Entre para seguir isso  
Seguidores 0
jmac

O computador esta sempre a abrir janelas novas

11 posts neste tópico

Saudações

O meu computador esta a abrir janelas sem autorização e fica muito lento.

Não consigo fecha-las tenho de mandar abaixo.

Segue o log, obrigado

Logfile of HijackThis v1.99.1

Scan saved at 12:23:17, on 01-07-2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\AVG\AVG9\avgchsvx.exe

C:\Programas\AVG\AVG9\avgrsx.exe

C:\Programas\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe

C:\Programas\QuickTime\QTTask.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\Programas\Unlocker\UnlockerAssistant.exe

C:\Programas\ULi5287\ULi5287.exe

C:\Programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\rmctrl.exe

C:\Programas\ECDL Hellas SA\ECDL ATES 4.5 Demo\launcher.exe

C:\Programas\iTunes\iTunesHelper.exe

C:\Programas\HP\HP Software Update\HPWuSchd2.exe

C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Programas\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Programas\AVG\AVG9\avgwdsvc.exe

C:\Programas\AVG\AVG9\avgfws9.exe

C:\PROGRA~1\Bandoo\Bandoo.exe

C:\Programas\Bonjour\mDNSResponder.exe

C:\Programas\DNA\btdna.exe

C:\Programas\AVG\AVG9\avgam.exe

C:\WINDOWS\system32\cisvc.exe

C:\Programas\AVG\AVG9\avgnsx.exe

C:\Programas\Java\jre6\bin\jqs.exe

C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\HPZipm12.exe

C:\Programas\AVG\AVG9\avgcsrvx.exe

C:\Programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Programas\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\PC\Ambiente de trabalho\triagem\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programas\AVG\AVG9\Toolbar\IEToolbar.dll

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.dll

R3 - URLSearchHook: Jornais e Revistas Toolbar - {95c92dc9-32af-45c4-8123-8c48840b947e} - C:\Programas\Jornais_e_Revistas\tbJorn.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programas\AVG\AVG9\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre6\bin\ssv.dll

O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Jornais e Revistas Toolbar - {95c92dc9-32af-45c4-8123-8c48840b947e} - C:\Programas\Jornais_e_Revistas\tbJorn.dll

O2 - BHO: (no name) - {a27d78c3-3621-470a-b798-0af40023332d} - (no file)

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programas\AVG\AVG9\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Programas\Bandoo\Plugins\IE\ieplugin.dll

O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programas\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.dll

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programas\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programas\AVG\AVG9\Toolbar\IEToolbar.dll

O3 - Toolbar: Jornais e Revistas Toolbar - {95c92dc9-32af-45c4-8123-8c48840b947e} - C:\Programas\Jornais_e_Revistas\tbJorn.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [ATIPTA] "C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Programas\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [uLiRaid] C:\Programas\ULi5287\ULi5287.exe

O4 - HKLM\..\Run: [sweetIM] C:\Programas\Macrogaming\SweetIM\SweetIM.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programas\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe

O4 - HKLM\..\Run: [OEAPI] "C:\Programas\ECDL Hellas SA\ECDL ATES 4.5 Demo\launcher.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Programas\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PC\Definições locais\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Programas\DNA\btdna.exe"

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programas\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programas\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International

O12 - Plugin for .spop: C:\Programas\Internet Explorer\Plugins\NPDocBox.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programas\AVG\AVG9\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programas\Windows Live\Mail\mailcomm.dll

O20 - AppInit_DLLs: c:\windows\system32\welatili.dll c:\progra~1\bandoo\bndhook.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programas\AVG\AVG9\avgwdsvc.exe

O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Programas\AVG\AVG9\avgfws9.exe

O23 - Service: AVG9IDSAgent (AVGIDSAgent) - Unknown owner - C:\Programas\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe" AVGIDSAgent (file missing)

O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Programas\Bonjour\mDNSResponder.exe

O23 - Service: Serviço Google Update (gupdate) (gupdate) - Unknown owner - C:\Programas\Google\Update\GoogleUpdate.exe" /svc (file missing)

O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programas\Java\jre6\bin\jqs.exe" -service -config "C:\Programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: StarWind aí Service (StarWindServiceAE) - Rocket Division Software - C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: Wowza Media Server (WowzaMediaServer) - Unknown owner - C:\Programas\liQeNSoft\AdtvSoft\bin\wrapper.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Faça o download do Malwarebytes Anti-Malware

http://www.malwarebytes.org/mbam-download.php

  • Desative o antivírus;
  • Faça a instalação dando um duplo clique em "mbam-setup.exe";
  • Marque "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware", e clique em concluir;
  • Marque "Verificação Completa" e depois clique em Verificar;
  • Quando o scan terminar, clique em Ok e em "Mostrar Resultados" para ver o log;
  • Se algo for detectado, veja se tudo está marcado e clique em "Remover";
  • O log é automaticamente gravado e pode ser consultado clicando em "Logs" do menu principal;
  • Copie e cole o conteúdo desse log na sua próxima resposta.

- Gere novo log do HijackThis e cole na sua resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite

log maleware

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Versão da base de dados: 4281

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

06-07-2010 15:32:18

mbam-log-2010-07-06 (15-32-18).txt

Tipo de pesquisa: Completa (C:\|H:\|I:\|)

Objectos verificados: 249737

Tempo decorrido: 2 hora(s), 41 minuto(s), 51 segundo(s)

Processos de memória infectados: 0

módulos de Memória infectados: 0

Chaves do Registo Infectadas: 0

Valores do Registo infectados: 0

Itens de dados do Registo Infectados: 0

Pastas Infectadas: 0

Ficheiros Infectados: 2

Processos de memória infectados:

(Nenhum item malicioso detectado)

módulos de Memória infectados:

(Nenhum item malicioso detectado)

Chaves do Registo Infectadas:

(Nenhum item malicioso detectado)

Valores do Registo infectados:

(Nenhum item malicioso detectado)

Itens de dados do Registo Infectados:

(Nenhum item malicioso detectado)

Pastas Infectadas:

(Nenhum item malicioso detectado)

Ficheiros Infectados:

C:\System Volume Information\_restore{E20C01C2-7B5E-4E64-A05B-7C8BFE60EAE1}\RP35\A0015145.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.

C:\Documents and Settings\PC\Application Data\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.

Hijack this

Log

Logfile of HijackThis v1.99.1

Scan saved at 2:27:48, on 08-07-2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\AVG\AVG9\avgchsvx.exe

C:\Programas\AVG\AVG9\avgrsx.exe

C:\Programas\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\Programas\ULi5287\ULi5287.exe

C:\Programas\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\rmctrl.exe

C:\Programas\ECDL Hellas SA\ECDL ATES 4.5 Demo\launcher.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\DNA\btdna.exe

C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Programas\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Programas\AVG\AVG9\avgwdsvc.exe

C:\Programas\AVG\AVG9\avgfws9.exe

C:\PROGRA~1\Bandoo\Bandoo.exe

C:\Programas\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\cisvc.exe

C:\Programas\AVG\AVG9\avgam.exe

C:\Programas\AVG\AVG9\avgnsx.exe

C:\Programas\Java\jre6\bin\jqs.exe

C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\HPZipm12.exe

C:\Programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Programas\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\PC\Ambiente de trabalho\triagem\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programas\AVG\AVG9\Toolbar\IEToolbar.dll

R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.dll

R3 - URLSearchHook: Jornais e Revistas Toolbar - {95c92dc9-32af-45c4-8123-8c48840b947e} - C:\Programas\Jornais_e_Revistas\tbJorn.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programas\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programas\AVG\AVG9\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre6\bin\ssv.dll

O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Jornais e Revistas Toolbar - {95c92dc9-32af-45c4-8123-8c48840b947e} - C:\Programas\Jornais_e_Revistas\tbJorn.dll

O2 - BHO: (no name) - {a27d78c3-3621-470a-b798-0af40023332d} - (no file)

O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Programas\AVG\AVG9\Toolbar\IEToolbar.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programas\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Programas\Bandoo\Plugins\IE\ieplugin.dll

O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programas\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programas\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.dll

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programas\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programas\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Programas\AVG\AVG9\Toolbar\IEToolbar.dll

O3 - Toolbar: Jornais e Revistas Toolbar - {95c92dc9-32af-45c4-8123-8c48840b947e} - C:\Programas\Jornais_e_Revistas\tbJorn.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programas\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [ATIPTA] "C:\Programas\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [uLiRaid] C:\Programas\ULi5287\ULi5287.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [RemoteControl] C:\WINDOWS\system32\rmctrl.exe

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe

O4 - HKLM\..\Run: [OEAPI] "C:\Programas\ECDL Hellas SA\ECDL ATES 4.5 Demo\launcher.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Programas\DNA\btdna.exe"

O4 - HKCU\..\Run: [swg] "C:\Programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O10 - Unknown file in Winsock LSP: c:\programas\bonjour\mdnsnsp.dll

O11 - Options group: [iNTERNATIONAL] International

O12 - Plugin for .spop: C:\Programas\Internet Explorer\Plugins\NPDocBox.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programas\AVG\AVG9\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programas\Windows Live\Mail\mailcomm.dll

O20 - AppInit_DLLs: c:\windows\system32\welatili.dll c:\progra~1\bandoo\bndhook.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programas\AVG\AVG9\avgwdsvc.exe

O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Programas\AVG\AVG9\avgfws9.exe

O23 - Service: AVG9IDSAgent (AVGIDSAgent) - Unknown owner - C:\Programas\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe" AVGIDSAgent (file missing)

O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Programas\Bonjour\mDNSResponder.exe

O23 - Service: Serviço Google Update (gupdate) (gupdate) - Unknown owner - C:\Programas\Google\Update\GoogleUpdate.exe" /svc (file missing)

O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Programas\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programas\Java\jre6\bin\jqs.exe" -service -config "C:\Programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: StarWind aí Service (StarWindServiceAE) - Rocket Division Software - C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

O23 - Service: Wowza Media Server (WowzaMediaServer) - Unknown owner - C:\Programas\liQeNSoft\AdtvSoft\bin\wrapper.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites

- Faça o download do ComboFix de sUBs e salve-o no desktop;

OBS: Para que a ferramenta seja executada é necessário que esteja no desktop (área de trabalho)

  • Desative, temporariamente, o antivírus;
  • Feche todas as janelas abertas;
  • Dê um duplo clique no ComboFix;
  • Na próxima janela clique em Executar, aceite o contrato e aguarde até que o relatório seja gerado;
    OBS: Caso não queira que seja instalado o console de recuperação do Windows, clique em "Não" e depois concorde que a verificação prossiga.
    Ao ser instalado o console, na inicialização do sistema será apresentada a tela para seleção dos sistemas operacionais.
    Mais informações sobre o Console: http://support.microsoft.com/kb/307654/pt-br
  • Caso ocorra algum erro, reinicie o computador em Modo Seguro (pressione a tecla F8 intermitentemente, ou F5 em alguns casos, durante a inicialização) e repita o procedimento;
  • O ComboFix "poderá" reiniciar o PC automaticamente para completar o processo de remoção.
  • Quando terminar, será gerado um log, que estará em C:\ComboFix.txt.
  • Não clique na Janela do ComboFix, nem o feche clicando no X, enquanto estiver rodando, não mova o mouse e não use o teclado, pois senão irá parar e seu desktop ficará em branco.
  • Para parar ou sair do ComboFix, tecle "N".
  • Se perder a conexão com a internet, reinicie o computador. Caso o problema persista, abra Conexões de Rede no Painel de Controle, clique com o botão direito do mouse sobre a sua conexão com a internet e em "Reparar";
  • Anexe o ComboFix.txt à sua resposta conforme as instruções abaixo
    http://www.linhadefensiva.org/forum/index.php?showtopic=595

Compartilhar este post


Link para o post
Compartilhar em outros sites

O combofix é perfeitamente seguro se for usado desta forma?

Tenho lido que apaga ficheiros importantes do windows, é verdade?

Agradeço a desde já a sua ajuda e compreensão.

Compartilhar este post


Link para o post
Compartilhar em outros sites
O combofix é perfeitamente seguro se for usado desta forma?

Sim.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o Kaspersky AVP Tool:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

Salve-o em sua área de trabalho.

- Desative o antivírus;

Execute o arquivo e vá seguindo os prompts. Quando terminar, entre na pasta Virus Removal Tool, que foi criada no mesmo diretório onde você salvou o arquivo de instalação.

Para abrir o programa, faça duplo clique sobre o atalho

KRT_lnk.png

Marque a caixa ao lado de:


  • Meu Computador
  • Disco local (C:)

Marque também todas as unidades que aparecem abaixo de Disco Local, caso houver.

Clique no botão

play.png

Tenha paciência, é um pouco demorado.

Quando terminar, caso tenha detectado algo, o programa irá lhe perguntar o que fazer.

Clique em Skip All (queremos apenas o log).

Enquanto durar o exame, o botão Scan será substituído por um quadrado vermelho, com a mensagem Stop Scan

Quando o exame terminar, o botão Scan aparecerá novamente.

Caso a ferramenta tenha encontrado algo, este botão

light_green.png
ficará vermelho
light_red.png

Quando terminar, clique no botão Report, no rodapé da janela.

Clique no sinal + ao lado do último Autoscan da lista (o mais recente)

SaveReport.png

Clique uma vez sobre Task Started para selecionar a linha, segure a tecla shift pressionada e depois clique uma vez sobre Task Completed

Clique com o direito sobre a seleção, depois clique em Copy

Vá em Iniciar > Executar e digite notepad

Quando o bloco de notas abrir, clique com o botão direito do mouse em qualquer lugar vazio e escolha a opção colar

Salve o log com o nome log.txt, em algum local de fácil acesso.

Copie todo o conteúdo deste log e cole na sua próxima resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Log do Kaspersky AVP Tool

20-07-2010 9:46:54 Task started

20-07-2010 10:01:01 Detected: HackTool.Win32.WebHack C:\Documents and Settings\All Users\Documentos\jorge\programas\PH_AIO.rar/Password Hacking AIO/dreatica.exe/#/form@/form.exe

20-07-2010 10:02:39 Untreated: HackTool.Win32.WebHack C:\Documents and Settings\All Users\Documentos\jorge\programas\PH_AIO.rar/Password Hacking AIO/dreatica.exe/#/form@/form.exe Write not supported

20-07-2010 10:12:15 Detected: Backdoor.Win32.Small.fwk C:\Documents and Settings\PC\Ambiente de trabalho\alexandra\install_ccsetup210.exe.exe

20-07-2010 10:13:52 Detected: Trojan-PSW.Win32.VB.bur C:\Documents and Settings\PC\Ambiente de trabalho\triagem\aTube291exe.EXE/WiseSFXDropper/WISE0005.BIN/data0010

20-07-2010 10:15:01 Untreated: Trojan-PSW.Win32.VB.bur C:\Documents and Settings\PC\Ambiente de trabalho\triagem\aTube291exe.EXE/WiseSFXDropper/WISE0005.BIN/data0010 Write not supported

20-07-2010 10:15:01 Untreated: Backdoor.Win32.Small.fwk C:\Documents and Settings\PC\Ambiente de trabalho\alexandra\install_ccsetup210.exe.exe Skipped by user

20-07-2010 10:16:03 Detected: Packed.Win32.Black.a C:\Documents and Settings\PC\Ambiente de trabalho\triagem\btnext_up_1.1.3.exe/data0005

20-07-2010 10:16:03 Untreated: Packed.Win32.Black.a C:\Documents and Settings\PC\Ambiente de trabalho\triagem\btnext_up_1.1.3.exe/data0005 Write not supported

20-07-2010 10:53:20 Detected: Trojan-PSW.Win32.VB.bur C:\Programas\DsNET Corp\aTube Catcher 1.0\atc_lvr.exe

20-07-2010 10:53:21 Untreated: Trojan-PSW.Win32.VB.bur C:\Programas\DsNET Corp\aTube Catcher 1.0\atc_lvr.exe Skipped by user

20-07-2010 11:48:14 Detected: HackTool.Win32.WebHack C:\Documents and Settings\All Users\Documentos\jorge\programas\PH_AIO.rar/Password Hacking AIO/dreatica.exe/#/form@/form.exe

20-07-2010 11:48:14 Untreated: HackTool.Win32.WebHack C:\Documents and Settings\All Users\Documentos\jorge\programas\PH_AIO.rar/Password Hacking AIO/dreatica.exe/#/form@/form.exe Write not supported

20-07-2010 11:48:44 Detected: Backdoor.Win32.Small.fwk C:\Documents and Settings\PC\Ambiente de trabalho\alexandra\install_ccsetup210.exe.exe

20-07-2010 11:48:44 Untreated: Backdoor.Win32.Small.fwk C:\Documents and Settings\PC\Ambiente de trabalho\alexandra\install_ccsetup210.exe.exe Skipped by user

20-07-2010 11:49:06 Detected: Trojan-PSW.Win32.VB.bur C:\Documents and Settings\PC\Ambiente de trabalho\triagem\aTube291exe.EXE/WiseSFXDropper/WISE0005.BIN/data0010

20-07-2010 11:49:06 Untreated: Trojan-PSW.Win32.VB.bur C:\Documents and Settings\PC\Ambiente de trabalho\triagem\aTube291exe.EXE/WiseSFXDropper/WISE0005.BIN/data0010 Write not supported

20-07-2010 11:49:10 Detected: Packed.Win32.Black.a C:\Documents and Settings\PC\Ambiente de trabalho\triagem\btnext_up_1.1.3.exe/data0005

20-07-2010 11:49:10 Untreated: Packed.Win32.Black.a C:\Documents and Settings\PC\Ambiente de trabalho\triagem\btnext_up_1.1.3.exe/data0005 Write not supported

20-07-2010 11:59:36 Detected: Trojan-PSW.Win32.VB.bur C:\Programas\DsNET Corp\aTube Catcher 1.0\atc_lvr.exe

20-07-2010 11:59:36 Untreated: Trojan-PSW.Win32.VB.bur C:\Programas\DsNET Corp\aTube Catcher 1.0\atc_lvr.exe Skipped by user

20-07-2010 12:12:58 Task completed

Compartilhar este post


Link para o post
Compartilhar em outros sites

- As detecções são falsos positivos;

- Log limpo :)

- Faça o download do CCleaner:

  • Clique em Salvar e quando terminado o download, faça a instalação;
  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Registro > Procurar erros > Corrigir erros selecionados

- Desative e ative novamente a Restauração do Sistema

- Leitura recomendada:

http://www.linhadefensiva.org/forum/index....showtopic=75646

- Leia o artigo Proteja seu PC para maiores informações sobre como evitar infecções;

- Se não tiver mais problema, clique no botão

p_report.gif
e diga que o seu caso foi resolvido.

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  
Seguidores 0

  • Quem Está Navegando   0 membros estão online

    Nenhum usuário registrado visualizando esta página.