Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Fernando ALS

[Arquivado] &nbspAnalizar meu loog !

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

Fernando ALS    0

Fernando ALS
Postado

Acho que infectaram meu pc analiza ae. !

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:53:59, on 10/9/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\Hijack This\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de programas\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /installquiet

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ManyCam] "C:\Arquivos de programas\ManyCam\Bin\ManyCam.exe" /silent

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O4 - Global Startup: Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\ARQUIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 6708 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

:) Olá Fernando!

 

:seta: Siga, por gentileza, as dicas destes tutoriais:

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-ad-remover.html"]Tutorial do Ad-Remover

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/11/tutorial-do-toolbar-sd.html"]Tutorial do Toolbar S&D

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/10/tutorial-do-malwarebytes-anti-malware.html"]Tutorial do Malwarebytes Anti-Malware

_______________________________

 

:seta: Na sua próxima resposta poste o log do Malwarebytes juntamente com um novo log do Hijackthis, o log que estará em C:\Ad-Report-CLEAN[1].log, o log que estará em C:\ToolBar SD\TB_1.txt e nos diga como está o seu PC após estes procedimentos.

 

Ficamos no aguardo.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Fernando ALS    0

Fernando ALS
Postado

======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 =======

 

Updated by C_XX on 13/06/10 at 20:40

Contact: AdRemover.contact@gmail.com

website: http://pagesperso-orange.fr/NosTools/ad_remover.html

 

C:\Arquivos de programas\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 19:24:12 on 10/09/2010, Normal boot

 

Microsoft Windows XP Professional Service Pack 3 (X86)

Fernando, FERNANDO ( )

 

============== ACTION(S) ==============

 

 

0,Folder deleted: C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

0,File deleted: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

0,Folder deleted: C:\Documents and Settings\Fernando\Dados de aplicativos\Mozilla\FireFox\Profiles\3ydlmd4e.default\extensions\toolbar@ask.com

0,Folder deleting error: C:\Arquivos de programas\Ask.com (Error code: 0)

0,Folder deleting error: C:\Documents and Settings\Fernando\Configurações locais\Dados de aplicativos\AskToolbar (Error code: 0)

0,Folder deleted: C:\Documents and Settings\All Users\Dados de aplicativos\Trymedia

3,File deleted: C:\WINDOWS\Installer\2317c32.msi

 

(!) -- Temporary files deleted.

 

 

-- File opened: C:\Documents and Settings\Fernando\Dados de aplicativos\Mozilla\FireFox\Profiles\3ydlmd4e.default\Prefs.js --

Line deleted: user_pref("browser.startup.homepage", "hxxp://br.ask.com/?o=15183&l=dis");

Line deleted: user_pref("extensions.asktb.cbid", "NL");

Line deleted: user_pref("extensions.asktb.default-channel-url-mask", "hxxp://br.ask.com/web?q={query}&qsrc={qsrc}&...

Line deleted: user_pref("extensions.asktb.dtid", "YYYYYYYYBR");

Line deleted: user_pref("extensions.asktb.fresh-install", false);

Line deleted: user_pref("extensions.asktb.l", "dis");

Line deleted: user_pref("extensions.asktb.last-config-req", "1283823895347");

Line deleted: user_pref("extensions.asktb.locale", "pt_BR");

Line deleted: user_pref("extensions.asktb.o", "14300");

Line deleted: user_pref("extensions.asktb.overlay-reloaded-using-restart", true);

Line deleted: user_pref("extensions.asktb.qsrc", "2871");

Line deleted: user_pref("extensions.asktb.r", "5");

Line deleted: user_pref("extensions.asktb.search-suggestions-enabled", true);

Line deleted: user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.1,DTToolbar@toolbarne...

-- File closed --

 

 

1,Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

1,Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

1,Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

1,Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

1,Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

1,Key deleted: HKLM\Software\Classes\Interface\{D8F245F7-60CF-4370-A70D-6867467ECBF2}

1,Key deleted: HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}

1,Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

0,Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd

0,Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1

0,Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL

1,Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

0,Key deleted: HKCU\Software\Ask.com

0,Key deleted: HKCU\Software\AskToolbar

0,Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo

3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

3,Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

 

0,Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440}

0,Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}

 

 

============== ADDITIONNAL SCAN ==============

 

** Mozilla Firefox Version [3.6.8 (pt-BR)] **

 

-- C:\Documents and Settings\Fernando\Dados de aplicativos\Mozilla\FireFox\Profiles\3ydlmd4e.default\Prefs.js --

browser.search.selectedEngine, DAEMON Search

browser.startup.homepage_override.mstone, rv:1.9.2.8

 

========================================

 

** Internet Explorer Version [8.0.6001.18702] **

 

[HKCU\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

 

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

 

========================================

 

C:\Arquivos de programas\Ad-Remover\Quarantine: 168 File(s)

C:\Arquivos de programas\Ad-Remover\Backup: 15 File(s)

 

C:\Ad-Report-CLEAN[1].txt - 10/09/2010 (2323 Byte(s))

 

End at: 19:25:53, 10/09/2010

 

============== E.O.F ==============

 

 

 

 

-----------\\ ToolBar S&D 1.2.9 XP/Vista

 

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3

X86-based PC ( Multiprocessor Free : Processador Intel Pentium III Xeon )

BIOS : Default System BIOS

USER : Fernando ( Administrator )

BOOT : Normal boot

Antivirus : AntiVir Desktop 9.0.1.32 (Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:97 Go (Free:60 Go)

D:\ (Local Disk) - NTFS - Total:368 Go (Free:283 Go)

E:\ (USB)

F:\ (CD or DVD)

G:\ (CD or DVD)

 

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )

Option : [1] ( --- 10/09/2010|19:30 )

 

-----------\\ Procura por Arquivos / Ficheiros ...

 

C:\Arquivos de programas\DAEMON Tools Toolbar

C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources

C:\Arquivos de programas\DAEMON Tools Toolbar\uninst.exe

C:\Arquivos de programas\DAEMON Tools Toolbar\_DTLite.xml

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\about.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\AboutWindow.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\accept.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\AddRadioStation.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\as.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\as.png

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\astro.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\astroburn_site.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\astroLite_16.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\astro_buy.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\astro_download.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\astro_feedback.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\astro_forum.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\astro_home.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\astro_lite.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\az.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\b1.png

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\BurnImage.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\burn_files.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\burn_image.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\burn_imgs.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\buy.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\Config.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\d.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\d2.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\daemon.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\daemon_search.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\daemon_search_site.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dot_disabled.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dot_enabled.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dot_on_over.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\download.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\ds.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dsearch.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt-home.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\DTPro.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dtt16.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dtt32.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt_about.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt_buy.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt_download.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt_faq.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt_feedback.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt_forum.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt_line.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt_lite.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt_manual.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\dt_pro.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\Dwnl.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\emulation.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\faq.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\favicon.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\features.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\feedback.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\forum.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\GameCentrix.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\GameS.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\GameSA.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\games_search.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\games_search_SA.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\gct16.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\gd.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\genre.xml

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\globe.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\GrabImage.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\hb.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\hb.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\help.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\hide.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\home.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\ImageS.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\ImageSA.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\image_search.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\image_search_SA.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\ip.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\lang.xml

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\lingvo.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\m.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mail.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mailc.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mailc_disable.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mailc_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mailc_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mailc_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mail_disable.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mail_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mail_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mail_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\manual.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\map.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\MenuRSCur.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\MenuTr.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mount.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\mount_n_drive.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\next.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\next_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\next_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\next_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\none.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\none_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\op.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\play.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\play.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\play_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\play_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\play_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\pragma.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\prev.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\prev_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\prev_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\prev_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\prod.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\Radio.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioBg.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioBg.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioDisp.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioDown.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioDown.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioE.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioG.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioL.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioLeft.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioLM.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioM.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioN.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioR.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioR.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioRM.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioRU.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioVolume.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RadioW.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\rbcheck.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\rbtxt.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\refresh.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\refresh_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\refresh_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\refresh_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\Rss.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\Rss1.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RssA.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RssA1.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\rssClose.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\rssL.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\rssOpen.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\RssRefresh.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\s2.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\show.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\size.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\size_lr.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\size_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\size_rl.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\skins.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\soft24.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\soft24_SA.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\spt.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\stop.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\stop.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\stop_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\stop_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\stop_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\style.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\SupportRequest.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\timer.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\TitleIcon.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\toolbar.xml

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\trans.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\Trash.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\Trash_disable.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\Trash_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\Trash_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\Trash_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\u.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\unmount-all.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\vol.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\vol.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\vol_back.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\vol_dott.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\vol_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\vol_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\vol_mute.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\vol_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wBtClose.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wBtText.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wBtText_down.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wBtText_m.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wBtText_under.bmp

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\WebS.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\WebSa.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\web_resources.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\web_search.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\web_search_SA.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi0.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi1.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi10.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi11.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi12.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi13.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi14.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi2.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi3.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi4.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi5.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi6.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi7.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi8.ico

C:\Arquivos de programas\DAEMON Tools Toolbar\Resources\wi9.ico

 

-----------\\ Extensions

 

(Fernando) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user

(Fernando) - {c45c406e-ab73-11d8-be73-000a95be3b12} => webdeveloper

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://fr.msn.com/"

"Start Page Redirect Cache"="http://br.msn.com/?ocid=iehp"

"Default_search_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Default_page_url"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

"Search bar"="http://go.microsoft.com/fwlink/?linkid=54896"

"Url"="http://go.microsoft.com/fwlink/?LinkId=75723"

"Url"="http://go.microsoft.com/fwlink/?LinkId=75724"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

"Start Page"="http://fr.msn.com/"

"Search bar"="http://search.msn.com/spbasic.htm"

 

 

--------------------\\ Procurando por outras infecções

 

 

Não foram encontradas outras infecções.

 

 

1 - "C:\ToolBar SD\TB_1.txt" - --- 10/09/2010|19:31 - Option : [1]

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

:) Vários problemas foram removidos.

_______________________

 

:!: Mas faltou você executar o Malwarebytes e postar o log dele juntamente com um novo log do Hijackthis e nos dizer como está seu PC depois disto.

 

Ficamos na espera.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Fernando ALS    0

Fernando ALS
Postado

Internet Explorer 8.0.6001.18702

 

12/9/2010 21:14:37

mbam-log-2010-09-12 (21-14-37).txt

 

Tipo de Verificação: Verificação Completa (C:\|)

Objetos escaneados: 248921

Tempo decorrido: 40 minuto(s), 2 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 0

Valores de Registro Infectados: 0

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 0

Arquivos Infectados: 0

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

(Não foram detectados ítens maliciosos)

 

Valores de Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Pastas Infectadas:

(Não foram detectados ítens maliciosos)

 

Arquivos Infectados:

(Não foram detectados ítens maliciosos)

 

------------------------------------------------------------------------------------------------------------------

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:25:40, on 12/9/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\ManyCam\Bin\ManyCam.exe

C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Hijack This\HiJackThis.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.msn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nView\nwiz.exe /installquiet

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ManyCam] "C:\Arquivos de programas\ManyCam\Bin\ManyCam.exe" /silent

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O4 - Global Startup: Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\ARQUIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

--

End of file - 7244 bytes

 

 

 

Ta ae MESTRE

Compartilhar este post

Link para o post
Compartilhar em outros sites

Power Max    54

Power Max
Postado

Deu uma melhorada, sim mais o avira acusa virus com nomes desconhecidos ! ah pouco tempo !

 

:seta: Siga, por gentileza, as dicas destes tutoriais:

 

Tutorial do antivirus Nod32 Online

 

[/b][/color]"]Tutorial do antivírus BitDefender Online[/url]

______________________________

 

:seta: Configure o Avira antivir seguindo as dicas destes tutoriais:

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/03/tutorial-de-instalacao-e-configuracao.html"]Tutorial do Avira Antivir 10 free (instalação e configuração)

 

'>http://dicasetutoriaisparapc.blogspot.com/2009/03/escaneando-seu-computador-com-o-avira.html"]Tutorial do Avira Antivir 10 free (como usá-lo corretamente)

___________________________________

 

:seta: Depois de configurar o Avira Antivir seguindo as dicas dos tutoriais acima, atualize-o (faça um update) e reinicie o seu computador e entre pelo Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro ou Modo de Segurança). Aí quando o computador tiver reiniciado, clique com o botão direito do mouse sobre o símbolo do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Scan system now > e aguarde a conclusão do escaneamento.

 

Obs: Caso não seja possível fazer o escaneamento com o Avira Antivir no Modo Seguro do Windows, faça-o no modo normal.

_______________________________________________________________

 

:seta: Quando você tiver removido os virus que o Avira Antivir encontrar, reinicie o computador normalmente. Clique com o botão direito do mouse sobre o ícone do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Reports > dê um duplo clique com o botão esquerdo do mouse sobre o log mais recente e clique no botão Report file > Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar) > Depois disso é só voltar aqui no fórum e postar este log do Avira Antivir juntamente com um novo log do Hijackthis, o log que estará em C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt e o log que estará em C:\Windows\BDOSCAN8\bdoscan.log para que eles possam ser analizados e nos diga como está seu PC depois disto.

 

Ficamos no aguardo de sua resposta.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito