Ir para conteúdo
Fórum CódigoFonte.net

celosurfista

Membros
  • Total de itens

    1
  • Registro em

  • Última visita

  1. celosurfista

    Problemas com cavalo de troia

    Boa tarde!!! Desculpe a ignorancia e idiotice nas perguntas!!!! Estou com 18 cavalos de troia em meu PC, e posso perder minha monografia inteira. Andei visualizando o site e forum de vocëS e baixei o programa hijack: Realizei a utilizaçao do mesmo e gerou um tal de log, uma pasta de texto contendo isso abaixo; Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:54:05, on 31/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe C:\WINDOWS\system32\frmwrk32.exe C:\Arquivos de programas\Fighters\spywarefighter\SpywarefighterUser.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe C:\Arquivos de programas\Samsung\Digimax Viewer 2.0\STImgBrowser.exe C:\Arquivos de programas\Norton AntiVirus\navapsvc.exe C:\Arquivos de programas\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\HPZipm12.exe C:\Arquivos de programas\Fighters\configservice.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe C:\Arquivos de programas\Fighters\licenseservice.exe C:\Arquivos de programas\Fighters\updateservice.exe C:\Arquivos de programas\Fighters\ScannerService.exe c:\arquivos de programas\fighters\spywarefighter\SPYWAREfighterTray.exe C:\WINDOWS\system32\wscntfy.exe C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE C:\ARQUIV~1\WINZIP\winzip32.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Arquivos de programas\Messenger\msmsgs.exe C:\hijack\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Arquivos de programas\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ccApp] C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [ccRegVfy] C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccRegVfy.exe O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe O4 - HKLM\..\Run: [spywarefighterguard] C:\Arquivos de programas\Fighters\spywarefighter\SpywarefighterUser.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Digimax Viewer 2.0.lnk = ? O4 - Global Startup: HPZRCV01.LNK = C:\Arquivos de programas\HP\Temp\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzrcv01.exe O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Arquivos de programas\WinZip\WZQKPICK.EXE O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\docume~1\mm\config~1\temp\ntdll64.dll O10 - Unknown file in Winsock LSP: c:\docume~1\mm\config~1\temp\ntdll64.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/f...etup1.0.1.0.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1121273591671 O20 - AppInit_DLLs: brtnbk.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccPwdSvc.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Arquivos de programas\Norton AntiVirus\navapsvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: PTK License-FIGHTERS-1800350877 - SPAMfighter - C:\Arquivos de programas\Fighters\licenseservice.exe O23 - Service: PTK Live Update-FIGHTERS-1800350877 - SPAMfighter - C:\Arquivos de programas\Fighters\updateservice.exe O23 - Service: PTK Scanner-FIGHTERS-1800350877 - SPAMfighter - C:\Arquivos de programas\Fighters\ScannerService.exe O23 - Service: PTK SharedAccess-FIGHTERS-1800350877 - SPAMfighter - C:\Arquivos de programas\Fighters\configservice.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Center\SymWSC.exe -- End of file - 6572 bytes POR FAVOR SE POSSIVEL PODERIAM ANALIZAR E ME DIZER O QUE FAZER APÓS ISSO ATT CELOSURFISTA
×