Publicado em 20 de jan.

[Resolvido] &nbspTeclado trava e inverte caracteres. Malware?

Pessoal, bom dia.

Logo quando ligo o PC, ele funciona normalmente, mas depois de algumas horas começa a apresentar esse problema: eu digito um texto qualquer e, em determinado momento, a digitação congela por um ou dois segundos e, quando as letras surgem, elas estão completamente invertidas. Por exemplo:

Este é um exolpme de como os meus textos tem fodaci quando o problame acontece.

Não sei se é alguma falha de hw/sw ou se trata-se de infecção. Segue log do Hijack

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 09:06:39, on 20/1/2012

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Win\lsass.exe

C:\Documents and Settings\All Users\Dados de aplicativos\LGMOBILEAX\notiagent\NotiAgent.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\LGScsiCommandService.exe

C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Arquivos de programas\Motorola\MotoConnectService\MotoConnectService.exe

C:\Arquivos de programas\Motorola\MotoConnectService\MotoConnect.exe

C:\Arquivos de programas\UTORRENT\utorrent.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe

C:\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://gsfs-america.lge.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://eis.esnips.com/page/search/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\ARQUIV~1\MICROS~1\Office12\GRA8E1~1.DLL

O2 - BHO: Windows Media Player Sharing Plugin - {7380C6A8-9ACD-4EBA-8C76-2D170B5C08BB} - C:\ProgramData\Windows\nporbit.dll

O2 - BHO: eSnipBHO - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: TwebstBHO Class - {F533E300-85E2-46FA-9CD9-5358BF11EE42} - C:\ProgramData\Codecentrix\Twebst\TwebstBHO.dll

O4 - HKLM\..\Run: [run32] C:\Win\lsass.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [b2B_AGENT] "C:\Documents and Settings\All Users\Dados de aplicativos\LGMOBILEAX\notiagent\NotiAgent.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [MsnMsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: &Download All using 4shared Desktop - C:\Arquivos de programas\4shared Desktop\down_all.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~1\Office12\REFIEBAR.DLL

O15 - Trusted Zone: http://meugadget.blogspot.com

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - http://aic.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab

O16 - DPF: {1455BE02-C41B-4115-B21C-32380507DC8F} (MxTextAreaU Class) - http://136.166.4.85:8110/sys/cabfiles/MxTextAreaU.cab

O16 - DPF: {1C18220D-EC23-48C8-B35E-857ADE9D1465} (Potential Class) - http://136.166.4.85:8110/sys/cabfiles/Potential.cab

O16 - DPF: {223216F6-B9FE-406D-9ED6-143FCE3A07B8} (MxLogicalTRU Class) - http://136.166.4.85:8110/sys/cabfiles/MxLogicalTRU.cab

O16 - DPF: {2F98EA90-EAE1-4AB5-AE89-DA073D824589} (MxBinderU Class) - http://136.166.4.85:8110/sys/cabfiles/MxBinderU.cab

O16 - DPF: {31538FAB-8051-4CFA-ACA4-B2668718B6F8} (MxMenuU Class) - http://136.166.4.85:8110/sys/cabfiles/MxMenuU.cab

O16 - DPF: {46DE705F-D294-4688-A12D-5E06FEFDEE2C} (LocalDBU Class) - http://136.166.4.85:8110/sys/cabfiles/MxLocalDBU.cab

O16 - DPF: {5C32688E-CEBE-419D-9C63-0704A2331EEC} (MxFileControlU Class) - http://136.166.4.85:8110/sys/cabfiles/MxFileControlU.cab

O16 - DPF: {71E7ACA0-EF63-4055-9894-229B056E9C31} (MxGridU Class) - http://gsfs-america.lge.com/sys/cabfiles/MxGridU.cab

O16 - DPF: {84168FE7-B960-402B-BC0E-E7214D2CFC10} (MxResourceMngU Class) - http://136.166.4.85:8110/sys/cabfiles/MxResourceMngU.cab

O16 - DPF: {90CAA259-71ED-42CB-BEB8-95281CCF9E58} (MxTabU Class) - http://136.166.4.85:8110/sys/cabfiles/MxTabU.cab

O16 - DPF: {9683681E-FAD6-45F1-86B3-FD60C7101BC9} (MxReportU Class) - http://136.166.4.85:8110/sys/cabfiles/MxReportU.cab

O16 - DPF: {98D193AD-51B4-4503-80F5-EB953C47DB47} (RSSAdaptor Class) - http://136.166.4.85:8110/sys/cabfiles/MxRSSAdaptor.cab

O16 - DPF: {9F0AA341-1D10-4B18-B70B-6AA49CE7F5D6} (MxImageSetU Class) - http://136.166.4.85:8110/sys/cabfiles/MxImageSetU.cab

O16 - DPF: {AF989B7C-8AC3-40BC-B749-EB335BDFD190} (MxDataSetU Class) - http://136.166.4.85:8110/sys/cabfiles/MxDataSetU.cab

O16 - DPF: {B1405FE9-DEF8-4679-A3BC-C05F1330CDDD} (MGridU Class) - http://136.166.4.85:8110/sys/cabfiles/MxMGridU.cab

O16 - DPF: {BB4533A0-85E0-4657-9BF2-E8E7B100D47E} (MxComboU Class) - http://136.166.4.85:8110/sys/cabfiles/MxComboU.cab

O16 - DPF: {C1781C5C-0C32-40F2-8927-46FE4BCB5B87} (MxTreeU Class) - http://136.166.4.85:8110/sys/cabfiles/MxTreeU.cab

O16 - DPF: {D14E96C4-2AD2-4954-A242-85CFDA64E0A4} (BinVerCheckAx Control) - http://csmg.lgmobile.com:9002/client/app/BinVerCheckAx.cab

O16 - DPF: {D7779973-9954-464E-9708-DA774CA50E13} (MxMaskEditU Class) - http://136.166.4.85:8110/sys/cabfiles/MxMaskEditU.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F73C0958-D8FE-43A5-9BB0-0F651C5A2BCC} (MxRadioU Class) - http://136.166.4.85:8110/sys/cabfiles/MxRadioU.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{356DCB90-6C18-4A65-A308-614D08A7B7A3}: NameServer = 192.168.254.254

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\ARQUIV~1\MICROS~1\Office12\GR99D3~1.DLL

O18 - Filter: application/x-gforms-deflate - {16F165FF-E9B6-496C-AD6D-039418EA3420} - C:\WINDOWS\Downloaded Program Files\Potential.dll

O18 - Filter: application/x-gforms-xml - {16F165FF-E9B6-496C-AD6D-039418EA3420} - C:\WINDOWS\Downloaded Program Files\Potential.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: LG SCSI command service (LGScsiCommandService) - Mobile Leader Co.,Ltd. - C:\WINDOWS\system32\LGScsiCommandService.exe

O23 - Service: MotoConnect Service - Unknown owner - C:\Arquivos de programas\Motorola\MotoConnectService\MotoConnectService.exe

End of file - 9049 bytes

Agradeço de antemão

Weick

Discussão (13)

Entre ou cadastre-se para participar da discussão

Entrar Criar conta

Carregando comentários...