Publicado em 17 de abr.

[Arquivado] Spyware

Bom, estou com um Spyware aqui, ja tenti de tudo e naum consegui tirar, dai resolvi aparelar pro Hijackthis, mais pra evitar problemas, prefiro que alguem que saiba mexer bem me ajude a limpar o PC...Ta aqui o Log:Logfile of HijackThis v1.99.1Scan saved at 01:18:35, on 17/4/2006Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Arquivos de programas\Ahead\InCD\InCDsrv.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\explorer.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\winlogon.exeC:\Arquivos de programas\Winamp\winampa.exeC:\Arquivos de programas\Winamp\winampa.exeC:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exeC:\WINDOWS\system32\mpcsvc.exeC:\Arquivos de programas\MSN Messenger\msnmsgr.exeC:\Arquivos de programas\Free Download Manager\fdm.exeC:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exeC:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exeC:\Arquivos de programas\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\wuauclt.exeC:\DOCUME~1\USER\CONFIG~1\Temp\Diretório temporário 2 para hijackthis.zip\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.aspF2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system32\sxlntr.exeF3 - REG:win.ini: load=C:\WINDOWS\system32\sxlntr.exeF3 - REG:win.ini: run=C:\WINDOWS\system32\sxlntr.exeO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\SPYBOT~1\SDHelper.dllO4 - HKLM\..\Run: [WinampAgent] C:\Arquivos de programas\Winamp\winampa.exeO4 - HKLM\..\Run: [WinampAgent] C:\Arquivos de programas\Winamp\winampa.exeO4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -kO4 - HKLM\..\Run: [RepServ Manager] C:\WINDOWS\system32\mpcsvc.exeO4 - HKLM\..\Run: [Windows Rescue Autorun] C:\WINDOWS\winlogon.exeO4 - HKLM\..\RunOnce: [Windows Rescue Autorun] C:\WINDOWS\winlogon.exeO4 - HKLM\..\RunOnce: [Windows Rescue Autorun] C:\WINDOWS\winlogon.exeO4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /backgroundO4 - HKCU\..\Run: [Free Download Manager] C:\Arquivos de programas\Free Download Manager\fdm.exe -autorunO4 - HKCU\..\Run: [RepServ Manager] C:\WINDOWS\system32\mpcsvc.exeO4 - HKCU\..\Run: [Windows Rescue Autorun] C:\WINDOWS\winlogon.exeO4 - HKCU\..\RunOnce: [Windows Rescue Autorun] C:\WINDOWS\winlogon.exeO4 - HKCU\..\RunOnce: [Windows Rescue Autorun] C:\WINDOWS\winlogon.exeO8 - Extra context menu item: Download all with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlall.htmO8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlselected.htmO8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dlpage.htmO8 - Extra context menu item: Download with Free Download Manager - file://C:\Arquivos de programas\Free Download Manager\dllink.htmO8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dllO14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.aspO17 - HKLM\System\CCS\Services\Tcpip\..\{0364B05E-948F-4BB5-97E8-7221D3A200C3}: NameServer = 201.10.1.2O17 - HKLM\System\CS1\Services\Tcpip\..\{0364B05E-948F-4BB5-97E8-7221D3A200C3}: NameServer = 201.10.1.2O17 - HKLM\System\CS2\Services\Tcpip\..\{0364B05E-948F-4BB5-97E8-7221D3A200C3}: NameServer = 201.10.1.2O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVGFRE~1\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVGFRE~1\avgupsvc.exeO23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Ahead\InCD\InCDsrv.exeAlguem pode me ajudar??/

Discussão (6)

Entre ou cadastre-se para participar da discussão

Entrar Criar conta

Carregando comentários...