[Resolvido!], analisem meu log

alexandrepolar0 · Fevereiro 14, 2008

boa noite,

estava olhando no gerenciador de tarefas e encontrei vários processos que desconheço..

estou postando um log, pois esou com medo de estar infectado..

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:46:11, on 14/2/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\a-squared Free\a2service.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe

C:\Arquivos de programas\Cyberlink\Shared Files\brs.exe

C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe

C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe

C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Arquivos de programas\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [soundMAX] "C:\Arquivos de programas\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe

O4 - HKLM\..\Run: [amd_dc_opt] C:\Arquivos de programas\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [Norton Ghost 12.0] "C:\Arquivos de programas\Norton Ghost\Agent\VProTray.exe"

O4 - HKLM\..\Run: [CloneCDTray] "C:\Arquivos de programas\SlySoft\CloneCD\CloneCDTray.exe" /s

O4 - HKLM\..\Run: [bDRegion] C:\Arquivos de programas\Cyberlink\Shared Files\brs.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Arquivos de programas\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [RemoteControl] "C:\Arquivos de programas\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Arquivos de programas\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Arquivos de programas\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Arquivos de programas\a-squared Free\a2service.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Arquivos de programas\CyberLink\Shared files\RichVideo.exe

O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Arquivos de programas\SiSoftware\SiSoftware Sandra Professional Business XII.SP1\Win32\RpcDataSrv.exe

O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Arquivos de programas\SiSoftware\SiSoftware Sandra Professional Business XII.SP1\RpcSandraSrv.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--

End of file - 8276 bytes

no aguardo.

obrigado

DigRam · Fevereiro 15, 2008

Boa Noite alexandrepolarO!

>@< Aparentemente,tudo Ok com o log.

_____________________

>@< Faça um escaneamento OnLine,em Kaspersky,e poste o relatório.

Abraços!

alexandrepolar0 · Fevereiro 15, 2008

Olá.. segue resultado:

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Friday, February 15, 2008 7:07:55 AM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 15/02/2008

Kaspersky Anti-Virus database records: 567337

-------------------------------------------------------------------------------

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

Scan Target - Folders:

C:\

Scan Statistics:

Total number of scanned objects: 74854

Number of viruses found: 2

Number of infected objects: 3

Number of suspicious objects: 0

Duration of the scan process: 00:29:12

Infected Object Name / Virus Name / Last Action

C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20080214-203746.log Object is locked skipped

C:\Arquivos de programas\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

C:\Arquivos de programas\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

C:\Arquivos de programas\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped

C:\Arquivos de programas\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped

C:\Arquivos de programas\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped

C:\Arquivos de programas\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

C:\Arquivos de programas\Alwil Software\Avast4\DATA\report\Proteção residente.txt Object is locked skipped

C:\Documents and Settings\Alexandre\.housecall6.6\Quarantine\Clipe[1].exe.bac_a03336 Infected: Trojan-Downloader.Win32.Banload.ftz skipped

C:\Documents and Settings\Alexandre\Configurações locais\Dados de aplicativos\Ahead\Nero Home\bl.db Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Dados de aplicativos\Ahead\Nero Home\is2.db Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\Cache\_CACHE_001_ Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\Cache\_CACHE_002_ Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\Cache\_CACHE_003_ Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\Cache\_CACHE_MAP_ Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Histórico\History.IE5\MSHist012008021520080216\index.dat Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Temp\NERO14392\Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped

C:\Documents and Settings\Alexandre\Configurações locais\Temp\NERO14399\Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped

C:\Documents and Settings\Alexandre\Configurações locais\Temp\~DF981C.tmp Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Temp\~DFFC16.tmp Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Temp\~DFFC28.tmp Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

C:\Documents and Settings\Alexandre\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\Alexandre\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cert8.db Object is locked skipped

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\formhistory.dat Object is locked skipped

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\history.dat Object is locked skipped

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\key3.db Object is locked skipped

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\parent.lock Object is locked skipped

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\search.sqlite Object is locked skipped

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\urlclassifier2.sqlite Object is locked skipped

C:\Documents and Settings\Alexandre\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Alexandre\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\All Users\Dados de aplicativos\CyberLink\BDNAV\BRF.dat Object is locked skipped

C:\Documents and Settings\Geral\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\Geral\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\Geral\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\Geral\NtUser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Histórico\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Configurações locais\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

C:\System Volume Information\_restore{0897E604-022B-4829-A7BA-566FDAECA05C}\RP71\change.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\SA2349582.tmp Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\default Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\software Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\system Object is locked skipped

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\Temp\Perflib_Perfdata_55c.dat Object is locked skipped

C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

Obrigado!

DigRam · Fevereiro 15, 2008

Boa Noite alexandrepolarO!

C:\Documents and Settings\Alexandre\.housecall6.6\Quarantine\Clipe[1].exe.bac_a03336 Infected: Trojan-Downloader.Win32.Banload.ftz skipped

>@< Limpe a quarentena do < Housecall6.6 >

__________________________

>@< Faça o download do a-squared Free 3.0

Link Opcional: < a-squared >

>@< Abra o programa e clique em: Atualizar agora >> Aguarde!

>@< Terminando,clique em: Analisar agora.

>@< Procure fazer,esta análise,em Modo de Segurança!

>@< Escolha a opção: A fundo.

>@< Clique em Analisar!

>@< Terminando,envie os ítens encontrados para a quarentena.

>@< Aonde,daí,serão excluídos ou restaurados.

>@< Salve o relatório,desta verificação,e poste na sua resposta + HJT,atualizado.

Abraços!

alexandrepolar0 · Fevereiro 16, 2008

a-squared Free - Versão 3.1

Última atualização 15/2/2008 21:47:51

Configurações da análise:

Objetos: Memória, Rastros, Cookies, C:\, D:\, E:\

Análise de arquivos: Ligado

Heurística: Ligado

Análise de ADS: Ligado

Início da análise: 15/2/2008 21:52:25

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:35 detectado: Trace.TrackingCookie

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:36 detectado: Trace.TrackingCookie

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:37 detectado: Trace.TrackingCookie

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:38 detectado: Trace.TrackingCookie

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:39 detectado: Trace.TrackingCookie

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:42 detectado: Trace.TrackingCookie

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:43 detectado: Trace.TrackingCookie

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:44 detectado: Trace.TrackingCookie

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:69 detectado: Trace.TrackingCookie

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:71 detectado: Trace.TrackingCookie

C:\Documents and Settings\Alexandre\Dados de aplicativos\Mozilla\Firefox\Profiles\k77yyg4f.default\cookies.txt:82 detectado: Trace.TrackingCookie

C:\Arquivos de programas\WinRAR\Default.SFX detectado: Trojan.Win32.KillAV.og

C:\Documents and Settings\Alexandre\Configurações locais\Temp\NERO14392\Toolbar.exe detectado: Adware.Win32.MyWebSearch

C:\Documents and Settings\Alexandre\Configurações locais\Temp\NERO14399\Toolbar.exe detectado: Adware.Win32.MyWebSearch

E:\Backup\desktop\AVIconverterMF-MS76-78\AVI converter MF-MS 76-78\AVIConverter_320X240_22FPS_EN Setup.exe detectado: Adware.Win32.Dudu.d

Analisado

Arquivos: 243105

Objetos: 162304

Cookies: 530

Processos: 10

Encontrado

Arquivos: 4

Objetos: 0

Cookies: 11

Processos: 0

Chaves do registro: 0

Fim da análise: 15/2/2008 22:31:07

Duração da análise: 0:38:42

----