Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Joao Bezerra

[Arquivado] HijackThis Log

Recommended Posts

Bom dia, alguem me pode ajudar a perceber se tenho algum problema...ja fiz um scan com o HijackThis.

 

O relatório que deu foi esse:

 

Logfile of HijackThis v1.99.1

Scan saved at 12:39:37, on 08-05-2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programas\Intel\Wireless\Bin\EvtEng.exe

C:\Programas\Intel\Wireless\Bin\S24EvMon.exe

C:\Programas\AVG\AVG9\avgchsvx.exe

C:\Programas\AVG\AVG9\avgrsx.exe

C:\Programas\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe

C:\Programas\AVG\AVG9\avgwdsvc.exe

C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.exe

C:\Programas\Ficheiros comuns\BinarySense\hldasvc.exe

C:\Programas\Ficheiros comuns\BinarySense\hldasvc.exe

C:\Programas\Ficheiros comuns\eMail ID\IconixService.exe

C:\Programas\AVG\AVG9\avgnsx.exe

C:\Programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Programas\Intel\Wireless\bin\ZCfgSvc.exe

C:\Programas\Intel\Wireless\Bin\EOUWiz.exe

C:\PROGRA~1\LAUNCH~1\LManager.exe

C:\Programas\eMail ID\OEAddOn\OEdmn_6.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Programas\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe

C:\Programas\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\igfxext.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\Messenger\msmsgs.exe

C:\Documents and Settings\João Bezerra\Definições locais\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe

C:\DOCUME~1\JOOBEZ~1\DEFINI~1\Temp\RtkBtMnt.exe

C:\Programas\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Programas\Windows Live\Messenger\msnmsgr.exe

C:\Programas\MessengerDiscovery 2\MessengerDiscovery 2.exe

C:\Programas\Windows Live\Contacts\wlcomm.exe

C:\Programas\Lavasoft\Ad-Aware\AAWService.exe

C:\Programas\Lavasoft\Ad-Aware\AAWTray.exe

C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe

C:\Programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\João Bezerra\Definições locais\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\João Bezerra\Definições locais\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\João Bezerra\Definições locais\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\João Bezerra\Definições locais\Application Data\Google\Chrome\Application\chrome.exe

C:\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bwin.com/livebets.aspx

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programas\AVG\AVG9\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programas\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: IconixBHOClass Class - {761233B6-F228-49E4-8F6B-668499D4E55A} - C:\Programas\eMail ID\IEAddOn\IconixBHO_42.dll

O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programas\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Programas\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [EOUApp] "C:\Programas\Intel\Wireless\Bin\EOUWiz.exe"

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [AzMixerSel] C:\Programas\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM\..\Run: [Ad-Watch] C:\Programas\Lavasoft\Ad-Aware\AAWTray.exe

O4 - HKLM\..\Run: [iconixOEAddOn] "C:\Programas\eMail ID\OEAddOn\OEdmn_6.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [synTPEnh] C:\Programas\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Programas\Ficheiros comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programas\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Programas\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\João Bezerra\Definições locais\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [scheduler_monitor] C:\Programas\ReaConverter 5.5 Pro\init_scheduler.exe

O4 - Global Startup: McAfee Security Scan.lnk = ?

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Programas\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: (no name) - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Programas\eMail ID\IEAddOn\IconixBHO_42.dll

O9 - Extra 'Tools' menuitem: Email ID Preferences - {400A6CFA-E326-4d61-A90C-9AD75358DC5F} - C:\Programas\eMail ID\IEAddOn\IconixBHO_42.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programas\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programas\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra button: (no name) - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Programas\eMail ID\IEAddOn\IconixBHO_42.dll

O9 - Extra 'Tools' menuitem: About Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Programas\eMail ID\IEAddOn\IconixBHO_42.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra button: PokerTime - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\PokerTimeMPP\MPPoker.exe (file missing) (HKCU)

O11 - Options group: [iNTERNATIONAL] International

O11 - Options group: [TABS] Tabbed Browsing

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://pt.powerchallenge.com/applet/PowerLoader.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab

O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programas\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Programas\Ficheiros comuns\BinarySense\hlAPP.dll" (file missing)

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programas\AVG\AVG9\avgpp.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programas\Ficheiros comuns\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll

O23 - Service: ArcGIS License Manager - Unknown owner - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Programas\AVG\AVG9\avgwdsvc.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programas\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Serviço Google Update (gupdate1c9b276a161315a) (gupdate1c9b276a161315a) - Unknown owner - C:\Programas\Google\Update\GoogleUpdate.exe" /svc (file missing)

O23 - Service: Google Software Updater (gusvc) - Google - C:\Programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Programas\Ficheiros comuns\BinarySense\hldasvc.exe

O23 - Service: Iconix Update Service (IconixService) - Unknown owner - C:\Programas\Ficheiros comuns\eMail ID\IconixService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Programas\Java\jre6\bin\jqs.exe" -service -config "C:\Programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programas\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programas\Ficheiros comuns\Logitech\SrvLnch\SrvLnch.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ReaConverter scheduler service (rcp_service) - ReaSoft - C:\Programas\ReaConverter 5.5 Pro\rcp_scheduler.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programas\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programas\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: wpa_supplicant service (wpasvc) - Unknown owner - C:\Programas\wpa_supplicant\wpasvc.exe (file missing)

 

 

Há algum problema??

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ele costuma consumir bastante memória...

 

*Feche o MSN através do í­cone ao lado do relógio

*Acesse a pasta C:\Arquivos de programas\Windows Live\Contacts e localize o arquivo wlcomm.exe

*Clique com o botão direito do mouse no arquivo e selecione "Propriedades"

*Clique na aba "Compatibilidade"

*Selecione as opções:

- "Executar este programa em modo de compatibilidade" embaixo "Windows 95"

- "Desativar temas visuais"

- "Desativar serviços de texto avançados para este programa"

*Clique em [Aplicar] > [OK]

 

wlcomm.jpg

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.