[Arquivado] malware, eu acho!

[remeemberme 0]

olá, sou nova por aqui e apareceu esse seguinte aviso do avast! dizendo que meu computador estava infectado com o virus citado na descrição do tópico.

Bom, segue o meu log para analise:

 

 

Logfile of HijackThis v1.99.1

Scan saved at 02:58:54, on 11/16/aaaa

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\spoolsv.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe

C:\WINNT\system32\crc.exe

C:\WINNT\system32\ctfmon.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\WINNT\system32\inetsrv\inetinfo.exe

C:\WINNT\system32\HPZipm12.exe

C:\WINNT\system32\tcpsvcs.exe

C:\WINNT\System32\snmp.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\mqsvc.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\BitComet\BitComet.exe

C:\Documents and Settings\Tha\Desktop\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Arquivos de programas\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL

O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Arquivos de programas\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {09B8116F-7E14-4AD0-A9BF-A0583321C9DC} - (no file)

O2 - BHO: (no name) - {0DD697C1-B161-4F06-B189-837ABEA12681} - (no file)

O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Arquivos de programas\Pando Networks\Pando\PandoIEPlugin.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Arquivos de programas\BitComet\tools\BitCometBHO_1.1.5.19.dll

O2 - BHO: (no name) - {4DF620F2-5247-42B6-95D4-98569A448B1B} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: {3ee53094-abfa-3119-5994-89457f3b7877} - {7787b3f7-5498-4995-9113-afba49035ee3} - C:\WINNT\system32\jsldfdmd.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {94C71687-EAE7-488C-81E3-6FA3534817CD} - (no file)

O2 - BHO: (no name) - {E279E72E-B95A-4DEB-A9BB-E98894D6C98E} - (no file)

O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Arquivos de programas\PandoBar\bar\1.bin\PANDOBAR.DLL

O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Arquivos de programas\PandoBar\bar\1.bin\PANDOBAR.DLL

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [Windows 32-bit DLL Integrity Verifier] crc.exe

O4 - HKLM\..\RunServices: [Windows 32-bit DLL Integrity Verifier] crc.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Baixar link usando &BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: Baixar todos os links usando BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Baixar todos os vídeos usando BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase4009.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E187D1A8-2266-48AB-8C80-9A5122AFBEB1}: NameServer = 10.0.1.1

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe

 

Aguardando resposta,

desde já agradeço!

:)

[DigRam 144]

Boa Noite remeemberme!

 

>@< Abra o HijackThis e,com todas as janelas fechadas,dê Fix,nestas entradas:

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm

R3 - URLSearchHook: Barra de Ferramentas do Yahoo! com bloqueador de pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

O2 - BHO: (no name) - {09B8116F-7E14-4AD0-A9BF-A0583321C9DC} - (no file)

O2 - BHO: (no name) - {0DD697C1-B161-4F06-B189-837ABEA12681} - (no file)

O2 - BHO: (no name) - {4DF620F2-5247-42B6-95D4-98569A448B1B} - (no file)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {94C71687-EAE7-488C-81E3-6FA3534817CD} - (no file)

O2 - BHO: (no name) - {E279E72E-B95A-4DEB-A9BB-E98894D6C98E} - (no file)

>@< Terminando,finalize a ferramenta!

_________________________

 

>@< Faça o download do ComboFix.

>@< Baixe-o para o Desktop!

>@< Feche todas as janelas e execute a ferramenta!

>@< Para quem possui o Avast,surgirá um alerta de malware ( Win32 D adobra-EY[Trj] ),que deverá ser ignorado.

>@< Abrirá a janela Auto Scan. Aguarde!

>@< Digite a opção para continuar < Enter >

>@< Aguarde a conclusão!

>@< Poste o relatório: C:\ComboFix.txt,na sua resposta + Log do HJT,atualizado.

 

Abraços!

[remeemberme 0]

Olá DigRam, desculpe-me pela demora, estive sem acesso esses dias,

 

fiz todo o procedimento a qual me pediu, só que ocorreu um problema com o ComboFix, na hora em que eu o executo ele me passa a seguinte mensagem,

"Abortar-0711-08.1

Data corrente, ter 11/20/aaaa. Está cópia do ComboFix expirou. Elimene-a antes de efetuar o download duma cópia actualizada"

 

Dou "OK" ele é desinstalado, instalei novamente e ocorroeu o mesmo erro.

Então tenho somente o log do HijackThis.

 

 

Logfile of HijackThis v1.99.1

Scan saved at 19:09:47, on 11/20/aaaa

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINNT\system32\spoolsv.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\WINNT\system32\inetsrv\inetinfo.exe

C:\WINNT\system32\tcpsvcs.exe

C:\WINNT\System32\snmp.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\mqsvc.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\WINNT\Explorer.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Tha\Desktop\HijackThis\HijackThis.exe

 

R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Arquivos de programas\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL

O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Arquivos de programas\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Arquivos de programas\Pando Networks\Pando\PandoIEPlugin.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Arquivos de programas\BitComet\tools\BitCometBHO_1.1.5.19.dll

O2 - BHO: {3ee53094-abfa-3119-5994-89457f3b7877} - {7787b3f7-5498-4995-9113-afba49035ee3} - C:\WINNT\system32\jsldfdmd.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Arquivos de programas\PandoBar\bar\1.bin\PANDOBAR.DLL

O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Arquivos de programas\PandoBar\bar\1.bin\PANDOBAR.DLL

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Baixar link usando &BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: Baixar todos os links usando BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Baixar todos os vídeos usando BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_03\bin\npjpi150_03.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_03\bin\npjpi150_03.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase4009.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E187D1A8-2266-48AB-8C80-9A5122AFBEB1}: NameServer = 10.0.1.1

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe

 

 

Obrigada!

Abraços!

[DigRam 144]

Boa Tarde remeemberme!

 

>@< Aborte o procedimento com o ComboFix,e realize uma verificação OnLine...pelo Panda.

__________________________

 

>@< Faça um escaneamento OnLine,pelo Panda.

>@< Em,Arquivar e analisar,preencha o campo: País/Distrito/Região/E-Mail válido.

>@< Digite o seu E-Mail.

>@< Marque o botão:Não desejo receber informações...

>@< Clique em: Pesquise agora,sem custos.Aguarde!

>@< Permita a instalação do Active X.

>@< Ps: Para quem possui o Avast,surgirá um alerta de malware,que deverá ser ignorado!

>@< Recomendo que seja desabilitada,a proteção residente do Avast,ao executar o Activescan.

>@< No aviso,clique em Instalar.Aguarde a finalização,da contagem regressiva!

>@< Terminando e,em: Selecione um dispositivo para analisar...

>@< Escolha: O Meu Computador.

>@< Aguarde!Pois vai demorar um pouco para concluir o scan.

>@< Terminando,copie o relatório e poste,na sua resposta.

 

Abraços!

[remeemberme 0]

Bom dia DigRam!

Segue o relátorio:

 

 

 

Incidência Estado Localização

 

Spyware:spyware/apropos Não desinfectado Registo do Windows

Adware:adware/oemji Não desinfectado Registo do Windows

Adware:Adware/Yazzle Não desinfectado C:\avenger\backup.zip[avenger/mrofinu1000106.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\avenger\backup.zip[avenger/svchost.exe]

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Convidado\Cookies\convidado@bs.serving-sys[2].txt

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Convidado\Cookies\convidado@serving-sys[2].txt

Spyware:Cookie/PointRoll Não desinfectado C:\Documents and Settings\Tha\Cookies\tha@ads.pointroll[1].txt

Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Tha\Cookies\tha@atdmt[1].txt

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Tha\Dados de aplicativos\Mozilla\Firefox\Profiles\4s0snn80.default\cookies.txt[.ig.com.br/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Tha\Dados de aplicativos\Mozilla\Firefox\Profiles\4s0snn80.default\cookies.txt[.uol.com.br/]

Spyware:Cookie/Com.com Não desinfectado C:\Documents and Settings\Tha\Dados de aplicativos\Mozilla\Firefox\Profiles\4s0snn80.default\cookies.txt[.terra.com.br/]

Spyware:Cookie/Doubleclick Não desinfectado C:\Documents and Settings\Tha\Dados de aplicativos\Mozilla\Firefox\Profiles\4s0snn80.default\cookies.txt[.doubleclick.net/]

Spyware:Cookie/adultfriendfinder Não desinfectado C:\Documents and Settings\Tha\Dados de aplicativos\Mozilla\Firefox\Profiles\4s0snn80.default\cookies.txt[.adultfriendfinder.com/]

Ferramenta potencialmente indesejada:Application/Processor Não desinfectado C:\Documents and Settings\Tha\Meus documentos\SmitfraudFix\Process.exe

Virus:Trj/Rebooter.J Desinfectado C:\Documents and Settings\Tha\Meus documentos\SmitfraudFix\Reboot.exe

Ferramenta potencialmente indesejada:Application/SuperFast Não desinfectado C:\Documents and Settings\Tha\Meus documentos\SmitfraudFix\restart.exe

Ferramenta potencialmente indesejada:Application/Processor Não desinfectado C:\Documents and Settings\Tha\Meus documentos\SmitfraudFix\SmitfraudFix\Process.exe

Virus:Trj/Rebooter.J Desinfectado C:\Documents and Settings\Tha\Meus documentos\SmitfraudFix\SmitfraudFix\Reboot.exe

Ferramenta potencialmente indesejada:Application/SuperFast Não desinfectado C:\Documents and Settings\Tha\Meus documentos\SmitfraudFix\SmitfraudFix\restart.exe

Ferramenta potencialmente indesejada:Application/Processor Não desinfectado C:\Documents and Settings\Tha\Meus documentos\SmitfraudFix\SmitfraudFix.zip[smitfraudFix/Process.exe]

Virus:Trj/Rebooter.J Desinfectado C:\Documents and Settings\Tha\Meus documentos\SmitfraudFix\SmitfraudFix.zip[smitfraudFix/Reboot.exe]

Ferramenta potencialmente indesejada:Application/SuperFast Não desinfectado C:\Documents and Settings\Tha\Meus documentos\SmitfraudFix\SmitfraudFix.zip[smitfraudFix/restart.exe]

Spyware:Cookie/Atlas DMT Não desinfectado C:\Documents and Settings\Valentim1\Cookies\valentim1@atdmt[2].txt

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Valentim1\Cookies\valentim1@bs.serving-sys[1].txt

Spyware:Cookie/Mediaplex Não desinfectado C:\Documents and Settings\Valentim1\Cookies\valentim1@mediaplex[1].txt

Spyware:Cookie/Serving-sys Não desinfectado C:\Documents and Settings\Valentim1\Cookies\valentim1@serving-sys[1].txt

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\310 To Yuma (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\3D View Of Your Desktop.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\600 Legal Fill-In Forms amp; Guide.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\88 Minutes (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\A Mighty Heart (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\A Night At The Roxbury (1998).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\A-Z AVI DivX XviD Converter 5.77.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\ABBYY FineReader Professional 9.0.0.662.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Actual Search amp; Replace 2.7.8.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Adobe Creative Suite CS3 Design Premium.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Advanced Security Tool 1.1.6.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\AIO Mobile Phone Unlocker.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Alice Greenfingers.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\American Beauty (1999).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\AnyDVD amp; AnyDVD HD 6.1.9.3.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Aplus DVD Copy 8.48.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Armenian Fast Video to GIF SWF Converter 3.2.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Armenian GIF to AVI SWF Converter 1.9.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Atomix Virtual DJ Pro 5.0.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Atomix Virtual DJ Professional 5.0.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Autodesk Lustre 2008.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Avatar The Last Airbender S0306.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Avatar The Last Airbender S0307.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Avenged Sevenfold - Avenged Sevenfold (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Bandidas (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Beauty and The Geek - Season 4.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Billy Joel amp; Elton John - Face to Face in Hartford.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Bit Defender Internet Security 2008.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\BooksCore.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Borland C Builder.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Bowling for Columbine (2002).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Bratz (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Brick Journey.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Britney Spears - Blackout (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Burger Island.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Bypass All Internet Blocking Systems.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\CareWindows Process Control Master 1.0.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Celine Dion 30 Albums.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Chaos (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Clone CD 5.14.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Con Air (1997).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Crank (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Crime Life Gang Wars.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\CSI - Las Vegas - S08E04.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Curb your Enthusiasm - S06E08.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Cyberlink PowerDVD Ultra Deluxe 7.3.3304.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Daisy Words.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Daughtry - Daughtry (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\David Crosby - Voyage 3 CD Box Set.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Death Row (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Dexter - S02E05.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\DivX Player 6.7.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Doa Dead or Alive (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Donnie Darko (2001).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Down Forum.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Dragon Naturally Speaking 9.5.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Driver Genius 2007 Professional 7.1.622.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\DVDFab Platinum 4.0.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\EA Sports FIFA 2008.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Easy DVD to DivX VCD SVCD Converter 3.0.47.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\ElcomSoft Distributed Password Recovery 2.0.111.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Epic Movie (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Escape From Paradise.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Femme Fatale (2002).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Fever Frenzy.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\FlashGet 1.86.1008.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Folder Lock 5.7.9.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Four Brothers (2005).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Fraps Registered 2.9.2.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Full Speed Internet Broadband Connection 2.3.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\G.I. Jane (1997).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\GamersFire.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\GetRight Professional 6.3b.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Gleaming the Cube (1989).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Godspeed You! Black Emperor - All Studio Releases.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Golden FTP Server Pro 3.06.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Grease (1978).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Griffin amp; Phoenix (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Hamsterball Gold.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Hard Disk Sentinel Pro 2.10.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\HardCopy Pro 2.7.7.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\High School Musical (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\High School Musical The Concert (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\HiHiSoft YouTube Download 1.0.0.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Hitman Blood Money.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\ImTOO DVD Ripper 4.0.90.1026.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Interpol - The Trail of Dr. Chaos.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Juice (1992).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Kaspersky Antivirus 7.0.0.125.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Kid Nation - S01E06.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Kryptel Silver Key 3.44.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\LastBit MD5 Password Pro 1.0.533.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Life Is Wild - S01E04.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Limewire Turbo 5.4.1.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Little Man (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\LittleLite Software Folder Crypt 2.8.9510.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Lock My Computer 3.6.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Magic Drop.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Magic Video Converter 8.0.5.24.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\MagicEffect Photo Editor 2007 1.41.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Match Point (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Men Without Hats - My Hats Collection.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Microsoft Office 2007 Enterprise.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Microsoft Windows XP Pro Genuine.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Mind Medley.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Monkey Business.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Moonlight - S01E05.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Music and Lyrics (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\My Super Ex-Girlfriend (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Nero 8.0.3 (Portable).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\NOD32 Antivirus 3.0.414 RC1.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\OllyDBG 1.10.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Once Upon a Time in Mexico (2003).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Onone Mask Pro 4.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Partition Magic 8.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Perceiving Geometry Geometrical Illusions Explained by Natural Scene St.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\PocoMail 4.5.0.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Polar Tubing.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Prey (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Prince of PersiaThe Sands of Time.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Pro Evolution Soccer 2008.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Proceedings of the International Conference on Cohomology of Arithmetic.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Puddle of Mudd - Famous (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Pulse (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\RegDoctor 1.85.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Restorator 2007 3.70.1729.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Rob Zombie - American Made Music To Strip By.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Rob Zombie - Past, Present amp; Future.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Rob Zombie - The Sinister Urge.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Rob ZombieWhite Zombie Rare Tracks.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Save Flash 4.1.0023.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Saw IV (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\ScanSpyware 3.8.0.2.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Scorpions - Fly To The Rainbow (1974).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Se7en (1995).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Secret Window (2004).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Seether - Finding Beauty In Negative Spaces (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Sega Rally Revo.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Set Theory Boolean-Valued Models and Independence Proofs.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Shadowboxer (2005).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Shanghai Knights (2003).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\shareXtreem.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\She#039;s the Man (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Shrek The Third (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Sikth - Death of a Dead Day.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\SlySoft CloneCD 5.3.1.0.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\SpongeBob SquarePants Quad Pack.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Star Wars Jedi Night II Jedi Outcast.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Step Up (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Teenage Mutant Ninja Turtles (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Temors (1990).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The 13th Warrior (1999).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The 80#039;s Game with Martha Quinn.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Black Dahlia (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Ex (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Game Plan (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Hot Chick (2002).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Next Iron Chef - S01E04.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1976.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1977.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1978.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1979.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1981.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1982.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1983.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1984.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1985.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1986.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1987.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1988.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1989.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1990.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1991.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1992.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1993.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1994.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1995.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1996.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Pre History 1997.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Simpsons Movie (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Three Musketeers.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Very Best of MTV Unplugged.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Witcher.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\The Woods (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Tom Clancy#039;s Splinter Cell Chaos Theory.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Top Gear - S10E03.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Transformers (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\True Lies (1994).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\TSBay.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Turistas (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\U2 - Go Home Live from Slane Castle.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\U2 - Vertigo 2005 Live from Chicago.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\UltraISO 8.6.3.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Unknown (2006).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Urban Chaos.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\War of the Worlds (2005).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\WarezDonkey.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Wedding Crashers (2005).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\WhiteCap 5.0.1 Platinum.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\WinPatrol Plus 12.2.2007.0.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\Words Kingdom.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\World in conflict.zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\'\WWE The Most Powerful Families In Wrestling (2007).zip[setup.exe]

Virus:W32/P2PSimple.C.worm Desinfectado C:\WINNT\Fonts\Setup.exe

Ferramenta potencialmente indesejada:Application/NirCmd.A Não desinfectado C:\WINNT\NirCmd.exe

Virus:Trj/Downloader.REM Desinfectado C:\WINNT\system32\87aba3t73.exe

Spyware:Spyware/Virtumonde Não desinfectado C:\WINNT\system32\ajiguaee.dll

Spyware:Spyware/Vundo Não desinfectado C:\WINNT\system32\awtttsp.dll

Virus:W32/IrcBot.BJI.worm Desinfectado C:\WINNT\system32\crc.exe

Spyware:Spyware/Virtumonde Não desinfectado C:\WINNT\system32\dmodrlqg.exe

Spyware:Spyware/Virtumonde Não desinfectado C:\WINNT\system32\eylcgnyu.dll

Spyware:Spyware/Vundo Não desinfectado C:\WINNT\system32\fccyabc.dll

Spyware:Spyware/Vundo Não desinfectado C:\WINNT\system32\hggheee.dll

Spyware:Spyware/Virtumonde Não desinfectado C:\WINNT\system32\iwwmvpml.dll

Spyware:Spyware/Vundo Não desinfectado C:\WINNT\system32\mljjhff.dll

Virus:Trj/Downloader.MDW Desinfectado C:\WINNT\system32\Mz18r\Mz18r2328.exe

Spyware:Spyware/Vundo Não desinfectado C:\WINNT\system32\qommmli.dll

Spyware:Spyware/Vundo Não desinfectado C:\WINNT\system32\urqqpnn.dll

 

Obrigada!

[DigRam 144]

Bom Dia remeemberme!

 

>@< Faça o download do VundoFix.

>@< Salve-o no Desktop!

>@< Execute o VundoFix.exe

>@< Quando o VundoFix abrir,novamente, clique em Scan for Vundo.

>@< Quando ele terminar, clique em Remove Vundo.

>@< Você receberá um prompt perguntando se quer remover os arquivos. Confirme!

>@< Sua área de trabalho vai desaparecer!

>@< Surgirá um aviso dizendo que seu computador deve ser desligado.

>@< Clique em OK e depois,ligue o computador novamente!

>@< É possível que o VundoFix encontre um arquivo, mas não consiga removê-lo. Se isso acontecer, a ferramenta rodará ao reiniciar.

>@< Quando o VundoFix aparecer, clique no botão Scan for Vundo para repetir o processo.

>@< Quando o VundoFix não encontrar mais nenhum arquivo,que não consiga remover,poste o seu relatório ( Log ) que se encontra em C:\Vundofix.txt

>@< Poste,também,um nôvo Log do HijackThis.

 

Abraços!

[remeemberme 0]

Boa tarde DigRam!

Rodei o Vundo e ele nada encontrou.

 

 

Logfile of HijackThis v1.99.1

Scan saved at 17:29:18, on 11/21/aaaa

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINNT\system32\spoolsv.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

C:\WINNT\system32\inetsrv\inetinfo.exe

C:\WINNT\system32\tcpsvcs.exe

C:\WINNT\System32\snmp.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\mqsvc.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\WINNT\Explorer.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe

C:\Arquivos de programas\Comodo\Firewall\CPF.exe

C:\Arquivos de programas\MSN Messenger\usnsvc.exe

C:\Arquivos de programas\MSN Messenger\msnmsgr.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Tha\Desktop\HijackThis\HijackThis.exe

 

R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Arquivos de programas\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL

O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Arquivos de programas\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Arquivos de programas\Pando Networks\Pando\PandoIEPlugin.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Arquivos de programas\BitComet\tools\BitCometBHO_1.1.5.19.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Arquivos de programas\PandoBar\bar\1.bin\PANDOBAR.DLL

O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Arquivos de programas\PandoBar\bar\1.bin\PANDOBAR.DLL

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Arquivos de programas\Comodo\Firewall\CPF.exe" /background

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Baixar link usando &BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: Baixar todos os links usando BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Baixar todos os vídeos usando BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_03\bin\npjpi150_03.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_03\bin\npjpi150_03.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase4009.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E187D1A8-2266-48AB-8C80-9A5122AFBEB1}: NameServer = 10.0.1.1

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe

 

 

 

VundoFix:

 

 

VundoFix V6.5.11

 

Checking Java version...

 

Sun Java not detected

Scan started at 17:09:00 11/21/aaaa

 

Listing files found while scanning....

 

No infected files were found.

 

 

Beginning removal...

 

VundoFix V6.5.11

 

Checking Java version...

 

Sun Java not detected

Scan started at 17:09:54 11/21/aaaa

 

Listing files found while scanning....

 

No infected files were found.

 

 

VundoFix V6.5.11

 

Checking Java version...

 

Sun Java not detected

Scan started at 17:17:27 21/11/2007

 

Listing files found while scanning....

 

No infected files were found.

 

 

Beginning removal...

 

VundoFix V6.5.11

 

Checking Java version...

 

Sun Java not detected

Scan started at 17:25:04 11/21/aaaa

 

Listing files found while scanning....

 

No infected files were found.

 

 

Beginning removal...

 

 

Abraços e obrigada!

[DigRam 144]

Boa Noite remeemberme!

 

>@< Faça o download do Avenger.

>@< Descompacte-o e crie uma pasta para o programa!

>@< Coloque esta pasta no Disco Local-C ou Desktop!

>@< Rode o programa e marque Input script manually.

>@< Clique no ícone da lupa!

 

Files to delete:

C:\WINNT\system32\ajiguaee.dll

C:\WINNT\system32\awtttsp.dll

C:\WINNT\system32\dmodrlqg.exe

C:\WINNT\system32\eylcgnyu.dll

C:\WINNT\system32\fccyabc.dll

C:\WINNT\system32\hggheee.dll

C:\WINNT\system32\iwwmvpml.dll

C:\WINNT\system32\mljjhff.dll

C:\WINNT\system32\qommmli.dll

C:\WINNT\system32\urqqpnn.dll

>@< Na caixa que abrir,cole o que foi copiado na área do quote,logo àcima!

>@< Clique em Done.

>@< Clique no ícone do semáforo!

>@< Clique em Ok.

>@< O computador irá reiniciar!

>@< Faça e poste um nôvo log do HijackThis + Avenger.txt,na sua resposta.

 

Abraços!

[remeemberme 0]

Boa noite DigRam!

 

Logfile of HijackThis v1.99.1

Scan saved at 22:04:02, on 11/21/aaaa

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINNT\system32\spoolsv.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

C:\WINNT\system32\inetsrv\inetinfo.exe

C:\WINNT\system32\HPZipm12.exe

C:\WINNT\system32\tcpsvcs.exe

C:\WINNT\System32\snmp.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\System32\mqsvc.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\wuauclt.exe

C:\WINNT\system32\mobsync.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe

C:\Arquivos de programas\Comodo\Firewall\CPF.exe

C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Tha\Desktop\HijackThis\HijackThis.exe

 

R3 - URLSearchHook: (no name) - {06663B56-0D73-4f9f-BCC5-4AA941470AFD} - C:\Arquivos de programas\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL

O2 - BHO: Pando Search Assistant BHO - {06663B51-0D73-4f9f-BCC5-4AA941470AFD} - C:\Arquivos de programas\PandoBar\SrchAstt\1.bin\P4SRCHAS.DLL

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Arquivos de programas\Pando Networks\Pando\PandoIEPlugin.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Arquivos de programas\BitComet\tools\BitCometBHO_1.1.5.19.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Pando Toolbar BHO - {E3EA4FD1-CADE-4ae5-84F7-086EEE888BE4} - C:\Arquivos de programas\PandoBar\bar\1.bin\PANDOBAR.DLL

O3 - Toolbar: Pando Toolbar - {E3EA4FD9-CADE-4ae5-84F7-086EEE888BE4} - C:\Arquivos de programas\PandoBar\bar\1.bin\PANDOBAR.DLL

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Arquivos de programas\Comodo\Firewall\CPF.exe" /background

O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\MsnMsgr.Exe" /background

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: Baixar link usando &BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: Baixar todos os links usando BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Baixar todos os vídeos usando BitComet - res://C:\Arquivos de programas\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_03\bin\npjpi150_03.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_03\bin\npjpi150_03.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINNT\system32\shdocvw.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Arquivos de programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase4009.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{E187D1A8-2266-48AB-8C80-9A5122AFBEB1}: NameServer = 10.0.1.1

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Arquivos de programas\Comodo\Firewall\cmdagent.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe

 

 

________________________________________________

 

 

Logfile of The Avenger version 1, by Swandog46

Running from registry key:

\Registry\Machine\System\CurrentControlSet\Services\sijdfaod

 

*******************

 

Script file located at: \??\C:\WINNT\roaofxdc.txt

Script file opened successfully.

 

Script file read successfully

 

Backups directory opened successfully at C:\Avenger

 

*******************

 

Beginning to process script file:

 

File C:\WINNT\system32\ajiguaee.dll deleted successfully.

File C:\WINNT\system32\awtttsp.dll deleted successfully.

File C:\WINNT\system32\dmodrlqg.exe deleted successfully.

File C:\WINNT\system32\eylcgnyu.dll deleted successfully.

File C:\WINNT\system32\fccyabc.dll deleted successfully.

File C:\WINNT\system32\hggheee.dll deleted successfully.

File C:\WINNT\system32\iwwmvpml.dll deleted successfully.

File C:\WINNT\system32\mljjhff.dll deleted successfully.

File C:\WINNT\system32\qommmli.dll deleted successfully.

File C:\WINNT\system32\urqqpnn.dll deleted successfully.

 

Completed script processing.

 

*******************

 

Finished! Terminate.

[DigRam 144]

Boa Noite remeemberme!

 

>@< Faça o download do CCleaner.

>@< Baixe-o para o Desktop!

>@< Abra o programa e clique em Executar cleaner.

>@< Terminando,clique em Erros >> Procurar erros >> Corrigir erros.

__________________________

 

>@< Faça outro scan,com o Panda,e poste o relatório +HJT,atualizado.

 

Abraços!

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.