Logo Hardware.com.br
alves 91
alves 91 Membro Senior Registrado
390 Mensagens 8 Curtidas

Resolvido - Log do hijackthis

#1 Por alves 91 11/08/2010 - 10:25
Esse pc tah muito fods...

soh consegui executa o hijackthis em modo de segurança...em modo normal nao consigo nem logar na maquina...


Logfile of HijackThis v1.99.1
Scan saved at 10:13:53, on 11/08/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrador\Meus documentos\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.positivoinformatica.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = prx-smop:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *curitiba.pr.gov.br*
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll
O3 - Toolbar: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WinVNC] "C:\Arquivos de programas\UltraVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [LANDeskCustomData] "C:\Arquivos de programas\LANDesk\LDClient\ldcstm32.exe" /s
O4 - HKLM\..\Run: [Xerox PanelMgr] C:\WINDOWS\Xerox\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [USSShReg] C:\WINDOWS\system32\ussshreg.exe /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Arquivos de programas\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Arquivos de programas\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [AutoHelpDesk] C:\Documents and Settings\vpivovar\Configurações locais\Temporary Internet Files\Content.IE5\DUQZ3YKH\DiagnosticoBB[1].exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Pandion.lnk = C:\Arquivos de programas\Pandion\Pandion.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Arquivos de programas\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.positivoinformatica.com.br/
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = curitiba.pr.gov.br
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = curitiba.pr.gov.br
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: LANDesk(R) Management Agent (CBA8) - LANDesk Software, Ltd. - C:\Arquivos de programas\LANDesk\Shared Files\residentagent.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Arquivos de programas\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: Broker de solicitação de rede F-Secure (F-Secure Network Request Broker) - F-Secure Corporation - C:\Arquivos de programas\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Arquivos de programas\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Arquivos de programas\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Arquivos de programas\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel Local Scheduler Service - LANDesk Software, Ltd. - C:\Arquivos de programas\LANDesk\LDClient\LocalSch.EXE
O23 - Service: Intel PDS - LANDesk Software Ltd. - C:\WINDOWS\system32\CBA\pds.exe
O23 - Service: Multidifusão dirigida da LANDesk (Intel Targeted Multicast) - LANDesk Software, Ltd. - C:\Arquivos de programas\LANDesk\LDClient\tmcsvc.exe
O23 - Service: Serviço de controle remoto da LANDesk (ISSUSER) - LANDesk Software, Ltd. - C:\ARQUIV~1\LANDesk\LDClient\issuser.exe
O23 - Service: LANDesk Policy Invoker - LANDesk Software, Ltd. - C:\Arquivos de programas\LANDesk\LDClient\policy.client.invoker.exe
O23 - Service: Positivo Network Manager - Positivo Informática Ltda - C:\Arquivos de programas\Positivo Informática\Positivo Network Manager\LanCtrl.exe
O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\WINDOWS\system32\snmptrap.exe (file missing)
O23 - Service: LANDesk(R) Software Monitoring Service (Softmon) - LANDesk Software, Ltd. - C:\Arquivos de programas\LANDesk\LDClient\softmon.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Arquivos de programas\UltraVNC\WinVNC.exe" -service (file missing)


se alguem conseguir me ajudar...vlw aew...
alves 91
alves 91 Membro Senior Registrado
390 Mensagens 8 Curtidas
#3 Por alves 91
11/08/2010 - 10:45
pronto

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrador at 2010-08-11 10:43:39
Microsoft Windows XP Professional Service Pack 2
System drive C: has 52 GB (69%) free of 76 GB
Total RAM: 511 MB (61% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\At1.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Facilitador de Leitor de Link Adobe PDF - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\arquivos de programas\google\googletoolbar1.dll [2007-11-28 2423872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Barra de Ferramentas do Yahoo! com bloqueador de pop-up - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinVNC"=C:\Arquivos de programas\UltraVNC\WinVNC.exe [2003-09-21 630848]
"LANDeskCustomData"=C:\Arquivos de programas\LANDesk\LDClient\ldcstm32.exe [2007-11-30 299008]
"Xerox PanelMgr"=C:\WINDOWS\Xerox\PanelMgr\ssmmgr.exe [2006-11-08 520192]
"Adobe Reader Speed Launcher"=C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"USSShReg"=C:\WINDOWS\system32\ussshreg.exe [1997-02-24 19968]
"QuickTime Task"=C:\Arquivos de programas\QuickTime\qttask.exe [2007-06-29 286720]
"F-Secure Manager"=C:\Arquivos de programas\F-Secure\Common\FSM32.EXE [2010-03-26 301744]
"F-Secure TNB"=C:\Arquivos de programas\F-Secure\FSGUI\TNBUtil.exe [2010-03-26 1653424]
"AutoHelpDesk"=C:\Documents and Settings\vpivovar\Configurações locais\Temporary Internet Files\Content.IE5\DUQZ3YKH\DiagnosticoBB[1].exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe [2008-03-24 218496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-02 69632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-12-17 16062464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-15 2879488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2007-11-28 171448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xerox PanelMgr]
C:\WINDOWS\Xerox\PanelMgr\ssmmgr.exe [2006-11-08 520192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Speed Launch.lnk]
C:\ARQUIV~1\Adobe\READER~1.0\Reader\READER~1.EXE [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Adobe Reader Synchronizer.lnk]
C:\ARQUIV~1\Adobe\READER~1.0\Reader\ADOBEC~1.EXE [2007-05-11 738968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^WinZip Quick Pick.lnk]
C:\ARQUIV~1\WinZip\WZQKPICK.EXE [2001-11-27 106560]
C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar
Pandion.lnk - C:\Arquivos de programas\Pandion\Pandion.exe
Software Kodak EasyShare.lnk - C:\Arquivos de programas\Kodak\Kodak EasyShare software\bin\EasyShare.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-06-07 61440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\SGP\Atualizador.exe"="C:\SGP\Atualizador.exe:*:Enabled:Executável do Controle de Versão"
"C:\WINDOWS\system32\cba\pds.exe"="C:\WINDOWS\system32\cba\pds.exe:*:Enabled:LANDesk Ping Discovery Service"
"C:\WINDOWS\system32\msgsys.exe"="C:\WINDOWS\system32\msgsys.exe:*:Enabled:LANDesk Message Service"
"C:\Arquivos de programas\LANDesk\LDClient\issuser.exe"="C:\Arquivos de programas\LANDesk\LDClient\issuser.exe:*:Enabled:LANDesk Remote Control Agent"
"C:\Arquivos de programas\LANDesk\LDClient\tmcsvc.exe"="C:\Arquivos de programas\LANDesk\LDClient\tmcsvc.exe:*:Enabled:LANDesk Targeted Multicast"
"C:\Arquivos de programas\LANDesk\Shared Files\residentagent.exe"="C:\Arquivos de programas\LANDesk\Shared Files\residentagent.exe:*:Enabled:LANDesk(R) Management Agent"
"C:\WINDOWS\msagent\agtintl\svc.exe"="C:\WINDOWS\msagent\agtintl\svc.exe:*:Enabled:svc.exe"
"C:\WINDOWS\msagent\agtintl\update.exe"="C:\WINDOWS\msagent\agtintl\update.exe:*:Enabled:update.exe"
"C:\WINDOWS\msagent\agtintl\svchosts.exe"="C:\WINDOWS\msagent\agtintl\svchosts.exe:*:Enabled:svchosts.exe"
"C:\WINDOWS\pcn.exe"="C:\WINDOWS\pcn.exe:*:Enabledstick_out_tongue.pngcn.exe"
"C:\WINDOWS\Outlooks.exe"="C:\WINDOWS\Outlooks.exe:*:Enabled:Outlooks.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-08-11 10:43:39 ----D---- C:\rsit
2010-08-11 10:43:39 ----D---- C:\Arquivos de programas\trend micro
2010-08-11 10:09:16 ----A---- C:\WINDOWS\ntbtlog.txt
======List of files/folders modified in the last 1 months======
2010-08-11 10:43:39 ----RD---- C:\Arquivos de programas
2010-08-11 10:09:22 ----SHD---- C:\WINDOWS\CSC
2010-08-11 10:09:16 ----D---- C:\WINDOWS
2010-08-11 10:07:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-11 10:03:35 ----D---- C:\WINDOWS\Temp
2010-08-11 09:57:37 ----HD---- C:\WINDOWS\inf
2010-08-11 09:30:13 ----SD---- C:\WINDOWS\Tasks
2010-08-11 09:28:35 ----D---- C:\WINDOWS\system32
2010-08-11 09:06:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-11 09:05:23 ----D---- C:\WINDOWS\Prefetch
2010-08-10 17:33:42 ----A---- C:\WINDOWS\ULEAD32.INI
2010-08-10 17:26:53 ----D---- C:\WINDOWS\Help
2010-08-10 15:55:27 ----A---- C:\WINDOWS\win.ini
2010-08-03 17:21:55 ----D---- C:\WINDOWS\Minidump
2010-07-30 17:25:25 ----D---- C:\WINDOWS\security
2010-07-20 16:48:52 ----D---- C:\WINDOWS\ULEAD.DAT
2010-07-14 13:01:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-14 13:00:36 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 FSFW;F-Secure Firewall Driver; C:\WINDOWS\System32\drivers\fsdfw.sys [2008-06-19 59808]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-29 43528]
R3 AGR1310_51;Agere Systems ET-13xx PCI-E Ethernet Adapter XP Driver; C:\WINDOWS\system32\DRIVERS\AGR1310_51.sys [2006-02-13 75648]
R3 HDAudBus;Driver de Barramento Microsoft UAA para High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-03-17 135168]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-04-19 20608]
S0 fsbts;fsbts; C:\WINDOWS\system32\Drivers\fsbts.sys [2010-07-13 41256]
S1 eSysDrv;eSysTech Support Driver; \??\C:\Arquivos de programas\Positivo Informática\Positivo Network Manager\eSysDrv.sys []
S1 F-Secure HIPS;F-Secure HIPS; \??\C:\Arquivos de programas\F-Secure\HIPS\fshs.sys []
S1 intelppm;Driver de Processador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-02 40192]
S2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-05-10 25244]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-10-31 28416]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Arquivos de programas\F-Secure\Anti-Virus\minifilter\fsgk.sys []
S3 HidUsb;Driver de classe HID da Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-12-20 4405248]
S3 ldblank;Screen Blanking driver for Remote Control; C:\WINDOWS\system32\DRIVERS\ldblank.sys [2007-05-30 11904]
S3 ldmirror;ldmirror; C:\WINDOWS\system32\DRIVERS\ldmirror.sys [2007-05-30 3328]
S3 lersfb;lersfb; \??\C:\WINDOWS\system32\09B.tmp []
S3 mirrorflt;Mirror Filter Driver for Uninstall; C:\WINDOWS\system32\DRIVERS\mirrorflt.sys [2007-05-30 3712]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-05 12288]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-10-13 74496]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 UXDCMN;UXDCMN; \??\C:\sysprep\wst\UXDCMN.SYS []
S3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2002-11-20 2218]
S3 xapvfi;xapvfi; \??\C:\WINDOWS\system32\0E9.tmp []
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Arquivos de programas\F-Secure\Anti-Virus\Win2K\FSfilter.sys []
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Arquivos de programas\F-Secure\Anti-Virus\Win2K\FSrec.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]
S2 CBA8;LANDesk(R) Management Agent; C:\Arquivos de programas\LANDesk\Shared Files\residentagent.exe [2007-11-29 155648]
S2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Arquivos de programas\F-Secure\Anti-Virus\fsgk32st.exe [2010-03-26 219824]
S2 FSMA;FSMA; C:\Arquivos de programas\F-Secure\Common\FSMA32.EXE [2010-03-26 187056]
S2 Intel Local Scheduler Service;Intel Local Scheduler Service; C:\Arquivos de programas\LANDesk\LDClient\LocalSch.EXE [2007-11-30 196608]
S2 Intel PDS;Intel PDS; C:\WINDOWS\system32\CBA\pds.exe [2007-08-31 32819]
S2 Intel Targeted Multicast;Multidifusão dirigida da LANDesk; C:\Arquivos de programas\LANDesk\LDClient\tmcsvc.exe [2007-11-30 192512]
S2 ISSUSER;Serviço de controle remoto da LANDesk; C:\ARQUIV~1\LANDesk\LDClient\issuser.exe [2007-11-30 406528]
S2 LANDesk Policy Invoker;LANDesk Policy Invoker; C:\Arquivos de programas\LANDesk\LDClient\policy.client.invoker.exe [2007-11-30 118784]
S2 MDM;Machine Debug Manager; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
S2 Positivo Network Manager;Positivo Network Manager; C:\Arquivos de programas\Positivo Informática\Positivo Network Manager\LanCtrl.exe [2007-08-31 126976]
S2 Softmon;LANDesk(R) Software Monitoring Service; C:\Arquivos de programas\LANDesk\LDClient\softmon.exe [2007-12-06 331776]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
S2 winvnc;VNC Server; C:\Arquivos de programas\UltraVNC\WinVNC.exe [2003-09-21 630848]
S3 aspnet_state;Serviço de estado do ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Arquivos de programas\F-Secure\FWES\Program\fsdfwd.exe [2008-06-19 465504]
S3 F-Secure Network Request Broker;Broker de solicitação de rede F-Secure; C:\Arquivos de programas\F-Secure\Common\FNRB32.EXE [2010-03-26 166576]
S3 FSORSPClient;F-Secure ORSP Client; C:\Arquivos de programas\F-Secure\ORSP Client\fsorsp.exe [2010-08-10 56992]
S3 gusvc;Google Updater Service; C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-11-28 138168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\system32\snmptrap.exe []
-----------------EOF-----------------

vlw..
Dúvida. "O que estudar em 2012?"

Note: Acer 5742-7416 Fedora 16
Smart: LG P500

M4A78T-E
PII 965
Corsair 4GB
HD5770 Sapp
C3 Tech 750W
WD 5001AALS
Joy XBOX 360 Pc
Wings
Wings Cyber Highlander Registrado
20.3K Mensagens 1.2K Curtidas
#4 Por Wings
11/08/2010 - 11:10
*Baixe o Bankerfix e salve-o no desktop
*Desative temporariamente seu antivírus

Clique com o botão direito do mouse no ícone do F-Secure ao lado do relógio
Clique na opção Unload

*Execute o bankerfix
*Clique [OK] > [SIM] (se pedir alguma atualização) > [OK]
*Tecle [ENTER] e aguarde.
*Ao término tecle [ENTER]
*Cole o relatório criado em C:\LinhaDefensiva\relatorio.txt
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal