[Resolvido!]Outra vez o popup CID

DevilDestructor · Setembro 2, 2008

Helpppp

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 01:40, on 02-09-2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Programas\Windows Defender\MSASCui.exe

C:\Programas\ScanSoft\PaperPort\pptd40nt.exe

C:\Programas\Brother\ControlCenter2\brctrcen.exe

C:\Programas\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\keyhook.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\Internet Explorer\IEXPLORE.EXE

C:\Programas\HotKey\HotKey.exe

C:\Programas\Brother\Brmfcmon\BrMfcWnd.exe

C:\Programas\Internet Explorer\IEXPLORE.EXE

C:\Programas\Brother\Brmfcmon\BrMfcmon.exe

C:\Programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\MANUEL\Ambiente de trabalho\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações

O2 - BHO: IDMIEHlprObj Class - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programas\Internet Download Manager\IDMIECC.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programa Auxiliar de Início de Sessão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programas\Ficheiros comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O4 - HKLM\..\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Programas\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Programas\Ficheiros comuns\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] C:\Programas\ScanSoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [indexSearch] C:\Programas\ScanSoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [setDefPrt] C:\Programas\Brother\Brmfl05a\BrStDvPt.exe

O4 - HKLM\..\Run: [ControlCenter2.0] C:\Programas\Brother\ControlCenter2\brctrcen.exe /autorun

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [siS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [memo site kind that] C:\Documents and Settings\All Users\Application Data\Grid Blue Memo Site\grim wma.exe

O4 - HKLM\..\Run: [Anti Trojan Elite] C:\Programas\Anti Trojan Elite\TJEnder.exe :NO

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [pokeball] C:\DOCUME~1\MANUEL\APPLIC~1\THISDE~1\MessTwo.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Serviço de rede')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: HotKey Driver.lnk = C:\Programas\HotKey\HotKey.exe

O4 - Global Startup: Monitor de estado.lnk = C:\Programas\Brother\Brmfcmon\BrMfcWnd.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Internet TV by Endicosoft.com - {1D958E09-3112-7f0e-9723-5C1321C57B27} - C:\Programas\Internet TV 2050\InternetTV.exe (file missing)

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programas\Messenger\msmsgs.exe

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Programas\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab

O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://www.geoweb.pt/vector2/mgaxctrl.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1173390532625

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: MBAMService - Unknown owner - C:\Programas\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)

O23 - Service: ServiceLayer - Nokia. - C:\Programas\Ficheiros comuns\PCSuite\Services\ServiceLayer.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--

End of file - 8011 bytes

DigRam · Setembro 2, 2008

Boa Tarde! DevilDestructor

<@> Baixe: < LopS&D >

<@> Salve-o no Disco Local-C!

<@> Instale o programa e clique em: LopSD.cmd

<@> Na janela que abrir,aperte o "p" --> Aperte Enter.

<@> Em outra janela,aperte a opção 2 --> Aperte Enter --> Aguarde!

<@> Terminando,salve e poste o relatório. ( C:\lopR.txt )

<@> Poste,também,HijackThis atualizado.

Abraços!

DevilDestructor · Setembro 2, 2008

Boa noite

aqui vai

--------------------\\ Lop S&D 4.2.3-9 XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 3

X86-based PC ( Uniprocessor Free : AMD Sempron 2800+ )

BIOS : Version 1.00

USER : MANUEL ( Administrator )

BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1229 [VPS 080902-0] 4.8.1229 (Activated)

"C:\Lop SD" ( MAJ : 02-09-2008|17:30 )

Option : [2] ( 02-09-2008|23:45 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ REMOVIDOS

Deletado! - C:\WINDOWS\Tasks\AAE36011908D15D5.job

Deletado! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site\grim wma.exe

Deletado! - C:\DOCUME~1\MANUEL\APPLIC~1\thisde~1\interrdrbookpart.exe

Deletado! - C:\DOCUME~1\MANUEL\APPLIC~1\thisde~1\MessTwo.exe

Deletado! - C:\DOCUME~1\MANUEL\APPLIC~1\thisde~1\Ooze poll iso.exe

Deletado! - C:\DOCUME~1\MANUEL\APPLIC~1\thisde~1\vaiwilat.exe

Deletado! - C:\Programas\Circle Developement\Uninstall.exe

Deletado! - C:\DOCUME~1\MANUEL\Cookies\manuel@advertising.marketnetwork[2].txt

Deletado! - C:\DOCUME~1\MANUEL\Cookies\manuel@www.lop[1].txt

Deletado! - C:\DOCUME~1\MANUEL\DEFINI~1\Temp\bisB3.exe

Deletado! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grid Blue Memo Site

Deletado! - C:\DOCUME~1\MANUEL\APPLIC~1\thisde~1

Deletado! - C:\Programas\thisde~1

Deletado! - C:\Programas\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Lista de pastas em APPLIC~1

[13-02-2008|01:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\

[13-02-2008|01:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\

[13-02-2008|01:33] C:\DOCUME~1\ADMINI~1\APPLIC~1\

[13-02-2008|01:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\

[05-05-2007|03:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\Tools

[13-02-2008|01:31] C:\DOCUME~1\ADMINI~1\APPLIC~1\

[17-07-2007|07:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[14-02-2008|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[05-05-2007|03:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Systems

[07-02-2008|01:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[06-12-2007|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[05-05-2007|03:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[28-05-2007|07:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[26-12-2007|03:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations

[23-06-2008|07:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Shrink

[05-05-2007|03:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bytes

[07-02-2008|01:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[10-06-2008|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[30-05-2008|07:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[30-05-2008|07:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[26-12-2007|03:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[06-12-2007|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[03-05-2008|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lab

[15-02-2008|03:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lab Setup Files

[02-01-2008|02:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[01-09-2008|01:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[05-05-2007|03:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Plus!

[13-04-2008|02:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[13-04-2008|11:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Help

[11-04-2008|07:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[09-10-2007|02:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[23-06-2008|10:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[16-08-2008|10:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genuine Advantage

[26-12-2007|03:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Suite

[06-12-2007|10:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[05-11-2007|11:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[12-02-2008|03:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\- Search & Destroy

[05-05-2007|03:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[31-05-2007|09:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[05-05-2007|03:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genuine Advantage

[05-05-2007|03:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Genuine Advantage(2)

[09-10-2007|04:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[05-05-2007|03:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[11-11-2007|07:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\

[13-06-2007|11:14] C:\DOCUME~1\ANA\APPLIC~1\

[07-02-2008|01:19] C:\DOCUME~1\ANA\APPLIC~1\

[05-05-2007|03:43] C:\DOCUME~1\BERNARDO\APPLIC~1\

[09-10-2007|04:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\

[05-05-2007|03:43] C:\DOCUME~1\GONALO~1\APPLIC~1\

[07-02-2008|01:19] C:\DOCUME~1\GONALO~1\APPLIC~1\

[07-02-2008|01:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\

[05-05-2007|03:43] C:\DOCUME~1\LOCALS~1\APPLIC~1\Terminator

[05-05-2007|03:43] C:\DOCUME~1\LUCILA\APPLIC~1\

[07-02-2008|01:19] C:\DOCUME~1\LUCILA\APPLIC~1\

[05-05-2007|03:43] C:\DOCUME~1\LUCILA\APPLIC~1\

[03-10-2007|10:41] C:\DOCUME~1\MANUEL\APPLIC~1\

[22-01-2008|10:34] C:\DOCUME~1\MANUEL\APPLIC~1\

[05-05-2007|03:42] C:\DOCUME~1\MANUEL\APPLIC~1\

[06-12-2007|11:11] C:\DOCUME~1\MANUEL\APPLIC~1\

[30-05-2007|10:58] C:\DOCUME~1\MANUEL\APPLIC~1\

[26-12-2007|04:05] C:\DOCUME~1\MANUEL\APPLIC~1\

[08-12-2007|05:25] C:\DOCUME~1\MANUEL\APPLIC~1\

[03-10-2007|07:55] C:\DOCUME~1\MANUEL\APPLIC~1\

[05-05-2007|03:40] C:\DOCUME~1\MANUEL\APPLIC~1\

[14-10-2007|02:29] C:\DOCUME~1\MANUEL\APPLIC~1\

[05-05-2007|03:42] C:\DOCUME~1\MANUEL\APPLIC~1\

[10-06-2008|10:14] C:\DOCUME~1\MANUEL\APPLIC~1\

[05-05-2007|03:42] C:\DOCUME~1\MANUEL\APPLIC~1\

[05-05-2007|03:40] C:\DOCUME~1\MANUEL\APPLIC~1\

[05-05-2007|03:42] C:\DOCUME~1\MANUEL\APPLIC~1\

[14-05-2007|02:54] C:\DOCUME~1\MANUEL\APPLIC~1\Software Inc

[04-02-2008|10:57] C:\DOCUME~1\MANUEL\APPLIC~1\

[05-05-2007|03:42] C:\DOCUME~1\MANUEL\APPLIC~1\

[01-09-2008|01:43] C:\DOCUME~1\MANUEL\APPLIC~1\

[25-10-2007|07:54] C:\DOCUME~1\MANUEL\APPLIC~1\& RENOX

[08-12-2007|11:55] C:\DOCUME~1\MANUEL\APPLIC~1\Player Classic

[18-01-2008|01:17] C:\DOCUME~1\MANUEL\APPLIC~1\

[17-06-2008|10:14] C:\DOCUME~1\MANUEL\APPLIC~1\

[11-04-2008|07:57] C:\DOCUME~1\MANUEL\APPLIC~1\

[23-06-2008|10:11] C:\DOCUME~1\MANUEL\APPLIC~1\

[26-12-2007|04:02] C:\DOCUME~1\MANUEL\APPLIC~1\

[22-01-2008|07:44] C:\DOCUME~1\MANUEL\APPLIC~1\Multimedia Player

[05-05-2007|03:42] C:\DOCUME~1\MANUEL\APPLIC~1\

[18-05-2008|09:24] C:\DOCUME~1\MANUEL\APPLIC~1\

[26-12-2007|03:56] C:\DOCUME~1\MANUEL\APPLIC~1\Suite

[04-01-2008|12:46] C:\DOCUME~1\MANUEL\APPLIC~1\Tools

[03-06-2008|08:54] C:\DOCUME~1\MANUEL\APPLIC~1\

[05-05-2007|03:42] C:\DOCUME~1\MANUEL\APPLIC~1\Sender

[02-09-2007|03:52] C:\DOCUME~1\MANUEL\APPLIC~1\Interactive

[05-05-2007|03:42] C:\DOCUME~1\MANUEL\APPLIC~1\

[05-05-2007|04:05] C:\DOCUME~1\MANUEL\APPLIC~1\

[28-02-2008|10:47] C:\DOCUME~1\MANUEL\APPLIC~1\

[02-08-2008|12:12] C:\DOCUME~1\MANUEL\APPLIC~1\

[12-06-2008|05:35] C:\DOCUME~1\MANUEL\APPLIC~1\

[01-09-2008|09:04] C:\DOCUME~1\MANUEL\APPLIC~1\

[25-09-2007|09:20] C:\DOCUME~1\MANUEL\APPLIC~1\

[10-10-2007|05:45] C:\DOCUME~1\MANUEL\APPLIC~1\Desktop Search

[05-05-2007|03:42] C:\DOCUME~1\MANUEL\APPLIC~1\

[09-10-2007|05:00] C:\DOCUME~1\NETWOR~1\APPLIC~1\

[07-02-2008|01:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\

--------------------\\ Tarefas Agendadas na pasta C:\WINDOWS\Tasks

[02-09-2008 08:44][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job

[02-09-2008 08:41][--ah-----] C:\WINDOWS\tasks\SA.DAT

[20-11-2001 01:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Lista de pastas em C:\Programas

[18-10-2006|12:05] C:\Programas\

[01-07-2008|01:34] C:\Programas\

[31-05-2007|11:28] C:\Programas\Soft

[01-06-2008|09:28] C:\Programas\Software

[02-09-2008|01:49] C:\Programas\Trojan Elite

[17-07-2007|07:07] C:\Programas\Free

[27-02-2008|10:56] C:\Programas\Security Systems

[06-12-2007|11:00] C:\Programas\

[12-06-2008|05:41] C:\Programas\Next Evolution

[17-07-2007|10:01] C:\Programas\

[23-05-2008|11:00] C:\Programas\3D Audio

[06-12-2007|11:00] C:\Programas\Files

[23-01-2007|01:25] C:\Programas\Applications

[28-05-2007|07:27] C:\Programas\

[01-06-2008|10:21] C:\Programas\Electrónicas

[26-12-2007|03:58] C:\Programas\

[04-07-2008|11:27] C:\Programas\

[26-06-2008|10:52] C:\Programas\

[17-09-2007|08:22] C:\Programas\Decrypter

[23-06-2008|07:42] C:\Programas\Shrink

[25-01-2007|10:12] C:\Programas\Bytes

[02-09-2008|10:54] C:\Programas\

[23-06-2008|10:04] C:\Programas\comuns

[14-10-2007|02:28] C:\Programas\

[10-06-2008|10:14] C:\Programas\

[23-01-2007|01:39] C:\Programas\

[16-08-2008|10:06] C:\Programas\

[23-05-2008|11:37] C:\Programas\Installation Information

[16-07-2007|08:10] C:\Programas\Download Manager

[16-08-2008|09:47] C:\Programas\Explorer

[14-05-2007|02:54] C:\Programas\Software Inc

[16-08-2008|06:36] C:\Programas\

[16-08-2008|09:41] C:\Programas\

[30-08-2008|09:16] C:\Programas\Plus! Live

[29-06-2008|03:41] C:\Programas\frontpage

[19-12-2007|08:07] C:\Programas\Games

[29-06-2008|03:42] C:\Programas\Office

[13-04-2008|11:37] C:\Programas\

[25-05-2008|12:47] C:\Programas\Maker

[02-09-2008|11:44] C:\Programas\Firefox

[09-11-2007|11:29] C:\Programas\

[23-01-2007|01:25] C:\Programas\

[19-12-2007|08:32] C:\Programas\content crazy show

[23-01-2007|01:25] C:\Programas\Gaming Zone

[29-10-2007|08:40] C:\Programas\4.0

[23-05-2008|11:38] C:\Programas\V3.54

[23-06-2008|10:04] C:\Programas\

[25-05-2008|12:43] C:\Programas\

[26-12-2007|03:57] C:\Programas\

[18-10-2006|12:07] C:\Programas\Express

[02-09-2008|01:47] C:\Programas\

[01-11-2007|12:33] C:\Programas\

[03-06-2008|08:50] C:\Programas\

[06-12-2007|10:57] C:\Programas\

[23-01-2007|01:27] C:\Programas\online

[23-01-2007|01:46] C:\Programas\

[05-11-2007|11:10] C:\Programas\

[03-09-2007|10:53] C:\Programas\Interactive

[04-01-2008|12:38] C:\Programas\

[23-01-2007|01:37] C:\Programas\Information

[12-06-2008|05:33] C:\Programas\

[18-10-2006|12:07] C:\Programas\

[30-01-2007|09:15] C:\Programas\

[13-07-2007|08:57] C:\Programas\

[05-05-2007|03:56] C:\Programas\Defender

[09-10-2007|04:59] C:\Programas\Desktop Search

[11-11-2007|07:23] C:\Programas\Live

[16-07-2007|08:10] C:\Programas\Media Connect 2

[18-10-2006|12:07] C:\Programas\Media Player

[25-05-2008|12:43] C:\Programas\NT

[23-01-2007|02:33] C:\Programas\

[16-07-2007|08:10] C:\Programas\

[02-06-2008|11:10] C:\Programas\Reader

[16-07-2007|08:10] C:\Programas\

[01-02-2007|12:55] C:\Programas\

[23-01-2007|01:29] C:\Programas\

[08-12-2007|05:25] C:\Programas\Codec Pack

[09-07-2007|09:33] C:\Programas\G Registry

[03-05-2008|10:16] C:\Programas\Labs

--------------------\\ Lista de pastas em C:\Programas\Ficheiros comuns

[14-02-2008|10:49] C:\Programas\Ficheiros comuns\

[06-02-2007|08:46] C:\Programas\Ficheiros comuns\Systems Shared

[27-02-2008|11:09] C:\Programas\Ficheiros comuns\Security Systems

[13-04-2008|11:38] C:\Programas\Ficheiros comuns\

[06-12-2007|11:00] C:\Programas\Ficheiros comuns\

[02-03-2007|08:14] C:\Programas\Ficheiros comuns\

[29-06-2008|03:41] C:\Programas\Ficheiros comuns\Shared

[23-01-2007|01:26] C:\Programas\Ficheiros comuns\

[23-06-2008|10:04] C:\Programas\Ficheiros comuns\

[26-12-2007|03:57] C:\Programas\Ficheiros comuns\

[23-01-2007|01:10] C:\Programas\Ficheiros comuns\

[26-12-2007|03:57] C:\Programas\Ficheiros comuns\

[03-06-2008|08:54] C:\Programas\Ficheiros comuns\

[06-12-2007|10:57] C:\Programas\Ficheiros comuns\Shared

[23-01-2007|01:26] C:\Programas\Ficheiros comuns\

[23-01-2007|01:10] C:\Programas\Ficheiros comuns\

[25-05-2008|12:43] C:\Programas\Ficheiros comuns\

[11-11-2007|07:22] C:\Programas\Ficheiros comuns\

--------------------\\ Process

( 41 Processus )

... OK !

--------------------\\ Procura pelo S_Lop

Não foram encontradas pastas com o Lop!

--------------------\\ Procura por Arquivos/Ficheiros e pastas do Lop

Não foram encontradas pastas com o Lop!

--------------------\\ Procura no Registro

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verificando o Arquivos/Ficheiros Hosts

Arquivos/Ficheiros Hosts LIMPO

--------------------\\ Procurando Arquivos/Ficheiros ocultos com o Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-09-02 23:48:17

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden files ...

scan completed successfully

hidden processes: 0

hidden files: 18

--------------------\\ Procurando por outras infecções

Não foram encontradas outras infecções.

[F:257][D:65]-> C:\DOCUME~1\MANUEL\DEFINI~1\Temp

[F:28][D:0]-> C:\DOCUME~1\MANUEL\Cookies

[F:308][D:9]-> C:\DOCUME~1\MANUEL\DEFINI~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 02-09-2008|23:50 - Option : [2]

--------------------\\ Verificação completa em 23:50:19

________________________________________________________________________________

____________________

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:52, on 02-09-2008

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Programas\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\Programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\Explorer.EXE

C:\Programas\Windows Defender\MSASCui.exe

C:\Programas\ScanSoft\PaperPort\pptd40nt.exe

C:\Programas\Brother\ControlCenter2\brctrcen.exe

C:\Programas\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\keyhook.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Programas\Anti Trojan Elite\TJEnder.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programas\HotKey\HotKey.exe

C:\Programas\Brother\Brmfcmon\BrMfcWnd.exe

C:\Programas\Brother\Brmfcmon\BrMfcmon.exe

C:\Programas\eMule\emule.exe

C:\Programas\IncrediMail\bin\IMApp.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\HiJackThis.exe