Scribd Logo
Carica

Benvenuto in Scribd!

  • Caracteres Estranhos No Email - Casos Resolvidos - Fórum Linha Defensiva PDF

    Caricato da

    Delso De Jesus Cardoso
    17 visualizzazioni11 pagine

    Titolo originale

    Caracteres estranhos no email - Casos Resolvidos - Fórum Linha Defensiva.pdf

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    17 visualizzazioni11 pagine

    Caracteres Estranhos No Email - Casos Resolvidos - Fórum Linha Defensiva PDF

    Caricato da

    Delso De Jesus Cardoso

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 11

    15/07/2016

    LD

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva
    Frum

    Notcias

    Boletim

    Equipe

    Colunas

    Fale Conosco

    Downloads

    Dicas e Tutoriais

    Servios

    Remoo de Vrus

    Frum Linha Defensiva

    Navegao

    Fruns

    Home

    Entrar

    Servios

    Regras

    Cadastre-se

    Pesquisar...

    Atividades

    Calendrio

    Equipe de Moderao

    Remoo de Malware

    Casos Resolvidos

    Usurios Online

    Todas Atividades

    Caracteres estranhos no email

    Anncios Google

    Emailhotmail
    Emailexefiles
    Emailwindowslivemail
    Caracteres estranhos no email

    Entre para seguir isso

    Seguidores

    Criadoporalfa77, 03/03/2012 17:14

    9 posts neste tpico

    alfa77
    Membro

    Postado 03/03/2012 17:14 (editado)

    LogfileofHijackThisv1.99.1
    Scansavedat14:12:27,on3/3/2012
    Platform:WindowsXPSP3(WinNT5.01.2600)
    MSIE:InternetExplorerv8.00(8.00.6001.18702)
    Runningprocesses:

    Membro

    0
    165 posts

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Arquivosdeprogramas\Nero\Tools\InCD\InCDSrv.exe
    C:\Arquivosdeprogramas\AVASTSoftware\Avast\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Arquivosdeprogramas\MicrosoftOffice\Office12\GrooveMonitor.exe
    C:\Arquivosdeprogramas\AVASTSoftware\Avast\avastUI.exe
    C:\Arquivosdeprogramas\HP\HPSoftwareUpdate\HPWuSchd2.exe
    C:\Arquivosdeprogramas\CyberLink\PowerDVD11\PDVD11Serv.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Arquivosdeprogramas\Nero\Tools\InCD\NBHGui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Arquivosdeprogramas\HP\DigitalImaging\bin\hpqtra08.exe
    C:\Arquivosdeprogramas\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
    C:\Arquivosdeprogramas\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
    C:\Arquivosdeprogramas\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    1/11

    15/07/2016

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva
    C:\WINDOWS\system32\svchost.exe
    C:\Arquivosdeprogramas\Arquivoscomuns\MicrosoftShared\VS7DEBUG\MDM.EXE
    C:\Arquivosdeprogramas\Nero\Update\NASvc.exe
    C:\Arquivosdeprogramas\Nero\Tools\InCD\NBHRegInCDSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Arquivosdeprogramas\HP\DigitalImaging\bin\hpqSTE08.exe
    C:\Arquivosdeprogramas\HP\DigitalImaging\bin\hpqbam08.exe
    C:\Arquivosdeprogramas\HP\DigitalImaging\bin\hpqgpc01.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Arquivosdeprogramas\MozillaFirefox\firefox.exe
    C:\Arquivosdeprogramas\MozillaFirefox\plugincontainer.exe
    C:\DocumentsandSettings\Seunomeaqui\Meusdocumentos\Downloads\HijackThis.exe
    R1HKCU\Software\Microsoft\InternetExplorer\Main,SearchPage=
    &http://home.microsoft.com/intl/br/access/allinone.asp
    R0HKCU\Software\Microsoft\InternetExplorer\Main,StartPage=http://br.yahoo.com/
    R1HKLM\Software\Microsoft\InternetExplorer\Main,Default_Page_URL=
    http://go.microsoft.com/fwlink/?LinkId=69157
    R1HKLM\Software\Microsoft\InternetExplorer\Main,Default_Search_URL=
    http://go.microsoft.com/fwlink/?LinkId=54896
    R1HKLM\Software\Microsoft\InternetExplorer\Main,SearchPage=http://go.microsoft.com/fwlink/?
    LinkId=54896
    R0HKLM\Software\Microsoft\InternetExplorer\Main,StartPage=http://go.microsoft.com/fwlink/?
    LinkId=69157
    O2BHO:HPPrintEnhancer{0347C33E87624905BF09768834316C61}C:\Arquivosde
    programas\HP\DigitalImaging\SmartWebPrinting\hpswp_printenhancer.dll
    O2BHO:AcroIEHelperStub{18DF081CE8AD4283A596FA578C2EBDC3}C:\Arquivosde
    programas\Arquivoscomuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2BHO:RealPlayerDownloadandRecordPluginforInternetExplorer{3049C3E9B4614BC58870
    4C09146192CA}C:\Arquivosdeprogramas\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2BHO:(noname){5C255C8AE60449b49D6490988571CECB}(nofile)
    O2BHO:GrooveGFSBrowserHelper{7285316130C54D22B7F90BBC1D38A37E}C:\Arquivosde
    programas\MicrosoftOffice\Office12\GrooveShellExtensions.dll
    O2BHO:avast!WebRep{8E5E2654AD2D48bfAC2DD17F00898D06}C:\Arquivosde
    programas\AVASTSoftware\Avast\aswWebRepIE.dll
    O2BHO:AuxiliardeConexodoWindowsLive{9030D4644C024ABF8ECC5164760863C6}
    C:\Arquivosdeprogramas\Arquivoscomuns\MicrosoftShared\WindowsLive\WindowsLiveLogin.dll
    O2BHO:DAPIELoaderClass{FF6C3CF04B1511D1ABED709549C10000}
    C:\ARQUIV~1\DAP\DAPIEL~1.DLL
    O2BHO:HPSmartBHOClass{FFFFFFFFCF4E4F2BBDC20E72E116A856}C:\Arquivosde
    programas\HP\DigitalImaging\SmartWebPrinting\hpswp_BHO.dll
    O3Toolbar:avast!WebRep{8E5E2654AD2D48bfAC2DD17F00898D06}C:\Arquivosde
    programas\AVASTSoftware\Avast\aswWebRepIE.dll
    O4HKLM\..\Run:[skyTel]SkyTel.EXE
    O4HKLM\..\Run:[Alcmtr]ALCMTR.EXE
    O4HKLM\..\Run:[GrooveMonitor]"C:\Arquivosdeprogramas\Microsoft
    Office\Office12\GrooveMonitor.exe"
    O4HKLM\..\Run:[avast]"C:\Arquivosdeprogramas\AVASTSoftware\Avast\avastUI.exe"/nogui
    O4HKLM\..\Run:[AdobeARM]"C:\Arquivosdeprogramas\Arquivos
    comuns\Adobe\ARM\1.0\AdobeARM.exe"
    O4HKLM\..\Run:[HPSoftwareUpdate]C:\Arquivosdeprogramas\HP\HPSoftware

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    2/11

    15/07/2016

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva
    Update\HPWuSchd2.exe
    O4HKLM\..\Run:[RemoteControl11]C:\Arquivosde
    programas\CyberLink\PowerDVD11\PDVD11Serv.exe
    O4HKLM\..\Run:[NvCplDaemon]RUNDLL32.EXEC:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4HKLM\..\Run:[NvMediaCenter]RunDLL32.exeNvMCTray.dll,NvTaskbarInitlogin
    O4HKLM\..\Run:[nwiz]C:\Arquivosdeprogramas\NVIDIACorporation\nview\nwiz.exe/installquiet
    O4HKLM\..\Run:[NBHGui]C:\Arquivosdeprogramas\Nero\Tools\InCD\NBHGui.exe
    O4HKLM\..\Run:[NBAgent]"C:\Arquivosdeprogramas\Nero\Nero11\NeroBackItUp\NBAgent.exe"
    /WinStart
    O4HKLM\..\Run:[MSConfig]C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe/auto
    O4HKCU\..\Run:[ctfmon.exe]C:\WINDOWS\system32\ctfmon.exe
    O4HKCU\..\Run:[DownloadAccelerator]"C:\Arquivosdeprogramas\DAP\DAP.EXE"/STARTUP
    O4GlobalStartup:HPDigitalImagingMonitor.lnk=C:\Arquivosdeprogramas\HP\Digital
    Imaging\bin\hpqtra08.exe
    O8Extracontextmenuitem:&CleanTracesC:\Arquivosdeprogramas\DAP\Privacy
    Package\dapcleanerie.htm
    O8Extracontextmenuitem:&Downloadwith&DAPC:\Arquivosdeprogramas\DAP\dapextie.htm
    O8Extracontextmenuitem:Download&allwithDAPC:\Arquivosdeprogramas\DAP\dapextie2.htm
    O8Extracontextmenuitem:E&xporttoMicrosoftExcel
    res://C:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8Extracontextmenuitem:E&xportarparaoMicrosoftExcel
    res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9Extrabutton:SendtoOneNote{2670000A73504f3c80815663EE0C6C49}
    C:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll
    O9Extra'Tools'menuitem:S&endtoOneNote{2670000A73504f3c80815663EE0C6C49}
    C:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll
    O9Extrabutton:Research{92780B2518CC41C8B9BE3C9C571A8263}
    C:\ARQUIV~1\MICROS~3\Office12\REFIEBAR.DLL
    O9Extrabutton:ExibirouocultarHPSmartWebPrinting{DDE8786583C548c48357
    2F5B1AA84522}C:\Arquivosdeprogramas\HP\DigitalImaging\SmartWebPrinting\hpswp_BHO.dll
    O9Extrabutton:(noname){e2e2dd38d088413482b7f2ba38496583}%windir%\Network
    Diagnostic\xpnetdiag.exe(filemissing)
    O9Extra'Tools'menuitem:@xpsp3res.dll,20001{e2e2dd38d088413482b7f2ba38496583}
    %windir%\NetworkDiagnostic\xpnetdiag.exe(filemissing)
    O9Extrabutton:Messenger{FB5F1910F11011d2BB9E00C04F795683}C:\Arquivosde
    programas\Messenger\msmsgs.exe
    O9Extra'Tools'menuitem:WindowsMessenger{FB5F1910F11011d2BB9E00C04F795683}
    C:\Arquivosdeprogramas\Messenger\msmsgs.exe
    O11Optionsgroup:[iNTERNATIONAL]International
    O14IERESET.INF:SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
    O17HKLM\System\CCS\Services\Tcpip\..\{46D9BEFD539141398DE9BFEDDB4B79F4}:NameServer
    =200.204.0.10,200.204.0.138
    O18Protocol:grooveLocalGWS{88FED34CF0CA4636A3753CB6248B04CD}C:\Arquivosde
    programas\MicrosoftOffice\Office12\GrooveSystemServices.dll
    O18Protocol:livecall{828030A122C14009854F8E305202313F}
    C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18Protocol:mshelp{314111C7A50211D2BBCA00C04F8EC294}C:\Arquivosde
    programas\Arquivoscomuns\MicrosoftShared\Help\hxds.dll
    O18Protocol:msnim{828030A122C14009854F8E305202313F}
    C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18Filterhijack:text/xml{807563E5514611D5A67200B0D022E945}
    C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20WinlogonNotify:dimsntfy%SystemRoot%\System32\dimsntfy.dll(filemissing)
    O21SSODL:WPDShServiceObj{AAA288BA9A4C45B095D794D524869DB5}
    C:\WINDOWS\system32\WPDShServiceObj.dll

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    3/11

    15/07/2016

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva
    O23Service:avast!AntivirusAVASTSoftwareC:\Arquivosdeprogramas\AVAST
    Software\Avast\AvastSvc.exe
    O23Service:CLHNServiceForPowerDVDUnknownownerC:\Arquivosde
    programas\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
    O23Service:CyberLinkPowerDVD11.0MonitorServiceCyberLinkC:\Arquivosde
    programas\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
    O23Service:CyberLinkPowerDVD11.0ServiceCyberLinkC:\Arquivosde
    programas\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
    O23Service:InCDHelper(InCDSrv)NeroAGC:\Arquivosde
    programas\Nero\Tools\InCD\InCDSrv.exe
    O23Service:@C:\Arquivosdeprogramas\Nero\Update\NASvc.exe,200(NAUpdate)NeroAG
    C:\Arquivosdeprogramas\Nero\Update\NASvc.exe
    O23Service:NeroRegistryInCDService(NeroRegInCDSrv)NeroAGC:\Arquivosde
    programas\Nero\Tools\InCD\NBHRegInCDSrv.exe
    O23Service:NVIDIADriverHelperService(NVSvc)NVIDIACorporation
    C:\WINDOWS\system32\nvsvc32.exe
    O23Service:NVIDIAUpdateServiceDaemon(nvUpdatusService)NVIDIACorporationC:\Arquivos
    deprogramas\NVIDIACorporation\NVIDIAUpdateCore\daemonu.exe
    FuienviarumemailpeloHotmailetodasasletrascomacentosforamsubstitudasporcaracteres
    estranhos.
    Oquefazer?
    Aguardoresposta,
    Alfa77.
    PS:Esquecimededizerquemeuprimoveiominhacasaeinadvertidamente,instalouoNero11eum
    Crackdele.executouoarquivoeapareceu''successfullypatched'',mascomotenhoavast,oprograma
    foiexecutadodentrodaSandbox.
    Editado03/03/201217:23poralfa77

    Anncios Google

    R$2.849,05

    JoseMelo
    Assistente Profissional

    R$2.231,55

    R$3.030,50

    R$2.564,05

    R$2.365,50

    R$2.469,05

    R$3.989,05

    Svchostexevirus
    Dlldownloadrundll32exe
    Antivirusemail

    Postado 04/03/2012 11:34

    FaaodownloaddoMalwarebytesAntiMalware
    http://www.malwarebytes.org/mbamdownload.php
    Desativeoantivrus
    Faaainstalaodandoumduplocliqueem"mbamsetup.exe"
    Marque"AtualizarMalwarebytesAntiMalware"e"ExecutarMalwarebytesAntiMalware",eclique
    emconcluir

    Assistente Profissional

    Marque"VerificaoCompleta"edepoiscliqueemVerificar
    Quandooscanterminar,cliqueemOkeem"MostrarResultados"paraverolog

    126
    46.620 posts
    Sexo:Masculino
    Local:Uberaba - MG

    Sealgofordetectado,vejasetudoestmarcadoecliqueem"Remover"
    Ologautomaticamentegravadoepodeserconsultadoclicandoem"Logs"domenuprincipal
    Copieecoleocontedodesselognasuaprximaresposta.
    PostenovologdoHijackThis.

    alfa77
    Membro

    Postado 05/03/2012 01:58

    JoseMelo,
    PasseioBankerFixnoPCeessaanormalidadenosemailsdesapareceu.
    DevofazerainstalaodoMBAMeescaneamentocomelemesmoassim?
    Grato,

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    4/11

    15/07/2016

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva
    Alfa77.

    Membro

    0
    165 posts

    JoseMelo
    Assistente Profissional

    Postado 05/03/2012 19:24

    Aoposua.

    Assistente Profissional

    126
    46.620 posts
    Sexo:Masculino
    Local:Uberaba - MG

    alfa77
    Membro

    Postado 05/03/2012 20:17

    MalwarebytesAntiMalware1.60.1.1000
    www.malwarebytes.org
    VersodaBasedeDados:v2012.03.05.08
    WindowsXPServicePack3x86NTFS
    InternetExplorer8.0.6001.18702

    Membro

    0
    165 posts

    Seunomeaqui::HMEDJESSE841[administrador]
    5/3/201216:18:04
    mbamlog20120305(161804).txt
    TipodeVerificao:VerificaoCompleta
    Opesdeverificaesativadas:Memria|Inicializao|Registro|Sistemadearquivos|
    Heurstica/Extra|Heurstica/Shuriken|PUP|PUM
    Opesdeverificaodesativadas:P2P
    Objetosescaneados:262344
    Tempodecorrido:48minuto(s),47segundo(s)
    ProcessosdeMemriaDetectados:0
    (Noforamdetectadostensmaliciosos)
    MdulosdeMemriaDetectados:0
    (Noforamdetectadostensmaliciosos)
    ChavesdeRegistroDetectadas:1
    HKCR\CLSID\{147A976FEEE143778EA74716E4CDD239}(Adware.MyWebSearch)>Enviadoparaa
    Quarentenaedeletadocomsucesso.
    ValoresdeRegistroDetectadas:0
    (Noforamdetectadostensmaliciosos)
    ItensdeDadosnoRegistroDetectadas:1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL|Checke
    dValue(PUM.Hijack.System.Hidden)>Ruim:(0)Bom:(1)>EnviadoparaaQuarentenaereparado
    comsucesso.
    PastasDetectadas:1

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    5/11

    15/07/2016

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva
    C:\RESTORE\c1364879423853187424929897532(Worm.AutoRun)>EnviadoparaaQuarentenae
    deletadocomsucesso.
    ArquivosDetectados:1
    C:\RESTORE\c1364879423853187424929897532\Desktop.ini(Worm.AutoRun)>Enviadoparaa
    Quarentenaedeletadocomsucesso.
    (fim)
    LogfileofHijackThisv1.99.1
    Scansavedat17:12:06,on5/3/2012
    Platform:WindowsXPSP3(WinNT5.01.2600)
    MSIE:InternetExplorerv8.00(8.00.6001.18702)
    Runningprocesses:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Arquivosdeprogramas\Nero\Tools\InCD\InCDSrv.exe
    C:\Arquivosdeprogramas\AVASTSoftware\Avast\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Arquivosdeprogramas\MicrosoftOffice\Office12\GrooveMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Arquivosdeprogramas\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
    C:\Arquivosdeprogramas\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
    C:\Arquivosdeprogramas\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Arquivosdeprogramas\Arquivoscomuns\MicrosoftShared\VS7DEBUG\MDM.EXE
    C:\Arquivosdeprogramas\Nero\Update\NASvc.exe
    C:\Arquivosdeprogramas\Nero\Tools\InCD\NBHRegInCDSrv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Arquivosdeprogramas\AVASTSoftware\Avast\AvastUI.exe
    C:\Arquivosdeprogramas\MozillaFirefox\firefox.exe
    C:\Arquivosdeprogramas\Photodex\ProShowProducer\proshow.exe
    C:\Arquivosdeprogramas\MozillaFirefox\plugincontainer.exe
    C:\Arquivosdeprogramas\MicrosoftOffice\Office12\POWERPNT.EXE
    C:\Arquivosdeprogramas\Microsoft\OfficeLive\OfficeLiveSignIn.exe
    C:\Arquivosdeprogramas\WindowsLive\Messenger\msnmsgr.exe
    C:\Arquivosdeprogramas\WindowsLive\Contacts\wlcomm.exe
    C:\Arquivosdeprogramas\WindowsLive\Messenger\wlcsdk.exe
    C:\DocumentsandSettings\Seunomeaqui\Meusdocumentos\Downloads\HijackThis.exe
    R1HKCU\Software\Microsoft\InternetExplorer\Main,SearchPage=
    &http://home.microsoft.com/intl/br/access/allinone.asp
    R0HKCU\Software\Microsoft\InternetExplorer\Main,StartPage=http://br.yahoo.com/
    R1HKLM\Software\Microsoft\InternetExplorer\Main,Default_Page_URL=

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    6/11

    15/07/2016

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva
    http://go.microsoft.com/fwlink/?LinkId=69157
    R1HKLM\Software\Microsoft\InternetExplorer\Main,Default_Search_URL=
    http://go.microsoft.com/fwlink/?LinkId=54896
    R1HKLM\Software\Microsoft\InternetExplorer\Main,SearchPage=http://go.microsoft.com/fwlink/?
    LinkId=54896
    R0HKLM\Software\Microsoft\InternetExplorer\Main,StartPage=http://go.microsoft.com/fwlink/?
    LinkId=69157
    O2BHO:HPPrintEnhancer{0347C33E87624905BF09768834316C61}C:\Arquivosde
    programas\HP\DigitalImaging\SmartWebPrinting\hpswp_printenhancer.dll
    O2BHO:AcroIEHelperStub{18DF081CE8AD4283A596FA578C2EBDC3}C:\Arquivosde
    programas\Arquivoscomuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2BHO:RealPlayerDownloadandRecordPluginforInternetExplorer{3049C3E9B4614BC58870
    4C09146192CA}C:\Arquivosdeprogramas\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2BHO:(noname){5C255C8AE60449b49D6490988571CECB}(nofile)
    O2BHO:GrooveGFSBrowserHelper{7285316130C54D22B7F90BBC1D38A37E}C:\Arquivosde
    programas\MicrosoftOffice\Office12\GrooveShellExtensions.dll
    O2BHO:avast!WebRep{8E5E2654AD2D48bfAC2DD17F00898D06}C:\Arquivosde
    programas\AVASTSoftware\Avast\aswWebRepIE.dll
    O2BHO:AuxiliardeConexodoWindowsLive{9030D4644C024ABF8ECC5164760863C6}
    C:\Arquivosdeprogramas\Arquivoscomuns\MicrosoftShared\WindowsLive\WindowsLiveLogin.dll
    O2BHO:DAPIELoaderClass{FF6C3CF04B1511D1ABED709549C10000}
    C:\ARQUIV~1\DAP\DAPIEL~1.DLL
    O2BHO:HPSmartBHOClass{FFFFFFFFCF4E4F2BBDC20E72E116A856}C:\Arquivosde
    programas\HP\DigitalImaging\SmartWebPrinting\hpswp_BHO.dll
    O3Toolbar:avast!WebRep{8E5E2654AD2D48bfAC2DD17F00898D06}C:\Arquivosde
    programas\AVASTSoftware\Avast\aswWebRepIE.dll
    O4HKLM\..\Run:[skyTel]SkyTel.EXE
    O4HKLM\..\Run:[Alcmtr]ALCMTR.EXE
    O4HKLM\..\Run:[GrooveMonitor]"C:\Arquivosdeprogramas\Microsoft
    Office\Office12\GrooveMonitor.exe"
    O4HKLM\..\Run:[avast]"C:\Arquivosdeprogramas\AVASTSoftware\Avast\avastUI.exe"/nogui
    O4HKLM\..\Run:[AdobeARM]"C:\Arquivosdeprogramas\Arquivos
    comuns\Adobe\ARM\1.0\AdobeARM.exe"
    O4HKLM\..\Run:[HPSoftwareUpdate]C:\Arquivosdeprogramas\HP\HPSoftware
    Update\HPWuSchd2.exe
    O4HKLM\..\Run:[RemoteControl11]C:\Arquivosde
    programas\CyberLink\PowerDVD11\PDVD11Serv.exe
    O4HKLM\..\Run:[NvCplDaemon]RUNDLL32.EXEC:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4HKLM\..\Run:[NvMediaCenter]RunDLL32.exeNvMCTray.dll,NvTaskbarInitlogin
    O4HKLM\..\Run:[nwiz]C:\Arquivosdeprogramas\NVIDIACorporation\nview\nwiz.exe/installquiet
    O4HKLM\..\Run:[NBHGui]C:\Arquivosdeprogramas\Nero\Tools\InCD\NBHGui.exe
    O4HKLM\..\Run:[NBAgent]"C:\Arquivosdeprogramas\Nero\Nero11\NeroBackItUp\NBAgent.exe"
    /WinStart
    O4HKLM\..\RunOnce:[MalwarebytesAntiMalware]C:\Arquivosdeprogramas\Malwarebytes'Anti
    Malware\mbamgui.exe/install/silent
    O4HKCU\..\Run:[ctfmon.exe]C:\WINDOWS\system32\ctfmon.exe
    O4HKCU\..\Run:[DownloadAccelerator]"C:\Arquivosdeprogramas\DAP\DAP.EXE"/STARTUP
    O4HKCU\..\Run:[msnmsgr]"C:\Arquivosdeprogramas\WindowsLive\Messenger\msnmsgr.exe"
    /background
    O4GlobalStartup:HPDigitalImagingMonitor.lnk=C:\Arquivosdeprogramas\HP\Digital
    Imaging\bin\hpqtra08.exe
    O8Extracontextmenuitem:&CleanTracesC:\Arquivosdeprogramas\DAP\Privacy
    Package\dapcleanerie.htm
    O8Extracontextmenuitem:&Downloadwith&DAPC:\Arquivosdeprogramas\DAP\dapextie.htm
    O8Extracontextmenuitem:Download&allwithDAPC:\Arquivosdeprogramas\DAP\dapextie2.htm

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    7/11

    15/07/2016

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva
    O8Extracontextmenuitem:E&xporttoMicrosoftExcel
    res://C:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8Extracontextmenuitem:E&xportarparaoMicrosoftExcel
    res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9Extrabutton:SendtoOneNote{2670000A73504f3c80815663EE0C6C49}
    C:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll
    O9Extra'Tools'menuitem:S&endtoOneNote{2670000A73504f3c80815663EE0C6C49}
    C:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll
    O9Extrabutton:Research{92780B2518CC41C8B9BE3C9C571A8263}
    C:\ARQUIV~1\MICROS~3\Office12\REFIEBAR.DLL
    O9Extrabutton:ExibirouocultarHPSmartWebPrinting{DDE8786583C548c48357
    2F5B1AA84522}C:\Arquivosdeprogramas\HP\DigitalImaging\SmartWebPrinting\hpswp_BHO.dll
    O9Extrabutton:(noname){e2e2dd38d088413482b7f2ba38496583}%windir%\Network
    Diagnostic\xpnetdiag.exe(filemissing)
    O9Extra'Tools'menuitem:@xpsp3res.dll,20001{e2e2dd38d088413482b7f2ba38496583}
    %windir%\NetworkDiagnostic\xpnetdiag.exe(filemissing)
    O9Extrabutton:Messenger{FB5F1910F11011d2BB9E00C04F795683}C:\Arquivosde
    programas\Messenger\msmsgs.exe
    O9Extra'Tools'menuitem:WindowsMessenger{FB5F1910F11011d2BB9E00C04F795683}
    C:\Arquivosdeprogramas\Messenger\msmsgs.exe
    O11Optionsgroup:[iNTERNATIONAL]International
    O14IERESET.INF:SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
    O17HKLM\System\CCS\Services\Tcpip\..\{46D9BEFD539141398DE9BFEDDB4B79F4}:NameServer
    =200.204.0.10,200.204.0.138
    O18Protocol:grooveLocalGWS{88FED34CF0CA4636A3753CB6248B04CD}C:\Arquivosde
    programas\MicrosoftOffice\Office12\GrooveSystemServices.dll
    O18Protocol:livecall{828030A122C14009854F8E305202313F}
    C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18Protocol:mshelp{314111C7A50211D2BBCA00C04F8EC294}C:\Arquivosde
    programas\Arquivoscomuns\MicrosoftShared\Help\hxds.dll
    O18Protocol:msnim{828030A122C14009854F8E305202313F}
    C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18Filterhijack:text/xml{807563E5514611D5A67200B0D022E945}
    C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20WinlogonNotify:dimsntfy%SystemRoot%\System32\dimsntfy.dll(filemissing)
    O21SSODL:WPDShServiceObj{AAA288BA9A4C45B095D794D524869DB5}
    C:\WINDOWS\system32\WPDShServiceObj.dll
    O23Service:avast!AntivirusAVASTSoftwareC:\Arquivosdeprogramas\AVAST
    Software\Avast\AvastSvc.exe
    O23Service:CLHNServiceForPowerDVDUnknownownerC:\Arquivosde
    programas\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
    O23Service:CyberLinkPowerDVD11.0MonitorServiceCyberLinkC:\Arquivosde
    programas\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
    O23Service:CyberLinkPowerDVD11.0ServiceCyberLinkC:\Arquivosde
    programas\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
    O23Service:InCDHelper(InCDSrv)NeroAGC:\Arquivosde
    programas\Nero\Tools\InCD\InCDSrv.exe
    O23Service:@C:\Arquivosdeprogramas\Nero\Update\NASvc.exe,200(NAUpdate)NeroAG
    C:\Arquivosdeprogramas\Nero\Update\NASvc.exe
    O23Service:NeroRegistryInCDService(NeroRegInCDSrv)NeroAGC:\Arquivosde
    programas\Nero\Tools\InCD\NBHRegInCDSrv.exe
    O23Service:NVIDIADriverHelperService(NVSvc)NVIDIACorporation
    C:\WINDOWS\system32\nvsvc32.exe
    O23Service:NVIDIAUpdateServiceDaemon(nvUpdatusService)NVIDIACorporationC:\Arquivos
    deprogramas\NVIDIACorporation\NVIDIAUpdateCore\daemonu.exe
    O23Service:ScsiAccessUnknownownerC:\Arquivosdeprogramas\Photodex\ProShow
    Producer\ScsiAccess.exe

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    8/11

    15/07/2016

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva

    JoseMelo
    Assistente Profissional

    Postado 06/03/2012 18:40

    FaaodownloaddoKasperskyVirusRemovalTooldeumdesses2links:
    http://devbuilds.kasperskylabs.com/devbuilds/AVPTool/
    http://dnlus6.kasperskylabs.com/devbuilds/AVPTool/
    Salveoemsuareadetrabalho.
    Duplocliquenoarquivo"setup"eaguardeainstalao

    Assistente Profissional

    NaprximatelamarqueIacceptthelicenceagreementecliqueemStart
    Cliquenoboto

    126
    46.620 posts
    Sexo:Masculino

    emarque:

    Local:Uberaba - MG

    Meucomputador
    Discolocal(C:)(aletradodiscolocalpodevariar)
    CliqueemActionsedesmarqueosdoisquadros:

    CliquenaabaAutomaticScaneaguardeotrminodaverificao.
    Cliquenoboto

    ,emDetectedthreatsenoboto"Save".
    Copieocontedodoarquivosalvo(sehouveralgodetectado)epostenasuaprximaresposta.

    alfa77
    Membro

    Postado 07/03/2012 01:05

    Noforamdetectadasameaas.
    Posso/devodesinstalaroMBAMeoKRT????
    Grato,
    Alfa77.

    Membro

    0
    165 posts

    JoseMelo

    Postado 07/03/2012 19:13

    Assistente Profissional

    Citar
    Posso/devodesinstalaroMBAMeoKRT????
    Nenhumproblema.
    Loglimpo
    FaaodownloaddoCCleaner:

    Assistente Profissional

    CliqueemSalvarequandoterminadoodownload,faaainstalao
    AbraoprogramaecliqueemExecutarLimpeza

    126

    Apsisto,cliqueemRegistro>Procurarerros>Corrigirerrosselecionados

    46.620 posts

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    9/11

    15/07/2016

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva
    LeiaoartigoProtejaseuPCparamaioresinformaessobrecomoevitarinfeces

    Sexo:Masculino
    Local:Uberaba - MG

    Senotivermaisproblema,cliquenoboto
    p_report.gif
    edigaqueoseucasofoiresolvido.

    Postado 07/03/2012 21:01

    Astromech
    Moderador

    ProblemaResolvido!

    Casooautornecessitequeotpicosejareaberto,entreemcontatocomumdosmembrosdaequipede
    moderao.

    Moderador

    7
    3.547 posts
    Sexo:Masculino
    Local:Porto Alegre - RS

    Este tpico est impedido de receber novos posts.

    IR PARA A LISTA DE TPICOS

    Casos Resolvidos

    Quem Est Navegando

    0 membros esto online

    Nenhum usurio registrado visualizando esta pgina.

    Home

    Servios

    Remoo de Malware

    Casos Resolvidos

    Todas Atividades

    Caracteres estranhos no email

    voc
    Seavoc
    pode
    ter
    uma
    com
    seua anti-virus
    de
    Mude Mude
    para
    Kaspersky
    paraficar
    a companhia
    Lab
    para
    que a Forbes
    proteo
    mais premiada
    do
    mercado.
    sensao
    qualidade
    falsa de
    inferior... em anticonsidera
    como
    a "especialista

    Proteja-se!

    segurana. virus"
    Idiomas

    Poltica De Privacidade

    Contato

    Linha Defensiva
    Community Software by Invision Power Services, Inc.

    Downloads

    Dicas e Tutoriais

    Notcias

    Blogs e Colunas

    Servios

    Antivrus

    Segurana na Web

    Alertas

    ARIS-LD

    BankerFix

    Anti-spywares

    Remoo de Malware

    DRM e Pirataria

    Cibercultura

    Bate-papo

    Firewalls

    Windows

    Entrevistas

    Direito e Tecnologia

    Dicionrio

    Falhas

    Direto do Editor

    Tire dvidas

    Boletim

    Internet

    Redes Sociais

    Encaminhe e-mail suspeito

    Cadastre-se e receba em seu e-mail

    Justia

    Segurana e Sociedade

    Regras de comentrios

    Proteo

    Podcast

    Faa uma doao

    Seu e-mail aqui...

    assinar

    Vrus & Exploits

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    10/11

    15/07/2016

    CaracteresestranhosnoemailCasosResolvidosFrumLinhaDefensiva

    Anuncie | Termos de Uso | Politica de Privacidade | WP


    Editado por Altieres Rohr. Mantido pelo Staff Linha Defensiva
    Contato Geral: geral@linhadefensiva.com.br
    2004-2015 Linha Defensiva. Todos os Direitos Reservados.

    http://www.linhadefensiva.org/forum/topic/140375caracteresestranhosnoemail/

    Parceiro

    Site Seguro

    English

    11/11

    Potrebbero piacerti anche