[Resolvido!] CID iexplore.exe entre outros!

Quinho Knupp (Ber)²t · Julho 5, 2008

Hello! Seguinte, meu pc ta todo estranhoooooooo... existem várias instâncias do iexplore.exe abertas ao mesmo tempo, o pop-up CID tbm aparece toda hora... o meu programa Ares naum ta conseguindo encontrar nenhum arkivo na net... o browser em si do Ares funciona, mas o localizador d arkivos naum... fik como c estivesse concetando o tempo todo! gostaria de uma ajudinha! Abaixo seg o meu log! Obrigado desd já!

Logfile of HijackThis v1.99.1

Scan saved at 17:22:47, on 5/7/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe

C:\Arquivos de programas\Enigma Software Group\SpyHunter\SpyHunter3.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\RocketDock\RocketDock.exe

C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\system32\cmpe.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Windows Media Player\wmplayer.exe

C:\Documents and Settings\Administrador\Meus documentos\Downloads\Segurança\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orkut.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\1.5\NppBho.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\coShared\Browser\1.5\UIBHO.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [desp2k] C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe

O4 - HKLM\..\Run: [second bat creative peak] C:\Documents and Settings\All Users\Dados de aplicativos\Axis Readme Second Bat\pure peak.exe

O4 - HKLM\..\Run: [ccApp] "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [osCheck] "C:\Arquivos de programas\Norton Internet Security\osCheck.exe"

O4 - HKLM\..\Run: [spyHunter Security Suite] C:\Arquivos de programas\Enigma Software Group\SpyHunter\SpyHunter3.exe

O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Multiproc] C:\DOCUME~1\ADMINI~1\DADOSD~1\SPAMDE~1\NURBLIES.exe

O4 - HKCU\..\Run: [Conexão Oi Velox] "C:\Arquivos de programas\Oi Velox\Conexão\pppoe.exe"

O4 - HKCU\..\Run: [RocketDock] "C:\Arquivos de programas\RocketDock\RocketDock.exe"

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1214361483687

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{2CA565DE-3C8E-4729-A75A-CB93CED9B6D1}: NameServer = 200.149.55.142 200.165.132.154

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Arquivos de programas\Ares\chatServer.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe" /h cltCommon (file missing)

O23 - Service: Context Manager Process Extension (cmpe) - LightComm - C:\WINDOWS\system32\cmpe.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\VAScanner\comHost.exe

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Arquivos de programas\Norton Internet Security\isPwdSvc.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\ARQUIV~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Arquivos de programas\Arquivos comuns\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Arquivos de programas\Arquivos comuns\Symantec Shared\AppCore\AppSvc32.exe

DigRam · Julho 6, 2008

Bom Dia! Quinho Knupp ( Be...

<@> Existem infecções por Lops e,caso possua o Messenger Plus,recomendo que o desinstale!

<@> Pare,também,a proteção residente do Norton.

<@> Dê um duplo clique no ícone do Norton,situado ao lado do relógio.
<@> Em Sistema,clique em Auto-Protect.

<@> Desmarque as seguintes opções:

< 1 > Ativar Auto-Protect

< 2 > Iniciar o Auto-Protect ao iniciar o Windows

<@> Ainda em Sistema,clique em Bloqueio de scripts.

<@> Desmarque a opção:

< 1 > Ativar bloqueio de scripts

@@@@@@@@@@@@@@@@@@@

<@> Faça o download do LopS&D.

<@> Salve-o no Disco Local-C!

<@> Instale o programa e clique em: LopSD.cmd

<@> Na janela que abrir,aperte o "p" >> Aperte Enter.

<@> Em outra janela,aperte a opção 2 >> Aperte Enter >> Aguarde!

<@> Terminando,salve e poste o relatório. ( C:\lopR.txt )

<@> Poste,também,HJT atualizado.

Abraços!

Quinho Knupp (Ber)²t · Julho 7, 2008

Aí estão os Logs

-----------------------[ Lop S&D 4.2.2-0 XP/Vista ]---------------------

[ Windows XP (NT 5.1) Build 2600, Service Pack 3 ]

[ USER : Administrador ] [ "C:\Lop SD" ] [ Selection : 2 ]

[ dom 06/07/2008 | 15:20:51,10 ] [ PC : QUINHO-53ADBE8C ]

[ MAJ : 06-07-2008 | 10:55 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ REMOVIDOS ////////////////////////////////

Deletado! - C:\DOCUME~1\ALLUSE~1\DADOSD~1\Axis Readme Second Bat\pure peak.exe

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\spamde~1\NURBLIES.exe

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\spamde~1\spmptsvm.exe

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\spamde~1\storecoolsend.exe

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\spamde~1\WebJunkEachBait.exe

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\spamde~1\yvrxdaaq.exe

Deletado! - C:\WINDOWS\Tasks\AF610CFF9186BE87.job

Deletado! - C:\DOCUME~1\ALLUSE~1\DADOSD~1\Axis Readme Second Bat

Deletado! - C:\DOCUME~1\ADMINI~1\DADOSD~1\spamde~1

Deletado! - C:\Arquivos de programas\spamde~1

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

-------------[ Lista de pastas em Dados de aplicativos ]------------

[25/06/2008|23:29] C:\DOCUME~1\ADMINI~1\DADOSD~1\Adobe

[24/06/2008|16:19] C:\DOCUME~1\ADMINI~1\DADOSD~1\desktop.ini

[30/06/2008|14:53] C:\DOCUME~1\ADMINI~1\DADOSD~1\GrabPro

[24/06/2008|22:18] C:\DOCUME~1\ADMINI~1\DADOSD~1\Identities

[24/06/2008|22:30] C:\DOCUME~1\ADMINI~1\DADOSD~1\InstallShield

[06/07/2008|14:11] C:\DOCUME~1\ADMINI~1\DADOSD~1\Lightcomm

[24/06/2008|22:51] C:\DOCUME~1\ADMINI~1\DADOSD~1\Macromedia

[03/07/2008|13:35] C:\DOCUME~1\ADMINI~1\DADOSD~1\Media Player Classic

[03/07/2008|22:06] C:\DOCUME~1\ADMINI~1\DADOSD~1\Microsoft

[27/06/2008|01:00] C:\DOCUME~1\ADMINI~1\DADOSD~1\Opera

[30/06/2008|22:43] C:\DOCUME~1\ADMINI~1\DADOSD~1\Orbit

[03/07/2008|13:52] C:\DOCUME~1\ADMINI~1\DADOSD~1\Real

[06/07/2008|15:22] C:\DOCUME~1\ADMINI~1\DADOSD~1\uTorrent

[25/06/2008|23:29] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Adobe

[24/06/2008|16:19] C:\DOCUME~1\ALLUSE~1\DADOSD~1\desktop.ini

[28/06/2008|15:15] C:\DOCUME~1\ALLUSE~1\DADOSD~1\DVD Shrink

[03/07/2008|15:50] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Macromedia

[03/07/2008|16:24] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Messenger Plus!

[03/07/2008|16:05] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Microsoft

[03/07/2008|13:52] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Microsoft Help

[06/07/2008|15:19] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Symantec

[25/06/2008|15:39] C:\DOCUME~1\ALLUSE~1\DADOSD~1\Windows Genuine Advantage

[24/06/2008|23:10] C:\DOCUME~1\ALLUSE~1\DADOSD~1\WindowsLiveInstaller

[03/07/2008|15:59] C:\DOCUME~1\ALLUSE~1\DADOSD~1\WLInstaller

[24/06/2008|16:19] C:\DOCUME~1\DEFAUL~1\DADOSD~1\desktop.ini

[24/06/2008|19:31] C:\DOCUME~1\DEFAUL~1\DADOSD~1\Microsoft

[26/06/2008|18:56] C:\DOCUME~1\LOCALS~1\DADOSD~1\Microsoft

[24/06/2008|19:31] C:\DOCUME~1\NETWOR~1\DADOSD~1\Microsoft

----------------[ Tarefas Agendadas na pasta C:\WINDOWS\Tasks ]---------------

[04/07/2008 12:29][--a------] C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Administrador.job

[06/07/2008 14:11][--ah-----] C:\WINDOWS\tasks\SA.DAT

[11/09/2002 09:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

---------------[ Lista de pastas em C:\Arquivos de programas ]--------------

[03/07/2008|13:29] C:\Arquivos de programas\A1 DVD Audio Ripper

[04/07/2008|18:20] C:\Arquivos de programas\Ares

[04/07/2008|12:40] C:\Arquivos de programas\Arquivos comuns

[25/06/2008|18:49] C:\Arquivos de programas\CCleaner

[24/06/2008|19:28] C:\Arquivos de programas\ComPlus Applications

[24/06/2008|22:40] C:\Arquivos de programas\DIFX

[05/07/2008|18:52] C:\Arquivos de programas\DVD Decrypter

[03/07/2008|13:56] C:\Arquivos de programas\Enigma Software Group

[04/07/2008|12:23] C:\Arquivos de programas\GIGABYTE

[04/07/2008|12:23] C:\Arquivos de programas\InstallShield Installation Information

[03/07/2008|16:09] C:\Arquivos de programas\Internet Explorer

[03/07/2008|15:50] C:\Arquivos de programas\Macromedia

[25/06/2008|16:15] C:\Arquivos de programas\Messenger

[03/07/2008|16:12] C:\Arquivos de programas\Messenger Plus! Live

[24/06/2008|19:31] C:\Arquivos de programas\microsoft frontpage

[25/06/2008|16:10] C:\Arquivos de programas\Movie Maker

[02/07/2008|18:06] C:\Arquivos de programas\Mozilla Firefox

[24/06/2008|19:28] C:\Arquivos de programas\MSN Gaming Zone

[25/06/2008|16:08] C:\Arquivos de programas\NetMeeting

[04/07/2008|13:19] C:\Arquivos de programas\Norton Internet Security

[03/07/2008|15:51] C:\Arquivos de programas\Oi Velox

[03/07/2008|13:49] C:\Arquivos de programas\Opera

[25/06/2008|16:08] C:\Arquivos de programas\Outlook Express

[03/07/2008|15:52] C:\Arquivos de programas\PLATINUM technology

[27/06/2008|00:32] C:\Arquivos de programas\Real

[24/06/2008|22:40] C:\Arquivos de programas\Realtek

[04/07/2008|13:32] C:\Arquivos de programas\RocketDock

[24/06/2008|19:30] C:\Arquivos de programas\Servi‡os on-line

[27/06/2008|13:19] C:\Arquivos de programas\Skype

[04/07/2008|12:40] C:\Arquivos de programas\Symantec

[24/06/2008|22:18] C:\Arquivos de programas\Uninstall Information

[25/06/2008|16:23] C:\Arquivos de programas\uTorrent

[03/07/2008|16:04] C:\Arquivos de programas\Windows Live

[03/07/2008|19:12] C:\Arquivos de programas\Windows Media Connect 2

[03/07/2008|19:14] C:\Arquivos de programas\Windows Media Player

[25/06/2008|16:08] C:\Arquivos de programas\Windows NT

[24/06/2008|19:30] C:\Arquivos de programas\WindowsUpdate

[03/07/2008|13:31] C:\Arquivos de programas\WinRAR

[24/06/2008|19:31] C:\Arquivos de programas\xerox

[24/06/2008|22:38] C:\Arquivos de programas\Yahoo!

------[ Lista de pastas em C:\Arquivos de programas\Arquivos comuns ]------

[01/07/2008|14:43] C:\Arquivos de programas\Arquivos comuns\Adobe

[03/07/2008|15:45] C:\Arquivos de programas\Arquivos comuns\InstallShield

[03/07/2008|15:50] C:\Arquivos de programas\Arquivos comuns\Macromedia

[03/07/2008|16:05] C:\Arquivos de programas\Arquivos comuns\Microsoft Shared

[24/06/2008|19:29] C:\Arquivos de programas\Arquivos comuns\MSSoap

[24/06/2008|16:20] C:\Arquivos de programas\Arquivos comuns\ODBC

[03/07/2008|13:52] C:\Arquivos de programas\Arquivos comuns\Real

[24/06/2008|19:29] C:\Arquivos de programas\Arquivos comuns\Servi‡os

[27/06/2008|13:19] C:\Arquivos de programas\Arquivos comuns\Skype

[24/06/2008|16:20] C:\Arquivos de programas\Arquivos comuns\SpeechEngines

[04/07/2008|14:09] C:\Arquivos de programas\Arquivos comuns\Symantec Shared

[03/07/2008|13:50] C:\Arquivos de programas\Arquivos comuns\System

[25/06/2008|16:22] C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller

---------------------------[ Process ]--------------------------

... 37

... OK !

----------------------[ Procura pelo S_Lop ]---------------------

Não foram encontradas pastas com o Lop!

-----------------[ Procura por Arquivos/Ficheiros e pastas do Lop ]-----------------

Não foram encontradas pastas com o Lop!

----------------------[ Procura no Registro ]----------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------[ Verificando o Arquivos/Ficheiros Hosts ]---------------------

Arquivos/Ficheiros Hosts LIMPO

----------------[ Procurando Arquivos/Ficheiros ocultos com o Catchme ]-----------------

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-07-06 15:25:44

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 0

--------------------[ Procurando por outras infecções ]---------------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ConexÆo Oi Velox"="\"C:\\Arquivos de programas\\Oi Velox\\ConexÆo\\pppoe.exe\""

! EGDACCESS !

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Zone Alarm Pro Full License Crack - All Versions.zip

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Multim¡dia\Djïs\Disco Mobile v1.0\CRACK.exe

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Multim¡dia\Djïs\Mega.Mix.2000.v5.01\crack

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Multim¡dia\Djïs\Mega.Mix.2000.v5.01\crack\MEGAMIXC.EXE

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Multim¡dia\Djïs\MJ Studio v1.16\crack.exe

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\Crack

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\Declaration of Use!!!.txt

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\def.dat

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\HeartBug.nfo

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\How to Install!!.txt

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\Specs.txt

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\spyhunterS.exe

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\spyhunter_box_big.jpg

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\Spyhunter_capture.jpg

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\Crack\Common.dll

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Vegas\Sony Vegas 8 Pro + Crack

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Vegas\Sony_Vegas_8_Pro_+_Crack_[mininova].torrent

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Vegas\Sony Vegas 8 Pro + Crack\Readme.txt

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Vegas\Sony Vegas 8 Pro + Crack\Sony Vegas 8 Pro + Crack.uif

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Meus arquivos recebidos\CrackXp.rar

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Meus arquivos recebidos\Crack_Windows_XP_SP2

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Meus arquivos recebidos\Crack_Windows_XP_SP2.zip

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Meus arquivos recebidos\SpyHunter Security Suite v3.4.9+Crack-HeartBug [mininova].torrent

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Meus arquivos recebidos\Crack_Windows_XP_SP2\Bypassing the V5 Windows Update Invalid Product Key.txt

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Meus arquivos recebidos\Crack_Windows_XP_SP2\serial.txt

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Meus arquivos recebidos\Crack_Windows_XP_SP2\WinXP Valid KeyGen.exe

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Minhas m£sicas\Internacionais\Hip-Hop\Vico C- crack crack.mp3

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Zone alarm Pro 6.066.7.000_Fr Keygen.rar

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Zonelabs.-.Zone.Alarm.Pro.v5.5.062.011.(.Full.-.Incl.Keygen.-.by.Yoos).rar

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\3dMark06\3DMark 2006 1.0.2\keygen.exe

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Aurora 2.5.3\Keygen_AuroraDVDCopyv3.1.0.zip

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\MP3 Plugin\KeyGen

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\MP3 Plugin\KeyGen\keygen.exe

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Multim¡dia\Djïs\Otsjuke DJ Professional v1.00.078\OtsJuke_DJ_Professional_1.00.078_Keygen_by_TNT.zip

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Multim¡dia\Djïs\The Digital DJ Music System v3.6.2\KeyGen

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Multim¡dia\Djïs\The Digital DJ Music System v3.6.2\KeyGen\ORNDIGDJ.EXE

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Sound Forge 8\Sound Forge 8\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Sound Forge 8\Sound Forge 8\Sony[1].Sound.Forge.v8.0b.Incl.Keygen-SSG.ZIP

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Sound Forge 8\Sound Forge 8\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG\file_id.diz

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Sound Forge 8\Sound Forge 8\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG\keygen.exe

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Sound Forge 8\Sound Forge 8\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG\keygen.rar

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Downloads\Sound Forge 8\Sound Forge 8\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG\ssg.nfo

=> C:\DOCUME~1\ADMINI~1\MEUSDO~1\Meus arquivos recebidos\Crack_Windows_XP_SP2\WinXP Valid KeyGen.exe

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Zone Alarm Pro Full License Crack - All Versions.zip

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Multim¡dia\Djïs\Disco Mobile v1.0\CRACK.exe

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Multim¡dia\Djïs\Mega.Mix.2000.v5.01\crack

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Multim¡dia\Djïs\Mega.Mix.2000.v5.01\crack\MEGAMIXC.EXE

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Multim¡dia\Djïs\MJ Studio v1.16\crack.exe

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\Crack

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\Declaration of Use!!!.txt

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\def.dat

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\HeartBug.nfo

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\How to Install!!.txt

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\Specs.txt

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\spyhunterS.exe

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\spyhunter_box_big.jpg

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\Spyhunter_capture.jpg

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\SpyHunter Security Suite v3.4.9+Crack-HeartBug\Crack\Common.dll

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Vegas\Sony Vegas 8 Pro + Crack

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Vegas\Sony_Vegas_8_Pro_+_Crack_[mininova].torrent

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Vegas\Sony Vegas 8 Pro + Crack\Readme.txt

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Vegas\Sony Vegas 8 Pro + Crack\Sony Vegas 8 Pro + Crack.uif

=> C:\Documents and Settings\Administrador\Meus documentos\Meus arquivos recebidos\CrackXp.rar

=> C:\Documents and Settings\Administrador\Meus documentos\Meus arquivos recebidos\Crack_Windows_XP_SP2

=> C:\Documents and Settings\Administrador\Meus documentos\Meus arquivos recebidos\Crack_Windows_XP_SP2.zip

=> C:\Documents and Settings\Administrador\Meus documentos\Meus arquivos recebidos\SpyHunter Security Suite v3.4.9+Crack-HeartBug [mininova].torrent

=> C:\Documents and Settings\Administrador\Meus documentos\Meus arquivos recebidos\Crack_Windows_XP_SP2\Bypassing the V5 Windows Update Invalid Product Key.txt

=> C:\Documents and Settings\Administrador\Meus documentos\Meus arquivos recebidos\Crack_Windows_XP_SP2\serial.txt

=> C:\Documents and Settings\Administrador\Meus documentos\Meus arquivos recebidos\Crack_Windows_XP_SP2\WinXP Valid KeyGen.exe

=> C:\Documents and Settings\Administrador\Meus documentos\Minhas m£sicas\Internacionais\Hip-Hop\Vico C- crack crack.mp3

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Zone alarm Pro 6.066.7.000_Fr Keygen.rar

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Zonelabs.-.Zone.Alarm.Pro.v5.5.062.011.(.Full.-.Incl.Keygen.-.by.Yoos).rar

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\3dMark06\3DMark 2006 1.0.2\keygen.exe

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Aurora 2.5.3\Keygen_AuroraDVDCopyv3.1.0.zip

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\MP3 Plugin\KeyGen

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\MP3 Plugin\KeyGen\keygen.exe

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Multim¡dia\Djïs\Otsjuke DJ Professional v1.00.078\OtsJuke_DJ_Professional_1.00.078_Keygen_by_TNT.zip

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Multim¡dia\Djïs\The Digital DJ Music System v3.6.2\KeyGen

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Multim¡dia\Djïs\The Digital DJ Music System v3.6.2\KeyGen\ORNDIGDJ.EXE

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Sound Forge 8\Sound Forge 8\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Sound Forge 8\Sound Forge 8\Sony[1].Sound.Forge.v8.0b.Incl.Keygen-SSG.ZIP

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Sound Forge 8\Sound Forge 8\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG\file_id.diz

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Sound Forge 8\Sound Forge 8\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG\keygen.exe

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Sound Forge 8\Sound Forge 8\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG\keygen.rar

=> C:\Documents and Settings\Administrador\Meus documentos\Downloads\Sound Forge 8\Sound Forge 8\Sony.Sound.Forge.v8.0b.Incl.Keygen-SSG\ssg.nfo

=> C:\Documents and Settings\Administrador\Meus documentos\Meus arquivos recebidos\Crack_Windows_XP_SP2\WinXP Valid KeyGen.exe

[F:65][D:2]-> C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp

[F:67][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies

[F:3656][D:8]-> C:\DOCUME~1\ADMINI~1\CONFIG~1\TEMPOR~1\content.IE5

--------------------[ Verificação completa em 15:26:08,84 ]----------------------

Logfile of HijackThis v1.99.1

Scan saved at 22:52:36, on 6/7/2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\AppCore\AppSvc32.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Oi Velox\Manager\desp2k.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe

C:\Arquivos de programas\RocketDock\RocketDock.exe

C:\Arquivos de programas\Symantec\LiveUpdate\ALUSchedulerSvc.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\ccSvcHst.exe

C:\WINDOWS\system32\cmpe.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Arquivos de programas\Arquivos comuns\Symantec Shared\CCPD-LC\symlcsvc.exe