Ir ao conteúdo
  • Cadastre-se
lcant

Dúvida se vírus foram removidos

Recommended Posts

Olá! O AVG detectou vários arquivos supostamente infectados no meu micro, mas não conseguia de jeito nenhum resolver. Então rodei o SDFix, e como o AVG parou de notificar sobre esse arquivos, acho que está limpo, mas eu queria ter certeza disso, por isso peço a ajuda de vocês para verificarem o log do SDFix e do HiJackThis p/ ver se realmente não tem mais nenhum arquivo malicioso no meu micro.

Log SDFix:SDFix: Version 1.167

Run by Administrador on dom 06/04/2008 at 13:10

Microsoft Windows XP [versÆo 5.1.2600]

Running From: C:\SDFix

Checking Services :

Name:

Google Online Services

nqaplwj

EVG72

Path:

C:\Documents and Settings\Administrador\ie_updates3r.exe -A

\??\C:\WINDOWS\nqaplwj.sys

\SystemRoot\System32\Drivers\Evg72.sys

Google Online Services - Deleted

nqaplwj - Deleted

EVG72 - Deleted

Restoring Windows Registry Values

Restoring Windows Default Hosts File

Rebooting

Checking Files :

Trojan Files Found:

C:\-53572~1 - Deleted

C:\WINDOWS\system32\svchost.t__ - Deleted

C:\WINDOWS\system32\WLCtrl32.dll - Deleted

C:\WINDOWS\nqaplwj.sys - Deleted

C:\WINDOWS\system32\drivers\EVG72.sys - Deleted

Folder C:\Arquivos de programas\Helper - Removed

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-04-06 13:21:35

Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GbpSv]

"Type"=dword:00000010

"Start"=dword:00000002

"ErrorControl"=dword:00000001

"ImagePath"=str(2):"C:\ARQUIV~1\GbPlugin\GbpSv.exe"

"DisplayName"="Gbp Service"

"Group"="GbPlugin Group"

"ObjectName"="LocalSystem"

"Description"="Service for G-Buster Browser Defense"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GbpSv\Security]

"Security"=hex:01,00,14,80,88,00,00,00,94,00,00,00,14,00,00,00,30,00,00,00,02,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\GbpSv]

"Type"=dword:00000010

"Start"=dword:00000002

"ErrorControl"=dword:00000001

"ImagePath"=str(2):"C:\ARQUIV~1\GbPlugin\GbpSv.exe"

"DisplayName"="Gbp Service"

"Group"="GbPlugin Group"

"ObjectName"="LocalSystem"

"Description"="Service for G-Buster Browser Defense"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\GbpSv\Security]

"Security"=hex:01,00,14,80,88,00,00,00,94,00,00,00,14,00,00,00,30,00,00,00,02,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Download]

"LastSuccessTime"="2008-04-06 15:23:39"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]

"TracesProcessed"=dword:000000ac

"TracesSuccessful"=dword:00000007

scanning hidden files ...

C:\WINDOWS\SoftwareDistribution\Download\1236c5d3c19418c6d2d55cdc76abafee

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 5

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\\Arquivos de programas\\Pinnacle\\Studio 10\\programs\\RM.exe"="C:\\Arquivos de programas\\Pinnacle\\Studio 10\\programs\\RM.exe:*:Enabled:Render Manager"

"C:\\Arquivos de programas\\Pinnacle\\Studio 10\\programs\\Studio.exe"="C:\\Arquivos de programas\\Pinnacle\\Studio 10\\programs\\Studio.exe:*:Enabled:Studio"

"C:\\Arquivos de programas\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"="C:\\Arquivos de programas\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"

"C:\\Arquivos de programas\\Pinnacle\\Studio 10\\programs\\umi.exe"="C:\\Arquivos de programas\\Pinnacle\\Studio 10\\programs\\umi.exe:*:Enabled:umi"

"C:\\Arquivos de programas\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe"="C:\\Arquivos de programas\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe:*:Disabled:MediaManager Application"

"C:\\Arquivos de programas\\MSN content crazy show\\CrazyMsnWinks.exe"="C:\\Arquivos de programas\\MSN content crazy show\\CrazyMsnWinks.exe:*:Disabled:Msn Content Crazy Show"

"C:\\WINDOWS\\system32\\sessmgr.exe"="C:\\WINDOWS\\system32\\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"

"C:\\Arquivos de programas\\NetMeeting\\conf.exe"="C:\\Arquivos de programas\\NetMeeting\\conf.exe:*:Enabled:Windows© NetMeeting©"

"C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe"="C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\\Arquivos de programas\\MSN Messenger\\livecall.exe"="C:\\Arquivos de programas\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\\Arquivos de programas\\utorrent\\utorrent.exe"="C:\\Arquivos de programas\\utorrent\\utorrent.exe:*:Enabled:æTorrent"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Arquivos de programas\\Grisoft\\AVG7\\avginet.exe"="C:\\Arquivos de programas\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"

"C:\\Arquivos de programas\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Arquivos de programas\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"

"C:\\Arquivos de programas\\Grisoft\\AVG7\\avgcc.exe"="C:\\Arquivos de programas\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"

"C:\\Arquivos de programas\\Grisoft\\AVG7\\avgemc.exe"="C:\\Arquivos de programas\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"

"C:\\Arquivos de programas\\Messenger\\msmsgs.exe"="C:\\Arquivos de programas\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\\Arquivos de programas\\IncrediMail\\bin\\ImApp.exe"="C:\\Arquivos de programas\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"

"C:\\Arquivos de programas\\IncrediMail\\bin\\IncMail.exe"="C:\\Arquivos de programas\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"

"C:\\Arquivos de programas\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Arquivos de programas\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"

"C:\\Arquivos de programas\\InCode Solutions\\RemoveIT Pro v4-Trial\\removeit.exe"="C:\\Arquivos de programas\\InCode Solutions\\RemoveIT Pro v4-Trial\\removeit.exe:*:Disabled:removeit"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe"="C:\\Arquivos de programas\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\\Arquivos de programas\\MSN Messenger\\livecall.exe"="C:\\Arquivos de programas\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files :

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Sat 20 Oct 2007 5,903,928 A..H. --- "C:\Arquivos de programas\Picasa2\setup.exe"

Sun 14 Oct 2007 56 A.SHR --- "C:\WINDOWS\system32\32BE95DBD5.sys"

Sun 14 Oct 2007 3,350 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"

Fri 18 Nov 2005 2,045 A..H. --- "C:\WINDOWS\system32\whlb32g.dll"

Fri 6 Jul 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"

Sun 10 Dec 2006 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"

Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4366a60ed78e633f2c559bb3e0ac3c12\BIT13.tmp"

Wed 23 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\523d056929e13eacf8392044f602e53e\BIT13.tmp"

Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8bfc499865f60096e9c722d09af67a8d\BITD.tmp"

Wed 23 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\afa5528a2269b5106016bdbc1ea3037f\BIT12.tmp"

Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b68fcafc158ba168047dabb5275b7e9c\BITB.tmp"

Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c47b175098f4144ba98888125fbffd0a\BITE.tmp"

Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d337e1ef3bd797cc758f30fd11b5919c\BIT14.tmp"

Mon 25 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\dfff249bc0d6c71b8609623e07886a3a\BIT12.tmp"

Wed 23 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f7db876e78b88fd8276fd7d29cb7e4eb\BIT11.tmp"

Finished!

Log HiJackThis

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:35:50, on 6/4/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\slmdmsr.exe

C:\WINDOWS\system32\svchost.exe

c:\arquivos de programas\pinnacle\shared files\programs\mediaserver\pmshost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\WINDOWS\system32\notepad.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\Mixer.exe

C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\InCode Solutions\RemoveIT Pro v4-Trial\removeit.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_09\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIV~1\GBPLUGIN\gbieh.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar3.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [svchosts.exe] C:\Windows\System32\svchosts.exe

O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [LightDialer] C:\Arquivos de programas\Velox\Discador\DISCADOR.EXE

O4 - HKCU\..\Run: [RemoveIT Pro XT] C:\Arquivos de programas\InCode Solutions\RemoveIT Pro v4-Trial\removeit.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\ARQUIV~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_09\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {0C7F3F20-8BAB-11D2-9432-00C04F8EF48F} (Downloadable Speech API) - http://activex.microsoft.com/activex/controls/sapi/spchapi.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.connect.com/XSL/mb_us/html/activexplayer/SMALStreaming.cab

O16 - DPF: {36C417C6-13C6-448B-9784-DD73A93B0582} (McAfee.com Download+Installer Class) - http://bin.mcafee.com/molbin/shared/mcinsctl/pt-br/4,0,0,83/mcinsctl.cab

O16 - DPF: {60E3EB33-933C-4D16-942E-EC508C3BED5A} (UploadFileCtrl Class) - http://www.uniko.com.br/upfile.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203917805000

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.com/molbin/shared/mcgdmgr/pt-br/1,0,0,20/mcgdmgr.cab

O16 - DPF: {CA141FD0-AC7F-11D1-97A3-0060082730FF} (Lernout & Hauspie TruVoice English Text to Speech Engine) - http://activex.microsoft.com/activex/controls/agent2/tv_enua.exe

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab

O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab

O20 - Winlogon Notify: GbPluginBb - C:\ARQUIV~1\GBPLUGIN\gbieh.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (antivirscheduler) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (antivirservice) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\arquivos de programas\pinnacle\shared files\programs\mediaserver\pmshost.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slmdmsr.exe

--

End of file - 9665 bytes

Já agradeço pela ajuda!!! :)

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×