Jump to content
Fórum Script Brasil
  • 0

[Resolvido]Sucessivas notificações de Vírus


Question

Caro Moderador

Recentemente tive várias notificações de vírus em meu computador. Bom, eu usava o AVG 8, daí resolvi instalar também o Avira, que começou a localizar vários vírus em meu pc. As notificações diminuiram, mas o AVir sempre notifica a presença de alguns todas as vezes que peço para fazer o Scan. O que estou fazendo de errado?

Grato pela atenção.

Lelus

Segue abaixo meus logs do hijackthis e do Avira AntiVir:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:17:38, on 3/6/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe

C:\Arquivos de programas\Skype\Phone\Skype.exe

C:\Documents and Settings\All Users\Dados de aplicativos\U3\U3Launcher\LaunchU3.exe

C:\Arquivos de programas\3M\PSNLite\PsnLite.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\3M\PSNLite\PSNGive.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe

C:\Arquivos de programas\JustVoip.com\JustVoip\JustVoip.exe

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.mini20.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.MSN.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [EPSON Stylus CX4900 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVL.EXE /FU "C:\WINDOWS\TEMP\E_S45.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: LaunchU3.exe.lnk = ?

O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Arquivos de programas\3M\PSNLite\PsnLite.exe

O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Arquivos de programas\MP3 Player Utilities 4.00\AMVConverter\grab.html

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.00\MediaManager\grab.html

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://br.MSN.com

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O20 - Winlogon Notify: GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe

O23 - Service: Google Update Service (gupdate1c9ca696609c364) (gupdate1c9ca696609c364) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

--

End of file - 8935 bytes

Antivirus Avira:

Avira AntiVir Personal

Report file date: quarta-feira, 3 de junho de 2009 14:27

Scanning for 1449151 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows XP

Windows version : (Service Pack 3) [5.1.2600]

Boot mode : Normally booted

Username : SYSTEM

Computer name : FAM-989A41F5A80

Version information:

BUILD.DAT : 9.0.0.394 17962 Bytes 17/4/2009 11:20:00

AVSCAN.EXE : 9.0.3.5 466689 Bytes 17/4/2009 12:57:30

AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/2/2009 14:58:24

LUKE.DLL : 9.0.3.2 209665 Bytes 20/2/2009 15:35:49

LUKERES.DLL : 9.0.2.0 12033 Bytes 27/2/2009 14:58:52

ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 16:30:36

ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11/2/2009 00:33:26

ANTIVIR2.VDF : 7.1.4.38 2692096 Bytes 29/5/2009 14:55:21

ANTIVIR3.VDF : 7.1.4.52 122368 Bytes 3/6/2009 15:04:22

Engineversion : 8.2.0.180

AEVDF.DLL : 8.1.1.1 106868 Bytes 1/6/2009 14:55:34

AESCRIPT.DLL : 8.1.2.0 389497 Bytes 1/6/2009 14:55:33

AESCN.DLL : 8.1.2.3 127347 Bytes 1/6/2009 14:55:32

AERDL.DLL : 8.1.1.3 438645 Bytes 29/10/2008 22:24:41

AEPACK.DLL : 8.1.3.18 401783 Bytes 1/6/2009 14:55:32

AEOFFICE.DLL : 8.1.0.36 196987 Bytes 27/2/2009 00:01:56

AEHEUR.DLL : 8.1.0.129 1761655 Bytes 1/6/2009 14:55:30

AEHELP.DLL : 8.1.2.2 119158 Bytes 27/2/2009 00:01:56

AEGEN.DLL : 8.1.1.44 348532 Bytes 1/6/2009 14:55:25

AEEMU.DLL : 8.1.0.9 393588 Bytes 9/10/2008 18:32:40

AECORE.DLL : 8.1.6.12 180599 Bytes 1/6/2009 14:55:23

AEBB.DLL : 8.1.0.3 53618 Bytes 9/10/2008 18:32:40

AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 12:47:59

AVPREF.DLL : 9.0.0.1 43777 Bytes 5/12/2008 14:32:15

AVREP.DLL : 8.0.0.3 155905 Bytes 20/1/2009 18:34:28

AVREG.DLL : 9.0.0.0 36609 Bytes 5/12/2008 14:32:09

AVARKT.DLL : 9.0.0.3 292609 Bytes 24/3/2009 19:05:41

AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/1/2009 14:37:08

SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/1/2009 19:03:49

SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 12:21:33

NETNT.DLL : 9.0.0.0 11521 Bytes 5/12/2008 14:32:10

RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 9/2/2009 15:45:45

RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/4/2009 14:19:48

Configuration settings for the scan:

Jobname.............................: Complete system scan

Configuration file..................: c:\arquivos de programas\avira\antivir desktop\sysscan.avp

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:,

Process scan........................: on

Scan registry.......................: on

Search for rootkits.................: on

Integrity checking of system files..: off

Scan all files......................: All files

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: quarta-feira, 3 de junho de 2009 14:27

Starting search for hidden objects.

'33419' objects were checked, '0' hidden objects were found.

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'JustVoip.exe' - '1' Module(s) have been scanned

Scan process 'skypePM.exe' - '1' Module(s) have been scanned

Scan process 'alg.exe' - '1' Module(s) have been scanned

Scan process 'avgcsrvx.exe' - '1' Module(s) have been scanned

Scan process 'avgnsx.exe' - '1' Module(s) have been scanned

Scan process 'avgrsx.exe' - '1' Module(s) have been scanned

Scan process 'avgemc.exe' - '1' Module(s) have been scanned

Scan process 'PSNGive.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'SMAgent.exe' - '1' Module(s) have been scanned

Scan process 'jqs.exe' - '1' Module(s) have been scanned

Scan process 'PsnLite.exe' - '1' Module(s) have been scanned

Scan process 'LaunchU3.exe' - '1' Module(s) have been scanned

Scan process 'Skype.exe' - '1' Module(s) have been scanned

Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned

Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'jusched.exe' - '1' Module(s) have been scanned

Scan process 'avgtray.exe' - '1' Module(s) have been scanned

Scan process 'SMax4PNP.exe' - '1' Module(s) have been scanned

Scan process 'avgwdsvc.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'spoolsv.exe' - '1' Module(s) have been scanned

Scan process 'explorer.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'gbpsv.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

39 processes with 39 modules were scanned

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

Starting to scan executable files (registry).

The registry was scanned ( '56' files ).

Starting the file scan:

Begin scan in 'C:\'

C:\hiberfil.sys

[WARNING] The file could not be opened!

[NOTE] This file is a Windows system file.

[NOTE] This file cannot be opened for scanning.

C:\pagefile.sys

[WARNING] The file could not be opened!

[NOTE] This file is a Windows system file.

[NOTE] This file cannot be opened for scanning.

C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache\f_000095

[0] Archive type: RAR

--> Flash_Disinfector.exe

--> Flash_Disinfector.exe

[1] Archive type: RAR SFX (self extracting)

--> nircmd.exe

[DETECTION] Contains recognition pattern of the APPL/NirCmd.2 application

C:\Instaladores\Flash_Disinfector_www.pplware.com.rar

[0] Archive type: RAR

--> Flash_Disinfector.exe

--> Flash_Disinfector.exe

[1] Archive type: RAR SFX (self extracting)

--> nircmd.exe

[DETECTION] Contains recognition pattern of the APPL/NirCmd.2 application

C:\Instaladores\Flash_Disinfector_www.pplware.com\Flash_Disinfector.exe

[0] Archive type: RAR SFX (self extracting)

--> nircmd.exe

[DETECTION] Contains recognition pattern of the APPL/NirCmd.2 application

Beginning disinfection:

C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache\f_000095

[NOTE] The file was moved to '4a56bd31.qua'!

C:\Instaladores\Flash_Disinfector_www.pplware.com.rar

[NOTE] The file was moved to '4a87bd3f.qua'!

C:\Instaladores\Flash_Disinfector_www.pplware.com\Flash_Disinfector.exe

[NOTE] The file was moved to '4bf10330.qua'!

End of the scan: quarta-feira, 3 de junho de 2009 15:11

Used time: 38:23 Minute(s)

The scan has been done completely.

3671 Scanned directories

158653 Files were scanned

3 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

3 Files were moved to quarantine

0 Files were renamed

2 Files cannot be scanned

158648 Files not concerned

1397 Archives were scanned

2 Warnings

5 Notes

33419 Objects were scanned with rootkit scan

0 Hidden objects were found

Link to post
Share on other sites

9 answers to this question

Recommended Posts

  • 0

Faça o download do Malwarebytes Anti-Malware

http://www.besttechie.net/mbam/mbam-setup.exe

  • Faça a instalação dando um duplo clique em mbam-setup.exe.
  • Marque Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware, e clique em Concluir.
  • Marque Verificação Rápida e depois clique em Verificar.
  • Quando o scan terminar, clique em Ok e em Mostrar Resultados para ver o log.
  • Se algo for detectado, veja se tudo está marcado e clique em Remover.
  • O log é automaticamente gravado e pode ser consultado clicando em Logs do menu principal do programa.
  • Copie e cole o conteúdo desse log na sua próxima resposta.
  • Poste também um novo Log do Hijackthis.
Link to post
Share on other sites
  • 0

Caro Moderador

Fiz o que me recomendou. Segue abaixo os logs solicitados.

Grato

Lelus

Malwarebytes' Anti-Malware 1.37

Versão do banco de dados: 2243

Windows 5.1.2600 Service Pack 3

7/6/2009 13:04:27

mbam-log-2009-06-07 (13-04-27).txt

Tipo de Verificação: Rápida

Objetos verificados: 79014

Tempo decorrido: 18 minute(s), 50 second(s)

Processos da Memória infectados: 0

Módulos de Memória Infectados: 0

Chaves do Registro infectadas: 0

Valores do Registro infectados: 1

Ítens do Registro infectados: 1

Pastas infectadas: 0

Arquivos infectados: 0

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

Módulos de Memória Infectados:

(Nenhum ítem malicioso foi detectado)

Chaves do Registro infectadas:

(Nenhum ítem malicioso foi detectado)

Valores do Registro infectados:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Backdoor.Bot) -> Quarantined and deleted successfully.

Ítens do Registro infectados:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Pastas infectadas:

(Nenhum ítem malicioso foi detectado)

Arquivos infectados:

(Nenhum ítem malicioso foi detectado)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:16:48, on 7/6/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\Arquivos de programas\Java\jre6\bin\jusched.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe

C:\Arquivos de programas\Skype\Phone\Skype.exe

C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

C:\Documents and Settings\All Users\Dados de aplicativos\U3\U3Launcher\LaunchU3.exe

C:\Arquivos de programas\3M\PSNLite\PsnLite.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\ARQUIV~1\3M\PSNLite\PSNGive.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\ARQUIV~1\AVG\AVG8\avgemc.exe

C:\ARQUIV~1\AVG\AVG8\avgnsx.exe

C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe

C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\NOTEPAD.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.MSN.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\pdfforge Toolbar\SearchSettings.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Arquivos de programas\pdfforge Toolbar\WidgiToolbarIE.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Arquivos de programas\pdfforge Toolbar\SearchSettings.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Arquivos de programas\pdfforge Toolbar\WidgiToolbarIE.dll

O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [searchSettings] C:\Arquivos de programas\pdfforge Toolbar\SearchSettings.exe

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\[email protected]\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [EPSON Stylus CX4900 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVL.EXE /FU "C:\WINDOWS\TEMP\E_S45.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: LaunchU3.exe.lnk = ?

O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Arquivos de programas\3M\PSNLite\PsnLite.exe

O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Arquivos de programas\MP3 Player Utilities 4.00\AMVConverter\grab.html

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.00\MediaManager\grab.html

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O14 - IERESET.INF: START_PAGE_URL=http://br.MSN.com

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Arquivos de programas\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O20 - Winlogon Notify: GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe

O23 - Service: Google Update Service (gupdate1c9ca696609c364) (gupdate1c9ca696609c364) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Sony SPTI Service for DVE (ICDSPTSV) - Sony Corporation - C:\WINDOWS\system32\IcdSptSv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

--

End of file - 10033 bytes

Link to post
Share on other sites
  • 0

Faça download do Kaspersky Removal Tool Salve no seu desktop (área de trabalho).

  • Instale o programa normalmente seguindo todos os seus passos.
  • Na tela principal do programa clique na opção "Meu computador" e depois clique no botão "Scan".
  • Seja paciente, o scan pode demorar
  • Se ele encontrar alguma infecção clique em "skip".
  • Após completar tudo clique na aba Events, desmarque a caixa de seleção "Show all events" e depois em "Save to file".
  • Dê um nome para o arquivo e salve numa pasta de sua preferência
  • Poste o conteúdo desse arquivo em sua próxima resposta.
Link to post
Share on other sites
  • 0

Caro Moderador

Parece que não foi detectado nada.

De qualquer forma, aguardo orientações.

Segue abaixo o log.

Desde já sou muito grato!

Lelus

Scan

----

Scanned: 177122

Detected: 0

Untreated: 0

Start time: 9/6/2009 13:16:17

Duration: 01:31:16

Finish time: 9/6/2009 14:47:33

Detected

--------

Status Object

------ ------

Events

------

Time Name Status Reason

---- ---- ------ ------

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file007 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file008 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file009 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file010 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file011 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file013 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file014 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file015 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file016 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file017 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file018 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file019 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file020 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file021 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file022 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file023 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file024 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file025 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file026 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file027 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file028 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file029 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file030 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file031 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file032 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file033 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file034 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file035 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file036 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file037 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file038 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file039 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file040 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file041 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file042 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file043 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file044 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file045 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file046 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file047 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file048 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file049 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file050 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file051 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file052 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file053 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file054 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file055 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file056 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file057 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file058 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file059 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file060 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file061 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file062 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file063 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file064 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file065 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file066 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file067 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file068 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file069 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file070 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file071 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file072 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file073 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file074 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file075 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file076 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file077 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file078 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file079 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file080 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file081 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file082 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file083 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file084 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file085 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file086 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file087 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file088 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file089 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file090 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file091 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file092 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file093 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file094 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file095 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file096 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file097 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file098 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file099 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file100 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file101 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file102 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file103 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file104 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file105 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file106 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file107 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file108 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file109 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file110 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file111 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file112 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file113 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file114 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file115 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file116 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file117 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file118 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file119 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file120 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file121 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file122 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file123 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file124 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file125 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file126 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file127 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file128 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file129 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file130 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file131 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file132 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file133 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file134 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file135 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file136 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file137 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file138 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file139 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file140 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file141 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file142 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file143 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file144 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file145 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file146 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file147 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file148 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file149 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file150 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file151 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file152 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file153 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file154 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file155 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file156 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file157 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file158 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file159 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file160 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file161 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file162 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file163 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file164 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file165 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file166 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file167 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file168 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file169 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file170 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file171 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file172 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file173 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file174 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file175 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file176 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file177 password protected

9/6/2009 14:09:43 File: C:\Instaladores\klcodec475f.exe//file178 password protected

9/6/2009 14:17:14 File: C:\Lelo\Esalq\Disciplinas\Topografia\Planilha1 sem nome.PTF/lanilha1 sem nome.000 password protected

9/6/2009 14:17:14 File: C:\Lelo\Esalq\Disciplinas\Topografia\Planilha1 sem nome.PTF/lanilha1 sem nome.001 password protected

9/6/2009 14:17:14 File: C:\Lelo\Esalq\Disciplinas\Topografia\Planilha1 sem nome.PTF/lanilha1 sem nome.PTD password protected

9/6/2009 14:22:04 File: C:\Lelo\Penis Drive\Esalq\Disciplinas\Topografia\Planilha1 sem nome.PTF/lanilha1 sem nome.000 password protected

9/6/2009 14:22:04 File: C:\Lelo\Penis Drive\Esalq\Disciplinas\Topografia\Planilha1 sem nome.PTF/lanilha1 sem nome.001 password protected

9/6/2009 14:22:04 File: C:\Lelo\Penis Drive\Esalq\Disciplinas\Topografia\Planilha1 sem nome.PTF/lanilha1 sem nome.PTD password protected

Statistics

----------

Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted

------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------

All objects 177122 0 0 0 0 3893 1312 177 6

System memory 2990 0 0 0 0 0 7 0 0

Startup objects 736 0 0 0 0 0 141 0 0

Disk boot sectors 2 0 0 0 0 0 0 0 0

Meu computador 173394 0 0 0 0 3893 1164 177 6

Settings

--------

Parameter Value

--------- -----

Security Level Recommended

Action Prompt for action when the scan is complete

Run mode Manually

File types Scan all files

Scan only new and changed files No

Scan archives All

Scan embedded OLE objects All

Skip if object is larger than No

Skip if scan takes longer than No

Parse email formats No

Scan password-protected archives No

Enable iChecker technology No

Enable iSwift technology No

Show detected threats on "Detected" tab Yes

Rootkits search Yes

Deep rootkits search No

Use heuristic analyzer Yes

Quarantine

----------

Status Object Size Added

------ ------ ---- -----

Backup

------

Status Object Size

------ ------ ----

Link to post
Share on other sites
  • 0

Versões antigas do Java, têm vunerabilidades que alguns malwares podem usar para infectar seu sistema. Verifique se o seu sistema tem a última versão instalada:

Faça o download do JavaRa:

http://sourceforge.net/project/downloading...use_mirror=osdn

Dê um duplo-clique no JavaRa.exe. Depois clique em Search For Updates. Selecione a opção Update Using jucheck.exe. Clique então no botão Search.

Se estiver atualizado, receberá um aviso de que tem a última versão. Caso contrário, aguarde a nova versão do Java ser baixada e instalada. Depois clique no botão Remove Older Versions para que as versões antigas que existirem no PC sejam desinstaladas.

Clique em Iniciar -> Configurações -> Painel de Controle -> Abra o item Sistema.

Clique na guia Restauração do Sistema -> Marque Desativar restauração do sistemas em todas as unidades -> Em seguida clique em Aplicar. Após aplicado, desmarque a caixa Desativar restauração do sistemas em todas as unidades e clique novamente em Aplicar depois Ok.

Seu Log está limpo. Ainda há algum problema com o PC?

Link to post
Share on other sites
  • 0

Caro Moderador

Só uma dúvida. Eu uso o navegador Google Chrome e para que ele ficasse funcionando bem na maioria das paginas, eu precisei instalar algumas versões que ele recomendou do Java, que eram de fato 2 ou 3 versões mais antigas, para fazer rodar a maquina java nos sites que pediam isso. Bom, mesmo assim, ainda não é 100%. Alguns sites que envolvem segurança o java não responde corretamente.

Neste caso, qual a recomendação? instalo mesmo assim a mais nova versão?

Grato pela ajuda e no mais não tenho mais problemas para resolver com relação ao aos malwares.

Lelus

Link to post
Share on other sites
Guest
This topic is now closed to further replies.


  • Forum Statistics

    • Total Topics
      148879
    • Total Posts
      644888
×
×
  • Create New...