menor de capital

Magazine
Go Back   Computador Juice > Computer Software > Vírus, spyware e Segurança
Reload this Page

SWS AntiSpyware Virus Removal

Registar Site Spy Member List Doação Pesquisa Today's Posts Mark Forums Read Fórum Regimento

Register


 Default 

SWS AntiSpyware Virus Removal




Reply
 
Thread Tools
  #1  
Old 3 dez 2007, 11:30
Os novos Estados-Grupo
  
Eu sou atormentado com pop ups.
A maioria dos pop ups Estou recebendo sempre a dizer-me o meu PC está infectado ou prestes a falhar e, em seguida, sempre a partir de uma tela de segurança do Windows centro dizendo spyware tem invadido o meu computador e está a abrandar o.

Eu sou sempre convidada para fazer o download SWS antispyware 2007 para reparar o meu PC. O download do arquivo de segurança de aviso indica que é a partir de <edit> . com que eu não tiver o download do mesmo.

Outros pop ups são os bancos de telefones móveis e todos os tipos de outras coisas.
Tenho digitalizado com spybot S & D, AVG, Ad-Aware, Mcaffee Avira e que não encontrá-lo ou qualquer outra coisa de nota.

Aqui Smy hijack este log ...

Logfile da Trend Micro HijackThis v2.0.2
Scan guardado em 18:29:54, em 03/12/2007
Plataforma: Windows XP SP2 (WinNT 5/01/2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Executando processos:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ SYSTEM32 \ winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
C: \ WINDOWS \ system32 \ LEXBCES.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS.EXE
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7/5 \ guard.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVGFRE ~ 1 \ avgamsvr.exe
C: \ Program Files \ CyberLink \ PowerDVD \ PDVDServ.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVGFRE ~ 1 \ avgupsvc.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVGFRE ~ 1 \ avgemc.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ WINDOWS \ system32 \ igfxtray.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ acer \ epm \ epm-dm.exe
C: \ Program Files \ Launch Manager \ QtZgAcer.EXE
C: \ WINDOWS \ system32 \ PL15Co2K.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVGFRE ~ 1 \ avgcc.exe
C: \ Program Files \ Lexmark 1200 Series \ lxczbmgr.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Lexmark 1200 Series \ lxczbmon.exe
C: \ Program Files \ Kontiki \ KService.exe
C: \ Program Files \ QuickTime \ qttask.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Kontiki \ KHost.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7/5 \ avgas.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Arquivos de Programas \ Internet Explorer \ iexplore.exe
C: \ Arquivos de Programas \ Internet Explorer \ iexplore.exe
C: \ Documents and Settings \ Acer \ Desktop \ HiJackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no arquivo)
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Arquivos de Programas \ Adobe \ Acrobat 6.0 \ Reader \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O4 - HKLM \ .. \ Run: [LaunchApp] Alaunch
O4 - HKLM \ .. \ Run: [RemoteControl] "C: \ Program Files \ CyberLink \ PowerDVD \ PDVDServ.exe"
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ Imjpmig.exe" / Spoil / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,, BluetoothAuthenticationAgent
O4 - HKLM \ .. \ Run: [IgfxTray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [EPM-DM] c: \ acer \ epm \ epm-dm.exe
O4 - HKLM \ .. \ Run: [LManager] C: \ Program Files \ Launch Manager \ QtZgAcer.EXE
O4 - HKLM \ .. \ Run: [Hi-Speed USB DEVICE Coinstaller] PL15Co2K.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVGFRE ~ 1 \ avgcc.exe / STARTUP
O4 - HKLM \ .. \ Run: [UnlockerAssistant] "C: \ Program Files \ Unlocker \ UnlockerAssistant.exe"
O4 - HKLM \ .. \ Run: [Lexmark 1200 Series] "C: \ Program Files \ Lexmark 1200 Series \ lxczbmgr.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [4oD] "C: \ Program Files \ Kontiki \ KHost.exe"-all
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7/5 \ avgas.exe" / minimizada
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [BgMonitor_ (79662E04-7C6C-4d9f-84C7-88D8A56B10AA)] "C: \ Program Files \ Common Files \ Ahead \ Lib \ NMBgMonitor.exe"
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Arquivos de Programas \ Windows Media Player \ WMPNSCFG.exe
O4 - HKCU \ .. \ Run: [KDX] C: \ Program Files \ Kontiki \ KHost.exe-all
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVGFRE ~ 1 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVGFRE ~ 1 \ avgw.exe / RunOnce (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C: \ Arquivos de Programas \ Microsoft Office \ Office \ OSA9.exe
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (03F998B2-0E00-11D3-A498-00104B6EB52E) (MetaStreamCtl Classe) -- https: / / components.viewpoint.com/MTS...862 & cat_uid = 12
O16 - DPF: (0B79F48A-E8D6-11DB-9283-E25056D89593) (F-Secure Online Scanner 3.1) -- http://support.f-secure.com/ols/fscax.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://by114fd.bay114.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1169298913681
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: (F04A8AE2-A59D-11D2-8792-00C04F8EF29D) (Hotmail Anexos Controle) -- http://by114fd.bay114.hotmail.msn.co...x/HMAtchmt.ocx
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Grisoft sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7/5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVGFRE ~ 1 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVGFRE ~ 1 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVGFRE ~ 1 \ avgemc.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: KService - Kontiki Inc. - C: \ Program Files \ Kontiki \ KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C: \ WINDOWS \ system32 \ LEXBCES.EXE
O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
--
Fim do processo - 7637 bytes
  #2  
Old 4 de dezembro de 2007, 01:57
Moderador Grupo
  
Bem-vindo ao CJ.

O log HijackThis não mostra muito considerando que você está descrevendo.

Você irá precisar de trabalho através este post e fornecer os registros solicitados.
__________________
Reply

Register
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Contato -- Privacidade -- Mapa do Site -- Topo

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd. SEO por vBSEO © 2009, rastreamento, Inc.