Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Bubax2

[Arquivado] &nbspAnalise de LOG HijackThis

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

Bubax2    0

Bubax2
Postado

Bem, primeiramente obrigado a atenção de todos, sou novo aqui no fórum e estou com problemas de vírus no PC (Á... Sério...). A um tempo atras o "Avira", acusou o PC de estar infectado, passei o Malwarebytes e fiz um scanner com o Spybot aqui no PC, deletei arquivos suspeitos e etc.

Bem depois disso tudo bem, nada mais de acusação de vírus, bacana. Mas ao logar, esta aparecendo uma mensagem de "Proteção de Arquivo" do Windows, dizendo que alguns arquivos do windows foram modificados por outros de versões desconhecidas. Eis meu medo que o vírus ainda esteja escondido no PC, e foi por isto que resolvi postar aqui. Primeiramente obrigado a ajuda de todos, segue o Log do HijackThis:

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 8:50:53 PM, on 9/20/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\MagicTune Premium\MagicTuneEngine.exe

C:\Arquivos de programas\Clarus\Samsung SecretZone\MSSvc.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\PnkBstrB.exe

C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\slserv.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

C:\Arquivos de programas\Arquivos comuns\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\MagicTune Premium\MagicTune.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\uTorrent\uTorrent.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\Internet Download Manager\IDMan.exe

C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe

C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.2.183.29\GoogleCrashHandler.exe

C:\Arquivos de programas\MagicTune Premium\GammaTray.exe

C:\Arquivos de programas\Philips\SA30xx Device Manager\SA30XX_DeviceManager.exe

C:\Arquivos de programas\Clarus\Samsung Auto Backup\ISFGuage.exe

C:\Arquivos de programas\Clarus\Samsung Auto Backup\ISFRealTimeD.exe

C:\Arquivos de programas\Clarus\Samsung Auto Backup\ISFTimerD.exe

C:\Arquivos de programas\MultiDesktop Manager\MegaScale MultiDesktop Manager.exe

C:\Arquivos de programas\Internet Download Manager\IEMonitor.exe

C:\Documents and Settings\Administrador\Meus documentos\Downloads\HiJackThis (1).exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2567694

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMes0.dll

R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Arquivos de programas\DVDVideoSoftTB\tbDVD1.dll

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Arquivos de programas\Internet Download Manager\IDMIECC.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dados de aplicativos\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Arquivos de programas\DVDVideoSoftTB\tbDVD1.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMes0.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Arquivos de programas\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMes0.dll

O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Arquivos de programas\DVDVideoSoftTB\tbDVD1.dll

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [VMware hqtray] "C:\Arquivos de programas\VMware\VMware Player\hqtray.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

O4 - HKLM\..\Run: [LFService] C:\Arquivos de programas\Lock Folder XP\LFService.exe -start

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Arquivos de programas\Arquivos comuns\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Arquivos de programas\Arquivos comuns\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Arquivos de programas\Arquivos comuns\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [The TeamSpeak 2 client] C:\Arquivos de programas\Teamspeak2_RC2\TeamSpeak.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [uTorrent] "C:\Arquivos de programas\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [steam] "c:\arquivos de programas\steam\steam.exe" -silent

O4 - HKCU\..\Run: [Real Desktop] "C:\Arquivos de programas\Real Desktop\Real Desktop.exe"

O4 - HKCU\..\Run: [PowerBar] "C:\Arquivos de programas\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime

O4 - HKCU\..\Run: [NCsoft Launcher] C:\arquivos de programas\ncsoft\launcher\NCLauncher.exe /Minimized

O4 - HKCU\..\Run: [iDMan] C:\Arquivos de programas\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [AlcoholAutomount] "F:\Alcohol 120\axcmd.exe" /automount

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_5.1;_en-US)_AppleWebKit/534.3_(KHTML,_like_Gecko)_Chrome/6.0.472.59_Safari/534.3" -"http://www.neopets.com/games/dgs/play_shockwave.phtml?va=&game_id=430&nc_referer=&age=1&hiscore=&sp=0&questionSet=&r=3473446&width=640&height=480&quality=high"

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

O4 - Startup: MultiDesktop Manager.lnk = C:\Arquivos de programas\MultiDesktop Manager\MegaScale MultiDesktop Manager.exe

O4 - Startup: Xfire.lnk = C:\Arquivos de programas\Xfire\Xfire.exe

O4 - Global Startup: Adobe Gamma Loader.lnk.disabled

O4 - Global Startup: GammaTray.lnk = ?

O4 - Global Startup: Launchy.lnk = C:\Arquivos de programas\Launchy\Launchy.exe

O4 - Global Startup: Philips SA30XX Device Manager.lnk = ?

O4 - Global Startup: Samsung Auto Backup Guage.lnk = ?

O4 - Global Startup: Samsung Auto Backup Real-Time Daemon.lnk = ?

O4 - Global Startup: Samsung Auto Backup Scheduler.lnk = ?

O8 - Extra context menu item: Download all links with IDM - C:\Arquivos de programas\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download FLV video content with IDM - C:\Arquivos de programas\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Download with IDM - C:\Arquivos de programas\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Administrador\Dados de aplicativos\DVDVideoSoftIEHelpers\youtubedownload.htm

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Administrador\Dados de aplicativos\DVDVideoSoftIEHelpers\youtubetomp3.htm

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab

O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{06A72AD6-9E3F-4455-803C-54F6D59DD77E}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CS1\Services\Tcpip\..\{06A72AD6-9E3F-4455-803C-54F6D59DD77E}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CS3\Services\Tcpip\..\{06A72AD6-9E3F-4455-803C-54F6D59DD77E}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CS4\Services\Tcpip\..\{06A72AD6-9E3F-4455-803C-54F6D59DD77E}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CS5\Services\Tcpip\..\{06A72AD6-9E3F-4455-803C-54F6D59DD77E}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CS6\Services\Tcpip\..\{06A72AD6-9E3F-4455-803C-54F6D59DD77E}: NameServer = 8.8.8.8,8.8.4.4

O17 - HKLM\System\CS7\Services\Tcpip\..\{06A72AD6-9E3F-4455-803C-54F6D59DD77E}: NameServer = 8.8.8.8,8.8.4.4

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Deskscapes - {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - (no file)

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Gerenciador do Google Desktop 5.8.811.4345 (GoogleDesktopManager-110408-113106) - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Arquivos de programas\LogMeIn Hamachi\hamachi-2.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: MagicTuneEngine - Unknown owner - C:\Arquivos de programas\MagicTune Premium\MagicTuneEngine.exe

O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Arquivos de programas\Clarus\Samsung SecretZone\MSSvc.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe (file missing)

O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe (file missing)

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Arquivos de programas\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Arquivos de programas\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Arquivos de programas\Arquivos comuns\Ulead Systems\DVD\ULCDRSvr.exe

 

--

End of file - 19522 bytes

Compartilhar este post

Link para o post
Compartilhar em outros sites

Felipe_88    0

Felipe_88
Postado

Boa Noite Bubax2!

 

Vamos por etapa...

 

1.

*Baixe o MalwareBytes'>http://www.malwarebytes.org/mbam-download.php"]MalwareBytes Anti-Malware e salve-o no desktop

*Instale o programa

*Se alguma atualização existir,o download será automático. Aguarde...

*O programa será aberto automaticamente.

*Na aba [Verificação], selecione a opção [Verificação completa]

*Clique em [Verificar] e selecione as partições a serem examinadas (geralmente C:\ e D:\)

*Ao término do scan, poderá ser interrogado se deseja remover objetos da memória. Clique [sIM] > [OK] > [Mostrar Resultados]

*Clique em [Remover Selecionados]

*Um relatório (mbam-log-ano-mês-data.txt) será apresentado.

*Cole-o na sua próxima resposta

Compartilhar este post

Link para o post
Compartilhar em outros sites

Felipe_88    0

Felipe_88
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito