joaum 0 Denunciar post Postado Dezembro 13, 2010 Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:43:21, on 12/12/2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe D:\unlocker\UnlockerAssistant.exe C:\ProgramData\Everstrike\US4Service.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe D:\NitroPC\NitroPC.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\System32\rundll32.exe C:\Windows\system32\wuauclt.exe C:\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZCfox000&ptb=K_KpItdB62AZlamlzx0f8g R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [unlockerAssistant] "D:\unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [uS4Service] C:\ProgramData\Everstrike\US4Service.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\REGINA\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [NitroPC] "D:\NitroPC\NitroPC.exe" -minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Sumário do OneNote.onetoc2 O4 - Global Startup: McAfee Security Scan Plus.lnk = ? O8 - Extra context menu item: Download by easyMule - D:\Emule\easyMule2\IE2EM.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O15 - Trusted Zone: www.bancobrasil.com.br O15 - Trusted Zone: www14.bancobrasil.com.br O15 - Trusted Zone: www2.bancobrasil.com.br O15 - Trusted Zone: www.bb.com.br O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe O23 - Service: Gerenciador do Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPC Service (NitroPCSrv) - Intelliclick Informática - D:\NitroPC\NitroPCService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- End of file - 8952 bytes Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Dezembro 13, 2010 Olá! Seja bem vindo à seção de remoção de malwares do fórum IMasters. Antes de começarmos a ver seu computador, tenho uma pergunta: você usa serviço de banco no seu pc? --------------------------- Por favor, siga as instruções abaixo: Faça o Download do DDS e salve no Desktop (Área de trabalho). Temporariamente desative os seus programas de proteção. Duplo clique em dds.scr. Irá surgir uma tela preta com algumas informações. Não clique em nada, apenas aguarde! Quando terminar, duas janelas abrirão: DDS.txt e Attach.txt. Salve o resultado e cole-o no seu tópico. OBS: Caso o link disponibilizado não funcione, tente baixar o DDS por ESTE link. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
joaum 0 Denunciar post Postado Dezembro 14, 2010 Olá, Muito obrigado pela ajuda. Quanto ao acesso a bancos pelo PC, não faço mais, por motivo de segurança. Abaixo as informações dos arquivos que você pediu. Aguardo seu retorno. Joaum UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft® Windows Vista™ Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 13/08/2009 21:56:24 System Uptime: 13/12/2010 22:11:08 (0 hours ago) Motherboard: MSI | | MS-7309 Processor: AMD Phenom 9600 Quad-Core Processor | CPU 1 | 2310/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 40 GiB total, 1,104 GiB free. D: is FIXED (NTFS) - 659 GiB total, 631,639 GiB free. E: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP248: 13/12/2010 22:31:05 - Windows Update ==== Installed Programs ====================== Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.4.1 - Português AGEIA GAME System Software Arquivo do WinRAR Assistente de Conexão do Windows Live avast! Internet Security CNPJ (PGD) - versão 3.0 CorelDRAW Graphics Suite X4 CorelDRAW Graphics Suite X4 - Capture CorelDRAW Graphics Suite X4 - Content CorelDRAW Graphics Suite X4 - Draw CorelDRAW Graphics Suite X4 - Filters CorelDRAW Graphics Suite X4 - FontNav CorelDRAW Graphics SUite X4 - ICA CorelDRAW Graphics Suite X4 - IPM CorelDRAW Graphics Suite X4 - Lang EN CorelDRAW Graphics Suite X4 - PP CorelDRAW Graphics Suite X4 - VBA CorelDRAW® Graphics Suite X4 CorelDRAW® Graphics Suite X4 - Windows Shell Extension DAEMON Tools Toolbar DHTML Editing Component Ferramenta de Carregamento do Windows Live GCAP2009 GOM Player Google Chrome Google Desktop Google Update Helper GPS Graph 4.3 GroupMail :: Free Edition IRPF2009 - Declaração de Ajuste Anual e Final de Espólio IRPF2010 - Declaração de Ajuste Anual e Final de Espólio Java Auto Updater Java 6 Update 22 Junk Mail filter update K-Lite Mega Codec Pack 6.4.0 Lista Telefônica Online McAfee Security Scan Plus Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office Access MUI (Portuguese (Brazil)) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Portuguese (Brazil)) 2007 Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 Microsoft Office Word MUI (Portuguese (Brazil)) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mozilla Firefox (3.6.13) MSVCRT Need for Speed™ Carbon Nero 8 Essentials neroxml NitroPC NVIDIA Drivers Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 PL-2303 USB-to-Serial Pro Evolution Soccer 2010 RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.0 Receitanet 2009 Receitanet Java 2010.02 SopCast 3.0.3 TeamViewer 5 TEDSEF - Transmissor Eletrônico de Documentos SEF/MG - V. 1.05. Universal Shield Unlocker 1.9.0 VAF - Valor Adicionado Fiscal - Versão 7.04.00 VAF - Valor Adicionado Fiscal - Versão 7.03.01 VCRedistSetup Visual Basic for Applications ® Core Visual Basic for Applications ® Core - English Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Galeria de Fotos Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Proteção para a Família Windows Live Sync Windows Live Toolbar Windows Live Writer Windows Media Player Firefox Plugin Xerox WorkCentre 3119 Series ==== End Of File =========================== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft® Windows Vista™ Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 13/08/2009 21:56:24 System Uptime: 13/12/2010 22:11:08 (0 hours ago) Motherboard: MSI | | MS-7309 Processor: AMD Phenom 9600 Quad-Core Processor | CPU 1 | 2310/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 40 GiB total, 1,104 GiB free. D: is FIXED (NTFS) - 659 GiB total, 631,639 GiB free. E: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP248: 13/12/2010 22:31:05 - Windows Update ==== Installed Programs ====================== Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.4.1 - Português AGEIA GAME System Software Arquivo do WinRAR Assistente de Conexão do Windows Live avast! Internet Security CNPJ (PGD) - versão 3.0 CorelDRAW Graphics Suite X4 CorelDRAW Graphics Suite X4 - Capture CorelDRAW Graphics Suite X4 - Content CorelDRAW Graphics Suite X4 - Draw CorelDRAW Graphics Suite X4 - Filters CorelDRAW Graphics Suite X4 - FontNav CorelDRAW Graphics SUite X4 - ICA CorelDRAW Graphics Suite X4 - IPM CorelDRAW Graphics Suite X4 - Lang EN CorelDRAW Graphics Suite X4 - PP CorelDRAW Graphics Suite X4 - VBA CorelDRAW® Graphics Suite X4 CorelDRAW® Graphics Suite X4 - Windows Shell Extension DAEMON Tools Toolbar DHTML Editing Component Ferramenta de Carregamento do Windows Live GCAP2009 GOM Player Google Chrome Google Desktop Google Update Helper GPS Graph 4.3 GroupMail :: Free Edition IRPF2009 - Declaração de Ajuste Anual e Final de Espólio IRPF2010 - Declaração de Ajuste Anual e Final de Espólio Java Auto Updater Java 6 Update 22 Junk Mail filter update K-Lite Mega Codec Pack 6.4.0 Lista Telefônica Online McAfee Security Scan Plus Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office Access MUI (Portuguese (Brazil)) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Portuguese (Brazil)) 2007 Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 Microsoft Office Word MUI (Portuguese (Brazil)) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mozilla Firefox (3.6.13) MSVCRT Need for Speed™ Carbon Nero 8 Essentials neroxml NitroPC NVIDIA Drivers Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 PL-2303 USB-to-Serial Pro Evolution Soccer 2010 RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.0 Receitanet 2009 Receitanet Java 2010.02 SopCast 3.0.3 TeamViewer 5 TEDSEF - Transmissor Eletrônico de Documentos SEF/MG - V. 1.05. Universal Shield Unlocker 1.9.0 VAF - Valor Adicionado Fiscal - Versão 7.04.00 VAF - Valor Adicionado Fiscal - Versão 7.03.01 VCRedistSetup Visual Basic for Applications ® Core Visual Basic for Applications ® Core - English Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Galeria de Fotos Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Proteção para a Família Windows Live Sync Windows Live Toolbar Windows Live Writer Windows Media Player Firefox Plugin Xerox WorkCentre 3119 Series ==== End Of File =========================== Compartilhar este post Link para o post Compartilhar em outros sites
Renato Utsch 24 Denunciar post Postado Dezembro 14, 2010 Muito obrigado pela ajuda. Quanto ao acesso a bancos pelo PC, não faço mais, por motivo de segurança. Mas, pelo que entendi, de fato, você já usou banco no seu pc? Refaça o scan com o DDS e poste o log DDS.txt também, não só o Attach.txt (que foi o que você postou). <!> São 2 logs que o DDS gera. Poste os 2. Abraços :D Compartilhar este post Link para o post Compartilhar em outros sites
Felipe_88 0 Denunciar post Postado Janeiro 13, 2011 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
