[Resolvido!]Hijackthis.exe não abre!

[Paulo Fernandes 0]

Estou com um problemão, vários programas foram afetados e não abrem, todos os anti-vírus inclusive, possivelmente por um crack malicioso... Executei o Kaspersky online, e ele detectou virus/trojans!

Como se não basta-se, o hijackthis.exe tb não abre...Vem uma mensagem que ele não é um aplicativo win32 válido.

Peço ajuda pra tentar resolver essa dor de cabeça, obrigado desde já!

 

Depois que executei o combofix, melhorou muito... consegui ativar os anti-vírus, e o hijackthis tb rodou, veja só:

Logfile of HijackThis v1.99.1

Scan saved at 22:47:15, on 17/2/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

G:\Avast\aswUpdSv.exe

G:\Avast\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe

D:\Nero 7\InCD\InCD.exe

D:\ARQUIV~1\DAP\DAP\DAP.EXE

C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe

G:\Avast\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

G:\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS\system32\spoolsv.exe

c:\Arquivos de programas\Webshots\webshots.scr

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

D:\Nero 7\InCD\InCDsrv.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\mqsvc.exe

G:\Avast\ashMaiSv.exe

G:\Avast\ashWebSv.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - G:\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [inCD] D:\Nero 7\InCD\InCD.exe

O4 - HKLM\..\Run: [DownloadAccelerator] D:\ARQUIV~1\DAP\DAP\DAP.EXE /STARTUP

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Windows Defender] "C:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [avast!] G:\Avast\ashDisp.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [ccleaner] "G:\CCleaner\CCleaner.exe" /AUTO

O4 - HKCU\..\Run: [spybotSD TeaTimer] G:\Spybot - Search & Destroy\TeaTimer.exe

O4 - Startup: Webshots.lnk = C:\Arquivos de programas\Webshots\launcher.exe

O4 - Startup: Shrink Pic.lnk = D:\Shrink Pic\shrink_pic.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Register Mask Pro 3.0.lnk = ?

O8 - Extra context menu item: &Download with &DAP - D:\ARQUIV~1\DAP\DAP\dapextie.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Download &all with DAP - D:\ARQUIV~1\DAP\DAP\dapextie2.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - D:\ARQUIV~1\DAP\DAP\DAP.EXE

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - G:\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab

O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{24DABF93-7FA9-414D-875F-F64D64449C11}: NameServer = 200.149.55.140 200.165.132.147

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - G:\Avast\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - G:\Avast\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - G:\Avast\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - G:\Avast\ashWebSv.exe" /service (file missing)

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Nero 7\InCD\InCDsrv.exe

O23 - Service: License Management Service ESD - Unknown owner - C:\Arquivos de programas\Arquivos comuns\element5 Shared\Service\Licence Manager ESD.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

 

 

********Após conseguir rodar o hijackthis, peguei um novo relatório do combofix:

 

ComboFix 08-02-18.1 - Fernando 2008-02-17 22:54:35.5 - FAT32x86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.1348 [GMT -3:00]

Executando de: C:\Documents and Settings\Fernando\Desktop\ComboFix.exe

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((( Ficheiros criados de 2008-01-18 to 2008-02-18 ))))))))))))))))))))))))))))))))

.

 

2008-02-17 22:26 . 2007-12-04 11:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe

2008-02-17 22:26 . 2007-12-04 10:54 95,608 --a------ C:\WINDOWS\system32\AVASTSS.scr

2008-02-17 22:26 . 2007-12-04 12:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys

2008-02-17 22:26 . 2007-12-04 12:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys

2008-02-17 22:26 . 2007-12-04 12:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys

2008-02-17 22:26 . 2007-12-04 12:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys

2008-02-17 22:26 . 2007-12-04 12:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys

2008-02-17 22:17 . 2008-02-17 22:17 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Configuraþ§es locais

2008-02-17 22:17 . 2008-02-17 22:17 <DIR> d-------- C:\Documents and Settings\NetworkService\Configuraþ§es locais

2008-02-17 22:17 . 2008-02-17 22:17 <DIR> d-------- C:\Documents and Settings\LocalService\Configuraþ§es locais

2008-02-17 22:17 . 2008-02-17 22:17 <DIR> d-------- C:\Documents and Settings\Fernando\Configuraþ§es locais

2008-02-17 22:05 . 2008-02-17 22:05 <DIR> d-------- C:\ComboFix[1]

2008-02-17 12:51 . 2008-02-17 12:51 <DIR> d--hs---- C:\FOUND.004

2008-02-17 09:22 . 2008-02-17 09:22 <DIR> d-------- C:\Arquivos de programas\Alien Skin

2008-02-17 09:06 . 2008-02-17 09:06 <DIR> d-------- C:\TEMP

2008-02-17 08:58 . 2008-02-17 09:03 287 --a------ C:\WINDOWS\PowerReg.dat

2008-02-06 21:54 . 2006-09-08 12:16 503,808 --a------ C:\WINDOWS\system32\AudioGenie2.ocx

2008-02-06 20:37 . 2008-02-06 20:11 691,545 --a------ C:\WINDOWS\unins000.exe

2008-02-06 20:37 . 2008-02-06 20:37 3,458 --a------ C:\WINDOWS\unins000.dat

2008-02-06 15:52 . 2006-11-10 19:41 1,030,144 --a------ C:\WINDOWS\system32\dbghelp-xfw.dll

2008-02-04 17:40 . 2008-02-04 17:40 <DIR> d-------- C:\Arquivos de programas\Picasa2

2008-02-04 17:40 . 2008-02-04 17:40 <DIR> d-------- C:\Arquivos de programas\Google

2008-02-04 17:40 . 2006-10-05 00:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys

2008-02-04 17:40 . 2006-10-05 00:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-02-17 13:20 11,963 ----a-w C:\Arquivos de programas\uninstal.log

2008-02-17 10:37 6,790 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys

2008-01-11 06:37 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll

2008-01-09 02:29 --------- d-----w C:\Documents and Settings\Fernando\Dados de aplicativos\Filter Forge

2007-12-19 23:54 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll

2007-12-18 10:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys

2007-12-18 10:51 179,584 ----a-w C:\WINDOWS\system32\dllcache\mrxdav.sys

2007-12-08 06:09 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll

2007-12-06 12:06 625,664 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe

2007-12-06 12:05 70,656 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe

2007-12-06 12:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe

2007-12-06 05:59 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll

2007-12-04 19:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll

2007-12-04 19:41 550,912 ----a-w C:\WINDOWS\system32\dllcache\oleaut32.dll

2007-04-20 22:55 81,920 ----a-w C:\Documents and Settings\Fernando\Dados de aplicativos\ezpinst.exe

2007-04-20 22:55 47,360 ----a-w C:\Documents and Settings\Fernando\Dados de aplicativos\pcouffin.sys

2006-11-15 21:23 10 ----a-w C:\Documents and Settings\All Users\Dados de aplicativos\mmrpplic.dat

2006-11-02 20:17 238,344 ----a-w C:\Documents and Settings\Fernando\Dados de aplicativos\GDIPFONTCACHEV1.DAT

2004-10-01 18:00 40,960 ----a-w C:\Arquivos de programas\Uninstall_CDS.exe

2005-04-30 01:13 56 --sh--r C:\WINDOWS\system32\1DE5F6BD43.sys

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & legítimas por defeito não são mostradas.

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:45 15360]

"ccleaner"="G:\CCleaner\CCleaner.exe" [2008-01-17 06:40 816368]

"SpybotSD TeaTimer"="G:\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 10:43 2097488]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MsmqIntCert"="regsvr32 /s mqrt.dll" []

"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 15:21 61952 C:\WINDOWS\system32\HdAShCut.exe]

"SoundMAXPnP"="C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe" [2005-05-19 22:11 925696]

"SoundMAX"="C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 15:35 716800]

"InCD"="D:\Nero 7\InCD\InCD.exe" [2006-07-25 15:55 1043968]

"DownloadAccelerator"="D:\ARQUIV~1\DAP\DAP\DAP.exe" [2006-10-28 11:37 1388544]

"ISUSPM Startup"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" [2005-08-11 16:30 249856]

"ISUSScheduler"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30 81920]

"QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2007-04-22 15:53 282624]

"Windows Defender"="C:\Arquivos de programas\Windows Defender\MSASCui.exe" [2006-11-03 19:20 866584]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

"avast!"="G:\Avast\ashDisp.exe" [2007-12-04 11:00 79224]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 03:45 15360]

 

C:\Documents and Settings\Fernando\Menu Iniciar\Programas\Inicializar\

Webshots.lnk - C:\Arquivos de programas\Webshots\launcher.exe [2006-09-02 20:34:15 45056]

 

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\

Microsoft Office.lnk - C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="LogonUI.EXE"

 

S2 BulkUsb;Genius ColorPage USB Scanner;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]

S3 ham50;Intel V92 HaM Data Fax Voice;C:\WINDOWS\system32\DRIVERS\IntelH51.sys [2001-08-03 13:50]

 

.

Conteúdo da pasta 'Tarefas Agendadas'

"2008-02-17 09:26:56 C:\WINDOWS\Tasks\MP Scheduled Scan.job"

- C:\Arquivos de programas\Windows Defender\MpCmdRun.exe

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-02-17 22:55:41

Windows 5.1.2600 Service Pack 2 FAT NTAPI

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros ocultos ...

 

Varredura completada com sucesso

Ficheiros ocultos: 0

 

**************************************************************************

.

Tempo para conclusão: 2008-02-17 22:56:03

ComboFix3.txt 2007-09-24 00:54:26

ComboFix-quarantined-files.txt 2008-02-18 01:56:02

ComboFix2.txt 2008-02-18 01:17:24

.

2008-02-15 09:21:01 --- E O F ---

[DigRam 144]

Bom Dia Paulo Fernandes!

 

>@< Faça o download do BlackLight.

>@< Baixe-o para o Disco Local-C!

>@< Estabeleça uma pasta própria para o programa ( FSBlackLight ).

>@< Ao roda-lo,feche todas as janelas e o navegador!

>@< Execute o programa,clicando no seu executável,e aceite o contrato de Licença.

>@< Na janela Step1 ( Scan for hidden itens ) >> Clique em Scan.

>@< Quando o scan terminar,aparecerá o botão Show all processes.

>@< O relatório ( Log ),estará na mesma pasta do executável.

_______________________

 

>@< Poste o conteúdo dêste Log ( fsbl xxxxx.log ),na sua resposta.Onde xxxxx são números!

 

Abraços!

[Paulo Fernandes 0]

Bom Dia Paulo Fernandes!

 

>@< Faça o download do BlackLight.

>@< Baixe-o para o Disco Local-C!

>@< Estabeleça uma pasta própria para o programa ( FSBlackLight ).

>@< Ao roda-lo,feche todas as janelas e o navegador!

>@< Execute o programa,clicando no seu executável,e aceite o contrato de Licença.

>@< Na janela Step1 ( Scan for hidden itens ) >> Clique em Scan.

>@< Quando o scan terminar,aparecerá o botão Show all processes.

>@< O relatório ( Log ),estará na mesma pasta do executável.

_______________________

 

>@< Poste o conteúdo dêste Log ( fsbl xxxxx.log ),na sua resposta.Onde xxxxx são números!

 

Abraços!

 

Oi! Muito obrigado! Depois que executei o Combofix, parece que tudo voltou ao normal... Aí vai o relatório do Blacklight:

 

02/18/08 22:43:42 [info]: BlackLight Engine 1.0.67 initialized

02/18/08 22:43:42 [info]: OS: 5.1 build 2600 (Service Pack 2)

02/18/08 22:43:42 [Note]: 7019 4

02/18/08 22:43:42 [Note]: 7005 0

02/18/08 22:43:47 [Note]: 7006 0

02/18/08 22:43:47 [Note]: 7011 1904

02/18/08 22:43:47 [Note]: 7026 0

02/18/08 22:43:47 [Note]: 7026 0

02/18/08 22:43:49 [Note]: FSRAW library version 1.7.1024

02/18/08 22:45:06 [Note]: 7007 0

[DigRam 144]

Boa Tarde Paulo Fernandes!

 

>@< Faça o download do UnHook.

>@< Baixe-o para o Desktop!

>@< Execute a ferramenta da Symantec ( UnHookExec.inf ).

______________________

 

>@< O Log está limpo! :thumbsup:

 

Abraços!

[Paulo Fernandes 0]

Boa Tarde Paulo Fernandes!

 

>@< Faça o download do UnHook.

>@< Baixe-o para o Desktop!

>@< Execute a ferramenta da Symantec ( UnHookExec.inf ).

______________________

 

>@< O Log está limpo! :thumbsup:

 

Abraços!

 

Obrigado mesmo, valeu por tudo!

Abraços!

[DigRam 144]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o Tópico seja reaberto é preciso enviar uma Mensagem Privada,para um Moderador,com um Link para o Tópico.