Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Alvaro & Rute

[Arquivado] erro de aplicativo

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

hgb7    3

hgb7
Postado

Ferramentas > Opções > Limpar tudo (ou limpar agora)...

 

Daí tu marca de preferência tudo, e exclui ^^

Compartilhar este post

Link para o post
Compartilhar em outros sites

Alvaro & Rute    0

Alvaro & Rute
Postado

;*******************************************************************************

*********************************************************************************

*******************

ANALYSIS: 2008-08-13 17:13:12

PROTECTIONS: 1

MALWARE: 2

SUSPECTS: 0

;*******************************************************************************

*********************************************************************************

*******************

PROTECTIONS

Description Version Active Updated

;===============================================================================

=================================================================================

===================

avast! antivirus 4.8.1229 [VPS 080813-0] 4.8.1229 Yes Yes

;===============================================================================

=================================================================================

===================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===============================================================================

=================================================================================

===================

00020900 spyware/apropos Spyware No 1 Yes No hkey_current_user\software\pop

00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\jaqueline\Desktop\MSNFix.zip[MSNFix/incl/Process.exe]

00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\jaqueline\Desktop\MSNFix\incl\Process.exe

;===============================================================================

=================================================================================

===================

SUSPECTS

Sent Location

;===============================================================================

=================================================================================

===================

;===============================================================================

=================================================================================

===================

VULNERABILITIES

Id Severity Description

;===============================================================================

=================================================================================

===================

184380 MEDIUM MS08-002

184379 MEDIUM MS08-001

182048 HIGH MS07-069

182046 HIGH MS07-067

182043 HIGH MS07-064

179553 HIGH MS07-061

176382 HIGH MS07-057

176383 HIGH MS07-058

170911 HIGH MS07-050

170907 HIGH MS07-046

170906 HIGH MS07-045

170904 HIGH MS07-043

164915 HIGH MS07-035

164913 HIGH MS07-033

164911 HIGH MS07-031

160623 HIGH MS07-027

157262 HIGH MS07-022

157261 HIGH MS07-021

157260 HIGH MS07-020

157259 HIGH MS07-019

156477 HIGH MS07-017

150253 HIGH MS07-016

150249 HIGH MS07-013

150248 HIGH MS07-012

150247 HIGH MS07-011

150243 HIGH MS07-008

150242 HIGH MS07-007

150241 MEDIUM MS07-006

145501 HIGH MS07-004

141034 HIGH MS06-076

141033 MEDIUM MS06-075

137571 HIGH MS06-070

133387 MEDIUM MS06-065

133386 MEDIUM MS06-064

133385 MEDIUM MS06-063

133379 HIGH MS06-057

129977 MEDIUM MS06-053

129976 MEDIUM MS06-052

126093 HIGH MS06-051

126092 MEDIUM MS06-050

126087 HIGH MS06-046

126086 MEDIUM MS06-045

126082 HIGH MS06-041

126081 HIGH MS06-040

123421 HIGH MS06-036

123420 HIGH MS06-035

120825 MEDIUM MS06-032

120823 MEDIUM MS06-030

120818 HIGH MS06-025

120815 HIGH MS06-022

117384 MEDIUM MS06-018

114666 HIGH MS06-015

108744 MEDIUM MS06-008

108743 MEDIUM MS06-007

108742 MEDIUM MS06-006

104567 HIGH MS06-002

104237 HIGH MS06-001

96574 HIGH MS05-053

93395 HIGH MS05-051

93394 HIGH MS05-050

93454 MEDIUM MS05-049

;===============================================================================

=================================================================================

===================

Compartilhar este post

Link para o post
Compartilhar em outros sites

Silas Martins    0

Silas Martins
Postado

Baixe o SDFix e e arquive na sua área de trabalho.

 

*Execute o SDFix.exe[/b] clicando duas vezes sobre ele.

* Permitam-lo para instalar na localização padrão, que é normalmente c: \ SDFix

* Agora, por favor, reinicie o computador em modo de segurança (Reinicie o computador e segure a tecla F8 sem solta-la até que seja disponibilizada a tela onde você opte por modo de segurança)

* Depois de ter arrancado em modo seguro, abra o C: \ SDFix pasta e dê um duplo clique em RunThis.bat para iniciar o script.

* Aperte Y para iniciar a limpeza do processo.

* Ele irá remover qualquer Tróia ou Serviços Secretaria entradas encontradas e, em seguida, pedir-lhe para pressione qualquer tecla para reiniciar.

* Pressione qualquer tecla e ele irá reiniciar o PC.

* Quando o PC reinicia a Fixtool irá correr de novo e completar o processo de remoção exibição terminados em seguida, pressione qualquer tecla para terminar o script e carregar seu desktop ícones.

* Depois de a carregar os ícones desktop SDFix relatório será aberta a tela e também em salvar a pasta SDFix como Report.txt.

*Poste o Report.txt juntamente com novo log do hijackthis gerado em modo normal.

Compartilhar este post

Link para o post
Compartilhar em outros sites

Alvaro & Rute    0

Alvaro & Rute
Postado

SDFix: Version 1.216

Run by jaqueline on s b 16/08/2008 at 14:51

 

Microsoft Windows XP [versÆo 5.1.2600]

Running From: C:\SDFix

 

Checking Services :

 

 

Restoring Default Security Values

Restoring Default Hosts File

 

Rebooting

 

 

Checking Files :

 

No Trojan Files Found

 

 

 

 

 

 

Removing Temp Files

 

ADS Check :

 

 

 

Final Check :

 

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-08-16 14:57:20

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden services & system hive ...

 

scanning hidden registry entries ...

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]

"TracesProcessed"=dword:00000063

"TracesSuccessful"=dword:00000004

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=""

"DeviceNotSelectedTimeout"="15"

"GDIProcessHandleQuota"=dword:00002710

"Spooler"="yes"

"swapdisk"=""

"TransmissionRetryTimeout"="90"

"USERProcessHandleQuota"=dword:00002710

 

scanning hidden files ...

 

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0

 

 

Remaining Services :

 

 

 

 

Authorized Application Key Export:

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\\Arquivos de programas\\Orbitdownloader\\orbitdm.exe"="C:\\Arquivos de programas\\Orbitdownloader\\orbitdm.exe:*:Enabled:Orbit"

"C:\\Arquivos de programas\\Orbitdownloader\\orbitnet.exe"="C:\\Arquivos de programas\\Orbitdownloader\\orbitnet.exe:*:Enabled:Orbit"

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"="C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"C:\\Arquivos de programas\\Ares\\Ares.exe"="C:\\Arquivos de programas\\Ares\\Ares.exe:*:Disabled:Ares p2p for windows"

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"

"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Executa uma DLL como um aplicativo"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"

"C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"="C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

 

Remaining Files :

 

 

 

Files with Hidden Attributes :

 

Wed 12 Dec 2007 119 ..SH. --- "C:\AUTOEXEC.BAK"

Sat 12 Jan 2008 30,516,896 A..H. --- "C:\Downloads\MU_MusicAddOn.zip"

Sun 13 Jan 2008 30,516,896 A..H. --- "C:\Downloads\MU_MusicAddOn(1).zip"

Wed 4 Aug 2004 60,416 A.SH. --- "C:\Arquivos de programas\Outlook Express\msimn.exe"

Sat 12 Jan 2008 384,249,639 A..H. --- "C:\Downloads\Software\Global_Mu_Online_Installer_080907.exe"

Sun 13 Jan 2008 2,507,385 A..H. --- "C:\Downloads\Software\InstaladorPopA.exe"

Sat 12 Jan 2008 30,516,896 A..H. --- "C:\Downloads\Software\MU_MusicAddOn.zip"

Wed 3 May 2006 163,328 A.SHR --- "C:\WINDOWS\system32\flvDX.dll"

Wed 21 Feb 2007 31,232 A.SHR --- "C:\WINDOWS\system32\msfDX.dll"

Sun 26 Jun 2005 616,448 A.SHR --- "C:\Arquivos de programas\eRightSoft\SUPER\cygwin1.dll"

Tue 21 Jun 2005 45,568 A.SHR --- "C:\Arquivos de programas\eRightSoft\SUPER\cygz.dll"

Wed 26 Dec 2007 72,704 A.SHR --- "C:\Arquivos de programas\eRightSoft\SUPER\Setup.exe"

Thu 26 Oct 2006 15,872 A.SHR --- "C:\Arquivos de programas\eRightSoft\SUPER\_Setup.dll"

Tue 4 Jun 2002 84,992 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\14_43260.dll"

Tue 4 Jun 2002 44,032 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\28_83260.dll"

Mon 9 Dec 2002 73,766 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\atrc3260.dll"

Mon 9 Dec 2002 65,575 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\cook3260.dll"

Sun 9 Jun 2002 36,864 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\ddnt3260.dll"

Tue 4 Jun 2002 20,480 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\dnet3260.dll"

Mon 9 Dec 2002 102,437 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\drv13260.dll"

Mon 9 Dec 2002 176,165 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\drv23260.dll"

Mon 9 Dec 2002 208,935 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\drv33260.dll"

Mon 9 Dec 2002 217,127 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\drv43260.dll"

Sun 9 Jun 2002 40,448 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\dspr3260.dll"

Sat 3 Nov 2001 225,280 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\ivvideo.dll"

Tue 10 Apr 2001 225,280 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\qtmlClient.dll"

Fri 20 Feb 2004 232,960 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\raac.dll"

Sun 9 Jun 2002 525,824 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\rnco3260.dll"

Mon 9 Dec 2002 245,805 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\rnlt3260.dll"

Mon 9 Dec 2002 45,093 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\rv103260.dll"

Mon 9 Dec 2002 98,341 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\rv203260.dll"

Mon 9 Dec 2002 94,247 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\rv303260.dll"

Mon 9 Dec 2002 90,151 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\rv403260.dll"

Mon 9 Dec 2002 102,439 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\sipr3260.dll"

Sun 9 Jun 2002 49,152 A..HR --- "C:\Arquivos de programas\eRightSoft\SUPER\mencoder\tokr3260.dll"

Fri 4 Jan 2008 8,913,016 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0926b9470c9af53c207eadf0bf3934da\BIT14.tmp"

Fri 4 Jan 2008 1,030,024 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\22bbc0297cf0212f3e507df5a9f9261d\BIT48.tmp"

Fri 4 Jan 2008 2,304,392 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2716e94267154b4722838e28362d23d0\BITC.tmp"

Fri 4 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2d4baa067165c627acf81b788b44d62e\BIT1.tmp"

Fri 4 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\3110ae9825954e4eef079821207183ba\BIT3B.tmp"

Fri 4 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4366a60ed78e633f2c559bb3e0ac3c12\BIT3C.tmp"

Fri 4 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\437b3579f0a916decc78e6314058294f\BIT5A.tmp"

Wed 7 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\4d6abb4abb73b8841817968bb9fef3b2\BIT1.tmp"

Thu 22 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9327c69da1687c09b525d1419e1428ae\BIT1.tmp"

Mon 7 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b6b8211a5dc0636ae3d15bf626ce10d3\BIT5A.tmp"

Sat 29 Mar 2008 25,811,504 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d3ba2bba3a26b43053265147e2db3b19\BIT3A.tmp"

Tue 12 Aug 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\db4af1ac6589f72c1b526a2c3dd4eb21\BIT14.tmp"

Fri 4 Jan 2008 1,683,256 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\fdbb175f6820c5c39acd0fe713171ed4\BIT39.tmp"

Fri 14 Dec 2007 444 ...HR --- "C:\Documents and Settings\Administrador\Dados de aplicativos\SecuROM\UserData\securom_v7_01.bak"

Sun 27 Jan 2008 444 ...HR --- "C:\Documents and Settings\jaqueline\Dados de aplicativos\SecuROM\UserData\securom_v7_01.bak"

Fri 4 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\1adecf0f49989e4d14f4c8597f3d24a4\download\BIT59.tmp"

Sat 12 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\270aeaaa6679faef66e6da4371053a9f\download\BIT45.tmp"

Sat 12 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7a3dd203d422fd4dd350a1bf6a6c424d\download\BIT31F.tmp"

Fri 4 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\a4f12aeae06bbd25e88c1a58e15d3c95\download\BIT5B.tmp"

Sun 13 Jan 2008 279,437 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b14580f6cba234c27d43e5d2cc717023\download\BIT69.tmp"

Fri 4 Jan 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f17fac9caba9b9b457bfdd8b1c9b29bd\download\BIT3E.tmp"

 

Finished!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Alvaro & Rute    0

Alvaro & Rute
Postado

Logfile of HijackThis v1.99.1

Scan saved at 15:02:05, on 16/8/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Venturi2\Client\ventc.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\notepad.exe

C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

C:\Arquivos de programas\Acelerador POP\slipcore.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Acelerador POP\slipgui.exe

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\Documents and Settings\jaqueline\Desktop\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P1.dll

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Arquivos de programas\Orbitdownloader\orbitcth.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P1.dll

O2 - BHO: PBlockHelper Class - {4115122B-85FF-4DD3-9515-F075BEDE5EB5} - C:\Arquivos de programas\Acelerador POP\PBHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Arquivos de programas\Acelerador POP\components\NOWImaging.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P1.dll

O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: Acelerador POP - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Arquivos de programas\Acelerador POP\Toolband.dll

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [iSUSPM Startup] C:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [Nero DriveSpeed] C:\ARQUIV~1\Ahead\NEROTO~1\DRIVES~1.EXE

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [POPDiscador] C:\Arquivos de programas\POPDiscador\POPDiscador.exe --minimized

O4 - HKLM\..\Run: [slipStream] "C:\Arquivos de programas\Acelerador POP\slipcore.exe"

O4 - HKLM\..\Run: [soundMax] "C:\Arquivos de programas\Analog Devices\SoundMAX\smax4.exe" /tray

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [DeleteHistoryFree] C:\Arquivos de programas\DeleteHistoryFree\dhf.exe

O4 - Global Startup: Acelerador POP.lnk = C:\Arquivos de programas\Acelerador POP\slipgui.exe

O4 - Global Startup: Orbit.lnk = C:\Arquivos de programas\Orbitdownloader\orbitdm.exe

O8 - Extra context menu item: &Download by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/201

O8 - Extra context menu item: &Grab video by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/204

O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/203

O8 - Extra context menu item: Down&load all by Orbit - res://C:\Arquivos de programas\Orbitdownloader\orbitmxt.dll/202

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D5300D75-F136-4C83-8F68-DA3702BF9B20}: NameServer = 10.1.1.1

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: ServiceLayer - Unknown owner - C:\Arquivos de programas\Arquivos comuns\PCSuite\Services\ServiceLayer.exe (file missing)

O23 - Service: Venturi2 Client (Venturi2) - Fourelle Systems, Inc - C:\Program Files\Venturi2\Client\ventc.exe

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito