Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Flavia Elaine

[Arquivado] Este computador tem vírus?

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

Flavia Elaine    0

Flavia Elaine
Postado

Boa noite,

 

Este é o computador da minha mãe. Gostaria de saber se está com algum vírus. Estou encaminhando o LOG. Como não venho todos os dias aqui, épossível que eu demore um pouco para responder. Mas farei o possível para ser rápida.

 

Desde já agradeço a atenção.

 

Segue o LOG:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:41:55, on 21/8/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

C:\WINDOWS\vsnpstd.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Arquivos comuns\Pure Networks Shared\Platform\nmctxth.exe

C:\Arquivos de programas\Pure Networks\Network Magic\nmapp.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Arquivos de programas\HP\Digital Imaging\Product Assistant\bin\hprblog.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe

C:\Arquivos de programas\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe

C:\Arquivos de programas\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe

C:\Arquivos de programas\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe

C:\Arquivos de programas\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe

C:\Arquivos de programas\Pure Networks\Network Magic\WebServer\bin\rotatelogs.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\User\Desktop\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [RemoveWGA] \\lab\Progarmas\boot\Remove WGA\RemoveWGA.exe -startup

O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [nmctxth] "C:\Arquivos de programas\Arquivos comuns\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [nmapp] "C:\Arquivos de programas\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1234136267421

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://imagem.caixa.gov.br/cab/gbpdist.cab

O20 - Winlogon Notify: GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehCef.dll

O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Arquivos de programas\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Arquivos de programas\Arquivos comuns\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

 

--

End of file - 8210 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

:thumbsup: Oi Flávia!

 

:seta: Abra o HijackThis, clique em Do a system scan only, marque a entrada abaixo e clique em Fix checked:

 

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

__________________________________________

 

:seta: Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:

 

Escolhendo Programas que Iniciam com o PC

 

De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.

 

Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.

__________________________________________

 

:seta: Neste log está constando que este PC está sem antivirus e é muito importante ter um. Sugiro um ótimo antivirus gratuito, como o Avira Antivir Personal 9 Free.

 

Para instalar, configurar e usar corretamente o Avira antivir é só seguir as dicas destes tutoriais:

 

Tutorial do Avira Antivir 9 free (instalação e configuração)

 

Tutorial do Avira Antivir 9 free (como usá-lo corretamente)

__________________________________________

 

:seta: Depois de instalar e configurar o Avira Antivir seguindo as dicas dos tutoriais acima, atualize-o (faça um update) e reinicie o seu computador e entre pelo Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança). Aí quando o computador tiver reiniciado, clique com o botão direito do mouse sobre o símbolo do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start Antivir > clique na opção Scan system now > e aguarde a conclusão do escaneamento.

__________________________________________

 

:seta: Quando você tiver removido os virus que o Avira Antivir encontrar, reinicie o computador normalmente. Clique com o botão direito do mouse sobre o ícone do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start Antivir > clique na opção Reports > dê um duplo clique com o botão esquerdo do mouse sobre o log mais recente e clique no botão Report file > Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar) > Depois disso é só voltar aqui no fórum e postar este log do Avira Antivir juntamente com um novo log do Hijackthis para que eles possam ser analizados.

 

Ficamos no aguardo de sua resposta.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Flavia Elaine    0

Flavia Elaine
Postado

Avira AntiVir Personal

Report file date: segunda-feira, 24 de agosto de 2009 20:16

 

Scanning for 1659296 virus strains and unwanted programs.

 

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows XP

Windows version : (Service Pack 3) [5.1.2600]

Boot mode : Save mode

Username : Administrador

Computer name : A7V8XX

 

Version information:

BUILD.DAT : 9.0.0.407 17961 Bytes 29/7/2009 10:34:00

AVSCAN.EXE : 9.0.3.7 466689 Bytes 21/7/2009 17:36:14

AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/2/2009 14:58:24

LUKE.DLL : 9.0.3.2 209665 Bytes 20/2/2009 15:35:49

LUKERES.DLL : 9.0.2.0 12033 Bytes 27/2/2009 14:58:52

ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 16:30:36

ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/6/2009 13:21:42

ANTIVIR2.VDF : 7.1.5.146 3087360 Bytes 21/8/2009 23:01:19

ANTIVIR3.VDF : 7.1.5.156 113152 Bytes 24/8/2009 23:01:43

Engineversion : 8.2.1.3

AEVDF.DLL : 8.1.1.1 106868 Bytes 28/7/2009 17:31:50

AESCRIPT.DLL : 8.1.2.25 459130 Bytes 24/8/2009 23:07:32

AESCN.DLL : 8.1.2.4 127348 Bytes 23/7/2009 13:59:39

AERDL.DLL : 8.1.2.4 430452 Bytes 23/7/2009 13:59:39

AEPACK.DLL : 8.1.3.18 401783 Bytes 28/7/2009 17:31:50

AEOFFICE.DLL : 8.1.0.38 196987 Bytes 23/7/2009 13:59:39

AEHEUR.DLL : 8.1.0.155 1921400 Bytes 24/8/2009 23:06:03

AEHELP.DLL : 8.1.6.0 233846 Bytes 24/8/2009 23:03:06

AEGEN.DLL : 8.1.1.57 356725 Bytes 24/8/2009 23:02:20

AEEMU.DLL : 8.1.0.9 393588 Bytes 9/10/2008 18:32:40

AECORE.DLL : 8.1.7.6 184694 Bytes 23/7/2009 13:59:39

AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 18:32:40

AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 12:47:59

AVPREF.DLL : 9.0.0.1 43777 Bytes 5/12/2008 14:32:15

AVREP.DLL : 8.0.0.3 155905 Bytes 20/1/2009 18:34:28

AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 14:32:09

AVARKT.DLL : 9.0.0.3 292609 Bytes 24/3/2009 19:05:41

AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/1/2009 14:37:08

SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/1/2009 19:03:49

SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 12:21:33

NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 14:32:10

RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/5/2009 19:39:58

RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/4/2009 14:19:48

 

Configuration settings for the scan:

Jobname.............................: Complete system scan

Configuration file..................: c:\arquivos de programas\avira\antivir desktop\sysscan.avp

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:,

Process scan........................: on

Scan registry.......................: on

Search for rootkits.................: on

Integrity checking of system files..: off

Scan all files......................: All files

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

 

Start of the scan: segunda-feira, 24 de agosto de 2009 20:16

 

Starting search for hidden objects.

The driver could not be initialized.

 

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'explorer.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

11 processes with 11 modules were scanned

 

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

 

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

 

Starting to scan executable files (registry).

The registry was scanned ( '48' files ).

 

 

Starting the file scan:

 

Begin scan in 'C:\' <Maxtor120>

C:\pagefile.sys

[WARNING] The file could not be opened!

[NOTE] This file is a Windows system file.

[NOTE] This file cannot be opened for scanning.

C:\23eb874ec523d7349b007107\admparse.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\advpack.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\browseui.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\corpol.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\custsat.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\dxtmsft.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\dxtrans.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\extmgr.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\hmmapi.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\icardie.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\ie4uinit.exe

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\ieakeng.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\ieaksie.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\ieakui.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\ieapfltr.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\iedkcs32.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\iedw.exe

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\ieencode.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\ieframe.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\iepeers.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\ieproxy.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\iernonce.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\iertutil.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\iesetup.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\ieudinit.exe

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\ieui.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\iexplore.exe

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\imgutil.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\inseng.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\jscript.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\jsproxy.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\licmgr10.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\msfeeds.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\msfeedsbs.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\msfeedssync.exe

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\mshta.exe

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\mshtml.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\mshtmled.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\mshtmler.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\msls31.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\msrating.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\mstime.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\occache.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\pngfilt.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\shdocvw.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\shlwapi.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\spmsg.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\spuninst.exe

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\spupdsvc.exe

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\url.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\urlmon.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\vbscript.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\vgx.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\webcheck.dll

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\winfxdocobj.exe

[WARNING] The file could not be opened!

C:\23eb874ec523d7349b007107\wininet.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\admparse.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\advpack.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\browseui.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\corpol.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\custsat.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\dxtmsft.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\dxtrans.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\extmgr.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\hmmapi.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\icardie.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\ie4uinit.exe

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\ieakeng.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\ieaksie.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\ieakui.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\ieapfltr.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\iedkcs32.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\iedw.exe

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\ieencode.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\ieframe.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\iepeers.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\ieproxy.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\iernonce.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\iertutil.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\iesetup.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\ieudinit.exe

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\ieui.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\iexplore.exe

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\imgutil.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\inseng.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\jscript.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\jsproxy.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\licmgr10.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\msfeeds.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\msfeedsbs.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\msfeedssync.exe

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\mshta.exe

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\mshtml.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\mshtmled.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\mshtmler.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\msls31.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\msrating.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\mstime.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\occache.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\pngfilt.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\shdocvw.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\shlwapi.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\spmsg.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\spuninst.exe

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\spupdsvc.exe

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\url.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\urlmon.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\vbscript.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\vgx.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\webcheck.dll

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\winfxdocobj.exe

[WARNING] The file could not be opened!

C:\2a3841b18119e9ec1f84ef\wininet.dll

[WARNING] The file could not be opened!

C:\ae81c1123e2917987df7f4e9a0ca05\legitcheckcontrol.dll

[WARNING] The file could not be opened!

C:\ae81c1123e2917987df7f4e9a0ca05\spmsg.dll

[WARNING] The file could not be opened!

C:\ae81c1123e2917987df7f4e9a0ca05\spuninst.exe

[WARNING] The file could not be opened!

C:\ae81c1123e2917987df7f4e9a0ca05\wgalogon.dll

[WARNING] The file could not be opened!

C:\ae81c1123e2917987df7f4e9a0ca05\wgatray.exe

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\admparse.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\advpack.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\browseui.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\corpol.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\custsat.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\dxtmsft.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\dxtrans.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\extmgr.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\hmmapi.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\icardie.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\ie4uinit.exe

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\ieakeng.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\ieaksie.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\ieakui.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\ieapfltr.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\iedkcs32.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\iedw.exe

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\ieencode.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\ieframe.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\iepeers.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\ieproxy.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\iernonce.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\iertutil.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\iesetup.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\ieudinit.exe

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\ieui.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\iexplore.exe

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\imgutil.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\inseng.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\jscript.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\jsproxy.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\licmgr10.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\msfeeds.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\msfeedsbs.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\msfeedssync.exe

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\mshta.exe

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\mshtml.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\mshtmled.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\mshtmler.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\msls31.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\msrating.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\mstime.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\occache.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\pngfilt.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\shdocvw.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\shlwapi.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\spmsg.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\spuninst.exe

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\spupdsvc.exe

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\url.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\urlmon.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\vbscript.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\vgx.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\webcheck.dll

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\winfxdocobj.exe

[WARNING] The file could not be opened!

C:\d60138ea53b41e3f72b0ac84175514\wininet.dll

[WARNING] The file could not be opened!

C:\Documents and Settings\User\Desktop\ccsetup222_slim(2).exe.part

[0] Archive type: NSIS

--> ProgramFilesDir/unicows.dll

[WARNING] No further files can be extracted from this archive. The archive will be closed

[WARNING] No further files can be extracted from this archive. The archive will be closed

C:\Documents and Settings\User\Desktop\ccsetup222_slim.exe

[0] Archive type: NSIS

--> ProgramFilesDir/unicows.dll

[WARNING] No further files can be extracted from this archive. The archive will be closed

[WARNING] No further files can be extracted from this archive. The archive will be closed

C:\Documents and Settings\User\Desktop\ccsetup222_slim.exe.part

[0] Archive type: NSIS

--> ProgramFilesDir/unicows.dll

[WARNING] No further files can be extracted from this archive. The archive will be closed

[WARNING] No further files can be extracted from this archive. The archive will be closed

C:\Documents and Settings\User\Meus documentos\LimeWire\Incomplete\Preview-T-5236582-daniel amiga.mp3

[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit

C:\Documents and Settings\User\Meus documentos\LimeWire\Saved\daniel amiga.mp3

[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit

C:\Documents and Settings\User\Meus documentos\LimeWire\Saved\Death Cab For Cutie - Different Names For The Same Things.wma

[DETECTION] Is the TR/Dldr.WMA.Wima.24 Trojan

C:\Documents and Settings\User\Meus documentos\LimeWire\Saved\do lado esquerdo do peito greatest hit 2009.wma

[DETECTION] Is the TR/Dldr.WMA.Wimad.Y Trojan

C:\Documents and Settings\User\Meus documentos\LimeWire\Saved\Edson e Hudson - Ela encasquetou.wma

[DETECTION] Is the TR/Dldr.WMA.Wimad.Y Trojan

C:\f0e9ace6d56d8fc8e3\admparse.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\advpack.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\browseui.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\corpol.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\custsat.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\dxtmsft.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\dxtrans.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\extmgr.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\hmmapi.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\icardie.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\ie4uinit.exe

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\ieakeng.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\ieaksie.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\ieakui.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\ieapfltr.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\iedkcs32.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\iedw.exe

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\ieencode.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\ieframe.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\iepeers.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\ieproxy.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\iernonce.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\iertutil.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\iesetup.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\ieudinit.exe

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\ieui.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\iexplore.exe

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\imgutil.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\inseng.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\jscript.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\jsproxy.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\licmgr10.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\msfeeds.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\msfeedsbs.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\msfeedssync.exe

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\mshta.exe

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\mshtml.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\mshtmled.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\mshtmler.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\msls31.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\msrating.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\mstime.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\occache.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\pngfilt.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\shdocvw.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\shlwapi.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\spmsg.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\spuninst.exe

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\spupdsvc.exe

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\url.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\urlmon.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\vbscript.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\vgx.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\webcheck.dll

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\winfxdocobj.exe

[WARNING] The file could not be opened!

C:\f0e9ace6d56d8fc8e3\wininet.dll

[WARNING] The file could not be opened!

 

Beginning disinfection:

C:\Documents and Settings\User\Meus documentos\LimeWire\Incomplete\Preview-T-5236582-daniel amiga.mp3

[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit

[NOTE] The file was moved to '4af829e3.qua'!

C:\Documents and Settings\User\Meus documentos\LimeWire\Saved\daniel amiga.mp3

[DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit

[NOTE] The file was moved to '4b0129d2.qua'!

C:\Documents and Settings\User\Meus documentos\LimeWire\Saved\Death Cab For Cutie - Different Names For The Same Things.wma

[DETECTION] Is the TR/Dldr.WMA.Wima.24 Trojan

[NOTE] The file was moved to '4af429d7.qua'!

C:\Documents and Settings\User\Meus documentos\LimeWire\Saved\do lado esquerdo do peito greatest hit 2009.wma

[DETECTION] Is the TR/Dldr.WMA.Wimad.Y Trojan

[NOTE] The file was moved to '4ab329e1.qua'!

C:\Documents and Settings\User\Meus documentos\LimeWire\Saved\Edson e Hudson - Ela encasquetou.wma

[DETECTION] Is the TR/Dldr.WMA.Wimad.Y Trojan

[NOTE] The file was moved to '4b0629d6.qua'!

 

 

End of the scan: segunda-feira, 24 de agosto de 2009 20:59

Used time: 41:45 Minute(s)

 

The scan has been done completely.

 

3494 Scanned directories

138239 Files were scanned

5 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

5 Files were moved to quarantine

0 Files were renamed

230 Files cannot be scanned

138004 Files not concerned

1021 Archives were scanned

236 Warnings

6 Notes

 

------------------------------------

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:09:30, on 24/8/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avscan.exe

C:\Documents and Settings\User\Desktop\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [RemoveWGA] \\lab\Progarmas\boot\Remove WGA\RemoveWGA.exe -startup

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1234136267421

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://imagem.caixa.gov.br/cab/gbpdist.cab

O20 - Winlogon Notify: GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehCef.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Arquivos de programas\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Arquivos de programas\Arquivos comuns\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

 

--

End of file - 7551 bytes

 

 

 

-------------

 

Aqui estão os logs...

conforme eu falei demoro um pouco para responder pois não venho sempre a casa da minha mãe.

Obrigada pela atenção.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

:thumbsup: 5 problemas foram removidos pelo Avira Antivir.

 

:seta: Sugiro que você salve ou imprima essas instruções abaixo, pois em alguns momentos você poderá precisar usar o computador sem o acesso à internet:

 

- Faça o download do Malwarebytes Anti-Malware.

* Faça a instalação dando um duplo clique em "mbam-setup.exe";

*Selecione a linguagem Português (Brasil)

*Selecione apenas a caixa: "Atualizar MalwareBytes'Anti-Malware"

*Se alguma atualização existir, o download será automático

*Não faça ainda scan!!!

*Reinicie o PC em Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança).

* Se não possível executar o computador em Modo Seguro, faça o escaneamento no modo normal

*Execute o programa MalwareBytes'Anti-Malware e clique na aba: "Verificação", selecione a opção "Verificação completa"

*Clique no botão: "Verificar"

* Marque todas as partes do computador que você deseja escanear e clique no botão: “Iniciar verificação”

*Ao término do scan, clique em "OK" > "Mostrar Resultados"

*Selecione todas as entradas e clique em "Remover Selecionados"

*Após a remoção poderá ser interrogado se deseja remover objetos da memória. Clique "SIM"

*Um log será apresentado com o resultado das ações

*Alguns malwares são rebeldes e necessitam de uma reinicialização para a remoção. Caso isto seja solicitado, clique para reiniciar o PC.

*Ao término do processo, reinicie o PC em Modo Normal.

* Depois de alguns dias, se o seu computador estiver funcionando normalmente sem estes arquivos que foram excluidos pelo Malwarebytes Anti-malware, abra (execute) o Malwarebytes Anti-malware, clique na aba: Quarentena e clique no botão: Remover tudo.

*Execute novamente o programa Malwarebytes Anti-malware e clique na aba “Logs”, dê um duplo clique com o mouse sobre o log mais recente, selecione o log completo e copie-o.

 

Poste este log gerado pelo Malwarebytes Anti-Malware juntamente com um novo log do Hijackthis na sua próxima resposta e nos diga como está o seu computador depois de seguir este procedimento acima.

 

Ficamos no aguardo de sua resposta.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Flavia Elaine    0

Flavia Elaine
Postado

Malwarebytes' Anti-Malware 1.40

Versão do banco de dados: 2707

Windows 5.1.2600 Service Pack 3 (Safe Mode)

 

27/8/2009 19:51:07

mbam-log-2009-08-27 (19-51-07).txt

 

Tipo de Verificação: Completa (C:\|)

Objetos verificados: 141326

Tempo decorrido: 42 minute(s), 14 second(s)

 

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 0

Valores do Registro infectados: 0

Ítens do Registro infectados: 2

Pastas infectadas: 0

Arquivos infectados: 0

 

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

 

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

 

Chaves do Registro infectadas:

(Nenhum ítem malicioso foi detectado)

 

Valores do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Ítens do Registro infectados:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

 

Pastas infectadas:

(Nenhum ítem malicioso foi detectado)

 

Arquivos infectados:

(Nenhum ítem malicioso foi detectado)

 

 

-------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:57:12, on 27/8/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\User\Desktop\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [RemoveWGA] \\lab\Progarmas\boot\Remove WGA\RemoveWGA.exe -startup

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1234136267421

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://imagem.caixa.gov.br/cab/gbpdist.cab

O20 - Winlogon Notify: GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehCef.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Arquivos de programas\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Arquivos de programas\Arquivos comuns\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

 

--

End of file - 7620 bytes

--------------------

 

Fiz tudo conforme suas orientações.

Obrigada

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

:thumbsup: Mais dois problemas foram removidos pelo Malwarebytes.

 

:seta: Siga as dicas deste tutorial para fazer uma limpeza deste PC com o Spyware Doctor:

 

Tutorial do Spyware Doctor Starter Edition

 

Na sua próxima resposta poste este log do Spyware Doctor juntamente com um novo log do Hijackthis e nos diga como está o seu Pc depois disto.

 

Ficamos no aguardo.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito