×
Ir ao conteúdo
  • Cadastre-se

Log HiJackThis, favor analizar


Dkzin

Posts recomendados

Segue em anexo meu log do HijackThis. Nao ah um erro especifico exceto em um dos meus jogos chamados Gunbound, mais n vem ao caso, só quero saber se meu log esta limpo ou nao.

Detalhe: Minha pasta do windows na aparece no diretorio mesmo mostrando arquivos ocultos, Desde ja obrigado

Logfile of HijackThis v1.99.1

Scan saved at 11:33:56, on 4/3/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\csrss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

D:\WINDOWS\System32\locator.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\System32\alg.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\System32\wbem\wmiprvse.exe

D:\WINDOWS\Explorer.EXE

D:\WINDOWS\system32\ctfmon.exe

D:\Arquivos de programas\Mozilla Firefox 3 Beta 3\firefox.exe

D:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Downloads\HijackThis.exe

D:\Arquivos de programas\MSN Messenger\usnsvc.exe

D:\WINDOWS\System32\wbem\wmiprvse.exe

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - D:\ARQUIV~1\GbPlugin\gbieh.dll

O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "D:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O17 - HKLM\System\CCS\Services\Tcpip\..\{26360AC4-F144-4AE7-BA75-8F5D5E4937CB}: NameServer = 200.149.55.142 200.165.132.154

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: GbPluginBb - D:\ARQUIV~1\GbPlugin\gbieh.dll

O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Gbp Service (GbpSv) - Unknown owner - D:\Arquivos de programas\GbPlugin\GbpSv.exe

O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

EDIT!:

Log do Activescan do Panda Anti-Virus incluido

Incident Status Location

Potentially unwanted tool:Application/Ardamax

Not disinfected

D:\WINDOWS\system32GPVM.exe

Potentially unwanted tool:Application/Ardamax

Not disinfected

D:\WINDOWS\system32GPVM.007

Potentially unwanted tool:Application/Ardamax

Not disinfected

D:\WINDOWS\system32GPVM.006

Potentially unwanted tool:application/perfectkeylog.a

Not disinfected

d:\arquivos de programas\BPK

Hacktool:HackTool/Hydra

Not disinfected

C:\Downloads\hydra-5.4-win.zip[hydra-5.4-win/hydra.exe]

Hacktool:HackTool/Hydra

Not disinfected

C:\Downloads\hydra-5.4-win.zip[hydra-5.4-win/pw-inspector.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\Downloads\i_bpk2007.exe

Virus:Generic Malware

Disinfected

C:\Downloads\RKL_Setup.exe

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.46 with KG.zip][epspk146.zip][pfctkeylogger146_setup.rar][i_bpk2003.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.46 with KG.zip][epspk146.zip][pfctkeylogger146_setup.rar][i_bpk2003.exe][bpk.exe]

Potentially unwanted tool:Application/PerfectKL.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.46 with KG.zip][epspk146.zip][pfctkeylogger146_setup.rar][i_bpk2003.exe][bpkr.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.46 with KG.zip][epspk146.zip][pfctkeylogger146_setup.rar][i_bpk2003.exe][bpkun.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.46 with KG.zip][epspk146.zip][pfctkeylogger146_setup.rar][i_bpk2003.exe][bpkvw.exe]

Potentially unwanted tool:Application/PerfectKeylog.D

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.46 with KG.zip][epspk146.zip][pfctkeylogger146_setup.rar][i_bpk2003.exe][setup.exe]

Potentially unwanted tool:Application/PerfectKL.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.46 with KG.zip][epspk146.zip][pfctkeylogger146_setup.rar][i_bpk2003.exe][bpkhk.dll]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.46 with KG.zip][epspk146.zip][pfctkeylogger146_setup.rar][i_bpk2003.exe][bpki.dll]

Potentially unwanted tool:Application/PerfectKL.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.46 with KG.zip][epspk146.zip][pfctkeylogger146_setup.rar][i_bpk2003.exe][bpkwb.dll]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpk.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpkr.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpkun.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpkvw.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][setup.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpkhk.dll]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpki.dll]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpkwb.dll]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47_Full.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47_Full.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpk.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47_Full.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpkr.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47_Full.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpkun.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47_Full.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpkvw.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47_Full.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][setup.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47_Full.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpkhk.dll]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47_Full.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpki.dll]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.47_Full.rar][Perfect_keylogger_v1.47-FuLL\i_bpk2003.exe][bpkwb.dll]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.3 with KG.zip][Perfect.Keylogger.2003.v1.3.Incl.Keymaker-ACME/ac-pkl13.zip][ac-pkl13.rar][i_bpk2003.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.3 with KG.zip][Perfect.Keylogger.2003.v1.3.Incl.Keymaker-ACME/ac-pkl13.zip][ac-pkl13.rar][i_bpk2003.exe][setup.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.3 with KG.zip][Perfect.Keylogger.2003.v1.3.Incl.Keymaker-ACME/ac-pkl13.zip][ac-pkl13.rar][i_bpk2003.exe][bpk.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.3 with KG.zip][Perfect.Keylogger.2003.v1.3.Incl.Keymaker-ACME/ac-pkl13.zip][ac-pkl13.rar][i_bpk2003.exe][lview.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.3 with KG.zip][Perfect.Keylogger.2003.v1.3.Incl.Keymaker-ACME/ac-pkl13.zip][ac-pkl13.rar][i_bpk2003.exe][uninstall.exe]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.3 with KG.zip][Perfect.Keylogger.2003.v1.3.Incl.Keymaker-ACME/ac-pkl13.zip][ac-pkl13.rar][i_bpk2003.exe][bsdhooks.dll]

Potentially unwanted tool:Application/PerfectKeyLog.A

Not disinfected

C:\eMule\Incoming\Perfect Keylogger Remote Install 2003 v1.0 To v1.47 & Kg.zip[Perfect Keylogger 2003 v1.3 with KG.zip][Perfect.Keylogger.2003.v1.3.Incl.Keymaker-ACME/ac-pkl13.zip][ac-pkl13.rar][i_bpk2003.exe][web.dll]

Virus:Trj/Agent.FHZ

Disinfected

C:\Meus Documentos\Azureus Downloads\Halo 2 vista XP patch.exe

Potentially unwanted tool:Application/Ardamax

Not disinfected

D:\!KillBox\WINDOWSIDAT.exe

Virus:Generic Malware

Disinfected

D:\Arquivos de programas\BPK\BPKWB.DLL.1

Possible Virus.

Not disinfected

D:\Arquivos de programas\Driver Cleaner PE\Automatic.exe

Possible Virus.

Not disinfected

D:\Arquivos de programas\Driver Cleaner PE\LiveUpdate.exe

Virus:Generic Malware

Disinfected

D:\Arquivos de programas\GameSpy Arcade\Services\_common\PortraitLoader.dll

Spyware:Cookie/Advertising

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@advertising[2].txt

Spyware:Cookie/Apmebf

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@apmebf[2].txt

Spyware:Cookie/Atlas DMT Not disinfected D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@atdmt[2].txt

Spyware:Cookie/Atwola

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@atwola[1].txt

Spyware:Cookie/Azjmp Not disinfected D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@azjmp[2].txt

Spyware:Cookie/Serving-sys

Not disinfected D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@bs.serving-sys[2].txt

Spyware:Cookie/Casalemedia

Not disinfected D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@casalemedia[1].txt

Spyware:Cookie/Doubleclick

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@doubleclick[1].txt

Spyware:Cookie/FastClick

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@fastclick[1].txt

Spyware:Cookie/Com.com

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@ig.com[2].txt

Spyware:Cookie/WUpd

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@revenue[2].txt

Spyware:Cookie/Searchportal

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@searchportal.information[2].txt

Spyware:Cookie/Server.iad.Liveperson

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@server.iad.liveperson[1].txt

Spyware:Cookie/Serving-sys

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@serving-sys[1].txt

Spyware:Cookie/onestat.com

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@stat.onestat[2].txt

Spyware:Cookie/Statcounter

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@statcounter[1].txt

Spyware:Cookie/Com.com

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@terra.com[1].txt

Spyware:Cookie/Com.com

Not disinfected

D:\Documents and Settings\Fátima M.A. de Brito\Cookies\fátima_m.a._de_brito@uol.com[2].txt

Spyware:Cookie/Atlas DMT Not disinfected D:\Documents and Settings\Leandro A. Silva\Cookies\leandro_a._silva@atdmt[2].txt

Spyware:Cookie/Doubleclick

Not disinfected

D:\Documents and Settings\Leandro A. Silva\Cookies\leandro_a._silva@doubleclick[1].txt

Potentially unwanted tool:Application/Ardamax

Not disinfected

D:\Documents and Settings\Leandro A. Silva\Desktop\GzNBot_2_1_.44_-_Cracked.zip[GzNBot 2[1].44 - Cracked.exe]

Virus:Trj/Downloader.MDW

Disinfected

D:\SUGAR.EXE

Dialer:Dialer.ABR

Not disinfected

D:\WINDOWS\Downloaded Program Files\startbf2.inf

Potentially unwanted tool:Application/NirCmd.A

Not disinfected

D:\WINDOWS\nircmd.exe

Link para o comentário
Compartilhar em outros sites

  • Membro VIP

- Faça o download do ComboFix

  • Desative, temporariamente, o antivírus;
  • Feche todas as janelas abertas;
  • Dê um duplo-clique no ComboFix.exe, clique em "Executar" e digite "1" + Enter para prosseguir o Fix. Pode demorar algum tempo.
  • O ComboFix poderá reiniciar o PC automaticamente para completar o processo de remoção.
  • Quando terminar, será gerado um log, que estará em C:\ComboFix.txt.
  • Não clique na Janela do ComboFix, nem o feche clicando no X, enquanto estiver rodando, não mova o mouse e não use o teclado, pois senão irá parar e seu desktop ficará em branco.
  • Para parar ou sair do ComboFix, tecle "N".
  • Cole o ComboFix.txt e um novo log do HijackThis na sua resposta.

Link para o comentário
Compartilhar em outros sites

ComboFix 08-03-05.1 - Leandro A. Silva 2008-03-05 18:02:01.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.882 [GMT -3:00]

Executando de: D:\Documents and Settings\Leandro A. Silva\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

D:\WINDOWS\ktd32.atm

.

((((((((((((((((((((((( Ficheiros criados de 2008-02-05 to 2008-03-05 ))))))))))))))))))))))))))))))))

.

2008-03-05 10:30 . 2008-03-05 10:30 <DIR> d-------- D:\WINDOWS\LastGood

2008-03-04 20:31 . 2008-03-04 20:31 22,328 --a------ D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\PnkBstrK.sys

2008-03-04 20:01 . 2008-03-05 10:20 <DIR> d-------- D:\Arquivos de programas\Yahoo!

2008-03-04 13:17 . 2007-06-05 10:56 44,928 --a------ D:\WINDOWS\system32\drivers\SDTHOOK.SYS

2008-03-04 10:58 . 2008-03-04 10:58 <DIR> dr------- D:\Documents and Settings\LocalService\Meus documentos

2008-03-04 10:58 . 2008-03-04 10:58 <DIR> dr------- D:\Documents and Settings\LocalService\Favoritos

2008-03-04 10:58 . 2004-08-04 04:45 221,184 --a------ D:\WINDOWS\system32\wmpns.dll

2008-03-04 10:11 . 2008-03-04 10:11 <DIR> d-------- D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Winamp

2008-03-04 10:11 . 2008-03-04 10:11 <DIR> d-------- D:\Arquivos de programas\Winamp

2008-03-04 09:55 . 2008-03-04 19:32 5,958,152 --a------ D:\WINDOWS\system32GPVM.009

2008-03-04 09:45 . 2008-03-04 19:36 998,146 --a------ D:\WINDOWS\system32GPVM.002

2008-03-04 09:45 . 2008-03-04 19:35 280,312 --a------ D:\WINDOWS\system32GPVM.005

2008-03-04 09:44 . 2008-03-04 09:44 402,944 --a------ D:\WINDOWS\system32AKV.exe

2008-03-04 09:44 . 2008-03-04 09:44 522 --a------ D:\WINDOWS\system32GPVM.001

2008-03-03 11:52 . 2008-03-03 11:52 <DIR> d-------- D:\Arquivos de programas\VISION-BOT 1.0 GBVISION.FORUMJ.NET

2008-03-03 10:54 . 2008-03-03 14:58 205,824 --a------ D:\GDI33.DLL

2008-03-02 12:53 . 2008-03-02 12:53 33,824 --a------ D:\WINDOWS\system32\drivers\oreans32.sys

2008-03-01 08:52 . 2008-03-01 08:52 <DIR> d-------- D:\Arquivos de programas\Microsoft Games

2008-02-25 16:59 . 1999-12-17 09:13 86,016 --a------ D:\WINDOWS\unvise32.exe

2008-02-23 10:45 . 2008-03-05 12:05 107,832 --a------ D:\WINDOWS\system32\PnkBstrB.exe

2008-02-23 10:45 . 2008-03-04 20:18 66,872 --a------ D:\WINDOWS\system32\PnkBstrA.exe

2008-02-23 10:45 . 2008-03-05 12:05 22,328 --a------ D:\WINDOWS\system32\drivers\PnkBstrK.sys

2008-02-23 09:33 . 2008-02-23 09:33 <DIR> d-------- D:\Documents and Settings\LocalService\Dados de aplicativos\Xfire

2008-02-23 05:07 . 2008-02-23 14:03 <DIR> d-------- D:\Program Files

2008-02-23 04:19 . 2007-04-21 13:15 4,489,216 --a------ D:\WINDOWS\system32\MyActiveXControl.ocx

2008-02-21 19:10 . 2008-02-21 19:10 262 --a------ D:\WINDOWS\game.ini

2008-02-21 19:02 . 2008-02-21 19:02 <DIR> d--hs---- D:\WINDOWS\ftpcache

2008-02-20 22:57 . 2008-02-20 22:57 54,608 --a------ D:\WINDOWS\system32\xfcodec.dll

2008-02-20 02:06 . 2008-02-20 02:06 115 --a------ D:\WINDOWS\AIMPR.INI

2008-02-20 02:05 . 2008-02-20 02:06 <DIR> d-------- D:\Arquivos de programas\ElcomSoft

2008-02-19 11:53 . 2008-02-19 11:53 <DIR> d-------- D:\Arquivos de programas\Microsoft Silverlight

2008-02-19 11:38 . 2008-02-19 11:38 <DIR> d-------- D:\WINDOWS\Performance

2008-02-19 11:38 . 2008-02-19 11:38 <DIR> d-------- D:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Corporation

2008-02-18 14:37 . 2008-02-18 14:37 <DIR> d-------- D:\Arquivos de programas\SystemRequirementsLab

2008-02-17 22:18 . 2008-02-17 22:19 <DIR> d-------- D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Globe7

2008-02-17 22:18 . 2008-02-17 22:18 <DIR> d-------- D:\Arquivos de programas\Globe7

2008-02-17 21:15 . 2008-02-17 21:15 <DIR> d-------- D:\Documents and Settings\All Users\Dados de aplicativos\IJJIGame

2008-02-17 20:53 . 2008-03-05 16:55 <DIR> d-------- D:\Arquivos de programas\Mozilla Firefox 3 Beta 3

2008-02-17 14:59 . 2008-02-17 14:59 <DIR> d-------- D:\Arquivos de programas\Flatout

2008-02-10 21:00 . 2005-08-02 18:08 81,920 --a------ D:\WINDOWS\system32\_packet.dlluninstall

2008-02-06 19:41 . 2008-02-06 19:41 <DIR> d-------- D:\Arquivos de programas\Asprate

2008-02-05 19:00 . 2008-02-05 19:00 <DIR> d-------- D:\Documents and Settings\Fátima M.A. de Brito\Dados de aplicativos\Winamp

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-03-05 21:01 --------- d-----w D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Azureus

2008-03-05 21:00 --------- d-----w D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Xfire

2008-03-05 13:23 --------- d--h--w D:\Arquivos de programas\InstallShield Installation Information

2008-03-04 22:52 --------- d-----w D:\Arquivos de programas\BPK

2008-03-04 17:34 --------- d-----w D:\Arquivos de programas\MSN Messenger

2008-03-04 17:24 --------- d-----w D:\Arquivos de programas\GbPlugin

2008-03-04 16:15 --------- d-----w D:\Arquivos de programas\Messenger Plus! Live

2008-03-04 13:57 --------- d-----w D:\Arquivos de programas\Winamp Toolbar

2008-03-03 21:18 --------- d-----w D:\Arquivos de programas\Microsoft ActiveSync

2008-03-03 21:16 --------- d-----w D:\Arquivos de programas\Microsoft LifeCam

2008-03-02 11:02 --------- d-----w D:\Arquivos de programas\Xfire

2008-03-01 06:02 --------- d---a-w D:\Documents and Settings\All Users\Dados de aplicativos\TEMP

2008-03-01 05:54 --------- d-----w D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Tibia

2008-02-29 12:29 --------- d-----w D:\Arquivos de programas\Gabest

2008-02-27 13:06 --------- d-----w D:\Arquivos de programas\ElfBot NG

2008-02-17 20:32 --------- d-----w D:\Documents and Settings\All Users\Dados de aplicativos\Microsoft Help

2008-02-17 17:58 --------- d-----w D:\Arquivos de programas\Kodak

2008-02-17 16:04 --------- d-----w D:\Arquivos de programas\Arquivos comuns\Adobe

2008-02-17 15:57 --------- d-----w D:\Arquivos de programas\eMule

2008-02-14 19:01 4,839,424 ----a-w D:\WINDOWS\system32\logonuiX.exe

2008-02-14 05:17 --------- d-----w D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Skype

2008-02-13 21:40 --------- d--h--w D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\ijjigame

2008-02-11 00:21 --------- d-----w D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Ventrilo

2008-02-04 16:01 163,644 -c--a-w D:\WINDOWS\system32\drivers\secdrv.sys

2008-02-02 15:41 --------- d-----w D:\Arquivos de programas\Palm

2008-01-31 13:27 --------- d-----w D:\Arquivos de programas\UltimateBet

2008-01-31 12:58 715,248 ----a-w D:\WINDOWS\system32\drivers\sptd.sys

2008-01-26 01:28 --------- d-----w D:\Arquivos de programas\VentSrv

2008-01-26 01:24 --------- d-----w D:\Arquivos de programas\Arquivos comuns\Wise Installation Wizard

2008-01-25 23:22 --------- d-----w D:\Arquivos de programas\Teamspeak2_RC2 Server

2008-01-25 19:04 --------- d-----w D:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin

2008-01-06 22:50 --------- d-----w D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\teamspeak2

2008-01-06 13:09 --------- d-----w D:\Documents and Settings\All Users\Dados de aplicativos\Winamp Toolbar

2007-12-30 00:36 4,232,771 ----a-w D:\WINDOWS\system32\kbdcache.dll

2007-11-02 20:34 5,689,941 ----a-w D:\Arquivos de programas\Blackd Tools.rar

1999-04-23 22:22 12 -csha-w D:\WINDOWS\system\WININETICMP32.drv

.

------- Sigcheck -------

b4e29943b4b04bd5e7381546848e6669 D:\WINDOWS\system32\drivers\tcpip.sys

-c--a-w 360,576 2006-04-20 12:18:35 D:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

-c--a-w 327,168 2001-10-28 18:07:30 D:\WINDOWS\$NtServicePackUninstall$\tcpip.sys

-c--a-w 359,040 2004-08-04 06:14:40 D:\WINDOWS\ServicePackFiles\i386\tcpip.sys

-c----w 359,808 2006-04-20 11:51:50 D:\WINDOWS\system32\dllcache\tcpip.sys

----a-w 359,808 2006-04-20 11:51:50 D:\WINDOWS\system32\drivers\tcpip.sys

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

REGEDIT4

*Nota* entradas vazias & legítimas por defeito não são mostradas.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:45 15360]

"msnmsgr"="D:\Arquivos de programas\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QuickTime Task"="D:\Arquivos de programas\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-04-27 09:41 282624]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{E37CB5F0-51F5-4395-A808-5FA49E399F83}"= D:\ARQUIV~1\GbPlugin\gbieh.dll [2007-12-03 16:30 347976]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"UIHost"="D:\\WINDOWS\\system32\\logonuiX.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

D:\ARQUIV~1\GbPlugin\gbieh.dll 2007-12-03 16:30 347976 D:\ARQUIV~1\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=wbsys.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"D:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"D:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"=

"D:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"D:\\Arquivos de programas\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=

"D:\\Arquivos de programas\\Microsoft LifeCam\\LifeExp.exe"=

"D:\Arquivos de programas\Microsoft ActiveSync\rapimgr.exe"= D:\Arquivos de programas\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"D:\Arquivos de programas\Microsoft ActiveSync\wcescomm.exe"= D:\Arquivos de programas\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"D:\Arquivos de programas\Microsoft ActiveSync\WCESMgr.exe"= D:\Arquivos de programas\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"D:\\Arquivos de programas\\Skype\\Phone\\Skype.exe"=

"D:\\Arquivos de programas\\Microsoft LifeCam\\LifeCam.exe"=

"D:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe"=

"C:\\Arquivos de programas\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R2 MSCamSvc;MSCamSvc;"D:\Arquivos de programas\Microsoft LifeCam\MSCamS32.exe" [2006-10-13 17:01]

R2 SVKP;SVKP;D:\WINDOWS\system32\SVKP.sys [2007-03-20 16:00]

R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);D:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYS [2002-06-09 23:09]

S3 gggen;Generic USB Flash Driver;D:\WINDOWS\system32\DRIVERS\gggen.sys [2006-09-28 09:10]

S3 slnt;RTL8139D PCI Fast Ethernet Adapter;D:\WINDOWS\system32\DRIVERS\slnt.sys [2005-07-10 22:31]

S3 SQLWriter;SQL Server VSS Writer;"D:\Arquivos de programas\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2005-10-14 03:53]

*Newly Created Service* - UDFS

.

Conteúdo da pasta 'Tarefas Agendadas'

"2007-07-07 21:09:00 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- D:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe

.

**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-03-05 18:04:13

Windows 5.1.2600 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros ocultos ...

Varredura completada com sucesso

Ficheiros ocultos: 0

**************************************************************************

.

Tempo para conclusão: 2008-03-05 18:05:44

ComboFix-quarantined-files.txt 2008-03-05 21:05:29

Logfile of HijackThis v1.99.1

Scan saved at 18:10:36, on 5/3/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\system32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\Arquivos de programas\GbPlugin\GbpSv.exe

D:\WINDOWS\system32\Ati2evxx.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\system32\ctfmon.exe

D:\Arquivos de programas\Microsoft LifeCam\MSCamS32.exe

D:\WINDOWS\system32\PnkBstrA.exe

D:\WINDOWS\System32\svchost.exe

D:\Arquivos de programas\MSN Messenger\usnsvc.exe

D:\WINDOWS\system32\notepad.exe

D:\WINDOWS\explorer.exe

D:\Arquivos de programas\Mozilla Firefox 3 Beta 3\firefox.exe

C:\Downloads\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - D:\ARQUIV~1\GbPlugin\gbieh.dll

O4 - HKLM\..\Run: [QuickTime Task] "D:\Arquivos de programas\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime

O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "D:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - D:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{26360AC4-F144-4AE7-BA75-8F5D5E4937CB}: NameServer = 200.149.55.142 200.165.132.154

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - D:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - Winlogon Notify: GbPluginBb - D:\ARQUIV~1\GbPlugin\gbieh.dll

O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Gbp Service (GbpSv) - Unknown owner - D:\Arquivos de programas\GbPlugin\GbpSv.exe

O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)

O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

Link para o comentário
Compartilhar em outros sites

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Friday, March 07, 2008 4:35:20 PM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 7/03/2008

Kaspersky Anti-Virus database records: 610241

-------------------------------------------------------------------------------

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

Scan Target - My Computer:

A:\

C:\

D:\

E:\

F:\

Scan Statistics:

Total number of scanned objects: 92502

Number of viruses found: 6

Number of infected objects: 11

Number of suspicious objects: 0

Duration of the scan process: 05:09:41

Infected Object Name / Virus Name / Last Action

C:\Downloads\udp.txt Infected: HackTool.Perl.BBSXP.b skipped

C:\eMule\Incoming\oRipa MSN Webcam Recorder 2.0.1 CRACK.zip/Path_r37.00.exe/stream/data0001 Infected: not-a-virus:RiskTool.Win32.FWDisabler.a skipped

C:\eMule\Incoming\oRipa MSN Webcam Recorder 2.0.1 CRACK.zip/Path_r37.00.exe/stream Infected: not-a-virus:RiskTool.Win32.FWDisabler.a skipped

C:\eMule\Incoming\oRipa MSN Webcam Recorder 2.0.1 CRACK.zip/Path_r37.00.exe Infected: not-a-virus:RiskTool.Win32.FWDisabler.a skipped

C:\eMule\Incoming\oRipa MSN Webcam Recorder 2.0.1 CRACK.zip ZIP: infected - 3 skipped

C:\eMule\Incoming\[PC GAME NO CD] Halo 2 crack.zip/install.exe/irsetup.dat Infected: P2P-Worm.Win32.P2PAdware.a skipped

C:\eMule\Incoming\[PC GAME NO CD] Halo 2 crack.zip/install.exe Infected: P2P-Worm.Win32.P2PAdware.a skipped

C:\eMule\Incoming\[PC GAME NO CD] Halo 2 crack.zip ZIP: infected - 2 skipped

C:\Meus Documentos\Os Meus Registos\março 2008\beeneybaby35@hotmail.com.html Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{955ABED5-792B-447F-8FF4-78C300576A59}\RP3\change.log Object is locked skipped

D:\Arquivos de programas\DAP\History\Fátima M.A. de Brito\_lasthist.dat Object is locked skipped

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Data\master.mdf Object is locked skipped

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Data\mastlog.ldf Object is locked skipped

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Data\model.mdf Object is locked skipped

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Data\modellog.ldf Object is locked skipped

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Data\msdbdata.mdf Object is locked skipped

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Data\msdblog.ldf Object is locked skipped

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Data\tempdb.mdf Object is locked skipped

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\Data\templog.ldf Object is locked skipped

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\ERRORLOG Object is locked skipped

D:\Arquivos de programas\Microsoft SQL Server\MSSQL.1\MSSQL\LOG\log_461.trc Object is locked skipped

D:\Arquivos de programas\VISION-BOT 1.0 GBVISION.FORUMJ.NET\VISION-BOT 1.0\BYPASSEGBVISION Infected: Backdoor.Win32.PcClient.agu skipped

D:\Arquivos de programas\VISION-BOT 1.0 GBVISION.FORUMJ.NET\VISION-BOT 1.0\VISION-BOT 1.0.exe Infected: Trojan-Dropper.Win32.Delf.aqp skipped

D:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin\Bb\gbieh2.gbl.127.upd.C9F202B5 Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\CardSpace\CardSpace.db Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\CardSpace\CardSpace.db.shadow Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\Messenger\dracosaint@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\Messenger\dracosaint@hotmail.com\SharingMetadata\pending.dat Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\Messenger\dracosaint@hotmail.com\SharingMetadata\Working\database_784C_33E8_4C33_9FB4\dfsr.db Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\Messenger\dracosaint@hotmail.com\SharingMetadata\Working\database_784C_33E8_4C33_9FB4\fsr.log Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\Messenger\dracosaint@hotmail.com\SharingMetadata\Working\database_784C_33E8_4C33_9FB4\fsrtmp.log Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\Messenger\dracosaint@hotmail.com\SharingMetadata\Working\database_784C_33E8_4C33_9FB4\tmp.edb Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Contacts\dracosaint@hotmail.com\real\members.stg Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Microsoft\Windows Live Contacts\dracosaint@hotmail.com\shadow\members.stg Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\Cache\_CACHE_001_ Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\Cache\_CACHE_002_ Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\Cache\_CACHE_003_ Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\Cache\_CACHE_MAP_ Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\urlclassifier3.sqlite Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Temp\~DFB623.tmp Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Temp\~DFB633.tmp Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Temp\~DFC396.tmp Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Temp\~DFC588.tmp Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Cookies\index.dat Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\cert8.db Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\content-prefs.sqlite Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\cookies.sqlite Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\downloads.sqlite Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\formhistory.sqlite Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\key3.db Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\parent.lock Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\permissions.sqlite Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\places.sqlite Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\places.sqlite-journal Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\places.sqlite-stmtjrnl Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Dados de aplicativos\Mozilla\Firefox\Profiles\ky9se8n2.default\search.sqlite Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\Desktop\tutor.html Infected: Exploit.JS.ADODB.Stream.e skipped

D:\Documents and Settings\Leandro A. Silva\NTUSER.DAT Object is locked skipped

D:\Documents and Settings\Leandro A. Silva\NTUSER.DAT.LOG Object is locked skipped

D:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

D:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

D:\Documents and Settings\LocalService\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

D:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

D:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

D:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

D:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

D:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

D:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

D:\Documents and Settings\NetworkService\Configurações locais\Temp\Perflib_Perfdata_64c.dat Object is locked skipped

D:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

D:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

D:\System Volume Information\_restore{955ABED5-792B-447F-8FF4-78C300576A59}\RP3\change.log Object is locked skipped

D:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

D:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

D:\WINDOWS\Sti_Trace.log Object is locked skipped

D:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped

D:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

D:\WINDOWS\system32\config\default Object is locked skipped

D:\WINDOWS\system32\config\default.LOG Object is locked skipped

D:\WINDOWS\system32\config\Internet.evt Object is locked skipped

D:\WINDOWS\system32\config\ODiag.evt Object is locked skipped

D:\WINDOWS\system32\config\OSession.evt Object is locked skipped

D:\WINDOWS\system32\config\SAM Object is locked skipped

D:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

D:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

D:\WINDOWS\system32\config\SECURITY Object is locked skipped

D:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

D:\WINDOWS\system32\config\software Object is locked skipped

D:\WINDOWS\system32\config\software.LOG Object is locked skipped

D:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

D:\WINDOWS\system32\config\system Object is locked skipped

D:\WINDOWS\system32\config\system.LOG Object is locked skipped

D:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

D:\WINDOWS\system32\h323log.txt Object is locked skipped

D:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped

D:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

D:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

D:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

D:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

D:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

D:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

D:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

D:\WINDOWS\wiadebug.log Object is locked skipped

D:\WINDOWS\wiaservc.log Object is locked skipped

D:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

Link para o comentário
Compartilhar em outros sites

  • Membro VIP

- Apague os arquivos em destaque:

C:\eMule\Incoming\[PC GAME NO CD] Halo 2 crack.zip

D:\Documents and Settings\Leandro A. Silva\Desktop\tutor.html

- No mais, o log está limpo :)

- Recomendo uma manutenção no computador para exclusão dos arquivos temporários, desnecessários e entradas inválidas no registro. Faça o download do CCleaner:

  • Abra o programa e clique em Executar Limpeza;
  • Após isto, clique em Registro > Procurar erros > Corrigir erros selecionados

- Desative e ative novamente a Restauração do Sistema

- Leia o artigo Proteja seu PC para mais informações sobre como evitar infecções.

Link para o comentário
Compartilhar em outros sites

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

minicurso-montagem-popup.jpg

MINICURSO GRÁTIS!

Como ganhar dinheiro montando computadores!

CLIQUE AQUI E INSCREVA-SE AGORA MESMO!