Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

manwe

[Resolvido!]CID Spyware

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

manwe    0

manwe
Postado

Olá à todos. Solicito ajuda para remover este tal de CID, que ocasiona a abertura não solicitada de páginas da Web em POP-UPs do IE. Já tentei remove-lo utilizando o SpyBot mas sem sucesso. Segue o Log do HijackThis:

 

Logfile of HijackThis v1.99.1

Scan saved at 18:02:50, on 16/8/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Softwin\BitDefender10\vsserv.exe

C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Microsoft IntelliType Pro\itype.exe

C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Logitech\SetPoint\SetPoint.exe

C:\Arquivos de programas\Arquivos comuns\Logitech\KHAL\KHALMNPR.EXE

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Arquivos de programas\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Arquivos de programas\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\ARQUIV~1\ARQUIV~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot

O4 - HKLM\..\Run: [itype] "c:\Arquivos de programas\Microsoft IntelliType Pro\itype.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] "C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [HP Component Manager] "C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ROAD ITCH AMOK PING] C:\Documents and Settings\All Users\Dados de aplicativos\Long slow road itch\INTRA TRAY.exe

O4 - HKLM\..\Run: [bDMCon] "C:\Arquivos de programas\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM\..\Run: [bDAgent] "C:\Arquivos de programas\Softwin\BitDefender10\bdagent.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Arquivos de programas\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [ACELIVE] C:\DOCUME~1A00~1\DADOSD~1\MFCDBI~1\time play.exe

O4 - Startup: Azureus.lnk = C:\Arquivos de programas\Azureus\Azureus.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Arquivos de programas\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: Append to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O23 - Service: Adobe Version Cue CS3 - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing)

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Arquivos de programas\Softwin\BitDefender10\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

 

Antecipadamente agradeço qualquer resposta.

Manwe

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Bom Dia manwe!

 

>@< Faça o download do ComboFix.

>@< Baixe-o para o Desktop!

>@< Feche todas as janelas e execute a ferramenta!

>@< Abrirá a janela Auto Scan. Aguarde!

>@< Digite a opção para continuar < Enter >

>@< Aguarde a conclusão!

>@< Poste o relatório: C:\ComboFix.txt,na sua resposta + Log do HJT,atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

manwe    0

manwe
Postado

Aparentemente o problema já está resolvido, de qualquer forma segue o requisitado:

 

HijackThis:

Logfile of HijackThis v1.99.1

Scan saved at 16:20:49, on 17/8/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Microsoft IntelliType Pro\itype.exe

C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\DAEMON Tools\daemon.exe

C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Logitech\SetPoint\SetPoint.exe

C:\Arquivos de programas\Azureus\Azureus.exe

C:\Arquivos de programas\Arquivos comuns\Logitech\KHAL\KHALMNPR.EXE

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Arquivos de programas\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Arquivos de programas\Adobe\/Adobe Contribute CS3/contributeieplugin.dll

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\ARQUIV~1\ARQUIV~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot

O4 - HKLM\..\Run: [itype] "c:\Arquivos de programas\Microsoft IntelliType Pro\itype.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] "C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe"

O4 - HKLM\..\Run: [HP Component Manager] "C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Arquivos de programas\DAEMON Tools\daemon.exe" -lang 1033

O4 - Startup: Azureus.lnk = C:\Arquivos de programas\Azureus\Azureus.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Arquivos de programas\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: Append to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O23 - Service: Adobe Version Cue CS3 - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" -win32service (file missing)

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

Combofix:

ComboFix 07-08-14.4 - "ÿ" 2007-08-17 16:15:48.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.660 [GMT -3:00]

* Created a new restore point

 

 

((((((((((((((((((((((((( Files Created from 2007-07-17 to 2007-08-17 )))))))))))))))))))))))))))))))

 

 

2007-08-17 16:15 51,200 --a------ C:\WINDOWS\nircmd.exe

2007-08-16 17:52 218,112 --a------ C:\HijackThis.exe

2007-08-16 17:24 81,984 --a------ C:\WINDOWS\system32\bdod.bin

2007-08-16 17:10 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Spybot - Search & Destroy

2007-08-16 15:06 <DIR> d-------- C:\Arquivos de programas\Diner Dash - Flo On The Go

2007-08-16 14:32 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Long slow road itch

2007-08-16 14:32 <DIR> d-------- C:\Arquivos de programas\BitDownload

2007-08-15 21:12 <DIR> d-------- C:\Downloads

2007-08-15 21:12 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Trymedia

2007-08-14 21:38 <DIR> d-------- C:\WINDOWS\Vbox

2007-08-14 21:38 <DIR> d-------- C:\Arquivos de programas\TI Education

2007-08-12 18:15 <DIR> d-------- C:\Nova pasta

2007-08-12 18:10 <DIR> d-------- C:\Arquivos de programas\Smart Projects

2007-08-12 17:54 <DIR> d-------- C:\DOCUME~1A00~1\DADOSD~1\fretsonfire

2007-08-11 15:06 <DIR> d-------- C:\Arquivos de programas\CDisplay

2007-08-10 22:08 <DIR> d-------- C:\DOCUME~1A00~1\DADOSD~1\Pistonsoft

2007-08-10 22:08 <DIR> d-------- C:\Arquivos de programas\Pistonsoft MP3 Tags Editor

2007-08-10 19:36 <DIR> d-------- C:\Arquivos de programas\Escape From Paradise

2007-08-09 21:40 <DIR> d-------- C:\Arquivos de programas\CDex_150

2007-08-09 17:52 <DIR> d-------- C:\DOCUME~1A00~1\DADOSD~1\GameHouse

2007-08-09 17:52 <DIR> d-------- C:\Arquivos de programas\GameHouse

2007-08-09 17:06 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Escape From Paradise

2007-08-07 22:02 458,752 --a------ C:\WINDOWS\system32\VagalumePluginWMP.dll

2007-08-06 18:45 <DIR> d---s---- C:\DOCUME~1A00~1\UserData

2007-08-05 18:03 <DIR> d-------- C:\Arquivos de programas\Play+Smile

2007-08-05 16:44 <DIR> d-------- C:\DOCUME~1A00~1\DADOSD~1\Help

2007-08-05 16:44 <DIR> d-------- C:\Arquivos de programas\iTunes

2007-08-05 16:44 <DIR> d-------- C:\Arquivos de programas\iPod

2007-08-05 16:43 <DIR> d-------- C:\Arquivos de programas\VPHoldem

2007-08-05 16:43 <DIR> d-------- C:\Arquivos de programas\Apple Software Update

2007-08-05 14:06 <DIR> d-------- C:\Arquivos de programas\DAMN NFO Viewer

2007-08-05 14:05 <DIR> d-------- C:\Arquivos de programas\Ricochet Infinity

2007-08-04 20:30 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe

2007-08-03 22:57 <DIR> d-------- C:\Arquivos de programas\MSXML 4.0

2007-08-01 21:35 <DIR> d-------- C:\Arquivos de programas\7-Zip

2007-08-01 17:33 <DIR> d-------- C:\Arquivos de programas\Azureus

2007-08-01 17:30 82,432 -ra------ C:\WINDOWS\system32\MSXML4r.dll

2007-08-01 17:30 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll

2007-08-01 17:30 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll

2007-08-01 17:30 44,544 -ra------ C:\WINDOWS\system32\MSXML4a.dll

2007-08-01 17:30 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll

2007-08-01 17:30 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Hewlett-Packard

2007-08-01 17:30 <DIR> d-------- C:\Arquivos de programas\Hewlett-Packard

2007-08-01 17:29 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard

2007-08-01 17:27 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll

2007-08-01 17:27 65,536 --a------ C:\WINDOWS\system32\HPZipm12.exe

2007-08-01 17:27 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe

2007-08-01 17:27 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll

2007-08-01 17:27 51,088 -ra------ C:\WINDOWS\system32\drivers\hpzid412.sys

2007-08-01 17:27 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll

2007-08-01 17:27 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys

2007-08-01 17:27 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll

2007-08-01 17:27 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys

2007-08-01 17:27 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys

2007-08-01 17:27 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys

2007-08-01 17:23 <DIR> d-------- C:\Arquivos de programas\HP

2007-08-01 17:22 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys

2007-08-01 17:22 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys

2007-08-01 17:22 43,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys

2007-08-01 17:22 129,784 --------- C:\WINDOWS\system32\pxafs.dll

2007-08-01 17:22 <DIR> d-------- C:\Arquivos de programas\Winamp

2007-08-01 17:21 17,176 --------- C:\WINDOWS\hpomdl04.dat

2007-08-01 17:21 104,670 --a------ C:\WINDOWS\hpoins04.dat

2007-08-01 17:11 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys

2007-08-01 17:11 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys

2007-08-01 16:11 <DIR> d-------- C:\DOCUME~1A00~1\DADOSD~1\Talkback

2007-08-01 14:02 4,096 --a------ C:\WINDOWS\d3dx.dat

2007-08-01 14:02 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\DADOSD~1\TEMP

2007-08-01 14:02 <DIR> d-------- C:\Arquivos de programas\KudosRockLegend_at

2007-08-01 13:33 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll

2007-08-01 13:33 740,442 --a------ C:\WINDOWS\system32\divx.dll

2007-08-01 13:33 73,728 --a------ C:\WINDOWS\system32\dpl100.dll

2007-08-01 13:33 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll

2007-08-01 13:33 630,784 --a------ C:\WINDOWS\system32\vp7vfw.dll

2007-08-01 13:33 564,224 --a------ C:\WINDOWS\system32\x264vfw.dll

2007-08-01 13:33 438,272 --a------ C:\WINDOWS\system32\vp6vfw.dll

2007-08-01 13:33 39,936 --a------ C:\WINDOWS\system32\huffyuv.dll

2007-08-01 13:33 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll

2007-08-01 13:33 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll

2007-08-01 13:33 217,088 --a------ C:\WINDOWS\system32\i420vfw.dll

2007-08-01 13:33 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll

2007-08-01 13:33 163,840 --a------ C:\WINDOWS\system32\unrar.dll

2007-08-01 13:33 144,384 --a------ C:\WINDOWS\system32\Iacenc.dll

2007-08-01 13:33 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Real

2007-08-01 13:33 <DIR> d-------- C:\DOCUME~1A00~1\DADOSD~1\Real

2007-08-01 13:33 <DIR> d-------- C:\DOCUME~1A00~1\DADOSD~1\Media Player Classic

2007-08-01 13:33 <DIR> d-------- C:\Arquivos de programas\K-Lite Codec Pack

2007-07-30 19:46 <DIR> d-------- C:\Arquivos de programas\ReflexiveArcade

2007-07-30 18:45 <DIR> d-------- C:\Arquivos de programas\iTunes Art Importer

2007-07-30 18:44 <DIR> d-------- C:\WINDOWS\system32\URTTEMP

2007-07-30 18:04 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Azureus

2007-07-30 18:04 <DIR> d-------- C:\DOCUME~1A00~1\DADOSD~1\Azureus

2007-07-30 17:54 <DIR> d-------- C:\Arquivos de programas\eMule

2007-07-29 21:04 <DIR> d-------- C:\WINDOWS\system32\appmgmt

2007-07-29 20:37 <DIR> d-------- C:\Arquivos de programas\Red Kawa

2007-07-29 14:59 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys

2007-07-29 14:49 <DIR> d-------- C:\DOCUME~1A00~1\DADOSD~1\Apple Computer

2007-07-29 14:48 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE

2007-07-29 14:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Apple Computer

2007-07-29 14:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Apple

 

 

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

 

2007-07-29 14:00 359040 --a------ C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL

2007-07-29 12:57 8972 --a------ C:\WINDOWS\pchealth\helpctr\Config\Cntstore.bin

2007-07-29 12:57 2426 --a------ C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin

--------- C:\Arquivos de programas\Serviços on-line

--------- C:\Arquivos de programas\Arquivos comuns\Serviços

 

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

*Note* empty entries & legit default entries are not shown

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acrobat Assistant 8.0"="C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-22 23:24]

"Adobe_ID0EYTHM"="C:\ARQUIV~1\ARQUIV~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40]

"SkyTel"="SkyTel.EXE" [2006-05-16 07:04 C:\WINDOWS\SkyTel.exe]

"RTHDCPL"="RTHDCPL.EXE" [2006-05-26 23:47 C:\WINDOWS\RTHDCPL.exe]

"GBB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-06-02 05:46]

"itype"="c:\Arquivos de programas\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22]

"nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-07-22 23:25 C:\WINDOWS\KHALMNPR.Exe]

"QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2007-06-29 06:24]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]

"HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 13:38]

"HP Component Manager"="C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18]

"iTunesHelper"="C:\Arquivos de programas\iTunes\iTunesHelper.exe" [2007-07-31 18:44]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45]

"DAEMON Tools"="C:\Arquivos de programas\DAEMON Tools\daemon.exe" [2006-11-12 07:48]

 

C:\Documents and Settings\ÿ\Menu Iniciar\Programas\Inicializar\

Azureus.lnk - C:\Arquivos de programas\Azureus\Azureus.exe [2007-01-13 20:14:04]

 

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\

Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2007-07-29 12:30:21]

Adobe Acrobat Synchronizer.lnk - C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2006-10-23 00:01:50]

Logitech SetPoint.lnk - C:\Arquivos de programas\Logitech\SetPoint\SetPoint.exe [2007-07-29 14:03:42]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"NoUserNameInStartMenu"=01000000

"NoTrayItemsDisplay"=00000000

 

R0 JGOGO;JMicron Hot-Plug Driver;C:\WINDOWS\system32\DRIVERS\JGOGO.sys

R0 JRAID;JRAID;C:\WINDOWS\system32\DRIVERS\jraid.sys

 

 

Contents of the 'Scheduled Tasks' folder

2007-08-10 15:22:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2007-08-15 11:59:07 C:\WINDOWS\Tasks\WebReg 20070815085906.job

 

**************************************************************************

 

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-17 16:17:29

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

 

Completion time: 2007-08-17 16:17:43

 

--- E O F ---

 

Grato pela atenção.

Manwe

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Bom Dia manwe!

 

>@< Faça o download do CCleaner.

>@< Baixe-o para o Desktop!

>@< Abra o programa e clique em Executar cleaner.

>@< Terminando,clique em Erros >> Procurar erros >> Corrigir erros.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

Crie um Ponto de Restauração do Sistema,Limpo!

Clique com o botão direito do mouse em cima de Meu Computador >> Propriedades >> Restauração do Sistema >> Marque: Desativar Restauração do Sistema >> Aplicar >> Ok.

Depois,desmarque novamente! >> Aplicar >> Ok.

Para maiores detalhes,vá em:< Docs >

Olá à todos. Solicito ajuda para remover este tal de CID, que ocasiona a abertura não solicitada de páginas da Web em POP-UPs do IE. Já tentei remove-lo utilizando o SpyBot mas sem sucesso.

>@< Esse problema,ainda lhe ocorre?

>@< Bom trabalho!

>@< Log Limpo!

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

tonmcnight    0

tonmcnight
Postado

Olá amigos! Estou com o mesmo problema para resolver a chateação que os pop -ups do CID ocasionam,

Grato pela atenção, segue o LOG do HijackThis

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 18:57:49, on 20/9/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\AGRSMMSG.exe

C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe

C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

C:\Arquivos de programas\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe

C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\Software WIDCOMM\Bluetooth\BTTray.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Assistente Tecnico Speedy\bin\mpbtn.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\IncrediMail\bin\IncMail.exe

C:\ARQUIV~1\INCRED~1\bin\IMApp.exe

C:\Documents and Settings\Marcos\Desktop\Hijack This\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazetaesportiva.net/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fornecido por Ton Braconi

R3 - URLSearchHook: CUOLSearchHook Object - {1FE8243E-0A3A-41B9-B9CE-EFFEE51974D3} - C:\Arquivos de programas\Arquivos comuns\uol\urlsearch\UOLSearchHook.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: &iG - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - C:\ARQUIV~1\iGv6\igshop.dll (file missing)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar4.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\WINDOWS\Downloaded Program Files\gbieh.dll

O3 - Toolbar: &iG - {7EEF1E3D-FD97-4401-BCDB-5827F2D11709} - C:\ARQUIV~1\iGv6\igshop.dll (file missing)

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar4.dll

O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\GlobespanVirata\Adsl\dslagent.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [MSys32] "C:\Arquivos de programas\Tetris 3000\data\morfitwebentrance.exe"

O4 - HKLM\..\Run: [Motive SmartBridge] "C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe" /restart

O4 - HKLM\..\Run: [Lebeca2] C:\ARQUIV~1\LG\MESSEN~1\AutoUp.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Media Codec Update Service] C:\Arquivos de programas\Essentials Codec Pack\update.exe -silent

O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [bat Wave Base Dale] C:\Documents and Settings\All Users\Dados de aplicativos\Link Axis Bat Wave\Mapi Roam.exe

O4 - HKLM\..\Run: [ulead AutoDetector] C:\Arquivos de programas\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [PV92TRAY] PV92Tray.exe

O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [imgPaint] C:\WINDOWS\system32\ImgPaint.exe

O4 - HKLM\..\Run: [Discador iG] "C:\Arquivos de programas\iGv6\Discador iG.exe" boot

O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [NBJ] "C:\Arquivos de programas\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ANTE SCR] C:\DOCUME~1\Marcos\DADOSD~1\PLATFO~1\Byte one.exe

O4 - HKCU\..\Run: [updateMgr] "C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1

O4 - HKCU\..\Run: [K-Lite Nitro BETA] C:\Arquivos de programas\K-LiteNitro\K-LiteNitro.exe /hide

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Assistente Tecnico Speedy.lnk = C:\Arquivos de programas\Assistente Tecnico Speedy\bin\matcli.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\ARQUIV~1\INCRED~1\bin\resources\WebMenuImg.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Enviar para &Bluetooth - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie_ctx.htm

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Arquivos de programas\Software WIDCOMM\Bluetooth\btsendto_ie.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra button: Barra do iG - {FD1672E0-AE0D-465B-B345-F7B0944A121D} - C:\ARQUIV~1\iGv6\igshop.dll (file missing)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1181556692453

O16 - DPF: {C942A79B-01ED-47EE-9DAA-1EFAA70DAB8E} (VacPro.int_ver22b) - http://www.muiegaozsicur.com/ocx/intES_ver22b.CAB

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399F83} (GbPluginObj Class) - https://www14.bancobrasil.com.br/plugin/GbPluginBb.cab

O16 - DPF: {EB6D7E70-AAA9-40D9-BA05-F214089F2275} - http://www.clickteam.com/vitalize3/vitalize.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{AA97F836-94A0-43FB-99F9-A5A60BC90864}: NameServer = 200.204.0.10,200.204.0.138

O17 - HKLM\System\CCS\Services\Tcpip\..\{B9C21C9F-DD91-4CDB-9458-24FE04E2A857}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: SmartLinkService (SLService) - Unknown owner - slserv.exe (file missing)

O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Arquivos de programas\Windows Live\installer\WLSetupSvc.exe

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Bom Dia tonmcnight!

 

>@< Creio que voçê deveria ter criado,um Tópico próprio.

>@< Envie uma MP,ao Moderador Global José Garcia,para que ele nos dê permissão,para que o seu problema seja solucionado,por aqui mesmo.

>@< Fico no aguardo!

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

jgarcia    1

jgarcia
Postado

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto é preciso enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito