Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

jeronymo

Search Web... como tirar isso?

3 posts neste tópico

Salve galera...

 

seguinte, eu já tentei usar tudo quanto é programa para acabar com uma porcaria duma barra que fica aparecendo e algumas pop ups que ficam aparecendo... passei Ad-aware, Spybot, fiz o Scan Online do Panda e nada resolveu... aí me recomendaram um tal da HijackThis... até aí tudo bem, eu baixei ele... mas não sei se algumas coisas podem ser apagadas...

 

então se alguém puder me ajudar, segue o log:

 

Logfile of HijackThis v1.99.1

Scan saved at 20:11:25, on 22/4/2005

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSsystem32spoolsv.exe

C:ARQUIV~1GrisoftAVGFRE~1avgamsvr.exe

C:ARQUIV~1GrisoftAVGFRE~1avgupsvc.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32regsvc.exe

C:WINDOWSsystem32MSTask.exe

C:WINDOWSSystem32tcpsvcs.exe

C:WINDOWSSystem32WBEMWinMgmt.exe

C:WINDOWSSystem32inetsrvinetinfo.exe

C:WINDOWSExplorer.EXE

C:Arquivos de programasJavaj2re1.4.2_03binjusched.exe

C:ARQUIV~1GrisoftAVGFRE~1avgcc.exe

C:ARQUIV~1GrisoftAVGFRE~1avgemc.exe

C:WINDOWSsystem32internat.exe

C:Documents and SettingsAll UsersDesktopDiegoGamesProgramasSpybot - Search & DestroyTeaTimer.exe

C:Arquivos de programasMSN Messengermsnmsgr.exe

C:Arquivos de programasMicrosoft OfficeOfficeOsa.exe

C:Documents and SettingsAll UsersDesktopDiegoGamesProgramasfirewallZoneAlarm 3.7.143ZoneAlarmzonealarm.exe

C:WINDOWSsystem32ZoneLabsvsmon.exe

c:arquiv~1intern~1iexplore.exe

C:Arquivos de programasInternet ExplorerIEXPLORE.EXE

C:hijackthisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.snsyzoimbtooqoqvdyxdgw.net/tJ9V...KOGN1n17SY.html

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.click21.com.br/

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = &http://home.Microsoft.com/intl/br/access/allinone.asp

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = about:blank

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =

O1 - Hosts: 217.116.231.7 aimtoday.aol.com

O1 - Hosts: 69.57.128.235 startpage #Welcome page

O1 - Hosts: 69.57.129.241 hotteens.com #Hottest Free Porn

O1 - Hosts: 69.57.129.242 onlinesex.com #Online Sex Portal

O1 - Hosts: 69.57.129.243 freegirls.com #Free Nude Girls

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:DOCUME~1ALLUSE~1DesktopDIEGOG~1PROGRA~1SPYBOT~1SDHelper.dll

O2 - BHO: (no name) - {60A42201-EB9A-D354-3D2D-79C6F7FD6297} - C:WINDOWSAPPLIC~1FIVEEA~1chin frag.exe

O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - (no file)

O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSsystem32msdxm.ocx

O4 - HKLM..Run: [LoadQM] loadqm.exe

O4 - HKLM..Run: [systemTray] SysTray.Exe

O4 - HKLM..Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM..Run: [sunJavaUpdateSched] C:Arquivos de programasJavaj2re1.4.2_03binjusched.exe

O4 - HKLM..Run: [AVG7_CC] C:ARQUIV~1GrisoftAVGFRE~1avgcc.exe /STARTUP

O4 - HKLM..Run: [AVG7_EMC] C:ARQUIV~1GrisoftAVGFRE~1avgemc.exe

O4 - HKCU..Run: [internat.exe] internat.exe

O4 - HKCU..Run: [spybotSD TeaTimer] C:Documents and SettingsAll UsersDesktopDiegoGamesProgramasSpybot - Search & DestroyTeaTimer.exe

O4 - HKCU..Run: [msnmsgr] "C:Arquivos de programasMSN Messengermsnmsgr.exe" /background

O4 - HKCU..Run: [send Enc] C:WINDOWSAPPLIC~1OKAYBL~1File Tray.exe

O4 - Startup: Inicialização do Office.lnk = C:Arquivos de programasMicrosoft OfficeOfficeOSA.EXE

O4 - User Startup: Inicialização do Office.lnk = C:Arquivos de programasMicrosoft OfficeOfficeOSA.EXE

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll

O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSsystem32msjava.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:WINDOWSsystem32SHDOCVW.DLL

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.Microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {2787712C-2CE4-4C02-9F09-C89F29E7C5CB} (xLauncherImpl Class) - http://www.x2web.com.br/component/x2client.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab

O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.Microsoft.com/oas/ActiveX/winrep.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0_03) -

O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -

O16 - DPF: {DCB16E44-D6DB-473E-A251-F6FBB381C1C3} (GINCHESS Class) - http://200.189.188.245/g_bin_eng/chess_2_0_0_8.cab

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab

O16 - DPF: {F1835D04-7CCF-489E-8184-C08A1F682169} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:ARQUIV~1GrisoftAVGFRE~1avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:ARQUIV~1GrisoftAVGFRE~1avgupsvc.exe

O23 - Service: Serviço administrativo do gerenciador de disco lógico (dmadmin) - VERITAS Software Corp. - C:WINDOWSSystem32dmadmin.exe

O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe (file missing)

O23 - Service: PHPGeekUtil - Unknown owner - c:apacheAPACHE.EXE" --ntservice (file missing)

 

obrigado pela atenção,

até mais! 

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boot em Modo de Segurança, refaça o scan com o Ad-Aware e o Spybot e use também este removedor especializado em Cool Web Search: CWShredder. 

 

 

0

Compartilhar este post


Link para o post
Compartilhar em outros sites

Além do prescrito pelo amigo United

 

Com a Restauração do Sistema desabilitada, reboot em Modo de Segorança

 

 

 

De um Fix em:

 

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.snsyzoimbtooqoqvdyxdgw.net/tJ9V...KOGN1n17SY.html

O1 - Hosts: 217.116.231.7 aimtoday.aol.com

O1 - Hosts: 69.57.128.235 startpage #Welcome page

O1 - Hosts: 69.57.129.241 hotteens.com #Hottest Free Porn

O1 - Hosts: 69.57.129.242 onlinesex.com #Online Sex Portal

O1 - Hosts: 69.57.129.243 freegirls.com #Free Nude Girls

O2 - BHO: (no name) - {60A42201-EB9A-D354-3D2D-79C6F7FD6297} - C:WINDOWSAPPLIC~1FIVEEA~1chin frag.exe

O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - (no file)

O16 - DPF: {DCB16E44-D6DB-473E-A251-F6FBB381C1C3} (GINCHESS Class) - http://200.189.188.245/g_bin_eng/chess_2_0_0_8.cab

O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe (file missing)

O23 - Service: PHPGeekUtil - Unknown owner - c:apacheAPACHE.EXE" --ntservice (file missing)

Ainda em Modo de Segurança faça um full Scan com este Programa:

Microsoft Windows AntiSpyware 1.0.509 Beta 1

Veja se resolveu e poste aqui um novo Log.

 



MVP Mr.Million

0

Compartilhar este post


Link para o post
Compartilhar em outros sites
    • 9 Mensagens
    • 1012 Visualizações
    • 11 Mensagens
    • 407 Visualizações
    • 5 Mensagens
    • 658 Visualizações
    • 3 Mensagens
    • 6028 Visualizações
    • 19 Mensagens
    • 2694 Visualizações