a pastebin project

Miscellany

  1. Logfile of Trend Micro HijackThis v2.0.2
  2. Scan saved at 21:37:44, on 6/1/2008
  3. Platform: Windows XP SP2 (WinNT 5.01.2600)
  4. MSIE: Internet Explorer v7.00 (7.00.6000.16544)
  5. Boot mode: Normal
  6.  
  7. Running processes:
  8. C:\WINDOWS\System32\smss.exe
  9. C:\WINDOWS\system32\csrss.exe
  10. C:\WINDOWS\system32\winlogon.exe
  11. C:\WINDOWS\system32\services.exe
  12. C:\WINDOWS\system32\lsass.exe
  13. C:\WINDOWS\system32\svchost.exe
  14. C:\WINDOWS\system32\svchost.exe
  15. C:\WINDOWS\System32\svchost.exe
  16. C:\WINDOWS\system32\svchost.exe
  17. C:\WINDOWS\system32\svchost.exe
  18. C:\WINDOWS\Explorer.EXE
  19. C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
  20. C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
  21. C:\WINDOWS\system32\spoolsv.exe
  22. C:\Arquivos de programas\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
  23. C:\Arquivos de programas\Logicool\Qcam10\QCam10.exe
  24. C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe
  25. C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe
  26. C:\WINDOWS\system32\ctfmon.exe
  27. c:\arquivos de programas\arquivos comuns\logicool\lvmvfm\LVPrcSrv.exe
  28. C:\Arquivos de programas\Arquivos comuns\Logicool\LComMgr\Communications_Helper.exe
  29. C:\Arquivos de programas\Arquivos comuns\Logicool\LComMgr\LVComSX.exe
  30. C:\Arquivos de programas\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
  31. C:\Arquivos de programas\GbPlugin\GbpSv.exe
  32. C:\Arquivos de programas\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
  33. C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
  34. C:\WINDOWS\system32\svchost.exe
  35. C:\Arquivos de programas\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
  36. C:\Arquivos de programas\Windows Media Player\wmplayer.exe
  37. C:\WINDOWS\System32\alg.exe
  38. C:\Arquivos de programas\Logicool\Qcam10\COCIManager.exe
  39. C:\WINDOWS\system32\INTERNAT.EXE
  40. C:\WINDOWS\System32\svchost.exe
  41. C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe
  42. C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
  43. C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe
  44. C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe
  45. C:\WINDOWS\system32\wbem\wmiprvse.exe
  46.  
  47. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  48. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  49. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  50. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  51. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  52. O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  53. O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll
  54. O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
  55. O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  56. O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll
  57. O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
  58. O4 - HKLM\..\Run: [CAVRID] "C:\Arquivos de programas\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
  59. O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Arquivos de programas\Logicool\Qcam10\QCam10.exe" /hide
  60. O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
  61. O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe"  -osboot
  62. O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
  63. O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background
  64. O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
  65. O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
  66. O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
  67. O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
  68. O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
  69. O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  70. O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll
  71. O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll
  72. O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  73. O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
  74. O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
  75. O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
  76. O15 - Trusted Zone: http://jogos.msn.com.br
  77. O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} - http://200.212.184.212/g_bin/eng/boards_2_0_0_34.cab
  78. O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab
  79. O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
  80. O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.atrativa.com.br/games/applets/gamehouse/luxor_ar/mjolauncher.cab
  81. O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.33/g_bin/eng/poker_2_0_0_49.cab
  82. O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://www.atrativa.com.br/games/applets/gamehouse/tumblebugs/axhost.cab
  83. O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
  84. O16 - DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} - http://200.212.184.212/g_bin/eng/marbles_2_0_0_32.cab
  85. O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
  86. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
  87. O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancobrasil.com.br/plugin/GbpDist.cab
  88. O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.atrativa.com.br/games/applets/popcap/zuma/popcaploader.cab
  89. O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
  90. O16 - DPF: {FC4CAF5F-91BD-4DD9-ADC1-F3C737E37BC4} (CPlayFirstSweetopiaControl Object) - http://www.atrativa.com.br/Sweetopia.1.0.0.20.cab
  91. O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Arquivos de programas\Logicool\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
  92. O20 - Winlogon Notify: __GbPluginBb - C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbieh.dll
  93. O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
  94. O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
  95. O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
  96. O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
  97. O23 - Service: CaCCProvSP - CA, Inc. - C:\Arquivos de programas\CA\CA Internet Security Suite\ccprovsp.exe
  98. O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Arquivos de programas\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
  99. O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\Arquivos de programas\GbPlugin\GbpSv.exe
  100. O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Arquivos de programas\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
  101. O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logicool Inc. - c:\arquivos de programas\arquivos comuns\logicool\lvmvfm\LVPrcSrv.exe
  102. O23 - Service: LVSrvLauncher - Logicool Inc. - C:\Arquivos de programas\Arquivos comuns\Logicool\SrvLnch\SrvLnch.exe
  103. O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
  104. O23 - Service: PPCtlPriv - CA, Inc. - C:\Arquivos de programas\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
  105. O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Arquivos de programas\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
  106.  
  107. --
  108. End of file - 9227 bytes

advertising

Create a Paste

Please enter your new post below (or upload a file instead):





Please note that information posted here will not expire by default. If you want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords.

worth-right
worth-right
fantasy-obligation