| biff |  |
|
2011-08-31 11:17 - Respuestas: 1 - Tema nº: 2818785
.
Tenho o windows xp sp3.
J´´a tentei passar o spybot, malwarebytes, easycleaner e ad-aware, mas nao resolvi.
preciso ajuda.....
envio o log do hijackthis
obrigado
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:07:32, on 31-08-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\Roxio\BackOnTrack\Instant Restore\BOTService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\programas\idt\wdm\STacSV.exe
C:\Programas\Avira\AntiVir Desktop\sched.exe
C:\Programas\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
C:\Programas\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\SupportAppPT\ztemon_cd.exe
C:\Programas\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdxserv.exe
C:\WINDOWS\system32\lxdxcoms.exe
C:\Programas\Microsoft SQL Server\MSSQL$SQLKAMAE\Binn\sqlservr.exe
C:\Programas\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Programas\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programas\IDT\WDM\sttray.exe
C:\WINDOWS\system32\AESTFltr.exe
C:\Programas\Apoint2K\Apoint.exe
C:\Programas\Apoint2K\ApMsgFwd.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programas\Hewlett-Packard\HP QuickSync\QuickSync.exe
C:\Programas\Apoint2K\Apntex.exe
C:\Programas\Hewlett-Packard\HP QuickSync\jre\bin\javaw.exe
C:\Programas\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\vsnp2uvc.exe
C:\Programas\Avira\AntiVir Desktop\avgnt.exe
C:\Programas\Lexmark 3600-4600 Series\lxdxmon.exe
C:\Programas\Visagesoft\eXPert PDF 5\vspdfprsrv.exe
C:\Programas\Lexmark 3600-4600 Series\lxdxMsdMon.exe
C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programas\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Lavasoft\Ad-Aware\AAWTray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Programas\Spybot - Search & Destroy\TeaTimer.exe
C:\Programas\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programas\HP\Digital Imaging\bin\hpotdd01.exe
C:\Programas\HP\Digital Imaging\bin\hposol08.exe
C:\Programas\HP\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Programas\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Programas\HP\Digital Imaging\Bin\hpoSTS08.exe
C:\Programas\Hewlett-Packard\Shared\hpqToaster.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Programas\Internet Explorer\IEXPLORE.EXE
C:\Programas\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Compaq\Ambiente de trabalho\Temporários para apagar\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_PT&c=94&bd=Pavilion&pf=cnnb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_PT&c=94&bd=Pavilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_PT&c=94&bd=Pavilion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Programas\Outlook Express\msimn.exe"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programas\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: uTorrentBar_PT - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Programas\uTorrentBar_PT\prxtbuTo0.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: uTorrentBar_PT Toolbar - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - C:\Programas\uTorrentBar_PT\prxtbuTo0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programas\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg
O4 - HKLM\..\Run: [Apoint] C:\Programas\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP] C:\Programas\Hewlett-Packard\HP QuickSync\QuickSync.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Programas\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programas\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [lxdxmon.exe] "C:\Programas\Lexmark 3600-4600 Series\lxdxmon.exe"
O4 - HKLM\..\Run: [lxdxamon] "C:\Programas\Lexmark 3600-4600 Series\lxdxamon.exe"
O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Programas\Visagesoft\eXPert PDF 5\vspdfprsrv.exe background
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Ficheiros comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [UpdateMyDrivers] C:\Programas\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe -t
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programas\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [{A06A598F-C427-D1D6-68D0-99F5F06A7687}] "C:\Documents and Settings\Compaq\Faob\anse.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar para Bluetooth - C:\Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Enviar para dispositivo &Bluetooth... - C:\Programas\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programas\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O15 - Trusted Zone: http://www.iworkremax.com
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/62.13/uploader2.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon da cache de categorias dos componentes - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Programas\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Programas\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programas\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Automatic CDROM Monitor - Unknown owner - C:\WINDOWS\system32\SupportAppPT\ztemon_cd.exe
O23 - Service: BOTService - Sonic Solutions - C:\Programas\Roxio\BackOnTrack\Instant Restore\BOTService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programas\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Programas\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Programas\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Serviço Google Update (gupdate) (gupdate) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programas\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programas\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programas\Ficheiros comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programas\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Programas\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: lxdxCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdxserv.exe
O23 - Service: lxdx_device - - C:\WINDOWS\system32\lxdxcoms.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Programas\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\programas\idt\wdm\STacSV.exe
End of file - 12937 bytes
| |
|
|
| Mega-tron |  |
|
Re: Virus doble accento - log hijackthis - 2011-08-31 11:38 - Respuesta 2
hola, el hijackthis instalalo en archivos de programa, tambien sigue este tutorial de eliminar el problema del doble acento o doble tilde
tres cosas que debes hacer, al que te responde alguna pregunta.
1. Dale el voto positivo o negativo, 2 se agradecido, y 3 comenta si se soluciono tu problema.
mientras esperas en la web a que respondan tu pregunta te invito a que intentes responder alguna de las preguntas de otro usuario obviamente si tienes conocimiento del tema si no lo tienes tampoco hay que desorientar a los demas.
GRACIAS
| |
|
|
|
