[Resolvido!] Pc faz barulho como uma catraca

DigRam · Agosto 16, 2009

Bom Dia! EDSSX

<!> A ferramenta ComboFix fez um bom trabalho. Mas...teremos que remove-la,pois poderemos necessitar de uma nova versão.

<!> Ps: Ainda não terminamos,restando-nos correções ou remoções com RunScanner.

<><><><><><><><><><>

<@> Vá em Iniciar --> Executar --> Digite ou cole: combofix.exe /u --> Clique OK.

<@> Abrir-se-á,a seguinte janela: ( Abrir arquivo - Aviso de Segurança )

<@> Clique em Executar --> Aguarde!

<@> Surgirá,finalmente,a mensagem: "ComboFix está desinstalado" --> Clique OK.

<@> Caso encontre,apague: D:\ComboFix <-- A pasta! + D:\ComboFix.txt <-- Relatório!

<><><><><><><><><><>

<@> Baixe: < > (...par A.Rothstein & dj Quiou )

<@> Salve-o no desktop!

<@> Feche programas que estejam abertos,e execute a ferramenta.

<@> Clique no botão Recherche,para iniciar o scan. <-- Aguarde!

<@> Terminando,teremos relacionados os itens que serão removidos.

<@> Clique no botão Supression para remover os itens encontrados.

<@> Clique,à seguir,em Quitter.

<@> Poste o relatório: ( D:\TCleaner.txt ) <--

<><><><><><><><><><>

<@> Baixe: < Runscanner v. 1.8.1.0 >

<@> Salve-o no Disco local(D) ou Desktop.

<@> Descompacte-o e reserve o executável. ( RunScanner.exe )

<@> Abra o programa e,com o botão Expert mode já marcado,clique Ok.

<@> Feche todas as janelas/programas,antes de executar este utilitário.

<@> Rode-o,clicando em Scan computer. --> Aguarde!

<@> Terminando,clique no menu: "Online analysis" <-- Esteja conectado!

<@> Abrirá a página: "online malware analysis report"

<@> Copie o resultado desta análise;Report Url:,para o seu computador. ( report.aspx )

<@> Coloque-o em um zip,dispondo-o no Desktop.

<@> Mantenha a extenção ( .aspx ),ao copiá-lo!

<@> Não desejando a verificação OnLine,salve-o como Arquivo RUN. <-- Recomendado!

<@> Clique em "Save Run File" --> Coloque-o em um zip,dispondo-o na área de trabalho.

<@> Vá,agora,à este endereço: < Badongo >

<@> Faça upload do report.aspx.zip ou runscanner.run,que estão no desktop,para esse servidor. <-- Badongo!

<@> Copie o(s) endereço(s),que lhe serão fornecidos,para este Tópico. ( Report Url: ) ou ( Arquivo RUN )

Abraços!

EDSSX · Agosto 16, 2009

Boa Tarde !

Ao iniciar o combofix as vezes pede ser atualizado on line .

Segue os links :

http://www.badongo.com/?page=upload_m_complete&s=&msg_u=http%3A%2F%2Fwww.badongo.com%2Ffile%2F16621953%0A&msg_e=

E o .

http://www.badongo.com/file/16621953

Segue log do ToolsCleaner :

[ Rapport ToolsCleaner version 2.3.10 (par A.Rothstein & dj QUIOU) ]

--> Recherche:

D:\Combofix.txt: trouvé !

D:\lopR.txt: trouvé !

D:\TB.txt: trouvé !

D:\Lop SD: trouvé !

D:\Qoobox: trouvé !

D:\Toolbar SD: trouvé !

D:\Lop SD\catchme.exe: trouvé !

D:\Lop SD\catchme.log: trouvé !

D:\Qoobox\Quarantine\catchme.log: trouvé !

D:\Qoobox\Quarantine\D\!Killbox: trouvé !

D:\Documents and Settings\edsom luis\Meus documentos\Downloads\LopSD.exe: trouvé !

D:\Documents and Settings\edsom luis\Meus documentos\Downloads\KillBox.exe: trouvé !

D:\Documents and Settings\edsom luis\Meus documentos\Downloads\ToolBarSD.exe: trouvé !

D:\Documents and Settings\edsom luis\Meus documentos\Downloads\dds.scr: trouvé !

D:\Documents and Settings\edsom luis\desktop\ComboFix.exe: trouvé !

D:\Documents and Settings\Administrador\Meus documentos\Downloads\ToolBarSD.exe: trouvé !

---------------------------------

--> Suppression:

D:\Lop SD\catchme.exe: supprimé !

D:\Documents and Settings\edsom luis\Meus documentos\Downloads\LopSD.exe: supprimé !

D:\Documents and Settings\edsom luis\Meus documentos\Downloads\KillBox.exe: supprimé !

D:\Documents and Settings\edsom luis\Meus documentos\Downloads\ToolBarSD.exe: supprimé !

D:\Documents and Settings\edsom luis\desktop\ComboFix.exe: ERREUR DE SUPPRESSION !!

D:\Documents and Settings\Administrador\Meus documentos\Downloads\ToolBarSD.exe: supprimé !

D:\Combofix.txt: supprimé !

D:\lopR.txt: supprimé !

D:\TB.txt: supprimé !

D:\Lop SD\catchme.log: supprimé !

D:\Qoobox\Quarantine\catchme.log: supprimé !

D:\Documents and Settings\edsom luis\Meus documentos\Downloads\dds.scr: supprimé !

D:\Lop SD: supprimé !

D:\Qoobox: supprimé !

D:\Toolbar SD: supprimé !

Segue log do runscanner :

Runscanner logfile

* = signed file

- = file not found

General info

------------

Computer name : EDIM

Creation time : 16/08/2009 12:16:36

Hosts <> 127.0.0.1 : 0

Hosts file location : %SystemRoot%\System32\drivers\etc

IE version : 8.0.6001.18702

OS : Microsoft Windows XP

OS Build : 2600

OS SP : Service Pack 3

RunScanner Version : 1.8.1.0

User Language : Português (Brasil)

User rights : Administrator

Windows folder : D:\WINDOWS

Running processes

-----------------

D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

D:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

D:\WINDOWS\system32\winlogon.exe (Microsoft Corporation)

* D:\WINDOWS\system32\services.exe (Microsoft Corporation)

* D:\WINDOWS\System32\alg.exe (Microsoft Corporation)

* D:\WINDOWS\system32\csrss.exe (Microsoft Corporation)

D:\WINDOWS\system32\rundll32.exe (Microsoft Corporation)

* D:\Arquivos de programas\Mozilla Firefox 3.5 Preview\firefox.exe (Mozilla Corporation)

D:\Arquivos de programas\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)

* D:\ARQUIV~1\GbPlugin\GbpSv.exe ( )

* D:\WINDOWS\System32\svchost.exe (Microsoft Corporation)

* D:\WINDOWS\system32\svchost.exe (Microsoft Corporation)

* D:\WINDOWS\System32\svchost.exe (Microsoft Corporation)

* d:\windows\System32\smss.exe (Microsoft Corporation)

* D:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe (Google)

* D:\Arquivos de programas\iolo\common\lib\ioloServiceManager.exe

* D:\Arquivos de programas\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

* D:\WINDOWS\system32\lsass.exe (Microsoft Corporation)

* D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

* D:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

* D:\DOCUME~1\EDSOML~1\CONFIG~1\Temp\Diretório temporário 1 para runscanner.zip\RunScanner.exe (Runscanner.net)

* D:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation)

D:\WINDOWS\Explorer.EXE (Microsoft Corporation)

* D:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation)

Unrated items

-------------

002 D:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

002 d:\arquivos de programas\malware defender\malwaredefender.exe (TorchSoft)

003 D:\Arquivos de programas\Gadwin Systems\PrintScreen\PrintScreen.exe (Gadwin Systems, Inc)

005 \Ai Meu Nariz.mp3

005 \AskScreen.ini

005 \b.gif

005 \Balão Mágico - Amigos do Peito.wma

005 \Balão Mágico - Amigos Para Sempre.mp3

005 \balao magico - Eu e Voce.mp3

005 \Balão Mágico - Se Enamora.mp3

005 \balao magico - zip e zap.mp3

005 \boot.ini

005 \dakeew.txt

005 \ExecSignature.txt

005 \GABRIEL FOTO.gif

005 \hiberfil.sys

005 \klextlock.dat

005 \pagefile.sys

005 \rising.ini

005 \SDSignature.txt

005 \sqmdata00.sqm

005 \sqmdata01.sqm

005 \sqmdata02.sqm

005 \sqmdata03.sqm

005 \sqmdata04.sqm

005 \sqmdata05.sqm

005 \sqmdata06.sqm

005 \sqmdata07.sqm

005 \sqmdata08.sqm

005 \sqmdata09.sqm

005 \sqmdata10.sqm

005 \sqmdata11.sqm

005 \sqmdata12.sqm

005 \sqmdata13.sqm

005 \sqmdata14.sqm

005 \sqmdata15.sqm

005 \sqmdata16.sqm

005 \sqmdata17.sqm

005 \sqmdata18.sqm

005 \sqmdata19.sqm

005 \sqmnoopt00.sqm

005 \sqmnoopt01.sqm

005 \sqmnoopt02.sqm

005 \sqmnoopt03.sqm

005 \sqmnoopt04.sqm

005 \sqmnoopt05.sqm

005 \sqmnoopt06.sqm

005 \sqmnoopt07.sqm

005 \sqmnoopt08.sqm

005 \sqmnoopt09.sqm

005 \sqmnoopt10.sqm

005 \sqmnoopt11.sqm

005 \sqmnoopt12.sqm

005 \sqmnoopt13.sqm

005 \sqmnoopt14.sqm

005 \sqmnoopt15.sqm

005 \sqmnoopt16.sqm

005 \sqmnoopt17.sqm

005 \sqmnoopt18.sqm

005 \sqmnoopt19.sqm

005 \TCleaner.txt

005 \Titãs - Isso.mpg

005 \U2 & INXS-liveMexico.mp3

005 D:\WINDOWS\System32\msiexec.exe (Microsoft Corporation)

010 D:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira AntiVir Guard)

010 D:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira AntiVir Scheduler)

010 * D:\ARQUIV~1\GbPlugin\GbpSv.exe (Gbp Service)

010 D:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe (InstallDriver Table Manager)

010 * D:\Arquivos de programas\iolo\common\lib\ioloServiceManager.exe (iolo FileInfoList Service)

010 * D:\Arquivos de programas\iolo\common\lib\ioloServiceManager.exe (iolo Product Update Service)

010 * D:\Arquivos de programas\iolo\common\lib\ioloServiceManager.exe (iolo System Service)

010 d:\arquivos de programas\malware defender\mdservice.exe (Malware Defender Service)

010 D:\WINDOWS\system32\msiexec.exe (Windows Installer)

010 D:\Arquivos de programas\Windows Live\installer\WLSetupSvc.exe (Windows Live Setup Service)

011 * D:\WINDOWS\system32\72568.sys (72568)

011 * D:\WINDOWS\system32\9235D.sys (9235D)

011 * D:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys (avgio)

011 * D:\WINDOWS\system32\DRIVERS\avgntflt.sys (avgntflt)

011 * D:\WINDOWS\system32\DRIVERS\avipbb.sys (avipbb)

011 * D:\WINDOWS\system32\drivers\GbpKm.sys (Gbp KernelMode)

011 d:\windows\system32\drivers\gofhgcpp.sys (gofhgcpp)

011 * D:\WINDOWS\system32\DRIVERS\12878755.sys (is-AP9JMdrv)

011 * D:\WINDOWS\system32\DRIVERS\70906987.sys (is-C4H53drv)

011 * D:\WINDOWS\system32\drivers\mbamswissarmy.sys (MBAMSwissArmy)

011 * D:\WINDOWS\system32\DRIVERS\rspSanity32.sys (rspSanity)

011 * D:\WINDOWS\system32\DRIVERS\ssmdrv.sys (ssmdrv)

030 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {733AC4CB-F1A4-11d0-B951-00A0C90312E1}

031 D:\Arquivos de programas\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company) {CF184AD3-CDCB-4168-A3F7-8E447D129300}

031 D:\WINDOWS\system32\itss.dll (Microsoft Corporation) {9D148291-B9C8-11D0-A4CC-0000F80149F6}

031 D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) {0A9007C0-4076-11D3-8789-0000F8105754}

034 D:\WINDOWS\Explorer.exe (Microsoft Corporation)

042 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5}

044 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {01E04581-4EEE-11D0-BFE9-00AA005B4383}

045 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {01E04581-4EEE-11D0-BFE9-00AA005B4383}

045 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {0E5CBF21-D15F-11D0-8301-00AA005B4383}

050 D:\WINDOWS\system32\shell32.dll (Microsoft Corporation) {AEB6717E-7E19-11d0-97EE-00C04FD91972}

050 * D:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbiehcef.dll (Caixa Economica Federal) {E37CB5F0-51F5-4395-A808-5FA49E399003}

051 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {8C7461EF-2B13-11d2-BE35-3078302C2030}

051 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {438755C2-A8BA-11D1-B96B-00A0C90312E1}

052 * D:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbiehcef.dll (Caixa Economica Federal) {C41A1C0E-EA6C-11D4-B1B8-444553540003}

060 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {fbeb8a05-beee-4442-804e-409d6c4515e9}

060 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {7849596a-48ea-486e-8937-a2a3009f31a9}

060 D:\WINDOWS\system32\stobject.dll (Microsoft Corporation) {35CEC8A3-2BE6-11D2-8773-92E220524153}

060 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

061 D:\WINDOWS\system32\photowiz.dll (Microsoft Corporation) {60fd46de-f830-4894-a628-6fa81bc0190d}

061 D:\Arquivos de programas\Outlook Express\wabfind.dll (Microsoft Corporation) {32714800-2E5F-11d0-8B85-00AA0044F941}

061 D:\WINDOWS\system32\cabview.dll (Microsoft Corporation) {0CD7A5C0-9F37-11CE-AE65-08002B2E1262}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {7e653215-fa25-46bd-a339-34a2790f3cb7}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {DD313E04-FEFF-11d1-8ECD-0000F87A470C}

061 D:\WINDOWS\system32\netplwiz.dll (Microsoft Corporation) {CC6EEFFB-43F6-46c5-9619-51D571967F7D}

061 D:\WINDOWS\system32\wuaucpl.cpl (Microsoft Corporation) {5F327514-6C5E-4d60-8F16-D07FA08A78ED}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {F61FFEC1-754F-11d0-80CA-00AA005B4383}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {5E6AB780-7743-11CF-A12B-00AA004AE837}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {acf35015-526e-4230-9596-becbe19f0ac9}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {A08C11D2-A228-11d0-825B-00AA005B4383}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {67EA19A0-CCEF-11d0-8024-00C04FD75D13}

061 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {7D559C10-9FE9-11d0-93F7-00AA0059CE02}

061 D:\WINDOWS\system32\zipfldr.dll (Microsoft Corporation) {BD472F60-27FA-11cf-B8B4-444553540000}

061 D:\WINDOWS\system32\zipfldr.dll (Microsoft Corporation) {888DCA60-FC0A-11CF-8F0F-00C04FD7D062}

061 D:\WINDOWS\system32\NETSHELL.dll (Microsoft Corporation) {7007ACC7-3202-11D1-AAD2-00805FC1270E}

061 D:\WINDOWS\system32\NETSHELL.dll (Microsoft Corporation) {992CFFA0-F557-101A-88EC-00DD010CCC48}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}

061 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {E6CC6978-6B6E-11D0-BECA-00C04FD940BE}

061 D:\WINDOWS\system32\dsuiext.dll (Microsoft Corporation) {62AE1F9A-126A-11D0-A14B-0800361B1103}

061 D:\WINDOWS\system32\dsquery.dll (Microsoft Corporation) {163FDC20-2ABC-11d0-88F0-00A024AB2DBB}

061 D:\WINDOWS\system32\dsuiext.dll (Microsoft Corporation) {0D45D530-764B-11d0-A1CA-00AA00C16E65}

061 D:\WINDOWS\system32\dsquery.dll (Microsoft Corporation) {8A23E65E-31C2-11d0-891C-00A024AB2DBB}

061 D:\WINDOWS\system32\dsquery.dll (Microsoft Corporation) {F020E586-5264-11d1-A532-0000F8757D7E}

061 D:\WINDOWS\system32\deskperf.dll (Microsoft Corporation) {f92e8c40-3d33-11d2-b1aa-080036a75b03}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {01E04581-4EEE-11d0-BFE9-00AA005B4383}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}

061 D:\WINDOWS\system32\diskcopy.dll (Microsoft Corporation) {59099400-57FF-11CE-BD94-0020AF85B590}

061 D:\WINDOWS\system32\deskadp.dll (Microsoft Corporation) {42071712-76d4-11d1-8b24-00a0c9068ff3}

061 D:\WINDOWS\system32\deskmon.dll (Microsoft Corporation) {42071713-76d4-11d1-8b24-00a0c9068ff3}

061 D:\WINDOWS\system32\printui.dll (Microsoft Corporation) {77597368-7b15-11d0-a0c2-080036af3f03}

061 D:\WINDOWS\system32\ntshrui.dll (Microsoft Corporation) {40dd6e20-7c17-11ce-a804-00aa003ca9f6}

061 D:\WINDOWS\system32\ntshrui.dll (Microsoft Corporation) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}

061 D:\WINDOWS\system32\ntlanui2.dll (Microsoft Corporation) {59be4990-f85c-11ce-aff7-00aa003ca9f6}

061 D:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) {3F30C968-480A-4C6C-862D-EFC0897BB84B}

061 D:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) {EAB841A0-9550-11cf-8C16-00805F1408F3}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {EFA24E64-B078-11d0-89E4-00C04FC9E26E}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {EFA24E61-B078-11d0-89E4-00C04FC9E26E}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {D20EA4E1-3957-11d2-A40B-0C5020524153}

061 D:\WINDOWS\system32\mmsys.cpl (Microsoft Corporation) {00022613-0000-0000-C000-000000000046}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {D20EA4E1-3957-11d2-A40B-0C5020524152}

061 D:\WINDOWS\system32\fontext.dll (Microsoft Corporation) {BD84B380-8CA2-1069-AB1D-08000948F534}

061 D:\WINDOWS\system32\msieftp.dll (Microsoft Corporation) {63da6ec0-2e98-11cf-8d82-444553540000}

061 * D:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbiehcef.dll (Caixa Economica Federal) {E37CB5F0-51F5-4395-A808-5FA49E399003}

061 D:\WINDOWS\system32\icmui.dll (Microsoft Corporation) {675F097E-4C4D-11D0-B6C1-0800091AA605}

061 D:\WINDOWS\System32\icmui.dll (Microsoft Corporation) {5DB2625A-54DF-11D0-B6C4-0800091AA605}

061 D:\WINDOWS\system32\icmui.dll (Microsoft Corporation) {176d6597-26d3-11d1-b350-080036a75b03}

061 D:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) {9DBD2C50-62AD-11d0-B806-00C04FD706EC}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {131A6951-7F78-11D0-A979-00C04FD705A2}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {00BB2764-6A77-11D0-A535-00C04FD7D062}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {03C036F1-A186-11D0-824A-00AA005B4383}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {6756A641-DE71-11d0-831B-00AA005B4383}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}

061 D:\WINDOWS\system32\shscrap.dll (Microsoft Corporation) {56117100-C0CD-101B-81E2-00AA004AE837}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {ECD4FC4E-521C-11D0-B792-00A0C90312E1}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {A5E46E3A-8849-11D1-9D8C-00C04FC99D61}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {7BA4C742-9E81-11CF-99D3-00AA004AE837}

061 D:\WINDOWS\System32\mmcshext.dll (Microsoft Corporation) {7A80E4A8-8005-11D2-BCF8-00C04F72C717}

061 D:\WINDOWS\system32\mydocs.dll (Microsoft Corporation) {ECF03A33-103D-11d2-854D-006008059367}

061 D:\WINDOWS\system32\mydocs.dll (Microsoft Corporation) {ECF03A32-103D-11d2-854D-006008059367}

061 D:\WINDOWS\system32\mydocs.dll (Microsoft Corporation) {4a7ded0a-ad25-11d0-98a8-0800361b1103}

061 D:\WINDOWS\system32\netplwiz.dll (Microsoft Corporation) {6b33163c-76a5-4b6c-bf21-45de9cd503a1}

061 D:\WINDOWS\system32\netplwiz.dll (Microsoft Corporation) {58f1f272-9240-4f51-b6d4-fd63d1618591}

061 D:\WINDOWS\System32\cscui.dll (Microsoft Corporation) {10CFC467-4392-11d2-8DB4-00C04FA31A66}

061 D:\WINDOWS\System32\cscui.dll (Microsoft Corporation) {750fdf0e-2a26-11d1-a3ea-080036587f03}

061 D:\WINDOWS\system32\zipfldr.dll (Microsoft Corporation) {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31}

061 D:\WINDOWS\System32\cscui.dll (Microsoft Corporation) {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {91EA3F8B-C99B-11d0-9815-00C04FD91972}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {6413BA2C-B461-11d1-A18A-080036B11A03}

061 D:\WINDOWS\system32\netplwiz.dll (Microsoft Corporation) {add36aa8-751a-4579-a266-d66f5202ccbb}

061 D:\WINDOWS\system32\icmui.dll (Microsoft Corporation) {DBCE2480-C732-101B-BE72-BA78E9AD5B27}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {07798131-AF23-11d1-9111-00A0C98BA67D}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {169A0691-8DF9-11d1-A1C4-00C04FD75D13}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}

061 D:\WINDOWS\system32\themeui.dll (Microsoft Corporation) {41E300E0-78B6-11ce-849B-444553540000}

061 D:\WINDOWS\system32\syncui.dll (Microsoft Corporation) {85BBD920-42A0-1069-A2E4-08002B30309D}

061 D:\WINDOWS\system32\wpdshext.dll (Microsoft Corporation) {35786D3C-B075-49b9-88DD-029876E11C01}

061 D:\WINDOWS\system32\wpdshext.dll (Microsoft Corporation) {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8}

061 D:\WINDOWS\system32\Audiodev.dll (Microsoft Corporation) {640167b4-59b0-47a6-b335-a6b3c0695aea}

061 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {D8BD2030-6FC9-11D0-864F-00AA006809D9}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {00BB2763-6A77-11D0-A535-00C04FD7D062}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {00BB2765-6A77-11D0-A535-00C04FD7D062}

061 D:\WINDOWS\system32\remotepg.dll (Microsoft Corporation) {F0152790-D56E-4445-850E-4F3117DB740C}

061 D:\WINDOWS\system32\wiashext.dll (Microsoft Corporation) {3F953603-1008-4f6e-A73A-04AAC7A992F1}

061 D:\WINDOWS\system32\wiashext.dll (Microsoft Corporation) {83bbcbf3-b28a-4919-a5aa-73027445d672}

061 D:\WINDOWS\system32\wiashext.dll (Microsoft Corporation) {905667aa-acd6-11d2-8080-00805f6596d2}

061 D:\WINDOWS\system32\wiashext.dll (Microsoft Corporation) {E211B736-43FD-11D1-9EFB-0000F8757FCD}

061 D:\WINDOWS\system32\wiashext.dll (Microsoft Corporation) {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {9461b922-3c5a-11d2-bf8b-00c04fb93661}

061 D:\WINDOWS\system32\sendmail.dll (Microsoft Corporation) {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}

061 D:\WINDOWS\system32\sendmail.dll (Microsoft Corporation) {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}

061 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {0A89A860-D7B1-11CE-8350-444553540000}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {ECD4FC4C-521C-11D0-B792-00A0C90312E1}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {3CCF8A41-5C85-11d0-9796-00AA00B90ADF}

061 D:\Arquivos de programas\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}

061 D:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}

061 D:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) {eb9b1153-3b57-4e68-959a-a3266bc3d7fe}

061 D:\WINDOWS\system32\shimgvw.dll (Microsoft Corporation) {e84fda7c-1d6a-45f6-b725-cb260c236066}

061 D:\WINDOWS\system32\dsquery.dll (Microsoft Corporation) {9E51E0D0-6E0F-11d2-9601-00C04FA31A86}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {ECD4FC4D-521C-11D0-B792-00A0C90312E1}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {21569614-B795-46b1-85F4-E737A8DC09AD}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {22BF0C20-6DA7-11D0-B373-00A0C9034938}

061 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {F5175861-2688-11d0-9C5E-00AA00A45957}

061 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}

061 D:\WINDOWS\system32\mstask.dll (Microsoft Corporation) {D6277990-4C6A-11CF-8D87-00AA0060F5BF}

061 D:\WINDOWS\system32\mstask.dll (Microsoft Corporation) {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}

061 D:\WINDOWS\system32\mstask.dll (Microsoft Corporation) {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}

061 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {7376D660-C583-11d0-A3A5-00C04FD706EC}

061 D:\WINDOWS\system32\browseui.dll (Microsoft Corporation) {AF4F6510-F982-11d0-8595-00AA004CD6D8}

061 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

061 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}

061 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}

061 D:\WINDOWS\system32\webcheck.dll (Microsoft Corporation) {08165EA0-E946-11CF-9C87-00AA005127ED}

061 C:\Arquivos de programas\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

062 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {0D2E74C4-3C34-11d2-A27E-00C04FC30871}

062 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {24F14F01-7B1C-11d1-838f-0000F80461CF}

062 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {24F14F02-7B1C-11d1-838f-0000F80461CF}

062 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {66742402-F9B9-11D1-A202-0000F81FEDEE}

064 D:\WINDOWS\system32\comdlg32.dll (Microsoft Corporation)

064 D:\WINDOWS\system32\ole32.dll (Microsoft Corporation)

064 D:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

064 D:\WINDOWS\system32\url.dll (Microsoft Corporation)

064 D:\WINDOWS\system32\user32.dll (Microsoft Corporation)

066 D:\WINDOWS\system32\logonui.exe (Microsoft Corporation)

067 * D:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbiehcef.dll (Caixa Economica Federal)

067 D:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)

073 HP DArC Task #Hewlett-Packard#deskjet3500#CN4BF150JQ9B.job : D:\Arquivos de programas\HP\hpcoretech\comp\hpdarc.exe (Hewlett-Packard Company)

100 Start Page HKCU : http://www.msn.com

100 Start Page HKLM : http://www.msn.com/

102 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {EFA24E64-B078-11D0-89E4-00C04FC9E26E}

104 GUID / CLSID not found {7530BFB8-7293-4D34-9923-61A11451AFC5}

104 GUID / CLSID not found {9F1C11AA-197B-4942-BA54-47A8489BB47F}

146 D:\WINDOWS\system32\cmd.exe (Microsoft Corporation)

147 D:\WINDOWS\system32\digest.dll (Microsoft Corporation)

153 D:\WINDOWS\system32\midimap.dll (Microsoft Corporation)

173 GUID / CLSID not found

173 D:\Arquivos de programas\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}

176 D:\WINDOWS\system32\drwtsn32.exe (Microsoft Corporation)

210 D:\WINDOWS\system32\ntbackup.exe (Microsoft Corporation)

211 D:\WINDOWS\system32\cleanmgr.exe (Microsoft Corporation)

213 D:\WINDOWS\system32\Magnify.exe (Microsoft Corporation)

215 D:\WINDOWS\system32\osk.exe (Microsoft Corporation)

221 GUID / CLSID not found

221 D:\Arquivos de programas\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}

223 * D:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

223 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {7BA4C740-9E81-11CF-99D3-00AA004AE837}

225 * D:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation) {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

225 D:\Arquivos de programas\Avira\AntiVir Desktop\shlext.dll (Avira GmbH) {45AC2688-0253-4ED8-97DE-B5370FA7D48A}

225 C:\Arquivos de programas\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

227 GUID / CLSID not found

227 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {A470F8CF-A1E8-4f65-8335-227475AA5C46}

227 D:\WINDOWS\System32\cscui.dll (Microsoft Corporation) {750fdf0e-2a26-11d1-a3ea-080036587f03}

227 D:\WINDOWS\system32\ntshrui.dll (Microsoft Corporation) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}

227 C:\Arquivos de programas\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

229 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) {D969A300-E7FF-11d0-A93B-00A0C90F2719}

231 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)

241 D:\WINDOWS\System32\cscui.dll (Microsoft Corporation) {750fdf0e-2a26-11d1-a3ea-080036587f03}

251 C:\Arquivos de programas\WinRAR\rarext.dll {B41DB860-8EE4-11D2-9906-E49FADC173CA}

253 D:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)

253 D:\WINDOWS\system32\ntshrui.dll (Microsoft Corporation) {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}

254 D:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation) {67EA19A0-CCEF-11d0-8024-00C04FD75D13}

254 D:\WINDOWS\system32\shell32.dll (Microsoft Corporation) {217FC9C0-3AEA-1069-A2DB-08002B30309D}

254 D:\WINDOWS\system32\mydocs.dll (Microsoft Corporation) {ECF03A33-103D-11d2-854D-006008059367}

254 D:\WINDOWS\system32\ntshrui.dll (Microsoft Corporation) {40dd6e20-7c17-11ce-a804-00aa003ca9f6}

001 MalwareDefender.exe

001 mdservice.exe

Missing files

-------------

005 \AHCache

005 \caminho

005 \FOUND.000

005 \MSOCache

005 \Recycled

005 \System

011 D:\WINDOWS\system32\drivers\Abiosdsk.sys

011 D:\WINDOWS\system32\drivers\abp480n5.sys

011 D:\WINDOWS\system32\drivers\adpu160m.sys

011 D:\WINDOWS\system32\drivers\Aha154x.sys

011 D:\WINDOWS\system32\drivers\aic78u2.sys

011 D:\WINDOWS\system32\drivers\aic78xx.sys

011 D:\WINDOWS\system32\drivers\AliIde.sys

011 D:\WINDOWS\system32\drivers\amsint.sys

011 D:\WINDOWS\system32\drivers\asc.sys

011 D:\WINDOWS\system32\drivers\asc3350p.sys

011 D:\WINDOWS\system32\drivers\asc3550.sys

011 D:\WINDOWS\system32\drivers\Atdisk.sys

011 D:\Arquivos de programas\Softwin\BitDefender10\bdfsdrv.sys

011 D:\Arquivos de programas\Softwin\BitDefender10\bdrsdrv.sys

011 D:\ComboFix\catchme.sys

011 D:\WINDOWS\system32\drivers\cd20xrnt.sys

011 D:\WINDOWS\system32\drivers\Changer.sys

011 D:\WINDOWS\system32\drivers\CmdIde.sys

011 D:\WINDOWS\system32\drivers\Cpqarray.sys

011 D:\WINDOWS\system32\drivers\dac2w2k.sys

011 D:\WINDOWS\system32\drivers\dac960nt.sys

011 D:\WINDOWS\system32\drivers\dpti2o.sys

011 D:\WINDOWS\system32\drivers\hpn.sys

011 D:\WINDOWS\system32\drivers\i2omgmt.sys

011 D:\WINDOWS\system32\drivers\i2omp.sys

011 D:\WINDOWS\system32\drivers\ini910u.sys

011 D:\WINDOWS\system32\drivers\IntelIde.sys

011 d:\windows\system32\DRIVERS\Lbd.sys

011 D:\WINDOWS\system32\drivers\lbrtfdc.sys

011 D:\WINDOWS\system32\drivers\mraid35x.sys

011 D:\WINDOWS\system32\drivers\PCIDump.sys

011 D:\WINDOWS\system32\drivers\PCIIde.sys

011 D:\WINDOWS\system32\drivers\PDCOMP.sys

011 D:\WINDOWS\system32\drivers\PDFRAME.sys

011 D:\WINDOWS\system32\drivers\PDRELI.sys

011 D:\WINDOWS\system32\drivers\PDRFRAME.sys

011 D:\WINDOWS\system32\drivers\perc2.sys

011 D:\WINDOWS\system32\drivers\perc2hib.sys

011 D:\WINDOWS\system32\drivers\ql1080.sys

011 D:\WINDOWS\system32\drivers\Ql10wnt.sys

011 D:\WINDOWS\system32\drivers\ql12160.sys

011 D:\WINDOWS\system32\drivers\ql1240.sys

011 D:\WINDOWS\system32\drivers\ql1280.sys

011 d:\windows\system32\drivers\ALCXWDM.SYS

011 D:\WINDOWS\system32\drivers\Simbad.sys

011 D:\WINDOWS\system32\drivers\Sparrow.sys

011 D:\WINDOWS\system32\drivers\sym_hi.sys

011 D:\WINDOWS\system32\drivers\sym_u3.sys

011 d:\windows\system32\DRIVERS\SymIM.sys

011 D:\WINDOWS\system32\drivers\symc810.sys

011 D:\WINDOWS\system32\drivers\symc8xx.sys

011 d:\windows\system32\DRIVERS\SymIM.sys

011 D:\WINDOWS\system32\drivers\TosIde.sys

011 D:\WINDOWS\system32\drivers\ultra.sys

011 D:\WINDOWS\system32\drivers\WDICA.sys

214

Obrigado

DigRam · Agosto 16, 2009

Boa Tarde! EDSSX

<!> O arquivo RUN,foi postado incorretamente,aonde tinhamos apenas seu relatório texto.

<!> Destaquei algumas linhas,editando no Post anterior,para remove-las.

<!> As que estão em vermelho ou verde,devem ser removidas!

<!> Execute,novamente,o RunScanner e verifique se ocorrem novas linhas,com ítens em vermeho.

<!> Abaixo,vai a orientação para deletar essas linhas.

<><><><><><><><><><>

<@> Clique,com o direito do Mouse,nas linhas destacadas em vermelho.

<@> Clique em: Mark/unmark item Space

<@> Clique na aba: Item fixer --> Fix selected items.

<@> Na mensagem,dê o OK.

<@> Em Information,confirme!

<@> Clique em Unrated items,para confirmar-mos as remoções efetuadas.

<@> Caso deseje uma limpeza mais profunda,vá em Extra stuff e remova todas as linhas destacadas em vermelho.

<><><><><><><><><><>

<@> Para remover o OTListIt ou OTL,basta abrir a ferramenta e clicar em CleanUp.

<><><><><><><><><><>

<@> Baixe: < > ( ...by Atribune )

<@> Salve-o no Desktop!

<@> Reinicie o computador,em Modo de Segurança!

<@> Clique em ATF-Cleaner.exe

<@> Em "Select Files To Delete",marque Select All.

<@> Clique em Empty Selected.

<@> Na janela Done Cleaning,dê o OK --> Exit

<@> Atenção: Se utiliza o Firefox:

* No topo,clique em Firefox e escolha: Select All --> Clique em Empty Selected.

<@> Atenção: Se utiliza o Opera:

* No topo,clique em Opera e escolha: Select All --> Clique em Empty Selected.

<><><><><><><><><><>

<!> Seus logs estão limpos! :bye:

<!> Algum problema,ainda,relacionado à virus?

Abraços!

EDSSX · Agosto 16, 2009

Boa Tarde !

Não tem, está limpinha. Vou fazer os proçedimentos supra.

Muito obrigado pela tua ampla atenção e dedicação. Até a próxima . Espero que não rsrs . Valeu

DigRam · Agosto 16, 2009

PROBLEMA RESOLVIDO!

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Entrar

Arquivado

[Resolvido!] Pc faz barulho como uma catraca

Recommended Posts

DigRam 144

Compartilhar este post

Link para o post

Compartilhar em outros sites

EDSSX 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

DigRam 144

Compartilhar este post

Link para o post

Compartilhar em outros sites

EDSSX 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

DigRam 144

Compartilhar este post

Link para o post

Compartilhar em outros sites

recuperando parametros simplexml_load_file

PHP+Codeigniter - Adicionar Registro Plano de Contas

Javascript - Passar Parâmetros para uma Função.

Este projeto é apoiado pelas empresas

Fóruns

Tempo Real

Informação importante