Entrar
Cadastre-se
Ajuda
toda vez que entro no msn ele manda uma msg sem eu kerer direto para os meus contatos. com um arquivo zip com os texto "VEJAM AS FOTOS QUE TIREI NO LITORAL" agradeço pelo espaço aberto no forum para esse problema xato. ja estou informado sobre o HIJACK THIS e com isso ja estou postando o LOG para analise:
Logfile of HijackThis v1.99.1
Scan saved at 18:06:42, on 4/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Softwin\BitDefender8\vsserv.exe
C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe
C:\Arquivos de programas\Softwin\BitDefender8\bdoesrv.exe
C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe
C:\Arquivos de programas\Softwin\BitDefender8\bdswitch.exe
C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\winlogon.exe
C:\Arquivos de programas\Softwin\BitDefender8\bdmcon.exe
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :8080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\WINDOWS\Downloaded Program Files\gbiehabn.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [BDMCon] C:\Arquivos de programas\Softwin\BitDefender8\\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Arquivos de programas\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Arquivos de programas\Softwin\BitDefender8\\bdnagent.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Arquivos de programas\Softwin\BitDefender8\\bdswitch.exe
O4 - HKLM\..\Run: [sexhot] C:\WINDOWS\system32\hostfast.cmd
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Arquivos de programas\eMule\emule.exe -AutoStart
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Inicialização rápida do HP Image Zone.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Arquivos de programas\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory....ap/PhtPkMSN.cab
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsec...GbPluginABN.cab
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Arquivos de programas\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Página 1 de 1
- Novo tópico
-
Fechado
Virus Msn Fotos Do Litoral fotos do litoral
Quote
#2
- MessBrasil Forever
-
- Grupo: Conselheiros
- Posts: 1484
- Cadastrado: 10-novembro 06
- Twitter:0
- Cidade:Sao Paulo, SP
Postou 5 janeiro 2007 - 08:22
Seja bem vindo(a) ao fórum cristiano147,
Desabilite temporariamente seu programa de antivírus.
Faça o download da ferrramenta BankerFix
Clique aqui para baixar
Execute a ferrramente bankerfix.exe.
Habilite novamente seu antivírus.
Faça um novo log do Hijackthis e poste novamente.
A ferramenta BankerFix criou um relatório em:
C:\LinhaDefensiva\relatorio.txt
Coloque também o resultado desse relatório no seu post.
Desabilite temporariamente seu programa de antivírus.
Faça o download da ferrramenta BankerFix
Clique aqui para baixar
Execute a ferrramente bankerfix.exe.
Habilite novamente seu antivírus.
Faça um novo log do Hijackthis e poste novamente.
A ferramenta BankerFix criou um relatório em:
C:\LinhaDefensiva\relatorio.txt
Coloque também o resultado desse relatório no seu post.
#3
Postou 8 janeiro 2007 - 11:34
ola!! Milorde Junior
rodei a ferrramenta BankerFix, e ela gerou esse relatório.
INICIANDO BANKER FIX
=======================================================
INICIANDO FOX FIX
=======================================================
Iniciando Log do PV
-----------------------------------
Killing '*'
Arquivos a remover
-----------------------------------
Arquivos ruins restantes
-----------------------------------
Reg Importado
-----------------------------------
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ Run]
COMO VC MESMO DISSE PARA FAZER, UM NOVO LOG DO Hijackthis...
ESTOU POSTANDO ABAIXO O NOVO LOG
Logfile of HijackThis v1.99.1
Scan saved at 13:42:45, on 8/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe
C:\Arquivos de programas\Softwin\BitDefender8\bdoesrv.exe
C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe
C:\Arquivos de programas\Softwin\BitDefender8\bdswitch.exe
C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe
C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgalry.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Arquivos de programas\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe
C:\Arquivos de programas\Softwin\BitDefender8\vsserv.exe
c:\arquivos de programas\softwin\bitdefender8\bdmcon.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :8080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\WINDOWS\Downloaded Program Files\gbiehabn.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [BDMCon] C:\ARQUIV~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Arquivos de programas\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Arquivos de programas\Softwin\BitDefender8\\bdswitch.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Arquivos de programas\eMule\emule.exe -AutoStart
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Inicialização rápida do HP Image Zone.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory....ap/PhtPkMSN.cab
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsec...GbPluginABN.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Arquivos de programas\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
abraço.
aguardo respostas.
rodei a ferrramenta BankerFix, e ela gerou esse relatório.
INICIANDO BANKER FIX
=======================================================
INICIANDO FOX FIX
=======================================================
Iniciando Log do PV
-----------------------------------
Killing '*'
Arquivos a remover
-----------------------------------
Arquivos ruins restantes
-----------------------------------
Reg Importado
-----------------------------------
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ Run]
COMO VC MESMO DISSE PARA FAZER, UM NOVO LOG DO Hijackthis...
ESTOU POSTANDO ABAIXO O NOVO LOG
Logfile of HijackThis v1.99.1
Scan saved at 13:42:45, on 8/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe
C:\Arquivos de programas\Softwin\BitDefender8\bdoesrv.exe
C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe
C:\Arquivos de programas\Softwin\BitDefender8\bdswitch.exe
C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe
C:\Arquivos de programas\HP\Digital Imaging\bin\hpqgalry.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Arquivos de programas\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe
C:\Arquivos de programas\Softwin\BitDefender8\vsserv.exe
c:\arquivos de programas\softwin\bitdefender8\bdmcon.exe
C:\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.globo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :8080
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\WINDOWS\Downloaded Program Files\gbiehabn.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [BDMCon] C:\ARQUIV~1\Softwin\BITDEF~1\bdmcon.exe
O4 - HKLM\..\Run: [BDOESRV] C:\Arquivos de programas\Softwin\BitDefender8\\bdoesrv.exe
O4 - HKLM\..\Run: [BDNewsAgent] C:\Arquivos de programas\Softwin\BitDefender8\bdnagent.exe
O4 - HKLM\..\Run: [BDSwitchAgent] C:\Arquivos de programas\Softwin\BitDefender8\\bdswitch.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Arquivos de programas\eMule\emule.exe -AutoStart
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Inicialização rápida do HP Image Zone.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory....ap/PhtPkMSN.cab
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsec...GbPluginABN.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Arquivos de programas\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
abraço.
aguardo respostas.
#4
- MessBrasil Forever
-
- Grupo: Conselheiros
- Posts: 1484
- Cadastrado: 10-novembro 06
- Twitter:0
- Cidade:Sao Paulo, SP
Postou 8 janeiro 2007 - 19:46
Olá cristiano147,
1º Desabilite seu programa de antivirus
2º Acesse o Scan Online no link abaixo:
http://www.kaspersky.com/virusscanner
Após acessar o link, clique em:
Kaspersky Online Scanner
Em seguida clique em 'Accept' e aceite a Instalação do Controle de Active X que será pedido.
Espere alguns minutos até que seja concluído a instalação e clique em 'Next'
Clique em My Computer para que seja feito um varredura completa no seu sistema.
Quando terminar salve o log e poste aqui o resultado desse scan.
1º Desabilite seu programa de antivirus
2º Acesse o Scan Online no link abaixo:
http://www.kaspersky.com/virusscanner
Após acessar o link, clique em:
Kaspersky Online Scanner
Em seguida clique em 'Accept' e aceite a Instalação do Controle de Active X que será pedido.
Espere alguns minutos até que seja concluído a instalação e clique em 'Next'
Clique em My Computer para que seja feito um varredura completa no seu sistema.
Quando terminar salve o log e poste aqui o resultado desse scan.
#5
Postou 8 janeiro 2007 - 23:35
ola!! amigo,
esse é o log gerado virusscanner.
C:\Arquivos de programas\eMule\Temp\002.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\003.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\004.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\005.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\006.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\007.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\008.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\010.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\011.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\012.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\016.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\017.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\018.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\019.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\021.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\022.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\023.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\024.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\025.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\026.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\028.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\029.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\031.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\032.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\048.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\049.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\052.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\058.part Object is locked skipped
C:\Arquivos de programas\HP\hpcoretech\hpcmerr.log Object is locked skipped
C:\Arquivos de programas\Softwin\BitDefender8\asdict.dat Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\GbPlugin\Abn\gbieh.gbl.12.upd.2512FB0C Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\ApplicationHistory\hpqgalry.exe.16409179.ini.inuse Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ pending.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ Working\database_AC2C_141E_2C13_E25E\dfsr.db Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ Working\database_AC2C_141E_2C13_E25E\fsr.log Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ Working\database_AC2C_141E_2C13_E25E\fsrtmp.log Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ Working\database_AC2C_141E_2C13_E25E\tmp.edb Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Contacts\cristiano_tw@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Contacts\cristiano_tw@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Histórico\History.IE5\MSHist012007010820070109\index.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Histórico\History.IE5\MSHist012007010920070110\index.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\Acr9EC3.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\~DF6A87.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\~DF7FF3.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\~DF8009.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\~DF9115.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\~DF912B.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\MONIQUE\Configurações locais\Temporary Internet Files\Content.IE5\IVCVINEP\r2d2[1].jpg Infected: Trojan-Spy.Win32.Banker.chm skipped
C:\Documents and Settings\NetworkService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.AUTORIDADE NT\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService.AUTORIDADE NT\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{7CFCD90D-601F-498E-B324-3AE8105F1A35}\RP67\A0072659. exe Infected: Trojan-Spy.Win32.Banker.chm skipped
C:\System Volume Information\_restore{7CFCD90D-601F-498E-B324-3AE8105F1A35}\RP67\A0072660. cmd Infected: Trojan-Downloader.Win32.Banload.bov skipped
C:\System Volume Information\_restore{7CFCD90D-601F-498E-B324-3AE8105F1A35}\RP67\change. log Object is locked skipped
C:\WINDOWS\c3po.jpg Infected: Trojan-Spy.Win32.Banker.chm skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\tmp00003dc8\tmp00000000 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
aguardo resposta.
obrigado..
esse é o log gerado virusscanner.
C:\Arquivos de programas\eMule\Temp\002.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\003.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\004.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\005.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\006.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\007.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\008.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\010.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\011.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\012.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\016.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\017.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\018.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\019.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\021.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\022.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\023.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\024.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\025.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\026.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\028.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\029.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\031.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\032.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\048.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\049.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\052.part Object is locked skipped
C:\Arquivos de programas\eMule\Temp\058.part Object is locked skipped
C:\Arquivos de programas\HP\hpcoretech\hpcmerr.log Object is locked skipped
C:\Arquivos de programas\Softwin\BitDefender8\asdict.dat Object is locked skipped
C:\Documents and Settings\All Users.WINDOWS\Dados de aplicativos\GbPlugin\Abn\gbieh.gbl.12.upd.2512FB0C Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\ApplicationHistory\hpqgalry.exe.16409179.ini.inuse Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ pending.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ Working\database_AC2C_141E_2C13_E25E\dfsr.db Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ Working\database_AC2C_141E_2C13_E25E\fsr.log Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ Working\database_AC2C_141E_2C13_E25E\fsrtmp.log Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Messenger\cristiano_tw@hotmail.com\SharingMetadata\ Working\database_AC2C_141E_2C13_E25E\tmp.edb Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Contacts\cristiano_tw@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Contacts\cristiano_tw@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Histórico\History.IE5\MSHist012007010820070109\index.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Histórico\History.IE5\MSHist012007010920070110\index.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\Acr9EC3.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\~DF6A87.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\~DF7FF3.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\~DF8009.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\~DF9115.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temp\~DF912B.tmp Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\CRISTIANO.HOME\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.AUTORIDADE NT\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\MONIQUE\Configurações locais\Temporary Internet Files\Content.IE5\IVCVINEP\r2d2[1].jpg Infected: Trojan-Spy.Win32.Banker.chm skipped
C:\Documents and Settings\NetworkService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.AUTORIDADE NT\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.AUTORIDADE NT\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService.AUTORIDADE NT\ntuser.dat.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{7CFCD90D-601F-498E-B324-3AE8105F1A35}\RP67\A0072659. exe Infected: Trojan-Spy.Win32.Banker.chm skipped
C:\System Volume Information\_restore{7CFCD90D-601F-498E-B324-3AE8105F1A35}\RP67\A0072660. cmd Infected: Trojan-Downloader.Win32.Banload.bov skipped
C:\System Volume Information\_restore{7CFCD90D-601F-498E-B324-3AE8105F1A35}\RP67\change. log Object is locked skipped
C:\WINDOWS\c3po.jpg Infected: Trojan-Spy.Win32.Banker.chm skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\tmp00003dc8\tmp00000000 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
aguardo resposta.
obrigado..
#6
- MessBrasil Forever
-
- Grupo: Conselheiros
- Posts: 1484
- Cadastrado: 10-novembro 06
- Twitter:0
- Cidade:Sao Paulo, SP
Postou 9 janeiro 2007 - 06:21
Olá
O seu log está limpo
Apenas para finalizar:
1º Delete as seguintes pastas:
C:\LinhaDefensiva
2º Delete os seguintes arquivos:
C:\WINDOWS\c3po.jpg
3º Acesse Iniciar > Painel de Controle > Sistema > Restauração de Sistema
Marque a opção Desativar restauração do sistema em todas as unidades, clique em Aplicar.
Depois desmarque essa opção, clique em Aplicar e depois em OK.
4º Instale o CCleaner para excluir arquivos temporários e desnecessários:
Clique aqui para baixar
Abra o programa e clique em Executar Cleaner
Após isto, clique em Erros > Procurar erros > Corrigir Erros
O seu log está limpo
Apenas para finalizar:
1º Delete as seguintes pastas:
C:\LinhaDefensiva
2º Delete os seguintes arquivos:
C:\WINDOWS\c3po.jpg
3º Acesse Iniciar > Painel de Controle > Sistema > Restauração de Sistema
Marque a opção Desativar restauração do sistema em todas as unidades, clique em Aplicar.
Depois desmarque essa opção, clique em Aplicar e depois em OK.
4º Instale o CCleaner para excluir arquivos temporários e desnecessários:
Clique aqui para baixar
Abra o programa e clique em Executar Cleaner
Após isto, clique em Erros > Procurar erros > Corrigir Erros
Página 1 de 1
- Novo tópico
-
Fechado