Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

mexicanox

[Resolvido!] Pastas nao abrem direito

Recommended Posts

salve salve pessoal!!!!!!!!!!!!!!!

 

é o sequinte quando eu abro algumas pastas acontece isso Explorer.exe encoutrou um problema e precisa ser fechado ai te la as opçoes de enviar relatorio e tals. porem é so em algumas, por exemplo, existe uma pasta chamada downloads e nela eu consigo mexer normalmente, agora se eu entrar na pasta minhas musicas da uns 5 segundos aparece aparece a bendita da mensagem ai a pasta fecha mo coisa chata. dei uma pesquisada na Net e uovi falar que é virus entao peço a ajudo de voces amigos

 

Obrigado

 

 

O Log do HiJackThis

__________________________________________________

 

 

Logfile of HijackThis v1.99.1

Scan saved at 15:22:04, on 25/3/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

C:\Arquivos de programas\FireFox Ultimate Optimizer\Firefox Ultimate Optimizer.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\Print Screen Replacement\PSR.exe

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe

C:\ARQUIV~1\AVG\AVG8\avgam.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\system32\wscntfy.exe

C:\arquiv~1\mozill~1\firefox.exe

C:\Arquivos de programas\BitTorrent\bittorrent.exe

C:\Arquivos de programas\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe

C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\EasyPHP 2.0b1\EasyPHP.exe

C:\ARQUIV~1\EASYPH~1.0B1\MySql\bin\mysqld.exe

C:\ARQUIV~1\EASYPH~1.0B1\Apache\bin\apache.exe

C:\ARQUIV~1\EASYPH~1.0B1\Apache\bin\apache.exe

C:\Arquivos de programas\HiJackThis\Hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://updates02.installshield.com/GetUpda...p;u=&l=1033

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: SecureBrowsingBho Helper - {7632ABCA-B104-4fbc-9C70-419C4147061B} - C:\Arquivos de programas\Finjan Secure Browsing\bho.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O3 - Toolbar: Finjan Secure Browsing - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - C:\Arquivos de programas\Finjan Secure Browsing\bho.dll

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll

O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [FirefoxUltimateOptimizer] "C:\Arquivos de programas\FireFox Ultimate Optimizer\Firefox Ultimate Optimizer.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - Startup: PSR.lnk = C:\Arquivos de programas\Print Screen Replacement\PSR.exe

O4 - Startup: Stardock ObjectDock.lnk = C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O17 - HKLM\System\CCS\Services\Tcpip\..\{37321196-12A4-423F-AB99-2302A6460B5B}: NameServer = 10.0.0.138

O17 - HKLM\System\CCS\Services\Tcpip\..\{37DE81C1-A385-4F1F-9134-E41F44263BD4}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

 

vlws!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! mexicanox

 

>@< Faça o download do ComboFix.

>@< Baixe-o para o Desktop!

>@< Desabilite as proteções residente de: antivírus,antispywares e Firewall.

>@< Feche todas as janelas e execute a ferramenta!

 

Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta e faça,novamente,o download.

Salve-a no Desktop,renomeada como: Kombo.exe

Ps: Nomeie durante o salvamento,e não após salvá-la!

>@< Abrirá a janela Auto Scan. Aguarde!

>@< Digite a opção para continuar e < Enter >

>@< Aguarde a conclusão! Durante o scan,evite tocar no mouse ou teclado!

 

>@< Poste o relatório: C:\ComboFix.txt,na sua resposta + Log do HJT,atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

opa!!!!!!!!!!

 

ta aki o log do hijackthis

 

 

Logfile of HijackThis v1.99.1

Scan saved at 17:40, on 2008-04-01

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe

C:\Arquivos de programas\Print Screen Replacement\PSR.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe

C:\ARQUIV~1\AVG\AVG8\avgam.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\AVG\AVG8\avgtray.exe

C:\arquiv~1\mozill~1\firefox.exe

C:\Arquivos de programas\HiJackThis\Hijackthis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://updates02.installshield.com/GetUpda...p;u=&l=1033

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: SecureBrowsingBho Helper - {7632ABCA-B104-4fbc-9C70-419C4147061B} - C:\Arquivos de programas\Finjan Secure Browsing\bho.dll

O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O3 - Toolbar: Finjan Secure Browsing - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - C:\Arquivos de programas\Finjan Secure Browsing\bho.dll

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll

O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [FirefoxUltimateOptimizer] "C:\Arquivos de programas\FireFox Ultimate Optimizer\Firefox Ultimate Optimizer.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - Startup: PSR.lnk = C:\Arquivos de programas\Print Screen Replacement\PSR.exe

O4 - Startup: Stardock ObjectDock.lnk = C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O17 - HKLM\System\CCS\Services\Tcpip\..\{37321196-12A4-423F-AB99-2302A6460B5B}: NameServer = 10.0.0.138

O17 - HKLM\System\CCS\Services\Tcpip\..\{37DE81C1-A385-4F1F-9134-E41F44263BD4}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

------------------------------------------------------------------------------------------------------------------------------------------------

 

 

 

 

e esse é o do combo fix

 

 

ComboFix 08-04-01.2 - Windows XP 2008-04-01 17:05:47.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.181 [GMT -3:00]

Executando de: C:\Documents and Settings\Windows XP\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

 

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Arquivos de programas\svchost.exe

 

.

((((((((((((((((((((((( Ficheiros criados de 2008-03-01 to 2008-04-01 ))))))))))))))))))))))))))))))))

.

 

2008-03-30 10:18 . 2006-11-07 09:42 97,056 -ra------ C:\WINDOWS\system32\drivers\w200mdm.sys

2008-03-30 10:18 . 2006-11-07 09:42 88,560 -ra------ C:\WINDOWS\system32\drivers\w200mgmt.sys

2008-03-30 10:18 . 2006-11-07 09:42 86,368 -ra------ C:\WINDOWS\system32\drivers\w200obex.sys

2008-03-30 10:18 . 2006-11-07 09:42 61,504 -ra------ C:\WINDOWS\system32\drivers\w200bus.sys

2008-03-30 10:18 . 2006-11-07 09:42 9,328 -ra------ C:\WINDOWS\system32\drivers\w200mdfl.sys

2008-03-30 10:18 . 2006-11-07 09:42 6,208 -ra------ C:\WINDOWS\system32\drivers\w200cmnt.sys

2008-03-30 10:18 . 2006-11-07 09:42 6,208 -ra------ C:\WINDOWS\system32\drivers\w200cm.sys

2008-03-30 10:18 . 2006-11-07 09:42 5,840 -ra------ C:\WINDOWS\system32\drivers\w200whnt.sys

2008-03-30 10:18 . 2006-11-07 09:42 5,840 -ra------ C:\WINDOWS\system32\drivers\w200wh.sys

2008-03-30 09:19 . 2008-03-30 09:19 <DIR> d-------- C:\Arquivos de programas\Disc2Phone

2008-03-30 08:51 . 2008-03-30 10:21 <DIR> d-------- C:\Documents and Settings\Windows XP\Dados de aplicativos\Teleca

2008-03-30 08:51 . 2008-03-30 08:51 <DIR> d-------- C:\Documents and Settings\Windows XP\Dados de aplicativos\Sony Ericsson

2008-03-30 08:44 . 2008-03-30 08:44 <DIR> d-------- C:\Documents and Settings\All Users\Documents

2008-03-30 08:43 . 2008-03-30 08:44 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Teleca

2008-03-30 08:43 . 2008-03-30 08:44 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Sony Ericsson

2008-03-30 08:43 . 2008-03-30 08:43 <DIR> d-------- C:\Arquivos de programas\Sony Ericsson

2008-03-30 08:43 . 2008-03-30 08:44 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Teleca Shared

2008-03-28 16:55 . 2008-03-28 16:55 <DIR> d-------- C:\Arquivos de programas\K-Lite Codec Pack

2008-03-27 16:03 . 2001-10-25 03:00 110,592 --a------ C:\WINDOWS\system32\tsccvid.dll

2008-03-25 22:57 . 2008-03-25 22:57 <DIR> d-------- C:\Arquivos de programas\Direct Audio Converter & CD Ripper

2008-03-25 15:40 . 2008-03-25 15:45 <DIR> d-------- C:\Documents and Settings\Windows XP\Dados de aplicativos\AutoPowerOn

2008-03-25 15:40 . 2008-03-25 15:40 <DIR> d-------- C:\Arquivos de programas\AutoPowerOn

2008-03-25 13:14 . 2008-03-25 13:14 <DIR> d-------- C:\Arquivos de programas\Gabest

2008-03-25 13:12 . 2005-11-22 15:16 <DIR> d-------- C:\Arquivos de programas\dvdSanta

2008-03-25 13:08 . 2008-03-25 16:03 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2008-03-24 16:06 . 2008-03-24 16:06 <DIR> d-------- C:\Arquivos de programas\vdownloader

2008-03-22 10:11 . 2008-03-31 22:06 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg

2008-03-22 10:11 . 2008-03-30 15:59 <DIR> d-------- C:\Documents and Settings\Windows XP\Dados de aplicativos\AVGTOOLBAR

2008-03-22 10:11 . 2008-03-22 10:11 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys

2008-03-22 10:11 . 2008-03-22 10:31 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys

2008-03-22 10:11 . 2008-03-22 10:11 12,424 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys

2008-03-22 10:11 . 2008-03-22 10:11 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll

2008-03-22 10:10 . 2008-03-22 10:10 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\avg8

2008-03-22 10:10 . 2008-03-22 10:10 <DIR> d-------- C:\Arquivos de programas\AVG

2008-03-18 15:01 . 2008-03-18 15:01 <DIR> d-------- C:\Arquivos de programas\DVD Decrypter

2008-03-17 08:39 . 2008-03-17 08:39 <DIR> d-------- C:\Documents and Settings\Windows XP\Dados de aplicativos\SmartFTP

2008-03-16 10:55 . 2008-03-16 10:55 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Sony

2008-03-13 09:03 . 2008-03-13 09:03 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Control Panels

2008-03-12 13:47 . 2008-03-12 13:47 151 --a------ C:\WINDOWS\PhotoSnapViewer.INI

2008-03-12 12:57 . 2008-03-12 14:11 <DIR> d-------- C:\Arquivos de programas\SmartFTP Client

2008-03-12 12:56 . 2008-03-12 12:56 <DIR> d-------- C:\Arquivos de programas\SmartFTP Client 2.5 Setup Files

2008-03-12 09:05 . 2008-03-12 09:05 <DIR> d-------- C:\Arquivos de programas\EasyPHP 2.0b1

2008-03-10 23:53 . 2008-03-10 23:53 230 --a------ C:\WINDOWS\system32\spupdsvc.inf

2008-03-09 09:38 . 2008-03-09 09:38 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_motccgpfl_01005.Wdf

2008-03-09 09:38 . 2008-03-09 09:38 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_motccgp_01005.Wdf

2008-03-09 09:33 . 2008-03-09 09:33 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2008-03-09 09:33 . 2008-03-09 09:33 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_motmodem_01005.Wdf

2008-03-09 09:13 . 2008-03-09 09:19 <DIR> d-------- C:\Arquivos de programas\Avanquest update

2008-03-09 08:57 . 2006-11-13 14:45 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll

2008-03-09 08:57 . 2007-02-27 14:31 21,504 --a------ C:\WINDOWS\system32\drivers\motmodem.sys

2008-03-09 08:57 . 2007-02-27 14:31 17,792 --a------ C:\WINDOWS\system32\drivers\motccgp.sys

2008-03-09 08:57 . 2007-01-23 19:03 7,680 --a------ C:\WINDOWS\system32\drivers\motccgpfl.sys

2008-03-09 08:57 . 2006-12-06 17:33 6,400 --a------ C:\WINDOWS\system32\drivers\motswch.sys

2008-03-09 08:56 . 2008-03-09 08:56 <DIR> d-------- C:\Documents and Settings\Windows XP\Dados de aplicativos\InstallShield

2008-03-09 08:56 . 2008-03-09 09:34 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\BVRP Software

2008-03-09 08:56 . 2008-03-09 09:31 <DIR> d-------- C:\Arquivos de programas\Motorola Phone Tools

2008-03-07 23:37 . 2008-03-07 23:37 <DIR> d-------- C:\Documents and Settings\Windows XP\Dados de aplicativos\Media Player Classic

2008-03-06 23:31 . 2008-03-06 23:31 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Apple

2008-03-06 17:03 . 2008-03-06 17:34 <DIR> d-------- C:\Arquivos de programas\Tomb Raider - Anniversary

2008-03-06 10:16 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys

2008-03-06 10:16 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys

2008-03-06 10:16 . 2004-08-03 23:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys

2008-03-06 10:16 . 2004-08-03 23:08 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys

2008-03-06 10:13 . 2008-03-06 10:21 24,192 --a------ C:\Documents and Settings\Windows XP\usbsermptxp.sys

2008-03-06 10:13 . 2008-03-06 10:21 22,768 --a------ C:\Documents and Settings\Windows XP\usbsermpt.sys

2008-03-05 22:42 . 2008-03-05 22:56 <DIR> d-------- C:\Arquivos de programas\Gens+ 320 Rooms

2008-03-05 14:12 . 2008-03-16 10:55 <DIR> d-------- C:\Arquivos de programas\Sony

2008-03-05 14:08 . 2008-03-16 10:53 <DIR> d-------- C:\Arquivos de programas\Sony Setup

2008-03-05 12:31 . 2008-03-05 12:31 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Stardock

2008-03-05 10:57 . 2008-03-05 10:57 <DIR> d-------- C:\Documents and Settings\Windows XP\.DownloadManager

2008-03-05 01:14 . 2008-03-05 01:14 <DIR> d-------- C:\Arquivos de programas\CCleaner

2008-03-05 00:57 . 2008-03-05 00:57 <DIR> d-------- C:\Documents and Settings\Windows XP\Dados de aplicativos\Apple Computer

2008-03-05 00:54 . 2008-03-05 00:54 <DIR> d-------- C:\Arquivos de programas\QuickTime

2008-03-05 00:53 . 2008-03-05 00:53 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Apple

2008-03-05 00:53 . 2008-03-05 00:53 <DIR> d-------- C:\Arquivos de programas\Apple Software Update

2008-03-05 00:49 . 2008-03-05 00:49 <DIR> d-------- C:\Arquivos de programas\WinAVI MP4 Converter

2008-03-05 00:03 . 2008-03-24 16:59 179 --a------ C:\WINDOWS\usdthank.ini

2008-03-05 00:03 . 2008-03-05 00:03 31 --a------ C:\WINDOWS\idc.ini

2008-03-04 23:53 . 2008-03-04 23:53 <DIR> d-------- C:\Arquivos de programas\SK's

2008-03-04 23:33 . 2008-03-04 23:33 <DIR> d-------- C:\Arquivos de programas\FireFox Ultimate Optimizer

2008-03-04 11:58 . 2008-03-04 11:58 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Motorola Shared

2008-03-04 11:58 . 2006-12-14 00:39 40,832 --a------ C:\WINDOWS\system32\drivers\motodrv.sys

2008-03-04 11:58 . 2006-07-28 07:10 6,144 --a------ C:\WINDOWS\system32\mot_ci.dll

2008-03-03 23:21 . 2008-03-03 23:45 <DIR> d-------- C:\Documents and Settings\Windows XP\.jSMS

2008-03-03 18:23 . 2008-03-03 18:23 <DIR> d-------- C:\Documents and Settings\Windows XP\dwhelper

2008-03-03 16:46 . 2008-03-03 16:46 <DIR> d-------- C:\WINDOWS\Sun

2008-03-03 15:17 . 2008-03-03 15:17 <DIR> d-------- C:\Documents and Settings\Windows XP\Dados de aplicativos\AEVITA

2008-03-02 16:18 . 2008-03-02 16:18 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy

2008-03-02 15:01 . 2008-03-02 15:09 143 --------- C:\WINDOWS\WB.ini

2008-03-02 14:52 . 2008-03-03 15:17 <DIR> d-------- C:\Arquivos de programas\AEVITA Wipe & Delete

2008-03-02 14:42 . 2008-03-05 12:31 <DIR> d-------- C:\Arquivos de programas\Stardock

2008-03-02 14:42 . 2003-02-26 20:27 36,864 --------- C:\WINDOWS\system32\wbsys.dll

2008-03-02 14:42 . 2005-01-22 18:05 20,480 --a------ C:\WINDOWS\system32\wbload.dll

2008-03-02 10:21 . 2008-04-01 00:35 <DIR> d-------- C:\Arquivos de programas\FlashGet

2008-03-02 10:16 . 2008-03-02 10:16 <DIR> d-------- C:\Arquivos de programas\PowerISO

2008-03-02 01:22 . 2008-03-22 23:00 <DIR> d-------- C:\Documents and Settings\Windows XP\Contacts

2008-03-02 00:37 . 2005-11-22 16:43 <DIR> d-------- C:\Arquivos de programas\eMule

2008-03-02 00:06 . 2004-08-03 22:31 36,224 --a------ C:\WINDOWS\system32\drivers\an983.sys

2008-03-02 00:06 . 2004-08-03 22:31 36,224 --a--c--- C:\WINDOWS\system32\dllcache\an983.sys

2008-03-01 10:47 . 2008-03-01 10:47 <DIR> d-------- C:\Arquivos de programas\Ubisoft

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-28 19:49 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\DVD Shrink

2008-03-28 19:49 --------- d-----w C:\Arquivos de programas\DVD Shrink

2008-03-25 16:08 --------- d-----w C:\Arquivos de programas\Spybot - Search & Destroy

2008-03-15 15:38 --------- d-----w C:\Arquivos de programas\Aulete digital

2008-03-13 12:03 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe

2008-03-09 12:13 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information

2008-03-07 02:33 --------- d-----w C:\Arquivos de programas\iTunes

2008-03-07 02:31 --------- d-----w C:\Arquivos de programas\Bonjour

2008-03-06 14:59 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Apple Computer

2008-03-06 13:12 --------- d-----w C:\Arquivos de programas\Motorola

2008-03-05 02:52 --------- d-----w C:\Arquivos de programas\BitTorrent

2008-03-04 23:21 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\Ahead

2008-03-02 03:05 --------- d-----w C:\Arquivos de programas\Google

2008-02-29 15:47 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\Corel

2008-02-29 15:30 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield

2008-02-29 15:30 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Corel

2008-02-29 15:29 --------- d-----w C:\Arquivos de programas\Corel

2008-02-26 19:05 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\FLEXnet

2008-02-26 16:15 --------- d-----w C:\Arquivos de programas\Tomb Raider - Legend

2008-02-26 15:57 --------- d-----w C:\Arquivos de programas\Microsoft Games

2008-02-26 13:28 --------- d-----w C:\Arquivos de programas\Mobile Action

2008-02-26 13:12 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\QuickTime

2008-02-26 12:42 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll

2008-02-26 12:42 --------- d--h--r C:\Documents and Settings\Windows XP\Dados de aplicativos\SecuROM

2008-02-25 16:02 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\fltk.org

2008-02-25 15:33 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\Styler

2008-02-25 15:33 --------- d-----w C:\Arquivos de programas\Styler

2008-02-25 13:53 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\Publish Providers

2008-02-25 13:52 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\Sony

2008-02-25 13:43 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\Talkback

2008-02-25 13:33 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\Hamachi

2008-02-25 13:13 --------- d-----w C:\Arquivos de programas\P2KTools

2008-02-25 12:49 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Macrovision Shared

2008-02-25 02:24 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\BitTorrent DNA

2008-02-25 02:07 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\Motive

2008-02-25 02:07 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Motive

2008-02-24 20:58 --------- d-----w C:\Arquivos de programas\VIA

2008-02-24 17:56 --------- d-----w C:\Arquivos de programas\C-Media 3D Audio

2008-02-17 20:15 --------- d-----w C:\Arquivos de programas\Womble Multimedia

2008-02-17 20:15 --------- d-----w C:\Arquivos de programas\Windows Media Components

2008-02-17 20:15 --------- d-----w C:\Arquivos de programas\Windows Media Bonus Pack for Windows XP

2008-02-17 20:15 --------- d-----w C:\Arquivos de programas\Windows Live Toolbar

2008-02-17 20:15 --------- d-----w C:\Arquivos de programas\Windows Live Favorites

2008-02-17 20:14 --------- d-----w C:\Arquivos de programas\Windows Live

2008-02-17 20:14 --------- d-----w C:\Arquivos de programas\WIBUKEY

2008-02-17 20:14 --------- d-----w C:\Arquivos de programas\WIBU-SYSTEMS

2008-02-17 20:10 --------- d-----w C:\Arquivos de programas\Vstplugins

2008-02-17 20:10 --------- d-----w C:\Arquivos de programas\Vobedit06

2008-02-17 20:09 --------- d-----w C:\Arquivos de programas\TypeFaster

2008-02-17 20:06 --------- d-----w C:\Arquivos de programas\Telefonica

2008-02-17 19:56 --------- d-----w C:\Arquivos de programas\ScreenVCR

2008-02-17 19:56 --------- d-----w C:\Arquivos de programas\rapget140

2008-02-17 19:56 --------- d-----w C:\Arquivos de programas\RamBooster 2.0

2008-02-17 19:55 --------- d-----w C:\Arquivos de programas\Print Screen Replacement

2008-02-17 19:55 --------- d-----w C:\Arquivos de programas\Pegasys Inc

2008-02-17 19:55 --------- d-----w C:\Arquivos de programas\onlinepixel24 Toolbar

2008-02-17 19:50 --------- d-----w C:\Arquivos de programas\NCH Swift Sound

2008-02-17 19:49 --------- d-----w C:\Arquivos de programas\Mu dare devils

2008-02-17 19:47 --------- d-----w C:\Arquivos de programas\MP3 Player Utilities 4.00

2008-02-17 19:45 --------- d-----w C:\Arquivos de programas\Microsoft SQL Server

2008-02-17 19:33 --------- d-----w C:\Arquivos de programas\Messenger Plus! Live

2008-02-17 19:33 --------- d-----w C:\Arquivos de programas\LGGSM

2008-02-17 19:32 --------- d-----w C:\Arquivos de programas\LG Electronics

2008-02-17 19:32 --------- d-----w C:\Arquivos de programas\LClock

2008-02-17 19:32 --------- d-----w C:\Arquivos de programas\Lavalys

2008-02-17 19:32 --------- d-----w C:\Arquivos de programas\Kostolomac.TK

2008-02-17 19:32 --------- d-----w C:\Arquivos de programas\KnockOut 2

2008-02-17 19:29 --------- d-----w C:\Arquivos de programas\iPod

2008-02-17 19:29 --------- d-----w C:\Arquivos de programas\hjsplit

2008-02-17 19:29 --------- d-----w C:\Arquivos de programas\Hamachi

2008-02-17 19:29 --------- d-----w C:\Arquivos de programas\GXTranscoder.net AWE

2008-02-17 19:28 --------- d-----w C:\Arquivos de programas\GTA

2008-02-17 19:25 --------- d-----w C:\Arquivos de programas\FlashBackup 2.62

2008-02-17 19:25 --------- d-----w C:\Arquivos de programas\epsxe 1.6.0 full (lildudeuk)

2008-02-17 19:23 --------- d-----w C:\Arquivos de programas\Desliga Aí!

2008-02-17 19:23 --------- d-----w C:\Arquivos de programas\CyberLink

2008-02-17 19:23 --------- d-----w C:\Arquivos de programas\Counter Strike USB

2008-02-17 19:19 --------- d-----w C:\Arquivos de programas\BitTorrent_DNA

2008-02-17 19:19 --------- d-----w C:\Arquivos de programas\Audacity

2008-02-17 19:02 --------- d-----w C:\Arquivos de programas\Ahead

2008-02-17 19:02 --------- d-----w C:\Arquivos de programas\AGEIA Technologies

2008-02-17 18:55 --------- d-----w C:\Arquivos de programas\Microsoft Office 2003

2008-02-17 18:54 --------- d-----w C:\Arquivos de programas\Microsoft Works

2008-02-17 18:52 --------- d-----w C:\Arquivos de programas\Microsoft.NET

2008-02-17 18:40 --------- d-----w C:\Arquivos de programas\Acala 3GP Movies Free conversor de videos para o cel

2008-02-17 18:38 --------- d-----w C:\Arquivos de programas\Windows Resource Kits

2008-02-05 16:49 --------- d-----w C:\Arquivos de programas\MSXML 6.0

2008-02-05 15:34 --------- d-----w C:\Arquivos de programas\MSBuild

2008-02-05 15:29 --------- d-----w C:\Arquivos de programas\Reference Assemblies

2008-02-05 15:27 --------- d-----w C:\Arquivos de programas\Windows Media Connect 2

2008-02-05 15:19 --------- d-----w C:\Arquivos de programas\CONEXANT

2008-02-05 03:51 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Ahead

2008-02-05 03:47 --------- d-----w C:\Arquivos de programas\Nero

2008-02-05 02:59 --------- d-----w C:\Arquivos de programas\MSN Messenger

2008-02-05 02:56 --------- d-----w C:\Arquivos de programas\Java

2008-02-05 02:55 155,995 ----a-w C:\WINDOWS\java\Packages\Z9Z5BNZR.ZIP

2008-02-05 02:55 --------- d-----w C:\Arquivos de programas\Finjan Secure Browsing

2008-02-05 02:52 --------- d-----w C:\Arquivos de programas\JAM Software

2008-02-05 02:51 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Java

2008-02-05 02:48 --------- d-----w C:\Documents and Settings\Windows XP\Dados de aplicativos\Lavasoft

2007-05-22 22:14 8,784 ----a-w C:\Arquivos de programas\mozilla firefox\plugins\ractrlkeyhook.dll

2007-05-22 22:17 245,408 ----a-w C:\Arquivos de programas\mozilla firefox\plugins\unicows.dll

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & legítimas por defeito não são mostradas.

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]

2008-03-29 11:17 2051328 --a------ C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{A057A204-BACC-4D26-9990-79A187E2698E}"= "C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL" [2008-03-29 11:17 2051328]

 

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}]

[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL [2008-03-29 11:17 2051328]

 

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}]

[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]

"Cmaudio"="cmicnfg.cpl" []

"FirefoxUltimateOptimizer"="C:\Arquivos de programas\FireFox Ultimate Optimizer\Firefox Ultimate Optimizer.exe" [2007-11-08 19:12 114688]

"AVG8_TRAY"="C:\ARQUIV~1\AVG\AVG8\avgtray.exe" [2008-03-29 11:17 1177368]

 

C:\Documents and Settings\Windows XP\Menu Iniciar\Programas\Inicializar\

PSR.lnk - C:\Arquivos de programas\Print Screen Replacement\PSR.exe [2007-04-09 10:04:05 323072]

Stardock ObjectDock.lnk - C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe [2008-03-05 12:31:28 3450608]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

--a------ 2007-05-11 02:06 40048 C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

--a------ 2006-10-09 11:28 139264 C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]

--a------ 2007-11-15 14:49 286016 C:\Arquivos de programas\BitTorrent_DNA\dna.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]

--a------ 2007-09-25 05:10 2007088 C:\Arquivos de programas\FlashGet\flashget.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

--a------ 2008-02-19 13:10 267048 C:\Arquivos de programas\iTunes\iTunesHelper.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

--a------ 2007-01-19 11:54 5674352 C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

--a------ 2006-01-12 16:40 155648 C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

--a------ 2008-01-20 04:05 217088 C:\Arquivos de programas\PowerISO\PWRISOVM.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

--a------ 2008-01-31 23:13 385024 C:\Arquivos de programas\QuickTime\QTTask.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ServicioSpeedy]

--a------ 2004-11-15 12:32 45056 C:\Arquivos de programas\Telefonica\Speedy\SATCfgApp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

-ra------ 2005-10-26 16:17 159744 C:\Arquivos de programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

--a------ 2007-08-31 16:46 1460560 C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTimer]

--a------ 2005-03-08 03:33 53248 C:\WINDOWS\system32\VTTimer.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTTrayp]

--a------ 2005-03-11 17:33 147456 C:\WINDOWS\system32\VTTrayp.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe"=

"C:\\Arquivos de programas\\MSN Messenger\\livecall.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"C:\\Arquivos de programas\\BitTorrent_DNA\\dna.exe"=

"C:\\Arquivos de programas\\BitTorrent\\bittorrent.exe"=

"C:\\Arquivos de programas\\FlashGet\\flashget.exe"=

"C:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"=

"C:\\Arquivos de programas\\iTunes\\iTunes.exe"=

"C:\\Arquivos de programas\\SmartFTP Client\\SmartFTP.exe"=

"C:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"=

"C:\\Arquivos de programas\\AVG\\AVG8\\avgnsx.exe"=

"C:\\Arquivos de programas\\eMule\\emule.exe"=

"C:\\Arquivos de programas\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=

 

R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-03-22 10:11]

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-03-22 10:11]

R2 avg8wd;AVG8 WatchDog;C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe [2008-03-22 10:10]

R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-03-22 10:31]

R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\AN983.sys [2004-08-03 22:31]

S3 motccgp;Motorola USB Composite Device Driver;C:\WINDOWS\system32\DRIVERS\motccgp.sys [2007-02-27 14:31]

S3 motccgpfl;MotCcgpFlService;C:\WINDOWS\system32\DRIVERS\motccgpfl.sys [2007-01-23 19:03]

S3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sys [2006-12-14 00:39]

S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 09:42]

S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 09:42]

S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 09:42]

S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 09:42]

S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 09:42]

 

.

Conteúdo da pasta 'Tarefas Agendadas'

"2008-03-19 12:20:08 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

 

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-01 17:09:42

Windows 5.1.2600 Service Pack 2 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros ocultos ...

 

Varredura completada com sucesso

Ficheiros ocultos: 0

 

**************************************************************************

.

Tempo para conclusão: 2008-04-01 17:11:09

ComboFix-quarantined-files.txt 2008-04-01 20:11:00

Pre-Run: 28,498,882,560 bytes disponíveis

Post-Run: 28,486,336,512 bytes disponíveis

.

2008-02-05 17:12:51 --- E O F ---

----------------------------------------------------------------------------------------------------------------------------

 

te mais

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! mexicanox

 

>@< Faça um escaneamento OnLine,pelo Panda.

>@< Em,Arquivar e analisar,preencha o campo: País/Distrito/Região/E-Mail válido.

>@< Digite o seu E-Mail.

>@< Marque o botão:Não desejo receber informações...

>@< Clique em: Pesquise agora,sem custos.Aguarde!

>@< Permita a instalação do ActiveX.

 

<!> Leia o Tutorial: < Link >

 

>@< No aviso,clique em Instalar.

>@< Aguarde a finalização,da contagem regressiva!

>@< Terminando e,em: Selecione um dispositivo para analisar...

>@< Escolha: O Meu Computador.

>@< Aguarde!Pois vai demorar um pouco para concluir o scan.

>@< Terminando,copie o relatório e poste,na sua resposta.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

entao!!!!! eu enho mesmo quqe faze isso??? é por que fico quase 5 horas fazendo o escan e sochego no 45% e de quebra meu irmao fez sei la o que, que cancelou o scan ai eu fiquei meio desanimado de começar de novo. ai se tive um outro jeito eu agradeço flws!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites
entao!!!!! eu enho mesmo quqe faze isso??? é por que fico quase 5 horas fazendo o escan e sochego no 45% e de quebra meu irmao fez sei la o que, que cancelou o scan ai eu fiquei meio desanimado de começar de novo. ai se tive um outro jeito eu agradeço flws!!!

__________________

 

Opa! mexicanox

Boa Noite!

 

>@< Faça a verificação pelo Panda,durante a madrugada e,ao levantar,ela estará concluída.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

opa!!!!!! finalmente consegui

 

 

aki o log do Panda

 

 

;*******************************************************************************

*********************************************************************************

*******************

ANALYSIS: 2008-04-13 07:37:02

PROTECTIONS: 1

MALWARE: 3

SUSPECTS: 1

;*******************************************************************************

*********************************************************************************

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

=================================================================================

===================

AVG Anti-Virus 8.0 Yes Yes

;===============================================================================

=================================================================================

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

=================================================================================

===================

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Windows XP\Cookies\windows_xp@atdmt[1].txt

01080620 Generic Trojan Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP29\A0007842.exe

01185375 Application/Psexec.A HackTools No 0 Yes No C:\WINDOWS\PSEXESVC.EXE

;===============================================================================

=================================================================================

===================

SUSPECTS

Sent Location

;===============================================================================

=================================================================================

===================

No C:\ARQUIVOS DE PROGRAMAS\FIREFOX ULTIMATE OPTIMIZER\FIREFOX ULTIMATE OPTIMIZER.EXE

;===============================================================================

=================================================================================

===================

VULNERABILITIES

Id Severity Description

;===============================================================================

=================================================================================

===================

182048 HIGH MS07-069

176382 HIGH MS07-057

170911 HIGH MS07-050

170906 HIGH MS07-045

164913 HIGH MS07-033

160623 HIGH MS07-027

150253 HIGH MS07-016

145501 HIGH MS07-004

133387 MEDIUM MS06-065

;===============================================================================

=================================================================================

===================

________________________________________________________________________________

_________________

 

 

 

 

 

 

e aki o log do HiJackThis

 

 

Logfile of HijackThis v1.99.1

Scan saved at 10:41, on 2008-04-13

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe

C:\ARQUIV~1\AVG\AVG8\avgam.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\Arquivos de programas\FireFox Ultimate Optimizer\Firefox Ultimate Optimizer.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Print Screen Replacement\PSR.exe

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Windows Media Player\wmplayer.exe

C:\Arquivos de programas\HiJackThis\Hijackthis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://updates02.installshield.com/GetUpda...p;u=&l=1033

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: SecureBrowsingBho Helper - {7632ABCA-B104-4fbc-9C70-419C4147061B} - C:\Arquivos de programas\Finjan Secure Browsing\bho.dll

O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O3 - Toolbar: Finjan Secure Browsing - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - C:\Arquivos de programas\Finjan Secure Browsing\bho.dll

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll

O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [FirefoxUltimateOptimizer] "C:\Arquivos de programas\FireFox Ultimate Optimizer\Firefox Ultimate Optimizer.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: PSR.lnk = C:\Arquivos de programas\Print Screen Replacement\PSR.exe

O4 - Startup: Stardock ObjectDock.lnk = C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O17 - HKLM\System\CCS\Services\Tcpip\..\{37321196-12A4-423F-AB99-2302A6460B5B}: NameServer = 10.0.0.138

O17 - HKLM\System\CCS\Services\Tcpip\..\{37DE81C1-A385-4F1F-9134-E41F44263BD4}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll,wbsys.dll

O20 - Winlogon Notify: WBSrv - C:\Arquivos de programas\Stardock\Object Desktop\WindowBlinds\wbsrv.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

 

flws!!!!!!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! mexicanox

 

>@< Desinstale: < Finjan Secure Browsing >

-----------------------------

>@< Faça um escaneamento de desinfecção em < BitDefender > e poste o relatório.

>@< Abrirá a página: < BitDefender OnLine Scanner >

 

>@< Clique em: < agree2.gif >

 

>@< Aguarde!Permita a instalação do ActiveX,para que possa ocorrer o scan.

 

<!> Leia o Tutorial: < Link >

 

>@< Poste,então: Relatório do BitDefender + Log do HijackThis,atualizado.

>@< Ps: O relatório do BitDefender,estará em: C:\Windows\BDOSCAN8\bdoscan.log

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Opa aki o log do BitDefender.

 

Scan report generated at: Mon, Apr 14, 2008 - 15:53:21

Scan path: A:\;C:\;D:\;

Statistics

Time 02:38:29

Files 477990

Folders 12347

Boot Sectors 2

Archives 3814

Packed Files 47383

 

Results:

 

Identified Viruses 4

Infected Files 7

Suspect Files 0

Warnings 0

Disinfected 0

Deleted Files 7

 

Engines Info

Virus Definitions 1142501

Engine build AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

 

Scan plugins 16

Archive plugins 41

Unpack plugins 7

E-mail plugins 6

System plugins 5

 

Scan Settings

 

First Action Disinfect

Second Action Delete

Heuristics Yes

Enable Warnings Yes

Scanned Extensions *;

Exclude Extensions

Scan Emails Yes

Scan Archives Yes

Scan Packed Yes

Scan Files Yes

Scan Boot Yes

 

Scanned File

Status

 

C:\Documents and Settings\Windows XP\Meus documentos\DOWNLOADS\Programas\dvdSanta v4.00 - Full Version, no crack needed.zip=>dvdSanta v4.00.exe

Infected with: Trojan.Generic.60262

C:\Documents and Settings\Windows XP\Meus documentos\DOWNLOADS\Programas\dvdSanta v4.00 - Full Version, no crack needed.zip=>dvdSanta v4.00.exe

Deleted

C:\Documents and Settings\Windows XP\Meus documentos\DOWNLOADS\Programas\dvdSanta v4.00 - Full Version, no crack needed.zip

Updated

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP29\A0007842.exe

Infected with: Trojan.Patch.F

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP29\A0007842.exe

Deleted

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP48\A0013843.exe

Infected with: Trojan.Generic.60262

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP48\A0013843.exe

Deleted

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP6\A0000612.exe

Infected with: Packer.PESpin.A

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP6\A0000612.exe

Disinfection failed

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP6\A0000612.exe

Deleted

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP64\A0019989.dll

Infected with: Trojan.Patched.BD

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP64\A0019989.dll

Disinfection failed

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP64\A0019989.dll

Deleted

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP64\A0019990.dll

Infected with: Trojan.Patched.BD

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP64\A0019990.dll

Disinfection failed

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP64\A0019990.dll

Deleted

C:\WINDOWS\system32\sens.dll.tmp

Infected with: Trojan.Patched.BD

C:\WINDOWS\system32\sens.dll.tmp

Disinfection failed

C:\WINDOWS\system32\sens.dll.tmp

Deleted

---------------------

e aki o log do HJT

 

Logfile of HijackThis v1.99.1

Scan saved at 16:23, on 2008-04-14

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe

C:\ARQUIV~1\AVG\AVG8\avgam.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Print Screen Replacement\PSR.exe

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\Arquivos de programas\BitTorrent\bittorrent.exe

C:\Arquivos de programas\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe

C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\EasyPHP 2.0b1\EasyPHP.exe

C:\ARQUIV~1\EASYPH~1.0B1\Apache\bin\apache.exe

C:\ARQUIV~1\EASYPH~1.0B1\MySql\bin\mysqld.exe

C:\ARQUIV~1\EASYPH~1.0B1\Apache\bin\apache.exe

C:\Arquivos de programas\POP Peeper\POPPeeper.exe

C:\Arquivos de programas\HiJackThis\Hijackthis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://updates02.installshield.com/GetUpda...p;u=&l=1033

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O3 - Toolbar: (no name) - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - (no file)

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll

O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: PSR.lnk = C:\Arquivos de programas\Print Screen Replacement\PSR.exe

O4 - Startup: Stardock ObjectDock.lnk = C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{37321196-12A4-423F-AB99-2302A6460B5B}: NameServer = 10.0.0.138

O17 - HKLM\System\CCS\Services\Tcpip\..\{37DE81C1-A385-4F1F-9134-E41F44263BD4}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll,wbsys.dll

O20 - Winlogon Notify: WBSrv - C:\Arquivos de programas\Stardock\Object Desktop\WindowBlinds\wbsrv.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

 

flw!!!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Noite! mexicanox

 

>@< Faça um scan on line em: < Kaspersky >

 

<!> Acesse o site, clique em: < kasperdx9.jpg >

 

>@< Na próxima página,clique em: I Accept

>@< Isto,para que se instale o controle activeX e,em seguida,atualize o banco de dados.

>@< Na próxima página,clique em: My Computer e faça o scan.

>@< Tenha paciência! Aguarde a atualização da base de dados,e o próprio exame que é demorado.

>@< Terminando,salve e poste o relatório + HJT,atualizado.

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

salve salve aki log do Kapersky

 

KASPERSKY ONLINE SCANNER REPORT

Wednesday, April 16, 2008 5:16:29 PM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 16/04/2008

Kaspersky Anti-Virus database records: 710309

Scan Settings

Scan using the following antivirus database extended

Scan Archives true

Scan Mail Bases true

Scan Target My Computer

A:\

C:\

D:\

Scan Statistics

Total number of scanned objects 164621

Number of viruses found 3

Number of infected objects 3

Number of suspicious objects 0

Duration of the scan process 04:27:13

 

Infected Object Name Virus Name Last Action

C:\Arquivos de programas\FireFox Ultimate Optimizer\Firefox Ultimate Optimizer.exe Infected: not-a-virus:AdWare.Win32.FireOptimizer.c skipped

C:\Arquivos de programas\RealVNC\VNC4\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4110 skipped

C:\Arquivos de programas\RealVNC\VNC4\wm_hooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 skipped

C:\Documents and Settings\All Users\Dados de aplicativos\avg8\AvgAm\avgam.lck Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\avg8\Log\avgam.log Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\avg8\Log\avgcore.log Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\avg8\Log\avgns.log Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\avg8\Log\avgrs.log Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\avg8\Log\avgsched.log Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\avg8\Log\avgui.log Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\avg8\Log\avgwd.log Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\Windows XP\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Windows XP\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Windows XP\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Windows XP\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Windows XP\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Windows XP\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Windows XP\NTUSER.DAT.LOG Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{7A4C9A17-8833-4301-9D71-CD9A30373E4A}\RP66\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

-----------------------------

e aki log do HJT

 

Logfile of HijackThis v1.99.1

Scan saved at 17:26, on 2008-04-16

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe

C:\ARQUIV~1\AVG\AVG8\avgam.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Print Screen Replacement\PSR.exe

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\Arquivos de programas\BitTorrent\bittorrent.exe

C:\Arquivos de programas\POP Peeper\POPPeeper.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\EasyPHP 2.0b1\EasyPHP.exe

C:\ARQUIV~1\EASYPH~1.0B1\Apache\bin\apache.exe

C:\ARQUIV~1\EASYPH~1.0B1\MySql\bin\mysqld.exe

C:\ARQUIV~1\EASYPH~1.0B1\Apache\bin\apache.exe

C:\Arquivos de programas\HiJackThis\Hijackthis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://updates02.installshield.com/GetUpda...p;u=&l=1033

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Arquivos de programas\FlashGet\jccatch.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Arquivos de programas\FlashGet\getflash.dll

O3 - Toolbar: (no name) - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - (no file)

O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dll

O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: PSR.lnk = C:\Arquivos de programas\Print Screen Replacement\PSR.exe

O4 - Startup: Stardock ObjectDock.lnk = C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

O8 - Extra context menu item: &Descarregar tudo com o FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm

O8 - Extra context menu item: &Descarregar utilizando o FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Arquivos de programas\FlashGet\FlashGet.exe

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{37321196-12A4-423F-AB99-2302A6460B5B}: NameServer = 10.0.0.138

O17 - HKLM\System\CCS\Services\Tcpip\..\{37DE81C1-A385-4F1F-9134-E41F44263BD4}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll,wbsys.dll

O20 - Winlogon Notify: WBSrv - C:\Arquivos de programas\Stardock\Object Desktop\WindowBlinds\wbsrv.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Arquivos de programas\RealVNC\VNC4\WinVNC4.exe" -service (file missing)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! mexicanox

 

>@< O log está limpo!

----------------------------

>@< Caso o erro continue,tente uma correção de pastas e arquivos,com o comando SFC SCANNOW.

----------------------------

>@< Se voçê possui o CD-ROM,de instalação do Windows XP,tente fazer a restauração de arquivos pelo comando SFC.

----------------------------

>@< Vá em Iniciar >> Executar >> Digite ou cole: sfc /scannow Ps: Cuidado com o espaçamento!

>@< Dê o Ok.

>@< Tenha,em mãos,o CD do Windows,e insira-o na unidade quando for solicitado.

>@< Aguarde a conclusão do reparo!

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

fmz caara valeu mesmo!!!!!!!!!!!!!!

 

so uma pergunta, esses scan online ja vai matando os virus assim que encontra??? é por que encontrou alguns nesses scan ai eu nao fiz nada pra tira eles ai pinto a duvida.

 

flws!!!!

 

fmz caara valeu mesmo!!!!!!!!!!!!!!

 

so uma pergunta, esses scan online ja vai matando os virus assim que encontra??? é por que encontrou alguns nesses scan ai eu nao fiz nada pra tira eles ai pinto a duvida.

 

flws!!!!

Compartilhar este post


Link para o post
Compartilhar em outros sites
fmz caara valeu mesmo!!!!!!!!!!!!!!

 

so uma pergunta, esses scan online ja vai matando os virus assim que encontra??? é por que encontrou alguns nesses scan ai eu nao fiz nada pra tira eles ai pinto a duvida.

 

flws!!!!

 

fmz caara valeu mesmo!!!!!!!!!!!!!!

 

so uma pergunta, esses scan online ja vai matando os virus assim que encontra??? é por que encontrou alguns nesses scan ai eu nao fiz nada pra tira eles ai pinto a duvida.

 

flws!!!!

>@< O escaneamento,OnLine,em BitDefender é de remoção.

---------------------

>@< O escaneamento,OnLine,em Kaspersky é de diagnóstico.

---------------------

>@< O escaneamento,OnLine,pelo Panda,é de desinfecção/diagnóstico.

---------------------

>@< Voçê fez o reparo,com o comando sfc /scannow?

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o Tópico seja reaberto é preciso enviar uma Mensagem Privada,para um Moderador,com um Link para o Tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.