Jump to content
Fórum Script Brasil
  • 0

Programas Infectados


talin

Question

Não to conseguindo instalar o BankerFix para gerar o log dele tb!

dá um erro dizendo q não é possivel axar o arquivo \Temp|7zSAD.tmp\Iniciar-BankerFix.vbs

vo tentar baixar novamente!

Log do HiJackThis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:12:33, on 24/8/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

F:\WINDOWS\System32\smss.exe

F:\WINDOWS\system32\winlogon.exe

F:\WINDOWS\system32\services.exe

F:\WINDOWS\system32\lsass.exe

F:\ARQUIV~1\GbPlugin\GbpSv.exe

F:\WINDOWS\system32\svchost.exe

F:\WINDOWS\System32\svchost.exe

F:\WINDOWS\system32\spoolsv.exe

F:\WINDOWS\system32\svchost.exe

F:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

F:\WINDOWS\System32\svchost.exe

F:\WINDOWS\system32\IoctlSvc.exe

F:\WINDOWS\System32\svchost.exe

F:\WINDOWS\System32\svchost.exe

F:\WINDOWS\Explorer.EXE

F:\WINDOWS\RTHDCPL.EXE

F:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

F:\Arquivos de programas\Motorola\SMSERIAL\sm56hlpr.exe

F:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

F:\WINDOWS\6000RMT.exe

F:\WINDOWS\system32\ctfmon.exe

F:\Arquivos de programas\Messenger\msmsgs.exe

F:\Arquivos de programas\uTorrent\uTorrent.exe

F:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe

F:\Arquivos de programas\ComQuest\Memo-Rex\bin\memorex.exe

F:\DOCUME~1\NATAX!~1\CONFIG~1\Temp45.exe

F:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

F:\Arquivos de programas\MyTV\ADTVScheduleAgent.exe

F:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

F:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

F:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

F:\Arquivos de programas\HP\Digital Imaging\bin\hpqbam08.exe

F:\Arquivos de programas\HP\Digital Imaging\bin\hpqgpc01.exe

F:\WINDOWS\system32\wuauclt.exe

F:\DOCUME~1\NATAX!~1\CONFIG~1\Temp72.exe

F:\WINDOWS\TEMP\winaisq.exe

F:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

F:\ARQUIV~1\AVG\AVG8\avgrsx.exe

F:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe

F:\ARQUIV~1\AVG\AVG8\avgnsx.exe

F:\Documents and Settings\natax!nha\Meus documentos\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - F:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - F:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - F:\Arquivos de programas\AVG\AVG8\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\ARQUIV~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - F:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Arquivos de programas\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - F:\ARQUIV~1\GbPlugin\gbiehUni.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - F:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - F:\Arquivos de programas\AVG\AVG8\Toolbar\IEToolbar.dll

O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AVG8_TRAY] F:\ARQUIV~1\AVG\AVG8\avgtray.exe

O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [uTorrent] "F:\Arquivos de programas\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [MemoRex] "F:\Arquivos de programas\ComQuest\Memo-Rex\bin\memorex.exe" /Minimized

O4 - HKCU\..\Run: [swg] F:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = F:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = F:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: MyTV Schedule Agent.lnk = F:\Arquivos de programas\MyTV\ADTVScheduleAgent.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://F:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: ComQuest Memo-Rex - {1C23E480-C9EF-11D7-B5C2-00010252D526} - F:\Arquivos de programas\ComQuest\Memo-Rex\bin\memorex.exe

O9 - Extra 'Tools' menuitem: Memo-Rex - {1C23E480-C9EF-11D7-B5C2-00010252D526} - F:\Arquivos de programas\ComQuest\Memo-Rex\bin\memorex.exe

O9 - Extra button: Agenda de compromissos do Memo-Rex - {1C23E481-C9EF-11D7-B5C2-00010252D526} - F:\Arquivos de programas\ComQuest\Memo-Rex\bin\launchtasks.exe

O9 - Extra 'Tools' menuitem: Compromissos - {1C23E481-C9EF-11D7-B5C2-00010252D526} - F:\Arquivos de programas\ComQuest\Memo-Rex\bin\launchtasks.exe

O9 - Extra button: Agenda de contatos do Memo-Rex - {1C23E482-C9EF-11D7-B5C2-00010252D526} - F:\Arquivos de programas\ComQuest\Memo-Rex\bin\launchcontacts.exe

O9 - Extra 'Tools' menuitem: Contatos - {1C23E482-C9EF-11D7-B5C2-00010252D526} - F:\Arquivos de programas\ComQuest\Memo-Rex\bin\launchcontacts.exe

O9 - Extra button: Bloco de anotações do Memo-Rex - {1C23E483-C9EF-11D7-B5C2-00010252D526} - F:\Arquivos de programas\ComQuest\Memo-Rex\bin\launchnotes.exe

O9 - Extra 'Tools' menuitem: Anotações - {1C23E483-C9EF-11D7-B5C2-00010252D526} - F:\Arquivos de programas\ComQuest\Memo-Rex\bin\launchnotes.exe

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Seleção HP Smart - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - F:\Arquivos de programas\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1245632441000

O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://F:\Arquivos de programas\AutoCAD 2002\AcDcToday.ocx

O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://F:\Arquivos de programas\AutoCAD 2002\InstBanr.ocx

O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://F:\Arquivos de programas\AutoCAD 2002\InstFred.ocx

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.unibanco.com.br/GbPlug...GbPluginUni.cab

O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://F:\Arquivos de programas\AutoCAD 2002\AcPreview.ocx

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\ARQUIV~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Arquivos de programas\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: GbPluginUni - F:\ARQUIV~1\GbPlugin\gbiehUni.dll

O20 - Winlogon Notify: avgrsstarter - F:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - F:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Gbp Service (GbpSv) - - F:\ARQUIV~1\GbPlugin\GbpSv.exe

O23 - Service: Google Software Updater (gusvc) - Unknown owner - F:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)

O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - F:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe (file missing)

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - F:\Arquivos de programas\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Unknown owner - F:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - F:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: stllssvr - Unknown owner - F:\Arquivos de programas\Arquivos comuns\SureThing Shared\stllssvr.exe (file missing)

--

End of file - 9181 bytes

Link to post
Share on other sites

1 answer to this question

Recommended Posts

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



  • Forum Statistics

    • Total Topics
      149404
    • Total Posts
      645892
×
×
  • Create New...