Logo Hardware.com.br
Alexealine
Alexealine Membro Junior Registrado
186 Mensagens 0 Curtidas

http://www_getwindowinfo/

#1 Por Alexealine 09/02/2008 - 20:15
isso nao para de abri sei q e um virus fis um diagnostico HijackThis v2.0.2
ai esta :
oque eu faço agora?
para tira isso?
http://www_getwindowinfo/

Logfile of HijackThis v1.99.1
Scan saved at 20:08:00, on 9/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\system32\RunDll32.exe
C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe
C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe
C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\alg.exe
C:\Arquivos de programas\Download Manager\DLM.exe
C:\Arquivos de programas\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\ARQUIV~1\MICROS~3\MSSQL\binn\sqlservr.exe
C:\ARQUIV~1\MICROS~3\MSSQL\binn\sqlagent.exe
C:\AppServ\Apache\Apache.exe
C:\AppServ\Apache\Apache.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Windows\system.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Internet Explorer\IExplore.exe
C:\Documents and Settings\alex\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\system32\sistray.EXE
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Arquivos de programas\Corel\Corel Graphics 12\Languages\BR\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=022208 serial=dr12wex-1504397-kty lang=BP
O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [WindowsUpdate] C:\Arquivos de programas\WindowsUpdate.scr
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O23 - Service: Apache - Unknown owner - C:\AppServ\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe
O23 - Service: MySQL - Unknown owner - C:\AppServ\mysql\bin\mysqld-nt.exe
diagnostico abri virus fis http v202 hijackthis www trendsecure
Wings
Wings Cyber Highlander Registrado
20.3K Mensagens 1.2K Curtidas
#3 Por Wings
09/02/2008 - 21:15
Alexealine

É um caso simples de resolução com Bankerfix.

*Faça o download da ferramenta no link abaixo e salve-a no Desktop:
http://linhadefensiva.uol.com.br/dl/bankerfix
*Desative temporariamente seu antivírus e anti-spyware
*Duplo clique no arquivo bankerfix.exe.
*Clique OK > SIM (se pedir alguma atualização) > OK
*Tecle ENTER e aguarde.
*Ao encerrar leia a mensagem da tela e tecle ENTER
*Cole o resultado criado em C:\LinhaDefensiva\relatorio.txt
*Novo log do hijack
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal