LuKo

O resultado ta aqui, masnão entendi se a coisa de configurar o windows era para isso, ou se era para repostar o log do Hijack. De qualquer modo.. AhnLab-V3 2010.09.29.00 2010.09.28 - AntiVir 7.10.12.61 2010.09.28 - Antiy-AVL 2.0.3.7 2010.09.29 - Authentium 5.2.0.5 2010.09.29 - Avast 4.8.1351.0 2010.09.28 - Avast5 5.0.594.0 2010.09.28 - AVG 9.0.0.851 2010.09.28 - BitDefender 7.2 2010.09.29 - CAT-QuickHeal 11.00 2010.09.28 - ClamAV 0.96.2.0-git 2010.09.29 - Comodo 6232 2010.09.29 - DrWeb 5.0.2.03300 2010.09.28 - Emsisoft 5.0.0.50 2010.09.29 - eSafe 7.0.17.0 2010.09.28 - eTrust-Vet 36.1.7881 2010.09.28 - F-Prot 4.6.2.117 2010.09.28 - F-Secure 9.0.15370.0 2010.09.29 - Fortinet 4.1.143.0 2010.09.28 - GData 21 2010.09.29 - Ikarus T3.1.1.90.0 2010.09.29 - Jiangmin 13.0.900 2010.09.28 - K7AntiVirus 9.63.2628 2010.09.28 - Kaspersky 7.0.0.125 2010.09.29 - McAfee 5.400.0.1158 2010.09.29 - McAfee-GW-Edition 2010.1C 2010.09.28 - Microsoft 1.6201 2010.09.28 - NOD32 5487 2010.09.28 - Norman 6.06.06 None.. - nProtect 2010-09-28.01 2010.09.28 - Panda 10.0.2.7 2010.09.28 - PCTools 7.0.3.5 2010.09.28 - Prevx 3.0 2010.09.29 - Rising 22.67.01.01 2010.09.29 - Sophos 4.58.0 2010.09.29 - Sunbelt 6942 2010.09.29 - SUPERAntiSpyware 4.40.0.1006 2010.09.29 - Symantec 20101.1.1.7 2010.09.29 - TheHacker 6.7.0.1.039 2010.09.29 - TrendMicro 9.120.0.1004 2010.09.28 - TrendMicro-HouseCall 9.120.0.1004 2010.09.29 - VBA32 3.12.14.1 2010.09.27 - ViRobot 2010.8.31.4017 2010.09.28 - VirusBuster 12.66.4.0 2010.09.28 - Additional information Show all MD5 : 064ec7ff5f58b928c3e119402977fa6d SHA1 : 0555de161bf0e323f768e262a7e46b1b26647532 SHA256: 4cc1c4f32146cc28f5e3d7e9562d20017dce82c71f2bba549bbda27a17acc1bb ssdeep: 24576:Dmfty/wAvN7lrWWncPx3TbefTaz/g/J/oi:DmpcN78p3Tbeba1i File size : 1035776 bytes First seen: 2009-02-12 13:17:34 Last seen : 2010-09-29 03:14:16 TrID: Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) sigcheck: publisher....: Microsoft Corporation copyright....: © Microsoft Corporation. Todos os direitos reservados. product......: Sistema operacional Microsoft_ Windows_ description..: Windows Explorer original name: EXPLORER.EXE internal name: explorer file version.: 6.00.2900.5512 (xpsp.080413-2105) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x1A55F timedatestamp....: 0x48025C30 (Sun Apr 13 19:17:04 2008) machinetype......: 0x14c (I386) [[ 4 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x44C09, 0x44E00, 6.38, f3840e3ec19eabcdb289728c9bdce660 .data, 0x46000, 0x1DB4, 0x1800, 1.30, 983f35021232560eaaa99fcbc1b7d359 .rsrc, 0x48000, 0xB2A88, 0xB2C00, 6.63, ff49b0412a779ab814e41b53b80574d2 .reloc, 0xFB000, 0x374C, 0x3800, 6.78, ec335057489badbf6d8142b57175fd91 [[ 13 import(s) ]] ADVAPI32.dll: RegSetValueW, RegEnumKeyExW, GetUserNameW, RegNotifyChangeKeyValue, RegEnumValueW, RegQueryValueExA, RegOpenKeyExA, RegEnumKeyW, RegCloseKey, RegCreateKeyW, RegQueryInfoKeyW, RegOpenKeyExW, RegQueryValueExW, RegCreateKeyExW, RegSetValueExW, RegDeleteValueW, RegQueryValueW BROWSEUI.dll: -, -, -, - GDI32.dll: GetStockObject, CreatePatternBrush, OffsetViewportOrgEx, GetLayout, CombineRgn, CreateDIBSection, GetTextExtentPoint32W, StretchBlt, CreateRectRgnIndirect, CreateRectRgn, GetClipRgn, IntersectClipRect, GetViewportOrgEx, SetViewportOrgEx, SelectClipRgn, PatBlt, GetBkColor, CreateCompatibleDC, CreateCompatibleBitmap, OffsetWindowOrgEx, DeleteDC, SetBkColor, BitBlt, ExtTextOutW, GetTextExtentPointW, GetClipBox, GetObjectW, SetTextColor, SetBkMode, CreateFontIndirectW, DeleteObject, GetTextMetricsW, SelectObject, GetDeviceCaps, TranslateCharsetInfo, SetStretchBltMode KERNEL32.dll: GetSystemDirectoryW, CreateThread, CreateJobObjectW, ExitProcess, SetProcessShutdownParameters, ReleaseMutex, CreateMutexW, SetPriorityClass, GetCurrentProcess, GetStartupInfoW, GetCommandLineW, SetErrorMode, LeaveCriticalSection, EnterCriticalSection, ResetEvent, LoadLibraryExA, CompareFileTime, GetSystemTimeAsFileTime, SetThreadPriority, GetCurrentThreadId, GetThreadPriority, GetCurrentThread, GetUserDefaultLangID, Sleep, GetBinaryTypeW, GetModuleHandleExW, SystemTimeToFileTime, GetLocalTime, GetCurrentProcessId, GetEnvironmentVariableW, UnregisterWait, GlobalGetAtomNameW, GetFileAttributesW, MoveFileW, lstrcmpW, LoadLibraryExW, FindClose, FindNextFileW, FindFirstFileW, lstrcmpiA, SetEvent, AssignProcessToJobObject, GetDateFormatW, GetTimeFormatW, FlushInstructionCache, lstrcpynW, GetSystemWindowsDirectoryW, SetLastError, GetProcessHeap, HeapFree, HeapReAlloc, HeapSize, HeapAlloc, GetUserDefaultLCID, ReadProcessMemory, OpenProcess, InterlockedCompareExchange, LoadLibraryA, QueryPerformanceCounter, UnhandledExceptionFilter, SetUnhandledExceptionFilter, VirtualFree, VirtualAlloc, ResumeThread, TerminateProcess, TerminateThread, GetSystemDefaultLCID, GetLocaleInfoW, CreateEventW, GetLastError, OpenEventW, DelayLoadFailureHook, WaitForSingleObject, GetTickCount, ExpandEnvironmentStringsW, GetModuleFileNameW, GetPrivateProfileStringW, lstrcmpiW, CreateProcessW, FreeLibrary, GetWindowsDirectoryW, LocalAlloc, CreateFileW, DeviceIoControl, LocalFree, GetQueuedCompletionStatus, CreateIoCompletionPort, SetInformationJobObject, CloseHandle, LoadLibraryW, GetModuleHandleW, ActivateActCtx, DeactivateActCtx, GetFileAttributesExW, GetProcAddress, DeleteCriticalSection, CreateEventA, HeapDestroy, InitializeCriticalSection, MulDiv, InitializeCriticalSectionAndSpinCount, lstrlenW, InterlockedDecrement, InterlockedIncrement, GlobalAlloc, InterlockedExchange, GetModuleHandleA, GetVersionExA, GlobalFree, GetProcessTimes, lstrcpyW, GetLongPathNameW, RegisterWaitForSingleObject msvcrt.dll: _itow, free, memmove, realloc, _except_handler3, malloc, _ftol, _vsnwprintf ntdll.dll: RtlNtStatusToDosError, NtQueryInformationProcess ole32.dll: CoFreeUnusedLibraries, RegisterDragDrop, CreateBindCtx, RevokeDragDrop, CoInitializeEx, CoUninitialize, OleInitialize, CoRevokeClassObject, CoRegisterClassObject, CoMarshalInterThreadInterfaceInStream, CoCreateInstance, OleUninitialize, DoDragDrop OLEAUT32.dll: -, - SHDOCVW.dll: -, -, - SHELL32.dll: -, -, SHGetFolderPathW, -, -, -, -, -, ExtractIconExW, -, -, -, -, -, -, -, -, -, -, -, -, -, -, SHGetSpecialFolderLocation, ShellExecuteExW, -, -, -, SHGetSpecialFolderPathW, -, -, -, SHBindToParent, -, -, -, SHParseDisplayName, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, SHChangeNotify, SHGetDesktopFolder, SHAddToRecentDocs, -, -, -, DuplicateIcon, -, -, -, -, -, -, -, -, SHUpdateRecycleBinIcon, SHGetFolderLocation, SHGetPathFromIDListA, -, -, -, -, -, -, -, SHGetPathFromIDListW, -, -, - SHLWAPI.dll: StrCpyNW, -, -, -, -, StrRetToBufW, StrRetToStrW, -, -, -, -, SHQueryValueExW, PathIsNetworkPathW, -, AssocCreate, -, -, -, -, -, StrCatW, StrCpyW, -, -, -, -, -, -, SHGetValueW, -, StrCmpNIW, PathRemoveBlanksW, PathRemoveArgsW, PathFindFileNameW, StrStrIW, PathGetArgsW, -, StrToIntW, SHRegGetBoolUSValueW, SHRegWriteUSValueW, SHRegCloseUSKey, SHRegCreateUSKeyW, SHRegGetUSValueW, SHSetValueW, -, PathAppendW, PathUnquoteSpacesW, -, -, PathQuoteSpacesW, -, SHSetThreadRef, SHCreateThreadRef, -, -, -, PathCombineW, -, -, -, SHStrDupW, PathIsPrefixW, PathParseIconLocationW, AssocQueryKeyW, -, AssocQueryStringW, StrCmpW, -, -, -, -, -, -, -, -, SHRegQueryUSValueW, SHRegOpenUSKeyW, SHRegSetUSValueW, PathIsDirectoryW, PathFileExistsW, PathGetDriveNumberW, -, StrChrW, PathFindExtensionW, -, -, PathRemoveFileSpecW, PathStripToRootW, -, -, -, SHOpenRegStream2W, -, -, -, StrDupW, SHDeleteValueW, StrCatBuffW, SHDeleteKeyW, StrCmpIW, -, -, wnsprintfW, -, -, StrCmpNW, -, - USER32.dll: TileWindows, GetDoubleClickTime, GetSystemMetrics, GetSysColorBrush, AllowSetForegroundWindow, LoadMenuW, GetSubMenu, RemoveMenu, SetParent, GetMessagePos, CheckDlgButton, EnableWindow, GetDlgItemInt, SetDlgItemInt, CopyIcon, AdjustWindowRectEx, DrawFocusRect, DrawEdge, ExitWindowsEx, WindowFromPoint, SetRect, AppendMenuW, LoadAcceleratorsW, LoadBitmapW, SendNotifyMessageW, SetWindowPlacement, CheckMenuItem, EndDialog, SendDlgItemMessageW, MessageBeep, GetActiveWindow, PostQuitMessage, MoveWindow, GetDlgItem, RemovePropW, GetClassNameW, GetDCEx, SetCursorPos, ChildWindowFromPoint, ChangeDisplaySettingsW, RegisterHotKey, UnregisterHotKey, SetCursor, SendMessageTimeoutW, GetWindowPlacement, LoadImageW, SetWindowRgn, IntersectRect, OffsetRect, EnumDisplayMonitors, RedrawWindow, SubtractRect, TranslateAcceleratorW, WaitMessage, InflateRect, CallWindowProcW, GetDlgCtrlID, SetCapture, LockSetForegroundWindow, SystemParametersInfoW, FindWindowW, CreatePopupMenu, GetMenuDefaultItem, DestroyMenu, GetShellWindow, EnumChildWindows, GetWindowLongW, SendMessageW, RegisterWindowMessageW, GetKeyState, CopyRect, MonitorFromRect, MonitorFromPoint, RegisterClassW, SetPropW, GetWindowLongA, SetWindowLongW, FillRect, GetCursorPos, MessageBoxW, LoadStringW, ReleaseDC, GetDC, EnumDisplaySettingsExW, EnumDisplayDevicesW, PostMessageW, DispatchMessageW, TranslateMessage, GetMessageW, PeekMessageW, PtInRect, BeginPaint, EndPaint, SetWindowTextW, GetAsyncKeyState, InvalidateRect, GetWindow, ShowWindowAsync, TrackPopupMenuEx, UpdateWindow, DestroyIcon, IsRectEmpty, SetActiveWindow, GetSysColor, DrawTextW, IsHungAppWindow, SetTimer, GetMenuItemID, TrackPopupMenu, EndTask, SendMessageCallbackW, GetClassLongW, LoadIconW, OpenInputDesktop, CloseDesktop, SetScrollPos, ShowWindow, BringWindowToTop, GetDesktopWindow, CascadeWindows, CharUpperBuffW, SwitchToThisWindow, InternalGetWindowText, GetScrollInfo, GetMenuItemCount, CreateWindowExW, DialogBoxParamW, MsgWaitForMultipleObjects, CharNextA, RegisterClipboardFormatW, EndDeferWindowPos, DeferWindowPos, BeginDeferWindowPos, PrintWindow, SetClassLongW, GetPropW, GetNextDlgGroupItem, GetNextDlgTabItem, ChildWindowFromPointEx, IsChild, NotifyWinEvent, TrackMouseEvent, GetCapture, GetAncestor, CharUpperW, SetWindowLongA, DrawCaption, ModifyMenuW, InsertMenuW, IsWindowEnabled, GetMenuState, LoadCursorW, GetParent, IsDlgButtonChecked, DestroyWindow, EnumWindows, IsWindowVisible, GetClientRect, UnionRect, EqualRect, GetWindowThreadProcessId, GetForegroundWindow, KillTimer, GetClassInfoExW, DefWindowProcW, RegisterClassExW, GetIconInfo, SetScrollInfo, GetLastActivePopup, SetForegroundWindow, IsWindow, GetSystemMenu, IsIconic, IsZoomed, EnableMenuItem, SetMenuDefaultItem, MonitorFromWindow, GetMonitorInfoW, GetWindowInfo, GetFocus, SetFocus, MapWindowPoints, ScreenToClient, ClientToScreen, GetWindowRect, SetWindowPos, DeleteMenu, GetMenuItemInfoW, SetMenuItemInfoW, CharNextW UxTheme.dll: GetThemeBackgroundContentRect, GetThemeBool, GetThemePartSize, DrawThemeParentBackground, OpenThemeData, DrawThemeBackground, GetThemeTextExtent, DrawThemeText, CloseThemeData, SetWindowTheme, GetThemeBackgroundRegion, -, GetThemeMargins, GetThemeColor, GetThemeFont, GetThemeRect, IsAppThemed Obrigado^^

Olá galera. Estive tendo sérios probleminhas no meu pc, e eu realmente não faço a menor idéia do que fazer (sempre vem a palavra "format" na cabeça algumas horas, mas a quantidade de dados valiosos que eu possuo me desanima absurdamente) É o seguinte: Uso o ESET como antivirus, e nunca tive muitos problemas, mas derrepente ele começou a apontar programas que eu uso no cotidiano (photoshop, office,nero)normalmente como virus (na maioria das vezes é o win32/Sality.nar, e algumas vezes outros), eu já desinstalei e instalei esses programas e depois, rapidamente o antivirus volta a apitar, e é constantemente, eu mal consigo escrever esse post direito pois o antivirus está apitando varios arquivos como virus o tempo todo. Acho que a culpa é de Autorun de pendrive, pois agora fica o tempo todo alertando de C:Autorun.inf(ou E:) deletado, ou seja, o arquivo sempre volta. Outra coisa interessante, é que essa coisa está automaticamente configurando meu pc para não mostrar pastas ocultas, mesmo após eu mudar isso. Bem, agradeço a quem me apontar uma luz, pois isso está me deixando muito chateado. Eis o bendito log: See ya