[Arquivado] winlogon.exe - erro de aplicativo e erro na conexao

[torugorj 0]

apareceu uma mensagem aqui q acredito ter relação com um erro q tem acontecido com a conexao com a internet:

a mensagem é a seguinte:

 

------------------------------------------------------------------------------

 

<< winlogon.exe - erro de aplicativo

A instrução no "0x7c913396" fez referência à memória no "0x012c0000". A memória não pôde ser "read".

 

Clique em 'OK' para encerrar o programa

Clique em 'Cancelar' para depurar o programa >>

 

-------------------------------------------------------------------------------

 

o erro q estava dando quando eu conectava com a velox era algo com conexao com computador remoto e dispositivo desconectado, aew quando finalmente depois de varias tentativas conectava, ficava muito lento... quando finalmente ficou normal apareceu esse erro winlogon acima...

 

agradeço desde ja se puderem me ajudar

 

ai em baixo vai o hijackthis log

 

-------------------------------------------------------------------------------

 

Logfile of HijackThis v1.99.1

Scan saved at 18:37:45, on 16/9/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe

C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAccelerator.exe

C:\WINDOWS\RavMonE.exe

C:\Arquivos de programas\a-squared Free\a2service.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\system32\cmpe.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\ctfmon.exe

C:\ARQUIVOS DE PROGRAMAS\DAP\DAP.EXE

C:\WINDOWS\system32\UAService7.exe

C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe

C:\ARQUIVOS DE PROGRAMAS\Nokia\Nokia PC Suite 6\PCSuite.exe

C:\ARQUIVOS DE PROGRAMAS\HP\Digital Imaging\bin\hpqtra08.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

C:\Arquivos de programas\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Arquivos de programas\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe

C:\WINDOWS\system32\svchost.exe

C:\Documents and Settings\PC\Meus documentos\Programas antivirus\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orkut.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.positivoinformatica.com.br/cadastro.asp

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\ARQUIVOS DE PROGRAMAS\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\ARQUIVOS DE PROGRAMAS\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MegauploadToolbar\megauploadtoolbar.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\avgtoolbar.dll

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\ARQUIV~1\IDM\QUICKfind\PlugIns\IEHelp.dll

O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\ARQUIV~1\GbPlugin\gbiehabn.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MegauploadToolbar\megauploadtoolbar.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\ARQUIVOS DE PROGRAMAS\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\avgtoolbar.dll

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [desp2k] C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [NBKeyScan] "C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [speedBitVideoAccelerator] C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAccelerator.exe

O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\RavMonE.exe

O4 - HKCU\..\Run: [LightDialer] C:\ARQUIVOS DE PROGRAMAS\Oi Velox\Conexão\DISCADOR.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DownloadAccelerator] "C:\ARQUIVOS DE PROGRAMAS\DAP\DAP.EXE" /STARTUP

O4 - HKCU\..\Run: [PC Suite Tray] "C:\ARQUIVOS DE PROGRAMAS\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

O4 - Startup: Conexão Oi Velox.lnk = ?

O4 - Startup: hpqtra08.exe.lnk = C:\ARQUIVOS DE PROGRAMAS\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: &Clean Traces - C:\ARQUIVOS DE PROGRAMAS\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\ARQUIVOS DE PROGRAMAS\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\ARQUIVOS DE PROGRAMAS\DAP\dapextie2.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\WINDOWS\system32\SHDOCVW.DLL

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O11 - Options group: [TABS] Tabbed Browsing

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.positivoinformatica.com.br/

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{68D0BEAD-47BF-4FD0-A03E-B087D3238F5D}: NameServer = 200.149.55.142 200.165.132.154

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\msgrapp.8.5.1302.1018.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\msgrapp.8.5.1302.1018.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\Skype4COM.dll

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O20 - Winlogon Notify: GbPluginAbn - C:\ARQUIV~1\GbPlugin\gbiehabn.dll

O20 - Winlogon Notify: WB - C:\WINDOWS\

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Arquivos de programas\a-squared Free\a2service.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\ARQUIVOS DE PROGRAMAS\Ares\chatServer.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

O23 - Service: Context Manager Process Extension (cmpe) - LightComm - C:\WINDOWS\system32\cmpe.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe

[Silas Martins 0]

Baixe o ComboFix e salve na área de trabalho.

 

Feche todos os programas.

Clique duas vezes sobre combofix.exe e tecle (1) logo após aperte Enter para continuar.

O ComboFix irá reiniciar seu computador automaticamente, isto faz parte do processo de remoção.

 

Ao se encerrar, será gerado um log, que vai estar em C:\ComboFix.txt.

 

Atenção:

Não clique em nada enquanto o Combofix estiver rodando, Do contrário seu desktop ficará em branco.

 

Para parar o processo ou sair do ComboFix, tecle "2" e Enter.

 

Aguardo um novo log do HijackThis juntamente com o ComboFix.txt

[torugorj 0]

ola, quando executo o combofix aperece ele carregando depois uma tela azul pedindo pra aguardar, logo depois fica tudo preto e travado, nao aparece opçao de colocar numero 1 ou 2... com a tela toda preta acredito q ele travou e desligo o pc no botao e ele reinicia no toque.

[Silas Martins 0]

Execute o combofix em modo de segurança e com antivirus desativado.

[torugorj 0]

Quando coloco o computador pra entar em modo de seguraça ele começa a entrar normamlmente, mas quando vai aparecer a area de trabalho ele reinicia e volta pro modo normal...

[Silas Martins 0]

Faça o download do http://www.techsupportforum.com/sectools/Deckard/dss.exe e salve no seu desktop.

Atenção: Para rodar a ferramenta terá de usar uma conta com privilégios de Adminstrador.

 

* Dê um duplo clique sobre o DSS.exe e siga as instruções.

* Quando terminar, será gerado um log.

* Cole o resultado deste log na sua próxima resposta.

* Através do Windows Explorer (clique direito no botão iniciar e escolha "Explorar"), procure a pasta C:\Deckard\System Scanner. Nessa pasta estarão dois logs: main.txt e extra.txt

* Abra o main.txt no bloco de notas, copie e cole esse log na sua próxima resposta.

[torugorj 0]

nao consigo fazer o download pelo link enviado, diz q a pagina nao foi encontrada.

muito obrigado pela ajuda mais uma vez.

[Mário Monteiro 179]

Realmente esta dando "Page not found" Silas

[Silas Martins 0]

Link alterado-> Dss

[torugorj 0]

A seguinte mensagem aparece quando tendo fazer download do programa:

-----------------------------------------------------------------------------------------------------------------------

Deckard's System Scanner interacts with a specific rootkit (tdssserv) in a way that may make your system unusable (altering the svchost netsvcs registry entry). This download link has been removed until a fix is released by Deckard. For your own protection, please do not attempt to download this tool from other sites.

 

08/17/2008

 

Your Geeks to Go admin team

[Silas Martins 0]

Baixe o Malwarebytes Anti-Malware

 

 

* Inicie a instalação clique em "mbam-setup.exe";

* Marque "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware", e clique em concluir.

* Marque "Verificação Rápida" e depois clique em Verificar.

* Quando o scan terminar, clique em Ok e em "Mostrar Resultados" para ver o log;

* Se algo for detectado, veja se tudo está marcado e clique em "Remover";

* O log é automaticamente gravado e pode ser consultado clicando em "Logs" do menu principal;

* Copie e cole esse log, juntamente com o novo log do hijacktihis .

Aguado o retorno.

[torugorj 0]

Ai vai o log do malware e logo em seguida o do hijackthis

 

Malwarebytes' Anti-Malware 1.28

Versão do banco de dados: 1169

Windows 5.1.2600 Service Pack 2

 

2008-09-18 13:58:41

mbam-log-2008-09-18 (13-58-41).txt

 

Tipo de Verificação: Rápida

Objetos verificados: 55372

Tempo decorrido: 7 minute(s), 14 second(s)

 

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 0

Valores do Registro infectados: 0

Ítens do Registro infectados: 0

Pastas infectadas: 1

Arquivos infectados: 307

 

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

 

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

 

Chaves do Registro infectadas:

(Nenhum ítem malicioso foi detectado)

 

Valores do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Ítens do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Pastas infectadas:

C:\WINDOWS\system32\drivers\down (Trojan.Downloader) -> Quarantined and deleted successfully.

 

Arquivos infectados:

C:\WINDOWS\system32\drivers\down\106031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\107187.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\109031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\118921.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\124406.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\125031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\126828.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\131593.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\14922703.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\14922812.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\14943718.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15025984.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15039468.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15046953.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15054531.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15058890.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15064937.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15092218.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15116625.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15135031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15136546.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15141031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15143140.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15152140.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15168843.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15203875.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15203890.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15209125.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15217546.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15222234.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15230625.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15234062.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15238546.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15241218.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15252593.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15255750.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15290609.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15290671.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15324000.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15324859.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15325625.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15333031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15340765.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15343640.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15347953.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15349796.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15349859.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15359062.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15375765.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15421640.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15423484.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15425031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15426609.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15429546.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15435875.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15439531.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15452609.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15463500.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\154953.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15506312.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15515562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\15537343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\175234.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\180812.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\182296.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\189781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\190375.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\190781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\191328.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\191531.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\192281.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\193000.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\195921.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\197609.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\202453.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\203937.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\205953.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\207921.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\208578.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\209687.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\211156.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\211812.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\213281.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\213781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\216265.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\217125.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\217328.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\218140.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\218312.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\218937.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\219750.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\219781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\224171.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\225156.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\226437.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\228156.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\229359.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\229625.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\230812.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\232484.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\235421.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\235515.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\235703.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\235812.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\238437.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\238609.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\239390.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\239953.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\240875.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\241796.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\245234.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\246078.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\248234.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\249531.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\250265.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\253812.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\255968.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\258781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\259125.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\259562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\259921.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\260250.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\260546.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\265078.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\273359.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\275562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\276890.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\283156.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\285328.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\291953.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\293015.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\293781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\297218.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\298109.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\298890.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\29927875.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\29955609.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\299828.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\300515.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30072562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30074046.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30093421.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30103156.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30110875.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30115000.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30131781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\301406.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30254187.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30256218.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30261250.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30267187.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30277531.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30311671.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\303312.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\303609.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30383062.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30399984.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\30440093.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\305140.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\305687.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\307781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\310109.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\311000.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\311203.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\311484.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\312734.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\313031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\314390.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\316203.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\316234.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\316562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\317390.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\320093.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\320406.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\322078.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\323125.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\323734.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\324343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\324625.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\326812.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\328406.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\328890.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\330296.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\332750.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\333718.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\334031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\334562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\336078.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\338625.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\340234.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\341031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\341109.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\344843.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\350890.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\351343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\351859.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\354406.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\362406.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\362562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\366796.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\366859.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\367734.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\369437.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\372562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\373609.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\377750.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\379421.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\380968.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\381375.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\382656.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\383406.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\384671.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\385734.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\387593.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\387671.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\387828.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\389875.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\392906.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\393687.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\394000.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\397015.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\397406.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\402484.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\404343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\404375.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\405484.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\405734.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\406343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\415734.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\416109.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\417562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\420390.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\422437.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\422812.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\427343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\430343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\430562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\432968.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\438718.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\438984.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\440718.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\442453.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\453015.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\455140.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\456156.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\457218.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\458828.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\459468.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\459546.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\460546.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\461500.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\461828.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\462265.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\465343.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\467937.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\469140.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\473531.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\474734.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\475578.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\475781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\477593.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\478187.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\479187.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\482781.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\484093.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\489437.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\490125.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\492843.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\495031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\496296.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\506390.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\512593.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\513187.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\514234.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\519031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\525484.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\526187.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\548671.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\548968.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\549796.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\560171.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\583328.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\587171.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\597359.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\604953.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\621000.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\693062.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\74531.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\764875.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\768000.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\770000.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\773953.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\783625.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\801750.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\82031.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\855312.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\86250.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\871671.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\87562.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\89093.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\89296.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\895281.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\92609.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\97328.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\98093.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\drivers\down\99484.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINDOWS\Downloaded Program Files\scpsssh2.inf (Trojan.Agent) -> Quarantined and deleted successfully.

 

-------------------------------------------------------------------------------------------------------------------

 

Logfile of HijackThis v1.99.1

Scan saved at 14:01, on 2008-09-18

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAccelerator.exe

C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\ARQUIVOS DE PROGRAMAS\DAP\DAP.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\ARQUIVOS DE PROGRAMAS\Nokia\Nokia PC Suite 6\PCSuite.exe

C:\ARQUIVOS DE PROGRAMAS\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Arquivos de programas\a-squared Free\a2service.exe

C:\ARQUIVOS DE PROGRAMAS\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\system32\cmpe.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\UAService7.exe

C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

C:\Arquivos de programas\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Arquivos de programas\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\ARQUIVOS DE PROGRAMAS\Mozilla Firefox\firefox.exe

C:\Documents and Settings\PC\Meus documentos\Programas antivirus\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orkut.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.positivoinformatica.com.br/cadastro.asp

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\ARQUIVOS DE PROGRAMAS\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\ARQUIVOS DE PROGRAMAS\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MegauploadToolbar\megauploadtoolbar.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\avgtoolbar.dll

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\ARQUIV~1\IDM\QUICKfind\PlugIns\IEHelp.dll

O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\ARQUIV~1\GbPlugin\gbiehabn.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MegauploadToolbar\megauploadtoolbar.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\ARQUIVOS DE PROGRAMAS\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\avgtoolbar.dll

O4 - HKLM\..\Run: [speedBitVideoAccelerator] C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAccelerator.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [desp2k] C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [LightDialer] C:\ARQUIVOS DE PROGRAMAS\Oi Velox\Conexão\DISCADOR.EXE

O4 - HKCU\..\Run: [DownloadAccelerator] "C:\ARQUIVOS DE PROGRAMAS\DAP\DAP.EXE" /STARTUP

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PC Suite Tray] "C:\ARQUIVOS DE PROGRAMAS\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

O4 - Startup: Conexão Oi Velox.lnk = ?

O4 - Startup: hpqtra08.exe.lnk = C:\ARQUIVOS DE PROGRAMAS\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Software Kodak EasyShare.lnk = C:\ARQUIVOS DE PROGRAMAS\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O8 - Extra context menu item: &Clean Traces - C:\ARQUIVOS DE PROGRAMAS\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\ARQUIVOS DE PROGRAMAS\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\ARQUIVOS DE PROGRAMAS\DAP\dapextie2.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\WINDOWS\system32\SHDOCVW.DLL

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O11 - Options group: [TABS] Tabbed Browsing

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.positivoinformatica.com.br/

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{68D0BEAD-47BF-4FD0-A03E-B087D3238F5D}: NameServer = 200.149.55.142 200.165.132.154

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\msgrapp.8.5.1302.1018.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\msgrapp.8.5.1302.1018.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\Skype4COM.dll

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: GbPluginAbn - C:\ARQUIV~1\GbPlugin\gbiehabn.dll

O20 - Winlogon Notify: WB - C:\WINDOWS\

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Arquivos de programas\a-squared Free\a2service.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\ARQUIVOS DE PROGRAMAS\Ares\chatServer.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

O23 - Service: Context Manager Process Extension (cmpe) - LightComm - C:\WINDOWS\system32\cmpe.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe

[Silas Martins 0]

Baixe o SDFix e e arquive na sua área de trabalho.

 

*Execute o SDFix.exe[/b] clicando duas vezes sobre ele.

* Permitam-lo para instalar na localização padrão, que é normalmente c: \ SDFix

* Agora, por favor, reinicie o computador em modo de segurança (Reinicie o computador e segure a tecla F8 sem solta-la até que seja disponibilizada a tela onde você opte por modo de segurança)

* Depois de ter arrancado em modo seguro, abra o C: \ SDFix pasta e dê um duplo clique em RunThis.bat para iniciar o script.

* Aperte Y para iniciar a limpeza do processo.

* Ele irá remover qualquer Tróia ou Serviços Secretaria entradas encontradas e, em seguida, pedir-lhe para pressione qualquer tecla para reiniciar.

* Pressione qualquer tecla e ele irá reiniciar o PC.

* Quando o PC reinicia a Fixtool irá correr de novo e completar o processo de remoção exibição terminados em seguida, pressione qualquer tecla para terminar o script e carregar seu desktop ícones.

* Depois de a carregar os ícones desktop SDFix relatório será aberta a tela e também em salvar a pasta SDFix como Report.txt.

*Poste o Report.txt juntamente com novo log do hijackthis gerado em modo normal.

[torugorj 0]

mais uma vez tentei entrar no modo de segurança e nao consegui:

eu reinicio, aperto a tecla, aparece a opçao modo de segurança e eu seleciono, o computador vai iniciando em modo de segurança mas quando vai aparecer a area de trabalho, ele reinicia sozinho e volta pro modo normal

[Silas Martins 0]

Faça em modo normal

[torugorj 0]

no programa nao a opçao da letra "y"

quando dou "y" e clico "enter" ele fecha

[Silas Martins 0]

Siga as instruções abaixo:

 

Faça o download do VundoFix no link : http://www.atribune.org/ccount/click.php?id=4

 

Clique duas vezes em VundoFix.exee ele ira iniciar.

 

Ao abrir o VundoFix clique em scan for Vundo. Espere acabar o scan. Terminado o scan clique em Remove Vundo

 

Irá aparecer um alerta khe indagando se deseja remover os arquivos. Clique em YES. Suaárea de trabalho irá sumir, mas não se preocupe isto é padrão. Reinicie o pc para que se complete o scan, clique em [OK

 

Retorne com o log do VundoFix que se encontra em C:\vundofix.txt juntamente com um novo log do hijackthis

 

 

Aguardo Retorno

[torugorj 0]

nao foi encontrado nenhuma ameaça com o Vundofix, segue ai o log do hijackthis

 

Logfile of HijackThis v1.99.1

Scan saved at 20:58, on 2008-09-19

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAccelerator.exe

C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\ARQUIVOS DE PROGRAMAS\DAP\DAP.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\ARQUIVOS DE PROGRAMAS\Nokia\Nokia PC Suite 6\PCSuite.exe

C:\ARQUIVOS DE PROGRAMAS\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Arquivos de programas\a-squared Free\a2service.exe

C:\ARQUIVOS DE PROGRAMAS\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

C:\WINDOWS\system32\cmpe.exe

C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

C:\WINDOWS\system32\UAService7.exe

C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

C:\Arquivos de programas\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Arquivos de programas\PC Connectivity Solution\Transports\NclRSSrv.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe

C:\Documents and Settings\PC\Meus documentos\Programas antivirus\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orkut.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.positivoinformatica.com.br/cadastro.asp

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\ARQUIVOS DE PROGRAMAS\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\ARQUIVOS DE PROGRAMAS\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: (no name) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - (no file)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MegauploadToolbar\megauploadtoolbar.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\avgtoolbar.dll

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\ARQUIV~1\IDM\QUICKfind\PlugIns\IEHelp.dll

O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\ARQUIV~1\GbPlugin\gbiehabn.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MegauploadToolbar\megauploadtoolbar.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\ARQUIVOS DE PROGRAMAS\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\avgtoolbar.dll

O4 - HKLM\..\Run: [speedBitVideoAccelerator] C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAccelerator.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [desp2k] C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [LightDialer] C:\ARQUIVOS DE PROGRAMAS\Oi Velox\Conexão\DISCADOR.EXE

O4 - HKCU\..\Run: [DownloadAccelerator] "C:\ARQUIVOS DE PROGRAMAS\DAP\DAP.EXE" /STARTUP

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PC Suite Tray] "C:\ARQUIVOS DE PROGRAMAS\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray

O4 - Startup: Conexão Oi Velox.lnk = ?

O4 - Startup: hpqtra08.exe.lnk = C:\ARQUIVOS DE PROGRAMAS\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Software Kodak EasyShare.lnk = C:\ARQUIVOS DE PROGRAMAS\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O8 - Extra context menu item: &Clean Traces - C:\ARQUIVOS DE PROGRAMAS\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\ARQUIVOS DE PROGRAMAS\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\ARQUIVOS DE PROGRAMAS\DAP\dapextie2.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\WINDOWS\system32\SHDOCVW.DLL

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\Microsoft Office\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O11 - Options group: [TABS] Tabbed Browsing

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://www.positivoinformatica.com.br/

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{68D0BEAD-47BF-4FD0-A03E-B087D3238F5D}: NameServer = 200.149.55.142 200.165.132.154

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\msgrapp.8.5.1302.1018.dll

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\msgrapp.8.5.1302.1018.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\Skype4COM.dll

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: GbPluginAbn - C:\ARQUIV~1\GbPlugin\gbiehabn.dll

O20 - Winlogon Notify: WB - C:\WINDOWS\

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Arquivos de programas\a-squared Free\a2service.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\ARQUIVOS DE PROGRAMAS\Ares\chatServer.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE

O23 - Service: Context Manager Process Extension (cmpe) - LightComm - C:\WINDOWS\system32\cmpe.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\ARQUIV~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe

[torugorj 0]

e se fosse possivel poderia me ajudar a alterar o formato como a data aparece aki na barra de tarefas:

 

ela esta aparecendo assim

aaaa-mm-dd

 

e eu gostaria q ela voltasse a aparecer assim

dd/mm/aaaa

 

agradeço pela ajuda e atençao

[Silas Martins 0]

Sigas as instruções abaixo:

 

Baixe o Bankerfix.

desative o seu antivírus temporariamente, para não haver conflitos e para uma melhor detecção.

Clique duas vezes sobre bankerfix.exe, dê o Enter e espere ele terminar. Ao terminar, leia a mensagem na tela e aperte Enter novamente.

 

Habilite o seu antivírus. e gere um novo log do hijackthis.

 

Aguardo o Retorno

 

off-topic: Quanto ao relógio/data é só ir no painel de controle e clicar em Dat/Hora e na janela que irá aparecer escolher o formato que você quer.