1. Este site usa cookies. Ao continuar a usar este site está a concordar com o nosso uso de cookies. Saber Mais.

virus msn

Discussão em 'Dúvidas e Suporte—Internet, Redes, Segurança' iniciada por DGAmeiro, 16 de Setembro de 2007. (Respostas: 2; Visualizações: 1360)

  1. estou com um virus. Este é o meu logfile:

    Logfile of HijackThis v1.99.1
    Scan saved at 23:43:21, on 15-09-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
    C:\Programas\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\programas\ficheiros comuns\logitech\lvmvfm\LVPrcSrv.exe
    C:\WINDOWS\system32\msiwin32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\geren32x.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\UAService7.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\Programas\Ficheiros comuns\Logitech\LComMgr\Communications_Helper.exe
    C:\Programas\Logitech\QuickCam10\QuickCam10.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Programas\DAEMON Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programas\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Programas\Alwil Software\Avast4\ashMaiSv.exe
    C:\Programas\Ficheiros comuns\Logitech\LComMgr\LVComSX.exe
    C:\Programas\Alwil Software\Avast4\ashWebSv.exe
    C:\Programas\Logitech\QuickCam10\COCIManager.exe
    C:\WINDOWS\services.exe
    C:\progra~1\mozill~1\firefox.exe
    C:\Programas\WinRAR\WinRAR.exe
    C:\DOCUME~1\DIOGOG~1\DEFINI~1\Temp\Rar$EX00.133\HijackThis.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer disponibilizado por Clix
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
    R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\msiwin32.exe
    O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\WINDOWS\system32\2007rox.dll (file missing)
    O3 - Toolbar: (no name) - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - (no file)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [avserve2.exe] C:\WINDOWS\avserve2.exe
    O4 - HKLM\..\Run: [Microsoft-Updates] svxhost.exe
    O4 - HKLM\..\Run: [Microsoft AUTH Update] MSlti32.exe
    O4 - HKLM\..\Run: [Windows Monitor] winmon.exe
    O4 - HKLM\..\Run: [asdx] xwinrpc32.exe
    O4 - HKLM\..\Run: [MsWindows Syspg] mspg32.exe
    O4 - HKLM\..\Run: [Windows Network Firewall] win32.exe
    O4 - HKLM\..\Run: [ecuoipdatpjrhyczaiqv] C:\WINDOWS\System32\lxqxx.exe
    O4 - HKLM\..\Run: [starter] scvhostingg.exe
    O4 - HKLM\..\Run: [version] C:\WINDOWS\System32\Lbcqep.exe
    O4 - HKLM\..\Run: [Microsofts MediaScope] winmedplay.exe
    O4 - HKLM\..\Run: [Crazy Frog Mate] C:\Programas\Crazy Frog Compagnon\Crazy Frog Mate.EXE
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Programas\Ficheiros comuns\Logitech\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Programas\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKLM\..\Run: [LogitechSetup] D:\Setup\Setup.exe /start /restart /l:ptb
    O4 - HKLM\..\Run: [AudioHQ] "C:\WINDOWS\system32\audiohq.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [services.exe] C:\WINDOWS\services.exe
    O4 - HKLM\..\RunServices: [NVIDIA Video drivers] video_32D.exe
    O4 - HKLM\..\RunServices: [Microsoft-Updates] svxhost.exe
    O4 - HKLM\..\RunServices: [Microsoft AUTH Update] MSlti32.exe
    O4 - HKLM\..\RunServices: [Microsoft Update] winsys32.exe
    O4 - HKLM\..\RunServices: [Windows Monitor] winmon.exe
    O4 - HKLM\..\RunServices: [asdx] xwinrpc32.exe
    O4 - HKLM\..\RunServices: [MsWindows Syspg] mspg32.exe
    O4 - HKLM\..\RunServices: [Windows Network Firewall] win32.exe
    O4 - HKLM\..\RunServices: [ecuoipdatpjrhyczaiqv] C:\WINDOWS\System32\lxqxx.exe
    O4 - HKLM\..\RunServices: [starter] scvhostingg.exe
    O4 - HKLM\..\RunServices: [NvCplScan] winasp.exe
    O4 - HKLM\..\RunServices: [Microsofts MediaScope] winmedplay.exe
    O4 - HKCU\..\Run: [NVIDIA Video drivers] video_32D.exe
    O4 - HKCU\..\Run: [sp] C:\sp.exe
    O4 - HKCU\..\Run: [Microsoft AUTH Update] MSlti32.exe
    O4 - HKCU\..\Run: [Microsoft Update] winsys32.exe
    O4 - HKCU\..\Run: [Windows Monitor] winmon.exe
    O4 - HKCU\..\Run: [Windows Network Firewall] win32.exe
    O4 - HKCU\..\Run: [starter] scvhostingg.exe
    O4 - HKCU\..\Run: [NvCplScan] winasp.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Programas\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Uniblue Registry Booster2] C:\Programas\Uniblue\RegistryBooster2\RegistryBooster.exe /S
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programas\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programas\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\RunServices: [Windows Monitor] winmon.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programas\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxdm119YYPT
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://www.clix.pt
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1167008544853
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programas\ficheiros comuns\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programas\Ficheiros comuns\Logitech\SrvLnch\SrvLnch.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Programas\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\System32\UAService7.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programas\Windows Live\installer\WLSetupSvc.exe
     
  2. Kayvlim

    Kayvlim Undefined Moderator
    Staff Member

  3. nono54

    nono54 Power Member

    bondia
    desinstalle avast et installe kaspersky>http://www.kaspersky.com/
    sans pagar por 30dias
    o teu comptador sta infectado!!!8|8|8| 10 virus8|8|8|
    da un rapport hijacthis onde angelofwisdom te disse
    a+:)
     

Partilhar esta Página