Boot ini:
[boot loader]
timeout=30
Default= multi(0)disk(0)rdisk(0)partition(1)\windows
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\windows="Windows XP"
Logfile of HijackThis v1.99.1
Scan saved at 13:17:45, on 20-08-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\Documents and Settings\All Users\Documentos\HijackThis.exe
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: (no name) - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - (no file)
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Arquivos de programas\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [DIAG_APP_NAME1] "C:\Arquivos de programas\COMPANY_NAME\F
OLDER_NAME\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\WINDOWS\Dragdiag.exe" /icon
O4 - HKCU\..\Run: [FAST Defrag] C:\ARQUIV~1\FASTDE~1\FAST2.EXE -tray
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Eoeq] C:\WINDOWS\System32\??stem32\winword.exe
O4 - Startup: YPOPs.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download ALL with IDA - C:\Arquivos de programas\IDA\idaieall.htm
O8 - Extra context menu item: Download with IDA - C:\Arquivos de programas\IDA\idaie.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Arquivos de programas\IDA\ida.exe
O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Arquivos de programas\IDA\ida.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\MSMSGS.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=&
http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.sapo.pt/
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} -
http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) -
http://autos.msn.com/components/ocx/exterior/Outside.cab
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} (CTAdjust Class) -
http://www.musica.gulbenkian.pt/template/fonts/clearadj.cab
O16 - DPF: {E6BC0B38-2BDD-11D4-815E-006097385FF5} (TranderX Control) -
http://www.inverline.com/trander/WebTrander.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F8A095C-651A-4245-B842-A9A556E3DA3B}: NameServer = 192.168.0.1
O20 - AppInit_DLLs: rainit.dll
O21 - SSODL: Java Web Start - {98763210-127C-F1C6-8F19-A6B58A80F34A} - c:\arquivos de programas\java web start\wngbd32.dll (file missing)
O23 - Service: Iomega App Services - Iomega Corporation - C:\ARQUIV~1\Iomega\System32\AppServices.exe
O23 - Service: kavsvc - Unknown owner - C:\Arquivos de programas\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe (file missing)
O23 - Service: svchost.exe (moto) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)
O23 - Service: SmartLinkService (SLService) - - C:\windows\SYSTEM32\slserv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Arquivos de programas\TGTSoft\StyleXP\StyleXPService.exe