This topic is locked
sorry I think i've posted on the wrong place, and posting here now:
her is my hijackthis log, pls tell me what to remove to eliminate elitum bar.tks.
Logfile of HijackThis v1.99.1
Scan saved at 10:40:56, on 05/15/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\r_server.exe
C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programas\Analog Devices\SoundMAX\Smax4.exe
C:\Programas\Creative\Shared Files\CAMTRAY.EXE
C:\progra~1\sibs\mbnet\mbnet.exe
C:\Programas\BillP Studios\WinPatrol\winpatrol.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programas\NetLimiter\NetLimiter.exe
C:\Programas\Error Nuker\bin\ErrorNuker.exe
C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Woize\Woize.exe
D:\Programas\Skype\Phone\Skype.exe
C:\Programas\IP Phone Center\IPCenter.exe
C:\Programas\SAM\SAM.exe
C:\Programas\VoipBuster.com\VoipBuster\voipbuster.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Programas\IP Phone Center\pc2pccall.exe
C:\Programas\IP Phone Center\tjbuddy.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Hilario\Definições locais\Temp\Directório temporário 1 para hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://new-search.ne...?v=6&aff=962016
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {38D4D5D0-423E-4220-B6F9-30918C2AE4A4} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programas\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programas\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Microsoft WinUpdate] spoolsvs.exe
O4 - HKLM\..\Run: [Internet Content Publisher] icp.exe
O4 - HKLM\..\Run: [sbrkys] c:\windows\system32\sbrkys.exe
O4 - HKLM\..\Run: [SYSTRAY] C:\UNMT.EXE
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programas\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [vqd] C:\WINDOWS\vqd.exe
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\System32\gah95on6.exe
O4 - HKLM\..\Run: [abasa5jrp] C:\WINDOWS\System32\abasa5jrp.exe
O4 - HKLM\..\Run: [MBNet] c:\progra~1\sibs\mbnet\mbnet.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Programas\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [] C:\Documents and Settings\Hilario\Ambiente de trabalho\SAM.Setup.1.0.4.0.exe
O4 - HKLM\..\Run: [NetLimiter] C:\Programas\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [Error Nuker] C:\Programas\Error Nuker\bin\ErrorNuker.exe autostart
O4 - HKLM\..\RunServices: [Microsoft WinUpdate] spoolsvs.exe
O4 - HKLM\..\RunServices: [Internet Content Publisher] icp.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuampd.exe
O4 - HKCU\..\Run: [Microsoft WinUpdate] spoolsvs.exe
O4 - HKCU\..\Run: [Internet Content Publisher] icp.exe
O4 - HKCU\..\Run: [Microsoft Update] wuampd.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Programas\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [BIAUTOSTART] "C:\Programas\Woize\Woize.exe"
O4 - HKCU\..\Run: [Skype] "d:\Programas\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: SAM.lnk = C:\Programas\SAM\SAM.exe
O4 - Startup: VoipBuster.lnk = ?
O4 - Global Startup: IP Phone Center.lnk = C:\Programas\IP Phone Center\IPCenter.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Call IP Phone Center - C:\Programas\IP Phone Center\call.htm
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\wshbth.dll' missing
O12 - Plugin for .spop: C:\Programas\Internet Explorer\Plugins\NPDocBox.dll
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht!http://bin.wordsx.cc...m::/on-line.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...bridge-c283.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.s...sa/LSSupCtl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda..../pt/games10.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.s...sa/SymAData.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredim...er/imloader.cab
O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - http://download.spys...rCabInstall.cab
O18 - Filter: text/html - (no CLSID) - (no file)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\System32\r_server.exe" /service (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programas\Analog Devices\SoundMAX\SMAgent.exe
rgds.hilario.
Sign In
Create Account
