Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
Lipepm

Paytime - SpySheriff

Recommended Posts

Gente.. minha irma estava no meu pc e começou... tenho o norton antivirus 2006.. ai ele fica td hora scanneando e-mail q estão sendo mandados... td vez q entro na internet o pc começa a mandar e-mails..

A tela inicial do IE estava em C:\Secure32.html .. mas já consegui parar isso.. apaguei o arquivo Paytime.exe no Windows\system32\ e o secure32.html e consegui mudar a pagina inicial.. mas queria remover de vez essse problema.. alguma dica?

Uso o Internet Security 2006, SpyBot (q achou o SpySheriff mas disse q resolveu e nd..) e instalei o Microsoft Anti_Spyware.... tentei o HijackThis também.. olha o log dele

Logfile of HijackThis v1.99.1

Scan saved at 06:02:04, on 4/1/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccProxy.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\cisvc.exe

C:\ARQUIV~1\Iomega\System32\AppServices.exe

C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\UAService7.exe

C:\Arquivos de programas\Iomega\AutoDisk\ADService.exe

C:\Program Files\ASUS\Probe\AsusProb.exe

C:\WINDOWS\Mixer.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe

C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe

C:\Arquivos de programas\Microsoft AntiSpyware\gcasDtServ.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Arquivos de programas\Norton Internet Security\ccEmFlSv.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\XoftSpy\XoftSpy.exe

C:\Documents and Settings\Felipe\Desktop\Nova pasta (2)\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=82.88.109.129:80

R3 - Default URLSearchHook is missing

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Arquivos de programas\DAP\DAPBHO.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\Spybot\SDHelper.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Arquivos de programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: &TeleListas.net - {255FCCC2-2A52-42DA-A4E0-6A0A9DD3751B} - C:\WINDOWS\DOWNLO~1\TELELI~1.DLL

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.4000.1001\pt-br\msntb.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [gcasServ] "C:\Arquivos de programas\Microsoft AntiSpyware\gcasServ.exe"

O4 - HKCU\..\RunOnce: [iCQ Lite] C:\Arquivos de programas\ICQLite\ICQLite.exe -trayboot

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: &Download with &DAP - C:\ARQUIV~1\DAP\dapextie.htm

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Download &all with DAP - C:\ARQUIV~1\DAP\dapextie2.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\ARQUIV~1\DAP\DAP.EXE

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Arquivos de programas\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Arquivos de programas\ICQLite\ICQLite.exe

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\ARQUIV~1\Yahoo!\MESSEN~1\YPager.exe

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\ARQUIV~1\Yahoo!\MESSEN~1\YPager.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {00021492-0000-0000-C000-000000000046} - http://www.telelistas.net/html/toolbar/telelistas.cab

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) - http://messenger.zone.msn.com/binary/Upwords.cab31267.cab

O16 - DPF: {1386F702-212F-11D6-A1BC-0050FC0B2A17} (VideoMail) - http://videomail-1.superig.com.br/videomai...n/videomail.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://zone.msn.com/bingame/trbo/default/ActiveLauncher.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/27e0ff59c6e209...RdxIE601_br.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1121130338410

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6BD64452-2FDD-400E-AB25-EEF93895A2A1} (Gazzag Chat) - http://www.gazzag.com/gim/gazzagchatctl.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotion...ctor/WebAAS.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.sonypictures.com/games/bejewele...aploader_v6.cab

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab

O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{39B90327-7DE9-4885-A241-36FD8A53EDCA}: NameServer = 192.168.0.1,192.168.0.2

O17 - HKLM\System\CCS\Services\Tcpip\..\{4A928262-FC24-4087-82BC-CE262009D95D}: NameServer = 200.149.55.142 200.165.132.155

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Norton Internet Security\ccPwdSvc.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Arquivos de programas\Norton Internet Security\comHost.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Iomega App Services - Iomega Corporation - C:\ARQUIV~1\Iomega\System32\AppServices.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Arquivos de programas\Iomega\AutoDisk\ADService.exe

O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Arquivos de programas\Iomega\AutoDisk\ADService.exe

tentem me ajudar.. do desesperado... :S

Compartilhar este post


Link para o post
Compartilhar em outros sites

Baixe o smitRem e salve o file em sua área de trabalho

Faça o download do ewido

http://www.ewido.net/en/download/

• Selecione "English" como idioma para a instalação

• Clique em Next, I Agree, Next. Next. Desmarque a caixa Install background guard e clique em Install e depois Finish.

• Na janela principal do ewido clique em Actualizar no menu esquerdo e então clique em Iniciar actualização.

• Quando a atualização terminar, você verá a mensagem Actualizado com sucesso no canto inferior esquerdo

• Saia do ewido e não rode um scan completo ainda

Reinicie em Modo Seguro (aperte a tecla F8 até aparecer uma tela DOS e escolha Modo de Segurança).

Abra o smitRem folder, dê um duplo click no RunThis.bat file para starter na ferramenta. Vai abrir o prompt, e você vai aguardar com paciência até que a ferramenta cumpra a limpeza e rastreamento no disco. Localize e post o smitfiles.txt que geralmente fica em -> C:/ ou partição de onde voce executou a ferramenta.

Execute o HijackThis, clique em Do a System Scan Only, marque

somente as entradas abaixo e dê Fix Checked.

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/27e0ff59c6e209...RdxIE601_br.cab

• Abra o ewido e clique em Verificar e então em Verificação Completa do Sistema

• O ewido detecta alguns programas legítimos. Portanto, não marque a caixa que diz Executar a acção em todas as infecções. Se o ewido encontrar um arquivo que você acredita ser legítimo, escolha a opção "Nenhuma" e clique em OK. Caso contrário, deixe em Remover e clique em OK.

Ao término da varredura, localize o screen com nome de -> Save report

• Quando o ewido terminar, feche-o.

• Reinicie o computador normalmente

Post os logs HJThis+Ewido+smitfiles

Compartilhar este post


Link para o post
Compartilhar em outros sites

Rodei tdos os programas... mas continua acontecendo q tda vez q entro na internet meu pc começa a mandar varios e-mails.. sem parar.. fica mandando e-mails.. isso é normal do Spy..? como eliminar?

olhe os logs

Hikackthis

Logfile of HijackThis v1.99.1

Scan saved at 05:20:56, on 5/1/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccProxy.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\cisvc.exe

C:\Arquivos de programas\ewido anti-malware\ewidoctrl.exe

C:\ARQUIV~1\Iomega\System32\AppServices.exe

C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Program Files\ASUS\Probe\AsusProb.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\Mixer.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\WINDOWS\system32\UAService7.exe

C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe

C:\Arquivos de programas\Iomega\AutoDisk\ADService.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security

Console\NSCSRVCE.EXE

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Norton Internet Security\ccEmFlSv.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Documents and Settings\Felipe\Desktop\Nova pasta (2)\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.uol.com.br/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.uol.com.br/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

Settings,ProxyServer = http=82.88.109.129:80

R3 - Default URLSearchHook is missing

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} -

C:\Arquivos de programas\DAP\DAPBHO.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -

C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -

C:\ARQUIV~1\Spybot\SDHelper.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Arquivos de

programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Norton Internet Security 2006 -

{9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Arquivos de programas\Arquivos

comuns\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Arquivos de

programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} -

C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: &TeleListas.net - {255FCCC2-2A52-42DA-A4E0-6A0A9DD3751B} -

C:\WINDOWS\DOWNLO~1\TELELI~1.DLL

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de

programas\MSN Apps\MSN Toolbar\01.02.4000.1001\pt-br\msntb.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos

de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Norton Internet Security 2006 -

{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Arquivos de programas\Arquivos

comuns\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} -

C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE

C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de

programas\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de

programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus!

3\MsgPlus.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos

comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec

Shared\ccApp.exe"

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos

comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft

Office\Office\OSA9.EXE

O8 - Extra context menu item: &Download with &DAP -

C:\ARQUIV~1\DAP\dapextie.htm

O8 - Extra context menu item: Convert link target to Adobe PDF -

res://C:\Arquivos de programas\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF -

res://C:\Arquivos de programas\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF -

res://C:\Arquivos de programas\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF -

res://C:\Arquivos de programas\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF -

res://C:\Arquivos de programas\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF -

res://C:\Arquivos de programas\Adobe\Acrobat

7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Arquivos de

programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Arquivos de

programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Download &all with DAP -

C:\ARQUIV~1\DAP\dapextie2.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console -

{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de

programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -

C:\Arquivos de programas\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9}

- C:\Arquivos de programas\ICQLite\ICQLite.exe

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} -

C:\ARQUIV~1\Yahoo!\MESSEN~1\YPager.exe

O9 - Extra 'Tools' menuitem: Yahoo! Messenger -

{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\ARQUIV~1\Yahoo!\MESSEN~1\YPager.exe

O14 - IERESET.INF:

SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {00021492-0000-0000-C000-000000000046} -

http://www.telelistas.net/html/toolbar/telelistas.cab

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -

http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) -

http://messenger.zone.msn.com/binary/Upwords.cab31267.cab

O16 - DPF: {1386F702-212F-11D6-A1BC-0050FC0B2A17} (VideoMail) -

http://videomail-1.superig.com.br/videomai...n/videomail.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class)

- http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage

Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -

http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -

http://www.cult3d.com/download/cult.cab

O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} -

http://zone.msn.com/bingame/trbo/default/ActiveLauncher.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) -

http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://update.microsoft.com/windowsupdate/...lient/wuweb_sit

e.cab?1121130338410

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility

Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6BD64452-2FDD-400E-AB25-EEF93895A2A1} (Gazzag Chat) -

http://www.gazzag.com/gim/gazzagchatctl.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class)

- http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware

Scanner) -

http://download.zonelabs.com/bin/promotion...ctor/WebAAS.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}

(MsnMessengerSetupDownloadControl Class) -

http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -

http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client

v.3.4) - http://ccon.futuremark.com/global/msc34.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -

http://www.sonypictures.com/games/bejewele...aploader_v6.cab

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -

http://messenger.zone.msn.com/binary/Chess.cab31267.cab

O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class)

- http://xtraz.icq.com/xtraz/activex/MISBH.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{39B90327-7DE9-4885-A241-36FD8A53EDCA}:

NameServer = 192.168.0.1,192.168.0.2

O17 - HKLM\System\CCS\Services\Tcpip\..\{4A928262-FC24-4087-82BC-CE262009D95D}:

NameServer = 200.149.55.142 200.165.132.155

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -

"C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de

programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: C-DillaCdaC11BA - Macrovision -

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) -

Symantec Corporation - C:\Arquivos de programas\Norton Internet

Security\ccPwdSvc.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Arquivos de

programas\Norton Internet Security\comHost.exe

O23 - Service: ewido security suite control - ewido networks - C:\Arquivos de

programas\ewido anti-malware\ewidoctrl.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation

- C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel

32\IDriverT.exe

O23 - Service: Iomega App Services - Iomega Corporation -

C:\ARQUIV~1\Iomega\System32\AppServices.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec

Corporation - C:\Arquivos de programas\Norton Internet Security\Norton

AntiVirus\navapsvc.exe

O23 - Service: Norton Protection Center Service (NSCService) - Symantec

Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security

Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -

C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Arquivos

de programas\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec

Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec

Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation -

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Arquivos de

programas\Arquivos comuns\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner -

C:\WINDOWS\system32\UAService7.exe

O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega

Corporation - C:\Arquivos de programas\Iomega\AutoDisk\ADService.exe

Smitfiles

smitRem © log file

version 2.8

by noahdfear

Microsoft Windows XP [versÆo 5.1.2600]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key

PSGuard.com key not present!

checking for WinHound.com key

WinHound.com key not present!

spyaxe uninstaller NOT present

Winhound uninstaller NOT present

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files

~~~ Program Files ~~~

~~~ Shortcuts ~~~

~~~ Favorites ~~~

~~~ system32 folder ~~~

logfiles

~~~ Icons in System32 ~~~

~~~ Windows directory ~~~

~~~ Drive root ~~~

~~~ Miscellaneous Files/folders ~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03

Copyright© 2002-2003 Craig.Peacock@beyondlogic.org

Killing PID 776 'explorer.exe'

Killing PID 776 'explorer.exe'

Starting registry repairs

Deleting files

Remaining Post-run Files

~~~ Program Files ~~~

~~~ Shortcuts ~~~

~~~ Favorites ~~~

~~~ system32 folder ~~~

~~~ Icons in System32 ~~~

~~~ Windows directory ~~~

~~~ Drive root ~~~

~~~ Miscellaneous Files/folders ~~~

~~~ Wininet.dll ~~~

CLEAN! :)

---------------------------------------------------------

ewido anti-malware - Relatório de verificação

---------------------------------------------------------

+ Criado em: 05:05:57, 5/1/2006

+ Relatório-Checksum: 213D0D8C

+ Resultado da verificação:

C:\Arquivos de programas\Discador UOL 10.0 Light\Discador Light.exe -> Heuristic.Win32.Dialer : Ignorado

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{669695BC-A811-4A9D-8CDF-BA8C795F261C} -> Spyware.PowerStrip : Limpo com backup

HKU\S-1-5-21-220523388-854245398-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C} -> Spyware.PowerStrip : Limpo com backup

C:\Arquivos de programas\Velox\Discador Velox\discador.exe -> Heuristic.Win32.Dialer : Limpo com backup

C:\Documents and Settings\Felipe\Cookies\felipe@2o7[1].txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.38:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Doubleclick : Limpo com backup

:mozilla.54:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Spylog : Limpo com backup

:mozilla.55:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Valueclick : Limpo com backup

:mozilla.56:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.57:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpo com backup

:mozilla.58:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.59:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.60:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.61:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.62:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpo com backup

:mozilla.63:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpo com backup

:mozilla.64:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpo com backup

:mozilla.65:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.66:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.67:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.68:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.70:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.71:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.72:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.73:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.74:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.75:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.76:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.77:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.78:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.79:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.80:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Paypopup : Limpo com backup

:mozilla.81:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Limpo com backup

:mozilla.87:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Hotlog : Limpo com backup

:mozilla.124:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Com : Limpo com backup

:mozilla.132:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Com : Limpo com backup

:mozilla.135:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Atdmt : Limpo com backup

:mozilla.159:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Overture : Limpo com backup

:mozilla.160:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Overture : Limpo com backup

:mozilla.193:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup

:mozilla.194:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup

:mozilla.195:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup

:mozilla.196:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup

:mozilla.197:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Weborama : Limpo com backup

:mozilla.202:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Mediaplex : Limpo com backup

:mozilla.205:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Revenue : Limpo com backup

:mozilla.210:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.211:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.212:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.213:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.214:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Overture : Limpo com backup

:mozilla.215:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup

:mozilla.216:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup

:mozilla.217:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup

:mozilla.218:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup

:mozilla.219:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup

:mozilla.242:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Estat : Limpo com backup

:mozilla.248:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.249:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Adserver : Limpo com backup

:mozilla.250:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Fastclick : Limpo com backup

:mozilla.251:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Adserver : Limpo com backup

:mozilla.252:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Adserver : Limpo com backup

:mozilla.271:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Doubleclick : Limpo com backup

:mozilla.272:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup

:mozilla.273:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup

:mozilla.274:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup

:mozilla.275:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup

:mozilla.276:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup

:mozilla.282:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Bfast : Limpo com backup

:mozilla.283:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Bfast : Limpo com backup

:mozilla.287:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Onestat : Limpo com backup

:mozilla.288:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Onestat : Limpo com backup

:mozilla.292:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup

:mozilla.293:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup

:mozilla.294:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup

:mozilla.295:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Falkag : Limpo com backup

:mozilla.306:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup

:mozilla.307:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup

:mozilla.331:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Adtech : Limpo com backup

:mozilla.332:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Adtech : Limpo com backup

:mozilla.366:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Limpo com backup

:mozilla.367:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpo com backup

:mozilla.368:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpo com backup

:mozilla.369:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpo com backup

:mozilla.370:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Pointroll : Limpo com backup

:mozilla.371:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Questionmarket : Limpo com backup

:mozilla.372:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Ru4 : Limpo com backup

:mozilla.373:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Ru4 : Limpo com backup

:mozilla.374:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Ru4 : Limpo com backup

:mozilla.375:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Ru4 : Limpo com backup

:mozilla.377:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup

:mozilla.409:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Statcounter : Limpo com backup

:mozilla.410:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Statcounter : Limpo com backup

:mozilla.421:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup

:mozilla.449:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Limpo com backup

:mozilla.450:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Adbrite : Limpo com backup

:mozilla.466:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Limpo com backup

:mozilla.496:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Adbrite : Limpo com backup

:mozilla.501:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Sexlist : Limpo com backup

:mozilla.527:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Casalemedia : Limpo com backup

:mozilla.539:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup

:mozilla.540:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup

:mozilla.541:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup

:mozilla.542:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup

:mozilla.543:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Hitbox : Limpo com backup

:mozilla.552:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Smartadserver : Limpo com backup

:mozilla.553:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Comclick : Limpo com backup

:mozilla.554:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Comclick : Limpo com backup

:mozilla.555:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Comclick : Limpo com backup

:mozilla.562:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Coremetrics : Limpo com backup

:mozilla.581:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Trafic : Limpo com backup

:mozilla.583:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Burstnet : Limpo com backup

:mozilla.584:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Firefox\Profiles\ogr341v4.default\cookies.txt -> Spyware.Cookie.Burstnet : Limpo com backup

:mozilla.6:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Profiles\default\4dh7jkts.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.7:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Profiles\default\4dh7jkts.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.8:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Profiles\default\4dh7jkts.slt\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.14:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Profiles\default\4dh7jkts.slt\cookies.txt -> Spyware.Cookie.Adtech : Limpo com backup

:mozilla.15:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Profiles\default\4dh7jkts.slt\cookies.txt -> Spyware.Cookie.Adtech : Limpo com backup

:mozilla.57:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Profiles\default\4dh7jkts.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup

:mozilla.58:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Profiles\default\4dh7jkts.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup

:mozilla.59:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Profiles\default\4dh7jkts.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup

:mozilla.60:C:\Documents and Settings\Felipe\Dados de aplicativos\Mozilla\Profiles\default\4dh7jkts.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Limpo com backup

C:\Documents and Settings\Juçara\Cookies\juçara@2o7[1].txt -> Spyware.Cookie.2o7 : Limpo com backup

C:\Documents and Settings\Juçara\Cookies\juçara@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Limpo com backup

C:\Documents and Settings\Juçara\Cookies\juçara@as-us.falkag[1].txt -> Spyware.Cookie.Falkag : Limpo com backup

C:\Documents and Settings\Juçara\Cookies\juçara@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Limpo com backup

C:\Documents and Settings\Juçara\Cookies\juçara@overture[1].txt -> Spyware.Cookie.Overture : Limpo com backup

C:\Documents and Settings\Juçara\Cookies\juçara@paypopup[1].txt -> Spyware.Cookie.Paypopup : Limpo com backup

C:\Documents and Settings\Juçara\Cookies\juçara@revenue[2].txt -> Spyware.Cookie.Revenue : Limpo com backup

C:\Documents and Settings\Juçara\Cookies\juçara@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Limpo com backup

C:\Documents and Settings\Juçara\Cookies\juçara@serving-sys[2].txt -> Spyware.Cookie.Serving-sys : Limpo com backup

:mozilla.8:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.Fastclick : Limpo com backup

:mozilla.9:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.Fastclick : Limpo com backup

:mozilla.10:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.Fastclick : Limpo com backup

:mozilla.11:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.13:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.2o7 : Limpo com backup

:mozilla.16:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.Overture : Limpo com backup

:mozilla.17:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup

:mozilla.18:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup

:mozilla.33:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.Statcounter : Limpo com backup

:mozilla.43:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.Doubleclick : Limpo com backup

:mozilla.48:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Limpo com backup

:mozilla.74:C:\Documents and Settings\Juçara\Dados de aplicativos\Mozilla\Firefox\Profiles\lntvxxk3.default\cookies.txt -> Spyware.Cookie.Atdmt : Limpo com backup

C:\Documents and Settings\Michelly\Configurações locais\Temporary Internet Files\Content.IE5\8V6VGBCR\get_57060_Roller.Rush.v1.7.ALL.ACCESS.CHEAT_crack[1].htm -> Downloader.IstBar.u : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@2o7[1].txt -> Spyware.Cookie.2o7 : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@adopt.euroclick[1].txt -> Spyware.Cookie.Euroclick : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@as-us.falkag[2].txt -> Spyware.Cookie.Falkag : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@atdmt[2].txt -> Spyware.Cookie.Atdmt : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@com[2].txt -> Spyware.Cookie.Com : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@ehg-legonewyorkinc.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@ehg-nokiafin.hitbox[2].txt -> Spyware.Cookie.Hitbox : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@fastclick[2].txt -> Spyware.Cookie.Fastclick : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@hitbox[1].txt -> Spyware.Cookie.Hitbox : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@hotlog[2].txt -> Spyware.Cookie.Hotlog : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@hypertracker[1].txt -> Spyware.Cookie.Hypertracker : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@paypopup[1].txt -> Spyware.Cookie.Paypopup : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@s.as-us.falkag[2].txt -> Spyware.Cookie.Falkag : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@spylog[2].txt -> Spyware.Cookie.Spylog : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@statcounter[2].txt -> Spyware.Cookie.Statcounter : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@valueclick[2].txt -> Spyware.Cookie.Valueclick : Limpo com backup

C:\Documents and Settings\Michelly\Cookies\michelly@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Limpo com backup

:mozilla.7:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Limpo com backup

:mozilla.8:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Limpo com backup

:mozilla.9:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Fastclick : Limpo com backup

:mozilla.10:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Casalemedia : Limpo com backup

:mozilla.11:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Casalemedia : Limpo com backup

:mozilla.12:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Valueclick : Limpo com backup

:mozilla.13:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Atdmt : Limpo com backup

:mozilla.14:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Doubleclick : Limpo com backup

:mozilla.32:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup

:mozilla.33:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup

:mozilla.34:C:\Documents and Settings\Michelly\Dados de aplicativos\Mozilla\Firefox\Profiles\te9lmv49.default\cookies.txt -> Spyware.Cookie.Advertising : Limpo com backup

C:\Felipe\Documentos meus\Brincadeiras\pacote de brin1.zip/viagra.exe -> Not-A-Virus.Joke.Viagra : Limpo com backup

C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.PornWare.PopCap.b : Limpo com backup

C:\WINDOWS\system32\cd_clint.dll_tobedeleted -> Spyware.Cydoor : Limpo com backup

C:\WINDOWS\system32\drivers\i386p.sys -> Not-A-Virus.SpamTool.Win32.Mailbot.b : Limpo com backup

C:\WINDOWS\winpos.exe -> Adware.Searcher : Limpo com backup

::Fim do Relatório

Eu preciso usar meu pc.. pra trabalho.. tem como resolver isso rápido? to com medo.. ele manda e-mail pela minha conta de e-mail? minhas senhas estão sendo mandadas? tem algum site com informações sobre isso?

Abração!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Problemas com SpySheriff aparentemente estão sanados visto pelo smitRem

C:\WINDOWS\winpos.exe -> Adware.Searcher : Limpo com backup

Talvez este arquivo seja alocado por algum provedor de acesso. O Ewido não sabe. Não sei a finalidade deste arquivo. Se tiver problemas de conexão, já sabe, volte o arquivo.

ele manda e-mail pela minha conta de e-mail?

Veja que o Ewido encontrou algum arquivo relacionado com Mail, e limpou

C:\WINDOWS\system32\drivers\i386p.sys -> Not-A-Virus.SpamTool.Win32.Mailbot.b : Limpo com backup

ele manda e-mail pela minha conta de e-mail?

sim, uma forma de propagação e disseminação para contaminar outrem. Usualmente usado pelos virus.

tem algum site com informações sobre isso?

clica aqui

Download e --> salve em seu desktop --> DelDomains.inf clica

Baixe o Killbox do Option^Explicit em:

http://www.bleepingcomputer.com/files/spyware/KillBox.zip

Unzip em seu desktop

Habilite o Windows para mostrar todos os arquivos (até ocultos). -> veja

Execute o KillBox:

1) Selecione Delete on reboot;

2) No box Full path of file to delete;

3) Coloque (fica azul):

C:\WINDOWS\system32\msctl32.dll

- Aperte X. Responda "yes" à primeira pergunta e "no" à segunda.

Reinicie em Modo Seguro (aperte a tecla F8 até aparecer uma tela DOS e escolha Modo de Segurança).

Execute o HijackThis, clique em Do a System Scan Only, marque

somente as entradas abaixo e dê Fix Checked.

O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll

Veja o Deldomains -> dar 02 cliques e instale.

Reinicie em modo normal.

Muda sua senha

Verifique se o problema foi resolvido e poste o novo log.

Um abraço.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Logfile of HijackThis v1.99.1

Scan saved at 13:58:54, on 5/1/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccProxy.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\WINDOWS\System32\cisvc.exe

C:\Arquivos de programas\ewido anti-malware\ewidoctrl.exe

C:\ARQUIV~1\Iomega\System32\AppServices.exe

C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\UAService7.exe

C:\Arquivos de programas\Iomega\AutoDisk\ADService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ASUS\Probe\AsusProb.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\Mixer.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\Documents and Settings\Felipe\Desktop\remoção virus\programas\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.uol.com.br/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=82.88.109.129:80

R3 - Default URLSearchHook is missing

O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Arquivos de programas\DAP\DAPBHO.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\ARQUIV~1\Spybot\SDHelper.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Arquivos de programas\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll

O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: &TeleListas.net - {255FCCC2-2A52-42DA-A4E0-6A0A9DD3751B} - C:\WINDOWS\DOWNLO~1\TELELI~1.DLL

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar\01.02.4000.1001\pt-br\msntb.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office\OSA9.EXE

O8 - Extra context menu item: &Download with &DAP - C:\ARQUIV~1\DAP\dapextie.htm

O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convert to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Download &all with DAP - C:\ARQUIV~1\DAP\dapextie2.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Arquivos de programas\ICQLite\ICQLite.exe

O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Arquivos de programas\ICQLite\ICQLite.exe

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\ARQUIV~1\Yahoo!\MESSEN~1\YPager.exe

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\ARQUIV~1\Yahoo!\MESSEN~1\YPager.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {00021492-0000-0000-C000-000000000046} - http://www.telelistas.net/html/toolbar/telelistas.cab

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {10093E98-C073-4C75-8D0E-FB5CD3A71D33} (ZoneUpwords Object) - http://messenger.zone.msn.com/binary/Upwords.cab31267.cab

O16 - DPF: {1386F702-212F-11D6-A1BC-0050FC0B2A17} (VideoMail) - http://videomail-1.superig.com.br/videomai...n/videomail.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://zone.msn.com/bingame/trbo/default/ActiveLauncher.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {53B8B406-42E4-4DD3-96E7-9DEC8CEB3DD8} (ICQVideoControl Class) - http://xtraz.icq.com/xtraz/activex/ICQVideoControl.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1121130338410

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6BD64452-2FDD-400E-AB25-EEF93895A2A1} (Gazzag Chat) - http://www.gazzag.com/gim/gazzagchatctl.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotion...ctor/WebAAS.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab

O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.sonypictures.com/games/bejewele...aploader_v6.cab

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab

O16 - DPF: {FB48C7B0-EB66-4BE6-A1C5-9DDF3C37249A} (MCSendMessageHandler Class) - http://xtraz.icq.com/xtraz/activex/MISBH.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{39B90327-7DE9-4885-A241-36FD8A53EDCA}: NameServer = 192.168.0.1,192.168.0.2

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Norton Internet Security\ccPwdSvc.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSetMgr.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Arquivos de programas\Norton Internet Security\comHost.exe

O23 - Service: ewido security suite control - ewido networks - C:\Arquivos de programas\ewido anti-malware\ewidoctrl.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Iomega App Services - Iomega Corporation - C:\ARQUIV~1\Iomega\System32\AppServices.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Arquivos de programas\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Arquivos de programas\Iomega\AutoDisk\ADService.exe

Agora não to recebendo mais as mensagens do norton antivirus falando q está mandando e-maill.. mas gostaria de ter certeza se tem algum virus.. spyware.. qualquer coisa do tipo.. q tipo de programa vocês recomendaam pra anti-virus, spyware e firewall? usava o norton internet security.. mas dps dessa :S

valeu pela ajuda.. mas to meio com medo ainda de usar a internet

Compartilhar este post


Link para o post
Compartilhar em outros sites
mas to meio com medo ainda de usar a Internet

Desabilite e reabilite a Restauração do Sistema:

http://linhadefensiva.uol.com.br/docs/rest...cao-do-sistema/

Agora não to recebendo mais as mensagens do norton antivirus falando q está mandando e-maill.. mas gostaria de ter certeza se tem algum virus.. spyware.. qualquer coisa do tipo.. q tipo de programa vocês recomendaam pra anti-virus,

log limpo / log bom .. ;)

Leia o artigo Proteja seu PC para evitar futuras infecções:

http://linhadefensiva.uol.com.br/artigos/proteja-seu-pc/

Compartilhar este post


Link para o post
Compartilhar em outros sites

CASO RESOLVIDO!

Caso o autor do tópico necessite, o mesmo será reaberto, para isso o mesmo deverá procurar um Moderador da área e solicitar o desbloqueio!

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×