Fórum Guia do PC: nao consigo remove todos os virus - Fórum Guia do PC

Ir para

Página 1 de 1
  • Novo tópico
  • Responder

nao consigo remove todos os virus

#1 Membro offline   Rafaaell 

  • Grupo: Membros
  • Posts: 3
  • Cadastrado: 17/03/2010, 00:54
  • Sistema:Windows

Postou 20/03/2010, 04:02:39

eu instalei o Avira premio security suite aparemtemente tudo certo fiz uma varredura completa quando terminou a varredura nao aprareceu a janela com as opções para me decidir o que eu ia fazer com os objetos infectados o windowns live abre e fecha automaticamente os programas estao entrando em conflito eu baixo programas em portugues aparecem em ingles eu faço restauração do sistema ai quando ele liga de novo os programas que eu instalei que nao foram instalados no dia do ponto de restauração eles sao desistalados e ainternet esta lenta eu ja usei combofiz bankfix e nada ate agora se voces poderem me ajuda

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 20:52:58, on 19/3/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\avmailc.exe
C:\Arquivos de programas\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\RFA\rfagent.exe
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe
C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Arquivos de programas\Your Uninstaller 2010\urmain.exe
C:\Arquivos de programas\Your Uninstaller 2010\urmain.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Java\jre6\bin\javaw.exe
C:\Arquivos de programas\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O4 - HKLM\..\Run: [rfagent] "C:\Arquivos de programas\RFA\rfagent.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\ARQUIV~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Arquivos de programas\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Atalho para JDownloader.lnk = C:\Arquivos de programas\JDownloader\JDownloader.exe
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Arquivos de programas\Offline Explorer Pro\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Arquivos de programas\Offline Explorer Pro\Add_AllO.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD58B00A-2E3F-411B-AA02-FC7210E10786}: NameServer = 201.10.128.2 201.10.120.3
O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira Firewall (AntiVirFirewallService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avfwsvc.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamservice.exe

--
End of file - 4440 bytes


ComboFix 10-03-15.02 - Usuário 17/03/2010 2:33.3.2 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.495.199 [GMT -3:00]
Executando de: c:\documents and settings\Usuário\desktop\combofix.exe
Comandos utilizados :: /killall
.

(((((((((((((((( Arquivos/Ficheiros criados de 2010-02-17 to 2010-03-17 ))))))))))))))))))))))))))))
.

2010-03-17 05:29 . 2010-03-17 05:29 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-03-17 04:33 . 2010-01-07 19:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-17 04:33 . 2010-03-17 04:33 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Malwarebytes
2010-03-17 04:33 . 2010-03-17 04:33 -------- d-----w- c:\arquivos de programas\Malwarebytes' Anti-Malware
2010-03-17 04:33 . 2010-01-07 19:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-17 04:31 . 2010-03-17 04:48 -------- d-----w- C:\Nova pasta
2010-03-17 01:16 . 2010-03-17 01:16 -------- d-----w- c:\arquivos de programas\Windows Media Connect 2
2010-03-17 01:13 . 2010-03-17 01:15 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-03-16 01:58 . 2010-03-16 01:58 -------- d-----w- c:\arquivos de programas\MSXML 4.0
2010-03-16 01:39 . 2003-04-18 19:29 82432 ----a-w- c:\windows\system32\msxml4r.dll
2010-03-16 01:39 . 2003-04-18 19:29 44544 ----a-w- c:\windows\system32\msxml4a.dll
2010-03-16 01:39 . 2010-03-16 01:40 -------- d-----w- c:\arquivos de programas\MAGIX
2010-03-16 01:39 . 2007-04-27 13:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2010-03-15 23:33 . 2010-03-15 23:33 -------- d-----w- c:\arquivos de programas\MSN Toolbar
2010-03-15 20:33 . 2007-01-04 15:02 663552 ----a-w- c:\windows\system32\mgxoschk.dll
2010-03-15 19:37 . 2010-03-15 19:37 -------- d-----w- c:\windows\system32\wbem\Repository
2010-03-15 19:35 . 2010-03-15 19:35 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Wise Installation Wizard
2010-03-15 19:35 . 2010-03-15 19:35 -------- d-----w- c:\arquivos de programas\Time Stopper
2010-03-15 19:35 . 2010-03-15 19:35 -------- d-----w- c:\arquivos de programas\Your Uninstaller 2010
2010-03-15 19:35 . 2010-03-15 19:35 -------- d-----w- c:\arquivos de programas\PECompact
2010-03-15 18:35 . 2010-03-15 19:27 -------- d-----w- c:\arquivos de programas\MAGIX(2)
2010-03-15 07:05 . 2010-03-15 07:23 -------- d-----w- C:\winspector
2010-03-15 06:13 . 2010-03-15 06:13 178688 ----a-w- c:\windows\system32\sshnas21(2).dll
2010-03-15 01:13 . 2010-03-15 01:13 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\vsosdk
2010-03-14 23:48 . 2010-03-15 19:31 -------- d-----w- c:\arquivos de programas\Messenger Plus!SPH
2010-03-14 22:46 . 2010-03-15 19:31 -------- d-----w- C:\ConvertXToDVD v4.0.9.322a Portable
2010-03-14 21:43 . 2010-03-15 19:31 -------- d-----w- c:\arquivos de programas\Throttle
2010-03-14 06:32 . 2010-03-15 19:31 -------- d-----w- c:\arquivos de programas\NetScream(2)
2010-03-14 03:53 . 2010-03-17 01:22 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\MAGIX
2010-03-14 03:51 . 2010-03-14 03:51 -------- d-----w- c:\arquivos de programas\Arquivos comuns\MAGIX Services
2010-03-13 21:25 . 2010-03-13 21:26 -------- d-----w- C:\D
2010-03-11 20:38 . 2010-03-15 19:34 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\NOS
2010-03-11 02:02 . 2010-03-11 02:02 -------- d-----w- c:\documents and settings\Default User\IETldCache
2010-03-11 00:27 . 2010-03-15 19:35 -------- d-----w- c:\arquivos de programas\AVI ReComp(2)
2010-03-11 00:01 . 2010-03-11 00:01 -------- d-----w- c:\arquivos de programas\Gabest
2010-03-11 00:01 . 2010-03-15 19:35 -------- d-----w- c:\arquivos de programas\AviSynth 2.5
2010-03-10 21:44 . 2010-03-15 19:35 -------- d-----w- c:\arquivos de programas\BS_Player
2010-03-10 21:43 . 2010-03-10 21:43 -------- d-----w- c:\arquivos de programas\Webteh
2010-03-10 05:18 . 2010-03-16 21:35 -------- d-----w- c:\arquivos de programas\Ares
2010-03-10 05:17 . 2010-03-15 19:35 -------- d-----w- C:\RECYCLER(2)
2010-03-09 22:06 . 2010-03-15 19:36 -------- d-----w- c:\arquivos de programas\SUPERAntiSpyware
2010-03-09 21:29 . 2010-03-15 19:36 -------- d-----w- C:\os trapalhões
2010-03-09 21:01 . 2007-02-15 00:32 81920 ----a-w- c:\windows\system32\GkSui20.EXE
2010-03-09 21:01 . 2010-03-15 20:22 -------- d-----w- c:\arquivos de programas\LingoCom
2010-03-09 21:01 . 2000-09-25 01:01 69632 ----a-w- c:\windows\system32\GkSui18.EXE
2010-03-09 06:39 . 2010-03-16 01:51 -------- d-----w- c:\arquivos de programas\NitroPC
2010-03-08 23:40 . 2010-03-15 21:29 -------- d-----w- c:\arquivos de programas\a-squared Anti-Malware
2010-03-08 21:40 . 2008-02-07 20:10 -------- d-----w- C:\ckis
2010-03-08 21:21 . 2010-03-08 21:21 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab Setup Files
2010-03-08 03:26 . 2010-03-08 03:28 -------- d-----w- C:\My Drivers
2010-03-08 03:25 . 2010-03-09 03:58 -------- d-----w- c:\arquivos de programas\Palavras-Cruzadas 6.0
2010-03-08 01:51 . 2010-03-08 03:32 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\inf
2010-03-08 01:51 . 2010-03-08 12:48 -------- d-----w- c:\arquivos de programas\My Drivers
2010-03-07 21:35 . 2010-03-07 21:35 -------- d-----r- C:\Sandbox
2010-03-07 21:22 . 2010-03-07 21:22 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\farstone
2010-03-07 19:51 . 2010-03-07 19:52 261 ----a-w- C:\inVHDDrvLog.dat
2010-03-07 19:46 . 2010-03-07 19:46 -------- d-----w- c:\windows\Time Stopper
2010-03-06 05:58 . 2010-03-06 05:59 -------- d-----w- C:\MyBootCD
2010-03-06 00:01 . 2010-03-15 19:35 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Spybot - Search & Destroy
2010-03-06 00:01 . 2010-03-15 19:35 -------- d-----w- c:\arquivos de programas\Spybot - Search & Destroy
2010-03-03 19:18 . 2005-09-23 11:29 626688 ----a-w- c:\windows\system32\msvcr80.dll
2010-03-02 22:43 . 2009-06-12 01:52 892928 ----a-w- c:\windows\system32\iconv.dll
2010-03-02 22:43 . 2009-05-30 01:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-03-02 22:43 . 2010-03-12 20:26 -------- d-----w- c:\arquivos de programas\OpenSubtitlesPlayer
2010-02-28 01:50 . 2010-03-16 20:27 -------- d---a-w- c:\documents and settings\All Users\Dados de aplicativos\TEMP
2010-02-27 16:32 . 2010-03-03 21:18 -------- d-----w- c:\arquivos de programas\FormatFactory
2010-02-27 06:10 . 2010-03-13 05:10 -------- d-----w- C:\californication
2010-02-27 06:08 . 2010-02-27 06:08 -------- d-----w- C:\Bruno e Marrone - De Volta Aos Bares (2009) Ao Vivo
2010-02-24 04:19 . 2010-02-24 16:19 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\boost_interprocess
2010-02-18 14:58 . 2010-02-18 14:58 -------- d-----w- c:\arquivos de programas\Microsoft Office Outlook Connector
2010-02-18 14:58 . 2010-03-15 23:27 -------- dc----w- c:\windows\system32\DRVSTORE

.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-16 20:44 . 2010-02-05 03:57 -------- d-----w- c:\arquivos de programas\JDownloader
2010-03-16 00:48 . 2009-11-07 20:59 -------- d-----w- c:\arquivos de programas\Windows Live
2010-03-15 22:57 . 2009-11-07 21:26 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help
2010-03-15 19:35 . 2010-02-06 14:32 -------- d-----w- c:\arquivos de programas\Opera
2010-03-15 19:34 . 2009-11-07 20:55 -------- d-----w- c:\arquivos de programas\K-Lite Codec Pack
2010-03-08 23:05 . 2009-11-11 05:10 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab
2010-03-08 21:48 . 2001-10-28 14:07 83728 ----a-w- c:\windows\system32\perfc016.dat
2010-03-08 21:48 . 2001-10-28 14:07 479790 ----a-w- c:\windows\system32\perfh016.dat
2010-03-07 19:48 . 2009-11-07 21:55 -------- d-----w- c:\arquivos de programas\Arquivos comuns\InstallShield
2010-02-18 14:58 . 2009-11-07 21:00 -------- d-----w- c:\arquivos de programas\Microsoft
2010-02-17 00:46 . 2010-02-08 04:25 -------- d-----w- c:\arquivos de programas\Web Studio
2010-02-15 20:02 . 2009-11-07 20:53 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe
2010-02-08 04:58 . 2010-02-08 04:58 -------- d-----w- c:\arquivos de programas\Microsoft Silverlight
2010-02-08 04:27 . 2010-02-08 04:27 -------- d-----w- c:\arquivos de programas\Offline Explorer Pro
2009-12-31 16:50 . 2008-04-13 11:15 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2008-04-13 18:20 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:41 . 2009-11-07 20:44 345600 ----a-w- c:\windows\system32\mspaint.exe
.

------- Sigcheck -------

[-] 2009-03-28 . 1B35C639F5181537494902A72B817699 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 03:57 35760 ----a-w- c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-13 18:20 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2004-07-01 03:58 118784 ----a-w- c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2004-07-01 04:02 155648 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 06:17 149280 ----a-w- c:\arquivos de programas\Java\jre6\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Arquivos de programas\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Arquivos de programas\\Opera\\opera.exe"=
"c:\\Arquivos de programas\\Java\\jre6\\bin\\java.exe"=
"c:\\Documents and Settings\\All Users\\Dados de aplicativos\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\Brazilian\\setup.exe"=
"c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Ares\\Ares.exe"=

S2 ResDVMD;Recurso DVMD; [x]
S3 utc3odc1;AVZ Kernel Driver;\??\c:\windows\system32\Drivers\utc3odc1.sys --> c:\windows\system32\Drivers\utc3odc1.sys [?]
.
Conteúdo da pasta 'Tarefas Agendadas'

2010-03-17 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 17:07]
.
.
------- Scan Suplementar -------
.
uInternet Settings,ProxyOverride = local
IE: Baixe &tudo usando Mass Downloader
IE: Baixe usando &Mass Downloader
IE: Translate this web page with Babylon
IE: Translate with Babylon
TCP: {BD58B00A-2E3F-411B-AA02-FC7210E10786} = 201.10.120.3 201.10.128.3
FF - ProfilePath - c:\documents and settings\Usuário\Dados de aplicativos\Mozilla\Firefox\Profiles\kdgzumda.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - component: c:\documents and settings\Usuário\Dados de aplicativos\Mozilla\Firefox\Profiles\kdgzumda.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Usuário\Dados de aplicativos\Mozilla\Firefox\Profiles\kdgzumda.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Usuário\Dados de aplicativos\Mozilla\Firefox\Profiles\kdgzumda.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\arquivos de programas\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\arquivos de programas\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\arquivos de programas\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\arquivos de programas\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-17 02:41
Windows 5.1.2600 Service Pack 3 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso
arquivos/ficheiros ocultos: 0

**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-842925246-1604221776-1177238915-1003\Software\PECompact*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"UpdaterLastTimeChecked"=hex:c2,d2,28,c6,c8,be,ca,01
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'explorer.exe'(2792)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Outros Processos em Execução ------------------------
.
c:\arquivos de programas\Java\jre6\bin\jqs.exe
c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Tempo para conclusão: 2010-03-17 02:44:06 - Máquina reiniciou
ComboFix-quarantined-files.txt 2010-03-17 05:44
ComboFix2.txt 2010-03-15 21:43
ComboFix3.txt 2010-03-15 20:18
ComboFix4.txt 2010-03-10 05:14

Pré-execução: 7.392.509.952 bytes disponíveis
Pós execução: 7.943.471.104 bytes disponíveis

- - End Of File - - 49EFB83143E20D01FE4CE955133FAC1E
0

Compartilhar este tópico:


Página 1 de 1
  • Novo tópico
  • Responder

1 usuário(s) está(ão) lendo este tópico
0 membro(s), 1 visitante(s) e 0 membros anônimo(s)