Ir ao conteúdo

Programa espião no meu pc


pollyematne

Posts recomendados

Postado

Estou desconfiada que há um programa espião no meu notebook. Já olhei o meu log mas não consigo identificá-lo. Também já executei o bankerfix e a mensagem foi de que não há problemas. Estou enviando o log do Hijackthis.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:04:20, on 07/11/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe

C:\Program Files (x86)\MagicDisc\MagicDisc.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\DAP10\DAP.EXE

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\User\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.oquefazernainternet.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oquefazernainternet.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oquefazernainternet.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oquefazernainternet.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oquefazernainternet.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.oquefazernainternet.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oquefazernainternet.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oquefazernainternet.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.oquefazernainternet.com/q/%s

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\User\AppData\Roaming\Complitly\Complitly.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll

O2 - BHO: LinkVerifierBHO - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - C:\Program Files (x86)\DAP10\LinkVerifier.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart

O4 - HKCU\..\Run: [Megacubo Update] "C:\Program Files (x86)\Megacubo\megacubo.exe" -load:update -type:startup

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe

O4 - Global Startup: Megacubo Update.lnk = C:\Program Files (x86)\Megacubo\megacubo.exe

O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP10\dapextie.htm

O8 - Extra context menu item: &Verify with DAP - C:\Program Files (x86)\DAP10\dapverify.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP10\dapextie2.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: imagem.caixa.gov.br

O15 - Trusted Zone: internetbanking.caixa.gov.br

O15 - Trusted Zone: www.caixa.gov.br

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll

O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 9432 bytes

programas instalados - lista do hijacthis

Adobe Flash Player 11 ActiveX

Adobe Reader 9.5.2 - Português

Adobe Shockwave Player 11.6

Advanced SystemCare 5

Arquivo do WinRAR

Asmedia ASM104x USB 3.0 Host Controller Driver

ASUS LifeFrame3

ATK Package

aTube Catcher

avast! Free Antivirus

Browser Manager

Complitly

D3DX10

DAP 10

Google Earth Plug-in

Google Update Helper

HPSSupply

Intel® Processor Graphics

Java 7 Update 7

Java 6 Update 31

K-Lite Mega Codec Pack 8.6.0

Macromedia Dreamweaver 8

Macromedia Extension Manager

MagicDisc 2.7.106

Megacubo 10

Microsoft Age of Empires II

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero 7 Essentials

neroxml

PdfMerge

Qualcomm Atheros WiFi Driver Installation

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Realtek USB 2.0 Reader Driver

RealUpgrade 1.1

Sonic Focus

swMSM

TelevisionFanatic Toolbar Chrome Extension

Windows Live Communications Platform

Windows Live Essentials

Windows Live Essentials

Windows Live Galeria de Fotos

Windows Live Installer

Windows Live Messenger

Windows Live Messenger

Windows Live Movie Maker

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Media Player Firefox Plugin

WM Recorder 11.3

Postado

Aqui não é feito análise de logs, o setor recomendado no seu caso seria o de Remoção de Malware, leia os tópicos principais desse setor para postar os logs das ferramentas que usam (o hjt não está incluso) e aguarde atendimento dos analistas treinados para isso.

att

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Ebook grátis: Aprenda a ler resistores e capacitores!

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!