[Arquivado] Intenso Acesso ao Disco Rígido

[Eduardo Moreira dos Santos 0]

Prezados colaboradores deste FORUM, quero parabenizá-los pelo trabalho voluntário e acima de tudo muito eficiente. Quero agradecer em especial ao JGarcia, que sempre me atendeu de uma forma muito profissional, ficando apenas com o meu agradecimento como retorno.

 

Recorro, mais uma vez, a vocês pois me parece que o Isass.exe está executando muitas Leituras e Gravações de E/S, que agora neste instante está em torno de uns 300.000 para cada um dos contadores. Envio abaixo o LOG do HijackThis:

 

Logfile of HijackThis v1.99.1

Scan saved at 22:10:04, on 22/10/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Arquivos de programas\FolderSize\FolderSizeSvc.exe

C:\ARQUIV~1\Symantec\NORTON~1\GHOSTS~2.EXE

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Arquivos comuns\McAfee\HackerWatch\HWAPI.exe

C:\ARQUIV~1\McAfee\MSC\mcmscsvc.exe

c:\ARQUIV~1\ARQUIV~1\mcafee\mna\mcnasvc.exe

C:\ARQUIV~1\McAfee\VIRUSS~1\mcods.exe

C:\ARQUIV~1\McAfee\MSC\mcpromgr.exe

c:\ARQUIV~1\ARQUIV~1\mcafee\redirsvc\redirsvc.exe

C:\ARQUIV~1\McAfee\VIRUSS~1\mcshield.exe

C:\ARQUIV~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\Arquivos de programas\McAfee\MPF\MPFSrv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

c:\ARQUIV~1\mcafee.com\agent\mcagent.exe

C:\Arquivos de programas\Lexmark 3100 Series\lxbrbmgr.exe

C:\ARQUIV~1\LEXMAR~1\LXBRKsk.exe

C:\WINDOWS\vsnpstd.exe

C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Arquivos de programas\Babylon\Babylon-Pro\Babylon.exe

C:\Arquivos de programas\Lexmark 3100 Series\lxbrbmon.exe

C:\Arquivos de programas\Google\Google Talk\googletalk.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\Lexmark 3100 Series\lxbrcmon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\eMule\emule.exe

C:\WINDOWS\system32\rundll32.exe

C:\Arquivos de programas\Google\Google Updater\GoogleUpdater.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\HijackThis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Arquivos de programas\AOL Security Toolbar\tbu5\AOL_security_toolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\ARQUIV~1\mcafee\VIRUSS~1\scriptcl.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar3.dll

O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Arquivos de programas\AOL Security Toolbar\tbu5\AOL_security_toolbar.dll

O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\ARQUIV~1\TEXTAL~1\TAForIE.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Arquivos de programas\Lexmark 3100 Series\lxbrbmgr.exe"

O4 - HKLM\..\Run: [LXBRKsk] C:\ARQUIV~1\LEXMAR~1\LXBRKsk.exe

O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [babylon Client] C:\Arquivos de programas\Babylon\Babylon-Pro\Babylon.exe -AutoStart

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [eMuleAutoStart] C:\Arquivos de programas\eMule\emule.exe -AutoStart

O4 - Global Startup: Google Updater.lnk = C:\Arquivos de programas\Google\Google Updater\GoogleUpdater.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Translate with &Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1161552440890

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = fap-sede.com.br,bndes.net

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = fap-sede.com.br,bndes.net

O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = fap-sede.com.br,bndes.net

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = fap-sede.com.br,bndes.net

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\ARQUIV~1\Google\GOOGLE~3\GOEC62~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\ARQUIV~1\ARQUIV~1\McAfee\EmProxy\emproxy.exe

O23 - Service: Folder Size (FolderSize) - Brio - C:\Arquivos de programas\FolderSize\FolderSizeSvc.exe

O23 - Service: GhostStartService - Symantec Corporation - C:\ARQUIV~1\Symantec\NORTON~1\GHOSTS~2.EXE

O23 - Service: GoogleDesktopManager - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\HackerWatch\HWAPI.exe

O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\ARQUIV~1\McAfee\MSC\mcupdmgr.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\ARQUIV~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\ARQUIV~1\ARQUIV~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\ARQUIV~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\ARQUIV~1\McAfee\MSC\mcpromgr.exe

O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\ARQUIV~1\ARQUIV~1\mcafee\redirsvc\redirsvc.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\ARQUIV~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\ARQUIV~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Arquivos de programas\McAfee\MPF\MPFSrv.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

 

Muito obrigado,

Eduardo Moreira dos Santos

[Eduardo Moreira dos Santos 0]

Pessoal,

 

Alguém pode me ajudar? Help me!

[jgarcia 1]

Opa Eduardo Moreira dos Santos,

 

Baixe o ComboFix em:

ComboFix

 

1) Dê um duplo-clique no combofix.exe e tecle "1" para prosseguir. O processo vai durar, em média, 10 minutos;

2) O ComboFix reiniciará o PC automaticamente, a fim de que o processo de remoção seja finalizado (somente se houver infecção);

3) Quando a varredura acabar, será gerado um log, que estará em C:\ComboFix.txt;

4) Não clique na janela do ComboFix, nem feche clicando no X, enquanto a ferramenta estiver sendo executada, pois isto implicará na desconfiguração de seu desktop (ele ficará todo branco);

5) Para parar ou sair do ComboFix, tecle "N";

6) Preciso que você cole o conteúdo do ComboFix.txt em sua próxima resposta, juntamente com um novo log do HijackThis.

 

Abraços.

[Eduardo Moreira dos Santos 0]

Olá JGarcia,

 

Aí vai o Log do COMBOFIX:

 

ComboFix 07-11-01.1** - Eduardo 2007-11-02 14:56:04.4 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.160 [GMT -3:00]

Executando de: D:\@Download\ComboFix.exe

* Criado um novo ponto de restauro

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

C:\Documents and Settings\Eduardo\Dados de aplicativos\inst.exe

 

.

((((((((((((((((((((((( Ficheiros criados de 2007-10-02 to 2007-11-02 ))))))))))))))))))))))))))))))))

.

 

2007-11-02 11:15 <DIR> d-------- C:\Documents and Settings\Vitor\Dados de aplicativos\Skype

2007-10-30 08:46 <DIR> d-------- C:\Documents and Settings\Arthur\Dados de aplicativos\Media Player Classic

2007-10-27 00:55 <DIR> d-------- C:\Arquivos de programas\Aulete digital

2007-10-27 00:55 <DIR> d-------- C:\Arquivos de programas\Arquivos comuns\MGB

2007-10-10 07:17 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll

2007-10-08 23:16 <DIR> d-------- C:\Documents and Settings\Eduardo\Dados de aplicativos\Azureus

2007-10-08 23:16 <DIR> d-------- C:\Documents and Settings\All Users\Dados de aplicativos\Azureus

2007-10-08 23:15 <DIR> d-------- C:\Arquivos de programas\Azureus

2007-10-07 14:07 <DIR> d-------- C:\Documents and Settings\Jorge\Dados de aplicativos\Skype

2007-10-04 07:44 <DIR> d-------- C:\Arquivos de programas\FolderSize

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2007-11-02 17:58 18,628,640 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat

2007-11-02 17:58 1,926,688 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat

2007-11-02 17:46 --------- d-----w C:\Arquivos de programas\TextAloud

2007-11-02 17:41 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Babylon

2007-11-02 17:10 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Google Updater

2007-11-02 16:38 224,540 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx

2007-11-02 16:38 188,672 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx

2007-11-02 16:27 --------- d-----w C:\Arquivos de programas\ViaVoice TTS

2007-11-02 15:06 --------- d-----w C:\Documents and Settings\Vitor\Dados de aplicativos\StarOffice8

2007-11-01 16:10 --------- d-----w C:\Arquivos de programas\Picasa2

2007-10-30 22:54 --------- d-----w C:\Arquivos de programas\eMule

2007-10-30 02:09 --------- d-----w C:\Documents and Settings\Eduardo\Dados de aplicativos\Babylon

2007-10-27 15:30 --------- d-----w C:\Documents and Settings\Vitor\Dados de aplicativos\Babylon

2007-10-24 23:41 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\DVD Shrink

2007-10-09 22:57 --------- d-----w C:\Arquivos de programas\McAfee

2007-10-08 10:31 --------- d-----w C:\Arquivos de programas\Crazy Browser

2007-10-05 02:08 --------- d-----w C:\Arquivos de programas\Java

2007-10-02 17:32 --------- d-----w C:\Arquivos de programas\Lexmark 3100 Series

2007-09-30 16:36 --------- d-----w C:\Documents and Settings\Eduardo\Dados de aplicativos\Skype

2007-09-29 23:56 --------- d-----w C:\Documents and Settings\Vitor\Dados de aplicativos\Media Player Classic

2007-09-29 18:17 --------- d-----w C:\Documents and Settings\Jorge\Dados de aplicativos\Media Player Classic

2007-09-29 16:54 --------- d-----w C:\Documents and Settings\Jorge\Dados de aplicativos\Babylon

2007-09-28 20:35 --------- d-----w C:\Documents and Settings\Eduardo\Dados de aplicativos\Vso

2007-09-28 19:47 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\vsosdk

2007-09-28 13:39 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys

2007-09-28 13:39 47,360 ----a-w C:\Documents and Settings\Eduardo\Dados de aplicativos\pcouffin.sys

2007-09-28 13:39 --------- d-----w C:\Arquivos de programas\VSO

2007-09-28 11:57 --------- d-----w C:\Arquivos de programas\Cia. do Software

2007-09-26 23:48 --------- d-----w C:\Arquivos de programas\DVD Shrink

2007-09-25 17:25 --------- d-----w C:\Arquivos de programas\MegaJogos

2007-09-20 21:49 --------- d-----w C:\Arquivos de programas\iTunes

2007-09-20 21:48 --------- d-----w C:\Arquivos de programas\iPod

2007-09-20 21:47 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Apple

2007-09-20 21:42 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Apple

2007-09-20 21:42 --------- d-----w C:\Arquivos de programas\Apple Software Update

2007-09-20 12:14 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Skype

2007-09-20 12:14 --------- d-----w C:\Arquivos de programas\Skype

2007-09-20 12:14 --------- d-----w C:\Arquivos de programas\Arquivos comuns\Skype

2007-09-20 02:59 --------- d-----w C:\Documents and Settings\Eduardo\Dados de aplicativos\StarOffice8

2007-09-19 11:49 --------- d-----w C:\Arquivos de programas\Google

2007-09-18 21:01 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\Apple Computer

2007-09-18 20:53 --------- d-----w C:\Arquivos de programas\QuickTime

2007-09-18 13:29 --------- d-----w C:\Arquivos de programas\NextUp-ScanSoft

2007-09-16 15:07 --------- d-----w C:\Arquivos de programas\Loquendo

2007-09-11 00:06 --------- d-----w C:\Arquivos de programas\MSN Messenger

2007-09-10 23:25 --------- d-----w C:\Documents and Settings\Eduardo\Dados de aplicativos\MSN6

2007-09-09 00:04 --------- d-----w C:\Arquivos de programas\AVI MPEG RM WMV Joiner

2007-09-08 23:50 --------- d-----w C:\Arquivos de programas\BitComet FLV Converter

2007-09-08 20:06 --------- d-----w C:\Arquivos de programas\Winamp

2007-09-02 13:26 --------- d-----w C:\Documents and Settings\All Users\Dados de aplicativos\McAfee

2007-09-02 13:24 --------- d-----w C:\Arquivos de programas\Arquivos comuns\McAfee

2007-09-02 13:23 --------- d-----w C:\Arquivos de programas\McAfee.com

2007-08-26 18:54 54,192 ----a-w C:\Documents and Settings\Vitor\Dados de aplicativos\GDIPFONTCACHEV1.DAT

2007-08-26 16:14 54,192 ----a-w C:\Documents and Settings\Eduardo\Dados de aplicativos\GDIPFONTCACHEV1.DAT

2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll

2004-05-15 22:56 1,279 ----a-w C:\Arquivos de programas\INSTALL.LOG

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias & legítimas por defeito não são mostradas.

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2001-10-16 08:02]

"nwiz"="nwiz.exe" [2001-10-16 08:03 C:\WINDOWS\system32\nwiz.exe]

"Lexmark 3100 Series"="C:\Arquivos de programas\Lexmark 3100 Series\lxbrbmgr.exe" [2003-09-04 00:10]

"LXBRKsk"="C:\ARQUIV~1\LEXMAR~1\LXBRKsk.exe" [2003-06-13 11:58]

"snpstd"="C:\WINDOWS\vsnpstd.exe" [2004-06-10 12:48]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]

"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]

"Google Desktop Search"="C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-16 22:59]

"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 C:\WINDOWS\AGRSMMSG.exe]

"Babylon Client"="C:\Arquivos de programas\Babylon\Babylon-Pro\Babylon.exe" [2006-12-13 16:15]

"Adobe Reader Speed Launcher"="C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]

"QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2007-06-29 06:24]

"googletalk"="C:\Arquivos de programas\Google\Google Talk\googletalk.exe" [2007-01-01 19:54]

"iTunesHelper"="C:\Arquivos de programas\iTunes\iTunesHelper.exe" [2007-09-14 10:00]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NVIEW"="nview.dll" [2001-10-16 08:03 C:\WINDOWS\system32\nview.dll]

"swg"="C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-16 22:55]

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:45]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

 

C:\Documents and Settings\Vitor\Menu Iniciar\Programas\Inicializar\

StarOffice 8.lnk - C:\Arquivos de programas\Sun\StarOffice 8\program\quickstart.exe [2007-02-02 17:55:10]

 

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\

Google Updater.lnk - C:\Arquivos de programas\Google\Google Updater\GoogleUpdater.exe [2006-10-21 19:32:27]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=C:\ARQUIV~1\Google\GOOGLE~3\GOEC62~1.DLL

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Acrobat Assistant.lnk]

backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Microsoft Office.lnk]

backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Iniciar^Programas^Inicializar^Verificador de Calendário Ulead Photo Express.lnk]

backup=C:\WINDOWS\pss\Verificador de Calendário Ulead Photo Express.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DU Meter]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp]

C:\Arquivos de programas\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMONTRAY]

C:\Program Files\Intel\Intel® Active Monitor\imontray.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mirabilis ICQ]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

"C:\Arquivos de programas\Messenger\msmsgs.exe" /background

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicFocus]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]

"C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

C:\Arquivos de programas\Analog Devices\SoundMAX\SMax4PNP.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

C:\Arquivos de programas\Winamp\winampa.exe

 

R1 GhPciScan;GhostPciScanner;\??\C:\Arquivos de programas\Symantec\Norton Ghost 2003\ghpciscan.sys

R2 iSMBIOS;iSMBIOS;\??\C:\WINDOWS\System32\drivers\iSMBIOS.SYS

R2 SIODRV;SIODRV;\??\C:\WINDOWS\System32\drivers\SIODRV.SYS

S3 smbusp;Intel® SMBus 2.0 Driver;C:\WINDOWS\system32\DRIVERS\smb.sys

S4 xmasscsi;xmasscsi;C:\WINDOWS\system32\Drivers\xmasscsi.sys

 

.

Conteúdo da pasta 'Tarefas Agendadas'

"2007-10-27 01:46:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"

- C:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe

"2007-09-02 13:23:56 C:\WINDOWS\Tasks\McDefragTask.job"

- c:\ARQUIV~1\mcafee\mqc\QcConsol.exe

"2007-10-01 04:00:14 C:\WINDOWS\Tasks\McQcTask.job"

.

**************************************************************************

 

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-11-02 14:58:45

Windows 5.1.2600 Service Pack 2 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros ocultos ...

 

Varredura completada com sucesso

Ficheiros ocultos: 0

 

**************************************************************************

.

Tempo para conclusão: 2007-11-02 14:59:42

C:\ComboFix-quarantined-files.txt ... 2007-09-02 15:29

C:\ComboFix2.txt ... 2007-09-02 15:29

C:\ComboFix3.txt ... 2007-08-31 19:17

.

--- E O F ---

E agora o Log do HijackThis:

 

Logfile of HijackThis v1.99.1

Scan saved at 15:02:26, on 2/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Arquivos de programas\FolderSize\FolderSizeSvc.exe

C:\ARQUIV~1\Symantec\NORTON~1\GHOSTS~2.EXE

C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Arquivos de programas\Arquivos comuns\McAfee\HackerWatch\HWAPI.exe

C:\ARQUIV~1\McAfee\MSC\mcmscsvc.exe

c:\ARQUIV~1\ARQUIV~1\mcafee\mna\mcnasvc.exe

C:\ARQUIV~1\McAfee\VIRUSS~1\mcods.exe

C:\ARQUIV~1\McAfee\MSC\mcpromgr.exe

c:\ARQUIV~1\ARQUIV~1\mcafee\redirsvc\redirsvc.exe

C:\ARQUIV~1\McAfee\VIRUSS~1\mcshield.exe

C:\ARQUIV~1\McAfee\VIRUSS~1\mcsysmon.exe

C:\Arquivos de programas\McAfee\MPF\MPFSrv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

c:\ARQUIV~1\mcafee.com\agent\mcagent.exe

C:\Arquivos de programas\Lexmark 3100 Series\lxbrbmgr.exe

C:\ARQUIV~1\LEXMAR~1\LXBRKsk.exe

C:\WINDOWS\vsnpstd.exe

C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Arquivos de programas\Babylon\Babylon-Pro\Babylon.exe

C:\Arquivos de programas\Google\Google Talk\googletalk.exe

C:\Arquivos de programas\iTunes\iTunesHelper.exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Lexmark 3100 Series\lxbrbmon.exe

C:\Arquivos de programas\Lexmark 3100 Series\lxbrcmon.exe

C:\Arquivos de programas\Google\Google Updater\GoogleUpdater.exe

C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

C:\Arquivos de programas\iPod\bin\iPodService.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\explorer.exe

C:\HijackThis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Arquivos de programas\AOL Security Toolbar\tbu5\AOL_security_toolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\ARQUIV~1\mcafee\VIRUSS~1\scriptcl.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar3.dll

O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Arquivos de programas\AOL Security Toolbar\tbu5\AOL_security_toolbar.dll

O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\ARQUIV~1\TEXTAL~1\TAForIE.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Arquivos de programas\Lexmark 3100 Series\lxbrbmgr.exe"

O4 - HKLM\..\Run: [LXBRKsk] C:\ARQUIV~1\LEXMAR~1\LXBRKsk.exe

O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [babylon Client] C:\Arquivos de programas\Babylon\Babylon-Pro\Babylon.exe -AutoStart

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [googletalk] C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostart

O4 - HKLM\..\Run: [iTunesHelper] "C:\Arquivos de programas\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Google Updater.lnk = C:\Arquivos de programas\Google\Google Updater\GoogleUpdater.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Translate with &Babylon - res://C:\Arquivos de programas\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1161552440890

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = fap-sede.com.br,bndes.net

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = fap-sede.com.br,bndes.net

O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = fap-sede.com.br,bndes.net

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = fap-sede.com.br,bndes.net

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\ARQUIV~1\Google\GOOGLE~3\GOEC62~1.DLL

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\ARQUIV~1\ARQUIV~1\McAfee\EmProxy\emproxy.exe

O23 - Service: Folder Size (FolderSize) - Brio - C:\Arquivos de programas\FolderSize\FolderSizeSvc.exe

O23 - Service: GhostStartService - Symantec Corporation - C:\ARQUIV~1\Symantec\NORTON~1\GHOSTS~2.EXE

O23 - Service: GoogleDesktopManager - Google - C:\Arquivos de programas\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe

O23 - Service: Serviço iPod (iPod Service) - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Arquivos de programas\Arquivos comuns\McAfee\HackerWatch\HWAPI.exe

O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\ARQUIV~1\McAfee\MSC\mcupdmgr.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\ARQUIV~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\ARQUIV~1\ARQUIV~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\ARQUIV~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\ARQUIV~1\McAfee\MSC\mcpromgr.exe

O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\ARQUIV~1\ARQUIV~1\mcafee\redirsvc\redirsvc.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\ARQUIV~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\ARQUIV~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Arquivos de programas\McAfee\MPF\MPFSrv.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe

 

Um abraço,

 

Eduardo

[jgarcia 1]

Opa Eduardo Moreira dos Santos,

 

Execute o Active Scan da Panda, observando os seguintes procedimentos:

 

1) Alguns anti-vírus, tal como o AVAST, podem exibir um alerta de detecção durante a execução do scan, porém tal alerta deve ser ignorado. O aviso não passa de um falso-positivo. Sugiro que o AV seja desabilitado, temporariamente, a fim de que o scan ocorra sem problemas;

 

2) Para iniciar o processo, clique sobre o botão ;

 

3) Informe os dados solicitados no formulário;

 

4) Clique sobre o botão "Pesquise agora sem custos";

 

5) Siga todas as instruções que lhe serão passadas e aguarde o fim da varredura;

 

6) Ao término do scan, clique em visualizar o log. Salve-o em seu Desktop;

 

7) Poste o conteúdo do log em sua próxima resposta.

 

Abraços.

[Eduardo Moreira dos Santos 0]

JGarcia,

 

Segue abaixo o LOG do anti-virus:

 

 

Incidência Estado Localização

 

Ferramenta potencialmente indesejada:application/bestoffer Não desinfectado c:\windows\smdat32m.sys

Ferramenta potencialmente indesejada:application/myway Não desinfectado c:\arquivos de programas\MyWay

Adware:adware/mediatickets Não desinfectado Registo do Windows

Ferramenta potencialmente indesejada:application/altnet Não desinfectado hkey_local_machine\software\microsoft\windows\currentversion\app management\arpcache\AltnetDM

Adware:adware/powerstrip Não desinfectado Registo do Windows

Adware:Adware/ActiveSearch Não desinfectado C:\Arquivos de programas\AOL Security Toolbar\tbhelper.dll

Adware:Adware/ActiveSearch Não desinfectado C:\Arquivos de programas\AOL Security Toolbar\tbu5\tbhelper.dll

Virus:Generic Trojan Desinfectado C:\Arquivos de programas\VSO\ConvertXtoDVD\convertxtodvd.2.1.18.242-patch.exe

Spyware:Cookie/YieldManager Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@ad.yieldmanager[2].txt

Spyware:Cookie/PointRoll Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@ads.pointroll[2].txt

Spyware:Cookie/Adtech Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@adtech[1].txt

Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@atdmt[2].txt

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@bs.serving-sys[2].txt

Spyware:Cookie/Doubleclick Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@doubleclick[1].txt

Spyware:Cookie/Enhance Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@enhance[2].txt

Spyware:Cookie/Comclick Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@fl01.ct2.comclick[2].txt

Spyware:Cookie/FortuneCity Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@fortunecity[2].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@ig.com[1].txt

Spyware:Cookie/Overture Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@overture[2].txt

Spyware:Cookie/Server.iad.Liveperson Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@server.iad.liveperson[1].txt

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@serving-sys[2].txt

Spyware:Cookie/onestat.com Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@stat.onestat[1].txt

Spyware:Cookie/Statcounter Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@statcounter[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@terra.com[2].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Andréa\Cookies\andréa@uol.com[2].txt

Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Andréa\Dados de aplicativos\Mozilla\Firefox\Profiles\k9uhy60v.default\cookies.txt[.atdmt.com/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Arthur\Dados de aplicativos\Mozilla\Firefox\Profiles\fhmfjw3l.default\cookies.txt[.uol.com.br/]

Spyware:Cookie/Atwola Não desinfectado C:\Documents and Settings\Arthur\Dados de aplicativos\Mozilla\Firefox\Profiles\fhmfjw3l.default\cookies.txt[.atwola.com/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Arthur\Dados de aplicativos\Mozilla\Firefox\Profiles\fhmfjw3l.default\cookies.txt[de.uol.com.br/]

Spyware:Cookie/YieldManager Não desinfectado C:\Documents and Settings\Arthur\Dados de aplicativos\Mozilla\Firefox\Profiles\fhmfjw3l.default\cookies.txt[ad.yieldmanager.com/]

Spyware:Cookie/2o7 Não desinfectado C:\Documents and Settings\Arthur\Dados de aplicativos\Mozilla\Firefox\Profiles\fhmfjw3l.default\cookies.txt[.2o7.net/]

Spyware:Cookie/Doubleclick Não desinfectado C:\Documents and Settings\Arthur\Dados de aplicativos\Mozilla\Firefox\Profiles\fhmfjw3l.default\cookies.txt[.doubleclick.net/]

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Arthur\Dados de aplicativos\Mozilla\Firefox\Profiles\fhmfjw3l.default\cookies.txt[.bs.serving-sys.com/]

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Arthur\Dados de aplicativos\Mozilla\Firefox\Profiles\fhmfjw3l.default\cookies.txt[.serving-sys.com/]

Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Arthur\Dados de aplicativos\Mozilla\Firefox\Profiles\fhmfjw3l.default\cookies.txt[.atdmt.com/]

Spyware:Cookie/2o7 Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@2o7[2].txt

Spyware:Cookie/PointRoll Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@ads.pointroll[2].txt

Spyware:Cookie/Atwola Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@atwola[1].txt

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@bs.serving-sys[1].txt

Spyware:Cookie/MediaTickets Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@kinghost[2].txt

Spyware:Cookie/DomainSponsor Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@landing.domainsponsor[1].txt

Spyware:Cookie/Overture Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@overture[1].txt

Spyware:Cookie/Searchportal Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@searchportal.information[2].txt

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@serving-sys[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@terra.com[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Eduardo\Cookies\eduardo@uol.com[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.ig.com.br/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.uol.com.br/]

Spyware:Cookie/Adtech Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.adtech.de/]

Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.atdmt.com/]

Spyware:Cookie/Overture Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.overture.com/]

Spyware:Cookie/Doubleclick Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.doubleclick.net/]

Spyware:Cookie/Statcounter Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.statcounter.com/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.terra.com.br/]

Spyware:Cookie/2o7 Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.2o7.net/]

Spyware:Cookie/Atwola Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.atwola.com/]

Spyware:Cookie/QuestionMarket Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.questionmarket.com/]

Spyware:Cookie/adultfriendfinder Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.adultfriendfinder.com/]

Spyware:Cookie/Yadro Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.yadro.ru/]

Spyware:Cookie/PayCounter Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.paycounter.com/]

Spyware:Cookie/SexList Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.sexlist.com/]

Spyware:Cookie/YieldManager Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[ad.yieldmanager.com/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.com.com/]

Spyware:Cookie/MediaTickets Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.kinghost.com/]

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.serving-sys.com/]

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.bs.serving-sys.com/]

Spyware:Cookie/DomainSponsor Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[landing.domainsponsor.com/]

Spyware:Cookie/Casalemedia Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.casalemedia.com/]

Spyware:Cookie/Xiti Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.xiti.com/]

Spyware:Cookie/Tribalfusion Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[.tribalfusion.com/]

Spyware:Cookie/Comclick Não desinfectado C:\Documents and Settings\Eduardo\Dados de aplicativos\Mozilla\Firefox\Profiles\gkx7da7k.default\cookies.txt[fl01.ct2.comclick.com/]

Spyware:Cookie/PointRoll Não desinfectado C:\Documents and Settings\Jorge\Cookies\jorge@ads.pointroll[2].txt

Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Jorge\Cookies\jorge@atdmt[2].txt

Spyware:Cookie/Comclick Não desinfectado C:\Documents and Settings\Jorge\Cookies\jorge@fl01.ct2.comclick[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Jorge\Cookies\jorge@ig.com[1].txt

Spyware:Cookie/Statcounter Não desinfectado C:\Documents and Settings\Jorge\Cookies\jorge@statcounter[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Jorge\Cookies\jorge@terra.com[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Jorge\Cookies\jorge@uol.com[1].txt

Spyware:Cookie/2o7 Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.2o7.net/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.terra.com.br/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.ig.com.br/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.uol.com.br/]

Spyware:Cookie/bravenetA Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.bravenet.com/]

Spyware:Cookie/Overture Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.overture.com/]

Spyware:Cookie/Doubleclick Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.doubleclick.net/]

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.bs.serving-sys.com/]

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.serving-sys.com/]

Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.atdmt.com/]

Spyware:Cookie/Zedo Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[.zedo.com/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Jorge\Dados de aplicativos\Mozilla\Firefox\Profiles\dn9q1cem.default\cookies.txt[de.uol.com.br/]

Spyware:Cookie/2o7 Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@2o7[1].txt

Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@atdmt[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@com[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@de.uol.com[1].txt

Spyware:Cookie/Kazaa Networks Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@desktop.kazaa[1].txt

Spyware:Cookie/Comclick Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@fl01.ct2.comclick[2].txt

Spyware:Cookie/Statcounter Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@statcounter[2].txt

Spyware:Cookie/WebtrendsLive Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@statse.webtrendslive[2].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@terra.com[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@uol.com[2].txt

Spyware:Cookie/Xiti Não desinfectado C:\Documents and Settings\Vitor\Cookies\vitor@xiti[1].txt

Spyware:Cookie/Doubleclick Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.doubleclick.net/]

Spyware:Cookie/Statcounter Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.statcounter.com/]

Spyware:Cookie/QuestionMarket Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.questionmarket.com/]

Spyware:Cookie/PointRoll Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.ads.pointroll.com/]

Spyware:Cookie/Atwola Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.atwola.com/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.uol.com.br/]

Spyware:Cookie/WUpd Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.revenue.net/]

Spyware:Cookie/YieldManager Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[ad.yieldmanager.com/]

Spyware:Cookie/Searchportal Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[searchportal.information.com/]

Spyware:Cookie/Tribalfusion Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.tribalfusion.com/]

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.serving-sys.com/]

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.bs.serving-sys.com/]

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.serving-sys.com/]

Spyware:Cookie/Advertising Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.advertising.com/]

Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.atdmt.com/]

Spyware:Cookie/Kazaa Networks Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.desktop.kazaa.com/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.com.com/]

Spyware:Cookie/Euniverseads Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.euniverseads.com/]

Spyware:Cookie/FastClick Não desinfectado C:\Documents and Settings\Vitor\Dados de aplicativos\Mozilla\Firefox\Profiles\ihlpsycp.default\cookies.txt[.fastclick.net/]

Ferramenta potencialmente indesejada:Application/NirCmd.A Não desinfectado C:\WINDOWS\nircmd.exe

Ferramenta potencialmente indesejada:Application/NirCmd.A Não desinfectado D:\@Download\ComboFix.exe[nircmd.exe]

Ferramenta potencialmente indesejada:Application/NirCmd.A Não desinfectado D:\@Download\ComboFix.exe[nircmd.cfexe]

Virus:Generic Trojan Desinfectado D:\Softwares\Convert X to DVD\ConvertXtoDVD.2.1.18.242_CRK-FFF\convertxtodvd.2.1.18.242-patch.exe

Virus:Generic Trojan Desinfectado D:\Softwares\Total Recorder\Total_Recorder_6.0_Professional_Edition_Incl_All_Add-On-=(E.D)=-SiC\Crack\total.recorder.6.x.pro.(generic)-patch.exe

Virus:Generic Trojan Não desinfectado D:\Softwares\Total Recorder\Total_Recorder_6.0_Professional_Edition_Incl_All_Add-On-SiC.rar[Total_Recorder_6.0_Professional_Edition_Incl_All_Add-On-=(E.D)=-SiC\Crack\total.recorder.6.x.pro.(generic)-patch.exe]

Ferramenta potencialmente indesejada:Application/ModemSpy Não desinfectado D:\Usuarios\Eduardo\Curso de Access Avançado\Exemplos\Modem Spy 3.2 modemspy + crack ok\install.exe

 

Atenciosamente,

 

Eduardo Moreira dos Santos

[jgarcia 1]

Opa Eduardo Moreira dos Santos,

 

Vamos lá.

 

Habilite o Windows para mostrar todos os arquivos (até ocultos).

 

1ª Etapa

 

Baixe o CCleaner em:

CCleaner

 

Baixe, mas não execute ainda.

 

Baixe o Killbox em:

Killbox

 

1. Execute o Killbox, clique em Delete on Reboot.

 

2. Copie a lista abaixo em negrito para a área de transferência. Selecione tudo com o auxílio do mouse --> vá até a aba Editar na barra do navegador --> clique em Copiar.

 

C:\windows\smdat32m.sys

C:\arquivos de programas\MyWay

C:\Arquivos de programas\AOL Security Toolbar\tbhelper.dll

C:\Arquivos de programas\AOL Security Toolbar\tbu5\tbhelper.dll

D:\Softwares\Total Recorder\Total_Recorder_6.0_Professional_Edition_Incl_All_Add-On-SiC.rar

D:\Usuarios\Eduardo\Curso de Access Avançado\Exemplos\Modem Spy 3.2 modemspy + crack ok\install.exe

 

3. Retorne ao Killbox. Clique em File > Paste from clipboard. Clique em All Files.

 

4. Aperte em "X". Responda "não" à pergunta.

 

2ª Etapa

 

Reinicie em Modo Normal.

 

Vá em Iniciar -> Executar -> digite regedit -> dê Ok.

 

Navegue até a seguinte subchave:

 

hkey_local_machine\software\microsoft\windows\currentversion\app management\arpcache

 

Localize e delete a seguinte pasta:

 

AltnetDM

 

Saia do Editor do Registro.

 

Localize e delete as seguintes pastas:

 

C:\arquivos de programas\MyWay <- a pasta

C:\Arquivos de programas\AOL Security Toolbar\tbu5 <- a pasta

 

Delete o conteúdo da seguinte pasta:

 

C:\!Killbox

 

Execute o CCleaner e clique em Executar Limpeza.

 

Execute o Active Scan novamente e veja se ainda detecta algo.

 

Aguardo retorno.

 

Um abraço.

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.