[Resolvido!] Log HiJackThis

[scorpio 7]

ultimamente tem aparecido aviso de virus aqui, em arquivos que sei que antes não deveriam ter. um log do HJT

 

o virus q aparece é esse TR/Crypt.XPACK.Gen [trojan], o antivirus q uso é o Avira.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 06:21:45, on 13/06/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\DNA\btdna.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\DreaMule\emule.exe

C:\Program Files\BitTorrent\bittorrent.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\DllHost.exe

C:\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL

O1 - Hosts: ::1 localhost

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: IEInspector Browser Helper - {9B43B7B1-BF56-4708-81D2-332D708B0DD9} - C:\PROGRA~1\IEINSP~1\HTTPAN~1\IEINSP~1.DLL

O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\DreaMule\emule.exe -AutoStart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIÇO DE REDE')

O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: IE HTTPAnalyzer V4 - {77853997-24DC-40A6-8F45-1AC5039265DF} - C:\PROGRA~1\IEINSP~1\HTTPAN~1\IEHTTP~1.DLL

O9 - Extra 'Tools' menuitem: IE HTTPAnalyzer V4 - {77853997-24DC-40A6-8F45-1AC5039265DF} - C:\PROGRA~1\IEINSP~1\HTTPAN~1\IEHTTP~1.DLL

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/...NPUpldpt-br.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: SMTP Server Service (SMTPMainService) - Unknown owner - C:\Program Files\Advanced SMTP Server\SMTPListener.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 6147 bytes

[DigRam 144]

Bom Dia! scorpio

 

<@> Baixe: < ToolBar S&D >

<@> Salve-o no Disco Local-C,em uma pasta própria.

<@> Reinicie o computador,em Modo de Segurança. <-- Importante!

<@> Execute o programa,e à seguir,aperte o "p" --> Enter --> Ok.

<@> Digite o dois! ( 2 ) --> Aperte Enter --> Aguarde!

<@> Terminando,poste o relatório. ( C:\ToolBar SD\TB_1.txt )

<@> Poste,também,HijackThis atualizado.

<><><><><><><><><><>

<@> Baixe: < a-squared Free 4.0 >

 

<!> Link Opcional: < >

 

<@> Salve-o em Arquivos de programas.

<@> Abra o programa e clique em: Atualizar agora --> Aguarde!

<@> Terminando,clique em: "Scan PC"

<@> Escolha a opção: "A fundo" --> Clique,à seguir,em "Analisar".

<@> Terminando,marque as caixinhas dos ítens encontrados e clique em "Enviar marcados à Quarentena".

<@> Salve e poste o relatório desta verificação. ( a2scan_xxyy09-xxxxxx.txt )

 

Abraços!

[scorpio 7]

O log do squared vai demorar mais, ja faz quase 3 horas que ta rodando e ainda ta em 10%, é assim mesmo ?

 

 

 

-----------\\ ToolBar S&D 1.2.8 XP/Vista

 

Microsoft® Windows Vista™ Home Premium ( v6.0.6001 ) Service Pack 1

X86-based PC ( Multiprocessor Free : Intel® Core2 Duo CPU E6750 @ 2.66GHz )

BIOS : Award Modular BIOS v6.00PG

USER : Lucas ( Administrator )

BOOT : Fail-safe boot

Antivirus : AntiVir Desktop 9.0.1.26 (Activated)

A:\ (USB)

C:\ (Local Disk) - NTFS - Total:232 Go (Free:70 Go)

D:\ (CD or DVD)

E:\ (CD or DVD)

G:\ (CD or DVD)

 

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )

Option : [2] ( 13/06/2009|10:11 )

 

[ UAC => 0 ]

C:\Users\Lucas\AppData\Local\Temp\nsk5126.tmp

 

-----------\\ REMOVIDOS

 

Deletado! - C:\Users\Lucas\AppData\Local\Temp\NERO13364\Toolbar.exe

Deletado! - C:\Program Files\AskTBar\bar

Deletado! - C:\Program Files\AskTBar\SrchAstt

Deletado! - C:\Users\Lucas\AppData\Roaming\MICROS~1\Windows\Cookies\lucas@mysearch[1].txt

Deletado! - C:\Users\Lucas\AppData\Roaming\MICROS~1\Windows\Cookies\lucas@mysearch[2].txt

Deletado! - C:\Users\Lucas\AppData\Roaming\MICROS~1\Windows\Cookies\lucas@mysearch[3].txt

Deletado! - C:\Users\Lucas\AppData\Roaming\MICROS~1\Windows\Cookies\lucas@mysearch[4].txt

Deletado! - C:\Users\Lucas\AppData\Local\Temp\nsk5126.tmp

Deletado! - C:\Program Files\AskTBar

 

-----------\\ Procura por Arquivos / Ficheiros ...

 

 

-----------\\ [..\Internet Explorer\Main]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Local Page"="C:\\Windows\\system32\\blank.htm"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.google.com.br/"

"Url"="http://go.microsoft.com/fwlink/?LinkId=75723"

"Url"="http://go.microsoft.com/fwlink/?LinkId=75724"

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Local Page"="C:\\Windows\\System32\\blank.htm"

 

 

--------------------\\ Procurando por outras infecções

 

--------------------\\ Cracks & Keygens ..

 

C:\Users\Lucas\AppData\Roaming\BitTorrent\ImTOO DVD Audio Ripper v5.0 With Crack.torrent

C:\Users\Lucas\Documents\PAI\tempsas\Desktop\tecnet\base\estrutura e dados\Panda Titanium Crack.zip.exe

 

 

[ UAC => 1 ]

 

 

1 - "C:\ToolBar SD\TB_1.txt" - 13/06/2009|10:13 - Option : [2]

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:26:01, on 13/06/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Users\Lucas\Program Files\DNA\btdna.exe

C:\Windows\system32\wuauclt.exe

C:\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

O1 - Hosts: ::1 localhost

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: IEInspector Browser Helper - {9B43B7B1-BF56-4708-81D2-332D708B0DD9} - C:\PROGRA~1\IEINSP~1\HTTPAN~1\IEINSP~1.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Lucas\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\DreaMule\emule.exe -AutoStart

O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: IE HTTPAnalyzer V4 - {77853997-24DC-40A6-8F45-1AC5039265DF} - C:\PROGRA~1\IEINSP~1\HTTPAN~1\IEHTTP~1.DLL

O9 - Extra 'Tools' menuitem: IE HTTPAnalyzer V4 - {77853997-24DC-40A6-8F45-1AC5039265DF} - C:\PROGRA~1\IEINSP~1\HTTPAN~1\IEHTTP~1.DLL

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)

O13 - Gopher Prefix:

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/...NPUpldpt-br.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: SMTP Server Service (SMTPMainService) - Unknown owner - C:\Program Files\Advanced SMTP Server\SMTPListener.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 5245 bytes

[scorpio 7]

Ae DigRam , terminou

 

 

a-squared Free - Versão 4.5

Última atualização 13/06/2009 10:25:17

 

Configurações da análise:

 

Scan type: deep

Objetos: Memória, Rastros, Cookies, C:\

Análise de arquivos: Ligado

Heurística: Desligado

Análise de ADS: Ligado

 

Início da análise: 13/06/2009 10:27:59

 

c:\program files\common files\artech detectado: Trace.Directory.Big Mother!A2

c:\program files\bittorrent detectado: Trace.Directory.Bittorrent 5.0!A2

c:\programdata\microsoft\windows\start menu\programs\bittorrent detectado: Trace.Directory.Bittorrent 5.0!A2

c:\windows\system32\eselleratecontrol350.dll detectado: Trace.File.Instant Access!A2

c:\programdata\microsoft\windows\start menu\programs\bittorrent\bittorrent.lnk detectado: Trace.File.Bittorrent 5.0!A2

Value: HKEY_CLASSES_ROOT\CLSID\{61029AF2-FF30-43EC-9012-1F34BA17F0BA}\InprocServer32 --> ThreadingModel detectado: Trace.Registry.IMonitorPCPro!A2

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61029AF2-FF30-43EC-9012-1F34BA17F0BA}\InprocServer32 --> ThreadingModel detectado: Trace.Registry.IMonitorPCPro!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@247realmedia[1].txt detectado: Trace.TrackingCookie.247realmedia!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@2o7[1].txt detectado: Trace.TrackingCookie.2o7!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@2o7[3].txt detectado: Trace.TrackingCookie.2o7!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@2o7[4].txt detectado: Trace.TrackingCookie.2o7!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@2o7[5].txt detectado: Trace.TrackingCookie.2o7!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver-2.bnetwork.com[1].txt detectado: Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver-2.bnetwork.com[2].txt detectado: Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver.adreactor[1].txt detectado: Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver.dialhost.com[2].txt detectado: Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver.dialhost.com[3].txt detectado: Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver.internet-arts[2].txt detectado: Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver.redpillx.com[1].txt detectado: Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adservingml[1].txt detectado: Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adservingml[2].txt detectado: Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adtech[1].txt detectado: Trace.TrackingCookie.adtech!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adtech[2].txt detectado: Trace.TrackingCookie.adtech!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[1].txt detectado: Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[2].txt detectado: Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[3].txt detectado: Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[4].txt detectado: Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[5].txt detectado: Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[7].txt detectado: Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@angelfire[1].txt detectado: Trace.TrackingCookie.angelfire!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@atdmt[1].txt detectado: Trace.TrackingCookie.atdmt!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@atdmt[2].txt detectado: Trace.TrackingCookie.atdmt!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@atdmt[3].txt detectado: Trace.TrackingCookie.atdmt!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@atdmt[5].txt detectado: Trace.TrackingCookie.atdmt!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@bluestreak[1].txt detectado: Trace.TrackingCookie.bluestreak!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@bravenet[1].txt detectado: Trace.TrackingCookie.bravenet!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@bs.serving-sys[1].txt detectado: Trace.TrackingCookie.bs.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@bs.serving-sys[2].txt detectado: Trace.TrackingCookie.bs.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@bs.serving-sys[3].txt detectado: Trace.TrackingCookie.bs.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@burstnet[1].txt detectado: Trace.TrackingCookie.burstnet!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@burstnet[2].txt detectado: Trace.TrackingCookie.burstnet!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@casalemedia[1].txt detectado: Trace.TrackingCookie.casalemedia!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@casalemedia[3].txt detectado: Trace.TrackingCookie.casalemedia!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@com[1].txt detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@com[2].txt detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@com[3].txt detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@doubleclick[1].txt detectado: Trace.TrackingCookie.doubleclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@doubleclick[2].txt detectado: Trace.TrackingCookie.doubleclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@doubleclick[3].txt detectado: Trace.TrackingCookie.doubleclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@fastclick[1].txt detectado: Trace.TrackingCookie.fastclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@fastclick[2].txt detectado: Trace.TrackingCookie.fastclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@fastclick[3].txt detectado: Trace.TrackingCookie.fastclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[1].txt detectado: Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[2].txt detectado: Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[3].txt detectado: Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[4].txt detectado: Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[5].txt detectado: Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[6].txt detectado: Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[8].txt detectado: Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@hitbox[1].txt detectado: Trace.TrackingCookie.hitbox!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@ig.com[1].txt detectado: Trace.TrackingCookie.ig.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@ig.com[2].txt detectado: Trace.TrackingCookie.ig.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@ig.com[3].txt detectado: Trace.TrackingCookie.ig.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media-convert[1].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.adrevolver[1].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.adrevolver[2].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.blogspot[2].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.photobucket[1].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.photobucket[2].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.realmedia.com[1].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media6degrees[1].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media6degrees[2].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media6degrees[3].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media6degrees[4].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@mediafire[1].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@mediafire[2].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@mediafire[3].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@mediaplex[2].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@mediaplex[3].txt detectado: Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@netdownloads.com[1].txt detectado: Trace.TrackingCookie.netdownloads.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@oi.com[2].txt detectado: Trace.TrackingCookie.oi.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@pop.com[1].txt detectado: Trace.TrackingCookie.pop!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@pro-market[1].txt detectado: Trace.TrackingCookie.pro-market!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@questionmarket[2].txt detectado: Trace.TrackingCookie.questionmarket!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@questionmarket[3].txt detectado: Trace.TrackingCookie.questionmarket!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@realmedia[2].txt detectado: Trace.TrackingCookie.realmedia!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@revenue[2].txt detectado: Trace.TrackingCookie.revenue!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@rubiconproject[1].txt detectado: Trace.TrackingCookie.rub!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@rubiconproject[2].txt detectado: Trace.TrackingCookie.rub!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@rubiconproject[3].txt detectado: Trace.TrackingCookie.rub!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@rubiconproject[4].txt detectado: Trace.TrackingCookie.rub!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@serving-sys[1].txt detectado: Trace.TrackingCookie.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@serving-sys[2].txt detectado: Trace.TrackingCookie.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@serving-sys[3].txt detectado: Trace.TrackingCookie.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@specificclick[1].txt detectado: Trace.TrackingCookie.specificclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@specificclick[2].txt detectado: Trace.TrackingCookie.specificclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@specificclick[3].txt detectado: Trace.TrackingCookie.specificclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@stat.onestat[1].txt detectado: Trace.TrackingCookie.stat.onestat!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@stat.onestat[2].txt detectado: Trace.TrackingCookie.stat.onestat!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@statcounter[1].txt detectado: Trace.TrackingCookie.statcounter!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@statcounter[2].txt detectado: Trace.TrackingCookie.statcounter!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@statcounter[3].txt detectado: Trace.TrackingCookie.statcounter!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@statcounter[4].txt detectado: Trace.TrackingCookie.statcounter!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@statse.webtrendslive[1].txt detectado: Trace.TrackingCookie.statse.webtrendslive!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@trafficmp[1].txt detectado: Trace.TrackingCookie.trafficmp!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@tribalfusion[2].txt detectado: Trace.TrackingCookie.tribalfusion!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@tribalfusion[3].txt detectado: Trace.TrackingCookie.tribalfusion!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@tripod[2].txt detectado: Trace.TrackingCookie.tripod!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@weborama[2].txt detectado: Trace.TrackingCookie.weborama!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@windowsmedia[1].txt detectado: Trace.TrackingCookie.windowsmedia!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@ww3.shoshkeles[1].txt detectado: Trace.TrackingCookie.ww3.shoshkeles!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@zedo[2].txt detectado: Trace.TrackingCookie.zedo!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@zedo[3].txt detectado: Trace.TrackingCookie.zedo!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@zedo[4].txt detectado: Trace.TrackingCookie.zedo!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1237641322870496 detectado: Trace.TrackingCookie.zedo!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1237641326714496 detectado: Trace.TrackingCookie.zedo!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1238023712984304 detectado: Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1238980437601296 detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1238980437602296 detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1239146390372890 detectado: Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1239147872342890 detectado: Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1239442698708126 detectado: Trace.TrackingCookie.humanclick!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1240455252511028 detectado: Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1240770516037114 detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1240771293065114 detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1241233966952902 detectado: Trace.TrackingCookie.link!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1241934551244490 detectado: Trace.TrackingCookie.count!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1241941574166490 detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1242570886119313 detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1242570891916313 detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1242586177308113 detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243141023342100 detectado: Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243465734741696 detectado: Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243465744850696 detectado: Trace.TrackingCookie.humanclick!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243679953401692 detectado: Trace.TrackingCookie.humanclick!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243709008188287 detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243709008189287 detectado: Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1244689747964593 detectado: Trace.TrackingCookie.com!A2

C:\Downloads\eMule\Incoming\Lifehouse-You and Me ( MP3).RAR/[PC GAME MULTILANGUAGE] Free Casino Games Simulation - fino a 500 $ gratis sul primo deposito - up to 500 $ for free on first deposit.exe detectado: Riskware.AdWare.Win32.Casino.d!IK

C:\Downloads\sof\ImTOO DVD Audio Ripper v5.0 With Crack\LMi-Imtoo DVD Audio Ripper 4.exe detectado: Virus.Win32.Oliga!IK

C:\Downloads\sof\PenClean.zip/PenClean.exe detectado: Trojan-Spy.Banker!IK

C:\Program Files\Artech\GeneXus\GeneXusXTrial\GXPublicSetup\GXpublic1.cab/GXPublic.dll82 detectado: Trojan-Dropper.Win32.Hexzone!IK

C:\Program Files\Common Files\Artech\GXpublic 8.0\GXPublic.dll detectado: Trojan-Dropper.Win32.Hexzone!IK

C:\Users\Lucas\AppData\Local\Temp\bt1523.bat detectado: Riskware.Hacktool.Crack.vistaactivation!IK

C:\Users\Lucas\AppData\Local\Temp\HTTP.Analyzer.Full.Edition.V3.3.2.183.rar/keygen.exe detectado: Trojan-Dropper.Agent!IK

C:\Users\Lucas\AppData\Local\{C7518121-88D3-4461-9B22-115194EBB1AB}\offline\7C78CF80\96656151\GXpublic1.cab/GXPublic.dll82 detectado: Trojan-Dropper.Win32.Hexzone!IK

C:\Users\Lucas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\3f5b2f50-258e0710/Inicio.class detectado: Java.Downloader.Agent.D!IK

C:\Users\Lucas\Documents\Aline\MP3\Diversas\Britney Spears - Womanizer.mp3 detectado: Exploit.ASF.GetCodec!IK

C:\Users\Lucas\Documents\Aline\MP3\Diversas\fake number-você vai lembrar.mp3 detectado: Trojan-Downloader.WMA.GetCodec!IK

C:\Users\Lucas\Documents\Lucas\Aplicativo\Rosetta Stone v3.2 - Patch.exe detectado: Riskware.Patch.RosettaStone !IK

C:\Users\Lucas\Downloads\eMule\Incoming\ Lifehouse-You and Me ( MP3).RAR/[PC GAME MULTILANGUAGE] Free Casino Games Simulation - fino a 500 $ gratis sul primo deposito - up to 500 $ for free on first deposit.exe detectado: Riskware.AdWare.Win32.Casino.d!IK

C:\Users\Lucas\Downloads\eMule\Incoming\automation studio 5.6 (multilanguage).rar/eToroSetup.exe detectado: Trojan.Win32.Vundo!IK

 

Analisado

 

Arquivos: 750486

Objetos: 527934

Cookies: 4916

Processos: 50

 

Encontrado

 

Arquivos: 14

Objetos: 7

Cookies: 140

Processos: 0

Chaves do registro: 0

 

Fim da análise: 13/06/2009 12:38:00

Duração da análise: 2:10:01

 

C:\Users\Lucas\Downloads\eMule\Incoming\automation studio 5.6 (multilanguage).rar/eToroSetup.exe Em quarentena Trojan.Win32.Vundo!IK

C:\Users\Lucas\Documents\Lucas\Aplicativo\Rosetta Stone v3.2 - Patch.exe Em quarentena Riskware.Patch.RosettaStone !IK

C:\Users\Lucas\Documents\Aline\MP3\Diversas\fake number-você vai lembrar.mp3 Em quarentena Trojan-Downloader.WMA.GetCodec!IK

C:\Users\Lucas\Documents\Aline\MP3\Diversas\Britney Spears - Womanizer.mp3 Em quarentena Exploit.ASF.GetCodec!IK

C:\Users\Lucas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\3f5b2f50-258e0710/Inicio.class Em quarentena Java.Downloader.Agent.D!IK

C:\Users\Lucas\AppData\Local\Temp\HTTP.Analyzer.Full.Edition.V3.3.2.183.rar/keygen.exe Em quarentena Trojan-Dropper.Agent!IK

C:\Users\Lucas\AppData\Local\Temp\bt1523.bat Em quarentena Riskware.Hacktool.Crack.vistaactivation!IK

C:\Program Files\Artech\GeneXus\GeneXusXTrial\GXPublicSetup\GXpublic1.cab/GXPublic.dll82 Em quarentena Trojan-Dropper.Win32.Hexzone!IK

C:\Program Files\Common Files\Artech\GXpublic 8.0\GXPublic.dll Em quarentena Trojan-Dropper.Win32.Hexzone!IK

C:\Users\Lucas\AppData\Local\{C7518121-88D3-4461-9B22-115194EBB1AB}\offline\7C78CF80\96656151\GXpublic1.cab/GXPublic.dll82 Em quarentena Trojan-Dropper.Win32.Hexzone!IK

C:\Downloads\sof\PenClean.zip/PenClean.exe Em quarentena Trojan-Spy.Banker!IK

C:\Downloads\sof\ImTOO DVD Audio Ripper v5.0 With Crack\LMi-Imtoo DVD Audio Ripper 4.exe Em quarentena Virus.Win32.Oliga!IK

C:\Downloads\eMule\Incoming\Lifehouse-You and Me ( MP3).RAR/[PC GAME MULTILANGUAGE] Free Casino Games Simulation - fino a 500 $ gratis sul primo deposito - up to 500 $ for free on first deposit.exe Em quarentena Riskware.AdWare.Win32.Casino.d!IK

C:\Users\Lucas\Downloads\eMule\Incoming\ Lifehouse-You and Me ( MP3).RAR/[PC GAME MULTILANGUAGE] Free Casino Games Simulation - fino a 500 $ gratis sul primo deposito - up to 500 $ for free on first deposit.exe Em quarentena Riskware.AdWare.Win32.Casino.d!IK

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1241934551244490 Em quarentena Trace.TrackingCookie.count!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1241233966952902 Em quarentena Trace.TrackingCookie.link!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1239442698708126 Em quarentena Trace.TrackingCookie.humanclick!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243465744850696 Em quarentena Trace.TrackingCookie.humanclick!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243679953401692 Em quarentena Trace.TrackingCookie.humanclick!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1238023712984304 Em quarentena Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1239146390372890 Em quarentena Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1239147872342890 Em quarentena Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1240455252511028 Em quarentena Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243141023342100 Em quarentena Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243465734741696 Em quarentena Trace.TrackingCookie.webtrends!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@zedo[2].txt Em quarentena Trace.TrackingCookie.zedo!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@zedo[3].txt Em quarentena Trace.TrackingCookie.zedo!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@zedo[4].txt Em quarentena Trace.TrackingCookie.zedo!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1237641322870496 Em quarentena Trace.TrackingCookie.zedo!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1237641326714496 Em quarentena Trace.TrackingCookie.zedo!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@ww3.shoshkeles[1].txt Em quarentena Trace.TrackingCookie.ww3.shoshkeles!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@windowsmedia[1].txt Em quarentena Trace.TrackingCookie.windowsmedia!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@weborama[2].txt Em quarentena Trace.TrackingCookie.weborama!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@tripod[2].txt Em quarentena Trace.TrackingCookie.tripod!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@tribalfusion[2].txt Em quarentena Trace.TrackingCookie.tribalfusion!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@tribalfusion[3].txt Em quarentena Trace.TrackingCookie.tribalfusion!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@trafficmp[1].txt Em quarentena Trace.TrackingCookie.trafficmp!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@statse.webtrendslive[1].txt Em quarentena Trace.TrackingCookie.statse.webtrendslive!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@statcounter[1].txt Em quarentena Trace.TrackingCookie.statcounter!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@statcounter[2].txt Em quarentena Trace.TrackingCookie.statcounter!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@statcounter[3].txt Em quarentena Trace.TrackingCookie.statcounter!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@statcounter[4].txt Em quarentena Trace.TrackingCookie.statcounter!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@stat.onestat[1].txt Em quarentena Trace.TrackingCookie.stat.onestat!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@stat.onestat[2].txt Em quarentena Trace.TrackingCookie.stat.onestat!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@specificclick[1].txt Em quarentena Trace.TrackingCookie.specificclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@specificclick[2].txt Em quarentena Trace.TrackingCookie.specificclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@specificclick[3].txt Em quarentena Trace.TrackingCookie.specificclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@serving-sys[1].txt Em quarentena Trace.TrackingCookie.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@serving-sys[2].txt Em quarentena Trace.TrackingCookie.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@serving-sys[3].txt Em quarentena Trace.TrackingCookie.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@rubiconproject[1].txt Em quarentena Trace.TrackingCookie.rub!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@rubiconproject[2].txt Em quarentena Trace.TrackingCookie.rub!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@rubiconproject[3].txt Em quarentena Trace.TrackingCookie.rub!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@rubiconproject[4].txt Em quarentena Trace.TrackingCookie.rub!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@revenue[2].txt Em quarentena Trace.TrackingCookie.revenue!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@realmedia[2].txt Em quarentena Trace.TrackingCookie.realmedia!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@questionmarket[2].txt Em quarentena Trace.TrackingCookie.questionmarket!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@questionmarket[3].txt Em quarentena Trace.TrackingCookie.questionmarket!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@pro-market[1].txt Em quarentena Trace.TrackingCookie.pro-market!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@pop.com[1].txt Em quarentena Trace.TrackingCookie.pop!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@oi.com[2].txt Em quarentena Trace.TrackingCookie.oi.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@netdownloads.com[1].txt Em quarentena Trace.TrackingCookie.netdownloads.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media-convert[1].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.adrevolver[1].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.adrevolver[2].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.blogspot[2].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.photobucket[1].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.photobucket[2].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media.realmedia.com[1].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media6degrees[1].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media6degrees[2].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media6degrees[3].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@media6degrees[4].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@mediafire[1].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@mediafire[2].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@mediafire[3].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@mediaplex[2].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@mediaplex[3].txt Em quarentena Trace.TrackingCookie.media!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@ig.com[1].txt Em quarentena Trace.TrackingCookie.ig.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@ig.com[2].txt Em quarentena Trace.TrackingCookie.ig.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@ig.com[3].txt Em quarentena Trace.TrackingCookie.ig.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@hitbox[1].txt Em quarentena Trace.TrackingCookie.hitbox!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[1].txt Em quarentena Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[2].txt Em quarentena Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[3].txt Em quarentena Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[4].txt Em quarentena Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[5].txt Em quarentena Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[6].txt Em quarentena Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@google.com[8].txt Em quarentena Trace.TrackingCookie.google.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@fastclick[1].txt Em quarentena Trace.TrackingCookie.fastclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@fastclick[2].txt Em quarentena Trace.TrackingCookie.fastclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@fastclick[3].txt Em quarentena Trace.TrackingCookie.fastclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@doubleclick[1].txt Em quarentena Trace.TrackingCookie.doubleclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@doubleclick[2].txt Em quarentena Trace.TrackingCookie.doubleclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@doubleclick[3].txt Em quarentena Trace.TrackingCookie.doubleclick!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@com[1].txt Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@com[2].txt Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@com[3].txt Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1238980437601296 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1238980437602296 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1240770516037114 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1240771293065114 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1241941574166490 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1242570886119313 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1242570891916313 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1242586177308113 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243709008188287 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1243709008189287 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\edwyerul.default\cookies.sqlite:1244689747964593 Em quarentena Trace.TrackingCookie.com!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@casalemedia[1].txt Em quarentena Trace.TrackingCookie.casalemedia!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@casalemedia[3].txt Em quarentena Trace.TrackingCookie.casalemedia!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@burstnet[1].txt Em quarentena Trace.TrackingCookie.burstnet!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@burstnet[2].txt Em quarentena Trace.TrackingCookie.burstnet!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@bs.serving-sys[1].txt Em quarentena Trace.TrackingCookie.bs.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@bs.serving-sys[2].txt Em quarentena Trace.TrackingCookie.bs.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@bs.serving-sys[3].txt Em quarentena Trace.TrackingCookie.bs.serving-sys!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@bravenet[1].txt Em quarentena Trace.TrackingCookie.bravenet!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@bluestreak[1].txt Em quarentena Trace.TrackingCookie.bluestreak!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@atdmt[1].txt Em quarentena Trace.TrackingCookie.atdmt!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@atdmt[2].txt Em quarentena Trace.TrackingCookie.atdmt!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@atdmt[3].txt Em quarentena Trace.TrackingCookie.atdmt!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@atdmt[5].txt Em quarentena Trace.TrackingCookie.atdmt!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@angelfire[1].txt Em quarentena Trace.TrackingCookie.angelfire!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[1].txt Em quarentena Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[2].txt Em quarentena Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[3].txt Em quarentena Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[4].txt Em quarentena Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[5].txt Em quarentena Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@advertising[7].txt Em quarentena Trace.TrackingCookie.advertising!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adtech[1].txt Em quarentena Trace.TrackingCookie.adtech!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adtech[2].txt Em quarentena Trace.TrackingCookie.adtech!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver-2.bnetwork.com[1].txt Em quarentena Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver-2.bnetwork.com[2].txt Em quarentena Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver.adreactor[1].txt Em quarentena Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver.dialhost.com[2].txt Em quarentena Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver.dialhost.com[3].txt Em quarentena Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver.internet-arts[2].txt Em quarentena Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adserver.redpillx.com[1].txt Em quarentena Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adservingml[1].txt Em quarentena Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@adservingml[2].txt Em quarentena Trace.TrackingCookie.adserv!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@2o7[1].txt Em quarentena Trace.TrackingCookie.2o7!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@2o7[3].txt Em quarentena Trace.TrackingCookie.2o7!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@2o7[4].txt Em quarentena Trace.TrackingCookie.2o7!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@2o7[5].txt Em quarentena Trace.TrackingCookie.2o7!A2

C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Cookies\lucas@247realmedia[1].txt Em quarentena Trace.TrackingCookie.247realmedia!A2

Value: HKEY_CLASSES_ROOT\CLSID\{61029AF2-FF30-43EC-9012-1F34BA17F0BA}\InprocServer32 --> ThreadingModel Em quarentena Trace.Registry.IMonitorPCPro!A2

Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61029AF2-FF30-43EC-9012-1F34BA17F0BA}\InprocServer32 --> ThreadingModel Em quarentena Trace.Registry.IMonitorPCPro!A2

c:\programdata\microsoft\windows\start menu\programs\bittorrent\bittorrent.lnk Em quarentena Trace.File.Bittorrent 5.0!A2

c:\windows\system32\eselleratecontrol350.dll Em quarentena Trace.File.Instant Access!A2

c:\program files\bittorrent Em quarentena Trace.Directory.Bittorrent 5.0!A2

c:\programdata\microsoft\windows\start menu\programs\bittorrent Em quarentena Trace.Directory.Bittorrent 5.0!A2

c:\program files\common files\artech Em quarentena Trace.Directory.Big Mother!A2

 

Em quarentena

 

Arquivos: 14

Objetos: 7

Cookies: 131

[DigRam 144]

Boa Tarde! scorpio

 

<!> Removi minha mensagem,já que houve êxito na execução de a-squared.

<><><><><><><><><><>

<@> Faça um escaneamento,online,em Eset.

<@> Utilize o navegador Internet Explorer.

<@> Marque a caixa: "SIM,aceito as condições de uso" --> Iniciar.

<@> Marque a caixa: "YES, I accept the Terms of Use" --> Start.

<@> Aceite a instalação do ActiveX e,ao terminar,salve e poste o relatório. ( C:\Arquivos de programas\EsetOnlineScanner\log )

<><><><><><><><><><>

<!> Já este aqui,logo abaixo,será para diagnóstico: Kaspersky Online VirusScanner

<><><><><><><><><><>

<@> Faça um scan online em: < Kaspersky >

<@> Utilize para isso,o navegador Internet Explorer.

 

<!> Acesse o site,e clique em: < >

 

<@> Na próxima página,clique em: I Accept

<@> Isto,para que se instale o controle ActiveX e,em seguida,atualize o banco de dados.

<@> Na próxima página,clique em: My Computer e faça o scan.

<@> Tenha paciência!

<@> Aguarde a atualização da base de dados,e também do exame,que é demorado.

<@> Terminando,salve e poste o relatório.

<@> Clique em Save Report As... para salvar o log. ( Kaspersky_Online_Scanner_7_Report.txt )

<@> Salve o resultado como .txt,segundo a imagem abaixo:

 

 

<@> Poste,também,HijackThis atualizado.

 

Abraços!

[scorpio 7]

--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7.0 REPORT

Sunday, June 14, 2009

Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)

Kaspersky Online Scanner version: 7.0.26.13

Program database last update: Sunday, June 14, 2009 02:20:08

Records in database: 2341574

--------------------------------------------------------------------------------

 

Scan settings:

Scan using the following database: extended

Scan archives: yes

Scan mail databases: yes

 

Scan area - My Computer:

A:\

C:\

D:\

E:\

G:\

 

Scan statistics:

Files scanned: 217418

Threat name: 0

Infected objects: 0

Suspicious objects: 0

Duration of the scan: 02:22:22

 

No malware has been detected. The scan area is clean.

 

The selected area was scanned.

ESETSmartInstaller@High as downloader log:

all ok

# version=6

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.5863

# api_version=3.0.2

# EOSSerial=86492ed7042ee34a88873b6add383044

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2009-06-13 08:32:38

# local_time=2009-06-13 05:32:38 (-0300, Hora oficial do Brasil)

# country="Brazil"

# lang=1046

# osver=6.0.6001 NT Service Pack 1

# compatibility_mode=1797 61 100 100 813986716009

# compatibility_mode=5889 61 66 100 442148381429976

# scanned=216306

# found=2

# cleaned=2

# scan_time=3331

C:\ToolBar SD\Backup-TB\Users\Lucas\AppData\Local\Temp\NERO13364\Toolbar.exe Win32/Toolbar.AskSBar aplicativo (limpo por exclusão - em quarentena) 00000000000000000000000000000000

C:\Users\Lucas\AppData\Local\Temp\NERO1003378\unit_app_75\Toolbar.exe Win32/Toolbar.AskSBar aplicativo (limpo por exclusão - em quarentena) 00000000000000000000000000000000

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 01:24:06, on 14/06/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Users\Lucas\Program Files\DNA\btdna.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\BitTorrent\bittorrent.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - Default URLSearchHook is missing

O1 - Hosts: ::1 localhost

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: IEInspector Browser Helper - {9B43B7B1-BF56-4708-81D2-332D708B0DD9} - C:\PROGRA~1\IEINSP~1\HTTPAN~1\IEINSP~1.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Lucas\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\DreaMule\emule.exe -AutoStart

O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: IE HTTPAnalyzer V4 - {77853997-24DC-40A6-8F45-1AC5039265DF} - C:\PROGRA~1\IEINSP~1\HTTPAN~1\IEHTTP~1.DLL

O9 - Extra 'Tools' menuitem: IE HTTPAnalyzer V4 - {77853997-24DC-40A6-8F45-1AC5039265DF} - C:\PROGRA~1\IEINSP~1\HTTPAN~1\IEHTTP~1.DLL

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)

O13 - Gopher Prefix:

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/...NPUpldpt-br.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: SMTP Server Service (SMTPMainService) - Unknown owner - C:\Program Files\Advanced SMTP Server\SMTPListener.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

 

--

End of file - 5335 bytes

[DigRam 144]

Bom Dia! scorpio

 

<!> Os logs estão limpos! :thumbsup:

°°°°°°°°°°°°°°°°°°°°°°°°°°°

<!> Caso,ainda,receba detecções sobre o malware,procure desinstalar ou atualizar o(s) programa(s) suspeitos. Pacotes de Codecs,resquícios de antivírus,etc...podem ser apontados pelo Avira.

<!> Para reduzir esses falsos positivo,refaça a configuração do Avira.

<!> Temos aqui,um bom Tutorial para sua configuração: < Tutorial do Avira Antivir 9 free > ( ...by Antonio Vieira Sobrinho )

 

Abraços!

[scorpio 7]

Valeu DigRam!

[DigRam 144]

PROBLEMA RESOLVIDO!

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.