carlasioli

Membro
  • Content count

    22
  • Joined

  • Last visited

Community Reputation

0 Neutral

About carlasioli

  • Rank
    Novato
  • Birthday 06/14/1983

Contact Methods

  • Website URL
    http://
  • ICQ
    0
  • Yahoo
    carlasioli
  1. obrigado, consegui resolver com essa ferramenta. problema resolvido!
  2. meu note da semp toshiba veio com o norton gratis por um ano, agora expirou a versão grátis, mas eu não consigo nem desinstalar ele completamente, nem instalar um novo anti-vírus, já usei o revo uninstaller mas não consegui! agora está dando erro no note!
  3. comprei um nokia x2-01 desbloqueado mas com configurações da tim. coloquei meu chip da claro e faço ligações normalmente, mas não consigo usar a internet. quando tento conectar ou usar o messenger aparece a mensagem "primeiro configure dados de pacotes" ou "verifique com sua operadora se seu aparelho está corretamente configurado p/ trabalhar c/ conexão d dados". eu entrei em contato com a claro que disse ainda ñ ter no sistema as configurações para esse modelo de aparelho. tentei a nokia que disse q a tim é que tem que fazer o desbloqueio já que o telefone veio configurado com aplicativos da tim... por fim, eu liguei para a tim que me pediu um prazo para verificar o caso! e agora? gostaria de saber se tem uma forma de fazer essa configuração. obrigado pela atenção Carla
  4. ok obrigado!
  5. meu pc está desligando sozinho, quase ñ consigo utilizá-lo. já fiz uma verificação c/ vocês e ñ é vírus. pode ser problema no hardware? meu windows é original. só q ele veio copactado num cd da empresa Positivo (que vende pcs). uma vez já tentei reinstalar depois d uma formatação mas dava erro. dizia q faltava o boot d inicialização, então acabei tendo q pagar alguém p/ terminar o serviço. vocês sabem me dizem porque isso ocorreu e se eu posso solucionar! obrigado!
  6. log: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Versão da Base de Dados: 4052 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 4/7/2010 12:51:20 mbam-log-2010-07-04 (12-51-20).txt Tipo de Verificação: Verificação Completa (C:\|) Objetos escaneados: 170892 Tempo decorrido: 55 minuto(s), 12 segundo(s) Processos de Memória Infectados: 0 Módulos de Memória Infectados: 0 Chaves de Registro Infectadas: 1 Valores de Registro Infectados: 0 Itens de Dados no Registro Infectados: 0 Pastas Infectadas: 0 Arquivos Infectados: 0 Processos de Memória Infectados: (Não foram detectados ítens maliciosos) Módulos de Memória Infectados: (Não foram detectados ítens maliciosos) Chaves de Registro Infectadas: HKEY_CLASSES_ROOT\Interface\{014da6cc-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. Valores de Registro Infectados: (Não foram detectados ítens maliciosos) Itens de Dados no Registro Infectados: (Não foram detectados ítens maliciosos) Pastas Infectadas: (Não foram detectados ítens maliciosos) Arquivos Infectados: (Não foram detectados ítens maliciosos) _____________________ Logfile of HijackThis v1.99.1 Scan saved at 12:53:12, on 4/7/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe C:\WINDOWS\vsnpstd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\Arquivos de programas\Microsoft Security Essentials\msseces.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACL.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wscntfy.exe C:\Arquivos de programas\TIM Web Movel\TIM Web Movel.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\sol.exe C:\Documents and Settings\DUDU\Desktop\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMess.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdmcks.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMess.dll O3 - Toolbar: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMess.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [sNPSTD2] C:\WINDOWS\vsnpstd2.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB002" /M "Stylus C45" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [MSSE] "c:\Arquivos de programas\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACL.EXE /P26 "EPSON Stylus CX3700 Series" /O6 "USB001" /M "Stylus CX3700" O4 - HKCU\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /M "Stylus C45" /EF "HKCU" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: QuickTV.lnk = C:\Arquivos de programas\AVerTV\QuickTV.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O14 - IERESET.INF: START_PAGE_URL=http://www.portalepc.com.br/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1230464388140 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1230464218890 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shock...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7E46E33C-542D-44BE-8F26-B4F26D0C3662}: NameServer = 189.40.224.5 189.38.95.95 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
  7. Logfile of HijackThis v1.99.1 Scan saved at 19:15:45, on 3/7/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Arquivos de programas\Microsoft Security Essentials\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe C:\WINDOWS\vsnpstd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\Arquivos de programas\Microsoft Security Essentials\msseces.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACL.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wscntfy.exe C:\Arquivos de programas\TIM Web Movel\TIM Web Movel.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\DUDU\Desktop\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMess.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdmcks.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMess.dll O3 - Toolbar: Messenger Plus Live Brazil Toolbar - {edbca961-4bf8-4cbe-8c63-a11dff9ed2d9} - C:\Arquivos de programas\Messenger_Plus_Live_Brazil\tbMess.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [sNPSTD2] C:\WINDOWS\vsnpstd2.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB002" /M "Stylus C45" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [MSSE] "c:\Arquivos de programas\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACL.EXE /P26 "EPSON Stylus CX3700 Series" /O6 "USB001" /M "Stylus CX3700" O4 - HKCU\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /M "Stylus C45" /EF "HKCU" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: QuickTV.lnk = C:\Arquivos de programas\AVerTV\QuickTV.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O14 - IERESET.INF: START_PAGE_URL=http://www.portalepc.com.br/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1230464388140 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1230464218890 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shock...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7E46E33C-542D-44BE-8F26-B4F26D0C3662}: NameServer = 189.40.224.5 189.38.95.95 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
  8. em anexo segue combofix e abaixo log do hijackthis ---------------------- Logfile of HijackThis v1.99.1 Scan saved at 10:33:28, on 5/5/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Arquivos de programas\Microsoft Security Essentials\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe C:\WINDOWS\vsnpstd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\Arquivos de programas\Microsoft Security Essentials\msseces.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\AVerTV\QuickTV.exe C:\WINDOWS\system32\wscntfy.exe C:\Arquivos de programas\TIM Web Movel\TIM Web Movel.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\DUDU\Desktop\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: Forum Espirita Toolbar - {4f5822ec-ba4d-465e-a94b-5510a2eef15e} - C:\Arquivos de programas\Forum_Espirita\tbForu.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Forum Espirita Toolbar - {4f5822ec-ba4d-465e-a94b-5510a2eef15e} - C:\Arquivos de programas\Forum_Espirita\tbForu.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdmcks.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Forum Espirita Toolbar - {4f5822ec-ba4d-465e-a94b-5510a2eef15e} - C:\Arquivos de programas\Forum_Espirita\tbForu.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [sNPSTD2] C:\WINDOWS\vsnpstd2.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB002" /M "Stylus C45" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [MSSE] "c:\Arquivos de programas\Microsoft Security Essentials\msseces.exe" -hide -runkey O4 - HKCU\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /M "Stylus C45" /EF "HKCU" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: QuickTV.lnk = C:\Arquivos de programas\AVerTV\QuickTV.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O14 - IERESET.INF: START_PAGE_URL=http://www.portalepc.com.br/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1230464388140 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1230464218890 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shock...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7E46E33C-542D-44BE-8F26-B4F26D0C3662}: NameServer = 189.40.224.5 189.38.95.95 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) ComboFix.txt
  9. desculpa pelas duas respostas, mas logo q postei a q está acima, apareceu uma "viva alma" aqui q me ajudou, então executei o avgremover e aí sim consegui utilizar o combofix. segue anexo do log ComboFix.txt
  10. encontrei um problema! ñ consigo desinstalar o avg, nem desativar. nada! já fui em desinstalar programas mas dá erro. pesquisei aqui no site umas maneiras de fazer isso, mas não sei como executar aquelas ferramentas. preciso de ajuda!!!
  11. Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Versão da Base de Dados: 4051 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 29/4/2010 12:29:17 mbam-log-2010-04-29 (12-29-17).txt Tipo de Verificação: Verificação Completa (C:\|) Objetos escaneados: 165598 Tempo decorrido: 2 hora(s), 1 minuto(s), 52 segundo(s) Processos de Memória Infectados: 1 Módulos de Memória Infectados: 1 Chaves de Registro Infectadas: 18 Valores de Registro Infectados: 3 Itens de Dados no Registro Infectados: 2 Pastas Infectadas: 7 Arquivos Infectados: 24 Processos de Memória Infectados: C:\WINDOWS\system32\csrcs.exe (Trojan.Agent) -> Unloaded process successfully. Módulos de Memória Infectados: C:\Arquivos de programas\MySearch\bar\1.bin\S4BAR.DLL (Adware.MyWebSearch) -> Delete on reboot. Chaves de Registro Infectadas: HKEY_CLASSES_ROOT\CLSID\{014da6c1-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{014da6cb-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{014da6c0-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c1-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{014da6c1-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{014da6c1-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{014da6cb-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DRM\amty (Worm.Autorun) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mysearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mysearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Search Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\MySearch (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ebdabfb-7284-9479-9b65-c1d8153d25e1} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{0ebdabfb-7284-9479-9b65-c1d8153d25e1} (Adware.AdRotator) -> Quarantined and deleted successfully. Valores de Registro Infectados: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{014da6c9-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\csrcs (Trojan.Agent) -> Quarantined and deleted successfully. Itens de Dados no Registro Infectados: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://flvdirect.iamwired.net/) Good: (http://www.google.com) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe csrcs.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully. Pastas Infectadas: C:\Arquivos de programas\MySearch (Adware.MyWebSearch) -> Delete on reboot. C:\Arquivos de programas\MySearch\bar (Adware.MyWebSearch) -> Delete on reboot. C:\Arquivos de programas\MySearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot. C:\Arquivos de programas\MySearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\WINDOWS\netaps (Trojan.Banker) -> Quarantined and deleted successfully. Arquivos Infectados: C:\Arquivos de programas\MySearch\bar\1.bin\S4BAR.DLL (Adware.MyWebSearch) -> Delete on reboot. C:\Documents and Settings\DUDU\Configurações locais\Temp\nsl26.tmp\downloads\1191187.ex_ (Adware.BHO) -> Quarantined and deleted successfully. C:\Documents and Settings\DUDU\Configurações locais\Temp\nsr24.tmp\downloads\4800359.ex_ (Adware.BHO) -> Quarantined and deleted successfully. C:\Documents and Settings\DUDU\Configurações locais\Temp\nsx7.tmp\downloads\1297484.ex_ (Adware.BHO) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2AD363DA-FFF7-4203-976C-860486762C8C}\RP277\A0172236.exe (Adware.MediaPass) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2AD363DA-FFF7-4203-976C-860486762C8C}\RP279\A0176742.dll (Adware.BHO) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2AD363DA-FFF7-4203-976C-860486762C8C}\RP283\A0181052.dll (Adware.BHO) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2AD363DA-FFF7-4203-976C-860486762C8C}\RP289\A0185627.dll (Adware.BHO) -> Quarantined and deleted successfully. C:\WINDOWS\system32\iPvJ4wAx_QsX7.dll (Adware.BHO) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\1.bin\NPMYSRCH.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\1.bin\S4FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\1.bin\S4FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\1.bin\S4NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\1.bin\S4NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\1.bin\S4PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\Cache\0002EA66 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\Cache\0002F320 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\Cache\0002F6CA.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\Cache\0002FC19.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\Arquivos de programas\MySearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully. C:\WINDOWS\netaps\windll.dll (Trojan.Banker) -> Quarantined and deleted successfully. C:\WINDOWS\system32\csrcs.exe (Trojan.Agent) -> Delete on reboot. ------------------------------------------ agora o hijackthis Logfile of HijackThis v1.99.1 Scan saved at 12:38:22, on 29/4/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\ARQUIV~1\AVG\AVG8\avgemc.exe C:\ARQUIV~1\AVG\AVG8\avgrsx.exe C:\ARQUIV~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\msnmsg.exe C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACL.EXE C:\WINDOWS\vsnpstd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\ARQUIV~1\AVG\AVG8\avgtray.exe C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE C:\WINDOWS\system32\wscntfy.exe C:\Arquivos de programas\TIM Web Movel\TIM Web Movel.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\DUDU\Desktop\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdmcks.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACL.EXE /P26 "EPSON Stylus CX3700 Series" /O6 "USB001" /M "Stylus CX3700" O4 - HKLM\..\Run: [sNPSTD2] C:\WINDOWS\vsnpstd2.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB002" /M "Stylus C45" O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunServices: [csrcs] C:\WINDOWS\system32\csrcs.exe O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\ARQUIV~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [OM_Monitor] C:\Arquivos de programas\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - HKCU\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /M "Stylus C45" /EF "HKCU" O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: QuickTV.lnk = C:\Arquivos de programas\AVerTV\QuickTV.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O14 - IERESET.INF: START_PAGE_URL=http://www.portalepc.com.br/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1230464388140 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1230464218890 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shock...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7E46E33C-542D-44BE-8F26-B4F26D0C3662}: NameServer = 189.40.224.5 189.38.95.95 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
  12. o vírus não aparece no avg e sempre aparece uma aba no navegador mandando eu clicar. um programa está sempre se auto instalando no meu computador e mesmo eu desinstalando ele depois reaparece. resultado: lentidão total! Logfile of HijackThis v1.99.1 Scan saved at 10:19:30, on 27/4/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.exe C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\ARQUIV~1\AVG\AVG8\avgemc.exe C:\WINDOWS\system32\csrcs.exe C:\ARQUIV~1\AVG\AVG8\avgrsx.exe C:\ARQUIV~1\AVG\AVG8\avgnsx.exe C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACL.EXE C:\WINDOWS\vsnpstd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\ARQUIV~1\AVG\AVG8\avgtray.exe C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE C:\Arquivos de programas\TIM Web Movel\TIM Web Movel.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\sol.exe C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe C:\ARQUIV~1\FREEDO~1\fdm.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\DUDU\Desktop\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://flvdirect.iamwired.net/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Arquivos de programas\MySearch\bar\1.bin\S4BAR.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: everyflv - {0ebdabfb-7284-9479-9b65-c1d8153d25e1} - C:\WINDOWS\system32\iPvJ4wAx_QsX7.dll O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdmcks.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: My Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Arquivos de programas\MySearch\bar\1.bin\S4BAR.DLL O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ink Monitor] C:\Arquivos de programas\EPSON\Ink Monitor\InkMonitor.exe O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACL.EXE /P26 "EPSON Stylus CX3700 Series" /O6 "USB001" /M "Stylus CX3700" O4 - HKLM\..\Run: [sNPSTD2] C:\WINDOWS\vsnpstd2.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB002" /M "Stylus C45" O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunServices: [csrcs] C:\WINDOWS\system32\csrcs.exe O4 - HKCU\..\Run: [PhotoShow Deluxe Media Manager] C:\ARQUIV~1\Ahead\NEROPH~1\data\Xtras\mssysmgr.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [OM_Monitor] C:\Arquivos de programas\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - HKCU\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I4T1.EXE /P23 "EPSON Stylus C45 Series" /M "Stylus C45" /EF "HKCU" O4 - HKCU\..\Run: [Mobile Partner] C:\Arquivos de programas\TIM Web Movel\TIM Web Movel.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: QuickTV.lnk = C:\Arquivos de programas\AVerTV\QuickTV.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O14 - IERESET.INF: START_PAGE_URL=http://www.portalepc.com.br/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1230464388140 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1230464218890 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shock...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7E46E33C-542D-44BE-8F26-B4F26D0C3662}: NameServer = 189.40.224.5 189.38.95.95 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
  13. gostaria de saber um programa que compacte o tamanho de músicas para que eu possa usar menos espaços no celular. conheçi um chamado wavpack 4.50, mas ele ñ funciona... acho que foi desativado... vocês conhecem algum?
  14. isso já mudou a bastante tempo. ele aumentaram a capacidade. veja só a mensagem que está lá: "Você pode fazer upload de arquivo JPG, GIF, BMP ou PNG (com 5 MB no máximo)." realmente é complicado... rs... brigadu pela paciência e pelo interesse...!
  15. eu diminui o tamanho para 517 KB (por exemplo) e mesmo assim não estão entrando. gostaria de tentar passar as fotos para esse formato VGA, mas como faço isso? brigadu pela atenção