Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 15 usuários online :: 0 registrados, 0 invisíveis e 15 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
ajuda com malware
2 participantes
Página 1 de 1
ajuda com malware
por dfs1502 Sex 29 Out 2010, 17:27
boa tarde.
Segue abaixo o log do combofix.
Por favor me ajdem
ComboFix 10-10-23.02 - Davi 29/10/2010 16:38:28.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2013.1412 [GMT -2]
Executando de: c:\documents and settings\Davi\Meus documentos\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
ATENÇAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAÇÃO INSTALADA !!
.
ADS - drivers: deleted 204 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Dados de aplicativos\dkwork.ini
c:\documents and settings\All Users\Dados de aplicativos\UpApp32.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_RKHIT
-------\Service_RkHit
(((((((((((((((( Arquivos/Ficheiros criados de 2010-09-28 to 2010-10-29 ))))))))))))))))))))))))))))
.
2010-10-29 17:33 . 2010-04-29 17:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-29 17:33 . 2010-10-29 17:33 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware
2010-10-29 17:33 . 2010-04-29 17:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-29 16:07 . 2010-10-29 16:07 -------- d-----w- c:\arquivos de programas\ESET
2010-10-29 15:33 . 2010-10-29 15:33 -------- d-----w- c:\documents and settings\Davi\Dados de aplicativos\Malwarebytes
2010-10-29 15:33 . 2010-10-29 15:33 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes
2010-10-28 02:07 . 2010-09-07 13:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-10-28 02:07 . 2010-09-07 13:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-10-28 02:07 . 2010-09-07 13:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-10-28 02:07 . 2010-09-07 13:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-10-28 02:07 . 2010-09-07 13:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-10-28 02:07 . 2010-09-07 13:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-10-28 02:07 . 2010-09-07 13:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-10-28 02:07 . 2010-09-07 14:12 38848 ----a-w- c:\windows\avastSS.scr
2010-10-28 02:07 . 2010-09-07 14:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-10-28 02:01 . 2010-10-28 02:01 -------- d-----w- c:\windows\system32\ZoneLabs
2010-10-28 02:01 . 2010-06-23 15:51 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2010-10-28 02:01 . 2010-10-28 02:01 -------- d-----w- c:\arquivos de programas\Zone Labs
2010-10-28 01:03 . 2010-10-28 01:03 796672 ----a-w- c:\windows\GPInstall.exe
2010-10-27 20:37 . 2010-10-27 21:56 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\ParetoLogic
2010-10-25 20:00 . 2010-10-25 20:01 7168 ----a-w- c:\windows\system32\drivers\ute4mtyw.sys
2010-10-25 19:54 . 2009-10-22 15:54 37392 ----a-w- c:\windows\system32\drivers\11870312.sys
2010-10-25 19:54 . 2009-10-10 01:31 315408 ----a-w- c:\windows\system32\drivers\1187031.sys
2010-10-25 04:48 . 2010-10-25 04:48 -------- d-----w- c:\arquivos de programas\Alwil Software
2010-10-24 22:35 . 2010-10-24 23:25 -------- d-----w- c:\windows\9EFA732347A048E28F7735DB5EED500A.TMP
2010-10-24 16:23 . 2010-10-24 16:23 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\SITEguard
2010-10-24 16:23 . 2010-10-24 16:23 -------- d-----w- c:\arquivos de programas\Arquivos comuns\iS3
2010-10-24 16:23 . 2010-10-24 22:04 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\STOPzilla!
2010-10-22 18:57 . 2008-04-13 13:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-10-20 07:59 . 2010-10-20 07:59 82080 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-10-20 07:59 . 2010-10-20 07:59 24096 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-10-20 07:59 . 2010-10-20 07:59 168208 ----a-w- c:\windows\system32\guard32.dll
2010-10-20 07:59 . 2010-10-20 07:59 132640 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2010-10-20 07:11 . 2010-10-20 13:16 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Comodo
2010-10-20 04:52 . 2010-10-27 20:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Spybot - Search & Destroy
2010-10-19 09:05 . 2010-10-28 02:01 -------- d-----w- c:\windows\Internet Logs
2010-10-19 07:24 . 2010-10-19 07:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\CheckPoint
2010-10-19 04:19 . 2010-10-19 04:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\GbPlugin
2010-10-17 21:36 . 2010-10-24 23:47 -------- d-----r- c:\documents and settings\LocalService\Meus documentos
2010-10-16 23:33 . 2010-10-17 00:20 331 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\.bat
2010-10-16 17:47 . 2010-10-16 17:47 -------- d-----w- c:\windows\system32\Adobe
2010-10-16 17:41 . 2010-10-16 17:41 -------- d-----w- c:\documents and settings\Davi\Dados de aplicativos\Yahoo!
2010-10-16 17:41 . 2010-10-19 01:17 -------- d-----w- c:\arquivos de programas\Yahoo!
2010-10-16 04:22 . 2010-10-16 04:22 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\PC Tools
2010-10-13 22:45 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-10-09 05:28 . 2010-10-15 09:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Alwil Software
2010-10-09 05:06 . 2010-10-09 05:09 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\MFAData
2010-10-05 23:47 . 2010-10-05 23:47 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe
2010-10-01 23:21 . 2010-10-01 23:21 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\IObit
2010-10-01 21:03 . 2008-07-09 09:05 421888 ----a-w- c:\windows\system32\ac3filter.acm
2010-10-01 21:03 . 2010-10-01 21:03 -------- d-----w- c:\arquivos de programas\XP Codec Pack
2010-10-01 20:58 . 2010-10-04 12:41 -------- d-----w- c:\documents and settings\Administrador
2010-10-01 18:05 . 2010-10-01 18:05 -------- d-----w- c:\documents and settings\Davi\Configurações locais\Dados de aplicativos\WMTools Downloaded Files
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-29 12:50 . 2010-07-28 18:09 45472 ----a-w- c:\windows\system32\drivers\gbpkm.sys
2010-09-20 12:51 . 2010-09-20 12:51 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-09-18 15:23 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2008-04-14 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:51 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:51 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:51 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 22:37 . 2010-09-01 22:37 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-01 22:37 . 2010-09-01 22:37 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-01 11:52 . 2008-04-14 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2008-04-14 12:00 1852928 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:03 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:53 . 2008-04-14 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 10:24 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2008-04-14 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2008-04-14 12:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:44 . 2008-04-14 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\arquivos de programas\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\arquivos de programas\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2010-09-29 12:49 342304 ------w- c:\arquivos de programas\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 17:39 1090952 ----a-w- c:\arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"stllssvr"=3 (0x3)
"GbpSv"=2 (0x2)
"cmdAgent"=2 (0x2)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"AgereModemAudio"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\Davi\\Configurações locais\\Dados de aplicativos\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=
"c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
R0 cerc6;cerc6; [x]
R1 11870311;11870311;c:\windows\system32\DRIVERS\11870311.sys [x]
R2 SoilIO;SoilIO; [x]
R3 ute4mtyw;AVZ Kernel Driver;c:\windows\system32\Drivers\ute4mtyw.sys [2010-10-25 7168]
R4 SpyHunter 4 Service;SpyHunter 4 Service;c:\arquiv~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
S0 11870312;11870312 Boot Guard Driver;c:\windows\system32\DRIVERS\11870312.sys [2009-10-22 37392]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2010-09-29 45472]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-10-20 132640]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-10-20 24096]
S1 setup_9.0.0.722_25.10.2010_09-20drv;setup_9.0.0.722_25.10.2010_09-20drv;c:\windows\system32\DRIVERS\1187031.sys [2009-10-10 315408]
S2 aswFsBlk;aswFsBlk; [x]
S2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [2010-09-29 55072]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
S3 JME;JMicron Ethernet Adapter NDIS5.1 Driver;c:\windows\system32\DRIVERS\JME.sys [2009-07-14 62304]
S3 soilkbc;soilkbc; [x]
S3 SoilMC;SoilMC; [x]
.
Conteúdo da pasta 'Tarefas Agendadas'
.
.
------- Scan Suplementar -------
.
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\documents and settings\Davi\Dados de aplicativos\Mozilla\Firefox\Profiles\za3wqz2o.default\
FF - plugin: c:\arquivos de programas\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\documents and settings\Davi\Dados de aplicativos\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Davi\Dados de aplicativos\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORFÃOS REMOVIDOS - - - -
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
ShellExecuteHooks-{E37CB5F0-51F5-4395-A808-5FA49E399003} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Rootkit scan 2010-10-29 16:43
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_USERS\S-1-5-21-515967899-1060284298-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
- - - - - - - > 'winlogon.exe'(968)
c:\arquivos de programas\GBPLUGIN\gbieh.dll
- - - - - - - > 'lsass.exe'(1024)
c:\windows\system32\guard32.dll
- - - - - - - > 'explorer.exe'(1620)
c:\windows\system32\WININET.dll
c:\windows\system32\guard32.dll
c:\windows\system32\webcheck.dll
c:\arquivos de programas\GBPLUGIN\gbieh.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
c:\arquivos de programas\idt\wdm\STacSV.exe
c:\arquivos de programas\Java\jre6\bin\jqs.exe
c:\windows\system32\locator.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Tempo para conclusão: 2010-10-29 16:44:50 - Máquina reiniciou
ComboFix-quarantined-files.txt 2010-10-29 18:44
Pré-execução: 6 pasta(s) 482.272.051.200 bytes disponíveis
Pós execução: 7 pasta(s) 482.163.814.400 bytes disponíveis
- - End Of File - - 23BCE9B0649EB310DDB2A218E8CEF0BF
Segue abaixo o log do combofix.
Por favor me ajdem
ComboFix 10-10-23.02 - Davi 29/10/2010 16:38:28.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.2013.1412 [GMT -2]
Executando de: c:\documents and settings\Davi\Meus documentos\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
ATENÇAO - ESTA MAQUINA NAO TEM O CONSOLE DE RECUPERAÇÃO INSTALADA !!
.
ADS - drivers: deleted 204 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Dados de aplicativos\dkwork.ini
c:\documents and settings\All Users\Dados de aplicativos\UpApp32.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_RKHIT
-------\Service_RkHit
(((((((((((((((( Arquivos/Ficheiros criados de 2010-09-28 to 2010-10-29 ))))))))))))))))))))))))))))
.
2010-10-29 17:33 . 2010-04-29 17:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-29 17:33 . 2010-10-29 17:33 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware
2010-10-29 17:33 . 2010-04-29 17:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-29 16:07 . 2010-10-29 16:07 -------- d-----w- c:\arquivos de programas\ESET
2010-10-29 15:33 . 2010-10-29 15:33 -------- d-----w- c:\documents and settings\Davi\Dados de aplicativos\Malwarebytes
2010-10-29 15:33 . 2010-10-29 15:33 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes
2010-10-28 02:07 . 2010-09-07 13:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-10-28 02:07 . 2010-09-07 13:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-10-28 02:07 . 2010-09-07 13:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-10-28 02:07 . 2010-09-07 13:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-10-28 02:07 . 2010-09-07 13:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-10-28 02:07 . 2010-09-07 13:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-10-28 02:07 . 2010-09-07 13:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-10-28 02:07 . 2010-09-07 14:12 38848 ----a-w- c:\windows\avastSS.scr
2010-10-28 02:07 . 2010-09-07 14:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-10-28 02:01 . 2010-10-28 02:01 -------- d-----w- c:\windows\system32\ZoneLabs
2010-10-28 02:01 . 2010-06-23 15:51 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2010-10-28 02:01 . 2010-10-28 02:01 -------- d-----w- c:\arquivos de programas\Zone Labs
2010-10-28 01:03 . 2010-10-28 01:03 796672 ----a-w- c:\windows\GPInstall.exe
2010-10-27 20:37 . 2010-10-27 21:56 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\ParetoLogic
2010-10-25 20:00 . 2010-10-25 20:01 7168 ----a-w- c:\windows\system32\drivers\ute4mtyw.sys
2010-10-25 19:54 . 2009-10-22 15:54 37392 ----a-w- c:\windows\system32\drivers\11870312.sys
2010-10-25 19:54 . 2009-10-10 01:31 315408 ----a-w- c:\windows\system32\drivers\1187031.sys
2010-10-25 04:48 . 2010-10-25 04:48 -------- d-----w- c:\arquivos de programas\Alwil Software
2010-10-24 22:35 . 2010-10-24 23:25 -------- d-----w- c:\windows\9EFA732347A048E28F7735DB5EED500A.TMP
2010-10-24 16:23 . 2010-10-24 16:23 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\SITEguard
2010-10-24 16:23 . 2010-10-24 16:23 -------- d-----w- c:\arquivos de programas\Arquivos comuns\iS3
2010-10-24 16:23 . 2010-10-24 22:04 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\STOPzilla!
2010-10-22 18:57 . 2008-04-13 13:45 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-10-20 07:59 . 2010-10-20 07:59 82080 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-10-20 07:59 . 2010-10-20 07:59 24096 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-10-20 07:59 . 2010-10-20 07:59 168208 ----a-w- c:\windows\system32\guard32.dll
2010-10-20 07:59 . 2010-10-20 07:59 132640 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2010-10-20 07:11 . 2010-10-20 13:16 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Comodo
2010-10-20 04:52 . 2010-10-27 20:12 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Spybot - Search & Destroy
2010-10-19 09:05 . 2010-10-28 02:01 -------- d-----w- c:\windows\Internet Logs
2010-10-19 07:24 . 2010-10-19 07:24 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\CheckPoint
2010-10-19 04:19 . 2010-10-19 04:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\GbPlugin
2010-10-17 21:36 . 2010-10-24 23:47 -------- d-----r- c:\documents and settings\LocalService\Meus documentos
2010-10-16 23:33 . 2010-10-17 00:20 331 ----a-w- c:\documents and settings\All Users\Dados de aplicativos\.bat
2010-10-16 17:47 . 2010-10-16 17:47 -------- d-----w- c:\windows\system32\Adobe
2010-10-16 17:41 . 2010-10-16 17:41 -------- d-----w- c:\documents and settings\Davi\Dados de aplicativos\Yahoo!
2010-10-16 17:41 . 2010-10-19 01:17 -------- d-----w- c:\arquivos de programas\Yahoo!
2010-10-16 04:22 . 2010-10-16 04:22 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\PC Tools
2010-10-13 22:45 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-10-09 05:28 . 2010-10-15 09:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Alwil Software
2010-10-09 05:06 . 2010-10-09 05:09 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\MFAData
2010-10-05 23:47 . 2010-10-05 23:47 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe
2010-10-01 23:21 . 2010-10-01 23:21 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\IObit
2010-10-01 21:03 . 2008-07-09 09:05 421888 ----a-w- c:\windows\system32\ac3filter.acm
2010-10-01 21:03 . 2010-10-01 21:03 -------- d-----w- c:\arquivos de programas\XP Codec Pack
2010-10-01 20:58 . 2010-10-04 12:41 -------- d-----w- c:\documents and settings\Administrador
2010-10-01 18:05 . 2010-10-01 18:05 -------- d-----w- c:\documents and settings\Davi\Configurações locais\Dados de aplicativos\WMTools Downloaded Files
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-29 12:50 . 2010-07-28 18:09 45472 ----a-w- c:\windows\system32\drivers\gbpkm.sys
2010-09-20 12:51 . 2010-09-20 12:51 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-09-18 15:23 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2008-04-14 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:51 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:51 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:51 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 22:37 . 2010-09-01 22:37 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-01 22:37 . 2010-09-01 22:37 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-01 11:52 . 2008-04-14 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2008-04-14 12:00 1852928 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:03 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:53 . 2008-04-14 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 10:24 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2008-04-14 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 16:12 . 2008-04-14 12:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:44 . 2008-04-14 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\arquivos de programas\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\arquivos de programas\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2010-09-29 12:49 342304 ------w- c:\arquivos de programas\GbPlugin\gbieh.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-04-29 17:39 1090952 ----a-w- c:\arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"stllssvr"=3 (0x3)
"GbpSv"=2 (0x2)
"cmdAgent"=2 (0x2)
"clr_optimization_v2.0.50727_32"=3 (0x3)
"AgereModemAudio"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Arquivos de programas\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\Davi\\Configurações locais\\Dados de aplicativos\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=
"c:\\Arquivos de programas\\Skype\\Plugin Manager\\skypePM.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
R0 cerc6;cerc6; [x]
R1 11870311;11870311;c:\windows\system32\DRIVERS\11870311.sys [x]
R2 SoilIO;SoilIO; [x]
R3 ute4mtyw;AVZ Kernel Driver;c:\windows\system32\Drivers\ute4mtyw.sys [2010-10-25 7168]
R4 SpyHunter 4 Service;SpyHunter 4 Service;c:\arquiv~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
S0 11870312;11870312 Boot Guard Driver;c:\windows\system32\DRIVERS\11870312.sys [2009-10-22 37392]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2010-09-29 45472]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-10-20 132640]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-10-20 24096]
S1 setup_9.0.0.722_25.10.2010_09-20drv;setup_9.0.0.722_25.10.2010_09-20drv;c:\windows\system32\DRIVERS\1187031.sys [2009-10-10 315408]
S2 aswFsBlk;aswFsBlk; [x]
S2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe [2010-09-29 55072]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
S3 JME;JMicron Ethernet Adapter NDIS5.1 Driver;c:\windows\system32\DRIVERS\JME.sys [2009-07-14 62304]
S3 soilkbc;soilkbc; [x]
S3 SoilMC;SoilMC; [x]
.
Conteúdo da pasta 'Tarefas Agendadas'
.
.
------- Scan Suplementar -------
.
uStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
mStart Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\documents and settings\Davi\Dados de aplicativos\Mozilla\Firefox\Profiles\za3wqz2o.default\
FF - plugin: c:\arquivos de programas\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\documents and settings\Davi\Dados de aplicativos\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Davi\Dados de aplicativos\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORFÃOS REMOVIDOS - - - -
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
ShellExecuteHooks-{E37CB5F0-51F5-4395-A808-5FA49E399003} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Rootkit scan 2010-10-29 16:43
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_USERS\S-1-5-21-515967899-1060284298-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
- - - - - - - > 'winlogon.exe'(968)
c:\arquivos de programas\GBPLUGIN\gbieh.dll
- - - - - - - > 'lsass.exe'(1024)
c:\windows\system32\guard32.dll
- - - - - - - > 'explorer.exe'(1620)
c:\windows\system32\WININET.dll
c:\windows\system32\guard32.dll
c:\windows\system32\webcheck.dll
c:\arquivos de programas\GBPLUGIN\gbieh.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
c:\arquivos de programas\idt\wdm\STacSV.exe
c:\arquivos de programas\Java\jre6\bin\jqs.exe
c:\windows\system32\locator.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Tempo para conclusão: 2010-10-29 16:44:50 - Máquina reiniciou
ComboFix-quarantined-files.txt 2010-10-29 18:44
Pré-execução: 6 pasta(s) 482.272.051.200 bytes disponíveis
Pós execução: 7 pasta(s) 482.163.814.400 bytes disponíveis
- - End Of File - - 23BCE9B0649EB310DDB2A218E8CEF0BF
dfs1502- Iniciante
- Mensagens : 1
Reputação : 0
Data de inscrição : 29/10/2010
Re: ajuda com malware
por Amigo Brasileiro Sáb 30 Out 2010, 00:15
Olá dfs1502! Seja bem-vindo ao Blind Pcs.
Faça uma atualização (update) do seu Malwarebytes, faça uma verificação completa com ele e remova todos os problemas que ele encontrar.____________________________
Siga também estas dicas:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
__________________________
Crie uma pasta própria (como por exemplo C:\Arquivos de Programas\HijackThis).Faça o download do [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] e no momento de salvá-lo escolha a opção de salvá-lo nesta pasta que você acabou de criar e descompacte o hijackthis.zip dentro dela.
Dê um duplo clique no instalador do Hijackthis > clique na opção I Accept.
Clique no botão: Do a system scan and save a logfile. Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar).
Depois disso é só voltar aqui no fórum e postar este log do Hijackthis para que ele possa ser analisado juntamente com o log do Norman Malware Cleaner, o log da Verificação Completa com o Malwarebytes atualizado, o log do Bitdefender Online que estará em C:\Windows\BDOSCAN8\bdoscan.log e nos diga como está seu PC depois disto.
Ficamos no aguardo de sua resposta.
Amigo Brasileiro- Membro Pleno
- Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008
Re: ajuda com malware
por Amigo Brasileiro Seg 15 Nov 2010, 10:40
Tópico arquivado.
Como o autor não respondeu ao tópico por mais de 15 dias, o mesmo foi arquivado.
Caso você seja o autor do tópico e quer que o mesmo seja reaberto, envie uma mensagem privada para um membro da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] com um link para este tópico e justifique porque você precisa dele reaberto.
Como o autor não respondeu ao tópico por mais de 15 dias, o mesmo foi arquivado.
Caso você seja o autor do tópico e quer que o mesmo seja reaberto, envie uma mensagem privada para um membro da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] com um link para este tópico e justifique porque você precisa dele reaberto.
Amigo Brasileiro- Membro Pleno
- Mensagens : 882
Reputação : 11
Data de inscrição : 16/12/2008
Tópicos semelhantes» ajuda com malware e vírus
» Problemas na remoçao de um Malware Search Protect do meu pc AJUDA !
» [FECHADO][Ajuda] Ajuda aqui com modo de Segurança.
» malware-gen
» Por favor, o que fazer quando o mouse esta desaparecendo?
» Problemas na remoçao de um Malware Search Protect do meu pc AJUDA !
» [FECHADO][Ajuda] Ajuda aqui com modo de Segurança.
» malware-gen
» Por favor, o que fazer quando o mouse esta desaparecendo?
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos