|
|
#1
2. De julho de 2009, 13:46
| |||
| |||
| Não tenho a menor idéia de como ler este alguém pode me ajudar por favor, por favor, nada errado aqui? Logfile da Trend Micro HijackThis v2.0.2 Scan guardado em 07:57:12, em 23/06/2009 Boot mode: Normal Executando processos: C: \ Program Files (x86) \ Ares \ Ares.exe C: \ Program Files (x86) \ HP \ Digital Imaging \ bin \ hpqtra08.exe C: \ Program Files (x86) \ HP \ QuickPlay \ QPService.exe C: \ Program Files (x86) \ Hewlett-Packard \ HP Quick Launch Buttons \ QLBCTRL.exe C: \ Program Files (x86) \ HP \ HP Software Update \ hpwuSchd2.exe C: \ Program Files (x86) \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe C: \ Program Files (x86) \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe C: \ Program Files (x86) \ DAEMON Tools \ daemon.exe C: \ Program Files (x86) \ Common Files \ Real \ Update_OB \ realsched.exe C: \ Program Files (x86) \ Kiwee Toolbar \ 2.8.167 \ kwtbaim.exe C: \ Program Files (x86) \ Lavasoft \ Ad-Aware \ AAWTray.exe C: \ Program Files (x86) \ Common Files \ Research In Motion \ Auto Update \ RIMAutoUpdate.exe C: \ Program Files (x86) \ Java \ jre6 \ bin \ jusched.exe C: \ Program Files (x86) \ iTunes \ iTunesHelper.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashDisp.exe C: \ Program Files (x86) \ Hewlett-Packard \ Shared \ HpqToaster.exe C: \ Windows \ SysWOW64 \ conime.exe C: \ Arquivos de Programas \ Widcomm \ Bluetooth Software \ BluetoothHeadsetProxy.exe C: \ Windows \ SysWOW64 \ Dllhost.exe C: \ Program Files (x86) \ HP \ Digital Imaging \ bin \ hpqSTE08.exe C: \ Program Files (x86) \ Mozilla Firefox \ firefox.exe C: \ Program Files (x86) \ Windows Live \ Messenger \ msnmsgr.exe C: \ Program Files (x86) \ Trend Micro \ HijackThis \ juice.exe.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch = R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = O2 - BHO: (no name) - (02478D38-C3F9-4efb-9B51-7695ECA05670) - (no arquivo) O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files (x86) \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll O2 - BHO: (no name) - (5C255C8A-E604-49b4-9D64-90988571CECB) - (no arquivo) O2 - BHO: NCO 2,0 IE BHO - (602ADB0E-4AFF-4217-8AA1-95DAC4DFA408) - (no arquivo) O2 - BHO: Kiwee Toolbar - (6638A9DE-0745-4292-8A2E-AE530E7B9B3F) - C: \ Program Files (x86) \ Kiwee Toolbar \ 2.8.167 \ KiweeIEToolbar.dll O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files (x86) \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files (x86) \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ s wg.dll O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files (x86) \ Java \ jre6 \ bin \ jp2ssv.dll O2 - BHO: HP Smart BHO Class - (FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856) - C: \ Program Files (x86) \ HP \ Digital Imaging \ Smart Web Printing \ hpswp_BHO.dll O2 - BHO: HP Print Clips - (FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7) - c: \ Program Files (x86) \ HP \ Smart Web Printing \ hpswp_framework.dll O3 - Toolbar: (no name) - (7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA) - (no arquivo) O3 - Toolbar: Kiwee Toolbar - (6638A9DE-0745-4292-8A2E-AE530E7B9B3F) - C: \ Program Files (x86) \ Kiwee Toolbar \ 2.8.167 \ KiweeIEToolbar.dll O4 - HKLM \ .. \ Run: [QPService] "C: \ Program Files (x86) \ HP \ QuickPlay \ QPService.exe" O4 - HKLM \ .. \ Run: [QlbCtrl]% ProgramFiles (x86)% \ Hewlett-Packard \ HP Quick Launch Buttons \ QlbCtrl.exe / Iniciar O4 - HKLM \ .. \ Run: [UCam_Menu] "C: \ Program Files (x86) \ CyberLink \ YouCam \ MUITransfer \ MUIStartMenu.ex e" "C: \ Program Files (x86) \ CyberLink \ YouCam" update "Software \ CyberLink \ YouCam \ 1.0 " O4 - HKLM \ .. \ Run: [hpqSRMon] C: \ Program Files (x86) \ HP \ Digital Imaging \ bin \ hpqSRMon.exe O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files (x86) \ HP \ HP Software Update \ HPWuSchd2.exe O4 - HKLM \ .. \ Run: [hpWirelessAssistant] C: \ Program Files (x86) \ Hewlett-Packard \ HP Wireless Assistant \ HPWAMain.exe O4 - HKLM \ .. \ Run: [WAWifiMessage] C: \ Program Files (x86) \ Hewlett-Packard \ HP Wireless Assistant \ WiFiMsg.exe O4 - HKLM \ .. \ Run: [DAEMON Tools] "C: \ Program Files (x86) \ DAEMON Tools \ daemon.exe"-lang 1033 O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files (x86) \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot O4 - HKLM \ .. \ Run: [KiweeHook] "C: \ Program Files (x86) \ Kiwee Toolbar \ 2.8.167 \ kwtbaim.exe" O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files (x86) \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" O4 - HKLM \ .. \ Run: [Ad-Watch] "C: \ Program Files (x86) \ Lavasoft \ Ad-Aware \ AAWTray.exe" O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files (x86) \ QuickTime \ QTTask.exe"-atboottime O4 - HKLM \ .. \ Run: [BlackBerryAutoUpdate] C: \ Program Files (x86) \ Common Files \ Research In Motion \ Auto Update \ RIMAutoUpdate.exe / antecedentes O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files (x86) \ Java \ jre6 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files (x86) \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKCU \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / AutoRun O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ ehome \ ehTray.exe O4 - HKCU \ .. \ Run: [ares] "C: \ Program Files (x86) \ Ares \ Ares.exe"-h O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2] C: \ Program Files (x86) \ uniblue \ registrybooster 2 \ StartRegistryBooster.exe O4 - HKCU \ .. \ Run: [swg] C: \ Program Files (x86) \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe O4 - HKCU \ .. \ Run: [Windows] JOOJIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII IIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIII0JIIJ IJI0IJ00C: \ Windows \ Services.exe O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files (x86) \ Windows Live \ Messenger \ MsnMsgr.Exe" / background O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth.lnk =? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files (x86) \ HP \ Digital Imaging \ bin \ hpqtra08.exe O9 - Extra button: Enviar para o OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 2 \ MICROS ~ 2 \ Office12 \ ONBttnIE.dll O9 - Extra 'Tools' menuitem: S & final para o OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 2 \ MICROS ~ 2 \ Office12 \ ONBttnIE.dll O9 - Extra button: HP Smart Select - (58ECB495-38F0-49cb-A538-10282ABF65E7) - c: \ Program Files (x86) \ HP \ Smart Web Printing \ hpswp_extensions.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 2 \ MICROS ~ 2 \ Office12 \ REFIEBAR.DLL O9 - Extra button: Enviar para Bluetooth - (CCA281CA-C863-46ef-9331-5C8D4460577F) - C: \ Arquivos de Programas \ Widcomm \ Bluetooth Software \ btsendto_ie.htm O9 - Extra 'Tools' menuitem: Enviar para & Bluetooth Device ... - (CCA281CA-C863-46ef-9331-5C8D4460577F) - C: \ Arquivos de Programas \ Widcomm \ Bluetooth Software \ btsendto_ie.htm O9 - Extra button: Selección inteligente de HP - (DDE87865-83C5-48c4-8357-2F5B1AA84522) - C: \ Program Files (x86) \ HP \ Digital Imaging \ Smart Web Printing \ hpswp_BHO.dll O13 - Gopher Prefix: O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files (x86) \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Windows Service AG (AGWinService) - Unknown owner - C: \ Program Files (x86) \ AGI \ common \ win32 \ PythonService.exe O23 - Service: @% SystemRoot% \ system32 \ Alg.exe, -112 (ALG) - Unknown owner - C: \ Windows \ System32 \ alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Program Files (x86) \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C: \ Program Files (x86) \ Ares \ chatServer.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe O23 - Service: Servicio Bonjour (Bonjour Service) - Apple Inc. - C: \ Program Files (x86) \ Bonjour \ mDNSResponder.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, LP - C: \ Program Files (x86) \ Hewlett-Packard \ HP Quick Launch Buttons \ Com4Qlb.exe O23 - Service: @ dfsrres.dll, -101 (DFSR) - Unknown owner - C: \ Windows \ system32 \ DFSR.exe (arquivo ausente) O23 - Service: GameConsoleService - WildTangent, Inc. - C: \ Program Files (x86) \ HP Games \ My HP Game Console \ GameConsoleService.exe O23 - Service: Google Updater Software (gusvc) - Google - C: \ Program Files (x86) \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c: \ Program Files (x86) \ Hewlett-Packard \ HP Health Check \ hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, LP - C: \ Program Files (x86) \ Hewlett-Packard \ Shared \ hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files (x86) \ Common Files \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe O23 - Service: Servicio del iPod (iPod Service) - Apple Inc. - C: \ Program Files (x86) \ iPod \ bin \ iPodService.exe O23 - Service: @ keyiso.dll, -100 (KeyIso) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing) O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C: \ Program Files (x86) \ Lavasoft \ Ad-Aware \ AAWService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files (x86) \ Common Files \ LightScribe \ LSSrvc.exe O23 - Service: @ comres.dll, -2797 (MSDTC) - Unknown owner - C: \ Windows \ System32 \ msdtc.exe (file missing) O23 - Service: @% SystemRoot% \ System32 \ Netlogon.dll, -102 (Netlogon) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing) O23 - Service: @% systemroot% \ system32 \ Psbase.dll, -300 (ProtectedStorage) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing) O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C: \ Program Files (x86) \ HP \ QuickPlay \ Kernel \ TV \ QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C: \ Program Files (x86) \ HP \ QuickPlay \ Kernel \ TV \ QPSched.exe O23 - Service: Cyberlink RichVideo Service (CRVS) (RichVideo) - Unknown owner - C: \ Program Files (x86) \ CyberLink \ Shared Files \ RichVideo.exe O23 - Service: @% systemroot% \ system32 \ Locator.exe, -2 (RPCLOCATOR Localizador) - Unknown owner - C: \ Windows \ system32 \ Locator.exe (arquivo ausente) O23 - Service: @% SystemRoot% \ system32 \ samsrv.dll, -1 (SamSs) - Unknown owner - C: \ Windows \ system32 \ lsass.exe (file missing) O23 - Service: @% SystemRoot% \ system32 \ SLsvc.exe, -101 (slsvc) - Unknown owner - C: \ Windows \ system32 \ SLsvc.exe (arquivo ausente) O23 - Service: @% SystemRoot% \ system32 \ snmptrap.exe, -3 (SNMPTRAP) - Unknown owner - C: \ Windows \ System32 \ snmptrap.exe (arquivo ausente) O23 - Service: @% systemroot% \ system32 \ spoolsv.exe, -1 (Spooler) - Unknown owner - C: \ Windows \ System32 \ spoolsv.exe (file missing) O23 - Service: @% SystemRoot% \ system32 \ ui0detect.exe, -101 (UI0Detect) - Unknown owner - C: \ Windows \ system32 \ UI0Detect.exe (arquivo ausente) O23 - Service: @% SystemRoot% \ system32 \ vds.exe, -100 (VDS) - Unknown owner - C: \ Windows \ System32 \ vds.exe (arquivo ausente) O23 - Service: @% systemroot% \ system32 \ Vssvc.exe, -102 (VSS) - Unknown owner - C: \ Windows \ system32 \ Vssvc.exe (arquivo ausente) O23 - Service: @% Systemroot% \ system32 \ wbem \ wmiapsrv.exe, -110 (wmiApSrv) - Unknown owner - C: \ Windows \ system32 \ wbem \ WmiApSrv.exe (arquivo ausente) O23 - Service: @% ProgramFiles% \ Windows Media Player \ wmpnetwk.exe, -101 (WMPNetworkSvc) - Unknown owner - C: \ Program Files (x86) \ Windows Media Player \ wmpnetwk.exe (file missing) O23 - Service: XAudioService - Unknown owner - C: \ Windows \ system32 \ DRIVERS \ xaudio64.exe (arquivo ausente) -- Fim do arquivo - 12962 bytes |
|
#2
2. De julho de 2009, 14:16
| |||
| |||
| HijackThis botão direito e escolha Executar como Administrador De seguida seleccione Faça um sistema de verificação só Coloque uma marca de verificação ao lado dos seguintes entradas: (se houver)
Uma vez concluído, saia HijackThis. ---------- Se você já tem Malwarebytes certifique-se de atualizá-lo antes de executar a varredura! Baixar Malwarebytes' Anti-Malware (MBAM) Suplente MBAM link para download
Nota adicional: Se MBAM encontrar um arquivo que é difícil de remover, você será presenteado com 1 de 2 solicitações, clique em OK para deixar MBAM e quer avançar com o processo de desinfecção, se solicitado para reiniciar o computador, faça-o imediatamente.
__________________  |
|
#3
12. De julho de 2009, 19:29
| |||
| |||
| Lamento levou tanto tempo para postar uma resposta aqui é o MBAM log parece muito bom para mim, muito obrigado cara realmente aprecio isso Malwarebytes' Anti-Malware 1,38 Database version: 2325 Windows 6.0.6001 Service Pack 1 12/07/2009 10:26:34 mbam-log-2009-07-12 (22-26-34). txt Scan type: Quick Scan Objetos digitalizados: 74665 Tempo decorrido: 2 minuto (s), 52 segundo (s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Valores do Registro infectados: 0 Dados de Registro Items Infected: 0 Pastas infectadas: 0 Arquivos infectados: 0 Memory Processes Infected: (N º itens maliciosos detectados) Memory Modules Infected: (N º itens maliciosos detectados) Registry Keys Infected: (N º itens maliciosos detectados) Valores do Registro infectados: (N º itens maliciosos detectados) Dados de Registro Items Infected: (N º itens maliciosos detectados) Folders Infected: (N º itens maliciosos detectados) Arquivos Infectados: (N º itens maliciosos detectados) |
|
#4
12. De julho de 2009, 19:53
| |||
| |||
| Será que o computador com problemas, ou é apenas um checkup?
__________________ |
|
#5
12. De julho de 2009, 20:48
| |||
| |||
| Ele teve alguns problemas, mas agora tudo está fixo, graças a vocês, agora o seu tempo de corrigir o meu outro computador e que os verdadeiros desarrumada |
