Humberto Rosa
Membro
Adiquirir um virus pelo MSN que fica mandando mensagens para meus contatos, sozinho. PEDINDO PARA CLIKAR NA PÁGINA PARA ELES VEREM ALGO.
Aqui esta o informativo a respeito do meu:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 01:17:17, on 16/5/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Programas\PowerISO\PWRISOVM.EXE
D:\Programas\Winamp\winampa.exe
D:\Arquivos de programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Programas\HP\HP Software Update\HPWuSchd2.exe
D:\ARQUIV~1\Grisoft\AVG7\avgcc.exe
D:\WINDOWS\System32\CTHELPER.EXE
D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
D:\WINDOWS\System32\JVM0.exe
D:\WINDOWS\System32\winupdbc.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Programas\Creative\MediaSource\RemoteControl\RCMan.EXE
D:\Programas\HP\Digital Imaging\bin\hpqtra08.exe
D:\Programas\Nikon\PictureProject\NkbMonitor.exe
D:\Programas\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Programas\Alwil Software\Avast4\aswUpdSv.exe
D:\Programas\Alwil Software\Avast4\ashServ.exe
D:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe
D:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe
D:\ARQUIV~1\Grisoft\AVG7\avgemc.exe
D:\WINDOWS\System32\CTSvcCDA.EXE
D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Programas\Alwil Software\Avast4\ashMaiSv.exe
D:\Programas\Alwil Software\Avast4\ashWebSv.exe
D:\Programas\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Arquivos de programas\MSN Messenger\msnmsgr.exe
D:\WINDOWS\System32\ctfmon.exe
D:\WINDOWS\system32\NOTEPAD.EXE
F:\Programas\AntiVirus\HiJackThis_v2.exe
D:\Arquivos de programas\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - D:\Arquivos de programas\Scpad\scpsssh2.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Programas\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WinampAgent] D:\Programas\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] D:\Arquivos de programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Programas\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] D:\Arquivos de programas\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [JVM0] D:\WINDOWS\System32\JVM0.exe
O4 - HKLM\..\Run: [WinUPDbc] D:\WINDOWS\System32\winupdbc.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [RemoteCenter] D:\Programas\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [MsnMsgr] "D:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [svchost] D:\WINDOWS\system32\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\ARQUIV~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programas\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = D:\Programas\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O17 - HKLM\System\CCS\Services\Tcpip\..\{425FE1EF-1A06-480F-8623-D9081F745E44}: NameServer = 200.165.132.154 200.149.55.142
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - D:\Arquivos de programas\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - D:\Arquivos de programas\Scpad\scpLIB.dll
O23 - Service: Adobe LM Service - Adobe Systems - D:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\ARQUIV~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
--
End of file - 7065 bytes
De antemão fico agradecido, e feliz por ser mebro desta comunidade. Parabens pelo profissionalismo.
Aqui esta o informativo a respeito do meu:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 01:17:17, on 16/5/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Programas\PowerISO\PWRISOVM.EXE
D:\Programas\Winamp\winampa.exe
D:\Arquivos de programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Programas\HP\HP Software Update\HPWuSchd2.exe
D:\ARQUIV~1\Grisoft\AVG7\avgcc.exe
D:\WINDOWS\System32\CTHELPER.EXE
D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe
D:\WINDOWS\System32\JVM0.exe
D:\WINDOWS\System32\winupdbc.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Programas\Creative\MediaSource\RemoteControl\RCMan.EXE
D:\Programas\HP\Digital Imaging\bin\hpqtra08.exe
D:\Programas\Nikon\PictureProject\NkbMonitor.exe
D:\Programas\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Programas\Alwil Software\Avast4\aswUpdSv.exe
D:\Programas\Alwil Software\Avast4\ashServ.exe
D:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe
D:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe
D:\ARQUIV~1\Grisoft\AVG7\avgemc.exe
D:\WINDOWS\System32\CTSvcCDA.EXE
D:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\Programas\Alwil Software\Avast4\ashMaiSv.exe
D:\Programas\Alwil Software\Avast4\ashWebSv.exe
D:\Programas\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Arquivos de programas\MSN Messenger\msnmsgr.exe
D:\WINDOWS\System32\ctfmon.exe
D:\WINDOWS\system32\NOTEPAD.EXE
F:\Programas\AntiVirus\HiJackThis_v2.exe
D:\Arquivos de programas\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - D:\Arquivos de programas\Scpad\scpsssh2.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Programas\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WinampAgent] D:\Programas\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATIPTA] D:\Arquivos de programas\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Programas\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG7_CC] D:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] D:\Arquivos de programas\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "D:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [JVM0] D:\WINDOWS\System32\JVM0.exe
O4 - HKLM\..\Run: [WinUPDbc] D:\WINDOWS\System32\winupdbc.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [RemoteCenter] D:\Programas\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [MsnMsgr] "D:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [svchost] D:\WINDOWS\system32\svchost.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] D:\ARQUIV~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programas\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = D:\Programas\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O17 - HKLM\System\CCS\Services\Tcpip\..\{425FE1EF-1A06-480F-8623-D9081F745E44}: NameServer = 200.165.132.154 200.149.55.142
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - D:\Arquivos de programas\Scpad\scpLIB.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - D:\Arquivos de programas\Scpad\scpLIB.dll
O23 - Service: Adobe LM Service - Adobe Systems - D:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programas\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Programas\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - D:\ARQUIV~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
--
End of file - 7065 bytes
De antemão fico agradecido, e feliz por ser mebro desta comunidade. Parabens pelo profissionalismo.
Última edição: