Ir ao conteúdo
  • Cadastre-se

jana_phb

Membros Plenos
  • Total de itens

    8
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

0

Sobre jana_phb

  • Data de Nascimento 28/06/1970 (49 anos)

Informações gerais

  • Cidade e Estado
    phb, pi
  1. fiquei com medo de que acontecesse alguma coisa mais séria com o computador então resolvi formatar o disco 'C' e reinstalei o windows, baixei os programas e tal, tava funcionando beleza. Mas no mesmo dia logo apos eu ter reiniciado o computador, acontece os mesmos problemas, nenhum programa aparece na área de trabalho, quando eu clico com o botão direito na area de trabalho não acontece nada, não tem como entrar no painel de controle, o disco 'D' só aparece se eu escrever "d:\" no windows explorer (não é automatico); e tem vezes que quando eu clico aparece "operação cancelada devido a restrições existentes no computador. Contate o administrador do sistema", sendo que só tem um computador, ou seja sou o administrador. eu não formatei o disco "D", mas passei o kaspersky e não foi encontrado nenhum virus; o que eu acho mais estranho é que o mesmo problema continua mesmo após a formatação. Por favor me ajudem.. _____________________ Logfile of HijackThis v1.99.1 Scan saved at 17:41:20, on 3/7/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Arquivos de programas\Java\jre1.5.0_02\bin\jusched.exe C:\Arquivos de programas\Java\jre1.5.0_02\bin\jucheck.exe C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Arquivos de programas\Arquivos comuns\Adobe\Updater5\AdobeUpdater.exe C:\Arquivos de programas\WinRAR\WinRAR.exe C:\DOCUME~1\Leyla\CONFIG~1\Temp\Rar$EX71.860\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_02\bin\jusched.exe O4 - HKLM\..\Run: [Amok Eggs Four Web] C:\Documents and Settings\All Users\Dados de aplicativos\part dead amok eggs\poll ace.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AVP] "C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bin this] C:\DOCUME~1\Leyla\DADOSD~1\IDLEFI~1\Itch Platform.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Estatísticas do Antivírus da Web - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{4C031083-DA41-4EE2-BCDA-90DCAF750A93}: NameServer = 192.168.11.3 O17 - HKLM\System\CS1\Services\Tcpip\..\{4C031083-DA41-4EE2-BCDA-90DCAF750A93}: NameServer = 192.168.11.3 O17 - HKLM\System\CS2\Services\Tcpip\..\{4C031083-DA41-4EE2-BCDA-90DCAF750A93}: NameServer = 192.168.11.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe
  2. ontem o pc tava normal, aí hj ele pirou. no dekstop não aparece nenhum programa, só quando eu abro o windows explorer e clico em 'dekstop', e quando eu tô no dekstop e clico com o botão direito não aparece nada. e o meu hd ele é particionado (?), então tinha o 'C' e o 'D', mas só estava aparecendo o 'C'; então eu fui em 'executar' e digitei 'D:/' aí ele achou o 'D', mas só depois de ter feito isso. eu tenho o NOD32 mas ele não achou nenhum vírus, mas mesmo assim, tudo indica que tem vírus sim. e o pior é que ele tinha sido formatado ha pouco tempo. por favor me ajudem. _________________________________________ Logfile of HijackThis v1.99.1 Scan saved at 10:48:37, on 2/7/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\Free Download Manager\fdm.exe C:\Arquivos de programas\WinRAR\WinRAR.exe C:\Arquivos de programas\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\DOCUME~1\Janaina\CONFIG~1\Temp\Rar$EX05.141\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cade.search.yahoo.com/ O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Arquivos de programas\Free Download Manager\iefdm2.dll O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Arquivos de programas\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.15\AMVConverter\grab.html O8 - Extra context menu item: Baixar com o FDM - file://C:\Arquivos de programas\Free Download Manager\dllink.htm O8 - Extra context menu item: Baixar tudo com o FDM - file://C:\Arquivos de programas\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selecionado pelo FDM - file://C:\Arquivos de programas\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.15\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{CCC95980-5A8D-431C-8DFC-6910A699A341}: NameServer = 192.168.11.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe
  3. jana_phb

    Infectada?

    não inicia no modo de segurança; sempre que eu boto no modo de segurança o computador reinicia e não dá pra fazer nada.
  4. jana_phb

    Infectada?

    ComboFix 08-01-10.2 - Janaynna 2008-01-09 19:39:42.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.283 [GMT -3:00] Executando de: C:\Documents and Settings\Janaynna\Desktop\ComboFix.exe Command switches used :: and Settings\Janaynna\Desktop\ComboFix.exe * Criado um novo ponto de restauro . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Arquivos de programas\ActivationManager C:\Arquivos de programas\ActivationManager\Uninstall.exe C:\WINDOWS\system32\MEGATRON.ini C:\WINDOWS\system32\prls.dll . ((((((((((((((((((((((( Ficheiros criados de 2007-12-10 to 2008-01-10 )))))))))))))))))))))))))))))))) . 2008-01-09 19:39 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-09 17:45 . 2008-01-09 17:48 <DIR> d-------- C:\Arquivos de programas\Redacao 2008-01-09 17:33 . 2007-09-26 12:23 <DIR> d--h----- C:\Documents and Settings\Administrador\Modelos 2008-01-09 17:33 . 2007-09-26 12:12 <DIR> d-------- C:\Documents and Settings\Administrador\Meus documentos 2008-01-09 17:33 . 2007-09-26 12:12 <DIR> dr------- C:\Documents and Settings\Administrador\Menu Iniciar 2008-01-09 17:33 . 2007-09-26 12:12 <DIR> d-------- C:\Documents and Settings\Administrador\Favoritos 2008-01-09 17:33 . 2007-09-26 12:12 <DIR> dr-h----- C:\Documents and Settings\Administrador\Dados de aplicativos 2008-01-09 17:33 . 2007-09-26 12:12 <DIR> d--h----- C:\Documents and Settings\Administrador\Configurações locais 2008-01-09 17:33 . 2007-09-26 12:12 <DIR> d--h----- C:\Documents and Settings\Administrador\Ambiente de rede 2008-01-09 17:33 . 2007-09-26 12:12 <DIR> d--h----- C:\Documents and Settings\Administrador\Ambiente de impressão 2008-01-04 23:07 . 2008-01-04 23:07 <DIR> d-------- C:\Arquivos de programas\VID_0E8F&PID_0003 2008-01-04 14:52 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2008-01-04 14:52 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys 2008-01-04 14:24 . 2008-01-04 14:24 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Thraex Software 2008-01-03 14:23 . 2008-01-04 14:24 202,960 --a------ C:\WINDOWS\ADDONS SITECS (NONSTEAM) Uninstaller.exe 2008-01-02 20:28 . 2008-01-02 20:28 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-01-02 20:28 . 2008-01-02 20:28 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Kaspersky Lab 2008-01-02 18:08 . 2008-01-02 18:08 <DIR> d-------- C:\Arquivos de programas\Trend Micro 2007-12-25 20:58 . 2007-12-25 20:58 <DIR> d-------- C:\Arquivos de programas\MP3 Player Utilities 4.15 2007-12-24 01:40 . 2007-12-24 14:15 <DIR> d-------- C:\Arquivos de programas\BulletProofSoft.com 2007-12-23 23:28 . 2007-12-23 23:37 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy 2007-12-23 13:38 . 2007-12-23 13:37 1,555,456 --a------ C:\WINDOWS\system32\Kernel32.ocx 2007-12-23 13:38 . 2007-12-23 13:38 11,968 --a------ C:\WINDOWS\foto.jpg 2007-12-22 01:54 . 2007-12-22 01:54 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\xing shared 2007-12-22 01:54 . 2007-12-22 01:54 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Real 2007-12-22 01:53 . 2007-12-22 02:25 <DIR> d-------- C:\Arquivos de programas\K-Lite Codec Pack 2007-12-20 12:38 . 2007-12-20 12:38 <DIR> d-------- C:\Documents and Settings\Janaynna\Dados de aplicativos\Sonic Foundry 2007-12-20 12:38 . 2007-12-20 12:38 <DIR> d-------- C:\Arquivos de programas\Sonic Foundry 2007-12-20 12:37 . 2007-12-20 12:37 <DIR> d-------- C:\Program Files 2007-12-20 12:34 . 2007-12-20 12:34 <DIR> d-------- C:\WINDOWS\Profiles 2007-12-20 12:34 . 2007-12-20 12:34 <DIR> d-------- C:\Documents and Settings\Janaynna\Dados de aplicativos\InterTrust 2007-12-20 12:33 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-12-20 12:31 . 2007-12-20 12:31 <DIR> d-------- C:\Arquivos de programas\Panasonic 2007-12-20 12:31 . 2002-01-06 15:48 974,848 --a------ C:\WINDOWS\system32\mfc70.dll 2007-12-20 12:31 . 2002-08-29 04:16 487,424 --a------ C:\WINDOWS\system32\msvcp70.dll 2007-12-20 12:31 . 2002-01-06 14:37 344,064 --a------ C:\WINDOWS\system32\msvcr70.dll 2007-12-20 12:31 . 2006-06-05 23:11 7 --a------ C:\WINDOWS\system32\Voicechs.dll 2007-12-16 14:42 . 2008-01-09 00:01 <DIR> d-------- C:\Arquivos de programas\Valve 2007-12-14 20:19 . 2007-12-14 20:19 777 --a------ C:\WINDOWS\system32\Partizan.RRI 2007-12-14 20:19 . 2007-12-14 22:46 59 --a------ C:\WINDOWS\plugin.fax 2007-12-13 17:55 . 2007-12-13 17:55 <DIR> d-------- C:\Documents and Settings\Janaynna\WINDOWS 2007-12-13 17:55 . 2007-12-13 17:56 <DIR> d-------- C:\Arquivos de programas\W3e 2000 2007-12-13 17:55 . 1998-10-01 15:22 299,520 --a------ C:\WINDOWS\uninst.exe 2007-12-13 17:55 . 1997-09-04 19:17 250,880 --a------ C:\WINDOWS\system32\NViewLib.dll 2007-12-12 11:54 . 2007-12-12 11:54 268 --ah----- C:\sqmdata19.sqm 2007-12-12 11:54 . 2007-12-12 11:54 244 --ah----- C:\sqmnoopt19.sqm 2007-12-11 23:25 . 2007-12-11 23:25 268 --ah----- C:\sqmdata18.sqm 2007-12-11 23:25 . 2007-12-11 23:25 244 --ah----- C:\sqmnoopt18.sqm 2007-12-11 22:20 . 2007-12-11 22:20 268 --ah----- C:\sqmdata17.sqm 2007-12-11 22:20 . 2007-12-11 22:20 244 --ah----- C:\sqmnoopt17.sqm 2007-12-11 20:27 . 2007-12-11 20:27 268 --ah----- C:\sqmdata16.sqm 2007-12-11 20:27 . 2007-12-11 20:27 244 --ah----- C:\sqmnoopt16.sqm 2007-12-11 15:35 . 2007-12-11 15:35 268 --ah----- C:\sqmdata15.sqm 2007-12-11 15:35 . 2007-12-11 15:35 244 --ah----- C:\sqmnoopt15.sqm 2007-12-11 13:06 . 2007-12-11 13:06 268 --ah----- C:\sqmdata14.sqm 2007-12-11 13:06 . 2007-12-11 13:06 244 --ah----- C:\sqmnoopt14.sqm 2007-12-11 10:01 . 2007-12-11 10:01 268 --ah----- C:\sqmdata13.sqm 2007-12-11 10:01 . 2007-12-11 10:01 244 --ah----- C:\sqmnoopt13.sqm 2007-12-10 21:40 . 2007-12-10 21:40 268 --ah----- C:\sqmdata12.sqm 2007-12-10 21:40 . 2007-12-10 21:40 244 --ah----- C:\sqmnoopt12.sqm 2007-12-10 13:53 . 2007-12-10 13:53 268 --ah----- C:\sqmdata11.sqm 2007-12-10 13:53 . 2007-12-10 13:53 244 --ah----- C:\sqmnoopt11.sqm 2007-12-10 10:52 . 2007-12-10 10:52 268 --ah----- C:\sqmdata10.sqm 2007-12-10 10:52 . 2007-12-10 10:52 244 --ah----- C:\sqmnoopt10.sqm . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-09 20:46 --------- d-----w C:\Documents and Settings\Janaynna\Dados de aplicativos\LimeWire 2008-01-05 02:07 --------- d--h--w C:\Arquivos de programas\InstallShield Installation Information 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\yrmogb.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\ylxk.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\xvmhfbjrb.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\xtvjqy.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\wipbab.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\uhmrxjvkyfldu.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\tvbsy.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\tcivhskldlvh.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\tbfatvuj.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\syqjucrygwr.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\swjhlkrueqvvd.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\stsse.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\rogl.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\rjacvljypornj.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\renawvk.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\rcoptk.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\qiih.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\pmixaxqtb.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\pbgdkfyckiirj.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\owamnjfqyurc.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\oqxac.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\ogwdqx.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\nyruyhwgvt.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\neujs.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\mwct.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\musoeerenubbn.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\mkgrc.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\keac.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\jxnqpbc.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\jpifvkesha.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\jafmk.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\iyat.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\isgcoaeftpkua.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\iqsf.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\hrjxwsx.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\hknpnapqs.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\gvtlwsvscah.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\gtlqgyscxlim.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\gfpikee.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\fwsyvvrkgf.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\fvjg.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\frmgpihny.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\fqnw.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\fqbfritudova.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\fdgjcu.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\evhkiqvehj.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\enjmdvfiurj.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\ekkpm.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\ekcycmpr.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\efmlyhgtxymu.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\edajgyc.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\dnfqaxrt.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\cuglhadssvn.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\cpryjtiq.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\catsmxj.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\boaswvygia.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\bjfwuciwj.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\bchxdgpkcr.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\baawhuiajli.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\asffvjfn.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\amdilgdqgb.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\akxdnihss.exe 2007-12-23 16:37 835,491 ----a-w C:\WINDOWS\aewyanhpyjicl.exe 2007-12-20 15:31 --------- d-----w C:\Arquivos de programas\Arquivos comuns\InstallShield 2007-11-23 20:01 --------- d-----w C:\Arquivos de programas\MSN Messenger 2007-11-16 17:42 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe 2007-11-16 17:39 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Adobe Systems 2007-11-16 17:38 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared 2007-11-15 20:53 --------- dcsh--w C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller 2007-11-15 20:52 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\WLInstaller 2007-11-15 20:11 --------- d-----w C:\Arquivos de programas\Windows Live 2007-11-15 02:51 --------- d-----w C:\Documents and Settings\Janaynna\Dados de aplicativos\Nero 2007-11-15 02:51 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Ahead 2007-11-14 19:01 --------- d-----w C:\Arquivos de programas\Messenger Plus! Live 2007-11-14 17:48 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Avg7 2007-11-13 21:22 --------- d-----w C:\Documents and Settings\Janaynna\Dados de aplicativos\AVG7 2007-11-08 19:45 20,784 -c--a-w C:\Documents and Settings\Janaynna\Dados de aplicativos\GDIPFONTCACHEV1.DAT 2003-03-21 16:37 16,056 -c--a-w C:\Arquivos de programas\owcstp16.dll . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* entradas vazias & legítimas por defeito não são mostradas. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" [2007-01-19 11:54 5674352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMax"="C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe" [2004-09-23 12:41 860160] "VIPv3_Auto_Update"="" [] "VisualTooltip"="" [] "Vistadrv"="" [] "TkBellExe"="C:\Arquivos de programas\K-Lite Codec Pack\Real\Update_OB\realsched.exe" [2007-12-22 01:53 180269] "Microsoft Windows"="C:\WINDOWS\cmd.dll" [ ] "msmsgs.exe"="msmsgs.exe" [] "WinLoader"="uhmrxjvkyfldu.exe" [2007-12-23 13:37 835491 C:\WINDOWS\uhmrxjvkyfldu.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "WinLoader"="uhmrxjvkyfldu.exe" [2007-12-23 13:37 835491 C:\WINDOWS\uhmrxjvkyfldu.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [2004-08-03 23:45 1667584] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "RunStartupScriptSync"= 0 (0x0) "SynchronousMachineGroupPolicy"= 0 (0x0) "SynchronousUserGroupPolicy"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"= 1 (0x1) "NoStrCmpLogical"= 1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMBalloonTip"= 1 (0x1) "MemCheckBoxInRunDlg"= 0 (0x0) "NoAutoTrayNotify"= 0 (0x0) "NoResolveTrack"= 0 (0x0) "NoResolveSearch"= 1 (0x1) "NoWelcomeScreen"= 1 (0x1) "NoRecentDocsNetHood"= 1 (0x1) "NoDesktopCleanupWizard"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{E37CB5F0-51F5-4395-A808-5FA49E399F83}"= C:\Arquivos de programas\GbPlugin\gbieh.dll [2007-08-08 14:29 209224] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk] backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] --a--c--- 2003-12-22 08:38 241664 C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a--c--- 2004-05-12 17:30 49152 C:\Arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] --a--c--- 2004-05-12 17:30 172032 C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers] --a--c--- 2005-09-20 10:36 114688 C:\WINDOWS\System32\igfxpers.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\K-Lite Nitro] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] --a------ 2007-01-19 11:54 5674352 C:\Arquivos de programas\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX] --a------ 2004-09-23 12:41 860160 C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] --a--c--- 2004-10-14 09:11 1388544 C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] C:\ARQUIV~1\Yahoo!\MESSEN~1\YAHOOM~1.exe R2 GbpSv;Gbp Service;C:\Arquivos de programas\GbPlugin\GbpSv.exe [2007-08-08 14:29] R3 usbprint;Microsoft USB PRINTER Class;C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 22:01] *Newly Created Service* - PROCEXP90 . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-10 19:40:44 Windows 5.1.2600 Service Pack 2 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros ocultos ... Varredura completada com sucesso Ficheiros ocultos: 0 ************************************************************************** . Tempo para conclusão: 2008-01-10 19:41:14 ComboFix-quarantined-files.txt 2008-01-10 22:40:58 ____________________________________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:44:35, on 10/1/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\GbPlugin\GbpSv.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe C:\Arquivos de programas\K-Lite Codec Pack\Real\Update_OB\realsched.exe C:\Arquivos de programas\MSN Messenger\msnmsgr.exe C:\WINDOWS\uhmrxjvkyfldu.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\explorer.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.cade.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://br.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://br.search.yahoo.com R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: 1 localhost O1 - Hosts: 170.66.1.60 www14.bancobrasil.com.br # GbPlugin O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll O4 - HKLM\..\Run: [soundMax] "C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\K-Lite Codec Pack\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Microsoft Windows] C:\WINDOWS\cmd.dll O4 - HKLM\..\Run: [msmsgs.exe] msmsgs.exe O4 - HKLM\..\Run: [WinLoader] uhmrxjvkyfldu.exe O4 - HKLM\..\RunServices: [WinLoader] uhmrxjvkyfldu.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background (User 'Default user') O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Add to AMV Convert Tool... - D:\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.15\AMVConverter\grab.html O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.15\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\WINDOWS\system32\SHDOCVW.DLL O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\WINDOWS\system32\SHDOCVW.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{790F7E28-DDBC-4CD5-89CA-B5855AB59720}: NameServer = 201.30.63.2,201.30.63.3 O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 5285 bytes
  5. jana_phb

    Infectada?

    eu fiz isso aí do killbox, e reiniciei. mas quando tentei abrir no modo de segurança ele reiniciou só. não tá dando pra entrar no modo de segurança; e não tem algumas das entradas que você botou. tá aí o log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:56:41, on 8/1/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\GbPlugin\GbpSv.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe C:\Arquivos de programas\Eset\nod32kui.exe C:\Arquivos de programas\K-Lite Codec Pack\Real\Update_OB\realsched.exe C:\Arquivos de programas\MSN Messenger\msnmsgr.exe C:\Arquivos de programas\Eset\nod32krn.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\efmlyhgtxymu.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\WinRAR\WinRAR.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.cade.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://br.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://br.search.yahoo.com R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: Shell=explorer.exe efmlyhgtxymu.exe F3 - REG:win.ini: run=C:\WINDOWS\Regedit.ocx, enjmdvfiurj.exe, hrjxwsx.exe, efmlyhgtxymu.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - (no file) O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll O4 - HKLM\..\Run: [soundMax] "C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\K-Lite Codec Pack\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Microsoft Windows] C:\WINDOWS\cmd.dll O4 - HKLM\..\Run: [msmsgs.exe] msmsgs.exe O4 - HKLM\..\Run: [WinLoader] efmlyhgtxymu.exe O4 - HKLM\..\RunServices: [WinLoader] efmlyhgtxymu.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background (User 'Default user') O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Add to AMV Convert Tool... - D:\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.15\AMVConverter\grab.html O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.15\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\WINDOWS\system32\SHDOCVW.DLL O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\WINDOWS\system32\SHDOCVW.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{790F7E28-DDBC-4CD5-89CA-B5855AB59720}: NameServer = 201.30.63.2,201.30.63.3 O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 5873 bytes ________________________________________________ o que eu devo fazer agora?
  6. jana_phb

    Infectada?

    BankerFix 2.4 - Removedor de Bankers Linha Defensiva - http://www.linhadefensiva.org http://www.linhadefensiva.org/bankerfix/ Data: 7/1/2008 - 16:17 ------------------------------------------------------- Lista de Definição: 2007-12-31-1 ======================================================= Killando arquivos em Help ----------------------------------- Killing '*' Removendo Arquivos em Help ----------------------------------- ----- Fim ------------------------- _______________________________________________________ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:19:31, on 7/1/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\GbPlugin\GbpSv.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe C:\Arquivos de programas\Eset\nod32kui.exe C:\Arquivos de programas\K-Lite Codec Pack\Real\Update_OB\realsched.exe C:\WINDOWS\cmd.dll C:\WINDOWS\system32\msmsgs.exe C:\Arquivos de programas\MSN Messenger\msnmsgr.exe C:\WINDOWS\jafmk.exe C:\Arquivos de programas\Eset\nod32krn.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.cade.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://br.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://br.search.yahoo.com R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system32\Explorer.dll F3 - REG:win.ini: run=C:\WINDOWS\Regedit.ocx O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - (no file) O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll O4 - HKLM\..\Run: [soundMax] "C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\K-Lite Codec Pack\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Microsoft Windows] C:\WINDOWS\cmd.dll O4 - HKLM\..\Run: [msmsgs.exe] msmsgs.exe O4 - HKLM\..\Run: [WinLoader] jafmk.exe O4 - HKLM\..\RunServices: [WinLoader] jafmk.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background (User 'Default user') O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Add to AMV Convert Tool... - D:\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.15\AMVConverter\grab.html O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.15\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\WINDOWS\system32\SHDOCVW.DLL O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\WINDOWS\system32\SHDOCVW.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{790F7E28-DDBC-4CD5-89CA-B5855AB59720}: NameServer = 201.30.63.2,201.30.63.3 O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 5828 bytes
  7. jana_phb

    Infectada?

    alguém? ;
  8. jana_phb

    Infectada?

    acho que o pc ta infectado.. mas não sei o que é. e nem tenho certeza, mas é que as fotos não tão abrindo, e o o pc tá meio lerdo. tá aí o log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:29:18, on 2/1/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\GbPlugin\GbpSv.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe C:\Arquivos de programas\Eset\nod32kui.exe C:\Arquivos de programas\K-Lite Codec Pack\Real\Update_OB\realsched.exe C:\WINDOWS\cmd.dll C:\WINDOWS\nyruyhwgvt.exe C:\Arquivos de programas\Eset\nod32krn.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\MSN Messenger\usnsvc.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\Windows Media Player\wmplayer.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\MSN Messenger\msnmsgr.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.cade.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://br.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://br.search.yahoo.com R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system32\Explorer.dll F3 - REG:win.ini: run=C:\WINDOWS\Regedit.ocx O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - (no file) O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll O4 - HKLM\..\Run: [soundMax] "C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe" /tray O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\K-Lite Codec Pack\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Microsoft Windows] C:\WINDOWS\cmd.dll O4 - HKLM\..\Run: [msmsgs.exe] msmsgs.exe O4 - HKLM\..\Run: [WinLoader] nyruyhwgvt.exe O4 - HKLM\..\RunServices: [WinLoader] nyruyhwgvt.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background (User 'Default user') O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Add to AMV Convert Tool... - D:\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: Add to AMV Converter... - C:\Arquivos de programas\MP3 Player Utilities 4.15\AMVConverter\grab.html O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Arquivos de programas\MP3 Player Utilities 4.15\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\WINDOWS\system32\SHDOCVW.DLL O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\WINDOWS\system32\SHDOCVW.DLL O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{790F7E28-DDBC-4CD5-89CA-B5855AB59720}: NameServer = 201.30.63.2,201.30.63.3 O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 6950 bytes

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...