O PC ficou meio estranho, finalizei o processo da instalação. Removi algumas coisas com o combofix, mas ainda tem coisa. Parece que tem um Rootkit que eu não estou sabendo como tirar.
Abaixo log do combofix, da 2ª passada.
Negritei itens que eu estou estranhando, são arquivos que nunca vi no Sistema. Alguns podem até ser que sejam do software do celular que instalei a alguns dias, junto com o soft do Bluetooth, não conheço os arquivos deles.
ComboFix 10-04-05.06 - MezengaAdm 06/04/2010 12:54:54.15.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.479.193 [GMT -3:00]
Executando de: c:\documents and settings\Bruno\Desktop\ComboFix.exe
.
(((((((((((((((( Arquivos/Ficheiros criados de 2010-03-06 to 2010-04-06 ))))))))))))))))))))))))))))
.
2010-11-01 01:51 . 2009-10-11 19:54 -------- d-----w- c:\arquivos de programas\Aurélio - Século XXI
2010-04-05 01:13 . 2010-04-05 01:13 -------- d-----w- c:\arquivos de programas\Sony
2010-04-05 01:12 . 2010-04-05 01:12 -------- d-----w- c:\arquivos de programas\Sony Setup
2010-04-05 00:24 . 2010-04-05 00:30 -------- d-----w- c:\documents and settings\MezengaAdm\Dados de aplicativos\Gold Wave Editor
2010-04-04 17:36 . 2010-04-04 17:36 -------- d-----w- c:\arquivos de programas\Alien Connections
2010-04-02 15:06 . 2007-10-23 12:27 110592 ----a-w- c:\documents and settings\Bruno\Dados de aplicativos\U3\temp\cleanup.exe
2010-04-02 15:06 . 2008-05-02 13:41 3493888 ---ha-w- c:\documents and settings\Bruno\Dados de aplicativos\U3\temp\Launchpad Removal.exe
2010-04-02 15:04 . 2010-04-02 15:06 -------- d-----w- c:\documents and settings\Bruno\Dados de aplicativos\U3
2010-03-19 13:31 . 2010-03-19 13:31 89256 ----a-w- c:\windows\system32\ElbyCDIO.dll
2010-03-18 16:45 . 2010-03-18 16:45 104768 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2010-03-16 03:01 . 2010-03-16 03:01 -------- d-----w- c:\documents and settings\MezengaAdm\Bluetooth Software
2010-03-16 01:53 . 2008-04-13 17:46 37888 ----a-w- c:\windows\system32\drivers\bthmodem.sys
2010-03-16 01:44 . 2008-04-13 17:51 101120 ----a-w- c:\windows\system32\drivers\bthpan.sys
2010-03-16 01:43 . 2008-04-14 01:20 8192 ----a-w- c:\windows\system32\wshirda.dll
2010-03-16 01:43 . 2008-04-14 01:20 28672 ----a-w- c:\windows\system32\irmon.dll
2010-03-16 01:43 . 2008-04-13 17:46 59136 ----a-w- c:\windows\system32\drivers\rfcomm.sys
2010-03-16 01:43 . 2008-04-13 17:46 17024 ----a-w- c:\windows\system32\drivers\bthenum.sys
2010-03-16 01:43 . 2008-04-14 01:21 152576 ----a-w- c:\windows\system32\irftp.exe
2010-03-16 01:43 . 2008-04-13 17:46 18944 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2010-03-14 02:17 . 2010-03-14 02:17 4710 ----a-r- c:\documents and settings\MezengaAdm\Dados de aplicativos\Microsoft\Installer\{E8AF93FC-52D2-4D64-A664-8CA5B0C29DD2}\_1ca9d03.exe
2010-03-14 02:17 . 2010-03-14 02:17 3638 ----a-r- c:\documents and settings\MezengaAdm\Dados de aplicativos\Microsoft\Installer\{E8AF93FC-52D2-4D64-A664-8CA5B0C29DD2}\_1ca66306.exe
2010-03-14 01:26 . 2010-03-14 01:38 -------- d-----w- c:\arquivos de programas\YAMAHA
2010-03-12 03:15 . 2007-03-28 15:05 35332 ----a-w- c:\windows\system32\uninst.exe
2010-03-12 03:15 . 2004-04-01 02:38 1350656 ----a-w- c:\windows\system32\Screen Antics.scr
2010-03-12 03:10 . 2010-03-12 03:10 -------- d-----w- c:\arquivos de programas\Nuganics
2010-03-12 03:10 . 2010-03-12 03:10 1807938 ----a-w- c:\windows\system32\Licking Dog Screen Clean.scr
2010-03-12 02:47 . 2010-04-05 00:30 -------- d-----w- C:\AfterDark
2010-03-12 02:47 . 2010-03-12 02:47 -------- d-----w- C:\After Dark
2010-03-12 02:40 . 2010-03-12 02:40 -------- d-----w- c:\documents and settings\MezengaAdm\WINDOWS
2010-03-12 02:40 . 1994-07-11 06:00 4784 ----a-w- c:\windows\system\SPMME.DRV
2010-03-12 02:34 . 2010-03-12 02:34 -------- d--h--w- c:\windows\PIF
2010-03-11 01:30 . 2010-03-11 01:30 -------- d-----w- c:\arquivos de programas\AwinSoft
2010-03-11 00:54 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-06 15:43 . 2002-09-11 11:00 86394 ----a-w- c:\windows\system32\perfc016.dat
2010-04-06 15:43 . 2002-09-11 11:00 515454 ----a-w- c:\windows\system32\perfh016.dat
2010-04-06 15:36 . 2009-11-07 15:11 -------- d-----w- c:\documents and settings\Bruno\Dados de aplicativos\Skype
2010-04-06 13:20 . 2009-12-21 01:03 -------- d-----w- c:\documents and settings\Thamila\Dados de aplicativos\Skype
2010-04-05 03:38 . 2009-03-18 05:19 -------- d-----w- c:\documents and settings\Bruno\Dados de aplicativos\Free Download Manager
2010-04-05 00:51 . 2009-03-18 05:28 -------- d-----w- c:\arquivos de programas\eMule
2010-03-16 02:59 . 2006-04-12 13:04 593981 ----a-w- c:\windows\system32\wbtapi.dll
2010-03-16 02:59 . 2006-04-12 13:32 1065037 ----a-w- c:\windows\system32\BTNeighborhood.dll
2010-03-14 15:36 . 2009-10-03 18:43 -------- d-----w- c:\documents and settings\MezengaAdm\Dados de aplicativos\Free Download Manager
2010-03-14 03:19 . 2010-02-28 19:16 -------- d-----w- c:\arquivos de programas\Samsung
2010-03-14 03:19 . 2009-03-18 05:11 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information
2010-03-11 01:26 . 2009-03-21 20:30 -------- d-----w- c:\arquivos de programas\WinPcap
2010-03-07 15:46 . 2010-03-07 15:44 28672 ----a-w- c:\windows\system32\hodll.dll
2010-03-07 15:46 . 2010-03-07 15:44 20480 ----a-w- c:\windows\system32\lock.exe
2010-03-07 15:46 . 2010-03-07 15:44 458752 ----a-w- c:\windows\system32\ircsrv.exe
2010-03-07 15:46 . 2010-03-07 15:44 110592 ----a-w- c:\windows\system32\ftpserv.exe
2010-03-07 15:44 . 2010-03-07 15:44 16384 ----a-w- c:\windows\system32\rsvc.exe
2010-03-07 03:22 . 2009-09-04 02:07 -------- d-----w- c:\arquivos de programas\nLite
2010-03-06 21:12 . 2009-06-18 23:31 -------- d-----w- c:\arquivos de programas\K-Lite Codec Pack
2010-03-06 21:12 . 2010-03-06 21:12 152576 ----a-w- c:\documents and settings\MezengaAdm\Dados de aplicativos\Sun\Java\jre1.6.0_12\lzma.dll
2010-03-06 21:08 . 2010-03-06 21:08 -------- d-----w- c:\arquivos de programas\WMP11 Integrator
2010-03-06 01:07 . 2010-03-06 01:07 -------- d-----w- c:\arquivos de programas\WIDCOMM
2010-03-05 03:02 . 2010-03-05 03:02 -------- d-----w- c:\documents and settings\MezengaAdm\Dados de aplicativos\Samsung
2010-03-04 04:52 . 2010-03-04 04:52 91176 ----a-w- c:\windows\system32\drivers\btwsecfl.sys
2010-03-04 04:52 . 2009-07-29 17:09 1064960 ----a-w- c:\windows\system32\btrez.dll
2010-03-04 04:47 . 2010-03-04 04:47 -------- d-----w- c:\documents and settings\Bruno\Dados de aplicativos\Samsung
2010-03-04 04:37 . 2010-03-04 04:37 -------- d-----w- c:\arquivos de programas\DIFX
2010-02-27 13:28 . 2009-09-16 00:52 -------- d-----w- c:\arquivos de programas\DivX
2010-02-27 13:25 . 2010-02-27 13:25 -------- d-----w- c:\arquivos de programas\SmartSound Software Inc
2010-02-27 04:37 . 2009-04-05 15:26 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\DVD Shrink
2010-02-27 04:35 . 2009-09-15 05:59 -------- d-----w- c:\documents and settings\MezengaAdm\Dados de aplicativos\Ahead
2010-02-21 23:20 . 2010-02-21 23:20 -------- d-----w- c:\arquivos de programas\Sun
2010-02-21 05:56 . 2009-11-07 14:48 -------- d-----w- c:\documents and settings\MezengaAdm\Dados de aplicativos\Skype
2010-02-21 05:49 . 2010-02-13 18:45 -------- d-----w- c:\arquivos de programas\Windows Updates Downloader
2010-02-21 05:49 . 2010-01-04 23:15 -------- d-----w- c:\arquivos de programas\SSH Communications Security
2010-02-21 05:12 . 2009-03-10 01:49 18944 ----a-w- c:\windows\system32\midimap.dll
2010-02-13 20:23 . 2009-04-05 15:30 -------- d-----w- c:\arquivos de programas\Ahead
2010-02-13 18:26 . 2010-02-13 18:26 -------- d-----w- c:\arquivos de programas\Microsoft
2010-02-13 18:26 . 2009-03-18 02:15 -------- d-----w- c:\arquivos de programas\Windows Live
2010-02-08 23:15 . 2010-02-08 23:15 -------- d-----w- c:\arquivos de programas\AKVIS
2010-02-08 23:03 . 2010-02-08 22:41 -------- d-----w- c:\documents and settings\Bruno\Dados de aplicativos\VSO
2010-02-08 22:40 . 2010-02-08 22:40 -------- d-----w- c:\documents and settings\MezengaAdm\Dados de aplicativos\Vso
2010-02-08 22:40 . 2010-02-08 22:40 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-02-08 22:40 . 2010-02-08 22:40 47360 ----a-w- c:\documents and settings\MezengaAdm\Dados de aplicativos\pcouffin.sys
2010-02-08 22:40 . 2010-02-08 22:40 47360 ----a-w- c:\documents and settings\MezengaAdm\Dados de aplicativos\pcouffin.sys
2010-02-08 22:40 . 2010-02-08 22:40 -------- d-----w- c:\arquivos de programas\vso
2010-02-08 22:26 . 2010-02-08 22:26 -------- d-----w- c:\arquivos de programas\WinAVI Video Converter 9.0
2010-01-15 04:43 . 2010-01-15 04:43 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe
2010-01-15 02:40 . 2010-01-15 02:40 155648 ----a-w- c:\windows\system32\libssl32.dll
.
------- Sigcheck -------
[-] 2009-02-15 . 1F39C7BDBA4C5F3F01C4EABF7EDBF4B3 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2009-03-10 . B0C0BF2504B830BFC1E93CA39F3C75FE . 549376 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2009-03-10 . 3707C65B6B650181CB069908827853A9 . 724992 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2009-03-10 . 7C0E5D593730414B5994A15A6D10C201 . 588288 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2009-03-15 . ABED1DC780B895077945A5D270DAD0F0 . 1554432 . . [6.00.2900.5634] . . c:\windows\explorer.exe
[-] 2009-02-15 . 0FBD5CA4F644DEE9AF687DD0DB6EFA89 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2009-03-10 . D67945A2290E98BB54D7792F09E7504E . 25088 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-04-06_15.40.44 )))))))))))))))))))))))))))))))))))))))))
.
- 2002-09-11 11:00 . 2010-04-06 15:14 77094 c:\windows\system32\perfc009.dat
+ 2002-09-11 11:00 . 2010-04-06 15:43 77094 c:\windows\system32\perfc009.dat
+ 2002-09-11 11:00 . 2010-04-06 15:43 480466 c:\windows\system32\perfh009.dat
- 2002-09-11 11:00 . 2010-04-06 15:14 480466 c:\windows\system32\perfh009.dat
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"="c:\arquivos de programas\SlySoft\AnyDVD\AnyDVDtray.exe" [2010-03-19 3353536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="c:\arquivos de programas\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"nwiz"="nwiz.exe" [2005-02-24 1495040]
"DrvIcon"="c:\arquivos de programas\VistaDriveIcon\DrvIcon.exe" [2008-04-13 49152]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-02-24 86016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"S2kCtl"="c:\arquivos de programas\s2kcontrol\S2kCtl.exe" [2005-12-03 587776]
c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\
BTTray.lnk - c:\arquivos de programas\WIDCOMM\Bluetooth Software\BTTray.exe [2006-4-12 643133]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 20:10 35696 ----a-w- c:\arquivos de programas\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2009-03-10 01:53 25088 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Arquivos de programas\\Free Download Manager\\fdm.exe"=
"c:\\Arquivos de programas\\eMule\\emule.exe"=
"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=
R1 Dev_UNIDRV;Dev_UNIDRV;c:\windows\system32\drivers\UNIDRV.SYS [18/4/2009 01:01 6080]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [21/2/2010 20:20 55520]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [21/2/2010 20:20 42048]
R2 BT848;Conexant's BtPCI WDM Video Capture;c:\windows\system32\drivers\BT848.sys [7/4/2009 00:51 371349]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [21/3/2009 17:55 66048]
R3 rtl8180;Realtek RTL8180 Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\RTL8180.sys [15/2/2009 15:03 185344]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [29/1/2008 22:24 34448]
S3 PD91Agent;PD91Agent;c:\arquivos de programas\Raxco\PerfectDisk2008\PD91Agent.exe [9/9/2008 13:49 693512]
S3 PD91Engine;PD91Engine;c:\arquivos de programas\Raxco\PerfectDisk2008\PD91Engine.exe [9/9/2008 13:49 906504]
S3 PEEK5;PEEK5 Protocol Driver;c:\ac\bin\Peek5.sys [15/3/2009 23:16 13184]
S3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [6/1/2010 23:40 13532]
S3 usb2vcom;USB Data Cable;c:\windows\system32\drivers\usb2vcom.sys [28/2/2010 16:13 28704]
--- =Outros Serviços/Drivers Na Memória ---
*NewlyCreated* - KNAJTLPI
*Deregistered* - knajtlpi
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride =
IE: Add to &Teleport - c:\arquivos de programas\Teleport Pro\teleport.htm
IE: Baixar com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dllink.htm
IE: Baixar tudo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlall.htm
IE: Baixar vídeo com o Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlfvideo.htm
IE: Download selecionado pelo Free Download Manager - file://c:\arquivos de programas\Free Download Manager\dlselected.htm
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Enviar para Dispositivo &Bluetooth... - c:\arquivos de programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: {BB231ECA-A5B1-4A6E-B6E5-8DE2D0786B86} = 8.8.8.8,8.8.4.4
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-06 13:03
Windows 5.1.2600 Service Pack 3 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros/arquivos ocultos ...
Varredura completada com sucesso
arquivos/ficheiros ocultos: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x85A2EAC8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74dbf28
\Driver\ACPI -> ACPI.sys @ 0xf743ecb8
\Driver\atapi -> atapi.sys @ 0xf73d0852
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: Realtek RTL8139/810x Family Fast Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xf72c3bb0
PacketIndicateHandler -> NDIS.sys @ 0xf72b2a0d
SendHandler -> NDIS.sys @ 0xf72c6b40
user & kernel MBR OK
**************************************************************************
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
[HKEY_USERS\S-1-5-21-343818398-329068152-1177238915-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,91,bc,f8,05,07,22,6d,42,99,a3,f7,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,91,bc,f8,05,07,22,6d,42,99,a3,f7,\
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------
- - - - - - - > 'winlogon.exe'(560)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\WININET.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\midimap.dll
- - - - - - - > 'lsass.exe'(620)
c:\windows\system32\WININET.dll
c:\windows\system32\SETUPAPI.dll
- - - - - - - > 'explorer.exe'(3176)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\WININET.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\LINKINFO.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\midimap.dll
.
Tempo para conclusão: 2010-04-06 13:07:08
ComboFix-quarantined-files.txt 2010-04-06 16:07
ComboFix2.txt 2010-04-06 15:45
ComboFix3.txt 2010-03-09 02:24
Pré-execução: 148.959.232 bytes disponíveis
Pós execução: 131.694.592 bytes disponíveis
- - End Of File - - DD0869A95474C45B3AC73092689C40B8
