Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

lumis

[Resolvido!] Suspeita de virus

Por , em Tópicos Resolvidos (Seguranca & Malwares)

Recommended Posts

lumis    0

lumis
Postado

Logfile of HijackThis v1.99.1

Scan saved at 19:23:44, on 19-02-2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SupportAppPT\ztemon.exe

C:\Programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Programas\Alwil Software\Avast4\ashWebSv.exe

C:\Programas\Apoint2K\Apoint.exe

C:\Programas\TOSHIBA\Touch and Launch\PadExe.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Programas\TOSHIBA\E-KEY\CeEKey.exe

C:\Programas\TOSHIBA\TouchPad\TPTray.exe

C:\Programas\TOSHIBA\Accessibility\FnKeyHook.exe

C:\WINDOWS\system32\ZoomingHook.exe

C:\WINDOWS\system32\TCtrlIOHook.exe

C:\Programas\TOSHIBA\Controlos TOSHIBA\TFncKy.exe

C:\Programas\TOSHIBA\Tvs\TvsTray.exe

C:\Programas\TOSHIBA\ConfigFree\NDSTray.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Programas\Windows Defender\MSASCui.exe

C:\Programas\Java\jre1.6.0_07\bin\jusched.exe

C:\Programas\TOSHIBA\TOSCDSPD\toscdspd.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\Apoint2K\Apntex.exe

C:\WINDOWS\system32\RAMASST.exe

C:\Programas\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\Programas\Windows Live\Messenger\usnsvc.exe

C:\WINDOWS\system32\DrvSvc.exe

C:\Programas\MODEM MF620\Modem.exe

C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\Programas\WinRAR\WinRAR.exe

C:\DOCUME~1\Toshiba\DEFINI~1\Temp\Rar$EX03.016\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [Apoint] C:\Programas\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [PadTouch] C:\Programas\TOSHIBA\Touch and Launch\PadExe.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [CeEKEY] C:\Programas\TOSHIBA\E-KEY\CeEKey.exe

O4 - HKLM\..\Run: [TPNF] C:\Programas\TOSHIBA\TouchPad\TPTray.exe

O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Programas\TOSHIBA\Accessibility\FnKeyHook.exe

O4 - HKLM\..\Run: [HWSetup] C:\Programas\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP

O4 - HKLM\..\Run: [sVPWUTIL] C:\Programas\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL

O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe

O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe

O4 - HKLM\..\Run: [Tvs] C:\Programas\TOSHIBA\Tvs\TvsTray.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKCU\..\Run: [TOSCDSPD] C:\Programas\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [serviço de Drivers] C:\WINDOWS\system32\DrvSvc.exe

O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Programas\Microsoft Office\OFFICE11\ONENOTEM.EXE

O4 - Global Startup: CD do software adicional.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Programas\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=23100

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{215ACA7A-BF22-41D5-B114-948F353DBD40}: NameServer = 212.55.154.174 10.11.12.14

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programas\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: ZTE CDROM Monitor - Unknown owner - C:\WINDOWS\system32\SupportAppPT\ztemon.exe

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Noite! lumis

 

<@> Faça um scan online em: < Kaspersky >

<@> Utilize para isso,o navegador Internet Explorer.

 

<!> Acesse o site,e clique em: < kasperdx9.jpg >

 

<@> Na próxima página,clique em: I Accept

<@> Isto,para que se instale o controle ActiveX e,em seguida,atualize o banco de dados.

<@> Na próxima página,clique em: My Computer e faça o scan.

<@> Tenha paciência!

<@> Aguarde a atualização da base de dados,e também do exame,que é demorado.

<@> Terminando,salve e poste o relatório.

<@> Clique em Save Report As... para salvar o log. ( Kaspersky_Online_Scanner_7_Report.txt )

<@> Salve o resultado como .txt,segundo a imagem abaixo:

 

Kas-Savetxt.gif

 

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

lumis    0

lumis
Postado

Resultado do scan

 

 

 

--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7 REPORT

Saturday, February 21, 2009

Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)

Kaspersky Online Scanner 7 version: 7.0.25.0

Program database last update: Saturday, February 21, 2009 10:27:28

Records in database: 1825617

--------------------------------------------------------------------------------

 

Scan settings:

Scan using the following database: extended

Scan archives: yes

Scan mail databases: yes

 

Scan area - My Computer:

C:\

D:\

 

Scan statistics:

Files scanned: 58635

Threat name: 3

Infected objects: 8

Suspicious objects: 0

Duration of the scan: 01:50:06

 

 

File name / Threat name / Threats count

C:\WINDOWS\system32\DrvSvc.exe/C:\WINDOWS\system32\DrvSvc.exe Infected: Trojan.Win32.Agent2.dvd 1

C:\Documents and Settings\Toshiba\Definições locais\Temp\29.tmp Infected: Trojan-Dropper.Win32.Agent.ahkb 1

C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\54OK26U8\index1[1].htm Infected: Exploit.HTML.Mht 1

C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\9QO9NSXR\index1[1].htm Infected: Exploit.HTML.Mht 1

C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\Z65Y2S8X\index1[2].htm Infected: Exploit.HTML.Mht 1

C:\WINDOWS\Imag014.exe Infected: Trojan-Dropper.Win32.Agent.ahkb 1

C:\WINDOWS\system32\DrvSvc.exe Infected: Trojan.Win32.Agent2.dvd 1

C:\WINDOWS\system32\Imag014.zip Infected: Trojan-Dropper.Win32.Agent.ahkb 1

 

The selected area was scanned.

 

 

 

 

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 12:57:38, on 21-02-2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\Apoint2K\Apoint.exe

C:\Programas\TOSHIBA\Touch and Launch\PadExe.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Programas\TOSHIBA\E-KEY\CeEKey.exe

C:\Programas\TOSHIBA\TouchPad\TPTray.exe

C:\Programas\TOSHIBA\Accessibility\FnKeyHook.exe

C:\WINDOWS\system32\ZoomingHook.exe

C:\WINDOWS\system32\TCtrlIOHook.exe

C:\Programas\TOSHIBA\Controlos TOSHIBA\TFncKy.exe

C:\Programas\TOSHIBA\Tvs\TvsTray.exe

C:\Programas\TOSHIBA\ConfigFree\NDSTray.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Programas\Windows Defender\MSASCui.exe

C:\Programas\Java\jre1.6.0_07\bin\jusched.exe

C:\Programas\TOSHIBA\TOSCDSPD\toscdspd.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\DrvSvc.exe

C:\Programas\Apoint2K\Apntex.exe

C:\WINDOWS\system32\RAMASST.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SupportAppPT\ztemon.exe

C:\Programas\MODEM MF620\Modem.exe

C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\Programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Programas\Alwil Software\Avast4\ashWebSv.exe

C:\Programas\WinRAR\WinRAR.exe

C:\DOCUME~1\Toshiba\DEFINI~1\Temp\Rar$EX00.672\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [Apoint] C:\Programas\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [PadTouch] C:\Programas\TOSHIBA\Touch and Launch\PadExe.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [CeEKEY] C:\Programas\TOSHIBA\E-KEY\CeEKey.exe

O4 - HKLM\..\Run: [TPNF] C:\Programas\TOSHIBA\TouchPad\TPTray.exe

O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Programas\TOSHIBA\Accessibility\FnKeyHook.exe

O4 - HKLM\..\Run: [HWSetup] C:\Programas\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP

O4 - HKLM\..\Run: [sVPWUTIL] C:\Programas\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL

O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe

O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe

O4 - HKLM\..\Run: [Tvs] C:\Programas\TOSHIBA\Tvs\TvsTray.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKCU\..\Run: [TOSCDSPD] C:\Programas\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [serviço de Drivers] C:\WINDOWS\system32\DrvSvc.exe

O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Programas\Microsoft Office\OFFICE11\ONENOTEM.EXE

O4 - Global Startup: CD do software adicional.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Programas\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=23100

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{215ACA7A-BF22-41D5-B114-948F353DBD40}: NameServer = 212.55.154.174 10.11.12.14

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programas\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: ZTE CDROM Monitor - Unknown owner - C:\WINDOWS\system32\SupportAppPT\ztemon.exe

 

 

 

Cumprimentos

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Tarde! lumis

 

<@> Baixe: < Kaspersky Virus Removal Tool >

<@> Salve-o em Arquivos de Programas,e instale-o aí mesmo!

<@> Reinicie o computador,em Modo de Segurança! <-- Importante!

<@> Dê início ao exame,clicando em "Scan".

<@> A verificação é muito demorada. Aguarde!Pois há casos de 18horas de escaneamento/desinfecção.

<@> Caso seja encontrada infecções,clique em "disinfect".

<@> Terminando,clique na aba Events.

<@> Desmarque a caixa de seleção "Show all events".

<@> Clique em "Save to file".

<@> Nomeie-o e salve-o no desktop! <-- Relatório para postagem!

<@> Poste,também,HijackThis atualizado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

lumis    0

lumis
Postado

Resultado de scan/desinfecção Kaspersky

 

 

Scan

----

Scanned: 383473

Detected: 8

Untreated: 0

Start time: 21-02-2009 20:23:09

Duration: 03:51:30

Finish time: 22-02-2009 0:14:39

 

 

Detected

--------

Status Object

------ ------

deleted: Trojan program Trojan.Win32.Agent2.dvd File: c:\windows\system32\drvsvc.exe

deleted: Trojan program Trojan-Dropper.Win32.Agent.ahkb File: C:\Documents and Settings\Toshiba\Definições locais\Temp\29.tmp/Imag014.exe

deleted: Trojan program Exploit.HTML.Mht File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\54OK26U8\index1[1].htm

deleted: Trojan program Exploit.HTML.Mht File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\9QO9NSXR\index1[1].htm

deleted: Trojan program Exploit.HTML.Mht File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\Z65Y2S8X\index1[2].htm

deleted: Trojan program Trojan-Dropper.Win32.Agent.ahkb File: C:\WINDOWS\Imag014.exe

disinfected: Trojan program Trojan-Dropper.Win32.Agent.ahkb File: C:\WINDOWS\system32\Imag014.zip/Imag014.exe

disinfected: Trojan program Trojan-Dropper.Win32.Agent.ahkb File: C:\WINDOWS\system32\Imag014.zip

 

 

Events

------

Time Name Status Reason

---- ---- ------ ------

21-02-2009 20:25:23 File: c:\windows\system32\drvsvc.exe detected Trojan program 'Trojan.Win32.Agent2.dvd'

21-02-2009 20:25:23 File: c:\windows\system32\drvsvc.exe not disinfected postponed

21-02-2009 20:27:24 File: c:\windows\system32\drvsvc.exe detected Trojan program 'Trojan.Win32.Agent2.dvd'

21-02-2009 20:27:24 File: c:\windows\system32\drvsvc.exe not disinfected postponed

21-02-2009 20:35:46 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\29.tmp/Imag014.exe detected Trojan program 'Trojan-Dropper.Win32.Agent.ahkb'

21-02-2009 20:35:46 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\29.tmp/Imag014.exe not disinfected postponed

21-02-2009 20:39:06 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\54OK26U8\index1[1].htm detected Trojan program 'Exploit.HTML.Mht'

21-02-2009 20:39:06 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\54OK26U8\index1[1].htm not disinfected postponed

21-02-2009 20:39:29 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\9QO9NSXR\index1[1].htm detected Trojan program 'Exploit.HTML.Mht'

21-02-2009 20:39:29 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\9QO9NSXR\index1[1].htm not disinfected postponed

21-02-2009 20:41:12 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\Z65Y2S8X\index1[2].htm detected Trojan program 'Exploit.HTML.Mht'

21-02-2009 20:41:12 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\Z65Y2S8X\index1[2].htm not disinfected postponed

21-02-2009 21:22:54 File: C:\WINDOWS\Imag014.exe detected Trojan program 'Trojan-Dropper.Win32.Agent.ahkb'

21-02-2009 21:22:55 File: C:\WINDOWS\Imag014.exe not disinfected postponed

21-02-2009 22:13:59 File: C:\WINDOWS\system32\DrvSvc.exe detected Trojan program 'Trojan.Win32.Agent2.dvd'

21-02-2009 22:13:59 File: C:\WINDOWS\system32\DrvSvc.exe not disinfected postponed

21-02-2009 22:14:24 File: C:\WINDOWS\system32\Imag014.zip/Imag014.exe detected Trojan program 'Trojan-Dropper.Win32.Agent.ahkb'

21-02-2009 22:14:24 File: C:\WINDOWS\system32\Imag014.zip/Imag014.exe not disinfected postponed

21-02-2009 22:30:00 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\29.tmp/Imag014.exe detected Trojan program 'Trojan-Dropper.Win32.Agent.ahkb'

21-02-2009 22:30:00 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\29.tmp/Imag014.exe not disinfected postponed

21-02-2009 22:33:21 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\54OK26U8\index1[1].htm detected Trojan program 'Exploit.HTML.Mht'

21-02-2009 22:33:21 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\54OK26U8\index1[1].htm not disinfected postponed

21-02-2009 22:33:44 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\9QO9NSXR\index1[1].htm detected Trojan program 'Exploit.HTML.Mht'

21-02-2009 22:33:44 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\9QO9NSXR\index1[1].htm not disinfected postponed

21-02-2009 22:35:06 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\Z65Y2S8X\index1[2].htm detected Trojan program 'Exploit.HTML.Mht'

21-02-2009 22:35:06 File: C:\Documents and Settings\Toshiba\Definições locais\Temp\Ficheiros temporários da Internet\Content.IE5\Z65Y2S8X\index1[2].htm not disinfected postponed

21-02-2009 23:14:46 File: C:\WINDOWS\Imag014.exe detected Trojan program 'Trojan-Dropper.Win32.Agent.ahkb'

21-02-2009 23:14:46 File: C:\WINDOWS\Imag014.exe not disinfected postponed

22-02-2009 0:05:15 File: C:\WINDOWS\system32\DrvSvc.exe detected Trojan program 'Trojan.Win32.Agent2.dvd'

22-02-2009 0:05:15 File: C:\WINDOWS\system32\DrvSvc.exe not disinfected postponed

22-02-2009 0:05:39 File: C:\WINDOWS\system32\Imag014.zip/Imag014.exe detected Trojan program 'Trojan-Dropper.Win32.Agent.ahkb'

22-02-2009 0:05:39 File: C:\WINDOWS\system32\Imag014.zip/Imag014.exe not disinfected postponed

22-02-2009 0:12:55 File: c:\windows\system32\drvsvc.exe detected Trojan program 'Trojan.Win32.Agent2.dvd'

22-02-2009 0:13:54 Startup object: HKEY_USERS\S-1-5-21-2442779184-3639647028-1491393961-1006\Software\Microsoft\Windows\CurrentVersion\Run\Serviço de Drivers disinfected Trojan program 'Trojan.Win32.Agent2.dvd'

22-02-2009 0:14:00 File: c:\windows\system32\drvsvc.exe deleted

22-02-2009 0:14:00 File: c:\documents and settings\toshiba\definições locais\temp\29.tmp/Imag014.exe detected Trojan program 'Trojan-Dropper.Win32.Agent.ahkb'

22-02-2009 0:14:09 File: c:\documents and settings\toshiba\definições locais\temp\29.tmp/Imag014.exe deleted

22-02-2009 0:14:09 File: c:\documents and settings\toshiba\definições locais\temp\ficheiros temporários da internet\content.ie5\54ok26u8\index1[1].htm detected Trojan program 'Exploit.HTML.Mht'

22-02-2009 0:14:25 File: c:\documents and settings\toshiba\definições locais\temp\ficheiros temporários da internet\content.ie5\54ok26u8\index1[1].htm deleted

22-02-2009 0:14:26 File: c:\documents and settings\toshiba\definições locais\temp\ficheiros temporários da internet\content.ie5\9qo9nsxr\index1[1].htm detected Trojan program 'Exploit.HTML.Mht'

22-02-2009 0:14:29 File: c:\documents and settings\toshiba\definições locais\temp\ficheiros temporários da internet\content.ie5\9qo9nsxr\index1[1].htm deleted

22-02-2009 0:14:30 File: c:\documents and settings\toshiba\definições locais\temp\ficheiros temporários da internet\content.ie5\z65y2s8x\index1[2].htm detected Trojan program 'Exploit.HTML.Mht'

22-02-2009 0:14:33 File: c:\documents and settings\toshiba\definições locais\temp\ficheiros temporários da internet\content.ie5\z65y2s8x\index1[2].htm deleted

22-02-2009 0:14:33 File: c:\windows\imag014.exe detected Trojan program 'Trojan-Dropper.Win32.Agent.ahkb'

22-02-2009 0:14:39 File: c:\windows\imag014.exe deleted

22-02-2009 0:14:39 File: c:\windows\system32\imag014.zip detected Trojan program 'Trojan-Dropper.Win32.Agent.ahkb' by hash

22-02-2009 0:14:39 File: c:\windows\system32\imag014.zip overwritten with previously disinfected copy

 

 

Statistics

----------

Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted

------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------

 

 

Settings

--------

Parameter Value

--------- -----

Security Level Recommended

Action Prompt for action when the scan is complete

Run mode Manually

File types Scan all files

Scan only new and changed files No

Scan archives All

Scan embedded OLE objects All

Skip if object is larger than No

Skip if scan takes longer than No

Parse email formats No

Scan password-protected archives No

Enable iChecker technology No

Enable iSwift technology No

Show detected threats on "Detected" tab Yes

Rootkits search Yes

Deep rootkits search No

Use heuristic analyzer Yes

 

 

Quarantine

----------

Status Object Size Added

------ ------ ---- -----

 

 

Backup

------

Status Object Size

------ ------ ----

Infected: Trojan program Trojan-Dropper.Win32.Agent.ahkb c:\documents and settings\toshiba\definições locais\temp\29.tmp 24,8 KB

Infected: Trojan program Exploit.HTML.Mht c:\documents and settings\toshiba\definições locais\temp\ficheiros temporários da internet\content.ie5\9qo9nsxr\index1[1].htm 637 bytes

Infected: Trojan program Trojan.Win32.Agent2.dvd c:\windows\system32\drvsvc.exe 32 KB

Infected: Trojan program Trojan-Dropper.Win32.Agent.ahkb c:\windows\imag014.exe 92 KB

Infected: Trojan program Exploit.HTML.Mht c:\documents and settings\toshiba\definições locais\temp\ficheiros temporários da internet\content.ie5\z65y2s8x\index1[2].htm 638 bytes

Infected: Trojan program Exploit.HTML.Mht c:\documents and settings\toshiba\definições locais\temp\ficheiros temporários da internet\content.ie5\54ok26u8\index1[1].htm 637 bytes

Infected: Trojan program Trojan-Dropper.Win32.Agent.ahkb C:\WINDOWS\system32\Imag014.zip 24,8 KB

 

<><><><><><><><><>

Logfile of HijackThis v1.99.1

Scan saved at 0:35:29, on 22-02-2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\Apoint2K\Apoint.exe

C:\Programas\TOSHIBA\Touch and Launch\PadExe.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Programas\TOSHIBA\E-KEY\CeEKey.exe

C:\Programas\TOSHIBA\TouchPad\TPTray.exe

C:\Programas\TOSHIBA\Accessibility\FnKeyHook.exe

C:\WINDOWS\system32\ZoomingHook.exe

C:\WINDOWS\system32\TCtrlIOHook.exe

C:\Programas\TOSHIBA\Controlos TOSHIBA\TFncKy.exe

C:\Programas\TOSHIBA\Tvs\TvsTray.exe

C:\Programas\TOSHIBA\ConfigFree\NDSTray.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Programas\Windows Defender\MSASCui.exe

C:\Programas\Java\jre1.6.0_07\bin\jusched.exe

C:\Programas\TOSHIBA\TOSCDSPD\toscdspd.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\RAMASST.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\Apoint2K\Apntex.exe

C:\Programas\TOSHIBA\ConfigFree\CFSvcs.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\Programas\MODEM MF620\Modem.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\SupportAppPT\ztemon.exe

C:\Programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Programas\Alwil Software\Avast4\ashWebSv.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Programas\Internet Explorer\iexplore.exe

C:\Programas\WinRAR\WinRAR.exe

C:\DOCUME~1\Toshiba\DEFINI~1\Temp\Rar$EX00.953\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [Apoint] C:\Programas\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [PadTouch] C:\Programas\TOSHIBA\Touch and Launch\PadExe.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [CeEKEY] C:\Programas\TOSHIBA\E-KEY\CeEKey.exe

O4 - HKLM\..\Run: [TPNF] C:\Programas\TOSHIBA\TouchPad\TPTray.exe

O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Programas\TOSHIBA\Accessibility\FnKeyHook.exe

O4 - HKLM\..\Run: [HWSetup] C:\Programas\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP

O4 - HKLM\..\Run: [sVPWUTIL] C:\Programas\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL

O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe

O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe

O4 - HKLM\..\Run: [Tvs] C:\Programas\TOSHIBA\Tvs\TvsTray.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKCU\..\Run: [TOSCDSPD] C:\Programas\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Programas\Microsoft Office\OFFICE11\ONENOTEM.EXE

O4 - Global Startup: CD do software adicional.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Programas\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/AutoDL?BundleId=23100

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{215ACA7A-BF22-41D5-B114-948F353DBD40}: NameServer = 212.55.154.174 10.11.12.14

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programas\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe

O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe

O23 - Service: ZTE CDROM Monitor - Unknown owner - C:\WINDOWS\system32\SupportAppPT\ztemon.exe

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

Boa Noite! lumis

 

<!> Estando tudo Ok,crie um ponto limpo de Restauração do Sistema.

<!> Clique com o direito do mouse,em cima de Meu Computador --> Propriedades --> Restauração do Sistema.

<!> Marque: Desativar Restauração do Sistema --> Aplicar --> Ok.

<!> Depois,desmarque novamente! --> Aplicar --> Ok.

<!> Para maiores detalhes,vá em: < Docs >

<><><><><><><><><><>

<!> O log está limpo! ;)

<!> O computador foi desinfectado.

 

Abraços!

Compartilhar este post

Link para o post
Compartilhar em outros sites

DigRam    144

DigRam
Postado

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Resolvidos (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito