Curtir: 
Analisem meu log Hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 21:01:30, on 5/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\system32\Ati2evxx*****
C:\WINDOWS\Explorer*****
C:\Arquivos de programas\Eset\nod32kui*****
C:\WINDOWS\SOUNDMAN*****
C:\Program Files\ASUS\Probe\AsusProb*****
C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ*****
C:\Arquivos de programas\Ahead\InCD\InCD*****
C:\Arquivos de programas\ATI Technologies\ATI*****\cli*****
C:\Arquivos de programas\Hewlett-Packard\HP Share-to-Web\hpgs2wnd*****
C:\Arquivos de programas\iTunes\iTunesHelper*****
C:\Arquivos de programas\Hewlett-Packard\HP Share-to-Web\hpgs2wnf*****
C:\Arquivos de programas\ewido anti-spyware 4.0\ewido*****
C:\Arquivos de programas\MSN Messenger\MsnMsgr*****
C:\WINDOWS\system32\Ati2evxx*****
C:\Arquivos de programas\Mozilla Firefox\firefox*****
C:\Documents and Settings\Lucas\Desktop\HijackThis*****
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tibiabr.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.compartilhando.org/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.compartilhando.org/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\WINDOWS\Downloaded Program Files\gbieh.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Arquivos de programas\Eset\nod32kui*****" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched*****
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN*****
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb*****
O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink DVD Solution\PowerDVD\PDVDServ*****"
O4 - HKLM\..\Run: [InCD] C:\Arquivos de programas\Ahead\InCD\InCD*****
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck*****
O4 - HKLM\..\Run: [ATICCC] "C:\Arquivos de programas\ATI Technologies\ATI*****\cli*****" runtime -Delay
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Arquivos de programas\Hewlett-Packard\HP Share-to-Web\hpgs2wnd*****
O4 - HKLM\..\Run: [WinVNC] "C:\Documents and Settings\Lucas\Desktop\UltraVNC\WinVNC*****" -servicehelper
O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper*****"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask*****" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Arquivos de programas\ewido anti-spyware 4.0\ewido*****" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr*****" /background
O4 - HKCU\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask*****" -atboottime
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl*****
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.compartilhando.org/
O16 - DPF: {66D393D5-4D80-497C-9F4F-F3839E090202} (PlayerOCX Control) - http://www.pysoft.com/Downloads/WebCamPlayerOCX.cab
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399F83} (GbPluginObj Class) - https://www14.bancobrasil.com.br/plugin/GbPluginBb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{41E79815-1E36-4BA8-BBA7-3757D7C28137}: NameServer = 200.149.55.140 200.165.132.147
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc*****
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx*****
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Arquivos de programas\ewido anti-spyware 4.0\guard*****
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT*****
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv*****
O23 - Service: iPodService - Apple Computer, Inc. - C:\Arquivos de programas\iPod\bin\iPodService*****
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Arquivos de programas\Eset\nod32krn*****
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Documents and Settings\Lucas\Desktop\UltraVNC\WinVNC*****" -service (file missing)
link pro download,pra fika mais claro tah aki http://rapidshare.de/files/25404155/hijackthis.log.html
flww aew
Publicidade:
Jogue Tibia sem mensalidades!
Taleon Online - Otserv apoiado pelo TibiaBR.
https://taleon.online
Responder com Citação
Postado originalmente por Winddancer_
