Ir para conteúdo
Fórum Script Brasil

^Â^njo

Membros
 Perfil  Explorar Conteúdo

  • Total de itens

    24

  • Registro em

  • Última visita

 Tipo de Conteúdo 

Tudo que ^Â^njo postou

  1. ^Â^njo
    Baixei uns videos e turorias na internet e no terceiro dia em diante as compilação não éra mais executadas, alguém poderia me ajudar? Abaixo esta um print com os comando e erros compilados...
  2. ^Â^njo

    Internet movel

    um tópico no fórum postou ^Â^njo Outros Assuntos

    Gostaria de saber se a internet movel do celular oferece as mesmas condições da convencional?
  3. ^Â^njo
    estarei conectado atravez da promoção ou sera cobrado uma taxa extra?
  4. ^Â^njo
    com a nova promoção da tim infiniti pre +25 consigo conectar a internet por apenas 50 centavo o dia, e me surgiu a curiosidade, se tem como usar essa internet no meu noutbook? alguém saberia me informa?
  5. ^Â^njo
    oque voces fazem quano encontra a textura certa, porem esta na cor errada?
  6. ^Â^njo
    obrigado voces me ajudaram é exatamente uma das cois q eu procurava...
  7. ^Â^njo

    Da somente um erro.

    uma questão postou ^Â^njo Java

    Um trabalho onde da um erro de compilação, alguém pode ajudar? --------------------Configuration: <Default>-------------------- E:\trabalho\PizzariaLuciano.java:5: PizzariaLuciano is not abstract and does not override abstract method actionPerformed(java.awt.event.ActionEvent) in java.awt.event.ActionListener public class PizzariaLuciano extends JFrame implements ActionListener { ^ Note: E:\trabalho\PizzariaLuciano.java uses or overrides a deprecated API. Note: Recompile with -Xlint:deprecation for details. 1 error Process completed. --------------------programa-------------------- import java.awt.*; import java.awt.event.*; import javax.swing.*; public class PizzariaLuciano extends JFrame implements ActionListener { JMenuBar Menu; JMenu mnPizzas, mnBebidas;// barra menu JMenu mnSalgado, mnDoce; // meus de pizzas JMenuItem miCalabresa, miMussarela, miPortuguesa, miTarantela; //Menu Item Pizzas salgadas JMenuItem miBrigadeiro, miChocolate, miSorvete; // Menu Item de Pizzas Doces JMenu mnRefri, mnCervejas, mnDestilados, mnSuco, mnAgua, mnLeite;// menu de bebidas JMenuItem miFanta, miCocaCola; // Menu Item Refri JMenuItem miSkol, miBrahma; // Menu Item Cerveja JMenuItem mi51, miVelhoBarrero; // Menu Item Destilados JMenuItem miLaranja, miAcerola; // Menu Item Suco (Agua) JMenuItem miManga, miLimão; // Menu Item Suco (Leite) JMenu mnSair; // Opçõ sair JTextArea Pedidos;//área de visualização dos pedidos String Pedido; String s = ""; public static void main(String args[]) { JFrame Janela = new PizzariaLuciano(); Janela.show(); } PizzariaLuciano() { setTitle("Pizaria Luciano"); setSize(400,500); setLocationRelativeTo(null); //centraliza a janela setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); //trata o fechamento da janela Pedidos = new JTextArea(); Pedidos.setDisabledTextColor(Color.black); //se texto desabilitado cor preta Pedidos.setEnabled(false); //desabilita a edição do texto Menu = new JMenuBar(); mnPizzas = new JMenu("Pizzas"); mnBebidas = new JMenu("Bebidas"); mnSalgado = new JMenu("Salgado"); mnDoce = new JMenu("Doce"); mnRefri = new JMenu("Refrigernate"); mnCervejas = new JMenu("Cerveja"); mnDestilados = new JMenu("Destilados"); mnSuco = new JMenu("Suco"); mnAgua = new JMenu("Agua"); mnLeite = new JMenu("Leite"); mnSair = new JMenu("Sair"); miCalabresa = new JMenuItem("Calabresa"); miMussarela = new JMenuItem("Mussarela"); miPortuguesa = new JMenuItem("Portuguesa"); miTarantela = new JMenuItem("Tarantela"); miBrigadeiro = new JMenuItem("Brigadeiro"); miChocolate = new JMenuItem("Chocolate"); miSorvete = new JMenuItem("Sorvete"); miFanta = new JMenuItem("Fanta"); miCocaCola = new JMenuItem("Coca-Cola"); miSkol = new JMenuItem("Skol"); miBrahma = new JMenuItem("Brahma"); mi51 = new JMenuItem("51"); miVelhoBarrero = new JMenuItem("Velho-Barreiro"); miLaranja = new JMenuItem("Laranja"); miAcerola = new JMenuItem("Acerola"); miManga = new JMenuItem("Manga"); miLimão = new JMenuItem("Limão"); miCalabresa.addActionListener(this); miPortuguesa.addActionListener(this); miTarantela.addActionListener(this); miMussarela.addActionListener(this); miBrigadeiro.addActionListener(this); miChocolate.addActionListener(this); miSorvete.addActionListener(this); miFanta.addActionListener(this); miCocaCola.addActionListener(this); miSkol.addActionListener(this); miBrahma.addActionListener(this); mi51.addActionListener(this); miVelhoBarrero.addActionListener(this); miLaranja.addActionListener(this); miAcerola.addActionListener(this); miManga.addActionListener(this); miLimão.addActionListener(this); Menu.add(mnPizzas); //Menu Pizzas Menu.add(mnBebidas); // menu Bebias Menu.add(mnSair); // Opção sair setJMenuBar(Menu);//Criando a barra de menus. getContentPane().add(Pedidos);//adiciona JTextArea(Pedidos) á janela mnPizzas.add(mnSalgado); mnDoce.add(miCalabresa); mnDoce.add(miMussarela); mnDoce.add(miPortuguesa); mnDoce.add(miTarantela); mnPizzas.add(mnDoce); mnDoce.add(miBrigadeiro); mnDoce.add(miChocolate); mnDoce.add(miSorvete); mnBebidas.add(mnRefri); mnRefri.add(miFanta); mnRefri.add(miCocaCola); mnBebidas.add(mnCervejas); mnCervejas.add(miSkol); mnCervejas.add(miBrahma); mnBebidas.add(mnDestilados); mnDestilados.add(mi51); mnDestilados.add(miVelhoBarrero); mnBebidas.add(mnSuco); mnSuco.add(mnAgua); mnAgua.add(miLaranja); mnAgua.add(miAcerola); mnSuco.add(mnLeite); mnLeite.add(miManga); mnLeite.add(miLimão); } }
  8. ^Â^njo
    erro
  9. ^Â^njo
    deixa eu ver se eu entendi, me corriga se eu estiver errado ok. uso um modem e um suwit, então o servido so fornece um endereco IP, que é exatamente o modem q o recebe, então não dar para ter mais de um IP, nem mesmo pelo modo dynamic IP? falei merd ou esta certo? desculpe se estiver errado, mas mesmo assim meus muiiiito obrigado pela sua atencao.....
  10. ^Â^njo
    Bom tenho uma rede com 3 desktop e 1 notebook, gostaria de saber como faco para poder cria uma rede com enderecos IP diferente para cada desktop. Motivo existe um site que indentifica o endereco IP, e sempre q eu ou o meu irmao entra ao mesmo tempo, ele não aceita, e diz a mensagem que já existe um outro computador com esse endereco, ou ate mesmo quando ele entra de manha e euvo entra anoite, aparece um aviso dizendo que não posso entra, pois o meu irmao de manha já tinha entrado....
  11. ^Â^njo
    to com um problema, nehuma web cam instala, já tentei 3 tipos mas não funciona, esse problema comeco depois que eu instalei esse ultimo windows com 30 aplicativos a mais, toda vez que entro no gerenciado de dispositivo, consta que o driver USB device náo esta atualizado ou não esta instalado, mas já baixei variso driver e usei ate mesmo o cd de instalacao e mesmo assim não instala, oque eu devo fazer?
  12. ^Â^njo
    eu me refiro a meteria que tenho na faculdade, "estrutura de dados" porem tenho muiiita dificuldade, ela ensina cria programas primeiro em um portugues estruturado e depois agente passa para linguagem de programação....
  13. ^Â^njo

    notebook e curso

    tópico respondeu ao Ariaque de ^Â^njo em Outros Assuntos

    Olá eu tambem estou procurando um notbook para compra, e sei que os da positivo realmente não prestam.... entre no site da dell e veja uns modelos, também pode compra preços nos site www.magazineluiza.com.br www.pontofrio.com.br e www.extra.com.br, todos esses site exixte modelos, de uma comparada, espero ter ajudado um abraço.
  14. ^Â^njo
    Existi algum forum que ajuda a tira duvidas sobre estrutura de dados? estou iniciando essa materia na faculdade, mas estou tendo muiiiiita dificuldades......
  15. ^Â^njo
    o computado esta legal agora, fico muiiito bom, muiito obrigado pela ajuda...
  16. ^Â^njo
    Meu windows XP quando ligo, ele inicia com 34 processos, como faço pra o windows iniciar com um numero de processos menor? quais são os processos q posso eliminar? e quais os que não devo nem mexer?
  17. ^Â^njo
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:33:19, on 08/06/08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\mnmsrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\ARQUIV~1\AVG\AVG8\avgrsx.exe C:\ARQUIV~1\AVG\AVG8\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmon.exe C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\ARQUIV~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.exe C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.BIN C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [Media Codec Update Service] C:\Arquivos de programas\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: BrOffice.org 2.3.lnk = C:\Arquivos de programas\BrOffice.org 2.3\program\quickstart.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{68349F0F-15BB-4692-A3C9-EEB94F7AE479}: NameServer = 200.204.0.10,200.204.0.138 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE -- End of file - 5541 bytes
  18. ^Â^njo
  19. ^Â^njo
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:09:27, on 31/05/08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\mnmsrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\ARQUIV~1\AVG\AVG8\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\AVG\AVG8\avgrsx.exe C:\Arquivos de programas\AVG\AVG8\avgrsx.exe C:\WINDOWS\explorer.exe C:\ARQUIV~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [Media Codec Update Service] C:\Arquivos de programas\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [wscntfy] C:\WINDOWS\system\wscntfy.exe O4 - HKLM\..\RunOnce: [!CleanupNetMeetingDispDriver] "C:\WINDOWS\system32\rundll32.exe" msconf.dll,CleanupNetMeetingDispDriver 0 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: BrOffice.org 2.3.lnk = C:\Arquivos de programas\BrOffice.org 2.3\program\quickstart.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{68349F0F-15BB-4692-A3C9-EEB94F7AE479}: NameServer = 200.204.0.10,200.204.0.138 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE -- End of file - 5326 bytes __________________________________________________________________________________________ ComboFix 08-05-27.4 - Luciano 2008-05-31 10:52:26.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.252 [GMT -3:00] Executando de: C:\Documents and Settings\Luciano\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Luciano\Desktop\CFScript.txt..txt * Criado um novo ponto de restauro WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\system\ctfmon.exe . ((((((((((((((((((((((((((((((((((((( Outras Exclusäes ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system\ctfmon.exe C:\WINDOWS\system32\logs C:\WINDOWS\system32\sounds . ((((((((((((((((((((((( Ficheiros criados de 2008-04-28 to 2008-05-31 )))))))))))))))))))))))))))))))) . 2008-05-28 12:33 . 2008-05-28 20:05 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Configurações locais 2008-05-28 12:33 . 2008-05-28 20:05 <DIR> d-------- C:\Documents and Settings\NetworkService\Configurações locais 2008-05-28 12:33 . 2008-05-28 20:05 <DIR> d-------- C:\Documents and Settings\Luciano\Configurações locais 2008-05-28 12:33 . 2008-05-28 20:05 <DIR> d-------- C:\Documents and Settings\LocalService\Configurações locais 2008-05-26 15:20 . 2008-05-26 15:20 <DIR> d-------- C:\Arquivos de programas\Trend Micro 2008-05-25 13:48 . 2008-05-29 12:53 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-05-25 13:34 . 2008-05-25 13:23 691,545 --a------ C:\WINDOWS\unins000.exe 2008-05-25 13:34 . 2008-05-25 13:34 2,555 --a------ C:\WINDOWS\unins000.dat 2008-05-25 13:32 . 2008-05-30 17:24 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-05-25 13:32 . 2008-05-28 12:59 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\avg8 2008-05-25 13:32 . 2008-05-25 13:32 <DIR> d-------- C:\Arquivos de programas\AVG 2008-05-25 13:32 . 2008-05-25 13:32 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-05-25 13:32 . 2008-05-25 13:32 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-05-25 13:32 . 2008-05-25 13:32 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-05-14 00:36 . 2008-05-14 00:36 <DIR> d-------- C:\Documents and Settings\Luciano\Dados de aplicativos\pdf995 2008-05-14 00:36 . 2008-05-14 00:36 28 --a------ C:\WINDOWS\pdf995.ini 2008-04-20 11:19 . 2008-04-20 15:23 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help 2008-04-19 11:14 . 2001-09-05 23:20 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-04-19 11:14 . 2001-09-05 23:20 12,288 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys 2008-04-19 11:14 . 2001-08-17 22:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2008-04-19 11:14 . 2001-08-17 22:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys 2008-04-19 10:22 . 2008-04-19 10:22 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\Adobe 2008-04-14 23:54 . 2008-05-26 21:33 <DIR> d-------- C:\Arquivos de programas\Acro Software 2008-04-14 23:48 . 2008-05-14 00:37 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\pdf995 2008-04-14 23:48 . 2008-04-14 23:54 <DIR> d-------- C:\Arquivos de programas\pdf995 2008-04-14 23:48 . 2008-05-14 00:32 249,856 --a------ C:\WINDOWS\system32\pdfmona.dll 2008-04-14 23:48 . 2008-05-14 00:32 51,716 --a------ C:\WINDOWS\system32\pdf995mon.dll 2008-04-14 23:48 . 2008-05-14 00:37 59 --a------ C:\WINDOWS\wpd99.drv 2008-04-11 19:53 . 2008-04-11 19:53 18 --a------ C:\WINDOWS\system\dxmas.sys 2008-04-08 15:16 . 2008-03-01 10:02 6,066,176 --a------ C:\WINDOWS\system32\SET10F.tmp 2008-04-08 15:16 . 2008-03-01 10:02 1,159,680 --a------ C:\WINDOWS\system32\SETFF.tmp 2008-04-08 15:16 . 2008-03-01 10:02 826,368 --a------ C:\WINDOWS\system32\SETFD.tmp 2008-04-08 15:16 . 2008-03-01 10:02 459,264 --a------ C:\WINDOWS\system32\SET109.tmp 2008-04-08 15:16 . 2008-03-01 10:02 383,488 --a------ C:\WINDOWS\system32\SET111.tmp 2008-04-08 15:16 . 2008-03-01 10:02 267,776 --a------ C:\WINDOWS\system32\SET10D.tmp 2008-04-08 15:16 . 2008-03-01 10:02 124,928 --a------ C:\WINDOWS\system32\SET119.tmp 2008-04-08 15:16 . 2008-03-01 10:02 105,984 --a------ C:\WINDOWS\system32\SET100.tmp 2008-04-08 15:16 . 2008-03-01 10:02 63,488 --a------ C:\WINDOWS\system32\SET116.tmp 2008-04-08 15:16 . 2008-03-01 10:02 52,224 --a------ C:\WINDOWS\system32\SET108.tmp 2008-04-04 19:25 . 2008-04-04 19:25 <DIR> d-------- C:\Arquivos de programas\7-Zip . ((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-31 13:29 --------- d-----w C:\Documents and Settings\Luciano\Dados de aplicativos\BrOffice.org2 2008-05-29 16:28 --------- d-----w C:\Arquivos de programas\microsoft frontpage 2008-05-27 00:34 --------- d-----w C:\Arquivos de programas\Zuma Deluxe 2008-05-25 16:48 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy 2008-05-25 16:46 --------- d-----w C:\Arquivos de programas\Spybot - Search & Destroy 2008-05-25 03:46 --------- d-----w C:\Arquivos de programas\Windows Live Safety Center 2008-05-14 02:08 --------- d-----w C:\Arquivos de programas\Lexmark X1100 Series 2008-04-11 21:34 --------- d-----w C:\Documents and Settings\Luciano\Dados de aplicativos\Dev-Cpp 2008-03-29 14:41 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\WinZip 2008-03-29 14:38 --------- d-----w C:\Arquivos de programas\PicPerk 2008-03-29 14:19 --------- d-----w C:\Arquivos de programas\eMule 2008-03-28 14:59 --------- d-----w C:\Arquivos de programas\Programas RFB 2008-03-25 04:49 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:49 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-01 21:32 3,591,680 ----a-w C:\WINDOWS\system32\SET107.tmp 2008-03-01 13:02 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-02-26 12:00 294,912 ----a-w C:\WINDOWS\system32\msctf.dll 2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll 2008-02-20 05:37 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll 2008-02-16 12:00 172,034 ----a-w C:\WINDOWS\system32\OSSMTP.dll 2008-01-03 01:44 774,144 ----a-w C:\Arquivos de programas\RngInterstitial.dll . ((((((((((((((((((((((((((((( snapshot@2008-05-28_12.32.42.32 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-28 15:20:06 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-31 13:56:32 2,048 --s-a-w C:\WINDOWS\bootstat.dat - 2004-08-04 03:45:24 294,400 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll + 2008-02-26 12:00:47 294,912 -c--a-w C:\WINDOWS\system32\dllcache\msctf.dll . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360] "MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-02-27 14:29 47104 C:\WINDOWS\SOUNDMAN.EXE] "Lexmark X1100 Series"="C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 08:12 57344] "Media Codec Update Service"="C:\Arquivos de programas\Essentials Codec Pack\update.exe" [2007-04-08 13:44 303104] "Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "AVG8_TRAY"="C:\ARQUIV~1\AVG\AVG8\avgtray.exe" [2008-05-25 13:32 1177368] "wscntfy"="C:\WINDOWS\system\wscntfy.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "!CleanupNetMeetingDispDriver"="C:\WINDOWS\system32\rundll32.exe" [2004-08-04 00:45 33280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:45 15360] C:\Documents and Settings\Luciano\Menu Iniciar\Programas\Inicializar\ BrOffice.org 2.3.lnk - C:\Arquivos de programas\BrOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3codec"= l3codecp.acm [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\system32\\LEXPPS.EXE"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"= "C:\\Arquivos de programas\\NetMeeting\\conf.exe"= "C:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "C:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"= "C:\\Arquivos de programas\\AVG\\AVG8\\avgemc.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-25 13:32] R2 avg8emc;AVG8 E-mail Scanner;C:\ARQUIV~1\AVG\AVG8\avgemc.exe [2008-05-25 13:32] R2 avg8wd;AVG8 WatchDog;C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe [2008-05-25 13:32] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-25 13:32] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-31 10:57:30 Windows 5.1.2600 Service Pack 2 NTFS Procurando processos ocultos ... Procurando entradas auto inicializ veis ocultas ... Procurando ficheiros ocultos ... Varredura completada com sucesso Ficheiros ocultos: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\mnmsrvc.exe C:\Arquivos de programas\AVG\AVG8\avgrsx.exe . ************************************************************************** . Tempo para conclusÆo: 2008-05-31 11:06:01 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-31 14:05:57 Pre-Run: 28,909,211,648 bytes disponíveis Post-Run: 28,904,509,440 bytes dispon¡veis 156 --- E O F --- 2008-05-29 02:23:32 grato pela ajuda e aguardando resposta.... :D
  20. ^Â^njo
    log do hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:14:27, on 28/05/08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\mnmsrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\ARQUIV~1\AVG\AVG8\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmon.exe C:\ARQUIV~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.exe C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.BIN C:\WINDOWS\explorer.exe C:\Arquivos de programas\AVG\AVG8\avgrsx.exe C:\Arquivos de programas\AVG\AVG8\avgrsx.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [Media Codec Update Service] C:\Arquivos de programas\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\RunOnce: [Explorer] C:\WINDOWS\system\ctfmon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: BrOffice.org 2.3.lnk = C:\Arquivos de programas\BrOffice.org 2.3\program\quickstart.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{68349F0F-15BB-4692-A3C9-EEB94F7AE479}: NameServer = 200.204.0.10,200.204.0.138 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE -- End of file - 5612 bytes ----------------------------------------------------------------------------------------------------------------------------------------------------- log do ComboFIx ComboFix 08-05-27.4 - Luciano 2008-05-28 19:50:49.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.245 [GMT -3:00] Executando de: C:\Documents and Settings\Luciano\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Luciano\Desktop\CFScript.txt * Criado um novo ponto de restauro WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\tot.exe C:\WINDOWS\system\wscntfy.exe C:\WINDOWS\system32\31861617.INS C:\WINDOWS\system32\37224256.INS C:\WINDOWS\system32\8204747.INS C:\WINDOWS\system32\bbrdehed.dll C:\WINDOWS\system32\gm2re1.pif C:\WINDOWS\system32\iifcdcb.dll C:\WINDOWS\system32\mirc.ini C:\WINDOWS\system32\secus16.exe C:\WINDOWS\system32\windir32.exe C:\WINDOWS\system32\windir32.zip C:\WINDOWS\system32\WMM2RE2.dll C:\WINDOWS\system32\WMM2RE3.dll C:\WINDOWS\system32\wmm2re4.dll D:\stwi.com E:\i0.cmd . ((((((((((((((((((((((((((((((((((((( Outras Exclusäes ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\tot.exe C:\WINDOWS\system\wscntfy.exe C:\WINDOWS\system32\31861617.INS C:\WINDOWS\system32\37224256.INS C:\WINDOWS\system32\8204747.INS C:\WINDOWS\system32\gm2re1.pif C:\WINDOWS\system32\mirc.ini C:\WINDOWS\system32\secus16.exe C:\WINDOWS\system32\windir32.exe C:\WINDOWS\system32\windir32.zip C:\WINDOWS\system32\WMM2RE2.dll C:\WINDOWS\system32\WMM2RE3.dll C:\WINDOWS\system32\wmm2re4.dll . ((((((((((((((((((((((( Ficheiros criados de 2008-04-28 to 2008-05-28 )))))))))))))))))))))))))))))))) . 2008-05-28 12:33 . 2008-05-28 12:33 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Configurações locais 2008-05-28 12:33 . 2008-05-28 12:33 <DIR> d-------- C:\Documents and Settings\NetworkService\Configurações locais 2008-05-28 12:33 . 2008-05-28 12:33 <DIR> d-------- C:\Documents and Settings\Luciano\Configurações locais 2008-05-28 12:33 . 2008-05-28 12:33 <DIR> d-------- C:\Documents and Settings\LocalService\Configurações locais 2008-05-26 15:20 . 2008-05-26 15:20 <DIR> d-------- C:\Arquivos de programas\Trend Micro 2008-05-25 13:48 . 2008-05-28 19:35 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-05-25 13:34 . 2008-05-25 13:23 691,545 --a------ C:\WINDOWS\unins000.exe 2008-05-25 13:34 . 2008-05-25 13:34 2,555 --a------ C:\WINDOWS\unins000.dat 2008-05-25 13:32 . 2008-05-28 15:59 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-05-25 13:32 . 2008-05-28 12:59 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\avg8 2008-05-25 13:32 . 2008-05-25 13:32 <DIR> d-------- C:\Arquivos de programas\AVG 2008-05-25 13:32 . 2008-05-25 13:32 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-05-25 13:32 . 2008-05-25 13:32 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-05-25 13:32 . 2008-05-25 13:32 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-05-24 10:13 . 2008-05-24 10:13 <DIR> d-------- C:\WINDOWS\system32\sounds 2008-05-24 10:13 . 2008-05-24 10:13 <DIR> d-------- C:\WINDOWS\system32\logs 2008-05-14 00:36 . 2008-05-14 00:36 <DIR> d-------- C:\Documents and Settings\Luciano\Dados de aplicativos\pdf995 2008-05-14 00:36 . 2008-05-14 00:36 28 --a------ C:\WINDOWS\pdf995.ini . ((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-28 22:34 --------- d-----w C:\Arquivos de programas\microsoft frontpage 2008-05-28 19:15 --------- d-----w C:\Documents and Settings\Luciano\Dados de aplicativos\BrOffice.org2 2008-05-27 00:34 --------- d-----w C:\Arquivos de programas\Zuma Deluxe 2008-05-27 00:33 --------- d-----w C:\Arquivos de programas\Acro Software 2008-05-25 16:48 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy 2008-05-25 16:46 --------- d-----w C:\Arquivos de programas\Spybot - Search & Destroy 2008-05-25 03:46 --------- d-----w C:\Arquivos de programas\Windows Live Safety Center 2008-05-14 03:37 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\pdf995 2008-05-14 03:32 51,716 ----a-w C:\WINDOWS\system32\pdf995mon.dll 2008-05-14 03:32 249,856 ----a-w C:\WINDOWS\system32\pdfmona.dll 2008-05-14 02:08 --------- d-----w C:\Arquivos de programas\Lexmark X1100 Series 2008-04-20 18:23 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help 2008-04-19 13:22 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe 2008-04-15 02:54 --------- d-----w C:\Arquivos de programas\pdf995 2008-04-11 21:34 --------- d-----w C:\Documents and Settings\Luciano\Dados de aplicativos\Dev-Cpp 2008-04-04 22:25 --------- d-----w C:\Arquivos de programas\7-Zip 2008-03-29 14:41 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\WinZip 2008-03-29 14:38 --------- d-----w C:\Arquivos de programas\PicPerk 2008-03-29 14:19 --------- d-----w C:\Arquivos de programas\eMule 2008-03-28 14:59 --------- d-----w C:\Arquivos de programas\Programas RFB 2008-03-25 04:49 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll 2008-03-25 04:49 183,072 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-01 21:32 3,591,680 ----a-w C:\WINDOWS\system32\SET107.tmp 2008-03-01 13:02 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-03-01 13:02 826,368 ----a-w C:\WINDOWS\system32\SETFD.tmp 2008-03-01 13:02 63,488 ----a-w C:\WINDOWS\system32\SET116.tmp 2008-03-01 13:02 6,066,176 ----a-w C:\WINDOWS\system32\SET10F.tmp 2008-03-01 13:02 52,224 ----a-w C:\WINDOWS\system32\SET108.tmp 2008-03-01 13:02 459,264 ----a-w C:\WINDOWS\system32\SET109.tmp 2008-03-01 13:02 383,488 ----a-w C:\WINDOWS\system32\SET111.tmp 2008-03-01 13:02 267,776 ----a-w C:\WINDOWS\system32\SET10D.tmp 2008-03-01 13:02 124,928 ----a-w C:\WINDOWS\system32\SET119.tmp 2008-03-01 13:02 105,984 ----a-w C:\WINDOWS\system32\SET100.tmp 2008-03-01 13:02 1,159,680 ----a-w C:\WINDOWS\system32\SETFF.tmp 2008-01-03 01:44 774,144 ----a-w C:\Arquivos de programas\RngInterstitial.dll . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\WINDOWS\system32\logs ---- ---- Directory of C:\WINDOWS\system32\sounds ---- ((((((((((((((((((((((((((((( snapshot@2008-05-28_12.32.42.32 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-28 15:20:06 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-28 22:56:23 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-28 22:57:07 40,960 ----a-w C:\WINDOWS\TEMP\rtdrvmon.exe . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360] "MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-02-27 14:29 47104 C:\WINDOWS\SOUNDMAN.EXE] "Lexmark X1100 Series"="C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 08:12 57344] "Media Codec Update Service"="C:\Arquivos de programas\Essentials Codec Pack\update.exe" [2007-04-08 13:44 303104] "Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "AVG8_TRAY"="C:\ARQUIV~1\AVG\AVG8\avgtray.exe" [2008-05-25 13:32 1177368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Explorer"="C:\WINDOWS\system\ctfmon.exe" [2008-02-16 09:01 24578] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:45 15360] C:\Documents and Settings\Luciano\Menu Iniciar\Programas\Inicializar\ BrOffice.org 2.3.lnk - C:\Arquivos de programas\BrOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3codec"= l3codecp.acm [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\system32\\LEXPPS.EXE"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"= "C:\\Arquivos de programas\\NetMeeting\\conf.exe"= "C:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "C:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"= "C:\\Arquivos de programas\\AVG\\AVG8\\avgemc.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-25 13:32] R2 avg8emc;AVG8 E-mail Scanner;C:\ARQUIV~1\AVG\AVG8\avgemc.exe [2008-05-25 13:32] R2 avg8wd;AVG8 WatchDog;C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe [2008-05-25 13:32] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-25 13:32] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-28 19:57:17 Windows 5.1.2600 Service Pack 2 NTFS Procurando processos ocultos ... Procurando entradas auto inicializ veis ocultas ... Procurando ficheiros ocultos ... Varredura completada com sucesso Ficheiros ocultos: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\mnmsrvc.exe C:\WINDOWS\system32\rundll32.exe C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmon.exe C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.exe C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.bin C:\Arquivos de programas\AVG\AVG8\avgrsx.exe C:\Arquivos de programas\AVG\AVG8\avgrsx.exe . ************************************************************************** . Tempo para conclusÆo: 2008-05-28 20:05:17 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-28 23:05:12 Pre-Run: 28,913,262,592 bytes disponíveis Post-Run: 29,087,293,440 bytes dispon¡veis 181 --- E O F --- 2008-05-17 14:59:28 grato pela ajufa, aguardo resposta
  21. ^Â^njo
    Log feito apos o combofix Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:48:13, on 28/05/08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\mnmsrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\ARQUIV~1\AVG\AVG8\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\SOUNDMAN.EXE C:\ARQUIV~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.exe C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.BIN C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Arquivos de programas\AVG\AVG8\avgrsx.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [wscntfy] C:\WINDOWS\system\wscntfy.exe O4 - HKLM\..\Run: [Media Codec Update Service] C:\Arquivos de programas\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [windir32] C:\WINDOWS\system32\windir32.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\RunServices: [windir32] C:\WINDOWS\system32\windir32.exe O4 - HKLM\..\RunOnce: [Explorer] C:\WINDOWS\system\ctfmon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [windir32] C:\WINDOWS\system32\windir32.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: BrOffice.org 2.3.lnk = C:\Arquivos de programas\BrOffice.org 2.3\program\quickstart.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{68349F0F-15BB-4692-A3C9-EEB94F7AE479}: NameServer = 200.204.0.10,200.204.0.138 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: bbrdehed - bbrdehed.dll (file missing) O20 - Winlogon Notify: iifcdcb - iifcdcb.dll (file missing) O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE -- End of file - 5965 bytes log do combofix ComboFix 08-05-27.4 - Luciano 2008-05-28 12:14:28.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.233 [GMT -3:00] Executando de: C:\Documents and Settings\Luciano\Desktop\ComboFix.exe * Criado um novo ponto de restauro WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((( Outras Exclusäes ))))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system\alg.exe C:\WINDOWS\system32\bbrdehed.dllbox C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\sstwa.ini C:\WINDOWS\system32\sstwa.ini2 C:\WINDOWS\system32\WMM2RE4.dll . ((((((((((((((((((((((( Ficheiros criados de 2008-04-28 to 2008-05-28 )))))))))))))))))))))))))))))))) . 2008-05-26 15:20 . 2008-05-26 15:20 <DIR> d-------- C:\Arquivos de programas\Trend Micro 2008-05-25 13:48 . 2008-05-28 11:55 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-05-25 13:34 . 2008-05-25 13:23 691,545 --a------ C:\WINDOWS\unins000.exe 2008-05-25 13:34 . 2008-05-25 13:34 2,555 --a------ C:\WINDOWS\unins000.dat 2008-05-25 13:32 . 2008-05-27 18:06 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-05-25 13:32 . 2008-05-25 13:32 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\avg8 2008-05-25 13:32 . 2008-05-25 13:32 <DIR> d-------- C:\Arquivos de programas\AVG 2008-05-25 13:32 . 2008-05-25 13:32 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-05-25 13:32 . 2008-05-25 13:32 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-05-25 13:32 . 2008-05-25 13:32 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-05-25 09:57 . 2008-05-21 15:06 754,176 --a------ C:\WINDOWS\system32\8204747.INS 2008-05-24 22:50 . 2008-05-21 15:06 754,176 --a------ C:\WINDOWS\system32\37224256.INS 2008-05-24 18:47 . 2008-05-21 15:06 754,176 --a------ C:\WINDOWS\system32\31861617.INS 2008-05-24 10:13 . 2008-05-24 10:13 <DIR> d-------- C:\WINDOWS\system32\sounds 2008-05-24 10:13 . 2008-05-24 10:13 <DIR> d-------- C:\WINDOWS\system32\logs 2008-05-24 10:13 . 2008-05-21 15:06 754,176 --a------ C:\WINDOWS\system32\windir32.exe 2008-05-24 10:13 . 2008-05-21 23:54 704,866 --a------ C:\WINDOWS\system32\windir32.zip 2008-05-24 10:13 . 2008-02-11 06:07 118,784 --a------ C:\WINDOWS\system32\secus16.exe 2008-05-24 10:13 . 2008-05-15 14:57 26,585 --a------ C:\WINDOWS\system32\WMM2RE3.dll 2008-05-24 10:13 . 2008-05-18 07:35 20,064 --a------ C:\WINDOWS\system32\WMM2RE2.dll 2008-05-24 10:13 . 2008-05-24 14:45 16,381 --a------ C:\WINDOWS\system32\gm2re1.pif 2008-05-24 10:13 . 2008-05-28 12:26 4,734 --a------ C:\WINDOWS\system32\mirc.ini 2008-05-24 10:12 . 2008-05-25 09:57 1,821,030 --a------ C:\tot.exe 2008-05-14 00:36 . 2008-05-14 00:36 <DIR> d-------- C:\Documents and Settings\Luciano\Dados de aplicativos\pdf995 2008-05-14 00:36 . 2008-05-14 00:36 28 --a------ C:\WINDOWS\pdf995.ini . ((((((((((((((((((((((((((((((((((((( Relat¢rio Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-28 15:26 --------- d-----w C:\Documents and Settings\Luciano\Dados de aplicativos\BrOffice.org2 2008-05-28 01:23 --------- d-----w C:\Arquivos de programas\microsoft frontpage 2008-05-27 00:34 --------- d-----w C:\Arquivos de programas\Zuma Deluxe 2008-05-27 00:33 --------- d-----w C:\Arquivos de programas\Acro Software 2008-05-25 16:48 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy 2008-05-25 16:46 --------- d-----w C:\Arquivos de programas\Spybot - Search & Destroy 2008-05-25 03:46 --------- d-----w C:\Arquivos de programas\Windows Live Safety Center 2008-05-14 03:37 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\pdf995 2008-05-14 02:08 --------- d-----w C:\Arquivos de programas\Lexmark X1100 Series 2008-04-20 18:23 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help 2008-04-19 13:22 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Adobe 2008-04-15 02:54 --------- d-----w C:\Arquivos de programas\pdf995 2008-04-11 21:34 --------- d-----w C:\Documents and Settings\Luciano\Dados de aplicativos\Dev-Cpp 2008-04-04 22:25 --------- d-----w C:\Arquivos de programas\7-Zip 2008-03-29 14:41 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\WinZip 2008-03-29 14:38 --------- d-----w C:\Arquivos de programas\PicPerk 2008-03-29 14:19 --------- d-----w C:\Arquivos de programas\eMule 2008-03-28 14:59 --------- d-----w C:\Arquivos de programas\Programas RFB 2008-01-03 01:44 774,144 ----a-w C:\Arquivos de programas\RngInterstitial.dll . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Nota* entradas vazias & leg¡timas por defeito nÆo sÆo mostradas. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{588489FB-7FC8-4F95-A993-33B69F8C66EA}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86A44EF7-78FC-4e18-A564-B18F806F7F56}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD03C949-1F23-41EA-B53A-C31EE0154454}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45 15360] "MSMSGS"="C:\Arquivos de programas\Messenger\msmsgs.exe" [ ] "windir32"="C:\WINDOWS\system32\windir32.exe" [2008-05-21 15:06 754176] "SpybotSD TeaTimer"="C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2003-02-27 14:29 47104 C:\WINDOWS\SOUNDMAN.EXE] "Lexmark X1100 Series"="C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 08:12 57344] "wscntfy"="C:\WINDOWS\system\wscntfy.exe" [2008-02-16 09:01 81922] "Media Codec Update Service"="C:\Arquivos de programas\Essentials Codec Pack\update.exe" [2007-04-08 13:44 303104] "Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "windir32"="C:\WINDOWS\system32\windir32.exe" [2008-05-21 15:06 754176] "AVG8_TRAY"="C:\ARQUIV~1\AVG\AVG8\avgtray.exe" [2008-05-25 13:32 1177368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Explorer"="C:\WINDOWS\system\ctfmon.exe" [2008-02-16 09:01 24578] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "windir32"="C:\WINDOWS\system32\windir32.exe" [2008-05-21 15:06 754176] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:45 15360] C:\Documents and Settings\Luciano\Menu Iniciar\Programas\Inicializar\ BrOffice.org 2.3.lnk - C:\Arquivos de programas\BrOffice.org 2.3\program\quickstart.exe [2007-08-17 21:57:56 393216] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\bbrdehed] bbrdehed.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifcdcb] iifcdcb.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3codec"= l3codecp.acm [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\system32\\LEXPPS.EXE"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Arquivos de programas\\Windows Live\\Messenger\\livecall.exe"= "C:\\Arquivos de programas\\NetMeeting\\conf.exe"= "C:\\WINDOWS\\system32\\windir32.exe"= "C:\\WINDOWS\\system32\\usmt\\migwiz.exe"= "C:\\Arquivos de programas\\AVG\\AVG8\\avgupd.exe"= "C:\\Arquivos de programas\\AVG\\AVG8\\avgemc.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-25 13:32] R2 avg8emc;AVG8 E-mail Scanner;C:\ARQUIV~1\AVG\AVG8\avgemc.exe [2008-05-25 13:32] R2 avg8wd;AVG8 WatchDog;C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe [2008-05-25 13:32] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-25 13:32] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48e901ec-0a65-11dd-bc98-000fea9e6ceb}] \Shell\AutoRun\command - E:\i0.cmd \Shell\explore\Command - E:\i0.cmd \Shell\open\Command - E:\i0.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a94d0a2f-1f55-11dd-bcf7-000fea9e6ceb}] \Shell\AutoRun\command - D:\stwi.com \Shell\explore\Command - D:\stwi.com \Shell\open\Command - D:\stwi.com . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-28 12:25:01 Windows 5.1.2600 Service Pack 2 NTFS Procurando processos ocultos ... Procurando entradas auto inicializ veis ocultas ... Procurando ficheiros ocultos ... C:\WINDOWS\system32\wmm2re4.dll 190 bytes Varredura completada com sucesso Ficheiros ocultos: 1 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\mnmsrvc.exe C:\WINDOWS\system32\rundll32.exe C:\Arquivos de programas\AVG\AVG8\avgrsx.exe C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmon.exe C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.exe C:\Arquivos de programas\BrOffice.org 2.3\program\soffice.bin . ************************************************************************** . Tempo para conclusÆo: 2008-05-28 12:33:31 - machine was rebooted [Luciano] ComboFix-quarantined-files.txt 2008-05-28 15:33:20 Pre-Run: 29,128,126,464 bytes disponíveis Post-Run: 29,334,052,864 bytes dispon¡veis 157 --- E O F --- 2008-05-17 14:59:28 grato pela ajudar... aguardando resposta
  22. ^Â^njo
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:23:25, on 26/05/08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16640) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system\wscntfy.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\windir32.exe C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe C:\ARQUIV~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\svchost.exe C:\ARQUIV~1\AVG\AVG8\avgrsx.exe C:\ARQUIV~1\AVG\AVG8\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.MSN.com.br/0SEPTBR/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {588489FB-7FC8-4F95-A993-33B69F8C66EA} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ActivationManager module - {86A44EF7-78FC-4e18-A564-B18F806F7F56} - C:\Arquivos de programas\ActivationManager\ActivationManager.dll (file missing) O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {FD03C949-1F23-41EA-B53A-C31EE0154454} - C:\WINDOWS\system32\iifcdcb.dll (file missing) O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Arquivos de programas\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [wscntfy] C:\WINDOWS\system\wscntfy.exe O4 - HKLM\..\Run: [Media Codec Update Service] C:\Arquivos de programas\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [windir32] C:\WINDOWS\system32\windir32.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\RunServices: [windir32] C:\WINDOWS\system32\windir32.exe O4 - HKLM\..\RunOnce: [Explorer] C:\WINDOWS\system\ctfmon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [windir32] C:\WINDOWS\system32\windir32.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: BrOffice.org 2.3.lnk = C:\Arquivos de programas\BrOffice.org 2.3\program\quickstart.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O17 - HKLM\System\CCS\Services\Tcpip\..\{68349F0F-15BB-4692-A3C9-EEB94F7AE479}: NameServer = 200.204.0.10,200.204.0.138 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O20 - Winlogon Notify: bbrdehed - bbrdehed.dll (file missing) O20 - Winlogon Notify: iifcdcb - iifcdcb.dll (file missing) O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE -- End of file - 6432 bytes
  23. ^Â^njo
    estou com o computador infectado, já passe o spyboot, e o avg, mas sempre que passo eles, o pc desligar no meio da verificação, não tenho mais aceço a pasta c: (disco local) oque eu faço? não posso reinstala o windos porque meu drive de cd quebro
  24. ^Â^njo

    Erro Na Rede

    pergunta respondeu ao ^Â^njo de ^Â^njo em Redes

    antes de eu instalar o novo XP na maquina, a coneçxão pegava em 100MPB, e depois que eu instalei o novo XP eu não mexi nos cabos, nem inverti as cores, então eu acredito que num tem nada a ver com os cabos......
  25. ^Â^njo

    Erro Na Rede

    pergunta respondeu ao ^Â^njo de ^Â^njo em Redes

    já dei um endereço automatico, mas a conexão fico lenta, ela esta em 10mbp, sendo que o correto é em 100mbp, o que eu faço?
×
×
  • Criar Novo...