Virus :S

W

wilson86

Power Member
Boas reenemente apanhei umirus dnome autorun.inf..tive a pesquizar na net eelimnei da seguinte forma --->http://www.youtube.com/watch?v=vK1dUQ-TGf8
e os problemas continuram...comptador por vezes bloqueia e tenho de fazer reset...actualizaçoes automaticas do windows off e impossivel de ligar...bloqueio de cockies tambem nao ha...meto nivel medio ...aplicar..ok ..e basta fexar a pagina do I.E. e quando la vou ta novamente pa aceitar todos os cookies... nao consigo desfragmentar..restaurar?so aparece uma data disponivel que foi criada depois de apanhar o virus enfim..ja corri antivirus ( avg8) ...CCleaner...Norton windoctor modo de segrança?nada..nem entra.consigo entrar na bios e..e... corri o HijackThis ( nao percebo mt sobre este programa mas vou por aki em baixo o logfile)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:47:19, on 11-12-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
E:\avgtray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programas\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
E:\avgwdsvc.exe
C:\Programas\Java\jre6\bin\jqs.exe
F:\Nero 8.0\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
E:\avgrsx.exe
E:\avgemc.exe
C:\Programas\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\wilson\Ambiente de trabalho\verificadorpvt.exe
C:\Programas\Windows Live\Messenger\usnsvc.exe
C:\Programas\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\rundll32.exe
E:\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.record.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - E:\avgtoolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] E:\avgtray.exe
O4 - HKLM\..\Run: [5845c44a] rundll32.exe "C:\WINDOWS\system32\pexhymia.dll",b
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 7247281312
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9B7ACFC-EC22-4F74-B9C7-85C481D8A145}: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\avgpp.dll
O20 - AppInit_DLLs: ,avgrsstx.dll uuobuy.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - E:\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - E:\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Nero 8.0\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

--
End of file - 5021 bytes

ja pa nao falar que ao escrever muit rapido isto come-me letras... enfim... http://www.*****.net/forum/images/smilies/question.gif


AsRock 4COREDUAL-VSTA
500 GB Maxtor 32mb
Intel P4 3.2 Mhz
2 x 1024 MB Kingston 667 Mhz DDRII
Shappire ATI 3850 HD 256 DDRIII
Logitech X-530
Power Supply 700W
 
wilson86 disse:
...
Clicar para expandir...
 Comece por criar um ponto de restauro fresco.

 Descarregue e instale os seguintes programas:

A versão Slim do CCleaner (sem toolbar):
http://www.ccleaner.com/download/builds.aspx

SUPERAntiSpyware FREE

Depois de instalados os programas acima, reinicie em Modo de Segurança depois de pressionar F8 ao arrancar o sistema, faça um scan com o HJT e seleccione as seguintes entradas para limpar (clique no quadradinho à esquerda de cada uma):
Código: 
O4 - HKLM\..\Run: [5845c44a] rundll32.exe "C:\WINDOWS\system32\pexhymia.dll",b
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9B7ACFC-EC22-4F74-B9C7-85C481D8A145}: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O20 - AppInit_DLLs: ,avgrsstx.dll uuobuy.dll
Faça a limpeza clicando em Fix checked, confirme se necessário e encerre o HJT.

 Reinicie o sistema de e arranque com o CCleaner usando o ícone no ambiente de trabalho, seleccione todas as entradas nos separadores Windows e Applications e clique no botão Run cleaner.

Terminada a limpeza reinicie o sistema em Modo Normal.

Arranque o SUPERAntiSpyware utilizando o ícone criado no ambiente de trabalho.

Actualize as definições clicando no botão Check for Updates...

Terminada a actualização clique em Preferences, depois no separador Scanning Control, em Scanner Options, assegure-se que selecciona

- Close browsers before scanning.
- Scan for tracking cookies.
- Terminate memory threats before quarantining.

E desmarque todos os outros. Agora clique em Close para sair deste menu.

Clique em Scan your Computer..., seleccione Perform Complete Scan, clique em Next e aguarde pacientemente até lhe ser apresentado um relatório dos itens encontrados. Clique em OK e Next para confirmar a limpeza.

 Se estiver a usar o Spybot S&D e o SpywareBlaster, desactive as imunizações antes de fazer o scan com o SUPERAntiSpyware.
Encerre o programa, reinicie o PC.

 Reinstale o AVG e teste.

Coloque um novo log do HJT.
Zee
 
tambem nao consigo entrar no modo de segurança como tb ja tinha dito... :S

nao ha maneira de fazer esses passos sem ser em modo de segurança ? :S
 
Bem fiz isso tudo e matei os bixinhos todos..lol
mas continuo a n conseguir criar pontos de restauro e quando tento fazer updates da microsoft continua a dar erro..mas ja consegui ligar as actualizaçoes automaticas do windows e ja consigo tambem bloquear os cockies essas cenas.. o pc tambem ja ta mais rapido..o anti-spy detectou so 76 trojans e etc..lol

agora so falta correr o avg..mas trato disso amanha..Mt Obrigado pela ajuda
aki vai o logfile do HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:18:55, on 13-12-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
E:\SuperSpyware\SUPERAntiSpyware.exe
C:\Programas\Java\jre6\bin\jqs.exe
F:\Nero 8.0\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\msiexec.exe
C:\Programas\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\wilson\Ambiente de trabalho\verificadorpvt.exe
C:\Programas\Windows Live\Messenger\usnsvc.exe
E:\AVG8\avgwdsvc.exe
E:\AVG8\avgrsx.exe
E:\AVG8\avgemc.exe
E:\AVG8\avgtray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programas\Internet Explorer\IEXPLORE.EXE
E:\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.record.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\AVG8\avgssie.dll
O2 - BHO: (no name) - {4E007A5F-299F-44FC-8B6B-F06B61867A2E} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] E:\AVG8\avgtray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\SuperSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1207247281312
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9B7ACFC-EC22-4F74-B9C7-85C481D8A145}: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - E:\SuperSpyware\SASWINLO.dll
O20 - Winlogon Notify: cbXNETJc - cbXNETJc.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - E:\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - E:\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Nero 8.0\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
--
End of file - 5538 bytes
 
O que é isto?

C:\Documents and Settings\wilson\Ambiente de trabalho\verificadorpvt.exe

Descarregue instale e actualize o Malwarebytes Anti-Malware.

Desligue o PC da internet e com o HJT faça um fix às seguintes entradas:
Código: 
O2 - BHO: (no name) - {4E007A5F-299F-44FC-8B6B-F06B61867A2E} - (no file)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9B7ACFC-EC22-4F74-B9C7-85C481D8A145}: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.51;85.255.112.96
O20 - Winlogon Notify: cbXNETJc - cbXNETJc.dll (file missing)
Arranque o Malwarebytes Anti-Malware usando o respectivo ícone no ambiente de trabalho e faça um scan total. Aguarde pacientemente e sigas as instruções para limpar tudo o que encontrar.

Reinicie o sistema e coloque aqui um novo log.

Zee
 
Bem parece que desta vez ficou mesmo resolvido

ja consigo criar pontos de restauro ,ja consegui actualizar o antivirus e tambem ja consigo sacar as actualizaçoes da microsoft

aki vai o log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:26:39, on 13-12-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
E:\AVG8\avgwdsvc.exe
C:\Programas\Java\jre6\bin\jqs.exe
F:\Nero 8.0\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe
E:\AVG8\avgrsx.exe
E:\AVG8\avgtray.exe
E:\AVG8\avgemc.exe
C:\Programas\Java\jre6\bin\jusched.exe
C:\Programas\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
E:\SuperSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programas\Internet Explorer\IEXPLORE.EXE
E:\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.record.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AVG8_TRAY] E:\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\SuperSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1207247281312
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - E:\SuperSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - E:\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - E:\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Nero 8.0\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
--
End of file - 5024 bytes


ta td ok?
 
carrego insistentemente no f8 e ele segue para o windows normalmente..houve uma altura em que pensei que inicialmente nao me reconhecia o teclado..mas tentei ir a bios e consegui ...:S
 
AsRock 4COREDUAL-VSTA
500 GB Maxtor 32mb
Intel P4 3.2 Mhz
2 x 1024 MB Kingston 667 Mhz DDRII
Shappire ATI 3850 HD 256 DDRIII
Logitech X-530
Power Supply 700W
 
wilson86 disse:
AsRock 4COREDUAL-VSTA
500 GB Maxtor 32mb
Intel P4 3.2 Mhz
2 x 1024 MB Kingston 667 Mhz DDRII
Shappire ATI 3850 HD 256 DDRIII
Logitech X-530
Power Supply 700W
Clicar para expandir...
Para além das teclas F, tente também pressionar a tecla CTRL no arranque do sistema e mantê-la pressionada até aparecer o menu de opções de arranque.

Zee
 
sorry pela ausencia de noticias ..o tempo nao tem sido mt ultimamente..lol
Bem ate agora ta tudo ok do que ja vi..excepto o modo de segurança k nao consigo entrar de maneira nenhuma...:X

experimentei carregar na tecla ctr mas nd....
 
wilson86 disse:
sorry pela ausencia de noticias ..o tempo nao tem sido mt ultimamente..lol
Bem ate agora ta tudo ok do que ja vi..excepto o modo de segurança k nao consigo entrar de maneira nenhuma...:X

experimentei carregar na tecla ctr mas nd....
Clicar para expandir...
Arranque com o SUPERAntiSpyware.

Clique em Preferences, seleccione o separador Repairs, na listagem localize a opção Repair broken SafeBoot key e clique no botão Perform Repair...

Terminada a reparação, reinicie o sistema e pressione F8 ao arrancar, consegue entrar em Modo de Segurança?

Zee
 
Inicie sessão ou registe-se para poder participar.
Back
Topo