[Arquivado] IE abrindo a toda hora!

alexgunM · Outubro 27, 2008

Meu iexplorer Abre a todo instantE!! (5 en 5 segundos)

E eu ja passei o ad-Were... Spybot.. AVG etc... e nada...

apenas um dia.. eu usei dos anti-spywere seguidos e deletei os malweres..

no dia seguinte la estava o IE abrindo.. :wacko:

toda vez q passo os anti-spywere... ele axa virus...

O que Devo fazER????? :!:

Mário Monteiro · Outubro 27, 2008

No altop deste topico tem as regras deste forum

Leia-as em especial a segunda que pede para postar um log aqui

alexgunM · Outubro 27, 2008

Eu estou no pc no meu curso.. irei Fazer isso em cAsa..

Muito obrigado!

:rolleyes:

hj msmo posto!!

Mário Monteiro · Outubro 27, 2008

Bom entao, é que precisa do og para dar continuidade a analise

alexgunM · Outubro 27, 2008

Entendi...

mais Muito obrigado antecipadamente.... um lugar de post como esse é dificil.. e esse é o geito mais barato e facil de

se resolver problemas on-line...

bom trabalho ,chegando em casa eu instalo o programa. executo e posto o log... ^_^

espero que me ajudem a resolver meu isso.. ja esta me causandu problemas..

alexgunM · Outubro 27, 2008

cheguei em Casa ;P

vou efetuar o programa..

alexgunM · Outubro 27, 2008

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:31:37, on 27/10/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18241)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\AlienGUIse\wbload.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Spyware Doctor\pctsTray.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\LSPRN.EXE

C:\WINDOWS\system32\PRINTDRV.EXE

C:\Arquivos de programas\lg_fwupdate\fwupdate.exe

C:\Arquivos de programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe

C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe

C:\Arquivos de programas\Arquivos comuns\Teleca Shared\CapabilityManager.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\WINDOWS\system32\CSRLT.EXE

C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Stardock\CursorFX\CursorFX.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Documents and Settings\Alex\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe

C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

C:\Arquivos de programas\Arquivos comuns\Teleca Shared\Generic.exe

C:\Arquivos de programas\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Arquivos de programas\Java\jre1.6.0_06\bin\jucheck.exe

C:\Hijack\HiJackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://farejador.ig.com.br/ie/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=66006

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Arquivos de programas\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL

R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\killVBS.vbs,

O2 - BHO: (no name) - {0392E0F4-4CAC-4A26-9834-10DA454D5C09} - (no file)

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Arquivos de programas\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5BE6F8F2-A0AF-4A2A-9AF3-E5932BFB839E} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: (no name) - {703E97CD-8F5A-49C9-BA24-5335A0BEF960} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {864CB0A6-F301-4419-AB0C-75893CB0A1A4} - (no file)

O2 - BHO: (no name) - {8ABB5E08-6B97-413E-981F-488ED0BEAB2B} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {93D31EFB-AB67-4AA9-B241-F3F0620ECB1D} - (no file)

O2 - BHO: (no name) - {94F83540-3E14-4E3D-B1DC-A1405967C090} - C:\WINDOWS\system32\awtrOeBq.dll (file missing)

O2 - BHO: NOW!Imaging - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Arquivos de programas\Acelerador POP\components\NOWImaging.dll

O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Arquivos de programas\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Arquivos de programas\AskTBar\bar\1.bin\ASKTBAR.DLL

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\ARQUIV~1\AVG\AVG8\AVGTOO~1.DLL

O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Arquivos de programas\AskTBar\bar\1.bin\ASKTBAR.DLL

O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [inCD] C:\Arquivos de programas\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [LGODDFU] "C:\Arquivos de programas\lg_fwupdate\fwupdate.exe"

O4 - HKLM\..\Run: [MediaKey] C:\ARQUIV~1\INTERN~2\MEDIAKEY.EXE

O4 - HKLM\..\Run: [Discador iG] "C:\Arquivos de programas\iGv6\Discador iG.exe" boot

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Arquivos de programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [Motive SmartBridge] "C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe" /restart

O4 - HKLM\..\Run: [TkBellExe] "realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\Ringz Studio\Storm Codec\qttask.exe" -atboottime

O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [CSRLT.EXE] C:\WINDOWS\system32\CSRLT.EXE

O4 - HKLM\..\Run: [iSTray] "C:\Arquivos de programas\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [Printer Driver] C:\WINDOWS\system32\PRINTDRV.EXE

O4 - HKLM\..\RunOnce: [MSBLT.EXE] C:\WINDOWS\MSBLT.EXE

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [NBJ] "C:\Arquivos de programas\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [ares] "C:\Arquivos de programas\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [CursorFX] "C:\Arquivos de programas\Stardock\CursorFX\CursorFX.exe"

O4 - HKCU\..\Run: [sfKg6wIP] C:\Documents and Settings\Alex\Dados de aplicativos\Microsoft\Windows\hgpxuio.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Alex\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [LClock] C:\Arquivos de programas\LClock\LClock.exe

O4 - HKCU\..\Run: [Vista Sidebar] C:\Arquivos de programas\Vista Sidebar\sidebar.exe

O4 - HKCU\..\Run: [ViStart] C:\Arquivos de programas\ViStart\ViStart.exe

O4 - HKCU\..\Run: [ViOrb] C:\Arquivos de programas\ViOrb\ViOrb.exe

O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Arquivos de programas\Uniblue\RegistryBooster\RegistryBooster.exe /S

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [OKGO] C:\WINDOWS\system32\Press_Schutz.exe

O4 - HKLM\..\Policies\Explorer\Run: [PrinterSecurityLayer] C:\WINDOWS\LSPRN.EXE

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Adobe Media Player.lnk = C:\Arquivos de programas\Adobe Media Player\Adobe Media Player.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Assistente Tecnico Speedy.lnk = C:\Arquivos de programas\Assistente Tecnico Speedy\bin\matcli.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_06\bin\ssv.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/jre/6u...ows-i586-jc.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab

O16 - DPF: {C044CD87-DFB0-4130-A5E4-49361106FBC8} (HanSetupCtrl1010 Class) - http://cdn.hangame.com/hangame/hansetup/HanSetup1010.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C35F2158-6357-41A4-9A59-C52512E1C5E2}: NameServer = 200.204.0.10 200.204.0.138

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll

O20 - AppInit_DLLs: secuload.dll,avgrsstx.dll,bynmpg.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

O24 - Desktop Component 0: (no name) - file:///C:/Documents%20and%20Settings/Alex/Desktop/alex/jogos/xbox%20blue.jpg

O24 - Desktop Component 1: (no name) - file:///C:/Documents%20and%20Settings/Alex/Desktop/alex/jogos/ps%20logo.jpg

O24 - Desktop Component 2: (no name) - file:///C:/Documents%20and%20Settings/Alex/Desktop/alex/arquivos/curso/12.jpg

O24 - Desktop Component 3: (no name) - http://www.zwani.com/_theme/images/onion2-TL.gif

O24 - Desktop Component 4: (no name) - http://img4.orkut.com/js/gen/scraps005.js

O24 - Desktop Component 5: (no name) - http://img2.orkut.com/js/gen/scraps006.js

O24 - Desktop Component 6: (no name) - http://img4.orkut.com/js/gen/common007.js

O24 - Desktop Component 7: (no name) - http://graphics.amigos.com/images/ffe/emai...button_left.gif

--

End of file - 14873 bytes

alexgunM · Outubro 27, 2008

:worship: pronto EsTa aI..

I agora?

Mário Monteiro · Outubro 27, 2008

Agora voce aguarda um analista iniciar a nalise de seu log

lembro-lhe de ler a regra 3 deste forum

http://forum.imasters.com.br/index.php?showtopic=176886

alexgunM · Outubro 27, 2008

então Tah.. :huh:

Esperando um analista..........

:rolleyes:

PedroN · Outubro 27, 2008

- Baixe: < ComboFix.exe >

- Salve-o no Desktop!

- Desabilite as proteções residente de: antivírus,antispywares e firewall. ( Menos o do Windows! )

- Feche todas as janelas e execute a ferramenta!

- Na solicitação: "Negação de garantia de software" --> Clique em Sim!

-- Caso aconteça a notificação de: Aplicativo Win32 inválido,delete a ferramenta e faça,novamente,o download.
-- Salve-a no desktop,renomeada como: Kombo.exe

-- Ps: Nomeie durante o salvamento,e não após salvá-la!

-- Ps: Surgindo alguma mensagem de erro,rode o ComboFix.exe em Modo de Segurança.

-- Ps: Evite executar,voluntariamente,esta ferramenta!Siga,àcima,todas as recomendações propostas.

- Abrir-se-á a janela Auto Scan. --> Aguarde!

- Se houver necessidade,digite a opção para continuar! --> ( 1 ) --> Aperte Enter.

- Aguarde a conclusão!

- Durante o scan,evite manusear o mouse ou teclado! <-- Importante!

- Para parar ou sair do ComboFix,tecle "N".

----------------------

- Terminando,poste os relatórios: C:\ComboFix.txt + HijackThis,atualizado.

alexgunM · Outubro 27, 2008

O Combofix finalizou... reiniciou.. e abriu uma tela

Terminando relatório (n tenhu certeza)

Não abra nehum programa até o combofiz finalizar..e fiko abertu um tempão nisso e nada..

e agora?

Mário Monteiro · Outubro 27, 2008

se finalizou apareceu um relatorio em C:\ComboFix.txt

alexgunM · Outubro 27, 2008

O HijackThis Atualizado! :mellow:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:46, on 2008-10-27

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18241)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Ahead\InCD\InCDsrv.exe

C:\Arquivos de programas\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\AVG\AVG8\avgrsx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Arquivos de programas\lg_fwupdate\fwupdate.exe

C:\Arquivos de programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\ARQUIV~1\ASSIST~1\SMARTB~1\MotiveSB.exe

C:\Arquivos de programas\Java\jre1.6.0_06\bin\jusched.exe

C:\Arquivos de programas\Arquivos comuns\Teleca Shared\CapabilityManager.exe

C:\ARQUIV~1\AVG\AVG8\avgtray.exe

C:\WINDOWS\system32\CSRLT.EXE

C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Stardock\CursorFX\CursorFX.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Documents and Settings\Alex\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe

C:\Arquivos de programas\Assistente Tecnico Speedy\bin\mpbtn.exe

C:\Arquivos de programas\Arquivos comuns\Teleca Shared\Generic.exe

C:\Arquivos de programas\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\Arquivos de programas\Java\jre1.6.0_06\bin\jucheck.exe

C:\Arquivos de programas\Netscape\Navigator 9\navigator.exe

C:\Arquivos de programas\AlienGUIse\AlienwareDock\Objectdock.exe