Ir ao conteúdo
  • Comunicados

    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.

othon

Membros Juniores
  • Total de itens

    3
  • Registro em

  • Última visita

  • Qualificações

    0%

Reputação

0

Sobre othon

  • Data de Nascimento 03-01-1992

Informações gerais

  • Cidade e Estado
    SJC
  1. Problemas com mp3 player

    Assim, eu comprei um mp3 player, fui instalar ele no PC, o Windows detectou o drive, instalou bunitinhu, daí quando fui abrir o coitado, o avast apitou dizendo que encontrou um vírus chamado JDWX.exe. Okay, mandou pra quarentena e deletei ele. Quando fui tentar abrir o mp3 de novo, abria aquelas janelas de "Abrir com..." e mostrava os programas pra abrir o mp3. Se eu cancelasse e abrisse lá por cima na barra de endereços, ia tranquilo. Por via das dúvidas, passei o avast no mp3 e ele disse ter achado dois arquivos infectados, msmsgs.exe e auto.exe. Foi pra quarentena e deletei também. Formatei o pendrive por via das duvidas e resolveu o problema do "Abrir com...", mas quando fui passar as músicas pro mp3, teve uma hora que criei uma pasta e quando renomeei ela criou dentro da pasta vários arquivos com nomes estranhos, todos com 0 bites e nenhum podendo ser excluido. Formatei de novo, passei as músicas sem ser por pastas, tirei o mp3. Quando conectei de novo, tinham músicas que tinham sido apagadas e outras músicas iguais as outras foram reescritas emcima das apagadas. Enfim, eu não sei se é problema no mp3 ou se é vírus no computador. Ou se é problema no mp3 por causa de vírus no pc, whatever Aqui vai o log do HJT: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:04, on 2008-06-03 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe C:\Arquivos de programas\Java\jre1.6.0_05\bin\jusched.exe C:\Arquivos de programas\Messenger\msmsgs.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\slserv.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Last.fm\LastFM.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Regiane\Desktop\HiJackThis.exe C:\Arquivos de programas\Windows Live Toolbar\msn_sl.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file) O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe O4 - HKCU\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe O4 - HKCU\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CC5C7FFD-E058-4390-A22A-FD08CCD9A3CE} (JoyOnPlay Control) - http://www.pangonline.com.br/common/com/ongamenet.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://200.212.184.212/g_bin/eng/billard8_2_0_0_23.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{13FEFBC5-F471-4234-A4B3-F391CA2EFD09}: NameServer = 200.204.0.10 200.204.0.138 O17 - HKLM\System\CCS\Services\Tcpip\..\{D091081B-948F-47AE-9C0B-E81CA5FD165E}: NameServer = 200.204.0.10,200.204.0.138 O17 - HKLM\System\CS1\Services\Tcpip\..\{13FEFBC5-F471-4234-A4B3-F391CA2EFD09}: NameServer = 200.204.0.10 200.204.0.138 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 9253 bytes Por favor, me ajudem .__.'
  2. Está aí o log do ComboFix e do HiJackThis. ComboFix 08-04-24.1 - Regiane 2008-04-27 15:36:43.7 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.203 [GMT -3:00] Executando de: C:\Documents and Settings\Regiane\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\system32\azip32.dll C:\WINDOWS\system32\byXRHXQK.dll C:\WINDOWS\system32\drivers\privada.zip C:\WINDOWS\system32\gobncupv.ini C:\WINDOWS\system32\Iijlnnnn.ini C:\WINDOWS\system32\Iijlnnnn.ini2 C:\WINDOWS\system32\iuicfyuq.dll C:\WINDOWS\system32\khfEXoMF.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\nnnnljiI.dll C:\WINDOWS\system32\qoMfdeET.dll C:\WINDOWS\system32\sbajdggl.dll C:\WINDOWS\system32\TEedfMoq.ini C:\WINDOWS\system32\TEedfMoq.ini2 C:\WINDOWS\system32\vjuupuca.dll C:\WINDOWS\system32\vmewvupf.dll C:\WINDOWS\system32\vpucnbog.dll C:\WINDOWS\system32\yhclmsxk.dll C:\WINDOWS\tse.exe . ((((((((((((((((((((((( Ficheiros criados de 2008-03-27 to 2008-04-27 )))))))))))))))))))))))))))))))) . 2008-04-26 23:09 . 2008-04-27 15:32 <DIR> d-------- C:\Arquivos de programas\MegaJogos 2008-04-26 13:49 . 2008-04-26 13:49 <DIR> d-------- C:\Arquivos de programas\IObit 2008-04-26 13:47 . 2008-04-26 13:27 6,553,344 --a------ C:\AWCSetup.exe 2008-04-24 19:01 . 2008-04-25 19:36 1,509,399 ---hs---- C:\WINDOWS\system32\cfpxndix.ini 2008-04-24 06:39 . 2008-04-23 21:23 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys 2008-04-23 21:22 . 2008-04-24 08:27 <DIR> d-------- C:\Documents and Settings\Regiane\.housecall6.6 2008-04-23 20:01 . 2008-04-23 20:01 <DIR> d-------- C:\Arquivos de programas\Panda Security 2008-04-23 19:50 . 2008-04-23 19:50 <DIR> d-------- C:\Arquivos de programas\CCleaner 2008-04-23 18:54 . 2008-04-24 18:56 1,540,797 ---hs---- C:\WINDOWS\system32\wvhttrsw.ini 2008-04-22 18:51 . 2008-04-23 18:52 1,542,589 ---hs---- C:\WINDOWS\system32\eeqjnhcx.ini 2008-04-21 10:49 . 2008-04-22 18:49 1,542,237 ---hs---- C:\WINDOWS\system32\cradqdak.ini 2008-04-20 10:49 . 2008-04-21 10:41 1,541,697 ---hs---- C:\WINDOWS\system32\xnvbdgdc.ini 2008-04-20 10:46 . 2008-04-26 14:20 109,831 --a------ C:\WINDOWS\BM8fac0416.xml 2008-04-19 14:57 . 2008-04-19 14:56 33,846 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.bmp 2008-04-19 14:57 . 2008-04-19 14:57 13,023 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat 2008-04-19 14:43 . 2008-04-19 14:56 4,229,496 --a------ C:\dMC-r12.3_UP_BY_DJ_RAJ_.exe 2008-04-19 14:10 . 2008-04-19 14:56 <DIR> d-------- C:\Arquivos de programas\Illustrate 2008-04-19 13:02 . 2008-04-19 13:02 <DIR> d-------- C:\Arquivos de programas\Alcohol Soft 2008-04-15 19:31 . 2008-04-15 19:31 <DIR> d-------- C:\Arquivos de programas\iPod 2008-04-12 22:02 . 2008-04-12 22:02 <DIR> d-------- C:\Arquivos de programas\7-Zip 2008-04-12 13:12 . 2008-04-12 13:12 <DIR> d-------- C:\5a4249cc5402db88dee41b 2008-04-09 20:18 . 2008-04-09 20:18 0 --a------ C:\WINDOWS\system32\psfxin.exe 2008-04-09 20:08 . 2008-04-09 20:08 0 --a------ C:\Documents and Settings\Regiane\psxfin.exe 2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx 2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-25 18:04 --------- d---a-w C:\Documents and Settings\All Users\Dados de aplicativos\TEMP 2008-04-27 18:35 --------- d-----w C:\Documents and Settings\Regiane\Dados de aplicativos\uTorrent 2008-04-27 18:23 --------- d-----w C:\Arquivos de programas\Mozilla Firefox 3 Beta 3 2008-04-26 21:41 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Symantec Shared 2008-04-19 21:10 --------- d-----w C:\Arquivos de programas\DOSBox-0.72 2008-04-19 17:56 4,229,496 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe 2008-04-19 15:06 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-04-19 01:44 --------- d-----w C:\Arquivos de programas\MSN Messenger 2008-04-19 01:44 --------- d-----w C:\Arquivos de programas\Messenger Plus! Live 2008-04-18 01:20 --------- d-----w C:\Arquivos de programas\ACAD2000 2008-04-16 01:14 --------- d-----w C:\Arquivos de programas\Apple Software Update 2008-04-15 22:32 --------- d-----w C:\Arquivos de programas\iTunes 2008-04-15 22:25 --------- d-----w C:\Arquivos de programas\QuickTime 2008-04-12 19:40 --------- d-----w C:\Documents and Settings\Regiane\Dados de aplicativos\LimeWire 2008-03-22 21:20 --------- d-----w C:\Arquivos de programas\Programas RFB 2008-03-22 19:17 --------- d-----w C:\Arquivos de programas\Programas SRF 2008-03-20 14:59 --------- d-----w C:\Documents and Settings\Regiane\Dados de aplicativos\iLike 2008-03-20 14:58 --------- d-----w C:\Arquivos de programas\iLike 2008-03-20 14:15 --------- d-----w C:\Arquivos de programas\Bruno Kitsune Web-Site 2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-17 23:12 --------- d-----w C:\Arquivos de programas\MP3 WAV Converter 2008-03-16 14:40 --------- d-----w C:\Arquivos de programas\LimeWire 2008-03-15 21:29 --------- d-----w C:\Documents and Settings\Regiane\Dados de aplicativos\AccurateRip 2008-03-09 16:29 --------- d-----w C:\Arquivos de programas\eMule 2008-03-02 19:02 --------- d-----w C:\Arquivos de programas\Motorola Phone Tools 2008-03-02 18:58 --------- d-----w C:\Arquivos de programas\Avanquest update 2008-03-01 13:02 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-02-28 21:50 --------- d-----w C:\Documents and Settings\Regiane\Dados de aplicativos\Skype 2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll 2008-02-20 05:37 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll 2008-02-16 01:11 32 ----a-w C:\Documents and Settings\All Users\Dados de aplicativos\ezsid.dat 2008-01-29 16:44 9 ----a-w C:\Documents and Settings\Regiane\ZincPasswords.bin 2008-01-29 16:44 28,462 ----a-w C:\Documents and Settings\Regiane\ZincGamesList.bin 2008-01-29 15:02 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll 2007-07-19 23:07 25,600 ----a-w C:\Documents and Settings\Regiane\usbsermptxp.sys 2007-07-19 23:07 22,768 ----a-w C:\Documents and Settings\Regiane\usbsermpt.sys 2007-06-17 22:37 0 ----a-w C:\Documents and Settings\Regiane\cmd.exe 2007-06-13 22:54 8,920 ----a-w C:\Arquivos de programas\CinemaForgethumbnail.jpg 2007-05-22 20:48 6,656 --sha-w C:\Arquivos de programas\Thumbs.db 2007-03-21 00:58 92,064 ----a-w C:\Documents and Settings\Regiane\mqdmmdm.sys 2007-03-21 00:58 9,232 ----a-w C:\Documents and Settings\Regiane\mqdmmdfl.sys 2007-03-21 00:58 79,328 ----a-w C:\Documents and Settings\Regiane\mqdmserd.sys 2007-03-21 00:58 66,656 ----a-w C:\Documents and Settings\Regiane\mqdmbus.sys 2007-03-21 00:58 6,208 ----a-w C:\Documents and Settings\Regiane\mqdmcmnt.sys 2007-03-21 00:58 5,936 ----a-w C:\Documents and Settings\Regiane\mqdmwhnt.sys 2007-03-21 00:58 4,048 ----a-w C:\Documents and Settings\Regiane\mqdmcr.sys 2007-03-10 16:49 1,307,954 ----a-w C:\Arquivos de programas\Receitanet2007_02.EXE 2007-03-10 16:48 3,090,675 ----a-w C:\Arquivos de programas\irpf2007v1.0.exe 2006-12-26 23:03 3,438 ----a-w C:\Arquivos de programas\tibiaauto-debug-cavebot.txt 2006-10-29 23:14 8,920 ----a-w C:\Arquivos de programas\thumbnail.jpg 2006-01-28 23:59 3,890,462 ----a-w C:\Arquivos de programas\CinemaForgecinemaforge.xmfg 2006-01-28 23:59 3,890,462 ----a-w C:\Arquivos de programas\cinemaforge.xmfg 2005-07-17 14:18 1,721,856 ----a-w C:\Arquivos de programas\CinemaForgeffmpeg.exe 2005-07-17 13:18 1,721,856 ----a-w C:\Arquivos de programas\ffmpeg.exe 2005-06-24 22:39 13,104 ----a-w C:\Arquivos de programas\cinemaforge.chm 2005-02-23 03:51 2,167 ----a-w C:\Arquivos de programas\CinemaForgecinema1.xmfg 2005-02-23 02:51 2,167 ----a-w C:\Arquivos de programas\cinema1.xmfg 2004-09-20 12:49 1,179,648 ----a-w C:\Arquivos de programas\CinemaForgeffmpegphotos.exe 2004-09-20 11:49 1,179,648 ----a-w C:\Arquivos de programas\ffmpegphotos.exe 2004-08-04 02:01 25,856 ----a-w C:\WINDOWS\inf\usbprint.sys 1997-06-21 19:55 1,078 ----a-w C:\Arquivos de programas\CinemaForgecinemaforge.ico 1997-06-21 18:55 1,078 ----a-w C:\Arquivos de programas\cinemaforge.ico . ------- Sigcheck ------- 2004-08-04 00:45 14336 5de3e7b6f7624552f2f06664f110820d C:\WINDOWS\system32\svchost.exe 2004-08-04 00:45 14336 5de3e7b6f7624552f2f06664f110820d C:\WINDOWS\system32\dllcache\svchost.exe 2004-08-04 00:45 82944 a5163442377d3c305bbff612f80047d7 C:\WINDOWS\system32\ws2_32.dll 2004-08-04 00:45 82944 a5163442377d3c305bbff612f80047d7 C:\WINDOWS\system32\dllcache\ws2_32.dll 2006-04-20 09:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys 2007-10-30 13:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys 2004-08-03 23:14 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys 2006-04-20 08:51 359808 1dbf125862891817f374f407626967f4 C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys 2008-02-09 14:00 360064 34a663e7f74ae8b2c992c2513343477e C:\WINDOWS\system32\dllcache\tcpip.sys 2008-02-09 14:00 360064 34a663e7f74ae8b2c992c2513343477e C:\WINDOWS\system32\drivers\tcpip.sys 2004-08-04 00:45 504320 6f7bde7a1126debf0cc359a54953efc1 C:\WINDOWS\system32\winlogon.exe 2004-08-04 00:45 504320 6f7bde7a1126debf0cc359a54953efc1 C:\WINDOWS\system32\dllcache\winlogon.exe 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys 2004-08-04 00:45 15360 f40bc97996b8e53799eef1d63996674b C:\WINDOWS\system32\ctfmon.exe 2004-08-04 00:45 15360 f40bc97996b8e53799eef1d63996674b C:\WINDOWS\system32\dllcache\ctfmon.exe . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* entradas vazias & legítimas por defeito não são mostradas. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [2004-10-13 13:24 1694208] "Smapp"="C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57 143360] "SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "Windows Defender"="C:\Arquivos de programas\Windows Defender\MSASCui.exe" [2006-11-03 19:20 866584] "avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 15:37 79224] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSScheduler"="C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30 81920] "smapp"="C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57 143360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="C:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 16:38 39264] C:\Documents and Settings\Regiane\Menu Iniciar\Programas\Inicializar\ Last.fm Helper.lnk - C:\Arquivos de programas\Last.fm\LastFMHelper.exe [2007-07-08 15:55:14 106496] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"= 1 (0x1) "NoPopUpsOnBoot"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "SENTINEL"= snti386.dll "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Arquivos de programas\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "C:\\Arquivos de programas\\Bonjour\\mDNSResponder.exe"= "C:\\Arquivos de programas\\Messenger\\msmsgs.exe"= "C:\\Arquivos de programas\\uTorrent\\uTorrent.exe"= "C:\\Arquivos de programas\\eMule\\emule.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"= "C:\\Arquivos de programas\\LimeWire\\LimeWire.exe"= "C:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"= "C:\\Arquivos de programas\\iTunes\\iTunes.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\WINDOWS\\system32\\rundll32.exe"= "C:\\Arquivos de programas\\Java\\jre1.6.0_01\\bin\\javaw.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "2940:TCP"= 2940:TCP:. "7171:TCP"= 7171:TCP:Open Tibia Server "32459:TCP"= 32459:TCP:32459 "8080:TCP"= 8080:TCP:uTorrent "47624:TCP"= 47624:TCP:AOEII "30086:TCP"= 30086:TCP:utorrent "30086:UDP"= 30086:UDP:utorrent "23792:TCP"= 23792:TCP:BitComet 23792 TCP "23792:UDP"= 23792:UDP:BitComet 23792 UDP R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 15:31] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 15:35] R3 PSXGamepadEnabler;Psx Hid to Gamepad Port Enabler;C:\WINDOWS\system32\drivers\psxpad.sys [2002-05-15 16:24] R3 PsxPortEnumerator;Psx Port Enumerator;C:\WINDOWS\system32\Drivers\psxenum.sys [2002-09-26 08:36] R3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-05-10 15:10] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56c14c30-18df-11db-8b37-000ea65c4b45}] \Shell\Auto\command - MicrosoftPowerPoint.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9b63283-b944-11dc-8ffc-000ea65c4b45}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe . Conteúdo da pasta 'Tarefas Agendadas' "2008-04-22 01:31:09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe "2008-04-27 18:24:49 C:\WINDOWS\Tasks\MP Scheduled Scan.job" - C:\Arquivos de programas\Windows Defender\MpCmdRun.exe "2008-04-27 18:21:30 C:\WINDOWS\Tasks\star1.job" - c:\autoexec.bat "2008-04-27 18:43:02 C:\WINDOWS\Tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job" - C:\Arquivos de programas\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************** catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-27 15:40:16 Windows 5.1.2600 Service Pack 2 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros ocultos ... Varredura completada com sucesso Ficheiros ocultos: 0 ************************************************************************** . Tempo para conclusão: 2008-04-27 15:46:19 ComboFix-quarantined-files.txt 2008-04-27 18:45:23 Pre-Run: 4,217,651,200 bytes disponíveis Post-Run: 4,437,344,256 bytes disponíveis 249 --- E O F --- 2008-04-27 03:19:11 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:50:16, on 27/4/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe C:\Arquivos de programas\Messenger\msmsgs.exe C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe C:\Arquivos de programas\Windows Defender\MSASCui.exe C:\WINDOWS\system32\spoolsv.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Last.fm\LastFMHelper.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\HPZipm12.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Regiane\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file) O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe O4 - HKCU\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe O4 - HKCU\..\Run: [Windows Defender] "C:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O4 - Startup: Last.fm Helper.lnk = C:\Arquivos de programas\Last.fm\LastFMHelper.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CC5C7FFD-E058-4390-A22A-FD08CCD9A3CE} (JoyOnPlay Control) - http://www.pangonline.com.br/common/com/ongamenet.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://200.212.184.212/g_bin/eng/billard8_2_0_0_23.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{13FEFBC5-F471-4234-A4B3-F391CA2EFD09}: NameServer = 200.204.0.10 200.204.0.138 O17 - HKLM\System\CCS\Services\Tcpip\..\{D091081B-948F-47AE-9C0B-E81CA5FD165E}: NameServer = 200.204.0.10,200.204.0.138 O17 - HKLM\System\CS1\Services\Tcpip\..\{13FEFBC5-F471-4234-A4B3-F391CA2EFD09}: NameServer = 200.204.0.10 200.204.0.138 O17 - HKLM\System\CS2\Services\Tcpip\..\{13FEFBC5-F471-4234-A4B3-F391CA2EFD09}: NameServer = 200.204.0.10 200.204.0.138 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 9251 bytes Acho que resolveu o problema. Valeu mesmo joram!
  3. Começou esse domingo... No Internet Explorer é só abrir que já aparecem uns três pop-ups desses, no Firefox normalmente abre só um tal de Gladiatus. O problema é que ele tá 'bloqueando' vários sites, a maioria relacionado com o Google: Orkut, blogspot, inclusive o Google mesmo, a página de pesquisas. Tá atrapalhando demais. Segue o log do HiJackThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:46:03, on 24/4/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\slserv.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe C:\WINDOWS\system32\VTTimer.exe C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe C:\Arquivos de programas\Windows Defender\MSASCui.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\tsnp2std.exe C:\WINDOWS\vsnp2std.exe C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe C:\Arquivos de programas\iTunes\iTunesHelper.exe C:\WINDOWS\system32\rundll32.exe C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Messenger\msmsgs.exe C:\Arquivos de programas\iPod\bin\iPodService.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe C:\Arquivos de programas\Last.fm\LastFMHelper.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\explorer.exe C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\Regiane\Desktop\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.br/0SEPTBR/SAOS01?FORM=TOOLBR R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file) O1 - Hosts: 69.5.88.72 www.megaupload.com O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\ARQUIV~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Windows Defender] "C:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [8c9f378a] rundll32.exe "C:\WINDOWS\system32\xidnxpfc.dll",b O4 - HKLM\..\Run: [bM8fac0416] Rundll32.exe "C:\WINDOWS\system32\iuicfyuq.dll",s O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [iLike] C:\Arquivos de programas\iLike\1.1.27\ilikesidebar.exe /checkforupdate O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Last.fm Helper.lnk = C:\Arquivos de programas\Last.fm\LastFMHelper.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {CC5C7FFD-E058-4390-A22A-FD08CCD9A3CE} (JoyOnPlay Control) - http://www.pangonline.com.br/common/com/ongamenet.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://200.212.184.212/g_bin/eng/billard8_2_0_0_23.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{13FEFBC5-F471-4234-A4B3-F391CA2EFD09}: NameServer = 200.204.0.10 200.204.0.138 O17 - HKLM\System\CCS\Services\Tcpip\..\{D091081B-948F-47AE-9C0B-E81CA5FD165E}: NameServer = 200.204.0.10,200.204.0.138 O17 - HKLM\System\CS1\Services\Tcpip\..\{13FEFBC5-F471-4234-A4B3-F391CA2EFD09}: NameServer = 200.204.0.10 200.204.0.138 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Unknown owner - C:\Arquivos de programas\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SPBBC\SPBBCSvc.exe -- End of file - 12350 bytes Por favor, me ajudem :/

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×