOWS\system32\ntsim.sys

2007-07-17 20:13 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys

2007-07-17 20:13 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys

2007-07-17 20:13 40,960 -ra------ C:\WINDOWS\system32\drivers\fetnd5b.sys

2007-07-17 20:13 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys

2007-07-17 20:12 991,232 --a------ C:\WINDOWS\system32\virtear.dll

2007-07-17 20:12 978,944 --a------ C:\WINDOWS\SynthCoreA.Dll

2007-07-17 20:12 765,952 --a------ C:\WINDOWS\system\crlds3d.dll

2007-07-17 20:12 720,896 --a------ C:\WINDOWS\system32\Audio3d.dll

2007-07-17 20:12 720,896 --a------ C:\WINDOWS\system32\a3d.dll

2007-07-17 20:12 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys

2007-07-17 20:12 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys

2007-07-17 20:12 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys

2007-07-17 20:12 578,368 --a------ C:\WINDOWS\system32\drivers\smwdm.sys

2007-07-17 20:12 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2007-07-17 20:12 49,152 --a------ C:\WINDOWS\system32\S11thk32.dll

2007-07-17 20:12 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe

2007-07-17 20:12 45,056 --a------ C:\WINDOWS\system32\SynthCore11Resources.dll

2007-07-17 20:12 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe

2007-07-17 20:12 44 --a------ C:\WINDOWS\system32\msssc.dll

2007-07-17 20:12 40,820 --a------ C:\WINDOWS\system32\Syncor11.dll

2007-07-17 20:12 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys

2007-07-17 20:12 4,816 --a------ C:\WINDOWS\system32\drivers\aeaudio.sys

2007-07-17 20:12 4,096 --a------ C:\WINDOWS\system32\ksuser.dll

2007-07-17 20:12 380,928 --a------ C:\WINDOWS\SynCor.exe

2007-07-17 20:12 30,208 --a------ C:\WINDOWS\system32\wdmioctl.dll

2007-07-17 20:12 3,744 --a------ C:\WINDOWS\system32\drivers\smsens.sys

2007-07-17 20:12 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys

2007-07-17 20:12 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys

2007-07-17 20:12 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys

2007-07-17 20:12 1,285,632 --a------ C:\WINDOWS\system32\SMMedia.dll

2007-07-17 20:12 <DIR> d--h----- C:\Arquivos de programas\InstallShield Installation Information

 

 

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

 

2007-07-17 23:06:36 46,226 ----a-w C:\WINDOWS\system32\perfc016.dat

2007-07-17 23:06:36 338,240 ----a-w C:\WINDOWS\system32\perfh016.dat

2007-07-17 22:59:02 -------- d-----w C:\Arquivos de programas\Serviços on-line

2007-07-17 22:58:31 -------- d-----w C:\Arquivos de programas\Arquivos comuns\Serviços

 

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

*Note* empty entries & legit default entries are not shown

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

2004-12-14 01:56 63136 --a------ C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

2007-07-12 04:00 501136 --a------ C:\Arquivos de programas\Java\jre1.6.0_02\bin\ssv.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"nod32kui"="C:\Arquivos de programas\Eset\nod32kui.exe" [2007-07-17 20:01]

"Smapp"="C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57]

"nurb dead locks second"="C:\Documents and Settings\All Users\Dados de aplicativos\joy four nurb dead\grey axis.exe" [2007-07-18 12:32]

"msctrl.exe"="C:\Arquivos de programas\Microsoft Security Adviser\msctrl.exe" [2007-07-18 16:00]

"msavsc.exe"="C:\Arquivos de programas\Microsoft Security Adviser\msavsc.exe" [2007-07-18 16:00]

"msscan.exe"="C:\Arquivos de programas\Microsoft Security Adviser\msscan.exe" [2007-07-18 16:00]

"msiemon.exe"="C:\Arquivos de programas\Microsoft Security Adviser\msiemon.exe" [2007-07-18 16:00]

"msfw.exe"="C:\Arquivos de programas\Microsoft Security Adviser\msfw.exe" [2007-07-18 16:00]

"mssadv.exe"="" []

"Microsoft security adviser"="C:\Arquivos de programas\Microsoft Security Adviser\mssadv.exe" [2007-07-18 16:00]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]

"ATIPTA"="C:\Arquivos de programas\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-09-12 21:10]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 18:45]

"MsnMsgr"="C:\Arquivos de programas\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]

"Creative Real"="C:\DOCUME~1\ADMINI~1\DADOSD~1\SHIMBI~1\buildmail.exe" [2007-07-18 12:31]

"msctrl.exe"="C:\Arquivos de programas\Microsoft Security Adviser\msctrl.exe" [2007-07-18 16:00]

"msavsc.exe"="C:\Arquivos de programas\Microsoft Security Adviser\msavsc.exe" [2007-07-18 16:00]

"msscan.exe"="C:\Arquivos de programas\Microsoft Security Adviser\msscan.exe" [2007-07-18 16:00]

"msiemon.exe"="C:\Arquivos de programas\Microsoft Security Adviser\msiemon.exe" [2007-07-18 16:00]

"msfw.exe"="C:\Arquivos de programas\Microsoft Security Adviser\msfw.exe" [2007-07-18 16:00]

"mssadv.exe"="" []

"Microsoft security adviser"="C:\Arquivos de programas\Microsoft Security Adviser\mssadv.exe" [2007-07-18 16:00]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservicesonce]

"Geto"=C:\GetoMan\Client\VerMan.exe

"Geto Plus"=C:\GetoMan\Client\VerMan.exe

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"nlsf"=cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll"

"tscuninstall"=%systemroot%\system32\tscupgrd.exe

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"MsnMsgr"="C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

 

C:\DOCUME~1\ALLUSE~1\MENUIN~1\PROGRA~1\INICIA~1

Adobe Reader Speed Launch.lnk - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06]

GM-Plus Agent.lnk - C:\WINDOWS\system32\Agent\VerMan.exe [2007-07-17 20:09:41]

Norton GoBack.lnk - C:\Arquivos de programas\Norton SystemWorks\Norton GoBack\GBTray.exe [2007-07-17 20:47:57]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]

"DisableTaskMgr"=1 (0x1)

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"ForceClassicControlPanel"=1 (0x1)

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoSharedDocuments"=1 (0x1)

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]

"NoSharedDocuments"=1 (0x1)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5EA30390-CD35-11D5-B03F-0000E87525D0}"="C:\WINDOWS\system32\AgMon.dll" [2002-08-20 19:31]

 

 

Contents of the 'Scheduled Tasks' folder

2007-07-22 00:00:01 C:\WINDOWS\tasks\AB68C729918B7CC5.job

 

**************************************************************************

 

catchme 0.3.1040 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-07-21 21:07:27

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden registry entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

 

Completion time: 2007-07-21 21:08:24

C:\ComboFix-quarantined-files.txt ... 2007-07-21 21:08

 

--- E O F ---

-----------------------------------------------------------------------------------------------------------

Desde já Obrigado Pela Atenção... :)

[jgarcia 1]

Opa morato20,

 

Poste um log do HijackThis.

 

Aguardo retorno.

 

Abraços.

[morato20 0]

Opa, jgarcia..assim q possivel postarei.. é que a maquina esta fora de rede (tive q tirar umas peças sobressalentes dela para por em outra maquina) (Drive A: e Cooler)assim q possivel eu a montarei e posto o log pedido.. :thumbsup:

[morato20 0]

Jgarcia, assim como o prometido aqui esta o log do HJT

 

Logfile of HijackThis v1.99.1

Scan saved at 17:20:10, on 4/8/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Norton SystemWorks\Norton GoBack\GBPoll.exe

C:\Arquivos de programas\Eset\nod32krn.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Microsoft Security Adviser\msctrl.exe

C:\WINDOWS\system32\Agent\agent391.bin

C:\Arquivos de programas\Microsoft Security Adviser\msavsc.exe

C:\Arquivos de programas\Microsoft Security Adviser\msscan.exe

C:\Arquivos de programas\Microsoft Security Adviser\msiemon.exe

C:\Arquivos de programas\Microsoft Security Adviser\msfw.exe

C:\Arquivos de programas\Microsoft Security Adviser\mssadv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Google\Google Talk\googletalk.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\AgentSvc.exe

C:\Arquivos de programas\Norton SystemWorks\Norton GoBack\GBTray.exe

C:\Arquivos de programas\MSN Messenger\usnsvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\Administrador\Meus documentos\nao mecher\hijackthis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.compartilhando.org/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.compartilhando.org/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [msctrl.exe] C:\Arquivos de programas\Microsoft Security Adviser\msctrl.exe

O4 - HKLM\..\Run: [msavsc.exe] C:\Arquivos de programas\Microsoft Security Adviser\msavsc.exe

O4 - HKLM\..\Run: [msscan.exe] C:\Arquivos de programas\Microsoft Security Adviser\msscan.exe

O4 - HKLM\..\Run: [msiemon.exe] C:\Arquivos de programas\Microsoft Security Adviser\msiemon.exe

O4 - HKLM\..\Run: [msfw.exe] C:\Arquivos de programas\Microsoft Security Adviser\msfw.exe

O4 - HKLM\..\Run: [Microsoft security adviser] C:\Arquivos de programas\Microsoft Security Adviser\mssadv.exe

O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [bend logo clock film] C:\Documents and Settings\All Users\Dados de aplicativos\Frag great bend logo\owns wait.exe

O4 - HKLM\..\Run: [up mapi does film] C:\Documents and Settings\All Users\Dados de aplicativos\settings blue film frag\poke ace date.exe

O4 - HKLM\..\RunServicesOnce: [Geto] C:\GetoMan\Client\VerMan.exe

O4 - HKLM\..\RunServicesOnce: [Geto Plus] C:\GetoMan\Client\VerMan.exe

O4 - HKCU\..\Run: [msctrl.exe] C:\Arquivos de programas\Microsoft Security Adviser\msctrl.exe

O4 - HKCU\..\Run: [msavsc.exe] C:\Arquivos de programas\Microsoft Security Adviser\msavsc.exe

O4 - HKCU\..\Run: [msscan.exe] C:\Arquivos de programas\Microsoft Security Adviser\msscan.exe

O4 - HKCU\..\Run: [msiemon.exe] C:\Arquivos de programas\Microsoft Security Adviser\msiemon.exe

O4 - HKCU\..\Run: [msfw.exe] C:\Arquivos de programas\Microsoft Security Adviser\msfw.exe

O4 - HKCU\..\Run: [Microsoft security adviser] C:\Arquivos de programas\Microsoft Security Adviser\mssadv.exe

O4 - HKCU\..\Run: [Creative Real] C:\DOCUME~1\ADMINI~1\DADOSD~1\SHIMBI~1\buildmail.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - Global Startup: GM-Plus Agent.lnk = C:\WINDOWS\system32\Agent\VerMan.exe

O4 - Global Startup: Norton GoBack.lnk = C:\Arquivos de programas\Norton SystemWorks\Norton GoBack\GBTray.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_02\bin\ssv.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/

O17 - HKLM\System\CCS\Services\Tcpip\..\{640C6B23-C2E6-4763-B38E-4D7ECD7AB7A5}: NameServer = 201.10.128.3,201.10.120.3

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: GBPoll - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton GoBack\GBPoll.exe

O23 - Service: Geto Agent Service (GetoAgent) - Unknown owner - C:\WINDOWS\system32\AgentSvc.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

[jgarcia 1]

Opa morato20,

 

Desinstale:

-> Microsoft Security Adviser

 

Utilize Adicionar / Remover programas.

 

Desinstale-o e reinicie após tê-lo feito.

 

Retorne com um novo log do HijackThis.

 

Abraços.

[alebenetti 0]

Olá amigos , sou novo poraqui e estou tendo esse mesmo problema de pop up cid , poderiam me ajudar? Como vi q foi solicitado os logs do Hijack e ComboFix estou mandando abaixo

 

Logfile of HijackThis v1.99.1

Scan saved at 15:19:08, on 9/8/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Network Associates\Common Framework\FrameworkService.exe

C:\Arquivos de programas\Network Associates\VirusScan\Mcshield.exe

C:\Arquivos de programas\Network Associates\VirusScan\VsTskMgr.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Arquivos de programas\Network Associates\VirusScan\SHSTAT.EXE

C:\Arquivos de programas\Network Associates\Common Framework\UpdaterUI.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Microsoft Office\Office\FINDFAST.EXE

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\explorer.exe

E:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\hijack\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [shStatEXE] "C:\Arquivos de programas\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Arquivos de programas\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Windows Security Protocol] win32sprot.exe

O4 - HKCU\..\Run: [blah poll] C:\DOCUME~1\Benetti\DADOSD~1\chicpop\você Internet Atom.exe

O4 - Startup: Localização acelerada da Microsoft.lnk = C:\Arquivos de programas\Microsoft Office\Office\FINDFAST.EXE

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{03D58205-E5F1-42DA-9AF1-8E2916300AB2}: NameServer = 10.10.10.10

O17 - HKLM\System\CS1\Services\Tcpip\..\{03D58205-E5F1-42DA-9AF1-8E2916300AB2}: NameServer = 10.10.10.10

O17 - HKLM\System\CS2\Services\Tcpip\..\{03D58205-E5F1-42DA-9AF1-8E2916300AB2}: NameServer = 10.10.10.10

O17 - HKLM\System\CS3\Services\Tcpip\..\{03D58205-E5F1-42DA-9AF1-8E2916300AB2}: NameServer = 10.10.10.10

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Serviço McAfee Framework (McAfeeFramework) - Network Associates, Inc. - C:\Arquivos de programas\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Arquivos de programas\Network Associates\VirusScan\Mcshield.exe

O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Arquivos de programas\Network Associates\VirusScan\VsTskMgr.exe

 

 

 

 

 

 

ComboFix 07-08-09.3 - "Benetti" 2007-08-09 15:20:11.2 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.104 [GMT -3:00]

 

 

((((((((((((((((((((((((( Files Created from 2007-07-09 to 2007-08-09 )))))))))))))))))))))))))))))))

 

 

2007-08-09 15:18 <DIR> d-------- C:\Combo fix

2007-08-09 14:16 <DIR> d-------- C:\hijack

2007-08-09 13:38 51,200 --a------ C:\WINDOWS\nircmd.exe

2007-08-03 18:47 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\else download defy scr

2007-08-03 18:45 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\scr style mp3 glue

2007-08-03 18:44 <DIR> d-------- C:\Arquivos de programas\chicpop

2007-07-31 12:54 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys

2007-07-31 12:37 <DIR> d-------- C:\Arquivos de programas\VS Revo Group

2007-07-09 18:27 <DIR> d-a------ C:\fotos

 

 

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

 

2007-07-13 13:16 1321 --a------ C:\WINDOWS\mozver.dat

2007-06-12 16:29 --------- d-------- C:\Arquivos de programas\Windows Media Connect 2

2007-06-12 13:07 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2007-06-12 13:07 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_motmodem_01005.Wdf

2007-06-12 12:59 --------- d-------- C:\Arquivos de programas\Arquivos comuns\Motorola Shared

2007-05-22 15:33 216064 --a------ C:\WINDOWS\iun3405.exe

2007-05-16 12:13 86528 --------- C:\WINDOWS\system32\dllcache\directdb.dll

2007-05-16 12:13 85504 --------- C:\WINDOWS\system32\dllcache\wabimp.dll

2007-05-16 12:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll

2007-05-16 12:13 683520 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll

2007-05-16 12:13 510976 --------- C:\WINDOWS\system32\dllcache\wab32.dll

2007-05-16 12:13 1314816 --------- C:\WINDOWS\system32\dllcache\msoe.dll

2007-02-15 14:40 325519 --a------ C:\Arquivos de programas\cla.JPG

2007-02-06 14:34 361058 --a------ C:\Arquivos de programas\calii.jpg

2007-02-05 16:49 129491 --a------ C:\Arquivos de programas\DSC05956.JPG

2007-02-02 18:56 37735 --a------ C:\Arquivos de programas\cali.jpg

2007-01-09 20:45 16366 --a------ C:\Arquivos de programas\tatybtas.jpg

 

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

*Note* empty entries & legit default entries are not shown

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ShStatEXE"="C:\Arquivos de programas\Network Associates\VirusScan\SHSTAT.exe" [2003-10-15 07:10]

"McAfeeUpdaterUI"="C:\Arquivos de programas\Network Associates\Common Framework\UpdaterUI.exe" [2003-09-10 03:11]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:45]

"Windows Security Protocol"="win32sprot.exe" []

"Blah poll"="C:\DOCUME~1\Benetti\DADOSD~1\chicpop\você Internet Atom.exe" [2007-08-03 18:43]

 

C:\Documents and Settings\Benetti\Menu Iniciar\Programas\Inicializar\

Localiza‡Æo acelerada da Microsoft.lnk - C:\Arquivos de programas\Microsoft Office\Office\FINDFAST.EXE [1997-01-06]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 nwprovau

 

R1 PQNTDrv;PQNTDrv;C:\WINDOWS\system32\drivers\PQNTDrv.sys

R2 NWCWorkstation;Serviço de cliente para NetWare;C:\WINDOWS\system32\svchost.exe -k netsvcs

R3 ati2mtaa;ati2mtaa;C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys

R3 msloop;Microsoft Loopback Adapter Driver;C:\WINDOWS\system32\DRIVERS\loop.sys

R3 NWRDR;NetWare Rdr;C:\WINDOWS\system32\DRIVERS\nwrdr.sys

R3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\RTL8029.SYS

S3 ati2mpaa;ati2mpaa;C:\WINDOWS\system32\DRIVERS\ati2mpaa.sys

S3 ATICDSDr;ATICDSDr;\??\C:\WINDOWS\TEMP\ATICDSDr.sys

S3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sys

S3 Wdf01000;Wdf01000;C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

 

*Newly Created Service* - CATCHME

 

Contents of the 'Scheduled Tasks' folder

2007-08-09 18:00:02 C:\WINDOWS\Tasks\AFE3B07B90442733.job - c:\docume~1\benetti\dadosd~1\chicpop\lies dent bolt.exe

 

**************************************************************************

 

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-09 15:21:38

Windows 5.1.2600 Service Pack 2 FAT NTAPI

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

 

Completion time: 2007-08-09 15:22:45

C:\ComboFix2.txt ... 2007-08-09 13:44

 

--- E O F ---

 

 

 

por favor se puderem me ajudar.

 

grato

 

 

Benetti.

[jgarcia 1]

Opa alebenetti,

 

Favor criar um tópico próprio, conforme rege a REGRA Nº 01, ok. ;)

 

Abraços.

[Sam Spade 2]

Tópico Arquivado

 

Como o autor não respondeu por mais de 20 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.