Ir ao conteúdo
  • Cadastre-se
Fudz

Queria ajuda.

Posts recomendados

Primeiramente, Obrigado desde agora.

Agora eu queria ajuda com alguns logs que eu tenho.

Este log é do panda:


Incidência Estado Localização
Virus:Generic Malware Desinfectado C:\WINDOWS\SYSTEM32\Sys32\SGJG.006
Virus:Generic Malware Desinfectado C:\WINDOWS\SYSTEM32\Sys32\SGJG.007
Virus:Generic Malware Desinfectado C:\WINDOWS\SYSTEM32\Sys32\SGJG.EXE
Virus:Generic Malware Desinfectado C:\WINDOWS\SYSTEM32\Sys32\AKV.EXE
Possível Vírus. Não desinfectado C:\Documents and Settings\All Users\Dados de aplicativos\Proxy Long Chin Ping\idle that.exe
Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@de.uol.com[1].txt
Spyware:Cookie/Server.iad.Liveperson Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@server.iad.liveperson[1].txt
Spyware:Cookie/Doubleclick Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@doubleclick[1].txt
Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@atdmt[2].txt
Spyware:Cookie/Mammamediasolutions Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@targetnet[2].txt
Spyware:Cookie/Belnk Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@dist.belnk[2].txt
Spyware:Cookie/Casalemedia Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@casalemedia[2].txt
Spyware:Cookie/Tribalfusion Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@tribalfusion[2].txt
Spyware:Cookie/Belnk Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@belnk[1].txt
Spyware:Cookie/FastClick Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@fastclick[2].txt
Spyware:Cookie/Falkag Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@as-us.falkag[2].txt
Spyware:Cookie/Overture Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@overture[1].txt
Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@ig.com[2].txt
Spyware:Cookie/YieldManager Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@ad.yieldmanager[2].txt
Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@uol.com[2].txt
Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@acesso.uol.com[1].txt
Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@de.uol.com[2].txt
Spyware:Cookie/adultfriendfinder Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@adultfriendfinder[1].txt
Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@uol.com[1].txt
Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@atdmt[3].txt
Spyware:Cookie/Searchportal Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@searchportal.information[1].txt
Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@terra.com[1].txt
Spyware:Cookie/WUpd Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@revenue[2].txt
Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@terra.com[2].txt
Spyware:Cookie/Doubleclick Não desinfectado C:\Documents and Settings\Allan\Cookies\allan@doubleclick[2].txt
Adware:Adware/Lop Não desinfectado C:\Documents and Settings\TEMP\Configurações locais\Temp\BIS222.EXE
Spyware:Cookie/888 Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@888[1].txt
Spyware:Cookie/888 Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@int.sitestat[1].txt
Spyware:Cookie/Cassava Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@int.sitestat[2].txt
Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@atdmt[2].txt
Spyware:Cookie/Apmebf Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@apmebf[2].txt
Spyware:Cookie/Doubleclick Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@doubleclick[1].txt
Spyware:Cookie/FastClick Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@fastclick[2].txt
Spyware:Cookie/Zedo Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@zedo[2].txt
Spyware:Cookie/Lop Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@www.lop[2].txt
Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@atdmt[3].txt
Spyware:Cookie/YieldManager Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@ad.yieldmanager[1].txt
Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\TEMP\Cookies\allan@uol.com[1].txt
Adware:Adware/Lop Não desinfectado C:\Documents and Settings\TEMP\Dados de aplicativos\internetdumb\DENT REAL.exe
Adware:Adware/Lop Não desinfectado C:\Documents and Settings\TEMP\Dados de aplicativos\internetdumb\ABFPATXE.EXE
Adware:Adware/Lop Não desinfectado C:\Documents and Settings\TEMP\Dados de aplicativos\internetdumb\Remote mpeg setup safe.exe
Adware:Adware/Lop Não desinfectado C:\Documents and Settings\TEMP\Dados de aplicativos\internetdumb\Multi grid ford.exe
Adware:Adware/SaveNow Não desinfectado C:\Arquivos de programas\DAEMON Tools\SetupDTSB.exe

Bom... eu queria saber se eu tenho algum malware.

Obrigado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Este é do hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 22:12:52, on 1/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Arquivos de programas\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\ARQUIV~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://www.uol.com.br/[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [URL]http://go.microsoft.com/fwlink/?LinkId=54896[/URL]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [URL]http://go.microsoft.com/fwlink/?LinkId=69157[/URL]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Arquivos de programas\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Arquivos de programas\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NAV Agent] C:\ARQUIV~1\NORTON~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\Arquivos comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CHIN PING PHONE PILE] C:\Documents and Settings\All Users\Dados de aplicativos\Proxy Long Chin Ping\idle that.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Arquivos de programas\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [64 FORK] C:\DOCUME~1\TEMP\DADOSD~1\INTERN~1\DENT REAL.exe
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Arquivos de programas\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=&[URL]http://home.microsoft.com/intl/br/access/allinone.asp[/URL]
O15 - Trusted Zone: [URL="http://*.halflifebrasil.com/"]http://*.halflifebrasil.com[/URL]
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - [URL]http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab[/URL]
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [URL]http://go.microsoft.com/fwlink/?linkid=39204[/URL]
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - [URL]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/URL]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [URL]http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab[/URL]
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - [URL]http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab[/URL]
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - [URL]http://download.divx.com/player/DivXBrowserPlugin.cab[/URL]
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - [URL]http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab[/URL]
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - [URL]http://acs.pandasoftware.com/activescan/as5free/asinst.cab[/URL]
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [URL]http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[/URL]
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - [URL]http://nprotect.roseonlinegame.com/nProtect/Netizen/KeyCrypt/npkcx.cab[/URL]
O16 - DPF: {D88C7675-7CEE-4C9A-BDD4-7A43EED7794D} - [URL]http://www.gamengame.com/KALogoutComponent.cab[/URL]
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Serviço de Proteção automática do Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Arquivos de programas\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\ARQUIV~1\ARQUIV~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\ARQUIV~1\NORTON~1\SPEEDD~1\nopdb.exe

Compartilhar este post


Link para o post
Compartilhar em outros sites

estou aguardando a resposta.

Compartilhar este post


Link para o post
Compartilhar em outros sites





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...