Virus no msn

S

Slider257

Membro
Antes de mais, já sei que houve ai outro post sobre um virus qualquer do msn, mas ao ler esse topico, nao me ajudou nada, ja que o virus que apanhei porta-se de outra maneira.

Nao sei como o apanhei, mas o que é certo é que cada vez que ligo a net e vou para o msn, o computador bloqueia por completo (ate o rato bloqueia) e a unica solução que me veio a cabeça foi desligar a net 'pelo fio...'.
Depois, vi as mensagens que ele mandou pro pessoal que são estas:



dude i just got these pictures off my digital for you! Gimme a moment to find em and send,



Lmfao hey im sending my new pictures! Check em out!,
(nick) envia C:\DOCUME~1\User\DEFINI~1\Temp\myimage.zip

is this pic tooo sexy for photobucket??,
(nick) envia C:\DOCUME~1\User\DEFINI~1\Temp\myimage.zip


Como sera que eu me livro desta praga? Ja fiz um fullscan com o antivirus e antispywares (AVS, AdAware SE e Advanced WindowsCare 2).

Sei que a forma tradicional e 100% eficaz e formatar o computador, mas tenho gigas e gigas para fazer backup e da muito trabalho (nem disco rigido externo tenho):(

Cumps


P.S. e ja agora sabem um programa para converter video em GIF com um bom Framerate? Bigado:D
 
Ta na mesma:(:(
Ja fui la ao site do hijackthis.de e meti la o log...e eliminei uh ke tava la...mas nada:(

Sera que naum ha mais nenhuma solução?

agora ate o msn da erro (eu nem o corro e ele dame erro?)

''''A instrução no ''0x01c4103d'' faz referência à memória no ''0x00000000''. A memória não pôde ser ''read''.
Clique em ''OK'' para terminar o programa''''

E isto acontece quando tou por exemplo a correr uma aplicação de fullscreen e fica tudo marado.


ta aqui o log do hijackthis:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:48:01, on 21-10-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\AOL\Active Virus Shield\avp.exe
C:\Programas\LG\System Control Manager\edd.exe
C:\WINDOWS\system32\o2flash.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programas\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Programas\AOL\Active Virus Shield\avp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programas\LG Software\IP Operator\IP Operator.exe
C:\Programas\LG\System Control Manager\MGSysCtrl.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Programas\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\drsys32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Programas\DAEMON Tools\daemon.exe
C:\Programas\Ficheiros comuns\PCSuite\Services\ServiceLayer.exe
C:\Programas\Microsoft Office\Office12\POWERPNT.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Programas\Internet Explorer\iexplore.exe
C:\Documents and Settings\Emanuel\Os meus documentos\Downloads\HiJackThis_v2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [aol] "C:\Programas\AOL\Active Virus Shield\avp.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IPO3] "C:\Programas\LG Software\IP Operator\IP Operator.exe" -aUtOsTaRtFrOmReG
O4 - HKLM\..\Run: [MGSysCtrl] C:\Programas\LG\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Programas\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programas\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [MicrosoftDriverService32] drsys32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programas\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15030/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon da cache de categorias dos componentes - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programas\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Programas\Ares\chatServer.exe
O23 - Service: Active Virus Shield (AVP) - AOL - C:\Programas\AOL\Active Virus Shield\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Evil Driver Daemon (NishService) - Unknown owner - C:\Programas\LG\System Control Manager\edd.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - Unknown owner - C:\Programas\Spyware Doctor\sdhelp.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programas\Ficheiros comuns\PCSuite\Services\ServiceLayer.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Programas\Windows Live\installer\WLSetupSvc.exe
--
End of file - 8263 bytes


Agradecia a quem me pudesse ajudar p. f.

Cumps:001:
 
olha a mim aconteceu-me a mesma coisa!!!
mas no meu não da erro...eu só faço cntrl+alt+delete e acabo com a arvore do processo do MSN e já não tenho problemas.
mas acho k o meu pc ficou mais lento tmb...
eu tentei so apaga-lo apaguei-o mx não deu agora ta "escondido" não sei aonde...
tmb tentei fzr schred file mx nao da...


se alguém souber como tratar disso por favor k diga!!!
thnks
 
kamipt eu ja fiz o scan com o avast com o avg anti-spyware,spyware terminator,avg anti-rootkit e o spyboot encontraram-me varios viruses e adwares mx akel ainda nao o encontraram...
só mxm bloqueando-o com o spyboot e o spyware terminator é k o virus nao faz nda,mx assim nao posso usar o msn...eu vou pôr aki o logfile do hijackThis,se souber kal é k devo apagar diga pls (ou outra pessoa kalker k souber tratar disto pls)...:(



LogFile:Logfile of HijackThis v1.99.1
Scan saved at 20:34:01, on 24-10-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Programas\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Huawei\MT882\dslagent.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\keyhook.exe
C:\Programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programas\Java\jre1.6.0_02\bin\jusched.exe
C:\Programas\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\drsys32.exe
D:\Programas\Spybot - Search & Destroy\TeaTimer.exe
C:\Programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe
D:\Programas\eMule\emule.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Programas\Nero 8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\sistray.exe
C:\Programas\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\Ficheiros comuns\Teleca Shared\Generic.exe
C:\Programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Programas\Alwil Software\Avast4\ashWebSv.exe
C:\Programas\Ficheiros comuns\PCSuite\Services\ServiceLayer.exe
D:\SonyEricson\Mobile Phone Monitor\epmworker.exe
C:\Programas\MSN Messenger\usnsvc.exe
D:\Programas\MFF\firefox.exe
D:\Programas\MicrosoftOfice\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Igor\Ambiente de trabalho\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.live.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\programas\Acrobat\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programas\Crawler\Toolbar\ctbr.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ConnectionServices module - {6D7B211A-88EA-490c-BAB9-3600D8D7C503} - C:\Programas\ConnectionServices\ConnectionServices.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BitAccelerator module - {92860A02-4D69-48c1-82D7-EF6B2C609502} - C:\Programas\BitAccelerator\BitAccelerator.dll
O3 - Toolbar: Barra de ferramentas &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programas\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Huawei\MT882\dslagent.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\SonyEricson\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programas\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "D:\Programas\Nero 8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programas\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [MicrosoftDriverService32] drsys32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Programas\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [eMuleAutoStart] D:\Programas\eMule\emule.exe -AutoStart
O4 - Startup: Adobe Gamma.lnk = C:\Programas\Ficheiros comuns\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: PalTalk.lnk = C:\Programas\Paltalk Messenger\paltalk.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Programas\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Programas\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5012E249-ED59-4385-8268-58AA796FECDB}: NameServer = 195.23.129.126,194.79.69.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7B65941-A7FD-4AD2-9D3D-AA583E882B4A}: NameServer = 195.23.129.126 194.79.69.222
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programas\Crawler\Toolbar\ctbr.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\Programas\Nero 8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programas\Ficheiros comuns\PCSuite\Services\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programas\Spyware Terminator\sp_rsser.exe
O23 - Service: VideoAcceleratorEngine - Unknown owner - D:\PROGRA~1\DAP\SPEEDB~1\VideoAcceleratorEngine.exe (file missing)
 
O2 - BHO: ConnectionServices module - {6D7B211A-88EA-490c-BAB9-3600D8D7C503} - C:\Programas\ConnectionServices\ConnectionServices .dll



Must be fixed! ConnectionServices.dll - Parasite detected by Kaspersky, http://www.kaspersky.com/ antivirus as Adware.Win32.BHO.ccO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)


O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Programas\Paltalk Messenger\Paltalk.exe (file missing)



Remove estas entrys.

Tenta desisntalar o msn e voltar a instalar. Vê o outro tópico aqui no forúm também a queixarem-se de virus.
 
Última edição:
"MyImage" virus no MSN

apaguei todos os entrys mx continua na mxm...:(
com o kaspersy consigo apaga-lo??
ahhhh....e pod indicar-me kal eh o outru topico no forum sff...é k inda nao sei como encontra-lo...thnks
 
Ajudaaaa

Boa noite gostava de saber se já conseguis-te "extreminar" o teu virus pois eu estou com o mesmo probleama que tu... Ja tentei de tudo e n o consigo "demolir" se alguem souber como elimina-lo diga-me por favor.
Beijinho e obrigado
 
MyImage Virus

  • Nao nao consegui...eu gxtva era de sbr kal é o outro topico k tem informações sobre este virus...eu ja tentei quase de tudo para elimina-lo mx nao consegui...tenta fzr o scan com o kaspersky...se nao der vaix ter mxm de deixar de usar o msn como eu...ate apagarx o virus...
 
Atention!!!Virus "MyImage"

eu consegui apaga-lo!!!:004: queimei-o!!!só têm de sacar o kaspersky anti-virus 7.0!!!fazem o full scan e ele dpx encontra-o!!!se nao estou enganado o virus axu k é um Trojan!!!
Boa sorte pakelx k apanharam o virus!!!
e pa proxima nao aceitem nda do msn!!!:lol:
 
A Memoria nao pode ser "written"

Pk k é k quando eu tento abrir o Word da microsoft2007 compactado k nao precisa de estar instalado diz-me >> A memoria nao pode ser "written"?

se alguem me pudesse ajudar agradecia...
 
E escrever em bom português, Não? :rolleyes::rolleyes:, isto não é um télemovel, é um Fórum!

Nem sempre o kaspersky elimina tudo, o que realmente elimina é C:FORMAT :p

Cumps



Bons virus!
 
JDaman disse:
A maneira de mais fácil de apagar um vírus é usando o VHCleaner.
Fiquem Bem.
Clicar para expandir...

Yup. Apagou a minha coleção toda de amostras virais. Depois de eu a meter para o c:\windows\temp que ele limpa sempre... Até essa altura não encontrou uma sequer.

Para limpar ficheiros temporários o CCleaner é melhor e para antivirus não serve.

Uma coisa é ser recente e fazer pouco, outra é não fazer nada. Bastava pedir emprestada a db do Clamav e já não faziam tão má figura.
 
Inicie sessão ou registe-se para poder participar.
Back
Topo