[Resolvido!] Virus kht, khu, khw... sai mas volta!

[Jota Tiros 0]

Taí o relatório:

 

ComboFix 10-03-01.03 - Projetos 01 02/03/2010 12:29:34.6.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1022.567 [GMT -3:00]

Executando de: c:\documents and settings\Projetos 01\Desktop\ComboFix.exe

Comandos utilizados :: c:\documents and settings\Projetos 01\Desktop\CFScript.txt

AV: avast! Internet Security *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

 

(((((((((((((((( Arquivos/Ficheiros criados de 2010-02-02 to 2010-03-02 ))))))))))))))))))))))))))))

.

 

2010-03-02 13:17 . 2010-02-11 19:43 291920 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2010-03-02 13:17 . 2010-02-11 19:44 102480 ----a-w- c:\windows\system32\drivers\aswFW.sys

2010-03-02 13:17 . 2010-03-02 13:17 -------- d-----w- c:\windows\LastGood

2010-03-02 13:17 . 2010-02-11 19:43 195408 ----a-w- c:\windows\system32\drivers\aswNdis2.sys

2010-03-02 13:17 . 2010-01-09 22:22 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys

2010-03-02 12:23 . 2010-03-02 12:28 -------- d-----w- c:\documents and settings\Projetos 01\Dados de aplicativos\GetRightToGo

2010-03-01 15:37 . 2010-02-11 19:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys

2010-03-01 15:37 . 2010-02-11 19:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2010-03-01 15:37 . 2010-02-11 19:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2010-03-01 15:37 . 2010-02-11 19:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2010-03-01 15:37 . 2010-02-11 19:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2010-03-01 15:37 . 2010-02-11 19:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys

2010-03-01 15:37 . 2010-02-11 19:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2010-03-01 15:37 . 2010-02-11 19:53 38848 ----a-w- c:\windows\system32\avastSS.scr

2010-03-01 15:37 . 2010-02-11 19:53 153184 ----a-w- c:\windows\system32\aswBoot.exe

2010-03-01 15:37 . 2010-03-01 15:37 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Alwil Software

2010-03-01 15:37 . 2010-03-01 15:37 -------- d-----w- c:\arquivos de programas\Alwil Software

2010-03-01 13:43 . 2010-03-02 12:40 -------- d-----w- C:\Scanner

2010-02-26 12:53 . 2010-02-26 12:53 -------- d-----w- c:\documents and settings\Projetos 01\Dados de aplicativos\Malwarebytes

2010-02-26 12:53 . 2010-02-26 12:53 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes

2010-02-26 12:46 . 2010-02-26 12:46 452757 ----a-w- C:\UsbFix_Upload_Me_PROJETOS01.zip

2010-02-25 17:14 . 2010-02-26 17:07 -------- d-----w- C:\UsbFix

2010-02-25 15:24 . 2010-02-25 15:24 -------- d-----w- c:\documents and settings\Projetos 01\Dados de aplicativos\Media Player Classic

2010-02-25 15:12 . 2010-02-25 15:12 -------- d-----w- c:\arquivos de programas\Flv Audio Video Extractor

2010-02-25 13:49 . 2010-02-25 15:32 -------- d-----w- C:\Hijack

2010-02-25 13:12 . 2010-02-25 13:13 -------- d-----w- c:\arquivos de programas\XP Codec Pack

2010-02-24 12:02 . 2010-02-24 12:02 -------- d-----w- c:\arquivos de programas\CCleaner

2010-02-23 12:01 . 2010-02-23 12:02 -------- d-----w- C:\LinhaDefensiva

2010-02-22 18:19 . 2010-02-26 13:06 -------- d-----w- c:\documents and settings\Projetos 01\Dados de aplicativos\Ahead

2010-02-22 12:21 . 2010-02-22 12:21 -------- d-----w- c:\arquivos de programas\GPLGS

2010-02-22 12:19 . 2009-11-05 11:39 87552 ----a-w- c:\windows\system32\cpwmon2k.dll

2010-02-22 12:19 . 2010-02-22 12:19 -------- d-----w- c:\arquivos de programas\Acro Software

2010-02-09 11:54 . 2010-02-09 11:54 -------- d-----w- c:\arquivos de programas\SIMBRASIL 3.03

2010-02-08 11:04 . 2010-02-08 11:04 411368 ----a-w- c:\windows\system32\deploytk.dll

2010-02-08 11:04 . 2010-02-08 11:04 152576 ----a-w- c:\documents and settings\Projetos 01\Dados de aplicativos\Sun\Java\jre1.6.0_17\lzma.dll

2010-02-08 10:59 . 2010-02-08 10:59 79488 ----a-w- c:\documents and settings\Projetos 01\Dados de aplicativos\Sun\Java\jre1.6.0_17\gtapi.dll

2010-02-08 10:58 . 2010-02-26 18:25 -------- d-----w- c:\arquivos de programas\Unlocker

2010-02-04 15:55 . 2010-02-04 15:55 -------- d-----w- c:\arquivos de programas\Tekhnelogos

2010-02-04 12:11 . 2010-02-18 16:21 -------- d-----w- c:\arquivos de programas\Google

2010-02-03 11:44 . 2007-10-23 11:27 110592 ----a-w- c:\documents and settings\Projetos 01\Dados de aplicativos\U3\temp\cleanup.exe

2010-02-03 11:43 . 2008-05-02 12:41 3493888 ---ha-w- c:\documents and settings\Projetos 01\Dados de aplicativos\U3\temp\Launchpad Removal.exe

2010-02-03 11:43 . 2010-02-03 11:44 -------- d-----w- c:\documents and settings\Projetos 01\Dados de aplicativos\U3

2010-02-02 16:39 . 2010-02-02 16:39 -------- d-----w- c:\documents and settings\Projetos 01\Dados de aplicativos\AVG9

2010-02-02 14:49 . 2010-02-02 14:49 -------- d-----w- c:\windows\Sun

2010-02-02 14:29 . 2010-02-02 14:29 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\IObit

2010-02-02 14:27 . 2010-02-02 14:45 -------- d-----w- c:\documents and settings\Projetos 01\Dados de aplicativos\IObit

2010-02-02 14:27 . 2010-02-02 14:27 -------- d-----w- c:\arquivos de programas\IObit

2010-02-02 13:31 . 2008-04-13 21:20 26624 ----a-w- c:\documents and settings\LocalService\Dados de aplicativos\Microsoft\UPnP Device Host\upnphost\udhisapi.dll

2010-02-02 13:31 . 2008-04-13 21:20 221184 ----a-w- c:\windows\system32\wmpns.dll

2010-02-02 13:31 . 2010-02-02 13:31 -------- d-----w- c:\arquivos de programas\Windows Media Connect 2

2010-02-02 13:30 . 2010-02-25 11:58 -------- d-----w- c:\windows\system32\LogFiles

2010-02-02 13:30 . 2010-02-02 13:30 -------- d-----w- c:\windows\system32\drivers\UMDF

2010-02-02 13:30 . 2006-09-25 19:58 23856 ----a-w- c:\windows\system32\spupdsvc.exe

2010-02-02 13:22 . 2010-02-02 12:47 877848 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\avg9\update\backup\avgupd.exe

2010-02-02 13:22 . 2010-02-02 12:47 1657112 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\avg9\update\backup\avgupd.dll

2010-02-02 13:22 . 2010-02-02 12:47 798488 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\avg9\update\backup\avginet.dll

2010-02-02 13:22 . 2010-02-02 12:47 613656 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\avg9\update\backup\avgiproxy.exe

2010-02-02 13:09 . 2010-02-02 13:09 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Messenger Plus!

2010-02-02 13:01 . 2010-02-02 13:01 -------- d-----w- c:\arquivos de programas\AnswerWorks 4.0

2010-02-02 13:00 . 2010-02-02 13:02 -------- d-----w- c:\arquivos de programas\AutoCAD 2007

2010-02-02 13:00 . 2010-02-02 13:00 -------- d-----w- c:\documents and settings\Projetos 01\Dados de aplicativos\Autodesk

2010-02-02 13:00 . 2010-02-02 13:00 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Autodesk

2010-02-02 13:00 . 2006-10-26 21:58 30512 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll

2010-02-02 13:00 . 2006-10-26 21:58 30512 ----a-w- c:\windows\system32\mdimon.dll

2010-02-02 12:59 . 2010-02-02 12:59 -------- d-----w- c:\arquivos de programas\Microsoft Works

2010-02-02 12:58 . 2010-02-02 13:02 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Autodesk Shared

2010-02-02 12:58 . 2010-02-02 12:58 -------- d-----w- c:\arquivos de programas\Autodesk

2010-02-02 12:58 . 2010-02-02 12:58 -------- d-----w- c:\arquivos de programas\Microsoft.NET

2010-02-02 12:56 . 2010-02-02 12:56 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live

2010-02-02 12:56 . 2010-02-02 12:59 -------- d-----w- c:\windows\SHELLNEW

2010-02-02 12:56 . 2010-02-02 13:07 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help

2010-02-02 12:56 . 2010-02-02 12:56 -------- d-----r- C:\MSOCache

2010-02-02 12:51 . 2010-02-26 18:16 -------- d-----w- c:\documents and settings\Projetos 01\Tracing

2010-02-02 12:50 . 2010-02-02 12:50 -------- d-----w- c:\arquivos de programas\Microsoft Silverlight

2010-02-02 12:49 . 2010-02-02 12:49 -------- d-----w- c:\arquivos de programas\Microsoft

2010-02-02 12:49 . 2010-02-02 12:49 -------- d-----w- c:\arquivos de programas\Windows Live SkyDrive

2010-02-02 12:49 . 2010-02-02 12:50 -------- d-----w- c:\arquivos de programas\Windows Live

2010-02-02 12:47 . 2010-03-01 15:32 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\avg9

2010-02-02 12:47 . 2010-02-02 12:47 -------- d-----w- c:\arquivos de programas\AVG

2010-02-02 12:47 . 2010-02-02 12:47 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Windows Live

2010-02-02 12:44 . 2010-02-03 11:41 -------- d-----w- c:\arquivos de programas\AutorunRemover

2010-02-02 12:42 . 2008-04-13 13:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys

2010-02-02 12:40 . 2010-02-09 11:17 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe

2010-02-02 12:39 . 2010-02-02 12:39 -------- d-----w- c:\arquivos de programas\CHANGJIE

2010-02-02 12:39 . 2010-02-02 12:39 -------- d-----w- c:\arquivos de programas\TCIME

2010-02-02 12:39 . 2010-02-02 12:39 -------- d-----w- c:\arquivos de programas\SCIME

2010-02-02 12:39 . 2010-02-02 12:39 -------- d-----w- c:\arquivos de programas\KOIME

2010-02-02 12:38 . 2010-02-02 12:38 -------- d-----w- c:\windows\LHSP

2010-02-02 12:36 . 2002-02-18 12:23 46352 ----a-w- c:\windows\setdebug.exe

2010-02-02 12:36 . 2002-02-18 12:22 171280 ----a-w- c:\windows\system32\jit.dll

2010-02-02 12:36 . 2002-02-18 12:22 139536 ----a-w- c:\windows\system32\javaee.dll

2010-02-02 12:36 . 2002-02-18 09:35 6550 ----a-w- c:\windows\jautoexp.dat

2010-02-02 12:36 . 2002-02-18 09:34 313856 ----a-w- c:\windows\system32\dx3j.dll

2010-02-02 12:33 . 2008-08-01 03:36 54784 ----a-r- c:\windows\system32\drivers\NVENETFD.sys

2010-02-02 12:33 . 2008-08-01 03:35 200704 ----a-r- c:\windows\system32\fdco1ins.dll

2010-02-02 12:33 . 2008-08-01 03:35 200704 ----a-r- c:\windows\system32\fdco1.dll

2010-02-02 12:33 . 2008-07-07 17:45 4984 ----a-r- c:\windows\system32\drivers\nvphy.bin

2010-02-02 12:33 . 2008-07-29 05:33 446464 ----a-w- c:\windows\system32\nvunrm.exe

2010-02-02 12:33 . 2008-08-01 03:34 9216 ----a-r- c:\windows\system32\bdco1ins.dll

2010-02-02 12:33 . 2008-08-01 03:34 9216 ----a-r- c:\windows\system32\bdco1.dll

2010-02-02 12:33 . 2008-07-29 05:33 122880 ----a-r- c:\windows\system32\nvconrm.dll

2010-02-02 12:33 . 2008-08-01 03:36 22016 ----a-r- c:\windows\system32\drivers\nvnetbus.sys

2010-02-02 12:33 . 2008-08-01 03:35 955520 ----a-r- c:\windows\system32\drivers\nvnrm.sys

2010-02-02 12:21 . 2010-02-02 12:21 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Ahead

2010-02-02 12:18 . 2010-02-02 12:20 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Ahead

2010-02-02 12:18 . 2010-02-02 12:18 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Nero

2010-02-02 12:18 . 2010-02-02 12:18 -------- d-----w- c:\arquivos de programas\Nero

2010-02-02 12:18 . 2010-02-02 12:18 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DVD Shrink

2010-02-02 12:18 . 2010-02-02 12:18 -------- d-----w- c:\arquivos de programas\DVD Shrink

2010-02-02 12:16 . 2007-01-09 00:17 27168 ------w- c:\windows\system32\msxml3a.dll

2010-02-02 12:16 . 2007-01-09 00:17 502816 ------w- c:\windows\system32\msvcp71.dll

2010-02-02 12:16 . 2007-01-09 00:17 351264 ------w- c:\windows\system32\msvcr71.dll

2010-02-02 12:16 . 2010-02-02 12:17 -------- d-----w- c:\arquivos de programas\CyberLink

2010-02-02 12:15 . 2010-02-08 11:04 -------- d-----w- c:\arquivos de programas\Java

2010-02-02 12:15 . 2010-02-02 12:15 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Java

2010-02-02 12:15 . 2010-02-02 12:15 0 ----a-w- c:\windows\nsreg.dat

2010-02-02 12:14 . 2010-02-02 12:14 -------- d-----w- c:\arquivos de programas\Arquivos comuns\xing shared

2010-02-02 12:14 . 2010-02-02 12:14 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Real

2010-02-02 12:14 . 2010-02-02 12:14 -------- d-----w- c:\arquivos de programas\Real

2010-02-02 12:11 . 2010-02-02 12:11 -------- d-----w- c:\windows\system32\Lang

2010-02-02 12:09 . 2008-08-24 19:22 14208 ----a-r- c:\windows\system32\drivers\nvsmu.sys

2010-02-02 12:09 . 2008-08-21 07:17 122880 ----a-r- c:\windows\system32\NVCOSMU.DLL

2010-02-02 12:09 . 2008-08-21 07:17 453152 ----a-w- c:\windows\system32\nvusmu.exe

2010-02-02 12:08 . 2010-02-02 12:08 -------- d-----w- c:\windows\nview

2010-02-02 12:08 . 2008-08-01 06:48 453152 ----a-w- c:\windows\system32\nvudisp.exe

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-03-01 18:20 . 2001-10-28 14:07 67232 ----a-w- c:\windows\system32\perfc016.dat

2010-03-01 18:20 . 2001-10-28 14:07 425072 ----a-w- c:\windows\system32\perfh016.dat

2010-02-18 16:21 . 2010-02-02 12:10 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information

2010-02-02 17:20 . 2010-02-02 12:35 -------- d-----w- c:\documents and settings\Projetos 01\Dados de aplicativos\LimeWire

2010-02-02 14:41 . 2010-02-02 12:35 -------- d-----w- c:\arquivos de programas\LimeWire

2010-02-02 12:48 . 2010-02-02 13:37 12464 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\avg9\update\backup\avgrsstx.dll

2010-02-02 12:37 . 2010-02-02 12:37 -------- d-----w- c:\arquivos de programas\Arquivos comuns\L&H Shared

2010-02-02 12:37 . 2010-02-02 12:37 -------- d-----w- c:\arquivos de programas\LHSP

2010-02-02 12:37 . 2010-02-02 12:37 -------- d-----w- c:\arquivos de programas\Positivo

2010-02-02 12:37 . 2010-02-02 12:10 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield

2010-02-02 12:36 . 2010-02-02 12:36 2232 ----a-w- c:\windows\java\Packages\Data\53J7HVJR.DAT

2010-02-02 12:36 . 2010-02-02 12:36 155995 ----a-w- c:\windows\java\Packages\XRFNX7F5.ZIP

2010-02-02 12:36 . 2010-02-02 12:36 2678 ----a-w- c:\windows\java\Packages\Data\HF9VTFVD.DAT

2010-02-02 12:36 . 2010-02-02 12:36 2678 ----a-w- c:\windows\java\Packages\Data\9B3VX3RX.DAT

2010-02-02 12:36 . 2010-02-02 12:36 2678 ----a-w- c:\windows\java\Packages\Data\CCJH353H.DAT

2010-02-02 12:36 . 2010-02-02 12:36 2678 ----a-w- c:\windows\java\Packages\Data\4KJRNPNR.DAT

2010-02-02 12:36 . 2010-02-02 12:36 2678 ----a-w- c:\windows\java\Packages\Data\01JJX73V.DAT

2010-02-02 12:20 . 2010-02-02 11:54 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat

2010-02-02 12:10 . 2010-02-02 12:10 -------- d-----w- c:\arquivos de programas\Realtek

2010-02-02 11:55 . 2010-02-02 11:55 -------- d-----w- c:\arquivos de programas\microsoft frontpage

2010-02-02 11:54 . 2010-02-02 11:54 -------- d-----w- c:\arquivos de programas\Serviços on-line

2010-02-02 11:53 . 2010-02-02 11:53 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Serviços

2010-02-02 11:52 . 2010-02-02 11:52 21844 ----a-w- c:\windows\system32\emptyregdb.dat

.

 

------- Sigcheck -------

 

[-] 2009-05-24 . 1D01C384F3BA123EB6F09769DEA005AC . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TkBellExe"="c:\arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" [2010-02-02 180269]

"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2010-02-08 149280]

"AutorunRemover.exe"="c:\arquivos de programas\AutorunRemover\AutorunRemover.exe" [2010-02-02 488960]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-01 13529088]

"UnlockerAssistant"="c:\arquivos de programas\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]

"Adobe ARM"="c:\arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

"RTHDCPL"="RTHDCPL.EXE" [2009-02-17 17508864]

"avast5"="c:\arquiv~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"nltide_2"="shell32" [X]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"HonorAutoRunSetting"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\LimeWire\\LimeWire.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

 

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2/3/2010 10:17 12112]

R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2/3/2010 10:17 195408]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1/3/2010 12:37 162512]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/3/2010 12:37 19024]

S1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2/3/2010 10:17 102480]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/3/2010 10:17 291920]

S2 avast! Firewall;avast! Firewall;"c:\arquivos de programas\Alwil Software\Avast5\afwServ.exe" --> c:\arquivos de programas\Alwil Software\Avast5\afwServ.exe [?]

S2 gupdate1caa593386fee70;Google Update Service (gupdate1caa593386fee70);c:\arquivos de programas\Google\Update\GoogleUpdate.exe [4/2/2010 09:11 133104]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2/2/2010 09:10 1684736]

 

--- =Outros Serviços/Drivers Na Memória ---

 

*NewlyCreated* - ASWNDIS2

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2010-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-02-04 12:11]

 

2010-03-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2010-02-04 12:11]

.

.

------- Scan Suplementar -------

.

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~4\Office12\EXCEL.EXE/3000

TCP: {6DC2657B-8D53-4405-9553-2210BE598015} = 201.16.252.2

DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab

FF - ProfilePath - c:\documents and settings\Projetos 01\Dados de aplicativos\Mozilla\Firefox\Profiles\wf6bsv1z.default\

FF - prefs.js: browser.startup.homepage - www.google.com.br

FF - plugin: c:\arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\arquivos de programas\Google\Update\1.2.183.17\npGoogleOneClick8.dll

 

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 16000

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: dom.disable_window_status_change - true

FF - user.js: network.http.max-connections - 32

FF - user.js: network.http.max-connections-per-server - 8

FF - user.js: network.http.max-persistent-connections-per-proxy - 8

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 750

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2010-03-02 12:32

Windows 5.1.2600 Service Pack 3 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'explorer.exe'(2696)

c:\arquiv~1\WINDOW~2\wmpband.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Tempo para conclusão: 2010-03-02 12:33:55

ComboFix-quarantined-files.txt 2010-03-02 15:33

ComboFix2.txt 2010-03-02 12:43

ComboFix3.txt 2010-03-01 13:02

 

Pré-execução: 9 pasta(s) 124.776.624.128 bytes disponíveis

Pós execução: 10 pasta(s) 124.763.004.928 bytes disponíveis

 

- - End Of File - - 181918EBA54B8605EB2EFB9511499A7B

[wings 22]

OK...log limpo.

 

 

1.

*Clique em [iniciar] > [Executar] > digite: Combofix /uninstall

*Clique [OK]

 

 

*Clique em [Executar]

*Aguarde até surgir a mensagem: "ComboFix está desinstalado"

 

*Clique [OK]

 

2.

*Delete as pastas C:\UsbFix e C:\LinhaDefensiva

 

3.

*Delete o arquivo C:\UsbFix_Upload_Me_PROJETOS01.zip

[Jota Tiros 0]

Ok Wings, os vírus pararam de aparecer indefinidamente, mas vou esperar mais alguns dias, pra ver se o problema volta, antes de dar o problema por resolvido, ok?

De qualquer forma já agradeço a atenção dispensada.

[wings 22]

OK...

 

Mas, não esqueça de informar!!

 

Assim, o fórum ficará mais organizado.

 

 

Um abraço.

[Jota Tiros 0]

Ok, Wings, problema resolvido.

Valeu mesmo!!!

[wings 22]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.