SNK-NeoFighters.com Regras do Fórum

Ajuda Busca Membros Calendário

SNK-NeoFighters Forums -> Pegou Vírus? Spyware? Outros Malwares?

Bem vindo Visitante ( Entrar | Registrar )

SNK-NeoFighters Forums > Informática > Software, Internet & Tecnologia

Esboço · Padrão · [ Linear+ ]

Pegou Vírus? Spyware? Outros Malwares?, Resolva aqui...

Acompanhar este tópico | Enviar este tópico | Imprimir este tópico

X-Яσм	Aug 25 2005, 08:18 PM Post #1
Estágifighter Registrado: 19-August 05 De: XóN PãÚLùXx! Membro nº: 15	Tá com aquele spyware chato? Algum problema com vírus? Nós temos (somos) sua solução! Qualquer erro com o arquivo MSVBVM60.DLL, você precisará instalar o Visual Basic 6 Runtime, baixando aqui. Poste somente aqui, qualquer outro tópico sobre vírus no fórum Área PC (ou em qualquer outro fórum) será DELETADO! HAuahuaHAUhauhaauhauhA! --- 1/12/2005 - updated Procedimentos obrigatórios a se cumprir. 1 - Baixar a versão mais nova do HiJackThis - DOWNLOAD 2 - Configure o Windows para mostrar todos os arquivos: Windows ME e XP » Spoiler (clique) « Iniciar/ Painel de Controle/ Opções de pastas Selecione a aba Modo de exibição Selecione o botão Mostrar pastas e arquivos ocultos Desmarque a caixa Ocultar arquivos protegidos do sistema operacional (recomendado) Clique em OK Windows 98 » Spoiler (clique) « Abra Meu computador Clique em Exibir / Opções de Pasta Selecione a aba Modo de exibição Selecione o botão Mostrar todos os arquivos Clique em OK 3 - Faça um scan online (todos são grátis): Panda Symantec Trend Micro McAfee 4 - Faça um scan com um anti-spyware: AdAware e CWShredder OBS: Execute os dois! 5 - Limpe temporários, cache, cookies, histórico e etc. CCleaner. * Terminado estes procedimentos, execute o HiJackThis, clique em "Do a system scan and save a logfile". Coloquem o HiJackThis numa pasta própria (Ex: C:/HiJackThis). Mande o log, neste tópico. Sempre dê os fixes requiridos em Modo de Segurança** - » Spoiler (clique) « Pressione várias vezes F8, quando o Windows estiver iniciando (segunda tela), se pressionar antes da segunda tela, abrirá a sequência de boot * Requerimentos baseados no Fórum do BABOO. Atenciosamente, X-Rom**.

36 Páginas « < 33 34 35 36 >

Reply to this topic

Start new topic

Respostas(680 - 699)

darklordronnie	Sep 26 2008, 04:46 PM Post #681
Beginner Fighter Registrado: 6-December 07 De: Lubango, Angola Membro nº: 49.047	QUOTE(X-Яσм @ Sep 20 2008, 07:02 PM) Roda o Spybot: Search & Destroy, além de rodar o HJT e postar o log no fórum. O SpyBot nao achou nada Logfile of HijackThis v1.99.1 Scan saved at 20:26:15, on 26-09-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) CODE Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programas\Alwil Software\Avast4\aswUpdSv.exe C:\Programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Programas\Ficheiros comuns\InstallShield\UpdateService\ISUSPM.exe C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe C:\WINDOWS\system32\ctfmon.exe C:\Programas\Stardock\CursorFX\CursorFX.exe C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\WINDOWS\system32\slserv.exe C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Alwil Software\Avast4\ashMaiSv.exe C:\Programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wsivs.exe C:\WINDOWS\system32\wans.exe C:\WINDOWS\system32\wsias.exe C:\WINDOWS\system32\wanrs.exe C:\WINDOWS\system32\wanps.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Convidado\Os meus documentos\Orbitdownloader\Grab.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Programas\Real\RealPlayer\RealPlay.exe C:\Programas\Mozilla Firefox\firefox.exe C:\Documents and Settings\Ronnie Guerra\Os meus documentos\Nova pasta (2)\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programas\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Documents and Settings\Convidado\Os meus documentos\Orbitdownloader\orbitcth.dll O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programas\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programas\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: AbsoluteTransfer module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Programas\AbsoluteTransfer\AbsoluteTransfer.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programas\MegauploadToolbar\megauploadtoolbar.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Programas\Windows Live\Messenger\wlchtc.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O3 - Toolbar: Barra de Ferramentas MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programas\MSN Toolbar\01.01.2607.0\pt-br\msntb.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programas\MegauploadToolbar\megauploadtoolbar.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Documents and Settings\Convidado\Os meus documentos\Orbitdownloader\GrabPro.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programas\MyWebSearch\bar\1.bin\MWSBAR.DLL O4 - HKLM\..\Run: [PadTouch] --C:\Programas\TOSHIBA\Touch and Launch\PadExe.exe O4 - HKLM\..\Run: [CeEKEY] --C:\Programas\TOSHIBA\E-KEY\CeEKey.exe O4 - HKLM\..\Run: [TPNF] --C:\Programas\TOSHIBA\TouchPad\TPTray.exe O4 - HKLM\..\Run: [TOSHIBA Accessibility] --C:\Programas\TOSHIBA\Accessibility\FnKeyHook.exe O4 - HKLM\..\Run: [HWSetup] --C:\Programas\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [SVPWUTIL] --C:\Programas\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [Zooming] --ZoomingHook.exe O4 - HKLM\..\Run: [TCtryIOHook] --TCtrlIOHook.exe O4 - HKLM\..\Run: [TPSMain] --TPSMain.exe O4 - HKLM\..\Run: [SmoothView] --C:\Programas\TOSHIBA\Utilitário de Zooming da TOSHIBA\SmoothView.exe O4 - HKLM\..\Run: [TFncKy] --TFncKy.exe O4 - HKLM\..\Run: [IgfxTray] --C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] --C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [dla] --C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] --C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] --rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Windows Automated Network Service] "C:\WINDOWS\system32\wans.exe" * O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\system32\ctfmona.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Windows Automated Network Routing Service] "C:\WINDOWS\system32\wanrs.exe" * O4 - HKLM\..\Run: [Windows Automated Network Policy Service] "C:\WINDOWS\system32\wanps.exe" * O4 - HKLM\..\Run: [Windows Server IP Authentication Service] "C:\WINDOWS\system32\wsias.exe" * O4 - HKLM\..\Run: [Windows Server IP Verification Service] "C:\WINDOWS\system32\wsivs.exe" * O4 - HKLM\..\Run: [ISUSPM] "C:\Programas\Ficheiros comuns\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [TkBellExe] "C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LogonStudio] "C:\Programas\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Programas\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [WinampAgent] C:\Programas\Winamp\winampa.exe O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [CursorFX] "C:\Programas\Stardock\CursorFX\CursorFX.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programas\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [UIWatcher] C:\Programas\ashampoo\Ashampoo UnInstaller Suite\UIWatcher.exe O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Longhorn Inspirat\YzToolBar\YzToolBar.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJfox000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0\bin\npjpi150.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} (dnlplayer Class) - http://www.digitalwebbooks.com/reader/dbplugin.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - --"C:\Programas\Ficheiros comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing) O23 - Service: InterBase Guardian (InterBaseGuardian) - Unknown owner - --C:\Programas\borland\interbase\bin\ibguard.exe (file missing) O23 - Service: InterBase Server (InterBaseServer) - Unknown owner - --C:\Programas\borland\interbase\bin\ibserver.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - --"C:\Programas\Ficheiros comuns\LightScribe\LSSrvc.exe (file missing) O23 - Service: Machine Debug Manager (MDM) - Unknown owner - --"C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE (file missing) O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe O23 - Service: Office Source Engine (ose) - Unknown owner - --"C:\Programas\Ficheiros comuns\Microsoft Shared\Source Engine\OSE.EXE (file missing) O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: VCL MySQL Database Server - Unknown owner - --"C:\Programas\Chemistry Lab\mysql\bin\mysqld.exe" "VCL MySQL Database Server (file missing) O23 - Service: Windows Automated Network Policy Service (WANPS) - Unknown owner - C:\WINDOWS\system32\wanps.exe O23 - Service: Windows Automated Network Routing Service (WANRS) - Unknown owner - C:\WINDOWS\system32\wanrs.exe O23 - Service: Windows Automated Network Service (WANS) - Unknown owner - C:\WINDOWS\system32\wans.exe O23 - Service: Serviço de Compartilhamento de Rede do Windows Media Player (WMPNetworkSvc) - Unknown owner - --"C:\Programas\Windows Media Player\WMPNetwk.exe (file missing) O23 - Service: Windows Server IP Authentication Service (WSIAS) - Unknown owner - C:\WINDOWS\system32\wsias.exe O23 - Service: Windows Server IP Verification Service (WSIVS) - Unknown owner - C:\WINDOWS\system32\wsivs.exe

X-Яσм	Sep 27 2008, 04:09 AM Post #682
Estágifighter Registrado: 19-August 05 De: XóN PãÚLùXx! Membro nº: 15	R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Programas\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Documents and Settings\Convidado\Os meus documentos\Orbitdownloader\orbitcth.dll O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Programas\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Programas\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: AbsoluteTransfer module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Programas\AbsoluteTransfer\AbsoluteTransfer.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Programas\MyWebSearch\bar\1.bin\MWSBAR.DLL O4 - HKLM\..\Run: [Zooming] --ZoomingHook.exe O4 - HKLM\..\Run: [TCtryIOHook] --TCtrlIOHook.exe O4 - HKLM\..\Run: [TPSMain] --TPSMain.exe O4 - HKLM\..\Run: [TFncKy] --TFncKy.exe O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\system32\ctfmona.exe O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF Unknown O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZJfox000 O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - Fixe estes acima. Vocês conhece estes serviços abaixo que rodam na sua máquina. O23 - Service: Windows Automated Network Policy Service (WANPS) - Unknown owner - C:\WINDOWS\system32\wanps.exe O23 - Service: Windows Automated Network Routing Service (WANRS) - Unknown owner - C:\WINDOWS\system32\wanrs.exe O23 - Service: Windows Automated Network Service (WANS) - Unknown owner - C:\WINDOWS\system32\wans.exe Se não conhecer, fixe.

darklordronnie	Sep 27 2008, 10:46 AM Post #683
Beginner Fighter Registrado: 6-December 07 De: Lubango, Angola Membro nº: 49.047	QUOTE Vocês conhece estes serviços abaixo que rodam na sua máquina. O23 - Service: Windows Automated Network Policy Service (WANPS) - Unknown owner - C:\WINDOWS\system32\wanps.exe O23 - Service: Windows Automated Network Routing Service (WANRS) - Unknown owner - C:\WINDOWS\system32\wanrs.exe O23 - Service: Windows Automated Network Service (WANS) - Unknown owner - C:\WINDOWS\system32\wans.exe Se não conhecer, fixe. Esses serviços ja estavam antes de ser infectado

X-Яσм	Sep 27 2008, 11:24 AM Post #684
Estágifighter Registrado: 19-August 05 De: XóN PãÚLùXx! Membro nº: 15	QUOTE(darklordronnie @ Sep 27 2008, 10:46 AM) Esses serviços ja estavam antes de ser infectado então, devem ser do proprio sistema. fixe aquelas entradas, passa um spybot e faz um novo scan pra verificação.

souzarc	Sep 29 2008, 05:44 PM Post #685
Trainee Fighter Registrado: 2-September 05 Membro nº: 1.477	Logfile of HijackThis v1.99.1 Scan saved at 17:40:10, on 29/9/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HijackThis\HijackThis.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{8CF7ABF3-F42D-4D8F-BCEB-A82865A886F2}: NameServer = 200.165.132.155 200.149.55.140 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe Bom galera, pra explicar o problema logo, eh que eu tava feliz ontem jogando meus jogos no Pc ( Fable e RF online) ai hoje quando vou jogar, antes de abrir o jogo diz isso: A problem occurred initializing DirectDraw. Hardware acceleration may be disabled, please run DXDIAG. Quando abro o DXDIAG e vou na aba display verificar o Directdraw acceleration e o Direct 3D estão ativados, o butão aparece transparente, e portanto não da pra ativar! Vi muitas pessoas com esse mesmo problema, mas não to achando a solução obs: Ja estou com o Direct X 9.0c

X-Яσм	Sep 29 2008, 11:16 PM Post #686
Estágifighter Registrado: 19-August 05 De: XóN PãÚLùXx! Membro nº: 15	log tá normal. você tem que ver as configurações de sua placa da video e configurações de monitor, verificando se a aceleração está realmente ativada.

mephistopheles	Oct 23 2008, 07:36 AM Post #687
Beginner Fighter Registrado: 10-September 05 Membro nº: 2.107	Ainda não to com virus mas to com uma duvida qnt ao nodlogin ele e um virus ou so é detectado pelo antivirus por ser uma especie de crack ou parecido?

X-Яσм	Oct 23 2008, 11:11 PM Post #688
Estágifighter Registrado: 19-August 05 De: XóN PãÚLùXx! Membro nº: 15	QUOTE(mephistopheles @ Oct 23 2008, 07:36 AM) Ainda não to com virus mas to com uma duvida qnt ao nodlogin ele e um virus ou so é detectado pelo antivirus por ser uma especie de crack ou parecido? fica dificil deduzir. o nodlogin dizem que o nod32 reconhece como virus. mas é 'normal' poréeeem... num confio muito. pode ser q tenha dentro do exe um virus de fato.

Kyo	Nov 27 2008, 05:38 PM Post #689
Next Clip Next Single Registrado: 23-August 05 Membro nº: 615	Logfile of HijackThis v1.99.1 Scan saved at 18:35:12, on 28/11/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\frmwrk32.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\portables\Firefox\FirefoxPortable.exe C:\Arquivos de programas\portables\Firefox\App\firefox\firefox.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\rundll32.exe C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.snk-neofighters.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = [Windows XPhoeNiX] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe O4 - HKLM\..\Run: [SpywareCleaner] C:\WINDOWS\system32\SpywareRemover.exe O4 - HKLM\..\Run: [bcf0ce22] rundll32.exe "C:\WINDOWS\system32\ccwwblwf.dll",b O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Documents and Settings\jnt\Meus documentos\Downloads\Spy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Documents and Settings\jnt\Meus documentos\Downloads\Spy\SpybotSD.exe" /autocheck O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [kava] C:\WINDOWS\system32\kavo.exe O4 - HKCU\..\Run: [tava] C:\WINDOWS\system32\tavo.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O11 - Options group: [TABS] Tabbed Browsing O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1226389613437 O17 - HKLM\System\CCS\Services\Tcpip\..\{5B6A1ECA-670E-4F6E-AE7E-5018CD110C8E}: NameServer = 200.204.0.10 200.204.0.138 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - AppInit_DLLs: ssqdzt.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll HELP man

Kyo	Nov 27 2008, 07:42 PM Post #690
Next Clip Next Single Registrado: 23-August 05 Membro nº: 615	peguei um spy chato! fika toda hra mudando o papel de parede e abrindo a IE =[ o log esta acima alguem ai da um help!! para ieU!

X-Яσм	Nov 28 2008, 11:06 PM Post #691
Estágifighter Registrado: 19-August 05 De: XóN PãÚLùXx! Membro nº: 15	fix! O4 - HKCU\..\Run: [tava] C:\WINDOWS\system32\tavo.exe O4 - HKCU\..\Run: [kava] C:\WINDOWS\system32\kavo.exe O4 - HKLM\..\Run: [SpywareCleaner] C:\WINDOWS\system32\SpywareRemover.exe O4 - HKLM\..\Run: [bcf0ce22] rundll32.exe "C:\WINDOWS\system32\ccwwblwf.dll",b C:\WINDOWS\system32\frmwrk32.exe O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe O20 - AppInit_DLLs: ssqdzt.dll

ClarkKent	Dec 6 2008, 04:09 PM Post #692
Homem de aço - Categoria Super S Registrado: 21-August 05 Membro nº: 151	Logfile of HijackThis v1.99.1 Scan saved at 17:08:34, on 06/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Messenger\msmsgs.exe C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\cmpe.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe D:\BACKUP\Downloads2\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://c;/ R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Arquivos de programas\TechSmith\SnagIt 9\SnagItBHO.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [desp2k] C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" -autorun O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: SnagIt 9.lnk = C:\Arquivos de programas\TechSmith\SnagIt 9\SnagIt32.exe O8 - Extra context menu item: &Download with &DAP - C:\ARQUIV~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\ARQUIV~1\DAP\dapextie2.htm O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Sothink SWF Catcher - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\ARQUIV~1\DAP\DAP.EXE O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Arquivos de programas\Arquivos comuns\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{218F0CF1-C523-4A44-9EB2-A38F44C4E824}: NameServer = 200.165.132.147 200.149.55.140 O17 - HKLM\System\CS2\Services\Tcpip\..\{218F0CF1-C523-4A44-9EB2-A38F44C4E824}: NameServer = 200.165.132.147 200.149.55.140 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Context Manager Process Extension (cmpe) - LightComm - C:\WINDOWS\system32\cmpe.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe Dá uma olhada pra mim X-Яσм

X-Яσм	Dec 6 2008, 11:11 PM Post #693
Estágifighter Registrado: 19-August 05 De: XóN PãÚLùXx! Membro nº: 15	ah, seu log tá limpo. você tá com algum problema ?

ClarkKent	Dec 8 2008, 06:27 PM Post #694
Homem de aço - Categoria Super S Registrado: 21-August 05 Membro nº: 151	QUOTE(X-Яσм @ Dec 7 2008, 12:11 AM) ah, seu log tá limpo. você tá com algum problema ? Sim, tô com um problema chato pra caramba. Toda vez que eu vou desligar o meu computador eu faço o de sempre, vou no menu iniciar, desligar o computador, mas não aparece a parte onde tem o botão pra desativar e o computador fica meio que travado como se estivesse tentando carregar e a única coisa que eu posso realmente fazer nessa hora é desligar o computador (porque nessa hora não dá pra fazer mais nada) apertando CTRL+ALT+DEL e ir no menu desligar e desativar. Depois disso fica aquela tela do windows está sendo desligado por uns 15 minutos até desligar Se o computador ficar uns 20 minutos mais ou menos esse problema não ocorre, e eu desligo depois de horas utilizando o computador. Você tem alguma idéia do que está ocorrendo?

X-Яσм	Dec 8 2008, 09:59 PM Post #695
Estágifighter Registrado: 19-August 05 De: XóN PãÚLùXx! Membro nº: 15	QUOTE(ClarkKent @ Dec 8 2008, 06:27 PM) Sim, tô com um problema chato pra caramba. Toda vez que eu vou desligar o meu computador eu faço o de sempre, vou no menu iniciar, desligar o computador, mas não aparece a parte onde tem o botão pra desativar e o computador fica meio que travado como se estivesse tentando carregar e a única coisa que eu posso realmente fazer nessa hora é desligar o computador (porque nessa hora não dá pra fazer mais nada) apertando CTRL+ALT+DEL e ir no menu desligar e desativar. Depois disso fica aquela tela do windows está sendo desligado por uns 15 minutos até desligar Se o computador ficar uns 20 minutos mais ou menos esse problema não ocorre, e eu desligo depois de horas utilizando o computador. Você tem alguma idéia do que está ocorrendo? tenta limpar/desfragmentar o registro com o tuneup utilities

ClarkKent	Dec 10 2008, 06:34 PM Post #696
Homem de aço - Categoria Super S Registrado: 21-August 05 Membro nº: 151	QUOTE(X-Яσм @ Dec 8 2008, 10:59 PM) tenta limpar/desfragmentar o registro com o tuneup utilities Bom programa esse, tentei mas infelizmente não deu certo. Acho que vou reinstalar o windows pra ver se dá certo.

Dalcy	Dec 14 2008, 04:45 PM Post #697
Trainee Fighter Registrado: 17-November 05 De: Endsville Membro nº: 3.742	Logfile of HijackThis v1.99.1 Scan saved at 16:42:56, on 14/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20627) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\Arquivos de programas\Internet Explorer\iexplore.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Arquivos de programas\Raxco\PerfectDisk\PDAgent.exe C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Documents and Settings\Dalcy\Meus documentos\instaladores\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [CAMP SHIM EXIT HECK] C:\Documents and Settings\All Users\Dados de aplicativos\That Face Camp Shim\Surf option.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\kamsoft.exe O4 - HKCU\..\Run: [grid shim] C:\DOCUME~1\Dalcy\DADOSD~1\OWNSME~1\16PeakGrey.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\arquivos de programas\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O11 - Options group: [TABS] Tabbed Browsing O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{D0F610EF-B0D7-46D1-97B1-37DB3B33B7AE}: NameServer = 200.222.0.34,200.253.244.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{D95DC4E8-6ED9-48E3-8DF5-B43F5C81AF0C}: NameServer = 200.165.132.155 200.149.55.140 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Arquivos de programas\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Arquivos de programas\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe ai ta aparecendo uns spans do nada... e agora minhas leitoras de dvd e cd n pega