vitor siqueira
-
Total de itens
13 -
Registro em
-
Última visita
Sobre vitor siqueira
vitor siqueira's Achievements
0
Reputação
-
Meu pc está com um problema. Reinicializa sozinho e está muito lento. Segue log HijackThis v2.0.2 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:59:28, on 29/08/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Arquivos de programas\QuickTime\qttask.exe C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\hphmon06.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\vsnpstd.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\ARQUIV~1\Magentic\bin\MgApp.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Alwil Software\Avast4\ashSimpl.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Discador iBest - {4F869C58-D71D-4850-8BDD-7B5CDF8EC911} - C:\Arquivos de programas\Discador iBest\ibestbar.dll (file missing) O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Arquivos de programas\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe O4 - HKLM\..\Run: [HPHUPD06] C:\Arquivos de programas\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Magentic] C:\ARQUIV~1\Magentic\bin\Magentic.exe /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Media Player.lnk = C:\Arquivos de programas\Adobe Media Player\Adobe Media Player.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\digital imaging\bin\hpqtra08.exe O4 - Global Startup: Inicialização rápida do HP Image Zone.lnk = C:\Arquivos de programas\HP\digital imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Update Service (gupdate1c98ee030fd60a0) (gupdate1c98ee030fd60a0) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 5441 bytes Aguardo instruções. Abraço.
-
(Resolvido) Contas de Usuário
pergunta respondeu ao vitor siqueira de vitor siqueira em Microsoft Windows
Obrigado!!! Funcionou bem, agora a tela de boas vindas aparece novamente. Valeu!!!! -
Os Serviços de cliente para netware desativaram a tela de boas vindas e a troca rápida de usuário. Já sei que devo desinstalar, no entanto, como utilizo a netcombo para acessar a internet, fico com medo de desinstalar e gerar outro problema, gostaria de saber se posso desinstalá-lo sem que ocorra algum problema. Obrigado!!
-
(Resolvido) Problema ao abrir programas
pergunta respondeu ao vitor siqueira de vitor siqueira em Microsoft Windows
Erro típico de ( Bad Cluster ) Trilhas ruins no HD....por isso não consegue executar os programas ..... surigo formatar o seu HD e reisntalar o windows abraço Obrigado! -
Quando inicializo meu pc, aparecem várias mensagens de erro, não consigo entrar em nenhum programa, nem navegar pelo windows explorer, quando clico no iniciar e tento ir para meus documentos (por exemplo) surge a seguinte mensagem: "o explorer.EXE encontrou um problema e precisa ser fechado". Somente pelo gerenciador de tarefas é que consegui acessar a internet e abrir alguns programas.
-
Olá boa tarde, estou com um problema no meu pc, que acontece o seguinte: quando vou em iniciar /desligar surge uma caixa de mensagem dizendo : "end program wms idle". E o mesmo não encerra enquanto não é fechado. Desde já agradeço a atenção !
-
[Resolvido]mensagem no pc
pergunta respondeu ao vitor siqueira de vitor siqueira em Casos Resolvidos
Olá, Miliane. Obrigado pela ajuda. Acho não tem nenhum outro problema. Um abraço! -
[Resolvido]mensagem no pc
pergunta respondeu ao vitor siqueira de vitor siqueira em Casos Resolvidos
-
[Resolvido]mensagem no pc
pergunta respondeu ao vitor siqueira de vitor siqueira em Casos Resolvidos
Esse é o resultado que aparece do virustotal : Arquivo regwiz.exe recebido em 2008.03.08 23:45:16 (CET) Andamento: Carregando ... na fila aguardando analisando terminado NÃO ENCONTRADO PARADO Resultado: 0/32 (0%) -
[Resolvido]mensagem no pc
pergunta respondeu ao vitor siqueira de vitor siqueira em Casos Resolvidos
-
[Resolvido]mensagem no pc
pergunta respondeu ao vitor siqueira de vitor siqueira em Casos Resolvidos
-
[Resolvido]mensagem no pc
pergunta respondeu ao vitor siqueira de vitor siqueira em Casos Resolvidos
Olá Miliane, acho que fiz tudo certo !!! Espero resposta para saber se já está desinfectado. Obrigado pela ajuda!!! Aí vai o que estava no Combofix.txt: ComboFix 08-03-05.1 - Administrador 2008-03-06 1:30:40.1 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.88 [GMT -3:00] Executando de: C:\Documents and Settings\Administrador\Desktop\ComboFix.exe * Criado um novo ponto de restauro WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Arquivos de programas\Helper C:\Arquivos de programas\Helper\1204260677.dll C:\Arquivos de programas\montorgueil C:\Arquivos de programas\montorgueil\_defexitcd_971_1_6\_defexitcd_971_1_6.exe C:\Arquivos de programas\montorgueil\_defexitcd_971_1_6\_defexitcd_971_1_6.ico C:\Arquivos de programas\montorgueil\14.06268 C:\WINDOWS.0\new_drv.sys C:\WINDOWS.0\system32\DefLib.sys C:\WINDOWS.0\system32\drivers\protect.sys C:\WINDOWS.0\system32\heuvth.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_MSUPDATE -------\LEGACY_NEW_DRV -------\LEGACY_PROTECT -------\LEGACY_SYSLIBRARY -------\msupdate -------\new_drv -------\protect -------\SysLibrary ((((((((((((((((((((((( Ficheiros criados de 2008-02-06 to 2008-03-06 )))))))))))))))))))))))))))))))) . 2008-03-05 00:52 . 2008-03-05 00:52 <DIR> d-------- C:\Arquivos de programas\Trend Micro 2008-03-04 18:22 . 2008-03-04 18:22 <DIR> d--hs---- C:\FOUND.010 2008-03-01 17:16 . 2008-03-01 17:16 268 --ah----- C:\sqmdata05.sqm 2008-03-01 17:16 . 2008-03-01 17:16 244 --ah----- C:\sqmnoopt05.sqm 2008-03-01 17:16 . 2008-03-01 17:16 172 --ah----- C:\sqmnoopt07.sqm 2008-03-01 17:16 . 2008-03-01 17:16 172 --ah----- C:\sqmnoopt06.sqm 2008-03-01 17:16 . 2008-03-01 17:16 172 --ah----- C:\sqmdata07.sqm 2008-03-01 17:16 . 2008-03-01 17:16 172 --ah----- C:\sqmdata06.sqm 2008-03-01 16:44 . 2008-03-01 16:44 <DIR> d--hs---- C:\FOUND.009 2008-02-29 01:51 . 2008-02-29 01:51 <DIR> d-------- C:\Arquivos de programas\Sotfone 2008-02-29 01:51 . 2008-02-29 01:51 116 --a------ C:\4592032.bat 2008-02-29 01:50 . 2008-02-29 01:50 <DIR> d-------- C:\Arquivos de programas\NetProject 2008-02-28 03:04 . 2008-02-28 03:04 <DIR> d-------- C:\Arquivos de programas\MSXML 4.0 2008-02-24 16:15 . 2008-02-24 16:15 1,517,568 --a------ C:\WINDOWS.0\krn4.exe 2008-02-24 03:20 . 2008-02-24 03:20 <DIR> d-------- C:\Arquivos de programas\Microsoft CAPICOM 2.1.0.2 2008-02-24 03:19 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS.0\system32\spupdsvc.exe 2008-02-09 18:48 . 2008-02-09 18:49 61,952 --a------ C:\2F.tmp 2008-02-09 18:48 . 2008-02-09 18:48 12,800 --a------ C:\WINDOWS.0\system32\mssrv32.exe 2008-02-09 18:48 . 2008-02-09 18:48 4 --a------ C:\30.tmp 2008-02-09 03:08 . 2008-02-09 03:08 <DIR> d--hs---- C:\FOUND.008 . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-29 07:02 3,796,338 ----a-w C:\AVG7DB_F.DAT 2008-02-09 21:49 46,080 ----a-w C:\WINDOWS.0\system32\regwiz.exe.tmp 2008-01-19 07:38 --------- d-----w C:\DOCUME~1\ALLUSE~1\DADOSD~1\Windows Live Toolbar 2008-01-19 07:22 --------- d-----w C:\Arquivos de programas\Windows Live Toolbar 2008-01-18 08:24 --------- d-----w C:\Arquivos de programas\Arquivos comuns\snpstd 2008-01-18 08:18 --------- d-----w C:\Arquivos de programas\Reality Fusion 2008-01-18 08:16 724,992 ----a-w C:\WINDOWS.0\iun6002.exe 2008-01-18 06:16 --------- d-----w C:\Arquivos de programas\Acelerador POP 2008-01-18 06:15 2,507,385 ----a-w C:\InstaladorPopA.exe 2008-01-18 06:15 --------- d-----w C:\Arquivos de programas\POPDiscador 2008-01-18 05:58 --------- d-----w C:\Documents and Settings\Administrador\Dados de aplicativos\SlipStream 2008-01-18 05:57 1,979,437 ----a-w C:\aceleradorpop.exe 2008-01-18 04:23 --------- d-----w C:\Arquivos de programas\CC2000 2007-12-18 09:51 179,584 ----a-w C:\WINDOWS.0\system32\dllcache\mrxdav.sys 2001-12-23 21:31 271 --sh--w C:\Arquivos de programas\desktop.ini 2001-12-23 21:31 23,439 ---h--w C:\Arquivos de programas\folder.htt . <pre> ----a-w 258,048 2000-03-22 21:43:56 C:\games\Win Games\beertend .exe </pre> (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* entradas vazias & legítimas por defeito não são mostradas. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10C52A42-DB8B-4ade-AA4A-CED6A8282B67}] 2008-02-29 01:51 14848 --a------ C:\Arquivos de programas\Sotfone\1204260679.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}] 2008-03-06 01:01 9728 --a------ C:\Arquivos de programas\NetProject\sbmdl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} {8B79EE88-E62D-4AA8-B530-CC357BA112B7} {81705D67-3F73-4983-859B-97D0922E5ABE} [HKEY_CLASSES_ROOT\clsid\{81705d67-3f73-4983-859b-97d0922e5abe}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{81705D67-3F73-4983-859B-97D0922E5ABE}"= C:\Arquivos de programas\NetProject\wamdl.dll [2008-02-29 01:51 72704] [HKEY_CLASSES_ROOT\clsid\{81705d67-3f73-4983-859b-97d0922e5abe}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"="C:\WINDOWS.0\system32\spool\drivers\w32x86\3\hpztsb11.exe" [2004-04-06 07:28 172032] "HPHUPD06"="C:\Arquivos de programas\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 01:53 49152] "HP Software Update"="C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 13:38 49152] "HP Component Manager"="C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18 241664] "HPHmon06"="C:\WINDOWS.0\system32\hphmon06.exe" [2004-06-07 01:48 659456] "POPDiscador"="C:\Arquivos de programas\POPDiscador\POPDiscador.exe" [2007-07-30 10:52 2040832] "snpstd"="C:\WINDOWS.0\vsnpstd.exe" [2004-06-10 13:48 286720] "SlipStream"="C:\Arquivos de programas\Acelerador POP\slipcore.exe" [2006-11-23 16:39 245760] "AVG7_CC"="C:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe" [2008-02-29 03:29 352256] "AVG7_EMC"="C:\ARQUIV~1\Grisoft\AVGFRE~1\avgemc.exe" [2008-02-29 03:29 273920] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="C:\ARQUIV~1\Grisoft\AVGFRE~1\avgw.exe" [2001-12-26 03:04 151552] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nlsf"="cmd.exe" [2004-08-04 04:45 400384 C:\WINDOWS.0\system32\cmd.exe] "tscuninstall"="C:\WINDOWS.0\system32\tscupgrd.exe" [2004-08-04 02:34 44544] C:\DOCUME~1\ALLUSE~1\MENUIN~1\PROGRA~1\INICIA~1\ HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\digital imaging\bin\hpqtra08.exe [2004-05-28 22:31:38 241664] Inicializa‡Æo r pida do HP Image Zone.lnk - C:\Arquivos de programas\HP\digital imaging\bin\hpqthb08.exe [2004-05-28 23:06:36 53248] STK02N PNP Monitor.lnk - C:\Arquivos de programas\STK02N\STK02NM.exe [2007-12-21 12:45:03 163840] Acelerador POP.lnk - C:\Arquivos de programas\Acelerador POP\slipgui.exe [2008-02-09 16:32:34 159744] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableStatusMessages"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoInternetIcon"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC] --a------ 2008-02-29 03:29 352256 C:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_EMC] --a------ 2008-02-29 03:29 273920 C:\ARQUIV~1\Grisoft\AVGFRE~1\avgemc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GLDStart] C:\Arquivos de programas\GLDirect\gldirect.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2007-01-19 12:54 5674352 C:\Arquivos de programas\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTVOICE] --a------ 2001-10-04 14:48 173056 C:\WINDOWS.0\system32\pctspk.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2006-03-10 15:45 35328 C:\Arquivos de programas\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Arquivos de programas\\DremTeamShare\\DreMule\\emule.exe"= "C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe"= "C:\\Arquivos de programas\\MSN Messenger\\livecall.exe"= R3 SiS630;SiS630;C:\WINDOWS.0\system32\DRIVERS\sis630p.sys [2001-08-30 18:59] S3 NtApm;NT Apm/Legacy Interface Driver;C:\WINDOWS.0\system32\DRIVERS\NtApm.sys [2001-09-06 01:08] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-06 01:43:31 Windows 5.1.2600 Service Pack 2 FAT NTAPI Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros ocultos ... Varredura completada com sucesso Ficheiros ocultos: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS.0\system32\HPZipm12.exe C:\Arquivos de programas\HP\hpcoretech\comp\hptskmgr.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgalry.exe . ************************************************************************** . Tempo para conclusão: 2008-03-06 1:46:08 - machine was rebooted ComboFix-quarantined-files.txt 2008-03-06 04:46:00 . 2008-03-03 23:14:06 --- E O F --- -
[Resolvido]mensagem no pc
pergunta respondeu ao vitor siqueira de vitor siqueira em Casos Resolvidos
Your computer is infected with adware or spyware that displays advertisements while you browse the internet. Would you like to dowload additional software to remove malwere threats and protect your sistem? Essa é uma das mensagens e quando eu clico no balão ele abre uma página da internet em inglês que parece ser de dowload de programas para remover malware. No entanto não baixei nada fiquei um pouco indeciso. Por favor diga-me o que fazer. Um abraço!! -
Meu pc está infectado. Segui as instruções do tópico baixei o Hijack this. aí vai o que deu!!! Por favor ajuda-me. Abraço!! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:55:14, on 5/3/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS.0\System32\smss.exe C:\WINDOWS.0\system32\winlogon.exe C:\WINDOWS.0\system32\services.exe C:\WINDOWS.0\system32\lsass.exe C:\WINDOWS.0\system32\svchost.exe C:\WINDOWS.0\System32\svchost.exe C:\WINDOWS.0\system32\spoolsv.exe C:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\WINDOWS.0\Explorer.EXE C:\WINDOWS.0\system32\svchost.exe C:\Arquivos de programas\NetProject\scit.exe C:\Arquivos de programas\NetProject\sbmntr.exe C:\WINDOWS.0\system32\spool\drivers\w32x86\3\hpztsb11.exe C:\Arquivos de programas\NetProject\scm.exe C:\Arquivos de programas\NetProject\sbsm.exe C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS.0\system32\hphmon06.exe C:\Arquivos de programas\POPDiscador\POPDiscador.exe C:\WINDOWS.0\vsnpstd.exe C:\Arquivos de programas\Acelerador POP\slipcore.exe C:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe C:\ARQUIV~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS.0\system32\HPZipm12.exe C:\Arquivos de programas\STK02N\STK02NM.exe C:\Arquivos de programas\Acelerador POP\slipgui.exe C:\Arquivos de programas\HP\hpcoretech\comp\hptskmgr.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgalry.exe C:\WINDOWS.0\system32\wuauclt.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\WINDOWS.0\system32\wuauclt.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5400 F2 - REG:system.ini: UserInit=C:\WINDOWS.0\system32\userinit.exe,C:\WINDOWS.0\system32\regwiz.exe, O2 - BHO: e404 helper - {03B902B1-9B25-4173-9468-56775C85A8D4} - C:\Arquivos de programas\Helper\1204260677.dll O2 - BHO: Sotfone Tracker Class - {10C52A42-DB8B-4ade-AA4A-CED6A8282B67} - C:\Arquivos de programas\Sotfone\1204260679.dll O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Arquivos de programas\Acelerador POP\PBHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Arquivos de programas\Acelerador POP\components\NOWImaging.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {C2A1C5CB-C0EF-4689-9436-F62CCA1C5383} - C:\Arquivos de programas\NetProject\sbmdl.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O3 - Toolbar: Acelerador POP - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Arquivos de programas\Acelerador POP\Toolband.dll O3 - Toolbar: Web Application - {81705D67-3F73-4983-859B-97D0922E5ABE} - C:\Arquivos de programas\NetProject\wamdl.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS.0\system32\spool\drivers\w32x86\3\hpztsb11.exe O4 - HKLM\..\Run: [HPHUPD06] C:\Arquivos de programas\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS.0\system32\hphmon06.exe O4 - HKLM\..\Run: [POPDiscador] C:\Arquivos de programas\POPDiscador\POPDiscador.exe --minimized O4 - HKLM\..\Run: [snpstd] C:\WINDOWS.0\vsnpstd.exe O4 - HKLM\..\Run: [slipStream] "C:\Arquivos de programas\Acelerador POP\slipcore.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [AVG7_EMC] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgemc.exe O4 - HKCU\..\Run: [Firewall auto setup] C:\WINDOWS.0\TEMP\winlogon.exe O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Arquivos de programas\NetProject\scit.exe O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Arquivos de programas\NetProject\sbmntr.exe O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\digital imaging\bin\hpqtra08.exe O4 - Global Startup: Inicialização rápida do HP Image Zone.lnk = C:\Arquivos de programas\HP\digital imaging\bin\hpqthb08.exe O4 - Global Startup: STK02N PNP Monitor.lnk = ? O4 - Global Startup: Acelerador POP.lnk = C:\Arquivos de programas\Acelerador POP\slipgui.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Mostrar Imagem Original - res://C:\Arquivos de programas\Acelerador POP\gui_resource.dll/328 O8 - Extra context menu item: Mostrar Todas as Imagens Originais - res://C:\Arquivos de programas\Acelerador POP\gui_resource.dll/327 O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.browsergate.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.browsergate.com/redirect.php (file missing) O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows.0\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{53603D80-91A8-41E8-B089-6AEA7FD99724}: NameServer = 200.175.8.89 200.175.5.185 O22 - SharedTaskScheduler: corduroyed - {699fabf8-1087-491f-b57c-80a68929d82b} - C:\WINDOWS.0\system32\heuvth.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows.0\system32\mssrv32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS.0\system32\HPZipm12.exe -- End of file - 7714 bytes
-
Desculpe se estiver sendo chato, mas não sei como desativar meu anti-vírus tenho q desinstalar??? E esse novo log que tu falaste, faço o mesmo procedimento que fiz anteriormente?? Obrigado pela ajuda!! Acho que fiz tudo certo! Por favor mande-me resposta. Obrigado Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:19:02, on 20/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\sm56hlpr.exe C:\PROGRAM FILES\FAXTALK COMMUNICATOR\FTCtrl32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRAM FILES\FAXTALK COMMUNICATOR\FAPIEXE.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\POPDiscador\POPDiscador.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\Acelerador POP\slipcore.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\PROGRA~1\Magentic\bin\MgApp.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Acelerador POP\slipgui.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Windows Live Favorites\wlfsync.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.MSN.com.br/0SEPTBR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5400 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-1.dll (file missing) O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\dcads_sidebar.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Program Files\Acelerador POP\PBHelper.dll O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINDOWS\system32\nsk1FA.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: browser optimizer superiorads - {8E015787-B1E3-404a-95DE-3E71E1FA0305} - C:\WINDOWS\system32\spads.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Mirar - {9A9C9B69-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB58.dll O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Acelerador POP\components\NOWImaging.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Mirar - {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E} - C:\WINDOWS\system32\WinNB58.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Acelerador POP - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\Acelerador POP\Toolband.dll O4 - HKLM\..\Run: [sMSERIAL] C:\WINDOWS\sm56hlpr.exe O4 - HKLM\..\Run: [CallControl 4.5] "C:\PROGRAM FILES\FAXTALK COMMUNICATOR\FTCtrl32.exe" /autoload O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [POPDiscador] C:\Program Files\POPDiscador\POPDiscador.exe --minimized O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [slipStream] "C:\Program Files\Acelerador POP\slipcore.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O4 - Global Startup: Acelerador POP.lnk = C:\Program Files\Acelerador POP\slipgui.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: Mostrar Imagem Original - res://C:\Program Files\Acelerador POP\gui_resource.dll/328 O8 - Extra context menu item: Mostrar Todas as Imagens Originais - res://C:\Program Files\Acelerador POP\gui_resource.dll/327 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O15 - Trusted Zone: http://click.getmirar.com (HKLM) O15 - Trusted Zone: http://click.mirarsearch.com (HKLM) O15 - Trusted Zone: http://redirect.mirarsearch.com (HKLM) O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...p1.0.0.15-3.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1192177059515 O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase2895.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{714EBA45-40F1-4664-AA00-68D9A8A35D11}: NameServer = 200.175.8.89 200.175.5.185 O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 9471 bytes BankerFix 2.4 - Removedor de Bankers Linha Defensiva - http://www.linhadefensiva.org http://www.linhadefensiva.org/bankerfix/ Data: 20/12/2007 - 0:13 ------------------------------------------------------- Lista de Definição: 2007-12-12-1 ======================================================= Arquivo infectado detectado: C:\WINDOWS\Winbra.cas Arquivo infectado removido com sucesso! Arquivo infectado detectado: C:\WINDOWS\system32\gmilogof.exe Arquivo infectado removido com sucesso! Arquivo infectado detectado: C:\WINDOWS\system32\Mscheldork.exe Arquivo infectado removido com sucesso! Arquivo infectado detectado: C:\WINDOWS\system32\Walcult.exe Arquivo infectado removido com sucesso! Arquivo infectado detectado: C:\WINDOWS\system32\Zred2.exe Arquivo infectado removido com sucesso! Killando arquivos em Help ----------------------------------- Killing '*' Removendo Arquivos em Help ----------------------------------- ----- Fim -------------------------