Ahá! Bem feito... Eu ia até ajudar, se fosse caso de ter vindo em outro programa (tibiacam sei lá), mas o cara ter a cara de pau de assumir que usa tibia mc e tibia luz e ainda pedir ajuda pra não ser hackiado... Ah, meu filho, tenha dó...
Versão Imprimível
Ahá! Bem feito... Eu ia até ajudar, se fosse caso de ter vindo em outro programa (tibiacam sei lá), mas o cara ter a cara de pau de assumir que usa tibia mc e tibia luz e ainda pedir ajuda pra não ser hackiado... Ah, meu filho, tenha dó...
Olhe nos tópicos fixos, ou na pagina inicial do site.
Aprenda a não baixar mais essas coisas ;)
Não digitei nada de senha... mas ele está lendo o que escrevo no forum
Cara de pau não.. ele foi bem corajoso de assumir.. porémCitação:
Postado originalmente por rapmel
Espero que isso sirva de lição pro resto da sua vida :P
Tente baixar um anti-keylogger no www.baixaki.com.br =p
Tá aí o log do find loop
Citação:
[TRACE] Enumerating jobs and queues
[TRACE] Activating job 'Norton AntiVirus - Verificar o meu computador.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\ARQUIV~1\NORTON~1\NORTON~1\Navw32*****'
Parameters: '/task:"C:\Documents and Settings\All Users\Dados de aplicativos\Symantec\Norton AntiVirus\Tasks\mycomp.sca"'
WorkingDirectory: ''
Comment: 'Esta é uma tarefa de verificação programada do Norton AntiVirus.'
Creator: 'Administrador'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 03/03/2006 20:00:00
NextRun: 07/07/2006 20:00:00
StartError: S_OK
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 0
TaskFlags: 0
1 Trigger
Trigger 0:
Type: Weekly
WeeksInterval: 1
DaysOfTheWeek: .....F.
StartDate: 12/21/2005
EndDate: 00/00/0000
StartTime: 20:00
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'One Button Checkup do Norton SystemWorks.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\Arquivos de programas\Norton SystemWorks\OBC*****'
Parameters: ' /CUSTOM /SCHEDULE'
WorkingDirectory: ''
Comment: ''
Creator: 'Administrador'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 30
IdleDeadline: 0
MostRecentRun: 03/03/2006 17:30:00
NextRun: 07/07/2006 17:30:00
StartError: S_OK
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 0
TaskFlags: 0
1 Trigger
Trigger 0:
Type: Weekly
WeeksInterval: 1
DaysOfTheWeek: .....F.
StartDate: 12/20/2005
EndDate: 00/00/0000
StartTime: 17:30
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'Symantec Drmc.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SymDrmc*****'
Parameters: ' /CUSTOM /SCHEDULE'
WorkingDirectory: ''
Comment: ''
Creator: 'Administrador'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 30
IdleDeadline: 0
MostRecentRun: 03/04/2006 0:00:00
NextRun: 07/02/2006 0:00:00
StartError: S_OK
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 0
TaskFlags: 0
1 Trigger
Trigger 0:
Type: Daily
DaysInterval: 1
StartDate: 12/20/2005
EndDate: 00/00/0000
StartTime: 00:00
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
[TRACE] Activating job 'Symantec NetDetect.job'
[TRACE] Printing all job properties
ApplicationName: 'C:\Arquivos de programas\Symantec\LiveUpdate\NDETECT*****'
Parameters: ''
WorkingDirectory: 'C:\Arquivos de programas\Symantec\LiveUpdate'
Comment: 'Symantec NetDetect'
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 07/01/2006 8:26:21
NextRun: 07/01/2006 12:04:00
StartError: S_OK
ExitCode: 0x65
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 0
TaskFlags: 0
2 Triggers
Trigger 0:
Type: Daily
DaysInterval: 1
StartDate: 07/01/2006
EndDate: 00/00/0000
StartTime: 12:04
MinutesDuration: 1440
MinutesInterval: 5
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
Trigger 1:
Type: AtLogon
StartDate: 12/20/2005
EndDate: 00/00/0000
StartTime: 14:47
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0
Log do Hijack This:
Citação:
Logfile of HijackThis v1.99.1
Scan saved at 08:30:12, on 1/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss*****
C:\WINDOWS\system32\winlogon*****
C:\WINDOWS\system32\services*****
C:\WINDOWS\system32\lsass*****
C:\WINDOWS\system32\svchost*****
C:\WINDOWS\System32\svchost*****
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr*****
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr*****
C:\WINDOWS\system32\spoolsv*****
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM*****
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\navapsvc*****
C:\WINDOWS\system32\nvsvc32*****
C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan*****
C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent*****
C:\WINDOWS\Explorer*****
C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ*****
C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch*****
C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp*****
C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched*****
C:\Program Files\Internet Optimizer\optimize*****
C:\WINDOWS\system32\RUNDLL32*****
C:\Arquivos de programas\MessengerPlus! 3\MsgPlus*****
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S08IC 1*****
C:\Arquivos de programas\Winamp\winampa*****
C:\Arquivos de programas\Thomson\SpeedTouch USB\Dragdiag*****
C:\WINDOWS\system32\Sys\TibiaMC*****
C:\ARQUIV~1\PPPATC~1\winlogon*****
C:\Arquivos de programas\MSN Messenger\msnmsgr*****
C:\Arquivos de programas\Internet Explorer\iexplore*****
C:\Arquivos de programas\Messenger\msmsgs*****
C:\Documents and Settings\Artur\Desktop\HijackThis*****
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\ARQUIV~1\FlashGet\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\fgiebar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck*****
O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ*****"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32***** C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\ARQUIV~1\ARQUIV~1\INSTAL~1\UPDATE~1\isuspm***** -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch*****" -start
O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp*****"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched*****
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize*****"
O4 - HKLM\..\Run: [nwiz] nwiz***** /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32***** C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [[01]################################################## ################################################## ##########################] C:\Documents and Settings\Administrador\Internet Optimizer\update\rogue*****
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus*****"
O4 - HKLM\..\Run: [EPSON Stylus C43 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S08IC 1***** /P23 "EPSON Stylus C43 Series" /O5 "LPT1:" /M "Stylus C43"
O4 - HKLM\..\Run: [WinampAgent] C:\Arquivos de programas\Winamp\winampa*****
O4 - HKLM\..\Run: [e2879e9b*****] C:\WINDOWS\system32\e2879e9b*****
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Arquivos de programas\Thomson\SpeedTouch USB\Dragdiag*****" /icon
O4 - HKLM\..\Run: [TibiaMC] C:\WINDOWS\system32\Sys\TibiaMC*****
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus*****" /WinStart
O4 - HKCU\..\Run: [e2879e9b*****] C:\Documents and Settings\Artur\Configurações locais\Dados de aplicativos\e2879e9b*****
O4 - HKCU\..\Run: [Uume] "C:\ARQUIV~1\PPPATC~1\winlogon*****" -vt yazr
O4 - HKCU\..\Run: [LightDialer] C:\Arquivos de programas\Turbo\Discador Turbo\DISCADOR*****
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr*****" /background
O4 - Startup: Discador Turbo (2).lnk = C:\Arquivos de programas\Turbo\Discador Turbo\discador*****
O8 - Extra context menu item: Download All by FlashGet - C:\Arquivos de programas\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Arquivos de programas\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL*****/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget*****
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\flashget*****
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs*****
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs*****
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {3C8B9651-4E3E-424D-B51C-54544ABF536B} (CAtmCap Object) - https://ww8.banrisul.com.br/bto/link...eControl2k.cab
O16 - DPF: {9C377DD8-8CE6-484C-975D-F4D03493EBBE} (DownloadManager Control) - http://brturbo.imusica.com.br/Download.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E9E5438D-FC9E-4C60-A7DC-99E4CF8787ED}: NameServer = 201.10.120.3 201.10.1.2
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winjrs32 - winjrs32.dll (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr*****
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccPwdSvc*****
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr*****
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT*****
O23 - Service: Serviço de proteção automática do Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\navapsvc*****
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32*****
O23 - Service: SAVScan - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton Antivirus\SAVScan*****
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\SCRIPT~1\SBServ*****
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc***** (file missing)
O23 - Service: SNMgrSvc - Open Communications Security S/A - C:\WINDOWS\system32\SnMgrSvc*****
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent*****
Se for usar, usa direito, porra!
(y)
PORRA GENTE!!
TO PEDINDO AJUDA!!
SE FOR FALAR MERDA E MELHOR NAO FALAR!!
O MODERADOR ME DEU UMA BRONCA E ISSO BASTA PORRA
Posso simplesmente desinstalar o keylogger?
HELP!!!!!! PLZ