Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93112 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

It's My Fist Time At Here, Please Somebody Help Me!

Started by Flávio Saito , Jul 20 2007 07:20 PM

  • Please log in to reply
3 replies to this topic

#1 Flávio Saito

Flávio Saito

    New Member

  • New Member
  • Pip
  • 2 posts

Posted 20 July 2007 - 07:20 PM

Helo!
First, sorry if my english is so bad!

Well, I have a serious problems: My Proccess Manager is unabled, the window don't have the buttons CLOSE, MAX. and MIN. And it don't have the tabs. I had heard that the virus answer by process's name EXCEL. Please! Help me!

The HiJackThisLog is this:

Logfile of HijackThis v1.99.1
Scan saved at 21:46:34, on 20/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Arquivos de programas\Dassault Systemes\B15\intel_a\code\bin\CATSysDemon.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Arquivos de programas\Borland\InterBase\bin\ibguard.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7Debug\mdm.exe
C:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Arquivos de programas\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Programas\UGNX4\License_Server\UGNXFLEXlm\lmgrd.exe
C:\Arquivos de programas\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
D:\Programas\UGNX4\License_Server\UGNXFLEXlm\lmgrd.exe
D:\Programas\UGNX4\License_Server\UGNXFLEXlm\uglmd.exe
C:\Arquivos de programas\Borland\InterBase\bin\ibserver.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\MSN Messenger\msnmsgr.exe
C:\Arquivos de programas\MSN Messenger\usnsvc.exe
C:\Arquivos de programas\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\WINDOWS\Downloaded Program Files\gbiehCef.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [awxDTools] rundll32 D:\PROGRA~1\AWXDTO~1\awxDTools.dll,awxRegisterDll /r /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Arquivos de programas\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Arquivos de programas\Ahead\Nero BackItUp\NBJ.exe"
O4 - Startup: Atalho para ashDisp.lnk = C:\Arquivos de programas\Alwil Software\Avast4\ashDisp.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Arquivos de programas\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?ecc6a152ce294c1e8581257665b76ff6
O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?ecc6a152ce294c1e8581257665b76ff6
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Arquivos de programas\MDT6\AcDcToday.ocx
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Arquivos de programas\MDT6\InstBanr.ocx
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Arquivos de programas\MDT6\InstFred.ocx
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399003} (GbPluginObj Class) - https://imagem.caixa...GbPluginCef.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Arquivos de programas\MDT6\AcPreview.ocx
O18 - Protocol: bw+0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {7424B26D-151E-4EA6-9F47-50C50818FD2E} - C:\Arquivos de programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: pcl - {182D0C85-206F-4103-B4FA-DCC1FB0A0A44} - C:\Arquivos de programas\Autodesk\Inventor Professional 8\bin\HSPCLPRO10.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Arquivos de programas\Dassault Systemes\B15\intel_a\code\bin\CATSysDemon.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia LTDA - C:\Arquivos de programas\GbPlugin\GbpSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Arquivos de programas\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Arquivos de programas\Borland\InterBase\bin\ibserver.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\ARQUIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: SQL Server FullText Search (MSSQLSERVER) (msftesql) - Unknown owner - C:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:MSSQLSERVER (file missing)
O23 - Service: SQL Server (MSSQLSERVER) (MSSQLSERVER) - Unknown owner - C:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER (file missing)
O23 - Service: SQL Server Analysis Services (MSSQLSERVER) (MSSQLServerOLAPService) - Unknown owner - C:\Arquivos de programas\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe" -s "C:\Arquivos de programas\Microsoft SQL Server\MSSQL.2\OLAP\Config (file missing)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - D:\Programas\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - D:\Programas\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe
O23 - Service: SQL Server Agent (MSSQLSERVER) (SQLSERVERAGENT) - Unknown owner - C:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE" -i MSSQLSERVER (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Unigraphics License Server (uglmd) - Macrovision Corporation - D:\Programas\UGNX4\License_Server\UGNXFLEXlm\lmgrd.exe

    Advertisements

Register to Remove

#2 Jintan

Jintan

    Advanced Member

  • Visiting Fellow
  • PipPipPipPip
  • 791 posts

Posted 22 July 2007 - 07:35 PM

Hello Flávio Saito,


Boa vinda ao Tom Coyote. No infection showing here. Only items of note in fact are the Logitech Desktop Messenger backweb software, which if you see here is not considered necessary, and for some reason, on a computer that appears to be an in use server some Daemon Tools software startups. But nothing that would disable your Task Manager (I am assuming this is what you mean when you say Process Manager). Let's take a different look for now, but post back more information about what this computer is used for, as I would be concerned about using repair software on any system that is a business use item.


Go Here and download Silent Runners to your desktop. Run it, and post back here the log it creates. If your AV queries the script, allow it to run. It's not malicious. It will create a file named Startup Programs, and will notify when the scan is complete. Copy the log from the Startup Programs file back here.

#3 Flávio Saito

Flávio Saito

    New Member

  • New Member
  • Pip
  • 2 posts

Posted 24 July 2007 - 05:43 AM

Jintan, thanks a lot! My computer is of domestic use, my programs is just for study. I'm going to scan my computer with Silent Runners, and later I post here. Thanks!

#4 Jintan

Jintan

    Advanced Member

  • Visiting Fellow
  • PipPipPipPip
  • 791 posts

Posted 24 July 2007 - 11:21 AM

Good, post that when completed and we'll follow up then.

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·