ja utilizei o Ad-Aware e o Spybot - Search & Destroy e nao fizeram nada tambem nao consigo mudar a imagem de fundo ajudem-me ja nao sei o que fazer.
ola .. para que te possa ajudar cria um log com o programa hijackthis e posta aqui... cumps Podes efectuar o download no site oficial da TrendMicro: Download
ve la se e isto Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:21: VIRUS ALERT!, on 09-07-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programas\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Programas\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\WINDOWS\system32\Brmfrmps.exe C:\Programas\Executive Software\Diskeeper\DkService.exe C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\ctfmon.exe C:\Programas\Java\jre1.6.0_06\bin\jusched.exe C:\WINDOWS\system32\wscntfy.exe C:\Programas\Messenger Plus! 3\MsgPlus.exe C:\WINDOWS\system32\RunDll32.exe C:\Programas\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Programas\ScanSoft\PaperPort\pptd40nt.exe C:\Programas\Brother\ControlCenter2\brctrcen.exe C:\Programas\Gaming\GamingCenter\Panel.exe C:\WINDOWS\System32\svchost.exe C:\Programas\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Programas\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\rundll32.exe C:\Programas\ATI Technologies\ATI.ACE\cli.exe C:\Programas\Windows Live\Messenger\msnmsgr.exe C:\Programas\PeerGuardian2\pg2.exe C:\Programas\Spybot - Search & Destroy\TeaTimer.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe C:\WINDOWS\system32\wuauclt.exe C:\Programas\Mozilla Firefox\firefox.exe C:\Programas\ATI Technologies\ATI.ACE\cli.exe C:\Programas\ATI Technologies\ATI.ACE\cli.exe C:\Programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.pt/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O1 - Hosts: 121.128.133.26 C:\Programas\Silkroad\Silkroad.exe O1 - Hosts: 121.128.133.26 gwgt1.joymax.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: QXK Olive - {AF4EBF01-2871-49E4-BF25-8F0564359C31} - C:\WINDOWS\wbxdpgfevkl.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O3 - Toolbar: sqvgnrpx - {9437C997-89E6-4B84-A745-BEFD3A910FF5} - C:\WINDOWS\sqvgnrpx.dll (file missing) O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Programas\Executive Software\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programas\Messenger Plus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [StartCCC] C:\Programas\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Programas\Ficheiros comuns\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Programas\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [IndexSearch] C:\Programas\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [SetDefPrt] C:\Programas\Brother\Brmfl04a\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programas\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [Acer Mouse] C:\Programas\Gaming\GamingCenter\Panel.exe O4 - HKLM\..\Run: [AVP] "C:\Programas\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ATICCC] "C:\Programas\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [SeePassword] C:\Programas\SeePassword\SeePassword.exe O4 - HKLM\..\Run: [Antivirus] C:\Programas\VAV\vav.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [PeerGuardian] C:\Programas\PeerGuardian2\pg2.exe O4 - HKCU\..\Run: [updateMgr] "C:\Programas\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [Hide IP Platinum] C:\Programas\Hide IP Platinum\hideippla.exe O4 - HKCU\..\Run: [Antivirus] C:\Programas\VAV\vav.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programas\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Add to Anti-Banner - C:\Programas\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programas\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: MBNet-Sidebar - {C014B140-3835-11d6-BC1D-00C095EEAD5D} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O14 - IERESET.INF: START_PAGE_URL=http://www.google.pt/ O16 - DPF: {4E592651-4590-11D6-BC20-00C095EEAD5D} (MBNet) - https://www.mbnet.pt/sidebar/mbnetsidebar.cab O16 - DPF: {93344865-74BD-4873-BE65-56539D41A65C} - http://www.earn2life.com/plugin/Earn2Life.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F3F53C62-1404-41B0-9EFA-1FB9B8780332}: NameServer = 192.168.2.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll O21 - SSODL: fsrpknov - {D6F0A0EA-E96A-4FBD-B270-E429083DF873} - C:\WINDOWS\fsrpknov.dll O21 - SSODL: fdxbameg - {1DB91A59-764B-4218-9408-2282F7C0C711} - C:\WINDOWS\fdxbameg.dll (file missing) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programas\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programas\Ficheiros comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Programas\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programas\Executive Software\Diskeeper\DkService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programas\Ficheiros comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O24 - Desktop Component 0: Privacy Protection - file:///C:\WINDOWS\privacy_danger\index.htm -- End of file - 11525 bytes
posta o logfile na thread de analise, ou aqui -> http://www.hijackthis.de/ depois elimina o que não prestar
Instala o SUPERAntiSpyware, actualiza e verifica. faz fix a estas entradas no Hijackthis: R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programas\Macrogaming\SweetIMBarForIE\toolbar.d ll (file missing) O3 - Toolbar: sqvgnrpx - {9437C997-89E6-4B84-A745-BEFD3A910FF5} - C:\WINDOWS\sqvgnrpx.dll (file missing) O4 - HKLM\..\Run: [Antivirus] C:\Programas\VAV\vav.exe O4 - HKCU\..\Run: [Antivirus] C:\Programas\VAV\vav.exe O21 - SSODL: fsrpknov - {D6F0A0EA-E96A-4FBD-B270-E429083DF873} - C:\WINDOWS\fsrpknov.dll - NÃO É UM FICHEIRO DO WINDOWS O21 - SSODL: fdxbameg - {1DB91A59-764B-4218-9408-2282F7C0C711} - C:\WINDOWS\fdxbameg.dll (file missing) Caso isto não resolva e o SUPERAntiSpyware também não, faz o download da versão de teste de 15 dias 100% funcional do Sunbelt Counterspy no sítio oficial. Boa sorte.
ok ja consegui apagar o viros obrigado a todos so mais uma coisa como e que posso apagar o Vista Antivirus 2008 no Adicionar ou remover programas nao aparece nada lá para o apagar
Resolveste com o Hijackthis? Contudo, aconselho, a que faças uma verificação com o SUPERAntiSpyware Free Edition e com o Sunbelt Counterspy que já havia mencionado. Digo isto, pois, apesar, do Hijackthis (se for o caso) tenha aparentemente resolvido o assunto, o mesmo não quer dizer que tudo tenha sido eficazmente resolvido. Até aconselharia instalares mesmo o Counterspy, pois caso ainda haja algo por eliminar, e não seja possivel com o sistema a correr, o próprio Counterspy reinicia o sistema e elimina o que houver para eliminar antes mesmo do sistema "arrancar".
bondia o soft para limpar o virus alert! et: http://siri.urz.free.fr/Fix/SmitfraudFix.zip dar o log para limpar depois boas
Tenho o mesmo problema, apareceme virus alert ao lado da hora, ja usei varios anti spyware, desde superantispyware, adware, avg, norton 360, counter spy. twister antivirus e nada. não conseguem detectar o problema. Como fizeste para resolver para apagar o virus?!