Ir para conteúdo
Fórum Script Brasil

Joice Pivisan

Membros
 Perfil  Explorar Conteúdo

  • Total de itens

    0

  • Registro em

  • Última visita

Sobre Joice Pivisan

Perfil

  • Location
    não informado

Joice Pivisan's Achievements

0

Reputação

  1. Joice Pivisan
    Olá, Estive fora esses dias, e só hoje que fui ver os posts, obrigada pelo auxílio! No momento está normal o processamento do pc! Muito obrigada!!! Joice Pivisan.
  2. Joice Pivisan
    Segue relatório, e pc ainda bem lento: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:50:58, on 15/5/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\RunDll32.exe C:\Arquivos de programas\Windows Live\Proteção para a Família\fssui.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\OLYMPUS\OLYMPUS Master 2\MMonitor.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Arquivos de programas\Windows Live\Proteção para a Família\fssbho.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EPSON Stylus C43 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S08IC1.EXE /P23 "EPSON Stylus C43 Series" /O5 "LPT1:" /M "Stylus C43" O4 - HKLM\..\Run: [fssui] "C:\Arquivos de programas\Windows Live\Proteção para a Família\fssui.exe" -autorun O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [OM2_Monitor] "C:\Arquivos de programas\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - (no file) O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - (no file) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe -- End of file - 6377 bytes Obrigada, mais uma vez!
  3. Joice Pivisan
    Olá, Meu pc está lento demais, todo programa ou página do explorer que abro diz que o programa não está respondendo e se desejo finalizar... Devido, ainda, aos vírus, né? Obrigada!
  4. Joice Pivisan
  5. Joice Pivisan
  6. Joice Pivisan
    Boa noite, Meu pc continua travando, reiniciando sozinho e aparecendo janelas abertas de spam. Segue relatório do ComboFix. ComboFix 08-05-01.3 - joyce 2008-05-11 23:10:05.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.219 [GMT -3:00] Executando de: C:\Documents and Settings\joyce\Desktop\Combofix.exe Command switches used :: /killall WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((( Outras Exclusäes ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Arquivos de programas\inetget2 C:\Arquivos de programas\Temporary C:\Documents and Settings\All Users\Menu Iniciar\Programas\BulletProofSoft.com C:\Documents and Settings\All Users\Menu Iniciar\Programas\BulletProofSoft.com\Spyware & Adware Remover\Uninstall.lnk C:\Documents and Settings\joyce\Configurações locais\Temporary Internet Files\bestwiner.stt C:\WINDOWS\b155.exe C:\WINDOWS\b156.exe C:\WINDOWS\system32\crypts.dll C:\WINDOWS\system32\tuBKlnpo.ini C:\WINDOWS\system32\tuBKlnpo.ini2 C:\WINDOWS\system32\WinData.cab C:\WINDOWS\system32\WinNt32.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NWSAPAGENT -------\Service_NwSapAgent ((((((((((((((((((((((( Ficheiros criados de 2008-04-12 to 2008-05-12 )))))))))))))))))))))))))))))))) . 2008-05-11 22:41 . 2008-05-11 22:41 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-05-11 22:41 . 2008-05-11 22:41 1,409 --a------ C:\WINDOWS\QTFont.for 2008-05-10 20:01 . 2008-05-11 23:00 27,136 --a------ C:\WINDOWS\system32\drivers\Tad60.sys 2008-05-05 16:03 . 2008-05-05 16:03 <DIR> d-------- C:\Documents and Settings\joyce\Dados de aplicativos\Apple Computer 2008-05-05 15:13 . 2008-05-05 15:14 <DIR> d-------- C:\Arquivos de programas\Motorola Phone Tools 2008-05-05 14:54 . 2008-05-05 14:54 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\muvee Technologies 2008-05-05 14:52 . 2007-02-08 16:00 1,079,808 -ra------ C:\WINDOWS\system32\mfc80u.dll 2008-05-05 14:52 . 2007-02-08 16:00 626,688 -ra------ C:\WINDOWS\system32\msvcr80.dll 2008-05-05 14:52 . 2007-02-08 16:00 548,864 -ra------ C:\WINDOWS\system32\msvcp80.dll 2008-05-05 14:52 . 2007-02-08 16:00 95,744 -ra------ C:\WINDOWS\system32\atl80.dll 2008-05-05 14:51 . 2008-05-05 14:51 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Apple Computer 2008-05-05 14:51 . 2008-05-05 14:52 <DIR> d-------- C:\Arquivos de programas\QuickTime 2008-05-05 14:50 . 2008-05-05 14:50 <DIR> d-------- C:\Arquivos de programas\OLYMPUS 2008-05-05 14:49 . 2008-05-05 14:49 <DIR> d-------- C:\Arquivos de programas\MSXML 4.0 2008-05-04 22:35 . 2008-05-11 23:00 6,400 --a------ C:\WINDOWS\system32\drivers\tcpsr.sys 2008-05-03 00:25 . 2008-05-03 00:25 <DIR> d-------- C:\Documents and Settings\joyce\Dados de aplicativos\Windows Live Writer 2008-05-01 14:06 . 2008-05-01 14:06 <DIR> d-------- C:\Arquivos de programas\Spcron 2008-05-01 14:00 . 2008-05-01 14:00 <DIR> d-------- C:\Arquivos de programas\Svconr 2008-05-01 11:40 . 2008-05-01 11:40 169,120 --a------ C:\WINDOWS\system32\drivers\ndisio.sys 2008-05-01 11:40 . 2008-05-01 11:40 59,392 ---h----- C:\Documents and Settings\joyce\rbld.exe 2008-05-01 10:03 . 2008-05-08 17:24 192,512 --a------ C:\WINDOWS\system32\cbOCR.dll 2008-04-29 19:04 . 2008-04-29 19:04 <DIR> d-------- C:\Arquivos de programas\Programas RFB 2008-04-29 16:40 . 2008-04-29 05:11 <DIR> d-------- C:\SDFix 2008-04-29 14:03 . 2008-04-29 14:07 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Lavasoft 2008-04-29 14:02 . 2008-04-29 14:02 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard 2008-04-29 13:45 . 2008-04-29 13:45 58,880 ---h----- C:\Documents and Settings\joyce\pkcn.exe 2008-04-23 23:11 . 2008-04-29 16:14 <DIR> d-------- C:\39b145ad760e8b1e99d1 2008-04-23 11:27 . 2008-04-29 16:12 <DIR> d-------- C:\50af1a4a04c36064ef 2008-04-23 00:35 . 2007-10-17 13:53 43,816 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys 2008-04-23 00:33 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2008-04-23 00:30 . 2008-04-23 00:30 <DIR> d-------- C:\Arquivos de programas\Microsoft SQL Server Compact Edition 2008-04-23 00:28 . 2008-04-23 00:28 <DIR> d-------- C:\Arquivos de programas\Windows Live Favorites 2008-04-22 23:56 . 2008-04-22 23:56 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller 2008-04-22 23:56 . 2008-04-23 11:26 <DIR> d-------- C:\Arquivos de programas\Windows Live 2008-04-22 23:56 . 2008-04-23 00:13 <DIR> d--hsc--- C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller 2008-04-22 17:42 . 2008-04-22 17:42 <DIR> d-------- C:\Arquivos de programas\Ultimate Jewel 2008-04-21 22:07 . 2008-04-22 17:41 <DIR> d-------- C:\Arquivos de programas\PopCap Games 2008-04-21 22:07 . 2008-04-22 18:45 57 ---h----- C:\WINDOWS\popcreg.dat 2008-04-21 22:07 . 2008-04-22 18:45 19 --a------ C:\WINDOWS\popcinfot.dat . ((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-05 18:13 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information 2008-05-05 18:12 24,192 ----a-w C:\Documents and Settings\joyce\usbsermptxp.sys 2008-05-05 18:12 22,768 ----a-w C:\WINDOWS\system32\drivers\usbsermpt.sys 2008-05-05 18:12 22,768 ----a-w C:\Documents and Settings\joyce\usbsermpt.sys 2008-04-29 19:16 6,656 --sha-w C:\WINDOWS\system32\drivers\Thumbs.db 2008-04-29 17:03 --------- d-----w C:\Arquivos de programas\Lavasoft 2008-04-23 03:28 --------- d-----w C:\Arquivos de programas\Windows Live Toolbar 2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys 2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll 2008-02-20 05:37 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll 2008-02-16 09:03 661,504 ----a-w C:\WINDOWS\system32\wininet.dll 2007-08-02 22:55 30,344 ----a-w C:\Documents and Settings\joyce\Dados de aplicativos\GDIPFONTCACHEV1.DAT 2006-11-09 00:51 92,064 ----a-w C:\Documents and Settings\joyce\mqdmmdm.sys 2006-11-09 00:51 79,328 ----a-w C:\Documents and Settings\joyce\mqdmserd.sys 2006-11-09 00:51 5,936 ----a-w C:\Documents and Settings\joyce\mqdmwhnt.sys 2006-11-09 00:50 9,232 ----a-w C:\Documents and Settings\joyce\mqdmmdfl.sys 2006-11-09 00:50 66,656 ----a-w C:\Documents and Settings\joyce\mqdmbus.sys 2006-11-09 00:50 6,208 ----a-w C:\Documents and Settings\joyce\mqdmcmnt.sys 2006-11-09 00:50 4,048 ----a-w C:\Documents and Settings\joyce\mqdmcr.sys 2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2D2E3663-0B3E-405F-A21C-26227B63E7A4}] C:\WINDOWS\system32\opnlKBut.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}] C:\Arquivos de programas\Windows Live\Proteção para a Família\fssbho.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:45 15360] "Svconr"="C:\Arquivos de programas\Svconr\Svconr.exe" [2008-05-01 14:00 57344] "OM2_Monitor"="C:\Arquivos de programas\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-02-08 20:43 95800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HTpatch"="C:\WINDOWS\htpatch.exe" [2002-10-30 06:40 28672] "SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 07:15 106496] "Cmaudio"="cmicnfg.cpl" [] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "EPSON Stylus C43 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S08IC1.exe" [2002-12-25 02:00 75776] "UnlockerAssistant"="C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe" [2006-05-06 10:29 6656] "fssui"="C:\Arquivos de programas\Windows Live\Proteção para a Família\fssui.exe" [ ] "QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2006-09-01 15:57 282624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-03 23:45 15360] C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\ Adobe Gamma Loader.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2006-02-06 20:45:48 113664] Microsoft Office.lnk - C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyywwus] xxyywwus.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Eim50.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Inr48.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Jor47.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lpt61.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Tad60.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Arquivos de programas\\Shareaza\\Shareaza.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"= "C:\\Documents and Settings\\joyce\\pkcn.exe"= "C:\\WINDOWS\\Explorer.EXE"= R0 Tad60;Tad60;C:\WINDOWS\system32\Drivers\Tad60.sys [2008-05-11 23:00] R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 15:31] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 15:35] R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 13:53] R2 fsssvc;Windows Live OneCare Proteção para a Família;"C:\Arquivos de programas\Windows Live\Proteção para a Família\fsssvc.exe" [] S0 Eim50;Eim50;C:\WINDOWS\system32\Drivers\Eim50.sys [] S0 Jor47;Jor47;C:\WINDOWS\system32\Drivers\Jor47.sys [] S3 tcpsr;tcpsr;C:\WINDOWS\System32\drivers\tcpsr.sys [2008-05-11 23:00] . Conte£do da pasta 'Tarefas Agendadas' "2008-05-12 02:07:02 C:\WINDOWS\Tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job" Obrigada!
  7. Joice Pivisan
    Olá, segue os relatórios: ComboFix: ComboFix 08-05-01.3 - joyce 2008-05-07 16:12:03.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.194 [GMT -3:00] Executando de: C:\Documents and Settings\joyce\Desktop\ComboFix.exe * Criado um novo ponto de restauro WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:36, on 2008-05-07 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\htpatch.exe C:\WINDOWS\system32\RunDll32.exe C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe C:\Arquivos de programas\Windows Live\Proteção para a Família\fssui.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Svconr\Svconr.exe C:\Arquivos de programas\OLYMPUS\OLYMPUS Master 2\MMonitor.exe C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\TEMP\B149.tmp C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://farejador.ig.com.br R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: testCPV6 - {15421B84-3488-49A7-AD18-CBF84A3EFAF6} - C:\Arquivos de programas\Spcron\Spcron.dll O2 - BHO: (no name) - {2D2E3663-0B3E-405F-A21C-26227B63E7A4} - C:\WINDOWS\system32\opnlKBut.dll (file missing) O2 - BHO: (no name) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - (no file) O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Arquivos de programas\Windows Live\Proteção para a Família\fssbho.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EPSON Stylus C43 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S08IC1.EXE /P23 "EPSON Stylus C43 Series" /O5 "LPT1:" /M "Stylus C43" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [fssui] "C:\Arquivos de programas\Windows Live\Proteção para a Família\fssui.exe" -autorun O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WintelUpdate] c:\jfcjr.exe O4 - HKCU\..\Run: [svconr] C:\Arquivos de programas\Svconr\Svconr.exe O4 - HKCU\..\Run: [OM2_Monitor] "C:\Arquivos de programas\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll O20 - Winlogon Notify: crypt - C:\WINDOWS\SYSTEM32\crypts.dll O20 - Winlogon Notify: WinNt32 - C:\WINDOWS\SYSTEM32\WinNt32.dll O20 - Winlogon Notify: xxyywwus - xxyywwus.dll (file missing) O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - (no file) O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - (no file) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe -- End of file - 7795 bytes Obrigada!
  8. Joice Pivisan
    Olá, não havia disquete no drive, mas no momento não está mais dando este erro. Não consegui entrar em modo seguro, tentei fazer os outros procedimentos, mas como há vírus na memória não consegui rodar o SDFix. O que fazer, neste caso? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:08:32, on 5/5/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\htpatch.exe C:\WINDOWS\system32\RunDll32.exe C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe C:\Arquivos de programas\Windows Live\Proteção para a Família\fssui.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Svconr\Svconr.exe C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://farejador.ig.com.br R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: testCPV6 - {15421B84-3488-49A7-AD18-CBF84A3EFAF6} - C:\Arquivos de programas\Spcron\Spcron.dll O2 - BHO: (no name) - {2D2E3663-0B3E-405F-A21C-26227B63E7A4} - C:\WINDOWS\system32\opnlKBut.dll (file missing) O2 - BHO: (no name) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - (no file) O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Arquivos de programas\Windows Live\Proteção para a Família\fssbho.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EPSON Stylus C43 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S08IC1.EXE /P23 "EPSON Stylus C43 Series" /O5 "LPT1:" /M "Stylus C43" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [fssui] "C:\Arquivos de programas\Windows Live\Proteção para a Família\fssui.exe" -autorun O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WintelUpdate] c:\jfcjr.exe O4 - HKCU\..\Run: [svconr] C:\Arquivos de programas\Svconr\Svconr.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll O20 - Winlogon Notify: crypt - C:\WINDOWS\SYSTEM32\crypts.dll O20 - Winlogon Notify: WinNt32 - C:\WINDOWS\SYSTEM32\WinNt32.dll O20 - Winlogon Notify: xxyywwus - xxyywwus.dll (file missing) O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - (no file) O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - (no file) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe -- End of file - 7280 bytes Obrigada!
  9. Joice Pivisan
    Boa tarde, Quando vou reiniciar em Modo de Swegurança, não é possível, pois dá este erro: A: Drive Error Press F1 to Resume Dando F1, como solicitado, entra em seguida no Windows, não dando para ler qual este erro. O que fazer neste caso, para conseguir seguir os passos que você me indicou? Obrigada!
  10. Joice Pivisan
    Boa tarde, acabei de pagar vírus e cavalo de tróia no meu pc, dando algumas mensagens de erro. Por favor me ajudem. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:26:22, on 29/4/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\htpatch.exe C:\WINDOWS\system32\RunDll32.exe C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe C:\Arquivos de programas\Windows Live\Proteção para a Família\fssui.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\17PHolmes1535.exe c:\jfcjr.exe C:\DOCUME~1\joyce\CONFIG~1\Temp\CBB7.tmp C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\lhyx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\rundll32.exe C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://farejador.ig.com.br R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\joyce\pkcn.exe \s O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EPSON Stylus C43 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S08IC1.EXE /P23 "EPSON Stylus C43 Series" /O5 "LPT1:" /M "Stylus C43" O4 - HKLM\..\Run: [unlockerAssistant] "C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [fssui] "C:\Arquivos de programas\Windows Live\Proteção para a Família\fssui.exe" -autorun O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1535.exe 61A847B5BBF7281337983D466188719AB689201522886B092CBD44BD8689220221DD3257 O4 - HKLM\..\Run: [lhyx] C:\WINDOWS\system32\lhyx.exe \u O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WintelUpdate] c:\jfcjr.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - (no file) O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - (no file) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe -- Obrigada pela atenção! End of file - 6496 bytes
×
×
  • Criar Novo...