Ir ao conteúdo
  • Comunicados

    • diego_moicano

      Gostaria de se tornar um analista em Remoção de Malware?   07-12-2015

      Gostaria de se tornar um analista em Remoção de Malware? O Fórum Clube do Hardware deu início a um programa de treinamento em análises de log. Os interessados deverão enviar um email para aprendizes (arroba) clubedohardware (ponto) com (ponto) br respondendo as seguintes perguntas: Por que você gostaria de aprender a analisar logs? Possui tempo hábil para o treinamento? Tem conhecimentos em informática? Se sim descreva-os. Possui inglês para leitura? Qual seu objetivo após completar o treinamento?   Não se esqueça de incluir no e-mail o seu nome de usuário (fornecer o link também), idade e cidade onde vive. Adicione também qualquer experiência e/ou razão sobre o porquê você seria um bom Analista. É digno de nota que apenas os que forem selecionados receberão resposta por MP (Mensagem Pessoal), não existe um padrão na escolha dos futuros aprendizes, todos os e-mails serão lidos e serão analisados de forma imparcial, portanto não será permitido reclamações neste aspecto. O treinamento é dado no próprio fórum. Quando um aprendiz é selecionado ele é movido para um novo grupo, onde terá acesso a fóruns fechados para os demais usuários onde poderá dar inicio ao seu treinamento. Importante: A cada 30 dias os e-mails não selecionados serão apagados, portanto você pode enviar um novo e-mail após 1 mês, e-mails enviados antes serão desconsiderados.  
    • Gabriel Torres

      Seja um moderador do Clube do Hardware!   12-02-2016

      Prezados membros do Clube do Hardware, Está aberto o processo de seleção de novos moderadores para diversos setores ou áreas do Clube do Hardware. Os requisitos são:   Pelo menos 500 posts e um ano de cadastro; Boa frequência de participação; Ser respeitoso, cordial e educado com os demais membros; Ter bom nível de português; Ter razoável conhecimento da área em que pretende atuar; Saber trabalhar em equipe (com os moderadores, coordenadores e administradores).   Os interessados deverão enviar uma mensagem privada para o usuário @Equipe Clube do Hardware com o título "Candidato a moderador". A mensagem deverá conter respostas às perguntas abaixo:   Qual o seu nome completo? Qual sua data de nascimento? Qual sua formação/profissão? Já atuou como moderador em algo outro fórum, se sim, qual? De forma sucinta, explique o porquê de querer ser moderador do fórum e conte-nos um pouco sobre você.   OBS: Não se trata de função remunerada. Todos que fazem parte do staff são voluntários.
Entre para seguir isso  
lobomal

Emails

Recommended Posts

Estou começando aprender a analisar os Logs do HiJack ...

mas tenho um problema...fui pego antes de conseguir entender completamente !!!

Eu uso um servidor de SMTP aqui pra desenvolvimento e fui dar uma olhada nele , tem mais de 2000 e-mails

(claro que eu bloqueio) tentando ser enviado.

alguém pode me ajudar ...ou sabe como eu devo proceder pra acabar com isso ?

Não sei por quanto tempo meu servidor segura essas mensagens ..ai vai começar a virar festa de Spam....

vou postar meu log aqui !!!

se Alguém puder me ajudar fico muito grato !!!!

=====================================

Logfile of HijackThis v1.99.1

Scan saved at 20:56:03, on 29/5/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5335.0005)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\ARQUIV~1\Stardock\SDMCP.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Windows Defender\MSASCui.exe

C:\WINDOWS\system32\taskswitch.exe

C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

C:\Arquivos de programas\DAEMON Tools\daemon.exe

C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe

C:\Arquivos de programas\1st SMTP Server\SMTPServer.exe

C:\program files\Common Files\system\proxycfg.exe

C:\WINDOWS\wt\updater\wcmdmgr.exe

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\samurize\Client.exe

C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Firebird\Firebird_2_0\bin\fbguard.exe

C:\Arquivos de programas\Firebird\Firebird_2_0\bin\fbserver.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Azureus\Azureus.exe

C:\DOCUME~1\Daniel\CONFIG~1\Temp\0exmodul32.exe

C:\ARQUIV~1\MACROM~1\FLASH8~2\Flash.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\UltraEdit-32\uedit32.exe

E:\bagle\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=552...cid={SUB_CLCID}

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\WINDOWS\system32\scpsssh2.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\ARQUIV~1\FLASHGET\jccatch.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARQUIV~1\FLASHGET\fgiebar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Windows Defender] "C:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Arquivos de programas\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [smtpsrv] C:\Arquivos de programas\1st SMTP Server\SMTPServer.exe

O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

O4 - HKLM\..\Run: [Proxy Config Tool for Windows] C:\program files\Common Files\system\proxycfg.exe

O4 - HKLM\..\Run: [interfaz de usuario de inicio d sesión de Windows] C:\program files\Common Files\system\logonui.exe

O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w

O4 - Startup: Stardock ObjectDock.lnk = C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

O4 - Startup: Client Default.lnk = C:\Arquivos de programas\samurize\Client.exe

O8 - Extra context menu item: Download All by FlashGet - C:\ARQUIV~1\FLASHGET\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\ARQUIV~1\FLASHGET\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FLASHGET\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/...nSSWebAgent.CAB

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/downl...lscbase5059.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1148112429265

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - AppInit_DLLs: MsgPlusLoader.dll

O20 - Winlogon Notify: MCPClient - C:\ARQUIV~1\ARQUIV~1\Stardock\mcpstub.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Arquivos de programas\Firebird\Firebird_2_0\bin\fbguard.exe

O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Arquivos de programas\Firebird\Firebird_2_0\bin\fbserver.exe

O23 - Service: MySQL - Unknown owner - C:\Arquivos.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PostgreSQL Database Server 8.1 (pgsql-8.1) - PostgreSQL Global Development Group - E:\psql\bin\pg_ctl.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe (file missing)

Obrigado !!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

1.Cole o atalho Panda ActiveScan

em seu desktop.

2.Faça o download do ewido

http://www.ewido.net/en/download/

• Selecione "English" como idioma para a instalação

• Clique em Next, I Agree, Next. Next. Desmarque a caixa Install background guard e clique em Install e depois Finish.

• Na janela principal do ewido clique em Actualizar no menu esquerdo e então clique em Iniciar actualização.

• Quando a atualização terminar, você verá a mensagem Actualizado com sucesso no canto inferior esquerdo

• Saia do ewido e não rode um scan completo ainda

Reinicie em Modo Seguro

(aperte a tecla F8 até aparecer uma tela DOS e escolha Modo de Segurança).

• Abra o ewido e clique em Verificar e então em Verificação Completa do Sistema

• O ewido detecta alguns programas legítimos como discadores dial-up. Portanto, não marque a caixa que diz Executar a acção em todas as infecções. Se o ewido encontrar um arquivo que você acredita ser legítimo, escolha a opção "Nenhuma" e clique em OK. Caso contrário, deixe em Remover e clique em OK.

Ao término da varredura, localize o screen com nome de -> Save report

• Quando o ewido terminar, feche-o.

Reinicie em Modo Normal

Execute o scan Panda, ao final faça o log hijackthis e anexe o resultado Panda, inclusive o texto ewido.

E:\bagle\HijackThis.exe <- melhor mudar para alguma pasta na parte C:/

Compartilhar este post


Link para o post
Compartilhar em outros sites

Primeiro eu vou agradecer pela ajuda , Obrigado !!!

Cara eu fiz o que você disse e ...Nada ...tô enviando ainda mais de 6 mil e-mail ...

vou postar os Logs dos programas aqui pra darem uma olhada ...

Log do Hijack

============================

Logfile of HijackThis v1.99.1

Scan saved at 02:32:28, on 31/5/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5335.0005)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\ARQUIV~1\Stardock\SDMCP.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Windows Defender\MSASCui.exe

C:\WINDOWS\system32\taskswitch.exe

C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

C:\Arquivos de programas\DAEMON Tools\daemon.exe

C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe

C:\Arquivos de programas\1st SMTP Server\SMTPServer.exe

C:\WINDOWS\wt\updater\wcmdmgr.exe

C:\program files\Common Files\system\proxycfg.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

C:\Arquivos de programas\samurize\Client.exe

C:\Arquivos de programas\ewido anti-malware\ewidoctrl.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\DOCUME~1\Daniel\CONFIG~1\Temp\35exmodul32.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\hjt\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=552...cid={SUB_CLCID}

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\WINDOWS\system32\scpsssh2.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\ARQUIV~1\FLASHGET\jccatch.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARQUIV~1\FLASHGET\fgiebar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Windows Defender] "C:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Arquivos de programas\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [smtpsrv] C:\Arquivos de programas\1st SMTP Server\SMTPServer.exe

O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

O4 - HKLM\..\Run: [Proxy Config Tool for Windows] C:\program files\Common Files\system\proxycfg.exe

O4 - HKLM\..\Run: [interfaz de usuario de inicio d sesión de Windows] C:\program files\Common Files\system\logonui.exe

O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w

O8 - Extra context menu item: Download All by FlashGet - C:\ARQUIV~1\FLASHGET\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\ARQUIV~1\FLASHGET\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FLASHGET\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/...nSSWebAgent.CAB

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/downl...lscbase5059.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1148112429265

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - AppInit_DLLs: MsgPlusLoader.dll

O20 - Winlogon Notify: MCPClient - C:\ARQUIV~1\ARQUIV~1\Stardock\mcpstub.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

O23 - Service: ewido security suite control - ewido networks - C:\Arquivos de programas\ewido anti-malware\ewidoctrl.exe

O23 - Service: PostgreSQL Database Server 8.1 (pgsql-8.1) - PostgreSQL Global Development Group - E:\psql\bin\pg_ctl.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe (file missing)

==============================================

Log do Panda

Incident Status Location

Spyware:Cookie/Com.com Not disinfected C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log[.terra.com.br/]

Spyware:Cookie/Com.com Not disinfected C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log[.google.com.br/]

Virus:Trj/Rizalof.DA Disinfected C:\Documents and Settings\Daniel\Configurações locais\Temp\35exmodul32.exe

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Daniel\Cookies\daniel@google.com[1].txt

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Daniel\Cookies\daniel@de.uol.com[1].txt

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Daniel\Cookies\daniel@terra.com[1].txt

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Daniel\Cookies\daniel@ig.com[1].txt

Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Daniel\Cookies\daniel@atdmt[2].txt

Spyware:Cookie/Admotion Not disinfected C:\Documents and Settings\Daniel\Cookies\daniel@admotion.com[2].txt

Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Daniel\Cookies\daniel@atwola[1].txt

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Daniel\Cookies\daniel@uol.com[1].txt

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.uol.com.br/]

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.terra.com.br/]

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.google.com.br/]

Spyware:Cookie/Admotion Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[admotion.com.ar/]

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[de.uol.com.br/]

Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[fe.lea.lycos.es/]

Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.adultfriendfinder.com/]

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.ig.com.br/]

Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.rn11.com/]

Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.atwola.com/]

Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[landing.domainsponsor.com/]

Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.cdfreaks.com/]

Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.club.cdfreaks.com/]

Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.cdfreaks.com/]

Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.bravenet.com/]

Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[searchportal.information.com/]

Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.apmebf.com/]

Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.realmedia.com/]

Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.did-it.com/]

Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.errorsafe.com/]

Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt[.go.com/]

==================================

---------------------------------------------------------

ewido anti-malware - Relatório de verificação

---------------------------------------------------------

+ Criado em: 02:23:24, 31/5/2006

+ Relatório-Checksum: B6A9FF0D

+ Resultado da verificação:

E:\RockXP3.exe/xpkey.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignorado

E:\RockXP3.exe/keyms.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignorado

E:\RockXP3.exe/RAS.exe -> Not-A-Virus.PSWTool.Win32.RAS.a : Ignorado

:mozilla.8:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Doubleclick : Limpo com backup

:mozilla.28:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Valueclick : Limpo com backup

:mozilla.29:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.30:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.31:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.32:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.33:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.42:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.43:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Tribalfusion : Limpo com backup

:mozilla.45:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.46:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.58:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Spinbox : Limpo com backup

:mozilla.59:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Adtech : Limpo com backup

:mozilla.60:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Adtech : Limpo com backup

:mozilla.69:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Casalemedia : Limpo com backup

:mozilla.81:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Atdmt : Limpo com backup

:mozilla.94:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.2o7 : Limpo com backup

:mozilla.95:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.2o7 : Limpo com backup

:mozilla.96:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.2o7 : Limpo com backup

:mozilla.145:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.146:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.148:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.162:C:\WINDOWS\system32\Logfiles\W3SVC1\ex060517.log -> TrackingCookie.Tribalfusion : Limpo com backup

C:\Documents and Settings\Daniel\Meus documentos\Celular\celulares\GeradorVivoprepago.zip/Gerador Vivo pre pago celular.exe -> Trojan.KillFiles.488 : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@atdmt[2].txt -> TrackingCookie.Atdmt : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@tacoda[2].txt -> TrackingCookie.Tacoda : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@com[1].txt -> TrackingCookie.Com : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@2o7[1].txt -> TrackingCookie.2o7 : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@112.2o7[2].txt -> TrackingCookie.2o7 : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@msnservices.112.2o7[1].txt -> TrackingCookie.2o7 : Limpo com backup

C:\Documents and Settings\Daniel\Cookies\daniel@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.17:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Tribalfusion : Limpo com backup

:mozilla.18:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Tribalfusion : Limpo com backup

:mozilla.20:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hitbox : Limpo com backup

:mozilla.21:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hitbox : Limpo com backup

:mozilla.22:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hitbox : Limpo com backup

:mozilla.23:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Burstnet : Limpo com backup

:mozilla.24:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Burstnet : Limpo com backup

:mozilla.25:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Tacoda : Limpo com backup

:mozilla.26:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Tacoda : Limpo com backup

:mozilla.27:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Tacoda : Limpo com backup

:mozilla.28:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Euroclick : Limpo com backup

:mozilla.29:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Euroclick : Limpo com backup

:mozilla.30:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adbrite : Limpo com backup

:mozilla.31:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adbrite : Limpo com backup

:mozilla.32:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Casalemedia : Limpo com backup

:mozilla.33:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Casalemedia : Limpo com backup

:mozilla.34:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Casalemedia : Limpo com backup

:mozilla.35:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Casalemedia : Limpo com backup

:mozilla.36:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Casalemedia : Limpo com backup

:mozilla.37:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Casalemedia : Limpo com backup

:mozilla.38:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Casalemedia : Limpo com backup

:mozilla.47:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Doubleclick : Limpo com backup

:mozilla.59:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Overture : Limpo com backup

:mozilla.60:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Overture : Limpo com backup

:mozilla.67:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.68:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.69:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.70:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.71:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.72:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.73:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.74:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.75:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.76:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.77:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.80:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.81:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.82:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.83:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.84:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Yieldmanager : Limpo com backup

:mozilla.85:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Zedo : Limpo com backup

:mozilla.86:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.87:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.88:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.89:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.90:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.91:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.92:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.93:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Fastclick : Limpo com backup

:mozilla.94:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Zedo : Limpo com backup

:mozilla.95:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Zedo : Limpo com backup

:mozilla.96:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Zedo : Limpo com backup

:mozilla.97:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Zedo : Limpo com backup

:mozilla.140:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Tradedoubler : Limpo com backup

:mozilla.142:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Tradedoubler : Limpo com backup

:mozilla.143:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Weborama : Limpo com backup

:mozilla.152:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Onestat : Limpo com backup

:mozilla.153:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Onestat : Limpo com backup

:mozilla.154:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Onestat : Limpo com backup

:mozilla.155:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Onestat : Limpo com backup

:mozilla.156:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Onestat : Limpo com backup

:mozilla.166:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hotlog : Limpo com backup

:mozilla.175:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Clickhype : Limpo com backup

:mozilla.179:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.180:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.181:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.182:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.183:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.184:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.185:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.186:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.187:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Statcounter : Limpo com backup

:mozilla.219:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Webtrendslive : Limpo com backup

:mozilla.253:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Atdmt : Limpo com backup

:mozilla.263:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adbrite : Limpo com backup

:mozilla.346:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adjuggler : Limpo com backup

:mozilla.347:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adjuggler : Limpo com backup

:mozilla.348:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adjuggler : Limpo com backup

:mozilla.349:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adjuggler : Limpo com backup

:mozilla.350:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adjuggler : Limpo com backup

:mozilla.360:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Serving-sys : Limpo com backup

:mozilla.361:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Serving-sys : Limpo com backup

:mozilla.362:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Serving-sys : Limpo com backup

:mozilla.363:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Serving-sys : Limpo com backup

:mozilla.364:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Serving-sys : Limpo com backup

:mozilla.390:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Mediaplex : Limpo com backup

:mozilla.392:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Bfast : Limpo com backup

:mozilla.397:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Webtrendslive : Limpo com backup

:mozilla.402:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hitbox : Limpo com backup

:mozilla.403:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hitbox : Limpo com backup

:mozilla.410:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Coremetrics : Limpo com backup

:mozilla.413:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Revenue : Limpo com backup

:mozilla.414:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Revenue : Limpo com backup

:mozilla.415:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Revenue : Limpo com backup

:mozilla.416:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hitbox : Limpo com backup

:mozilla.417:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Bluestreak : Limpo com backup

:mozilla.418:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Trafficmp : Limpo com backup

:mozilla.419:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Trafficmp : Limpo com backup

:mozilla.420:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Trafficmp : Limpo com backup

:mozilla.421:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Trafficmp : Limpo com backup

:mozilla.422:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Trafficmp : Limpo com backup

:mozilla.423:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Trafficmp : Limpo com backup

:mozilla.427:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Pro-market : Limpo com backup

:mozilla.428:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Pro-market : Limpo com backup

:mozilla.463:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Sexcounter : Limpo com backup

:mozilla.464:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Sexcounter : Limpo com backup

:mozilla.465:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Sexcounter : Limpo com backup

:mozilla.466:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Sexcounter : Limpo com backup

:mozilla.473:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Tribalfusion : Limpo com backup

:mozilla.489:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Questionmarket : Limpo com backup

:mozilla.490:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Questionmarket : Limpo com backup

:mozilla.515:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hitbox : Limpo com backup

:mozilla.520:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Qksrv : Limpo com backup

:mozilla.521:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Qksrv : Limpo com backup

:mozilla.537:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Enhance : Limpo com backup

:mozilla.545:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Liveperson : Limpo com backup

:mozilla.546:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Liveperson : Limpo com backup

:mozilla.557:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Advertising : Limpo com backup

:mozilla.561:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adbrite : Limpo com backup

:mozilla.572:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Googleadservices : Limpo com backup

:mozilla.586:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Sexlist : Limpo com backup

:mozilla.597:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Valueclick : Limpo com backup

:mozilla.614:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Spinbox : Limpo com backup

:mozilla.615:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adtech : Limpo com backup

:mozilla.616:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Adtech : Limpo com backup

:mozilla.625:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.673:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Reliablestats : Limpo com backup

:mozilla.674:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Reliablestats : Limpo com backup

:mozilla.675:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Reliablestats : Limpo com backup

:mozilla.676:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Reliablestats : Limpo com backup

:mozilla.677:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Reliablestats : Limpo com backup

:mozilla.709:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.2o7 : Limpo com backup

:mozilla.722:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hitbox : Limpo com backup

:mozilla.723:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hitbox : Limpo com backup

:mozilla.728:C:\Documents and Settings\Daniel\Dados de aplicativos\Mozilla\Firefox\Profiles\pt1whdpj.default\cookies.txt -> TrackingCookie.Hitbox : Limpo com backup

C:\System Volume Information\_restore{7863EF12-E5D1-4FD8-8338-CE7F0A4D9BFE}\RP135\A0044186.exe -> Downloader.Small.cwc : Limpo com backup

::Fim do Relatório

então ...tô na Roça né !?

Caramba ...ainda tá ferrado aqui !!!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Faça o download do ATF Cleaner by Atribune

http://www.atribune.org/ccount/click.php?id=1

-> em seu desktop

Reinicie em Modo Seguro

(aperte a tecla F8 até aparecer uma tela DOS e escolha Modo de Segurança).

Iniciar -> Executar. Digite services.msc e clique em OK. Procure o service cavalo de tróia Windows Log. Dê um clique direito nele e clique em Propriedades. Clique em Parar e troque o Tipo de Inicialização para Desativado.

Execute o HijackThis, clique em Open the misc Tools section -> Delete an NT Service

Na caixa coloque Windows Log, clique em "OK" e confirme.

Execute o HijackThis, clique em Do a System Scan Only, marque somente as entradas abaixo e dê Fix Checked.

O4 - HKLM\..\Run: [.nvsvc] C:\WINDOWS\system\smss.exe /w

Habilite o Windows para mostrar todos os arquivos (até ocultos). -> veja

Via Windows Explorer apague arquivos

C:\WINDOWS\system\smss.exe

C:\DOCUME~1\Daniel\CONFIG~1\Temp\35exmodul32.exe

C:\WINDOWS\system32\nvsvcd.exe

Dois cliques no ATF-Cleaner.exe para rodar a ferramenta.

Check (assinale) os seguintes boxes:

Windows Temp

Current User Temp

All Users Temp

Temporary Internet Files

Prefetch

Java Cache

clica Empty Selected. Aparece uma janela "Done Cleaning" clique OK e exit.

NOTA: Firefox browser/Opera browser -> Se você gostar de manter suas senhas conservadas, clique No -> prompt.

Reinicie e cole novamente o log hijackthis

Compartilhar este post


Link para o post
Compartilhar em outros sites

olha o ultimo log que eu fiz ....

acho que ainda tá com alguma coisa ....mas não tá enviando os e-mail ...

muito obrigado cara !!!

===========================================

Logfile of HijackThis v1.99.1

Scan saved at 20:05:43, on 31/5/2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5335.0005)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\ARQUIV~1\ARQUIV~1\Stardock\SDMCP.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Windows Defender\MSASCui.exe

C:\WINDOWS\system32\taskswitch.exe

C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe

C:\Arquivos de programas\DAEMON Tools\daemon.exe

C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe

C:\Arquivos de programas\1st SMTP Server\SMTPServer.exe

C:\program files\Common Files\system\proxycfg.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\WINDOWS\wt\updater\wcmdmgr.exe

C:\Arquivos de programas\Stardock\ObjectDock\ObjectDock.exe

C:\Arquivos de programas\samurize\Client.exe

C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

C:\Arquivos de programas\ewido anti-malware\ewidoctrl.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Messenger\msmsgs.exe

C:\Arquivos de programas\Azureus\Azureus.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\eMule\emule.exe

C:\Arquivos de programas\Winamp\winamp.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\hjt\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=552...cid={SUB_CLCID}

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\WINDOWS\system32\scpsssh2.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\ARQUIV~1\FLASHGET\jccatch.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARQUIV~1\FLASHGET\fgiebar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [Windows Defender] "C:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe

O4 - HKLM\..\Run: [AVG7_CC] C:\ARQUIV~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [DAEMON Tools] "C:\Arquivos de programas\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Arquivos de programas\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [smtpsrv] C:\Arquivos de programas\1st SMTP Server\SMTPServer.exe

O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

O4 - HKLM\..\Run: [Proxy Config Tool for Windows] C:\program files\Common Files\system\proxycfg.exe

O4 - HKLM\..\Run: [interfaz de usuario de inicio d sesión de Windows] C:\program files\Common Files\system\logonui.exe

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O8 - Extra context menu item: Download All by FlashGet - C:\ARQUIV~1\FLASHGET\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\ARQUIV~1\FLASHGET\jc_link.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FLASHGET\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\ARQUIV~1\FLASHGET\flashget.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} (Controller Class) - https://www.windowsonecare.com/install/cli/...nSSWebAgent.CAB

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/downl...lscbase5059.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1148112429265

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\ARQUIV~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - AppInit_DLLs: MsgPlusLoader.dll

O20 - Winlogon Notify: MCPClient - C:\ARQUIV~1\ARQUIV~1\Stardock\mcpstub.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\ARQUIV~1\Grisoft\AVG7\avgemc.exe

O23 - Service: ewido security suite control - ewido networks - C:\Arquivos de programas\ewido anti-malware\ewidoctrl.exe

O23 - Service: PostgreSQL Database Server 8.1 (pgsql-8.1) - PostgreSQL Global Development Group - E:\psql\bin\pg_ctl.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe (file missing)

Compartilhar este post


Link para o post
Compartilhar em outros sites
acho que ainda tá com alguma coisa ....

:D

Tá certo... vamos ver + 1

Execute scan on line

clica

cola o resultado

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×