Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Artur Luis

[Resolvido!] CID Mercado Livre Janela do IE abre sozinha no site:

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

Artur Luis    0

Artur Luis
Postado

Olá, sou novato nesse forum, e vi problemas semelhantes, mas não consegui resolver.

Instalei o Hijackthis mas não tomei nenhuma providencia.

Tambem rodei Spybot, e nada dectou.

 

Obrigado

 

Segue log último log:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:47:13, on 4/2/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe

C:\Arquivos de programas\Outlook Express\msimn.exe

C:\WINDOWS\explorer.exe

C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Diretório temporário 2 para HiJackThis.zip\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Time Dash Second Regs] C:\Documents and Settings\All Users\Dados de aplicativos\bat glue time dash\Heck Else.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [smartRAM] "C:\Arquivos de programas\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe" /startup

O4 - HKCU\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre6\bin\jusched.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [HtmLove] C:\DOCUME~1\ADMINI~1\DADOSD~1\STOREH~1\metacreativemulti.exe

O4 - HKUS\S-1-5-21-1935655697-746137067-854245398-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Artur Luis')

O4 - HKUS\S-1-5-21-1935655697-746137067-854245398-1003\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background (User 'Artur Luis')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Baixar com o FDM - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o FDM - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download selecionado pelo FDM - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextus.oberon-media.com/Gameshe...ronGameHost.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 10874 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Tarde! Artur Luis

 

<!> O Lop está presente em seu PC.

---------------------------------

<@> Baixe: < LopS&D >

<@> Salve-o no Disco Local-C!

<@> Instale o programa e clique em: LopSD.cmd

<@> Na janela que abrir,aperte o "p" --> Aperte Enter.

<@> Em outra janela,aperte a opção 2 --> Aperte Enter --> Aguarde!

<@> Terminando,salve e poste o relatório. ( C:\Lop SD\LopR_1.txt )

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Artur Luis    0

Artur Luis
Postado
Boa Tarde! Artur Luis

 

<!> O Lop está presente em seu PC.

---------------------------------

<@> Baixe: < LopS&D >

<@> Salve-o no Disco Local-C!

<@> Instale o programa e clique em: LopSD.cmd

<@> Na janela que abrir,aperte o "p" --> Aperte Enter.

<@> Em outra janela,aperte a opção 2 --> Aperte Enter --> Aguarde!

<@> Terminando,salve e poste o relatório. ( C:\Lop SD\LopR_1.txt )

<@> Poste,também,HijackThis atualizado.

 

Abraços!

 

Agradeço desde já:

Segue o relatorio do LopSD

 

 

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

 

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : AMD Athlon Processor )

BIOS : Award Medallion BIOS v6.0

USER : Administrador ( Administrator )

BOOT : Normal boot

Antivirus : AVG Anti-Virus Free 8.0 (Activated)

A:\ (USB)

B:\ (USB)

C:\ (Local Disk) - NTFS - Total:74 Go (Free:61 Go)

D:\ (Local Disk) - NTFS - Total:9 Go (Free:8 Go)

E:\ (CD or DVD)

 

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )

Option : [2] ( qui 05/02/2009|15:30 )

 

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ REMOVIDOS

 

Deletado! - C:\WINDOWS\Tasks\A78E9438918D0D94.job

Deletado! - C:\DOCUME~1\ALLUSE~1\DADOSD~1\bat glue time dash\Heck Else.dat

Deletado! - C:\DOCUME~1\ALLUSE~1\DADOSD~1\bat glue time dash\Heck Else.exe

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\storeh~1\AdminMfcdDefyBalm.exe

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\storeh~1\aunjpojh.exe

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\storeh~1\KNOB MEMO LIVE.exe

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\storeh~1\metacreativemulti.exe

Deletado! - C:\DOCUME~1\ADMINI~1\Cookies\administrador@www.adserver5[2].txt

Deletado! - C:\DOCUME~1\ALLUSE~1\DADOSD~1\bat glue time dash

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\storeh~1

Deletado! - C:\Arquivos de programas\storeh~1

 

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

 

 

--------------------\\ Lista de pastas em DADOSD~1

 

[29/11/2008|23:21] C:\DOCUME~1\ADMINI~1\DADOSD~1\Adobe

[06/11/2008|08:14] C:\DOCUME~1\ADMINI~1\DADOSD~1\Auslogics

[27/11/2008|21:15] C:\DOCUME~1\ADMINI~1\DADOSD~1\AVGTOOLBAR

[29/01/2009|20:00] C:\DOCUME~1\ADMINI~1\DADOSD~1\Corel

[25/11/2008|17:17] C:\DOCUME~1\ADMINI~1\DADOSD~1\DataLayer

[04/02/2009|19:26] C:\DOCUME~1\ADMINI~1\DADOSD~1\Free Download Manager

[16/01/2009|23:13] C:\DOCUME~1\ADMINI~1\DADOSD~1\Google

[09/12/2008|12:58] C:\DOCUME~1\ADMINI~1\DADOSD~1\Help

[05/11/2008|20:34] C:\DOCUME~1\ADMINI~1\DADOSD~1\Identities

[06/11/2008|07:36] C:\DOCUME~1\ADMINI~1\DADOSD~1\InterTrust

[15/12/2008|20:35] C:\DOCUME~1\ADMINI~1\DADOSD~1\IObit

[03/02/2009|20:13] C:\DOCUME~1\ADMINI~1\DADOSD~1\LimeWire

[05/11/2008|22:14] C:\DOCUME~1\ADMINI~1\DADOSD~1\Macromedia

[16/01/2009|00:47] C:\DOCUME~1\ADMINI~1\DADOSD~1\Microsoft

[06/11/2008|06:44] C:\DOCUME~1\ADMINI~1\DADOSD~1\MSN6

[25/11/2008|17:17] C:\DOCUME~1\ADMINI~1\DADOSD~1\Nokia

[29/11/2008|12:37] C:\DOCUME~1\ADMINI~1\DADOSD~1\Nokia Multimedia Player

[25/11/2008|17:09] C:\DOCUME~1\ADMINI~1\DADOSD~1\PC Suite

[29/01/2009|16:57] C:\DOCUME~1\ADMINI~1\DADOSD~1\Real

[16/01/2009|23:19] C:\DOCUME~1\ADMINI~1\DADOSD~1\Software Informer

[29/11/2008|12:16] C:\DOCUME~1\ADMINI~1\DADOSD~1\Sun

[05/02/2009|09:34] C:\DOCUME~1\ADMINI~1\DADOSD~1\WinRAR

[14/12/2008|12:50] C:\DOCUME~1\ADMINI~1\DADOSD~1\Yahoo!

 

[26/01/2009|17:31] C:\DOCUME~1\ALLUSE~1\DADOSD~1\avg8

[25/11/2008|17:08] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Downloaded Installations

[10/11/2008|12:50] C:\DOCUME~1\ALLUSE~1\DADOSD~1\FreeDownloadManager.ORG

[16/01/2009|23:09] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Google

[05/02/2009|11:43] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Google Updater

[16/01/2009|00:23] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Microsoft

[06/11/2008|06:43] C:\DOCUME~1\ALLUSE~1\DADOSD~1\MSN6

[27/11/2008|07:33] C:\DOCUME~1\ALLUSE~1\DADOSD~1\nView_Profiles

[25/11/2008|17:11] C:\DOCUME~1\ALLUSE~1\DADOSD~1\PC Suite

[04/02/2009|12:43] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Spybot - Search & Destroy

[06/11/2008|07:24] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Windows Genuine Advantage

[05/02/2009|10:28] C:\DOCUME~1\ALLUSE~1\DADOSD~1\WinZip

[15/01/2009|15:20] C:\DOCUME~1\ALLUSE~1\DADOSD~1\WLInstaller

 

[07/11/2008|11:02] C:\DOCUME~1\ARTURL~1\DADOSD~1\Adobe

[07/11/2008|11:00] C:\DOCUME~1\ARTURL~1\DADOSD~1\Identities

[27/11/2008|21:09] C:\DOCUME~1\ARTURL~1\DADOSD~1\Microsoft

 

[05/11/2008|20:58] C:\DOCUME~1\DEFAUL~1\DADOSD~1\Microsoft

 

[15/12/2008|21:45] C:\DOCUME~1\LOCALS~1\DADOSD~1\Microsoft

 

[27/11/2008|21:09] C:\DOCUME~1\NETWOR~1\DADOSD~1\Microsoft

 

--------------------\\ Tarefas Agendadas na pasta C:\WINDOWS\Tasks

 

[04/02/2009 20:54][--a------] C:\WINDOWS\tasks\AWC Update.job

[05/02/2009 12:42][--ah-----] C:\WINDOWS\tasks\SA.DAT

[08/04/2003 10:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

 

--------------------\\ Lista de pastas em C:\Arquivos de programas

 

[06/11/2008|07:36] C:\Arquivos de programas\Adobe

[04/02/2009|19:31] C:\Arquivos de programas\Arquivos comuns

[15/12/2008|20:28] C:\Arquivos de programas\Auslogics

[05/11/2008|21:52] C:\Arquivos de programas\AVG

[06/11/2008|07:47] C:\Arquivos de programas\Canon

[05/11/2008|20:15] C:\Arquivos de programas\ComPlus Applications

[09/12/2008|12:45] C:\Arquivos de programas\Conduit

[29/01/2009|19:53] C:\Arquivos de programas\Corel

[25/11/2008|17:11] C:\Arquivos de programas\DIFX

[05/02/2009|09:40] C:\Arquivos de programas\findlop

[10/11/2008|12:50] C:\Arquivos de programas\Free Download Manager

[10/11/2008|12:48] C:\Arquivos de programas\Free download maneger

[16/01/2009|23:09] C:\Arquivos de programas\Google

[16/01/2009|23:07] C:\Arquivos de programas\Google Earth

[11/11/2008|14:47] C:\Arquivos de programas\Gravity

[29/01/2009|19:58] C:\Arquivos de programas\InstallShield Installation Information

[14/12/2008|16:04] C:\Arquivos de programas\Internet Explorer

[04/01/2009|14:38] C:\Arquivos de programas\IObit

[03/02/2009|11:27] C:\Arquivos de programas\Java

[08/11/2008|18:12] C:\Arquivos de programas\Jogos

[10/01/2009|19:42] C:\Arquivos de programas\KYE

[29/11/2008|12:11] C:\Arquivos de programas\Lime Wire

[15/12/2008|20:11] C:\Arquivos de programas\LimeWire

[24/11/2008|20:48] C:\Arquivos de programas\Messenger

[05/02/2009|10:49] C:\Arquivos de programas\Messenger Plus! Live

[16/01/2009|00:23] C:\Arquivos de programas\Microsoft

[05/11/2008|20:23] C:\Arquivos de programas\microsoft frontpage

[05/11/2008|22:05] C:\Arquivos de programas\Microsoft Office

[16/01/2009|00:25] C:\Arquivos de programas\Microsoft Sync Framework

[24/11/2008|20:20] C:\Arquivos de programas\Movie Maker

[06/11/2008|06:44] C:\Arquivos de programas\MSN

[10/11/2008|12:53] C:\Arquivos de programas\MSN Gaming Zone

[16/01/2009|13:44] C:\Arquivos de programas\MSN9

[31/01/2009|20:34] C:\Arquivos de programas\MSXML 4.0

[24/11/2008|20:12] C:\Arquivos de programas\NetMeeting

[06/01/2009|14:23] C:\Arquivos de programas\NickOnline

[25/11/2008|17:10] C:\Arquivos de programas\Nokia

[29/11/2008|15:50] C:\Arquivos de programas\NxZero

[24/11/2008|20:12] C:\Arquivos de programas\Outlook Express

[06/01/2009|01:09] C:\Arquivos de programas\PhotoScape

[05/02/2009|09:33] C:\Arquivos de programas\RAR descompactador

[05/11/2008|20:18] C:\Arquivos de programas\Servi‡os on-line

[04/02/2009|11:01] C:\Arquivos de programas\Spybot - Search & Destroy

[05/11/2008|20:34] C:\Arquivos de programas\Uninstall Information

[16/01/2009|13:42] C:\Arquivos de programas\Windows Journal Viewer

[16/01/2009|00:26] C:\Arquivos de programas\Windows Live

[06/11/2008|08:52] C:\Arquivos de programas\Windows Live Favorites

[06/11/2008|21:02] C:\Arquivos de programas\Windows Live Safety Center

[16/01/2009|00:25] C:\Arquivos de programas\Windows Live Toolbar

[05/02/2009|12:31] C:\Arquivos de programas\Windows Media Connect 2

[15/12/2008|21:39] C:\Arquivos de programas\Windows Media Player

[24/11/2008|20:12] C:\Arquivos de programas\Windows NT

[05/11/2008|20:15] C:\Arquivos de programas\WindowsUpdate

[05/02/2009|09:34] C:\Arquivos de programas\WinRAR

[05/11/2008|20:23] C:\Arquivos de programas\xerox

[15/12/2008|20:29] C:\Arquivos de programas\Yahoo!

 

--------------------\\ Lista de pastas em C:\Arquivos de programas\Arquivos comuns

 

[08/11/2008|18:12] C:\Arquivos de programas\Arquivos comuns\Adobe

[29/01/2009|19:55] C:\Arquivos de programas\Arquivos comuns\Corel

[29/01/2009|19:56] C:\Arquivos de programas\Arquivos comuns\Designer

[29/01/2009|19:55] C:\Arquivos de programas\Arquivos comuns\InstallShield

[05/02/2009|10:27] C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

[05/11/2008|20:17] C:\Arquivos de programas\Arquivos comuns\MSSoap

[25/11/2008|17:10] C:\Arquivos de programas\Arquivos comuns\Nokia

[05/11/2008|21:03] C:\Arquivos de programas\Arquivos comuns\ODBC

[25/11/2008|17:10] C:\Arquivos de programas\Arquivos comuns\PCSuite

[29/01/2009|16:52] C:\Arquivos de programas\Arquivos comuns\Real

[05/11/2008|20:17] C:\Arquivos de programas\Arquivos comuns\Servi‡os

[10/01/2009|19:41] C:\Arquivos de programas\Arquivos comuns\snpstd

[05/11/2008|21:03] C:\Arquivos de programas\Arquivos comuns\SpeechEngines

[24/11/2008|20:12] C:\Arquivos de programas\Arquivos comuns\System

[16/01/2009|00:15] C:\Arquivos de programas\Arquivos comuns\Windows Live

[06/11/2008|08:46] C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller

[29/01/2009|16:52] C:\Arquivos de programas\Arquivos comuns\xing shared

 

--------------------\\ Process

 

( 32 Processes )

 

... OK !

 

--------------------\\ Procura pelo S_Lop

 

Não foram encontradas pastas com o Lop!

 

--------------------\\ Procura por Arquivos/Ficheiros e pastas do Lop

 

Não foram encontradas pastas com o Lop!

 

--------------------\\ Procura no Registro

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HtmLove"="C:\\DOCUME~1\\ADMINI~1\\DADOSD~1\\STOREH~1\\metacreativemulti.exe"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Time Dash Second Regs"="C:\\Documents and Settings\\All Users\\Dados de aplicativos\\bat glue time dash\\Heck Else.exe"

 

--------------------\\ Verificando o Arquivos/Ficheiros Hosts

 

Arquivos/Ficheiros Hosts LIMPO

 

 

--------------------\\ Procurando Arquivos/Ficheiros ocultos com o Catchme

 

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-02-05 15:35:18

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 1

 

--------------------\\ Procurando por outras infecções

 

 

Não foram encontradas outras infecções.

 

[F:47][D:9]-> C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp

[F:254][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies

[F:782][D:20]-> C:\DOCUME~1\ADMINI~1\CONFIG~1\TEMPOR~1\content.IE5

 

1 - "C:\Lop SD\LopR_1.txt" - qui 05/02/2009|15:37 - Option : [2]

 

--------------------\\ Verificação completa em 15:37:07

 

 

 

Log do HijackThis atualizado:

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:45:29, on 5/2/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\system32\svchost.exe

C:\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Time Dash Second Regs] C:\Documents and Settings\All Users\Dados de aplicativos\bat glue time dash\Heck Else.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [smartRAM] "C:\Arquivos de programas\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe" /startup

O4 - HKCU\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre6\bin\jusched.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [HtmLove] C:\DOCUME~1\ADMINI~1\DADOSD~1\STOREH~1\metacreativemulti.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Baixar com o FDM - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o FDM - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download selecionado pelo FDM - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O15 - Trusted Zone: http://*.lop.com

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextus.oberon-media.com/Gameshe...ronGameHost.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 9882 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Noite! Artur Luis

 

<@> Baixe: < ComboFix.exe > ( ...by sUBs )

<@> Salve-o no Desktop!

<@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! )

<@> Feche todas as janelas e execute a ferramenta!

<@> Na solicitação: "Negação de garantia de software" --> Clique em Sim!

<@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo!

 

<!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta e faça,novamente,o download.

<!> Salve-a no desktop,renomeada como: Kombo.exe

<!> Ps: Nomeie durante o salvamento,e não após salvá-la!

<!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em Modo de Segurança. <-- Link!

<!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

<!> Ps: Evite executar,voluntariamente,esta ferramenta!Siga,àcima,todas as recomendações propostas.

<@> Abrir-se-á a janela Auto Scan. --> Aguarde!

<@> Àfim de completar as remoções,o ComboFix poderá reiniciar o computador.

<@> Se houver necessidade,digite a opção para continuar! --> ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

<@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante!

<@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter!

-----------------------------------------

<@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Artur Luis    0

Artur Luis
Postado
Boa Noite! Artur Luis

 

<@> Baixe: < ComboFix.exe > ( ...by sUBs )

<@> Salve-o no Desktop!

<@> Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! )

<@> Feche todas as janelas e execute a ferramenta!

<@> Na solicitação: "Negação de garantia de software" --> Clique em Sim!

<@> Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo!

 

<!> Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta e faça,novamente,o download.

<!> Salve-a no desktop,renomeada como: Kombo.exe

<!> Ps: Nomeie durante o salvamento,e não após salvá-la!

<!> Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em Modo de Segurança. <-- Link!

<!> Ps: Para completar as remoções,talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

<!> Ps: Evite executar,voluntariamente,esta ferramenta!Siga,àcima,todas as recomendações propostas.

<@> Abrir-se-á a janela Auto Scan. --> Aguarde!

<@> Àfim de completar as remoções,o ComboFix poderá reiniciar o computador.

<@> Se houver necessidade,digite a opção para continuar! --> ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

<@> Durante o scan,evite manusear o mouse ou teclado! <-- Importante!

<@> Para parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter!

-----------------------------------------

<@> Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado.

 

Abraços!

 

Boa noite, tive problemas com o Virtua, sem conexão, chuvas e raios em São Paulo, porisso demorei a responder, segue relatorio atualizado do ComboFix e HijackThis; reparei que os problemas citados sumiram aparentemente, mas começou uma lentidão tremenda para abrir as páginas da Internet: Obrigado:

 

ComboFix 09-02-06.04 - Administrador 2009-02-07 20:03:51.3 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.383.143 [GMT -2:00]

Running from: C:\Kombo.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

.

 

((((((((((((((((((((((((( Files Created from 2009-01-07 to 2009-02-07 )))))))))))))))))))))))))))))))

.

 

2009-02-07 20:01 . 2009-02-07 20:01 2,918,964 -ra------ C:\Kombo.exe

2009-02-06 09:02 . 2009-02-06 09:02 28,992 --a------ c:\documents and settings\Administrador\Dados de aplicativos\GDIPFONTCACHEV1.DAT

2009-02-05 15:29 . 2009-02-05 15:37 <DIR> d-------- C:\Lop SD

2009-02-05 15:28 . 2009-02-05 15:28 530,106 --a------ C:\LopSD.exe

2009-02-05 09:33 . 2009-02-05 09:33 <DIR> d-------- c:\arquivos de programas\RAR descompactador

2009-02-05 09:25 . 2009-02-05 09:40 <DIR> d-------- c:\arquivos de programas\findlop

2009-02-04 21:22 . 2009-02-07 19:56 <DIR> d-------- C:\HijackThis

2009-02-04 11:00 . 2009-02-04 12:43 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Spybot - Search & Destroy

2009-02-04 11:00 . 2009-02-04 11:01 <DIR> d-------- c:\arquivos de programas\Spybot - Search & Destroy

2009-01-31 20:34 . 2009-01-31 20:34 <DIR> d-------- c:\arquivos de programas\MSXML 4.0

2009-01-29 20:00 . 2009-01-29 20:00 <DIR> d-------- c:\documents and settings\Administrador\Dados de aplicativos\Corel

2009-01-29 19:55 . 2009-01-29 19:55 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\Corel

2009-01-29 19:53 . 2009-01-29 19:53 <DIR> d-------- c:\arquivos de programas\Corel

2009-01-29 16:52 . 2009-01-29 16:52 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\xing shared

2009-01-29 16:51 . 2009-01-29 16:51 <DIR> d-------- C:\Program Files

2009-01-29 16:51 . 2009-01-29 16:52 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\Real

2009-01-16 23:32 . 2006-10-22 12:22 88,691 --a------ c:\windows\system32\nvapps.nvb

2009-01-16 23:30 . 2009-01-16 23:30 <DIR> d-------- C:\NVIDIA

2009-01-16 23:30 . 2006-10-22 15:06 208,896 --a------ c:\windows\system32\NVUNINST.EXE

2009-01-16 23:24 . 2001-08-23 14:42 1,875,968 --a------ c:\windows\system32\msir3jp.lex

2009-01-16 23:24 . 2001-08-23 14:42 1,875,968 --a--c--- c:\windows\system32\dllcache\msir3jp.lex

2009-01-16 23:24 . 2001-08-23 14:42 1,158,818 --a------ c:\windows\system32\korwbrkr.lex

2009-01-16 23:24 . 2001-08-23 14:42 1,158,818 --a--c--- c:\windows\system32\dllcache\korwbrkr.lex

2009-01-16 23:24 . 2001-08-23 14:42 2,060 --a------ c:\windows\system32\noise.jpn

2009-01-16 23:24 . 2001-08-23 14:42 1,486 --a------ c:\windows\system32\noise.kor

2009-01-16 23:22 . 2001-08-23 14:42 311,359 --a--c--- c:\windows\system32\dllcache\imepadsv.exe

2009-01-16 23:16 . 2001-08-18 06:36 8,704 --a------ c:\windows\system32\kbdjpn.dll

2009-01-16 23:16 . 2001-08-18 06:36 8,704 --a--c--- c:\windows\system32\dllcache\kbdjpn.dll

2009-01-16 23:16 . 2001-08-18 06:36 8,192 --a------ c:\windows\system32\kbdkor.dll

2009-01-16 23:16 . 2001-08-18 06:36 8,192 --a--c--- c:\windows\system32\dllcache\kbdkor.dll

2009-01-16 23:16 . 2008-04-14 00:18 6,144 --a------ c:\windows\system32\kbd106.dll

2009-01-16 23:16 . 2001-08-17 22:55 6,144 --a------ c:\windows\system32\kbd101c.dll

2009-01-16 23:16 . 2001-08-17 22:55 6,144 --a------ c:\windows\system32\kbd101b.dll

2009-01-16 23:16 . 2008-04-14 00:18 6,144 --a--c--- c:\windows\system32\dllcache\kbd106.dll

2009-01-16 23:16 . 2001-08-17 22:55 6,144 --a--c--- c:\windows\system32\dllcache\kbd101c.dll

2009-01-16 23:16 . 2001-08-17 22:55 6,144 --a--c--- c:\windows\system32\dllcache\kbd101b.dll

2009-01-16 23:16 . 2001-08-17 22:55 5,632 --a------ c:\windows\system32\kbd103.dll

2009-01-16 23:16 . 2001-08-17 22:55 5,632 --a--c--- c:\windows\system32\dllcache\kbd103.dll

2009-01-16 23:07 . 2009-02-07 13:47 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\Google Updater

2009-01-16 23:07 . 2009-01-16 23:09 <DIR> d-------- c:\arquivos de programas\Google

2009-01-16 23:06 . 2009-01-16 23:07 <DIR> d-------- c:\arquivos de programas\Google Earth

2009-01-16 13:42 . 2009-01-16 13:42 <DIR> d-------- c:\arquivos de programas\Windows Journal Viewer

2009-01-16 00:27 . 2009-02-06 23:30 <DIR> d-------- c:\documents and settings\Administrador\Tracing

2009-01-16 00:25 . 2009-01-16 00:25 <DIR> d-------- c:\arquivos de programas\Microsoft Sync Framework

2009-01-16 00:23 . 2009-01-16 00:23 <DIR> d-------- c:\arquivos de programas\Microsoft

2009-01-16 00:15 . 2009-01-16 00:15 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\Windows Live

2009-01-16 00:14 . 2009-01-16 13:44 <DIR> d-------- c:\arquivos de programas\MSN9

2009-01-10 19:42 . 2009-01-15 15:20 <DIR> d-------- c:\windows\Album

2009-01-10 19:42 . 2009-01-10 19:42 <DIR> d-------- c:\arquivos de programas\KYE

2009-01-10 19:42 . 2002-07-03 11:44 53,248 --a------ c:\windows\amcap.exe

2009-01-10 19:41 . 2009-01-10 19:41 <DIR> d-------- c:\arquivos de programas\Arquivos comuns\snpstd

2009-01-10 19:41 . 2004-06-25 11:44 331,008 --a------ c:\windows\system32\drivers\snpstd.sys

2009-01-10 19:41 . 2004-06-10 13:48 286,720 --a------ c:\windows\vsnpstd.exe

2009-01-10 19:41 . 2003-04-21 14:09 245,408 --a------ c:\windows\system32\unicows.dll

2009-01-10 19:41 . 2004-02-16 13:59 61,440 --a------ c:\windows\system32\csnpstd.dll

2009-01-10 19:41 . 2004-06-23 16:13 57,344 --a------ c:\windows\system32\rsnpstd.dll

2009-01-10 19:41 . 2004-05-06 11:22 53,248 --a------ c:\windows\system32\dsnpstd.dll

2009-01-10 19:41 . 2004-05-25 17:21 36,864 --a------ c:\windows\system32\vsnpstd.dll

2009-01-10 19:41 . 2004-05-25 16:13 36,864 --a------ c:\windows\system32\dsnpstd.ax

2009-01-10 19:41 . 2004-02-23 15:19 20,480 --a------ c:\windows\usnpstd.exe

2009-01-10 19:41 . 2003-01-17 17:34 15,541 --a------ c:\windows\snpstd.ini

2009-01-10 19:41 . 2003-01-17 17:35 13,023 --a------ c:\windows\snpstd.src

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-02-05 14:31 --------- d-----w c:\arquivos de programas\Windows Media Connect 2

2009-02-05 12:49 --------- d-----w c:\arquivos de programas\Messenger Plus! Live

2009-02-05 12:28 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\WinZip

2009-02-04 21:26 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\Free Download Manager

2009-02-03 22:13 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\LimeWire

2009-02-03 13:27 --------- d-----w c:\arquivos de programas\Java

2009-01-29 21:58 --------- d--h--w c:\arquivos de programas\InstallShield Installation Information

2009-01-29 21:55 --------- d-----w c:\arquivos de programas\Arquivos comuns\InstallShield

2009-01-26 19:31 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\avg8

2009-01-26 19:29 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys

2009-01-26 19:29 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys

2009-01-26 19:29 10,520 ----a-w c:\windows\system32\avgrsstx.dll

2009-01-17 01:19 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\Software Informer

2009-01-16 02:26 --------- d-----w c:\arquivos de programas\Windows Live

2009-01-16 02:25 --------- d-----w c:\arquivos de programas\Windows Live Toolbar

2009-01-15 17:20 --------- d-----w c:\documents and settings\All Users\Dados de aplicativos\WLInstaller

2009-01-06 16:23 --------- d-----w c:\arquivos de programas\NickOnline

2009-01-06 03:09 --------- d-----w c:\arquivos de programas\PhotoScape

2009-01-04 16:38 --------- d-----w c:\arquivos de programas\IObit

2008-12-15 22:35 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\IObit

2008-12-15 22:29 --------- d-----w c:\arquivos de programas\Yahoo!

2008-12-15 22:28 --------- d-----w c:\arquivos de programas\Auslogics

2008-12-15 22:11 --------- d-----w c:\arquivos de programas\LimeWire

2008-12-14 14:50 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\Yahoo!

2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys

2008-12-09 14:45 --------- d-----w c:\arquivos de programas\Conduit

2008-12-03 00:37 49,480 ----a-w c:\windows\system32\sirenacm.dll

2008-11-10 07:43 410,984 ----a-w c:\windows\system32\deploytk.dll

.

 

((((((((((((((((((((((((((((( snapshot@2009-02-04_19.34.38,17 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-02-07 21:20:05 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_6f4.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"SmartRAM"="c:\arquivos de programas\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2009-01-06 202064]

"swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-16 39408]

"Advanced SystemCare 3"="c:\arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe" [2009-01-09 2262352]

"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2008-11-10 136600]

"SpybotSD TeaTimer"="c:\arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG8_TRAY"="c:\arquiv~1\AVG\AVG8\avgtray.exe" [2009-01-26 1601304]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]

"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2008-11-10 136600]

"TkBellExe"="c:\arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" [2009-01-29 185872]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-01-26 17:29 10520 c:\windows\system32\avgrsstx.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"ServiceLayer"=3 (0x3)

"SeaPort"=2 (0x2)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgemc.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"=

"c:\\Arquivos de programas\\AVG\\AVG8\\avgnsx.exe"=

"c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

 

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-27 325128]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-11-27 107272]

R2 avg8emc;AVG Free8 E-mail Scanner;c:\arquiv~1\AVG\AVG8\avgemc.exe [2008-11-27 903960]

R2 avg8wd;AVG Free8 WatchDog;c:\arquiv~1\AVG\AVG8\avgwdsvc.exe [2008-11-27 298264]

S4 SeaPort;SeaPort;c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]

.

Contents of the 'Scheduled Tasks' folder

 

2009-02-07 c:\windows\Tasks\AWC AutoSweep.job

- c:\arquivos de programas\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-01-06 11:32]

 

2009-02-06 c:\windows\Tasks\AWC Update.job

- c:\arquivos de programas\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-01-06 11:37]

 

2009-02-06 c:\windows\Tasks\AWC Update.job

- c:\arquivos de programas\IObit\Advanced SystemCare 3\ [2009-02-07 19:21]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.uol.com.br/

mStart Page = hxxp://www.msn.com

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: Baixar com o FDM - file://c:\arquivos de programas\Free Download Manager\dllink.htm

IE: Baixar tudo com o FDM - file://c:\arquivos de programas\Free Download Manager\dlall.htm

IE: Download selecionado pelo FDM - file://c:\arquivos de programas\Free Download Manager\dlselected.htm

IE: Download video with Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office10\EXCEL.EXE/3000

IE: Easy-WebPrint Add To Print List - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

IE: Easy-WebPrint High Speed Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

IE: Easy-WebPrint Preview - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

IE: Easy-WebPrint Print - c:\arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

Trusted Zone: lop.com

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-02-07 20:07:26

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

Completion time: 2009-02-07 20:10:23

ComboFix-quarantined-files.txt 2009-02-07 22:10:18

ComboFix2.txt 2009-02-07 21:46:50

ComboFix3.txt 2009-02-04 21:36:35

 

Pre-Run: 17 pasta(s) 66.456.780.800 bytes disponíveis

Post-Run: 17 pasta(s) 66,450,780,160 bytes disponíveis

 

187 --- E O F --- 2009-01-31 22:35:09

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:56:27, on 7/2/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Arquivos de programas\Windows Live\Toolbar\wltuser.exe

C:\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - (no file)

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [smartRAM] "C:\Arquivos de programas\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Arquivos de programas\IObit\Advanced SystemCare 3\AWC.exe" /startup

O4 - HKCU\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre6\bin\jusched.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Baixar com o FDM - file://C:\Arquivos de programas\Free Download Manager\dllink.htm

O8 - Extra context menu item: Baixar tudo com o FDM - file://C:\Arquivos de programas\Free Download Manager\dlall.htm

O8 - Extra context menu item: Download selecionado pelo FDM - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Arquivos de programas\Canon\Easy-WebPrint\Resource.dll/RC_Print.html

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O15 - Trusted Zone: http://*.lop.com

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://gamenextus.oberon-media.com/Gameshe...ronGameHost.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 9831 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Noite! Artur Luis

 

<!> Retire este site,nos ajustes de segurança do IE,de estar como preferencial.

 

O15 - Trusted Zone: http://*.lop.com <--

 

reparei que os problemas citados sumiram aparentemente, mas começou uma lentidão tremenda para abrir as páginas da Internet: Obrigado:

<!> Utilize o Firefox,quando o IE não estiver apresentando uma boa funcionalidade.

---------------------------------

<@> Vá em Iniciar --> Executar --> Digite ou cole: combofix.exe /u --> Clique OK.

<@> Abrir-se-á,a seguinte janela: ( Abrir arquivo - Aviso de Segurança )

<@> Clique em Executar --> Aguarde!

<@> Surgirá,finalmente,a mensagem: "ComboFix está desinstalado" --> Clique OK.

<@> Caso encontre,apague: C:\ComboFix <-- A pasta! + C:\ComboFix.txt <-- Relatório!

---------------------------------

<!> O log está limpo! ^_^

<!> Creio que CiD,não lhe incomoda mais...

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Artur Luis    0

Artur Luis
Postado
Boa Noite! Artur Luis

 

<!> Retire este site,nos ajustes de segurança do IE,de estar como preferencial.

 

O15 - Trusted Zone: http://*.lop.com <--

 

reparei que os problemas citados sumiram aparentemente, mas começou uma lentidão tremenda para abrir as páginas da Internet: Obrigado:

<!> Utilize o Firefox,quando o IE não estiver apresentando uma boa funcionalidade.

---------------------------------

<@> Vá em Iniciar --> Executar --> Digite ou cole: combofix.exe /u --> Clique OK.

<@> Abrir-se-á,a seguinte janela: ( Abrir arquivo - Aviso de Segurança )

<@> Clique em Executar --> Aguarde!

<@> Surgirá,finalmente,a mensagem: "ComboFix está desinstalado" --> Clique OK.

<@> Caso encontre,apague: C:\ComboFix <-- A pasta! + C:\ComboFix.txt <-- Relatório!

---------------------------------

<!> O log está limpo! ^_^

<!> Creio que CiD,não lhe incomoda mais...

 

Abraços!

 

Muito obrigado, o problema está resolvido. :rolleyes:

Uma última dúvida, tenho instalado Spybot-SD, e as vezes abre uma janela com entradas que solicita "negar" ou "permitir", o que exatamente é isso?

 

Grande abraço

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Bom Dia! Artur Luis

 

Uma última dúvida, tenho instalado Spybot-SD, e as vezes abre uma janela com entradas que solicita "negar" ou "permitir", o que exatamente é isso?

<!> É a proteção "Tea Timer,que alerta sobre qualquer modificação ao registro. Daí,o motivo de desabilitá-lo,nas análises de logs.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito