My Pastes
Public Pastes
Layout Width
Share Pastebin
Guest
Public paste!

magdaaaa

By: a guest | Mar 13th, 2010 | Syntax: None | Size: 10.34 KB | Hits: 73 | Expires: Never
Download | Raw | Embed | Report abuse
Copy text to clipboard
  1. Logfile of Trend Micro HijackThis v2.0.2
  2. Scan saved at 20:09:03, on 13/3/2010
  3. Platform: Windows XP SP3 (WinNT 5.01.2600)
  4. MSIE: Internet Explorer v8.00 (8.00.6001.18702)
  5. Boot mode: Normal
  6.  
  7. Running processes:
  8. C:\WINDOWS\System32\smss.exe
  9. C:\WINDOWS\system32\winlogon.exe
  10. C:\WINDOWS\system32\services.exe
  11. C:\WINDOWS\system32\lsass.exe
  12. C:\WINDOWS\system32\svchost.exe
  13. C:\WINDOWS\System32\svchost.exe
  14. C:\WINDOWS\Explorer.exe
  15. C:\WINDOWS\system32\spoolsv.exe
  16. C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
  17. C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
  18. C:\Arquivos de programas\Java\jre6\bin\jqs.exe
  19. C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
  20. C:\WINDOWS\system32\HPZipm12.exe
  21. C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe
  22. C:\WINDOWS\system32\svchost.exe
  23. C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe
  24. C:\Arquivos de programas\Nero\Nero 7\InCD\InCD.exe
  25. C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe
  26. C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe
  27. C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
  28. C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
  29. C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
  30. C:\WINDOWS\system32\ctfmon.exe
  31. C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  32. C:\Arquivos de programas\Messenger\msmsgs.exe
  33. C:\Arquivos de programas\Skype\Phone\Skype.exe
  34. C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe
  35. C:\Arquivos de programas\RALINK\Common\RaUI.exe
  36. C:\Arquivos de programas\WinZip\WZQKPICK.EXE
  37. C:\Arquivos de programas\Windows Media Player\wmplayer.exe
  38. C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe
  39. C:\WINDOWS\system32\wuauclt.exe
  40. C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
  41. C:\Arquivos de programas\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
  42. C:\Arquivos de programas\Skype\Plugin Manager\skypePM.exe
  43. C:\Arquivos de programas\Mozilla Firefox\firefox.exe
  44. C:\Documents and Settings\Usuario\Meus documentos\Downloads\HijackThis.exe
  45.  
  46. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
  47. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  48. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  49. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  50. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  51. R3 - URLSearchHook: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Arquivos de programas\Messenger_Plus_Live\tbMess.dll (file missing)
  52. F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\WinSit.exe
  53. F3 - REG:win.ini: load=C:\WINDOWS\inf\Other.exe
  54. F3 - REG:win.ini: run=C:\WINDOWS\system32\config\Win.exe
  55. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  56. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
  57. O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  58. O2 - BHO: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Arquivos de programas\Messenger_Plus_Live\tbMess.dll (file missing)
  59. O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
  60. O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  61. O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
  62. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
  63. O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
  64. O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll
  65. O3 - Toolbar: Messenger Plus Live Toolbar - {9b339f6e-ddcd-401b-8764-230adbd01761} - C:\Arquivos de programas\Messenger_Plus_Live\tbMess.dll (file missing)
  66. O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe
  67. O4 - HKLM\..\Run: [SecurDisc] C:\Arquivos de programas\Nero\Nero 7\InCD\NBHGui.exe
  68. O4 - HKLM\..\Run: [InCD] C:\Arquivos de programas\Nero\Nero 7\InCD\InCD.exe
  69. O4 - HKLM\..\Run: [Smapp] C:\Arquivos de programas\Analog Devices\SoundMAX\SMTray.exe
  70. O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe" /hide /waitservice
  71. O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
  72. O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  73. O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
  74. O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe
  75. O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
  76. O4 - HKLM\..\Run: [Flashy Bot] C:\WINDOWS\system32\Flashy.exe
  77. O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
  78. O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
  79. O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
  80. O4 - HKCU\..\Run: [AdobeUpdater6] "C:\Arquivos de programas\Arquivos comuns\Adobe\Updater6\Adobe_Updater.exe"
  81. O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
  82. O4 - HKCU\..\Run: [Skype] "C:\Arquivos de programas\Skype\Phone\Skype.exe" /nosplash /minimized
  83. O4 - HKCU\..\Run: [dc2k5] C:\WINDOWS\SVIQ.EXE
  84. O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
  85. O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
  86. O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
  87. O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
  88. O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe
  89. O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Arquivos de programas\RALINK\Common\RaUI.exe
  90. O4 - Global Startup: WinZip Quick Pick.lnk = C:\Arquivos de programas\WinZip\WZQKPICK.EXE
  91. O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  92. O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
  93. O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  94. O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  95. O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  96. O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  97. O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
  98. O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
  99. O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
  100. O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
  101. O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264714242375
  102. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  103. O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
  104. O17 - HKLM\System\CCS\Services\Tcpip\..\{040795BA-C96A-42A8-BAAD-0093A649B27E}: NameServer = 200.175.182.139,200.175.5.139
  105. O17 - HKLM\System\CS1\Services\Tcpip\..\{040795BA-C96A-42A8-BAAD-0093A649B27E}: NameServer = 200.175.182.139,200.175.5.139
  106. O17 - HKLM\System\CS2\Services\Tcpip\..\{040795BA-C96A-42A8-BAAD-0093A649B27E}: NameServer = 200.175.182.139,200.175.5.139
  107. O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  108. O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
  109. O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\EHttpSrv.exe
  110. O23 - Service: Eset Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
  111. O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
  112. O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
  113. O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
  114. O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
  115. O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
  116. O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
  117. O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
  118. O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe
  119.  
  120. --
  121. End of file - 10589 bytes
create new paste | create new version of this paste RAW Paste Data