Inactive TR/Spy.729600.4 can't be removed/erased

[Inactive] TR/Spy.729600.4 can't be removed/erased

Hello to everyone. This is my first post, and to be clear, I know very little (or nothing) about computer or programming, so please, be as clear and simple as possible.

My computer had recently some problems with quite a number of Trojan viruses and other malware, that my Avira AntiVir Personal - Free Antivirus , couldn't detect. And following a friend's advice, I tried using Avira AntiVir Rescue System (Date: 27 Sep 2010 - Version : 20100927184141) ,withot running Windows, and it did found 3 virus, but couldn't remove all.

Oddy, after that, my Avira suddently began to detect a lot of Malwares, and one of them is constantly accusing to be found, even after I choose to remove or move to quarentene, which is the TR/Spy.729600.4, and it's in a .dll inside the file system32.

Since I can't remove it , I simply ignored and left open the warning window, afraid that I might make things worse.

My computer is really bad, so this might not be the last request for help that I'll make.

Thanks.


DDS (Ver_10-03-17.01) - NTFSx86
Run by Yuri at 23:06:53,51 on seg 27/09/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.511.111 [GMT -3:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

E:\ARQUIV~1\GbPlugin\GbpSv.exe
E:\WINDOWS\system32\svchost -k DcomLaunch
E:\WINDOWS\system32\svchost -k rpcss
E:\WINDOWS\System32\svchost.exe -k netsvcs
E:\Arquivos de programas\Ahead\InCD\InCDsrv.exe
E:\WINDOWS\system32\svchost.exe -k NetworkService
E:\WINDOWS\system32\svchost.exe -k LocalService
E:\WINDOWS\system32\spoolsv.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe
E:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdateBeta.exe
E:\WINDOWS\system32\svchost.exe -k hpdevmgmt
E:\Arquivos de programas\Java\jre6\bin\jqs.exe
E:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\WINDOWS\System32\svchost.exe -k HPZ12
E:\WINDOWS\system32\nvsvc32.exe
E:\WINDOWS\System32\svchost.exe -k HPZ12
E:\WINDOWS\system32\svchost.exe -k imgsvc
E:\WINDOWS\system32\wdfmgr.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Arquivos de programas\Ahead\InCD\InCD.exe
E:\WINDOWS\system32\RUNDLL32.EXE
E:\Arquivos de programas\Winamp\winampa.exe
E:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
E:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe
E:\WINDOWS\System32\alg.exe
E:\Arquivos de programas\Messenger\msmsgs.exe
E:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe
E:\Arquivos de programas\McAfee Security Scan\2.0.181\SSScheduler.exe
E:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe
E:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\avscan.exe
E:\Arquivos de programas\Mozilla Firefox\firefox.exe
E:\Arquivos de programas\Winamp\winamp.exe
E:\Arquivos de programas\Avira\AntiVir Desktop\GUARDGUI.EXE
E:\WINDOWS\system32\wbem\wmiprvse.exe
E:\Documents and Settings\Yuri\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - e:\arquivos de programas\hp\smart web printing\hpswp_printenhancer.dll
BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - e:\arquivos de programas\hp\smart web printing\hpswp_framework.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - e:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: : {59631aed-54f6-41b1-9b86-dd89b0a4081b} - e:\windows\system32\dlo7d4.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - e:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540000} - e:\arquivos de programas\gbplugin\gbieh.dll
BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540008} - e:\arquiv~1\gbplugin\gbiehUni.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - e:\arquivos de programas\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - e:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [CTFMON.EXE] e:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "e:\arquivos de programas\messenger\msmsgs.exe" /background
uRunOnce: [FlashPlayerUpdate] e:\windows\system32\macromed\flash\FlashUtil10h_Plugin.exe -update plugin
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NeroFilterCheck] e:\windows\system32\NeroCheck.exe
mRun: [InCD] e:\arquivos de programas\ahead\incd\InCD.exe
mRun: [NvCplDaemon] RUNDLL32.EXE e:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE e:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [WinampAgent] "e:\arquivos de programas\winamp\winampa.exe "
mRun: [Adobe Reader Speed Launcher] "e:\arquivos de programas\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [HP Software Update] e:\arquivos de programas\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "e:\arquivos de programas\arquivos comuns\java\java update\jusched.exe "
mRun: [avgnt] "e:\arquivos de programas\avira\antivir desktop\avgnt.exe" /min
mRun: [Java developer Script Browse] e:\windows\jusched.exe
dRun: [CTFMON.EXE] e:\windows\system32\CTFMON.EXE
StartupFolder: e:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\hpdigi~1.lnk - e:\arquivos de programas\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: e:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\mcafee~1.lnk - e:\arquivos de programas\mcafee security scan\2.0.181\SSScheduler.exe
IE: E&xportar para o Microsoft Excel - e:\arquiv~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - e:\arquivos de programas\messenger\msmsgs.exe
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - e:\arquivos de programas\hp\smart web printing\hpswp_extensions.dll
IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - e:\arquivos de programas\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - e:\arquiv~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} - hxxps://clickbanking.unibanco.com.br/GbPlugin/cab/GbPluginUni.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - e:\arquiv~1\arquiv~1\skype\SKYPE4~1.DLL
Notify: GbPluginBb - e:\arquivos de programas\gbplugin\gbieh.dll
Notify: GbPluginUni - e:\arquiv~1\gbplugin\gbiehUni.dll
SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399008} - e:\arquiv~1\gbplugin\gbiehUni.dll
SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - e:\arquivos de programas\gbplugin\gbieh.dll

================= FIREFOX ===================

FF - ProfilePath - e:\docume~1\yuri\dadosd~1\mozilla\firefox\profiles\shwrx9js.default\
FF - prefs.js: browser.startup.homepage -
FF - component: e:\documents and settings\yuri\dados de aplicativos\mozilla\firefox\profiles\shwrx9js.default\extensions\{87f8774f-b485-47e2-a755-a40a8a5e886c}\components\GbMzhBb.dll
FF - plugin: e:\arquivos de programas\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: e:\arquivos de programas\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: e:\arquivos de programas\mozilla firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Java Console: No Registry Reference - e:\arquivos de programas\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
e:\arquivos de programas\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.lu ", true);
e:\arquivos de programas\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.nu ", true);
e:\arquivos de programas\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.nz ", true);
e:\arquivos de programas\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbaam7a8h ", true);
e:\arquivos de programas\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgberp4a5d4ar ", true);
e:\arquivos de programas\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--p1ai ", true);
e:\arquivos de programas\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.xn--mgbayh7gpa ", true);
e:\arquivos de programas\mozilla firefox\greprefs\all.js - pref( "network.IDN.whitelist.tel ", true);
e:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref ", true);
e:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.renego_unrestricted_hosts ", " ");
e:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.treat_unsafe_negotiation_as_broken ", false);
e:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl.require_safe_negotiation ", false);
e:\arquivos de programas\mozilla firefox\greprefs\security-prefs.js - pref( "security.ssl3.rsa_seed_sha ", true);
e:\arquivos de programas\mozilla firefox\defaults\pref\firefox-branding.js - pref( "app.update.url.manual ", "http://www.firefox.com ");
e:\arquivos de programas\mozilla firefox\defaults\pref\firefox-l10n.js - pref( "browser.fixup.alternate.suffix ", ".com.br ");

============= SERVICES / DRIVERS ===============

R?2 ojvqhudc; de filtro de reprodução de áudio digital de CDController;e:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]
R0 GbpKm;Gbp KernelMode;e:\windows\system32\drivers\GbpKm.sys [2002-1-1 45472]
R1 avgio;avgio;e:\arquivos de programas\avira\antivir desktop\avgio.sys [2010-8-29 11608]
R2 AntiVirSchedulerService;Avira AntiVir Programador;e:\arquivos de programas\avira\antivir desktop\sched.exe [2010-8-29 108289]
R2 AntiVirService;Avira AntiVir Guard;e:\arquivos de programas\avira\antivir desktop\avguard.exe [2010-8-29 185089]
R2 avgntflt;avgntflt;e:\windows\system32\drivers\avgntflt.sys [2010-8-29 56816]
R2 GbpSv;Gbp Service;e:\arquiv~1\gbplugin\GbpSv.exe [2002-1-1 55072]
R2 GoogleUpdateBeta;Google Update Service;e:\documents and settings\networkservice\configurações locais\dados de aplicativos\google\update\GoogleUpdateBeta.exe [2010-9-27 40960]
S1 zpbgucprrkl5;zpbgucprrkl5;e:\windows\system32\drivers\zpbgucprrkl5.sys --> e:\windows\system32\drivers\zpbgucprrkl5.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;e:\arquivos de programas\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

=============== Created Last 30 ================

2010-09-27 13:39:17 2335270 ----a-w- e:\windows\system32\a271.mht
2010-09-25 16:38:02 729600 ----a-w- e:\windows\system32\dlo7d4.dll.bak
2010-09-25 16:38:02 0 ----a-w- e:\windows\system32\dlo7D4.tmp
2010-09-17 05:30:56 0 d-----w- e:\arquivos de programas\AxBx
2010-08-30 02:53:41 56816 ----a-w- e:\windows\system32\drivers\avgntflt.sys
2010-08-30 02:53:37 0 d-----w- e:\docume~1\alluse~1\dadosd~1\Avira
2010-08-30 02:53:37 0 d-----w- e:\arquivos de programas\Avira

==================== Find3M ====================

2010-09-26 04:15:45 49586 ----a-w- e:\windows\system32\perfc016.dat
2010-09-26 04:15:45 347294 ----a-w- e:\windows\system32\perfh016.dat
2010-09-13 12:54:12 45472 ----a-w- e:\windows\system32\drivers\GbpKm.sys

============= FINISH: 23:11:01,78 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 28/5/2009 11:37:43
System Uptime: 27/9/2010 22:13:35 (1 hours ago)

Motherboard: ASUSTeK Computer INC. | | A7N8X-X
Processor: AMD Athlon(tm) | Socket A | 1243/100mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 55,13 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 56 GiB total, 22,944 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================


==== Installed Programs ======================

32 Bit HP CIO Components Installer
3600_Help
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1 - Português
Arquivo do WinRAR
Assistente de Conexão do Windows Live
Atualização de Segurança para Windows Internet Explorer 8 (KB972260)
Atualização para Windows Internet Explorer 8 (KB973874)
Avira AntiVir Personal - Free Antivirus
BitTorrent
BPD_Scan
BPDSoftware
BPDSoftware_Ini
BufferChm
CEP (Color Enable Package) v.9.2 (beta)
Clean Virus MSN
Colour Options 2.0 (beta) for The Sims 2 (and Sims 2 University
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DocProc
Drivers para NVIDIA Windows 2000/XP nForce
Fax
Ferramenta de Carregamento do Windows Live
Free YouTube to Mp3 Converter version 2.4
Furcadia
HP Customer Participation Program 8.0
HP Imaging Device Functions 9.0
HP OCR Software 9.0
HP Officejet J3600 Series
HP Photosmart Essential
HP Product Assistant
HP Scanjet G2410 9.0
HP Smart Web Printing
HP Solution Center 9.0
HP Update
hpg2410
hpg2410QFolder
HPProductAssistant
HPSSupply
IRPF2009 - Declaração de Ajuste Anual e Final de Espólio
IRPF2010 - Declaração de Ajuste Anual e Final de Espólio
J3600
Java Auto Updater
Java(TM) 6 Update 20
K-Lite Codec Pack 5.0.5 (Full)
MarketResearch
McAfee Security Scan Plus
Messenger Plus! Live
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Professional Edição 2003
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.5.13)
MSVCRT
Nero Suite
NVIDIA Drivers
Pacote de Compatibilidade para o sistema Office 2007
PanoStandAlone
ProductContext
PSpice Student 9.1
Real Alternative 1.9.0
Realtek AC'97 Audio
REALTEK GbE & FE Ethernet PCI NIC Driver
Receitanet Java 2010.02a
Scan
ScannerCopy
Segoe UI
SimPE 0.42 (alpha)
Skype web features
Skypeâ„¢ 4.1
SolutionCenter
Status
The Sims 2
The Sims 2 - Aberto Para Negócios
The Sims 2 Diversão em Família Coleção de Objetos
The Sims 2 Vida de Universitário
The Sims 2: Vida Noturna
The Sims Deluxe
The Sims™ 2 Bichos de Estimação
The Simsâ„¢ 2 Bon Voyage
The Sims™ 2 Celebrações! Coleção de Objetos
The Sims™ 2 Cozinhas & Banheiros Design de Interiores Coleção de Objetos
The Sims™ 2 Estilo Teen Coleção de Objetos
The Sims™ 2 Glamour Coleção de Objetos
The Simsâ„¢ 2 H&M® Fashion Coleção de Objetos
The Simsâ„¢ 2 Lar IKEA® - Coleção de Objetos
The Sims™ 2 Mansões e Jardins Coleção de Objetos
The Sims™ 2 Quatro Estações
The Simsâ„¢ 2 Tempo Livre
The Simsâ„¢ 2 Vida de Apartamento
Toolbox
TrayApp
Uninstall 1.0.0.0
Visual C++ 8.0 Runtime Setup Package
WebFldrs XP
WebReg
Winamp
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Media Format Runtime

==== End Of File ===========================