tiagolimp
-
Total de itens
2 -
Registro em
-
Última visita
Sobre tiagolimp
tiagolimp's Achievements
0
Reputação
-
Bom dia! Formatei o meu pc, e na hora de instalar de novo os codecs, optei por tirar do Filehippo o K-lite pack Full. Quando os instalei, apareceu um aviso e uma ligação à internet dizendo que havia uma actualização para um dos programas, e eu fiz essa actualização. Acontece que no mesmo dia, quando desliguei o pc, ele ficou a fazer 15 actualizações antes de desligar e ontem mais 40. Quando o ligo, aparece tambem a fazer 3000 e não sei quantas actualizações antes de iniciar. Noto que ficou também um pouco mais lento. Segue então o meu log do Hijacjkthis, obrigado desde já pela atenção: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:07:06, on 28-09-2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16839) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe C:\Users\Tiago\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Users\Tiago\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Tiago\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\rundll32.exe C:\Users\Tiago\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent O4 - HKCU\..\Run: [Google Update] "C:\Users\Tiago\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Serviço de rede') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Serviço de rede') O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{D1430CFA-00B4-4C86-8C47-1F4E4B244BB4}: NameServer = 212.18.160.133 212.18.160.134 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Realtek11nSU - Realtek - C:\Program Files\REALTEK\Wireless LAN Utility\RtlService.exe O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- End of file - 4110 bytes
-
Boa tarde, tal como referi na descrição do tópico, aparecem constantemente avisos a dizer que o pc não está protegido e a perguntar se quero descarregar anti-spyware etc Já cancelei o acesso do pc à internet pois sei que aqueles avisos não são inofensivos e não quero arriscar ter mais virus. Envio então o log do hijack, obrigado desde já! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:17:23, on 08-04-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programas\Lavasoft\Ad-Aware\AAWService.exe C:\WINDOWS\system32\spoolsv.exe c:\programas\ficheiros comuns\logitech\lvmvfm\LVPrcSrv.exe C:\Programas\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Lavasoft\Ad-Aware\AAWTray.exe C:\WINDOWS\system32\userinit.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Programas\Logitech\Video\CameraAssistant.exe C:\WINDOWS\system32\ElkCtrl.exe C:\Programas\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Programas\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Programas\Messenger\msmsgs.exe C:\Programas\FriendFinder\FriendFinder Messenger 4\imc.exe C:\Documents and Settings\Eduardo Cabrita\Application Data\Techno Design IP\LiveSearch Notification.exe C:\Documents and Settings\All Users.WINDOWS\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\DOCUME~1\EDUARD~1\DEFINI~1\Temp\1819.exe C:\Programas\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Programas\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\wuauclt.exe C:\Programas\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/results.aspx?q={sea...amp;FORM=MIC9E5 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pt.MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - (no file) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programas\Logitech\Video\CameraAssistant.exe O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programas\Logitech\Video\InstallHelper.exe /inspect O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation O4 - HKLM\..\Run: [egui] "C:\Programas\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Ad-Watch] C:\Programas\Lavasoft\Ad-Aware\AAWTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Programas\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programas\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [iMC] C:\Programas\FriendFinder\FriendFinder Messenger 4\imc.exe O4 - HKCU\..\Run: [LiveSearchNotification] "C:\Documents and Settings\Eduardo Cabrita\Application Data\Techno Design IP\LiveSearch Notification.exe" O4 - HKCU\..\Run: [Cognac] C:\DOCUME~1\EDUARD~1\DEFINI~1\Temp\1819.exe O4 - HKCU\..\Run: [MS AntiSpyware 2009] "C:\Documents and Settings\All Users.WINDOWS\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe" /autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programas\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Publicar em Blogue - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Publicar no Blogue no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1204736189007 O18 - Protocol: bw+0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {35E0A888-F9D0-454C-886F-1860CC556F39} - C:\Programas\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHEI~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Programas\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Programas\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programas\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programas\ficheiros comuns\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 19397 bytes
-
não, já esta optimo! Muito obrigado, parabens pela secção de Remoção de Malwares, 5 estrelas
-
-
-
-
Envio o meu log do HijackThis, para que me possa resolver os problemas do computador. Muito obrigado Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:19:50, on 31-05-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programas\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programas\Analog Devices\Core\smax4pnp.exe C:\Programas\Portrait Displays\HP My Display\DTHtml.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Programas\HP\hpcoretech\hpcmpmgr.exe C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\WINDOWS\system32\hphmon05.exe C:\Programas\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programas\Logitech\Video\LogiTray.exe C:\Programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Programas\Ficheiros comuns\Portrait Displays\Shared\HookManager.exe C:\Programas\Ficheiros comuns\PCSuite\DataLayer\DataLayer.exe C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe C:\PROGRA~1\FICHEI~1\PCSuite\Services\SERVIC~1.EXE C:\Programas\Ficheiros comuns\Nero\Lib\NMBgMonitor.exe C:\Programas\ASUS WiFi-AP Solo\RtWLan.exe C:\PROGRA~1\FICHEI~1\Nokia\MPAPI\MPAPI3s.exe C:\Programas\OpenOffice.org 2.3\program\soffice.exe C:\Programas\OpenOffice.org 2.3\program\soffice.BIN C:\Programas\Logitech\Video\FxSvr2.exe C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Programas\Ficheiros comuns\Portrait Displays\Shared\dtsrvc.exe C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\HPZipm12.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\WgaTray.exe C:\Programas\Windows Live\Messenger\msnmsgr.exe C:\Programas\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Programas\Mozilla Firefox\firefox.exe C:\Programas\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [soundMAXPnP] C:\Programas\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [DT HPW] C:\Programas\Portrait Displays\HP My Display\DTHtml.exe -startup_folder O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] C:\Programas\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Programas\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programas\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programas\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [DataLayer] C:\Programas\Ficheiros comuns\PCSuite\DataLayer\DataLayer.exe O4 - HKLM\..\Run: [AVP] "C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [b882adbf] rundll32.exe "C:\WINDOWS\system32\pvgdqfut.dll",b O4 - HKLM\..\Run: [bMbbb19e23] Rundll32.exe "C:\WINDOWS\system32\ommxhcco.dll",s O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programas\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [PcSync] C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Nero\Lib\NMBgMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'Default user') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Programas\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ? O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199910501539 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199910492054 O22 - SharedTaskScheduler: exegeses - {db763ed8-100a-481b-8913-50a2f41dcdc3} - (no file) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programas\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Programas\Ficheiros comuns\Portrait Displays\Shared\dtsrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 7864 bytes
-
Certissimo, muito obrigado por tudo, restam-me apenas 2 duvidas: A unidade D: tambem estara limpa? eu fiz todos estes procedimentos na unidade C: ou os programas tambem actuaram para o disco D: ? Por ultimo, gostaria de lhe pedir um conselho sobre programas que ache importante ter instalados (anti-virus, firewalls, etc) por forma a prevenir virus, trojans, etc? Muito obrigado por tudo
-
Boa noite, de facto tinha uma pendrive com o Knight. O programa disse que foi eliminado quer o da pen, quer o do pc. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:08:06, on 25-04-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programas\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programas\Ficheiros comuns\Portrait Displays\Shared\dtsrvc.exe C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programas\Analog Devices\Core\smax4pnp.exe C:\Programas\Portrait Displays\HP My Display\DTHtml.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Programas\HP\hpcoretech\hpcmpmgr.exe C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\WINDOWS\system32\hphmon05.exe C:\Programas\Java\jre1.6.0_05\bin\jusched.exe C:\Programas\Ficheiros comuns\Portrait Displays\Shared\HookManager.exe C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programas\Logitech\Video\LogiTray.exe C:\Programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Programas\Ficheiros comuns\PCSuite\DataLayer\DataLayer.exe C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMBgMonitor.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe C:\Programas\ASUS WiFi-AP Solo\RtWLan.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexStoreSvr.exe C:\PROGRA~1\FICHEI~1\PCSuite\Services\SERVIC~1.EXE C:\Programas\OpenOffice.org 2.3\program\soffice.exe C:\Programas\OpenOffice.org 2.3\program\soffice.BIN C:\PROGRA~1\FICHEI~1\Nokia\MPAPI\MPAPI3s.exe C:\Programas\Logitech\Video\FxSvr2.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Programas\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [soundMAXPnP] C:\Programas\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [DT HPW] C:\Programas\Portrait Displays\HP My Display\DTHtml.exe -startup_folder O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] C:\Programas\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Programas\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programas\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programas\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [DataLayer] C:\Programas\Ficheiros comuns\PCSuite\DataLayer\DataLayer.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programas\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [PcSync] C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Nero\Lib\NMBgMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'Default user') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Programas\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ? O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199910501539 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199910492054 O22 - SharedTaskScheduler: exegeses - {db763ed8-100a-481b-8913-50a2f41dcdc3} - (no file) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programas\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Programas\Ficheiros comuns\Portrait Displays\Shared\dtsrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8069 bytes
-
-
-
Boas, já fiz o exame, mas tenho uma duvida. Tenho de fazer o mesmo para o disco D: ? porque o tal ficheiro autorun.inf tambem se encontrava no d: . Abaixo seguem os dois relatorios: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:32:49, on 22-04-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programas\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programas\Ficheiros comuns\Portrait Displays\Shared\dtsrvc.exe C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\notepad.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programas\Analog Devices\Core\smax4pnp.exe C:\Programas\Portrait Displays\HP My Display\DTHtml.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Programas\HP\hpcoretech\hpcmpmgr.exe C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\WINDOWS\system32\hphmon05.exe C:\Programas\Ficheiros comuns\Portrait Displays\Shared\HookManager.exe C:\Programas\Java\jre1.6.0_05\bin\jusched.exe C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programas\Logitech\Video\LogiTray.exe C:\Programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Programas\Ficheiros comuns\PCSuite\DataLayer\DataLayer.exe C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMBgMonitor.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe C:\Programas\ASUS WiFi-AP Solo\RtWLan.exe C:\Programas\OpenOffice.org 2.3\program\soffice.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\FICHEI~1\Nokia\MPAPI\MPAPI3s.exe C:\Programas\Logitech\Video\FxSvr2.exe C:\PROGRA~1\FICHEI~1\PCSuite\Services\SERVIC~1.EXE C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexStoreSvr.exe C:\Programas\OpenOffice.org 2.3\program\soffice.BIN C:\WINDOWS\system32\HPZipm12.exe C:\Programas\Mozilla Firefox\firefox.exe C:\Programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [soundMAXPnP] C:\Programas\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [DT HPW] C:\Programas\Portrait Displays\HP My Display\DTHtml.exe -startup_folder O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] C:\Programas\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Programas\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programas\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programas\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [DataLayer] C:\Programas\Ficheiros comuns\PCSuite\DataLayer\DataLayer.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programas\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [PcSync] C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Nero\Lib\NMBgMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'Default user') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Programas\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ? O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199910501539 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199910492054 O22 - SharedTaskScheduler: exegeses - {db763ed8-100a-481b-8913-50a2f41dcdc3} - (no file) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programas\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Programas\Ficheiros comuns\Portrait Displays\Shared\dtsrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 7771 bytes ------------------------------------------------------------------------------------------------------------- SDFix: Version 1.173 Run by Tiago on 22-04-2008 at 15:23 Microsoft Windows XP [VersÆo 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Default IE HomePage Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\SYSTEM32\BUBBJ.DLL - Deleted C:\Documents and Settings\All Users\Menu Iniciar\Online Security Guide.url - Deleted C:\Documents and Settings\All Users\Menu Iniciar\Security Troubleshooting.url - Deleted C:\Programas\NetProject\ot.ico - Deleted C:\Programas\NetProject\sbmdl.dll - Deleted C:\Programas\NetProject\sbmntr.exe - Deleted C:\Programas\NetProject\sbsm.exe - Deleted C:\Programas\NetProject\sbun.exe - Deleted C:\Programas\NetProject\scit.exe - Deleted C:\Programas\NetProject\scm.exe - Deleted C:\Programas\NetProject\scu.exe - Deleted C:\Programas\NetProject\ts.ico - Deleted C:\Programas\NetProject\wamdl.dll - Deleted C:\Programas\NetProject\waun.exe - Deleted C:\DOCUME~1\Tiago\DEFINI~1\Temp\zfe2.exe - Deleted C:\DOCUME~1\Tiago\DEFINI~1\Temp\zfe4.exe - Deleted Folder C:\Programas\NetProject - Removed Folder C:\WINDOWS\system32\892267 - Removed Removing Temp Files ADS Check : Final Check : catchme 0.3.1353.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-22 15:25:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Programas\\Grisoft\\AVG Free\\avginet.exe"="C:\\Programas\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe" "C:\\Programas\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Programas\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe" "C:\\Programas\\Grisoft\\AVG Free\\avgcc.exe"="C:\\Programas\\Grisoft\\AVG Free\\avgcc.exe:*:Enabled:avgcc.exe" "C:\\Programas\\Grisoft\\AVG Free\\avgemc.exe"="C:\\Programas\\Grisoft\\AVG Free\\avgemc.exe:*:Enabled:avgemc.exe" "C:\\Programas\\uTorrent\\uTorrent.exe"="C:\\Programas\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent" "C:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Programas\\Windows Live\\Messenger\\livecall.exe"="C:\\Programas\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Programas\\Tiago\\Jogos\\Diablo II\\Diablo II.exe"="C:\\Programas\\Tiago\\Jogos\\Diablo II\\Diablo II.exe:*:Enabled:Diablo II - Lord of Destruction" "C:\\Programas\\Ficheiros comuns\\Nero\\Nero Web\\SetupX.exe"="C:\\Programas\\Ficheiros comuns\\Nero\\Nero Web\\SetupX.exe:*:Enabled:Nero ControlCenter" "C:\\Programas\\Tiago\\Jogos\\Age of Empires II\\age2_x1\\age2_x1.exe"="C:\\Programas\\Tiago\\Jogos\\Age of Empires II\\age2_x1\\age2_x1.exe:*:Enabled:Age of Empires II Expansion" "C:\\Programas\\Microsoft Games\\Age of Empires II\\EMPIRES2.EXE"="C:\\Programas\\Microsoft Games\\Age of Empires II\\EMPIRES2.EXE:*:Enabled:Age of Empires II" "C:\\Programas\\Microsoft Games\\Version 1.0\\Age of Empires II\\age2_x1\\age2_x1.exe"="C:\\Programas\\Microsoft Games\\Version 1.0\\Age of Empires II\\age2_x1\\age2_x1.exe:*:Enabled:Age of Empires II Expansion" "C:\\Programas\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe"="C:\\Programas\\Microsoft Games\\Age of Empires II\\age2_x1\\age2_x1.exe:*:Enabled:Age of Empires II Expansion" "C:\\Programas\\Tiago\\Age of Empires II The Conquerors Expansion Trial\\age2_x1t.exe"="C:\\Programas\\Tiago\\Age of Empires II The Conquerors Expansion Trial\\age2_x1t.exe:*:Enabled:Age of Empires II Expansion" "C:\\Programas\\Microsoft Games\\versao com patch\\Age of Empires II\\age2_x1\\age2_x1.exe"="C:\\Programas\\Microsoft Games\\versao com patch\\Age of Empires II\\age2_x1\\age2_x1.exe:*:Enabled:Age of Empires II Expansion" "C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper" "C:\\Programas\\mIRC\\mirc.exe"="C:\\Programas\\mIRC\\mirc.exe:*:Enabled:mIRC" "C:\\Programas\\Microsoft Games\\versao com patch\\Age of Empires II\\EMPIRES2.EXE"="C:\\Programas\\Microsoft Games\\versao com patch\\Age of Empires II\\EMPIRES2.EXE:*:Enabled:Age of Empires II" "C:\\Programas\\Microsoft Games\\age of kings\\OldAOC\\AGE2tc_oldversion.exe"="C:\\Programas\\Microsoft Games\\age of kings\\OldAOC\\AGE2tc_oldversion.exe:*:Enabled:Age of Empires II Expansion" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programas\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Programas\\Windows Live\\Messenger\\livecall.exe"="C:\\Programas\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Thu 17 Apr 2008 857 ...HR --- "C:\Documents and Settings\Tiago\Application Data\SecuROM\UserData\securom_v7_01.bak" Finished!
-
Olá a todos. Tenho um Autorun.inf em C: e um em D: que são os meus dois discos do pc. Não consigo remove-los, alguém me pode ajudar? Obrigado desde já. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:12:00, on 20-04-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programas\NetProject\scit.exe C:\Programas\NetProject\sbmntr.exe C:\Programas\NetProject\scm.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programas\Analog Devices\Core\smax4pnp.exe C:\Programas\NetProject\sbsm.exe C:\Programas\Portrait Displays\HP My Display\DTHtml.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Programas\HP\hpcoretech\hpcmpmgr.exe C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\WINDOWS\system32\hphmon05.exe C:\Programas\Java\jre1.6.0_05\bin\jusched.exe C:\Programas\Ficheiros comuns\Portrait Displays\Shared\HookManager.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Programas\Logitech\Video\LogiTray.exe C:\Programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Programas\Ficheiros comuns\PCSuite\DataLayer\DataLayer.exe C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMBgMonitor.exe C:\Programas\ASUS WiFi-AP Solo\RtWLan.exe C:\PROGRA~1\FICHEI~1\PCSuite\Services\SERVIC~1.EXE C:\Programas\OpenOffice.org 2.3\program\soffice.exe C:\PROGRA~1\FICHEI~1\Nokia\MPAPI\MPAPI3s.exe C:\Programas\OpenOffice.org 2.3\program\soffice.BIN C:\Programas\Logitech\Video\FxSvr2.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\Programas\Ficheiros comuns\Portrait Displays\Shared\dtsrvc.exe C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe C:\WINDOWS\system32\HPZipm12.exe C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexStoreSvr.exe C:\Programas\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Programas\Lavasoft\Ad-Aware\aawservice.exe C:\Programas\NetProject\sbsm.exe C:\Programas\NetProject\sbsm.exe C:\Programas\NetProject\sbsm.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programas\Windows Media Player\wmplayer.exe C:\Programas\Mozilla Firefox\firefox.exe C:\Programas\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: 892267 helper - {25E0128D-AAFC-49FF-AB11-1F12C2FCC391} - C:\WINDOWS\system32\892267\892267.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - C:\Programas\NetProject\sbmdl.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Internet Service - {51D81DD5-55B7-497F-95DB-D356429BB54E} - C:\Programas\NetProject\wamdl.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [soundMAXPnP] C:\Programas\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [DT HPW] C:\Programas\Portrait Displays\HP My Display\DTHtml.exe -startup_folder O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HPHUPD05] C:\Programas\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HP Component Manager] "C:\Programas\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HP Software Update] "C:\Programas\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programas\Ficheiros comuns\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Programas\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programas\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programas\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programas\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray O4 - HKLM\..\Run: [DataLayer] C:\Programas\Ficheiros comuns\PCSuite\DataLayer\DataLayer.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programas\Logitech\Video\ManifestEngine.exe boot O4 - HKCU\..\Run: [PcSync] C:\Programas\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programas\Ficheiros comuns\Nero\Lib\NMBgMonitor.exe" O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Programas\NetProject\scit.exe O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Programas\NetProject\sbmntr.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SERVIÇO LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Serviço de rede') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'Serviço de rede') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSection nLite.inf,C (User 'Default user') O4 - Startup: OpenOffice.org 2.3.lnk = C:\Programas\OpenOffice.org 2.3\program\quickstart.exe O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ? O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.gateietool.com/redirect.php (file missing) O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.gateietool.com/redirect.php (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199910501539 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199910492054 O22 - SharedTaskScheduler: exegeses - {db763ed8-100a-481b-8913-50a2f41dcdc3} - (no file) O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programas\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Programas\Ficheiros comuns\Portrait Displays\Shared\dtsrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8928 bytes