Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

FaXP

[Arquivado] &nbspAnalise de Log

Por , em Tópicos Arquivados (Seguranca & Malwares)

Recommended Posts

FaXP    0

FaXP
Postado

:clap: eu sou chataaaaa, vou fazer os procedimentos, + antes, dexa eu fala:

Acho q é spyware, você notou nos logs do SpyDoctor q o programa não conseguiu colocar os arquivos em quarentena??

Hj passei o Anti-Spy.Info + não consegui colocar nada na quarentena nem remover, os arquivos voltam, este é o log:

https://cid-e621203d0f213cb2.office.live.com/self.aspx/.Public/SPYINFO.txt

 

Ele detectou uma dll do AVAST, oculta rodando em DOS, a DLL é snxhk.dll e o texto do arquivo esta abaixo (ACHO Q ESSE PROGRAMA FOI ALTERADO):

https://cid-e621203d0f213cb2.office.live.com/self.aspx/.Public/Arquivo%20oculto%20AVAST%20DOS.txt

 

É coisa que num acaba mais =) mal me sobre tempo pra 1h de academia e tem FDP com tempo de sobra pra monitorar a vida dos outros!!!

 

Achei algumas coisas sobre a configuração remota e deletei todas as pastinhas:

 

C:\WINDOWS\pchealth\helpctr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance

Pasta Common - arquivos common js/ConnIssue.htm/constants.js/icon_information_32x.gif/icon_warning_32x.gif/LearnInternet.htm/

RAHelp.htm/RCMoreInfo.htm

Pasta CSS - arquivos RAChat.css/rc.css/rcbuddy.css

Pasta Escalation - pastas Common/Email/Unsolicited + um monte de coisas dentro delas

Arquivo confirm.htm

Arquivo rcstatus.htm

 

C:\WINDOWS\pchealth\helpctr\System\Remote Assistance

Pasta Common

Pasta CSS

Pasta Interation - subpastas Client/Common/Server

Arquivo ding.wav

Arquivo helpeeaccept.htm

Arquivo RAClientLayout.xml

Arquivo RAHelpeeAcceptLayout.xml

Arquivo RAIMLayout.xml

Arquivo RAStartPage.htm

Arquivo RAURA.xml

Arquivo rcBuddy.htm

 

Passei tambem o Trojan Remover que detectou virus no ActiveX do office: msoshext,dll

 

Os arquivos que utilizo no pc, qdo vou limpar a cpu aparecem como Temporary Internet Files e tbem com a extensão .ink - hj apareceu até um rootkit_found veja em negrito.

E qdo acesso o msn, aparece um monte de linha CHANELL com numeros.

Veja log do CCleaner

 

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\index[1].php 47KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\index[2].php 126KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\input_text[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\laugh[1].gif 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\media[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\motionpack[1].js 3KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\ohmy[1].gif 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\opensearch[1].xml 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\ordered_list[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\outdent[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\page_white_add[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\Rookit_found[1].gif 9KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\seta[1].gif 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\sma8[1].js 5KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\smile[1].gif 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\strike[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\tab_right[1].png 47KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\th_bg[1].png 50KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\topicos[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\topic_button_left_disabled[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\twitter[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\undo[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\user_add[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\user_green[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.IE5\QGCTOI47\user_popup[1].png 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.MSO\E71FCB05.emf 30KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.Word\~WRF{FCF16D48-E465-48BC-B0B9-92F56B011836}.tmp 16KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.Word\~WRS{20389853-07A6-40CE-ABC2-8E48D34B70AF}.tmp 1KB

C:\Documents and Settings\User\Configurações locais\Temporary Internet Files\Content.Word\~WRS{FAC2F2BC-4C99-4FE5-AC4B-74A1A6E9C377}.tmp 0KB

C:\Documents and Settings\User\Recent\ACAO_AQA16out.doc.lnk 1KB

C:\Documents and Settings\User\Recent\Adriano_PRAIA04nov.doc.lnk 1KB

C:\Documents and Settings\User\Recent\Contratos & Orçamentos.lnk 1KB

C:\Documents and Settings\User\Recent\forum.txt.lnk 1KB

C:\Documents and Settings\User\Recent\Startup Programs (USER-C28884A354) 2011-01-19 12.48.29.txt.lnk 1KB

 

Rodei tambem o AVZ, OTL, depois que rodei esses, meu msn instalou novamente e perdiu todos os emoticons que tinha salvos.

Veja os logs, num sei se depois o que foi removido voltou pro sistema, achei estranho esse primeiro log ter upado com esse nome no final: ccsf=1#sn_ccCommentCtrl_anch

 

https://cid-e621203d0f213cb2.office.live.com/self.aspx/.Public/logOTL.Txt?ccsf=1#sn_ccCommentCtrl_anch

 

https://cid-e621203d0f213cb2.office.live.com/self.aspx/.Public/ExtrasOTL.Txt

 

https://cid-e621203d0f213cb2.office.live.com/self.aspx/.Public/avz%5E_log.log

 

Olha o tamanho do log que gerou preu poder upar esses 3 arquivos acima:

 

https://cid-e621203d0f213cb2.office.live.com/self.aspx/.Public/CCLEANER.txt

 

Lotado de ADSADCLIENT/COMMENT CONTROL/BROWSE POST/ EMPITY / FAVICON/ MICROSOFT.LIVE.CORE.CHANNEL[].js

 

:( desanimei agora, pior que acho q vem da rede pq formatei em novembro essa maquina;

amanhã posto os logs q você solicitou.

Um abraço

Compartilhar este post

Link para o post
Compartilhar em outros sites

Renato Utsch    24

Renato Utsch
Postado

Olá!

 

Por favor, cole os logs no tópico.

 

A maioria dos programas que você postou que rodou aí, como o OTL, não fazem nada. Só coletam informações do seu PC.

 

 

Estou no aguardo dos logs.

 

Abraços.

Compartilhar este post

Link para o post
Compartilhar em outros sites

FaXP    0

FaXP
Postado

:ermm: Vamos aos fatos: não consigo baixar nenhum daqueles programas, internet lenta, cai. A primeira fica fazendo update o dia inteiro e as outras não conseguem chegar até o fim do download, qdo coloco pra salvar no DEsktop, entra em C: documents settings user. Mouse num funciona direito, estou demorando horrores pra digitar, sai letrinha por letrinha e demora seculos pra aparecer uma frase inteira. Cursor some. Demora pra abrir a pagina do internet explorer

Ai apareceu esse monte de acesso qdo tentava baixar os arquivos:

http://r1rk9np7bpcsfoeekl0khkd2juj27q3o-a-fc-opensocial.googleusercontent.com/gadgets/ifr?url=http://www.google.com/friendconnect/gadgets/members.xml&container=peoplesense&parent=http://freedownloads2000.blogspot.com/&mid=0&view=profile&libs=google.blog&d=0.555.7〈=pt&country=BR&communityId=02774032710931383163&caller=http://freedownloads2000.blogspot.com/2010/05/f-secure-easy-clean-10-build-14351.html

http://1.bp.blogspot.com/_CqAiOUviMh0/Sz5dVGDQraI/AAAAAAAACDs/r2_Ja__clo8/s320/cureit2.jpg

http://clients1.google.com.br/complete/search?hl=pt-BR&client=hp&q=http%3A%2F%2F1.bp.blogspot.com%2F_CqAiOUviMh0%2FSz5dVGDQraI%2F&cp=50

http://storage.conduit.com/44/256/CT2569344/Images/634075445537327500.png

http://storage.conduit.com/38/264/CT2645238/BrowserFiles/df949936-2850-4e26-af65-c14d91c5c48b.html

http://api.conduit.com/BrowserCompApi.js

http://ads.abril.com.br/RealMedia/ads/adstream_mjx.ads/redeabril/imasters/1847465621@Top,Right1

http://urls.api.twitter.com/1/urls/count.json?url=http%3A%2F%2Fwww.caixadedicas.com%2F2010%2F08%2Ftutorial-do-f-secure-easy-clean.html&callback=twttr.receiveCount

http://urls.api.twitter.com/1/urls/count.json?url=http%3A%2F%2Fwww.caixadedicas.com%2F2009%2F05%2Ftutorial-do-dr-web-cureit.html&callback=twttr.receiveCount

http://www.google.com/friendconnect/script/friendconnect.js

http://www.google.com.br/logos/2011/jobim11-hp.jpg

http://platform0.twitter.com/widgets/tweet_button.html?_=1295981222984&count=horizontal〈=en&text=Caixa%20de%20Dicas%3A%20Tutorial%20do%20F-Secure%20Easy%20Clean&url=http%3A%2F%2Fwww.caixadedicas.com%2F2010%2F08%2Ftutorial-do-f-secure-easy-clean.html&via=caixadedicas

http://platform0.twitter.com/widgets/tweet_button.html?_=1295982282140&count=horizontal〈=en&text=Caixa%20de%20Dicas%3A%20Tutorial%20do%20Dr.%20Web%20CureIt&url=http%3A%2F%2Fwww.caixadedicas.com%2F2009%2F05%2Ftutorial-do-dr-web-cureit.html&via=caixadedicas

http://www.google.com/friendconnect/profile/picture/32/dEHM0zrHm7nyJa0jh0amaTLwt3bND8ObnaEFmo25CwPMWuC092oFPd9VP4u5WBkyIJaOYSTPPprW48BDzSjIvCcO6eMDQxWdOGOEa7VNP54evASw5AVTIQHLF6oBffCSRql__-mk0sDfRxsYlBZ-Emy3CiO9oeXjPGldZGwjscP0kp4cmpGB3SrqCuu4y3IvDclc0XF4s3NE0oN_IssUR4kjwVdHC9DuPKGKsCjlbg9wXdTVOOnccwS6XbLk_sInGwWd7iUHSgY

http://www.google.com/friendconnect/profile/picture/32/otd5PY7tQ8smoXQLY2mYORIrfWQEGgbEq3opNCQp5DJCoY7i359HMtxaohwDVE-im58jn_EFNVQtc9VgZDumu87e9ryNTScvzqlayeoTia_q_VaqNpCazegLly6gvXL7

http://img.photobucket.com/albums/v666/sUBs/Rookit_found.gif

http://adserver.ig.com.br/RealMedia/ads/adstream_mjx.ads/www.superdownloads.com.br/utilitarios/1811210144@x15,Top2?

http://4.bp.blogspot.com/_CqAiOUviMh0/Sz--2lGoDjI/AAAAAAAACGc/JnLAK9CQjdg/s320/cureit17.jpg

http://1.bp.blogspot.com/_CqAiOUviMh0/TFXktV4MT3I/AAAAAAAAEXA/0iDsHVxpRLs/s400/f-secure+easy+clean+1.jpg

 

Lembrando q naum tenho Orkut/Facebook/Twiter - portanto não acesso nada disso.

São centenas desses acessos de bp.blogspot com tudo qto é numero. Não vou colocar todos aki.

 

Bom ai fui dar uma olhada no msconfig, la em serviços tem o bixo + não consigo achar para deletar:

Net. runtime Optimization service v2.0

ASP.net

CZFGHRKVIXDY

DUMUELYW

LCSIMBZ

Seaport

UHGCIOBTIT

True Vector Internet Monitor

WBRMDSY

WJVXCKOH

WWHF

Windows presentation fundation font cache

Java Quick starter

 

Resolvi instalar o ZoneAlarm, pq era muito acesso, concorda?

Apareceu esse log de aviso aos usuários do meu computador:

"C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=en&browserType=IE&toolbarVersion=5_7_4_0.xml"

E mais esse log ZLCommDB.xml:

https://cid-e621203d0f213cb2.office.live.com/self.aspx/.Public/Atalho%20para%20ZLCommDB.xml.lnk

Como se naum bastasse apareceu uma pastinha com o nome de Internet Logs contendo backups

e esse relatório abaixo de nome fwpktlog.txt

15625 LogFileCreated

27468 Packet DROPPED: Proto: IP_UDP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 200.204. 0.10 SrcPort: 57186 DstPort: 53

27671 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 67.228.77.19 SrcPort: 1026 DstPort: 80

248109 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.229.49 SrcPort: 1037 DstPort: 80

997078 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 63.69.72.171 SrcPort: 1138 DstPort: 80

997640 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 63.69.72.171 SrcPort: 1138 DstPort: 80

997765 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.87.209.52 SrcPort: 1139 DstPort: 80

999390 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 63.69.72.171 SrcPort: 1138 DstPort: 80

1194062 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55. 7.11 SrcPort: 1143 DstPort: 80

1194750 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.165.169 SrcPort: 1145 DstPort: 443

3541921 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.165.139 SrcPort: 1437 DstPort: 80

3542468 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.64.254 SrcPort: 1441 DstPort: 1863

3542484 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.165.139 SrcPort: 1440 DstPort: 443

3563265 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

3563296 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.46.28.81 SrcPort: 1443 DstPort: 80

3592203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.116.183 SrcPort: 1466 DstPort: 80

3592203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1458 DstPort: 80

3592218 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1463 DstPort: 80

3592234 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 216.246.66.25 SrcPort: 1461 DstPort: 80

3592250 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1464 DstPort: 80

3592265 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 216.246.66.43 SrcPort: 1460 DstPort: 80

3592265 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1452 DstPort: 80

3592312 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.203 SrcPort: 1465 DstPort: 1863

3592515 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

3593125 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.192.10 SrcPort: 1469 DstPort: 80

3593156 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1464 DstPort: 80

3593203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.203 SrcPort: 1465 DstPort: 1863

3593296 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1463 DstPort: 80

3593328 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.239.188 SrcPort: 1470 DstPort: 80

3593765 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

3601484 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 187.11.171.59 SrcPort: 1468 DstPort: 52888

3601593 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.192.10 SrcPort: 1469 DstPort: 80

3602312 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.203 SrcPort: 1465 DstPort: 1863

3604953 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.191.43 SrcPort: 1476 DstPort: 80

3605218 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.191.43 SrcPort: 1476 DstPort: 80

3605281 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.46.113.78 SrcPort: 1481 DstPort: 443

3605531 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

3612687 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 187.11.171.59 SrcPort: 1468 DstPort: 52888

3842906 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.168 SrcPort: 1640 DstPort: 443

3855140 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

3904578 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.203 SrcPort: 1465 DstPort: 1863

4317406 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

4670187 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

4775515 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.188. 5.189 SrcPort: 1786 DstPort: 80

4775515 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.188. 5.189 SrcPort: 1785 DstPort: 80

4788765 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

4788906 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

4788937 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.188.20.150 SrcPort: 1827 DstPort: 80

4789000 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.188.20.151 SrcPort: 1830 DstPort: 80

4789250 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.188.20.151 SrcPort: 1830 DstPort: 80

4789968 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.229.60 SrcPort: 1803 DstPort: 80

4790187 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.229.60 SrcPort: 1803 DstPort: 80

4790281 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 200.154.56.76 SrcPort: 1831 DstPort: 80

4790609 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.229.60 SrcPort: 1803 DstPort: 80

4801859 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

4833250 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

5559125 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

6396578 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 64. 4.44.72 SrcPort: 2108 DstPort: 1863

6406328 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

6421421 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7197265 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7211015 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 64. 4.44.72 SrcPort: 2108 DstPort: 1863

7213687 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7315609 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7318750 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7374984 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7379359 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7622687 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7631828 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7745250 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7745578 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7758687 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7806234 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

8110218 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2498 DstPort: 443

8110578 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.157 SrcPort: 2505 DstPort: 443

8110578 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.157 SrcPort: 2507 DstPort: 443

8111015 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

8111375 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2506 DstPort: 443

8111843 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 173.223.120.124 SrcPort: 2509 DstPort: 443

8112765 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2498 DstPort: 443

8113921 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

8118671 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.206. 9 SrcPort: 2510 DstPort: 443

8317640 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 201.34.200.38 SrcPort: 2109 DstPort: 53081

8348031 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 64. 4.61.114 SrcPort: 2536 DstPort: 1863

8348187 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2543 DstPort: 443

8349156 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 173.223.120.124 SrcPort: 2548 DstPort: 443

8350218 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2537 DstPort: 443

8352406 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 173.223.120.124 SrcPort: 2548 DstPort: 443

8352484 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.157 SrcPort: 2549 DstPort: 443

8352562 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 64. 4.61.114 SrcPort: 2536 DstPort: 1863

8354781 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.206. 9 SrcPort: 2547 DstPort: 443

8355609 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.157 SrcPort: 2550 DstPort: 443

8355843 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

8362203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2543 DstPort: 443

8362703 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2537 DstPort: 443

8367125 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

9005046 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.46.118.183 SrcPort: 2827 DstPort: 443

9008000 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

9042734 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

9165015 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 64. 4.61.114 SrcPort: 2536 DstPort: 1863

9797359 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

9801390 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.229.60 SrcPort: 3118 DstPort: 80

9801515 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

9802531 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 204. 8.50.56 SrcPort: 3180 DstPort: 80

9802703 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 204. 8.50.56 SrcPort: 3126 DstPort: 80

9806312 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 200.225.157.78 SrcPort: 3138 DstPort: 80

9807031 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.157.100 SrcPort: 3140 DstPort: 80

9807437 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.157.100 SrcPort: 3142 DstPort: 80

9809671 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.49.154 SrcPort: 3159 DstPort: 1863

9829734 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

10017062 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10017343 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10018000 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10018046 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10018328 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10019093 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10019109 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10019453 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 82.80.204.63 SrcPort: 3383 DstPort: 80

10032375 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10032562 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10033265 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10051640 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

10073203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

10111562 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.49.154 SrcPort: 3159 DstPort: 1863

10119500 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10119515 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10119546 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10119562 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10119625 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10120031 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10120078 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10121203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

10127250 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 174.122.209.62 SrcPort: 3390 DstPort: 995

10134718 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

10794984 Packet DROPPED: Proto: IP_TCP Flags: 0x0000000a Src: 189. 5.243.200 Dest: 192.168. 0.73 SrcPort: 61909 DstPort: 1462

11206593 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

11206687 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11214046 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

11256968 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11257000 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11257171 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11257187 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11257218 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11266781 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11266781 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11266796 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11272828 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11277000 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

11293968 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

11859531 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11859546 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11859562 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11859671 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11860375 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11861156 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

11898671 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

 

Minha pasta C:\Documents and Settings\User está com uma conta desconhecida (S-1-5-21-3129368720-825620007-347229212-1000) que qdo tento remover, trava o Desktop e desaparecem os programas.

 

Consegui baixar o Rootik Revealer, a ferramenta roda e trava, gerou um log que sumiu da pasta meus documentos e qdo achei, ele estava em branco. Ai printei a tela:

 

https://cid-e621203d0f213cb2.office.live.com/self.aspx/.Public/Root.JPG

Dá erro nas pastas Search Enhancement Pack 16 (não achei essa pasta)

PChealt ERRORREP\QSignoff (16)

Assembly\GAC_MSIL|IEExecRemote\2.0.0.0 (tbem num acehi isso)

 

Apareceu uma conexão com a internet em Redes com 5 pessoas conetcadas sendo as portas TCP 80/8119/8236/9297/22469

 

Tbem apareceram pastas do Internet Explorer \ REcovery\ active e last.

 

+ estas aki de monte C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Microsoft\Internet Explorer\DOMStore\14QVQYAL que tem esse conteudo:

- <root>

<item name="VER@Messenger2.StatusGroup" value=""4.2.0.0"" ltime="221825920" htime="30129355" />

<item name="SGAD@Messenger2.StatusGroup" value="["live.com"]" ltime="227135920" htime="30129355" />

<item name="domain3566950018_user_4880558094_id0@Messenger2.INST" value=""domain3566950018;0;Tue, 25 Jan 2011 20:48:01 UTC;2;;_user_4880558094"" ltime="710152144" htime="30129361" />

<item name="domain3566950018_user_4880558094_id0_key193462716@Messenger2.StatusGroup" value="1295988480281" ltime="708272144" htime="30129361" />

<item name="domain3566950018_user3928086972_id0@Messenger2.INST" value=""domain3566950018;0;Tue, 25 Jan 2011 20:51:14 UTC;2;_10436273396;_user3928086972"" ltime="2617182144" htime="30129361" />

<item name="domain3566950018_user3928086972_id0_key193462716@Messenger2.StatusGroup" value="1295988656468" ltime="2476242144" htime="30129361" />

</root>

 

Passei o avast que não detectou nada. Desinstalei o ZoneAlarm pq parece que a coisa piorou.

 

:( Quequeu faço???

 

Voltando aos bixinhos...olhe o que observei qdo isntalo um progama de antivirus, naum sei se ajuda:

Assim que é instalado ele aparece no registro como uninstall e modificado ModifyPath MsiExec.exe e no programa aparece como Core onde tem um exe de nome Core.msi, ai aparecem esses arquivos:

ztvcabinet.dll

wrID.dll

ztvunrar.dll

unisns000.mso (item Outlook)

ssleay.32.dll

microsoft.VC80CRT.manifest

msvcp.80.dll C++ runtime Library

Compartilhar este post

Link para o post
Compartilhar em outros sites

FaXP    0

FaXP
Postado

:ermm: Vamos aos fatos: não consigo baixar nenhum daqueles programas, internet lenta, cai. A primeira fica fazendo update o dia inteiro e as outras não conseguem chegar até o fim do download, qdo coloco pra salvar no DEsktop, entra em C: documents settings user. Mouse num funciona direito, estou demorando horrores pra digitar, sai letrinha por letrinha e demora seculos pra aparecer uma frase inteira. Cursor some. Demora pra abrir a pagina do internet explorer

Ai apareceu esse monte de acesso qdo tentava baixar os arquivos:

http://r1rk9np7bpcsfoeekl0khkd2juj27q3o-a-fc-opensocial.googleusercontent.com/gadgets/ifr?url=http://www.google.com/friendconnect/gadgets/members.xml&container=peoplesense&parent=http://freedownloads2000.blogspot.com/&mid=0&view=profile&libs=google.blog&d=0.555.7〈=pt&country=BR&communityId=02774032710931383163&caller=http://freedownloads2000.blogspot.com/2010/05/f-secure-easy-clean-10-build-14351.html

http://1.bp.blogspot.com/_CqAiOUviMh0/Sz5dVGDQraI/AAAAAAAACDs/r2_Ja__clo8/s320/cureit2.jpg

http://clients1.google.com.br/complete/search?hl=pt-BR&client=hp&q=http%3A%2F%2F1.bp.blogspot.com%2F_CqAiOUviMh0%2FSz5dVGDQraI%2F&cp=50

http://storage.conduit.com/44/256/CT2569344/Images/634075445537327500.png

http://storage.conduit.com/38/264/CT2645238/BrowserFiles/df949936-2850-4e26-af65-c14d91c5c48b.html

http://api.conduit.com/BrowserCompApi.js

http://ads.abril.com.br/RealMedia/ads/adstream_mjx.ads/redeabril/imasters/1847465621@Top,Right1

http://urls.api.twitter.com/1/urls/count.json?url=http%3A%2F%2Fwww.caixadedicas.com%2F2010%2F08%2Ftutorial-do-f-secure-easy-clean.html&callback=twttr.receiveCount

http://urls.api.twitter.com/1/urls/count.json?url=http%3A%2F%2Fwww.caixadedicas.com%2F2009%2F05%2Ftutorial-do-dr-web-cureit.html&callback=twttr.receiveCount

http://www.google.com/friendconnect/script/friendconnect.js

http://www.google.com.br/logos/2011/jobim11-hp.jpg

http://platform0.twitter.com/widgets/tweet_button.html?_=1295981222984&count=horizontal〈=en&text=Caixa%20de%20Dicas%3A%20Tutorial%20do%20F-Secure%20Easy%20Clean&url=http%3A%2F%2Fwww.caixadedicas.com%2F2010%2F08%2Ftutorial-do-f-secure-easy-clean.html&via=caixadedicas

http://platform0.twitter.com/widgets/tweet_button.html?_=1295982282140&count=horizontal〈=en&text=Caixa%20de%20Dicas%3A%20Tutorial%20do%20Dr.%20Web%20CureIt&url=http%3A%2F%2Fwww.caixadedicas.com%2F2009%2F05%2Ftutorial-do-dr-web-cureit.html&via=caixadedicas

http://www.google.com/friendconnect/profile/picture/32/dEHM0zrHm7nyJa0jh0amaTLwt3bND8ObnaEFmo25CwPMWuC092oFPd9VP4u5WBkyIJaOYSTPPprW48BDzSjIvCcO6eMDQxWdOGOEa7VNP54evASw5AVTIQHLF6oBffCSRql__-mk0sDfRxsYlBZ-Emy3CiO9oeXjPGldZGwjscP0kp4cmpGB3SrqCuu4y3IvDclc0XF4s3NE0oN_IssUR4kjwVdHC9DuPKGKsCjlbg9wXdTVOOnccwS6XbLk_sInGwWd7iUHSgY

http://www.google.com/friendconnect/profile/picture/32/otd5PY7tQ8smoXQLY2mYORIrfWQEGgbEq3opNCQp5DJCoY7i359HMtxaohwDVE-im58jn_EFNVQtc9VgZDumu87e9ryNTScvzqlayeoTia_q_VaqNpCazegLly6gvXL7

http://img.photobucket.com/albums/v666/sUBs/Rookit_found.gif

http://adserver.ig.com.br/RealMedia/ads/adstream_mjx.ads/www.superdownloads.com.br/utilitarios/1811210144@x15,Top2?

http://4.bp.blogspot.com/_CqAiOUviMh0/Sz--2lGoDjI/AAAAAAAACGc/JnLAK9CQjdg/s320/cureit17.jpg

http://1.bp.blogspot.com/_CqAiOUviMh0/TFXktV4MT3I/AAAAAAAAEXA/0iDsHVxpRLs/s400/f-secure+easy+clean+1.jpg

 

Lembrando q naum tenho Orkut/Facebook/Twiter - portanto não acesso nada disso.

São centenas desses acessos de bp.blogspot com tudo qto é numero. Não vou colocar todos aki.

 

Bom ai fui dar uma olhada no msconfig, la em serviços tem o bixo + não consigo achar para deletar:

Net. runtime Optimization service v2.0

ASP.net

CZFGHRKVIXDY

DUMUELYW

LCSIMBZ

Seaport

UHGCIOBTIT

True Vector Internet Monitor

WBRMDSY

WJVXCKOH

WWHF

Windows presentation fundation font cache

Java Quick starter

 

Resolvi instalar o ZoneAlarm, pq era muito acesso, concorda?

Apareceu esse log de aviso aos usuários do meu computador:

"C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=en&browserType=IE&toolbarVersion=5_7_4_0.xml"

E mais esse log ZLCommDB.xml:

https://cid-e621203d0f213cb2.office.live.com/self.aspx/.Public/Atalho%20para%20ZLCommDB.xml.lnk

Como se naum bastasse apareceu uma pastinha com o nome de Internet Logs contendo backups

e esse relatório abaixo de nome fwpktlog.txt

15625 LogFileCreated

27468 Packet DROPPED: Proto: IP_UDP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 200.204. 0.10 SrcPort: 57186 DstPort: 53

27671 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 67.228.77.19 SrcPort: 1026 DstPort: 80

248109 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.229.49 SrcPort: 1037 DstPort: 80

997078 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 63.69.72.171 SrcPort: 1138 DstPort: 80

997640 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 63.69.72.171 SrcPort: 1138 DstPort: 80

997765 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.87.209.52 SrcPort: 1139 DstPort: 80

999390 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 63.69.72.171 SrcPort: 1138 DstPort: 80

1194062 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55. 7.11 SrcPort: 1143 DstPort: 80

1194750 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.165.169 SrcPort: 1145 DstPort: 443

3541921 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.165.139 SrcPort: 1437 DstPort: 80

3542468 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.64.254 SrcPort: 1441 DstPort: 1863

3542484 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.165.139 SrcPort: 1440 DstPort: 443

3563265 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

3563296 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.46.28.81 SrcPort: 1443 DstPort: 80

3592203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.116.183 SrcPort: 1466 DstPort: 80

3592203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1458 DstPort: 80

3592218 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1463 DstPort: 80

3592234 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 216.246.66.25 SrcPort: 1461 DstPort: 80

3592250 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1464 DstPort: 80

3592265 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 216.246.66.43 SrcPort: 1460 DstPort: 80

3592265 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1452 DstPort: 80

3592312 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.203 SrcPort: 1465 DstPort: 1863

3592515 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

3593125 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.192.10 SrcPort: 1469 DstPort: 80

3593156 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1464 DstPort: 80

3593203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.203 SrcPort: 1465 DstPort: 1863

3593296 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.133 SrcPort: 1463 DstPort: 80

3593328 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.239.188 SrcPort: 1470 DstPort: 80

3593765 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

3601484 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 187.11.171.59 SrcPort: 1468 DstPort: 52888

3601593 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.192.10 SrcPort: 1469 DstPort: 80

3602312 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.203 SrcPort: 1465 DstPort: 1863

3604953 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.191.43 SrcPort: 1476 DstPort: 80

3605218 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.191.43 SrcPort: 1476 DstPort: 80

3605281 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.46.113.78 SrcPort: 1481 DstPort: 443

3605531 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

3612687 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 187.11.171.59 SrcPort: 1468 DstPort: 52888

3842906 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.168 SrcPort: 1640 DstPort: 443

3855140 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

3904578 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.203 SrcPort: 1465 DstPort: 1863

4317406 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

4670187 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

4775515 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.188. 5.189 SrcPort: 1786 DstPort: 80

4775515 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.188. 5.189 SrcPort: 1785 DstPort: 80

4788765 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

4788906 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

4788937 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.188.20.150 SrcPort: 1827 DstPort: 80

4789000 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.188.20.151 SrcPort: 1830 DstPort: 80

4789250 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.188.20.151 SrcPort: 1830 DstPort: 80

4789968 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.229.60 SrcPort: 1803 DstPort: 80

4790187 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.229.60 SrcPort: 1803 DstPort: 80

4790281 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 200.154.56.76 SrcPort: 1831 DstPort: 80

4790609 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.229.60 SrcPort: 1803 DstPort: 80

4801859 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

4833250 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

5559125 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

6396578 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 64. 4.44.72 SrcPort: 2108 DstPort: 1863

6406328 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

6421421 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7197265 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7211015 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 64. 4.44.72 SrcPort: 2108 DstPort: 1863

7213687 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7315609 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7318750 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7374984 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7379359 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7622687 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7631828 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7745250 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7745578 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

7758687 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

7806234 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

8110218 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2498 DstPort: 443

8110578 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.157 SrcPort: 2505 DstPort: 443

8110578 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.157 SrcPort: 2507 DstPort: 443

8111015 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

8111375 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2506 DstPort: 443

8111843 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 173.223.120.124 SrcPort: 2509 DstPort: 443

8112765 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2498 DstPort: 443

8113921 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

8118671 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.206. 9 SrcPort: 2510 DstPort: 443

8317640 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 201.34.200.38 SrcPort: 2109 DstPort: 53081

8348031 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 64. 4.61.114 SrcPort: 2536 DstPort: 1863

8348187 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2543 DstPort: 443

8349156 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 173.223.120.124 SrcPort: 2548 DstPort: 443

8350218 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2537 DstPort: 443

8352406 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 173.223.120.124 SrcPort: 2548 DstPort: 443

8352484 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.157 SrcPort: 2549 DstPort: 443

8352562 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 64. 4.61.114 SrcPort: 2536 DstPort: 1863

8354781 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.206. 9 SrcPort: 2547 DstPort: 443

8355609 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.85.157 SrcPort: 2550 DstPort: 443

8355843 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.50.179 SrcPort: 2054 DstPort: 443

8362203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2543 DstPort: 443

8362703 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.33.167 SrcPort: 2537 DstPort: 443

8367125 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

9005046 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 207.46.118.183 SrcPort: 2827 DstPort: 443

9008000 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

9042734 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

9165015 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 64. 4.61.114 SrcPort: 2536 DstPort: 1863

9797359 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

9801390 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.229.60 SrcPort: 3118 DstPort: 80

9801515 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

9802531 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 204. 8.50.56 SrcPort: 3180 DstPort: 80

9802703 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 204. 8.50.56 SrcPort: 3126 DstPort: 80

9806312 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 200.225.157.78 SrcPort: 3138 DstPort: 80

9807031 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.157.100 SrcPort: 3140 DstPort: 80

9807437 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 74.125.157.100 SrcPort: 3142 DstPort: 80

9809671 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.49.154 SrcPort: 3159 DstPort: 1863

9829734 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

10017062 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10017343 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10018000 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10018046 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10018328 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10019093 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10019109 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10019453 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 82.80.204.63 SrcPort: 3383 DstPort: 80

10032375 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10032562 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10033265 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10051640 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

10073203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

10111562 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.49.154 SrcPort: 3159 DstPort: 1863

10119500 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10119515 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10119546 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10119562 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10119625 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10120031 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10120078 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 209.170.118.32 SrcPort: 3191 DstPort: 80

10121203 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

10127250 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 174.122.209.62 SrcPort: 3390 DstPort: 995

10134718 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

10794984 Packet DROPPED: Proto: IP_TCP Flags: 0x0000000a Src: 189. 5.243.200 Dest: 192.168. 0.73 SrcPort: 61909 DstPort: 1462

11206593 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

11206687 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11214046 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

11256968 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11257000 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11257171 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11257187 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11257218 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11266781 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11266781 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11266796 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11272828 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11277000 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

11293968 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

11859531 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11859546 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11859562 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11859671 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11860375 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 192.221.114.253 SrcPort: 3546 DstPort: 80

11861156 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.54.48.39 SrcPort: 1442 DstPort: 1863

11898671 Packet DROPPED: Proto: IP_TCP Flags: 0x00000005 Src: 192.168. 0.73 Dest: 65.55.71.78 SrcPort: 2818 DstPort: 443

 

Minha pasta C:\Documents and Settings\User está com uma conta desconhecida (S-1-5-21-3129368720-825620007-347229212-1000) que qdo tento remover, trava o Desktop e desaparecem os programas.

 

Consegui baixar o Rootik Revealer, a ferramenta roda e trava, gerou um log que sumiu da pasta meus documentos e qdo achei, ele estava em branco. Ai printei a tela:

 

https://cid-e621203d0f213cb2.office.live.com/self.aspx/.Public/Root.JPG

Dá erro nas pastas Search Enhancement Pack 16 (não achei essa pasta)

PChealt ERRORREP\QSignoff (16)

Assembly\GAC_MSIL|IEExecRemote\2.0.0.0 (tbem num acehi isso)

 

Apareceu uma conexão com a internet em Redes com 5 pessoas conetcadas sendo as portas TCP 80/8119/8236/9297/22469

 

Tbem apareceram pastas do Internet Explorer \ REcovery\ active e last.

 

+ estas aki de monte C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Microsoft\Internet Explorer\DOMStore\14QVQYAL que tem esse conteudo:

- <root>

<item name="VER@Messenger2.StatusGroup" value=""4.2.0.0"" ltime="221825920" htime="30129355" />

<item name="SGAD@Messenger2.StatusGroup" value="["live.com"]" ltime="227135920" htime="30129355" />

<item name="domain3566950018_user_4880558094_id0@Messenger2.INST" value=""domain3566950018;0;Tue, 25 Jan 2011 20:48:01 UTC;2;;_user_4880558094"" ltime="710152144" htime="30129361" />

<item name="domain3566950018_user_4880558094_id0_key193462716@Messenger2.StatusGroup" value="1295988480281" ltime="708272144" htime="30129361" />

<item name="domain3566950018_user3928086972_id0@Messenger2.INST" value=""domain3566950018;0;Tue, 25 Jan 2011 20:51:14 UTC;2;_10436273396;_user3928086972"" ltime="2617182144" htime="30129361" />

<item name="domain3566950018_user3928086972_id0_key193462716@Messenger2.StatusGroup" value="1295988656468" ltime="2476242144" htime="30129361" />

</root>

 

Passei o avast que não detectou nada. Desinstalei o ZoneAlarm pq parece que a coisa piorou.

 

Abri meu post de resposta novamente, hj é 28/01 - fiquei sem internet, meus ícones da barra de ferramenta sumiram, não consigo acessar o msconfig, as pastas conduit lança alerta qdo instalo algo:

C:\Documents and Settings\User\Configurações locais\Dados de aplicativos\Conduit\Community Alerts\Feeds

 

- <rss version="2.0">

- <channel>

<title>ZoneAlarm Security Notifications</title>

- <image>

<url>http://alert.storage.conduit.com/22/103/1037922/Images/634106124426036250.png</url>

</image>

</channel>

</rss>

Não consigo baixar as atualizações de segurança do windows, gera falha. Abri serviços e aquele monte de letrinhas tava listado la, como desabilitados, fui abrindo serviço por serviço e na configuração constava usuário atiuco, desabilitei todos e minha internet voltou + ainda não acesso certas pastas e msconfig.

Os programas que você me passou para instalar não consegui mesmo. O Fsecure aparece na barra de ferramentas qdo abra + fica transparente a tela, parece q abre em 2o. plano, não consigo acessar.

O Norton continua fazendo o update e num abre nunca pra Scan. Dr.Curelt nem pensar, abre o programa e trava todo o sistema. Pior q não consigo rodar essas ferramentas em modo seguro pq elas precisam da internet pra baixar e atualizar programa antes de scanear.

 

Assim que reiniciei a cp fui para arquivos e me deparo com várias pastas sugindo com numeros e depois desaparecendo.

Esta é uma delas - C:\705eae007907b4e9f1

Pasta contendo alguns programas + Hotfixinstaler.

Estão localizadas em:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Patches\28C9EA2BB7CD1463FB8C7872C5F46370\SourceList\Net

São centenas de chaves como essa.

 

<?xml version="1.0" encoding="utf-8" ?>

- <HotIron xmlns="http://schemas.microsoft.com/HotIron/2007/01/hi" xmlns:hi="http://schemas.microsoft.com/HotIron/2007/01/hi">

- <Patches>

<Patch Name="NDP20SP2-KB2418241.msp" OnSubFailureAction="Rollback" TargetArchitecture="Any" />

<Patch Name="NDP20SP2-KB980773.msp" OnSubFailureAction="Rollback" TargetArchitecture="Any" Removable="no" UseToDetermineApplicability="no" />

</Patches>

- <UI Name="Microsoft .NET Framework 2.0-KB2418241">

- <LocalizedResources CaptionTextIDS="10" Icon="header.bmp" Watermark="watermark.bmp">

<Resource LangId="1025" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1028" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1029" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1030" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1031" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1032" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1033" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1035" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1036" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1037" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1038" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1040" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1041" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1042" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1043" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1044" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1045" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1046" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1049" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1053" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="1055" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="2052" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="2070" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="3076" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

<Resource LangId="3082" ResourceDll="HotFixInstallerUI.dll" EulaFile="eula.rtf" />

</LocalizedResources>

<WelcomeInfo WelcomeTextIDS="100" WelcomeProductsFoundIDS="101" WelcomeNoInstalledProductsIDS="102" />

<EulaInfo AcceptEulaTextIDS="200" TitleIDS="201" SubTitleIDS="202" PrintTextIDS="203" SaveAsTextIDS="204" />

<ProgressInfo ProgressTextIDS="300" TitleIDS="301" SubTitleIDS="302" UninstallProgressTextIDS="303" />

<FinishInfo InstallFinishedTextIDS="400" UninstallFinishedTextIDS="401" LogFileLinkTextIDS="402" WatsonReportCheckBoxIDS="403" ErrorStringIDS="404" />

<RebootDialog RebootTextIDS="1000" RebootNowTextIDS="1001" RebootLaterTextIDS="1002" />

<CancelConfirmation CancelTextIDS="2000" />

<LogFileMessage ProblemReportIDS="3000" />

<ButtonInfo YesIDS="6000" NoIDS="6001" CancelIDS="6002" BackIDS="6003" NextIDS="6004" FinishIDS="6005" IgnoreIDS="6006" RetryIDS="6007" OkIDS="6008" />

</UI>

</HotIron>

Obrigada e bom final de semana!

Compartilhar este post

Link para o post
Compartilhar em outros sites

Renato Utsch    24

Renato Utsch
Postado

Olá!

 

Desculpe-me a demora para responder... O fórum ficou offline, por isso não tive como dar a resposta.

 

Por favor, siga as instruções abaixo:

 

<< 1 >>

 

Siga o tutorial abaixo e execute o Ad-Remover. Poste o log gerado. Utilize a opção CLEAN.

 

Tutorial do Ad-Remover

 

 

<< 2 >>

 

Siga o tutorial abaixo e execute o Malwarebyte's Anti-Malware. Faça uma verificação completa.

 

Tutorial do Malwarebyte's Anti-Malware

 

 

<< 3 >>

 

Poste um novo log do DDS.

 

 

 

Caso não estiver conseguindo baixar, sugiro que baixe em outro computador, grave-os em um CD ou DVD (não utilize qualquer tipo de mídias removíveis, como um pendrive, pois o mesmo poderá infectar o computador onde o programa foi baixado!) e o insira no seu pc, executando-os.

 

 

Abraços :D

Compartilhar este post

Link para o post
Compartilhar em outros sites

Mário Monteiro    179

Mário Monteiro
Postado

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post

Link para o post
Compartilhar em outros sites
Ir para a lista de tópicos Tópicos Arquivados (Seguranca & Malwares)
×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.

  Aceito