1. Este site usa cookies. Ao continuar a usar este site está a concordar com o nosso uso de cookies. Saber Mais.

Virus no msn

Discussão em 'Dúvidas e Suporte Técnico PC' iniciada por Slider257, 21 de Outubro de 2007. (Respostas: 16; Visualizações: 3559)

  1. Antes de mais, já sei que houve ai outro post sobre um virus qualquer do msn, mas ao ler esse topico, nao me ajudou nada, ja que o virus que apanhei porta-se de outra maneira.

    Nao sei como o apanhei, mas o que é certo é que cada vez que ligo a net e vou para o msn, o computador bloqueia por completo (ate o rato bloqueia) e a unica solução que me veio a cabeça foi desligar a net 'pelo fio...'.
    Depois, vi as mensagens que ele mandou pro pessoal que são estas:



    dude i just got these pictures off my digital for you! Gimme a moment to find em and send,



    Lmfao hey im sending my new pictures! Check em out!,
    (nick) envia C:\DOCUME~1\User\DEFINI~1\Temp\myimage.zip

    is this pic tooo sexy for photobucket??,
    (nick) envia C:\DOCUME~1\User\DEFINI~1\Temp\myimage.zip


    Como sera que eu me livro desta praga? Ja fiz um fullscan com o antivirus e antispywares (AVS, AdAware SE e Advanced WindowsCare 2).

    Sei que a forma tradicional e 100% eficaz e formatar o computador, mas tenho gigas e gigas para fazer backup e da muito trabalho (nem disco rigido externo tenho):(

    Cumps


    P.S. e ja agora sabem um programa para converter video em GIF com um bom Framerate? Bigado:D
     
  2. jpccaldas

    jpccaldas Power Member

    Hijackthis nisso e vai a hijackthis.de para verificares o log. Os que ele mencionar para apagar apagas.

    Cumpz :)
     
  3. Ta na mesma:(:(
    Ja fui la ao site do hijackthis.de e meti la o log...e eliminei uh ke tava la...mas nada:(

    Sera que naum ha mais nenhuma solução?

    agora ate o msn da erro (eu nem o corro e ele dame erro?)

    ''''A instrução no ''0x01c4103d'' faz referência à memória no ''0x00000000''. A memória não pôde ser ''read''.
    Clique em ''OK'' para terminar o programa''''

    E isto acontece quando tou por exemplo a correr uma aplicação de fullscreen e fica tudo marado.


    ta aqui o log do hijackthis:

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 19:48:01, on 21-10-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programas\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Programas\AOL\Active Virus Shield\avp.exe
    C:\Programas\LG\System Control Manager\edd.exe
    C:\WINDOWS\system32\o2flash.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Programas\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\Programas\AOL\Active Virus Shield\avp.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Programas\LG Software\IP Operator\IP Operator.exe
    C:\Programas\LG\System Control Manager\MGSysCtrl.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Programas\SlySoft\CloneCD\CloneCDTray.exe
    C:\WINDOWS\system32\drsys32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Programas\DAEMON Tools\daemon.exe
    C:\Programas\Ficheiros comuns\PCSuite\Services\ServiceLayer.exe
    C:\Programas\Microsoft Office\Office12\POWERPNT.EXE
    C:\WINDOWS\system32\taskmgr.exe
    C:\Programas\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Emanuel\Os meus documentos\Downloads\HiJackThis_v2.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
    O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [aol] "C:\Programas\AOL\Active Virus Shield\avp.exe"
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [IPO3] "C:\Programas\LG Software\IP Operator\IP Operator.exe" -aUtOsTaRtFrOmReG
    O4 - HKLM\..\Run: [MGSysCtrl] C:\Programas\LG\System Control Manager\MGSysCtrl.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [CloneCDTray] "C:\Programas\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [MicrosoftDriverService32] drsys32.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [PcSync] C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programas\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab
    O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15030/CTPID.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
    O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Daemon da cache de categorias dos componentes - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programas\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Programas\Ares\chatServer.exe
    O23 - Service: Active Virus Shield (AVP) - AOL - C:\Programas\AOL\Active Virus Shield\avp.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Evil Driver Daemon (NishService) - Unknown owner - C:\Programas\LG\System Control Manager\edd.exe
    O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Programas\Spyware Doctor\sdhelp.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Programas\Ficheiros comuns\PCSuite\Services\ServiceLayer.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programas\Windows Live\installer\WLSetupSvc.exe
    --
    End of file - 8263 bytes


    Agradecia a quem me pudesse ajudar p. f.

    Cumps:001:
     
  4. olha a mim aconteceu-me a mesma coisa!!!
    mas no meu não da erro...eu só faço cntrl+alt+delete e acabo com a arvore do processo do MSN e já não tenho problemas.
    mas acho k o meu pc ficou mais lento tmb...
    eu tentei so apaga-lo apaguei-o mx não deu agora ta "escondido" não sei aonde...
    tmb tentei fzr schred file mx nao da...


    se alguém souber como tratar disso por favor k diga!!!
    thnks
     
  5. Kamipt

    Kamipt Power Member

  6. Bgd vou tentar...
     
  7. kamipt eu ja fiz o scan com o avast com o avg anti-spyware,spyware terminator,avg anti-rootkit e o spyboot encontraram-me varios viruses e adwares mx akel ainda nao o encontraram...
    só mxm bloqueando-o com o spyboot e o spyware terminator é k o virus nao faz nda,mx assim nao posso usar o msn...eu vou pôr aki o logfile do hijackThis,se souber kal é k devo apagar diga pls (ou outra pessoa kalker k souber tratar disto pls)...:(



    LogFile:Logfile of HijackThis v1.99.1
    Scan saved at 20:34:01, on 24-10-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
    C:\Programas\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Huawei\MT882\dslagent.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\keyhook.exe
    C:\Programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Programas\Java\jre1.6.0_02\bin\jusched.exe
    C:\Programas\Spyware Terminator\SpywareTerminatorShield.exe
    C:\WINDOWS\system32\drsys32.exe
    D:\Programas\Spybot - Search & Destroy\TeaTimer.exe
    C:\Programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    D:\Programas\eMule\emule.exe
    C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
    D:\Programas\Nero 8\Nero BackItUp\NBService.exe
    C:\WINDOWS\system32\sistray.exe
    C:\Programas\Spyware Terminator\sp_rsser.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programas\Ficheiros comuns\Teleca Shared\Generic.exe
    C:\Programas\Alwil Software\Avast4\ashMaiSv.exe
    C:\Programas\Alwil Software\Avast4\ashWebSv.exe
    C:\Programas\Ficheiros comuns\PCSuite\Services\ServiceLayer.exe
    D:\SonyEricson\Mobile Phone Monitor\epmworker.exe
    C:\Programas\MSN Messenger\usnsvc.exe
    D:\Programas\MFF\firefox.exe
    D:\Programas\MicrosoftOfice\OFFICE11\WINWORD.EXE
    C:\Documents and Settings\Igor\Ambiente de trabalho\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\programas\Acrobat\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programas\Crawler\Toolbar\ctbr.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: ConnectionServices module - {6D7B211A-88EA-490c-BAB9-3600D8D7C503} - C:\Programas\ConnectionServices\ConnectionServices.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: BitAccelerator module - {92860A02-4D69-48c1-82D7-EF6B2C609502} - C:\Programas\BitAccelerator\BitAccelerator.dll
    O3 - Toolbar: Barra de ferramentas &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programas\Crawler\Toolbar\ctbr.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Huawei\MT882\dslagent.exe
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\SonyEricson\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Programas\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [NBKeyScan] "D:\Programas\Nero 8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programas\Spyware Terminator\SpywareTerminatorShield.exe"
    O4 - HKLM\..\Run: [MicrosoftDriverService32] drsys32.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Programas\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [eMuleAutoStart] D:\Programas\eMule\emule.exe -AutoStart
    O4 - Startup: Adobe Gamma.lnk = C:\Programas\Ficheiros comuns\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: PalTalk.lnk = C:\Programas\Paltalk Messenger\paltalk.exe
    O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Programas\Paltalk Messenger\Paltalk.exe (file missing)
    O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O12 - Plugin for .spop: C:\Programas\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5012E249-ED59-4385-8268-58AA796FECDB}: NameServer = 195.23.129.126,194.79.69.222
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7B65941-A7FD-4AD2-9D3D-AA583E882B4A}: NameServer = 195.23.129.126 194.79.69.222
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programas\Crawler\Toolbar\ctbr.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Programas\Nero 8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Programas\Ficheiros comuns\PCSuite\Services\ServiceLayer.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programas\Spyware Terminator\sp_rsser.exe
    O23 - Service: VideoAcceleratorEngine - Unknown owner - D:\PROGRA~1\DAP\SPEEDB~1\VideoAcceleratorEngine.exe (file missing)
     
  8. Kamipt

    Kamipt Power Member

    O2 - BHO: ConnectionServices module - {6D7B211A-88EA-490c-BAB9-3600D8D7C503} - C:\Programas\ConnectionServices\ConnectionServices .dll




    Must be fixed! ConnectionServices.dll - Parasite detected by Kaspersky, http://www.kaspersky.com/ antivirus as Adware.Win32.BHO.ccO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)


    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Programas\Paltalk Messenger\Paltalk.exe (file missing)




    Remove estas entrys.

    Tenta desisntalar o msn e voltar a instalar. Vê o outro tópico aqui no forúm também a queixarem-se de virus.
     
    Última edição: 25 de Outubro de 2007
  9. "MyImage" virus no MSN

    apaguei todos os entrys mx continua na mxm...:(
    com o kaspersy consigo apaga-lo??
    ahhhh....e pod indicar-me kal eh o outru topico no forum sff...é k inda nao sei como encontra-lo...thnks
     
  10. Ajudaaaa

    Boa noite gostava de saber se já conseguis-te "extreminar" o teu virus pois eu estou com o mesmo probleama que tu... Ja tentei de tudo e n o consigo "demolir" se alguem souber como elimina-lo diga-me por favor.
    Beijinho e obrigado
     
  11. MyImage Virus

    • Nao nao consegui...eu gxtva era de sbr kal é o outro topico k tem informações sobre este virus...eu ja tentei quase de tudo para elimina-lo mx nao consegui...tenta fzr o scan com o kaspersky...se nao der vaix ter mxm de deixar de usar o msn como eu...ate apagarx o virus...
     
  12. Atention!!!Virus "MyImage"

    eu consegui apaga-lo!!!:004: queimei-o!!!só têm de sacar o kaspersky anti-virus 7.0!!!fazem o full scan e ele dpx encontra-o!!!se nao estou enganado o virus axu k é um Trojan!!!
    Boa sorte pakelx k apanharam o virus!!!
    e pa proxima nao aceitem nda do msn!!!:lol:
     
  13. A Memoria nao pode ser "written"

    Pk k é k quando eu tento abrir o Word da microsoft2007 compactado k nao precisa de estar instalado diz-me >> A memoria nao pode ser "written"?

    se alguem me pudesse ajudar agradecia...
     
  14. JDaman

    JDaman Power Member

    A maneira de mais fácil de apagar um vírus é usando o VHCleaner.

    Fiquem Bem.
     
  15. paulojbcorreia

    paulojbcorreia Suspenso

  16. KingjacK

    KingjacK What is folding?

    E escrever em bom português, Não? :rolleyes::rolleyes:, isto não é um télemovel, é um Fórum!

    Nem sempre o kaspersky elimina tudo, o que realmente elimina é C:FORMAT :p

    Cumps



    Bons virus!
     
  17. ShadeX

    ShadeX Power Member

    Yup. Apagou a minha coleção toda de amostras virais. Depois de eu a meter para o c:\windows\temp que ele limpa sempre... Até essa altura não encontrou uma sequer.

    Para limpar ficheiros temporários o CCleaner é melhor e para antivirus não serve.

    Uma coisa é ser recente e fazer pouco, outra é não fazer nada. Bastava pedir emprestada a db do Clamav e já não faziam tão má figura.
     

Partilhar esta Página