[Resolvido] &nbspKeylogger

[pitty21 0]

Boa noite

 

Estou com dúvidas se tenho um keylogger ou se alguém tem acesso remoto ao meu notebook.

 

Vocês poderiam analisar meu log? Desde já agradeço.

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:58:24, on 11/05/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal

 

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Emsisoft Anti-Malware\a2service.exe

C:\PROGRA~1\GBPLUGIN\gbpsv.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Comodo\CBOClean\BOCORE.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Spyware Doctor\pctsAuxs.exe

C:\Program Files\Spyware Doctor\pctsSvc.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Panda USB Vaccine\USBVaccine.exe

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\Program Files\Yahoo!\Common\YMailAdvisor.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\KeyScrambler\KeyScrambler.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Spyware Doctor\pctsTray.exe

C:\Program Files\Comodo\CBOClean\BOC427.EXE

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe

C:\Program Files\Palm\Hotsync.exe

C:\Program Files\Palm\AlarmApp_PSI.exe

C:\Windows\system32\svchost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Windows Live\Companion\companionuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\conhost.exe

c:\program files\avira\antivir desktop\avgnt.exe

C:\Program Files\KeyScrambler\KeyScrambler.exe

C:\Users\Pookie\Downloads\HiJackThis.exe

C:\Windows\system32\DllHost.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://br.mc538.mail.yahoo.com/mc/welcome?.gx=1&.tm=1283776850&.rand=3p7dgka6u54dk

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - (no file)

O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O2 - BHO: G-Buster Browser Defense Unibanco - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~1\GbPlugin\gbiehUni.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Copernic Desktop Search - Home Toolbar - {4A1C6093-14F9-44D7-860E-5D265CFCA9D9} - C:\Program Files\Copernic Desktop Search - Home\Toolbar\ToolbarContainer101000325.dll

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files\Yahoo!\Common\YMailAdvisor.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [igfxTray] "C:\Windows\system32\igfxtray.exe"

O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"

O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"

O4 - HKLM\..\Run: [KeyScrambler] "C:\Program Files\KeyScrambler\keyscrambler.exe" /a

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [iSTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [bOC-427] C:\PROGRA~1\Comodo\CBOClean\BOC427.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [spybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"

O4 - HKCU\..\Run: [batteryCare] "C:\Program Files\BatteryCare\BatteryCare.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

O4 - HKCU\..\Run: [Copernic Desktop Search - Home] "C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -update activex

O4 - Startup: Alarm Manager.LNK = ?

O4 - Global Startup: Hotsync Manager.lnk = C:\Program Files\Palm\Hotsync.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll

O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe

O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: http://www.bancoreal.com.br

O15 - Trusted Zone: www.bb.com.br

O15 - Trusted Zone: http://www.santander.com.br

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB

O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} - http://download.tenebril.com/pub/bin/scanner2008/TenebrilSpywareScanner.ocx

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} (GbPluginObj Class) - https://clickbanking.unibanco.com.br/GbPlugin/cab/GbPluginUni.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab

O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6025/mcfscan.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - Winlogon Notify: GbPluginAbn - C:\PROGRA~1\GbPlugin\gbiehAbn.dll

O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O20 - Winlogon Notify: GbPluginUni - C:\PROGRA~1\GbPlugin\gbiehUni.dll

O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\Emsisoft Anti-Malware\a2service.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GBPLUGIN\gbpsv.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

 

--

End of file - 15030 bytes

[wings 22]

Olá pitty21

 

 

1.

*Baixe o DDS e salve-o no desktop

*Execute-o e salve os relatórios (DDS.txt e Attach.txt) no desktop

*Cole o relatório DDS.txt

[pitty21 0]

Olá pitty21

 

 

1.

*Baixe o DDS e salve-o no desktop

*Execute-o e salve os relatórios (DDS.txt e Attach.txt) no desktop

*Cole o relatório DDS.txt

 

Boa tarde

 

Segue o DDS.txt

 

 

DDS (Ver_10-12-12.02) - NTFSx86

Run by Pookie at 15:34:15,82 on 13/05/2011

Internet Explorer: 8.0.7601.17514

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.2038.797 [GMT -3:00]

 

AV: Lavasoft Ad-Watch Live! Anti-vírus *Disabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}

AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}

SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Spyware Doctor *Enabled/Updated* {F008AB3A-52B9-2B13-3681-4ED4FDA86549}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Emsisoft Anti-Malware\a2service.exe

C:\PROGRA~1\GBPLUGIN\gbpsv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Avira\AntiVir Desktop\avguard.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Comodo\CBOClean\BOCORE.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Spyware Doctor\pctsAuxs.exe

C:\Program Files\Spyware Doctor\pctsSvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Panda USB Vaccine\USBVaccine.exe

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\Program Files\Yahoo!\Common\YMailAdvisor.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\KeyScrambler\KeyScrambler.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Spyware Doctor\pctsTray.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\Comodo\CBOClean\BOC427.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\BatteryCare\BatteryCare.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\Copernic Desktop Search - Home\DesktopSearchService.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files\Windows Live\Companion\companionuser.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Users\Pookie\AppData\Local\eSupport.com\biosagentplus_796[1].exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Windows\system32\calc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\KeyScrambler\KeyScrambler.exe

C:\Users\Pookie\Desktop\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://br.mc538.mail.yahoo.com/mc/welcome?.gx=1&.tm=1283776850&.rand=3p7dgka6u54dk

uInternet Settings,ProxyOverride = *.local

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540000} - c:\program files\gbplugin\gbieh.dll

BHO: {C41A1C0E-EA6C-11D4-B1B8-444553540003} - No File

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540007} - c:\progra~1\gbplugin\gbiehAbn.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540008} - c:\progra~1\gbplugin\gbiehUni.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Copernic Desktop Search - Home Toolbar: {4a1c6093-14f9-44d7-860e-5d265cfca9d9} - c:\program files\copernic desktop search - home\toolbar\ToolbarContainer101000325.dll

TB: {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - No File

EB: Copernic Desktop Search - Home Toolbar: {4a1c6093-14f9-44d7-860e-5d265cfca9d9} - c:\program files\copernic desktop search - home\toolbar\ToolbarContainer101000325.dll

EB: Copernic Desktop Search - Home: {9c3fca1f-99e3-48f2-a7f4-dd3931b2f99a} - c:\program files\copernic desktop search - home\DeskbandIntegration304000026.dll

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [spybotSD TeaTimer] "c:\program files\spybot - search & destroy\TeaTimer.exe"

uRun: [batteryCare] "c:\program files\batterycare\BatteryCare.exe"

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [sUPERAntiSpyware] "c:\program files\superantispyware\SUPERAntiSpyware.exe"

uRun: [Copernic Desktop Search - Home] "c:\program files\copernic desktop search - home\DesktopSearchService.exe" /tray

mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun

mRun: [YMailAdvisor] "c:\program files\yahoo!\common\YMailAdvisor.exe"

mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRun: [igfxTray] "c:\windows\system32\igfxtray.exe"

mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"

mRun: [Persistence] "c:\windows\system32\igfxpers.exe"

mRun: [KeyScrambler] "c:\program files\keyscrambler\keyscrambler.exe" /a

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [iSTray] "c:\program files\spyware doctor\pctsTray.exe"

mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min

mRun: [bOC-427] c:\progra~1\comodo\cboclean\BOC427.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\users\pookie\appdata\roaming\micros~1\windows\startm~1\programs\startup\alarmm~1.lnk - c:\program files\palm\AlarmApp_PSI.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palm\Hotsync.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe

IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - c:\program files\keyscrambler\KeyScramblerIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

LSP: c:\windows\system32\iavlsp.dll

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bancoreal.com.br\www

Trusted Zone: bb.com.br\www

Trusted Zone: realsecureweb.com.br\www

Trusted Zone: realsecureweb.com.br\www2

Trusted Zone: realsecureweb.com.br\wwws

Trusted Zone: santander.com.br\www

Trusted Zone: santandernet.com.br\www

Trusted Zone: secureweb.com.br\www

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} - hxxp://download.tenebril.com/pub/bin/scanner2008/TenebrilSpywareScanner.ocx

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab

DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} - hxxps://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab

DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} - hxxps://clickbanking.unibanco.com.br/GbPlugin/cab/GbPluginUni.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldpt-br.cab

DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6025/mcfscan.cab

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Notify: GbPluginAbn - c:\progra~1\gbplugin\gbiehAbn.dll

Notify: GbPluginBb - c:\program files\gbplugin\gbieh.dll

Notify: GbPluginUni - c:\progra~1\gbplugin\gbiehUni.dll

Notify: igfxcui - igfxdev.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - c:\program files\gbplugin\gbieh.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399007} - c:\progra~1\gbplugin\gbiehAbn.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399008} - c:\progra~1\gbplugin\gbiehUni.dll

 

============= SERVICES / DRIVERS ===============

 

R0 46028722;46028722 Boot Guard Driver;c:\windows\system32\drivers\46028722.sys [2011-4-26 37392]

R1 46028721;46028721;c:\windows\system32\drivers\46028721.sys [2011-4-26 128016]

R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-2-18 61960]

S3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2011-1-22 73728]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

 

=============== File Associations ===============

 

JSEFile=NOTEPAD.EXE %1

 

=============== Created Last 30 ================

 

2011-05-13 02:00:28 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys

2011-05-13 02:00:27 -------- d-----w- c:\users\pookie\appdata\local\eSupport.com

2011-05-13 01:43:57 -------- d-----w- c:\program files\FinalWire

2011-05-12 12:10:48 -------- d-----w- c:\windows\pt-PT

2011-05-12 12:10:27 -------- d-----w- c:\windows\system32\drivers\umdf\pt-PT

2011-05-12 12:10:27 -------- d-----w- c:\windows\system32\drivers\pt-PT

2011-05-12 12:10:20 -------- d-----w- c:\windows\system32\wbem\pt-PT

2011-05-12 12:10:20 -------- d-----w- c:\windows\system32\pt

2011-05-12 01:52:13 4096 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\pt-pt\LXKPTPRC.DLL.mui

2011-05-12 01:28:34 981504 ----a-w- c:\windows\system32\wininet.dll

2011-05-12 01:28:33 163328 ----a-w- c:\program files\internet explorer\ieproxy.dll

2011-05-12 01:28:32 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-05-12 01:26:51 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-05-12 01:26:51 294912 ----a-w- c:\windows\system32\atmfd.dll

2011-05-12 01:26:43 741376 ----a-w- c:\windows\system32\inetcomm.dll

2011-05-12 01:26:42 191488 ----a-w- c:\windows\system32\FXSCOVER.exe

2011-05-12 01:26:10 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-05-12 01:26:10 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-05-12 01:26:00 1164288 ----a-w- c:\windows\system32\mfc42u.dll

2011-05-12 01:26:00 1137664 ----a-w- c:\windows\system32\mfc42.dll

2011-05-12 01:25:22 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-05-12 01:25:22 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-05-12 01:25:22 223232 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-05-12 01:25:22 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-05-11 21:58:34 70144 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\CNBPP3.DLL

2011-04-29 13:48:12 -------- d-----w- c:\progra~2\McAfee Security Scan

2011-04-27 02:52:44 37392 ----a-w- c:\windows\system32\drivers\46028722.sys

2011-04-27 02:52:44 311312 ----a-w- c:\windows\system32\drivers\4602872.sys

2011-04-27 02:52:44 128016 ----a-w- c:\windows\system32\drivers\46028721.sys

 

==================== Find3M ====================

 

2011-04-18 10:23:39 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-03-26 15:10:34 152576 ----a-w- c:\windows\system32\msclmd.dll

2011-03-03 05:38:01 132608 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-03-03 05:36:16 28672 ----a-w- c:\windows\system32\dnscacheugc.exe

2011-02-19 06:30:54 805376 ----a-w- c:\windows\system32\FntCache.dll

2011-02-19 06:30:51 1076736 ----a-w- c:\windows\system32\DWrite.dll

2011-02-19 06:30:50 739840 ----a-w- c:\windows\system32\d2d1.dll

2011-02-18 05:43:28 428032 ----a-w- c:\windows\system32\vbscript.dll

 

============= FINISH: 15:37:52,67 ===============

 

 

Attach.txt

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-12-12.02)

 

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 19/11/2009 15:11:10

System Uptime: 13/05/2011 04:28:59 (11 hours ago)

 

Motherboard: COMPAL | | HEL8X

Processor: Intel® Core Duo CPU T2450 @ 2.00GHz | U2E1 | 2000/mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 149 GiB total, 33,871 GiB free.

D: is FIXED (NTFS) - 149 GiB total, 130,692 GiB free.

E: is CDROM ()

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

RP229: 10/05/2011 14:39:39 - Ponto de Verificação Agendado

RP230: 11/05/2011 22:29:43 - Windows Update

RP231: 13/05/2011 00:18:22 - Instalador de Módulos do Windows

 

==== Installed Programs ======================

 

Ad-Aware

Adobe Acrobat Reader 3.01

Adobe Flash Player 10 ActiveX

Adobe Reader X - Português

Adobe Shockwave Player 11.5

Advanced Spyware Remover Free Edition

Advertising Center

AIDA64 Extreme Edition v1.70

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Argente - Spyware Inmunize 1.0.0.0 Beta 1

ASUS WebCam, 1.3M, USB2.0, FF

Avira AntiVir Personal - Free Antivirus

BatteryCare

BatteryMon V2.1

BOClean

Bonjour

CCleaner

Coelho Sabido - Jardim

Compatibility Pack for the 2007 Office system

Controle ActiveX do Windows Live Mesh para Conexões Remotas

ConvertXtoDVD 4.0.10.324

Copernic Desktop Search - Home

D3DX10

Discador Oi

DivX Codec

DivX Converter Mobile

DivX Player

DivX Plus DirectShow Filters

DivX Web Player

DriverAgent by eSupport.com

DVD Suite

Emsisoft Anti-Malware 5.1

Emsisoft HiJackFree 4.5

eMule

ESET Online Scanner v3

File Seeker

Garmin MapSource

Garmin POI Loader

Garmin Training Center

Garmin USB Drivers

Garmin WebUpdater

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Intel® Graphics Media Accelerator Driver

IRPF2009 - Declaração de Ajuste Anual e Final de Espólio

IRPF2010 - Declaração de Ajuste Anual e Final de Espólio

IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País

iTunes

Java Auto Updater

Java 6 Update 22

Junk Mail filter update

KeyScrambler

LG PC Suite II

LG USB Modem driver

Malwarebytes' Anti-Malware

McAfee Security Scan Plus

MediaShow 3.0

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile PTB Language Pack

Microsoft Application Error Reporting

Microsoft Office Live Add-in 1.4

Microsoft Office Professional Edição 2003

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable - KB2467175

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Nero ControlCenter

Nero Installer

Nero Online Upgrade

Nero StartSmart

neroxml

Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

Palm Desktop by ACCESS

Panda ActiveScan 2.0

Panda USB Vaccine 1.0.1.4

PhotoNow! 1.0

PokerStars.net

Power2Go 5.0

PowerBackup 2.5

PowerDVD

PowerProducer

QuickTime

RealPlayer

RealUpgrade 1.0

Receitanet 2009

Receitanet Java 2010.02d

Saraiva Digital Lite

Security Task Manager 1.8c

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Sophos Anti-Rootkit 1.5.4

Spybot - Search & Destroy

Spyware Doctor 6.0

SUPERAntiSpyware

TRC-Brasil 11.04a 2011-04-25

VC80CRTRedist - 8.0.50727.4053

VC80MFCRedist - 8.0.50727.4053

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)

Windows Essentials Media Codec Pack 2.3d

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Galeria de Fotos

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live OneCare safety scanner

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinPcap 4.1.1

WinRAR 4.00 (32-bit)

Yahoo! Mail Advisor

 

==== End Of File ===========================

 

Agradeço desde já.

[wings 22]

1.

*Delete o DDS e seus relatórios

 

2.

*Abra o Malwarebytes, clique [Atualização] > [baixar Atualizações]

*Na aba [Verificação], selecione [x] Verificação completa

*Clique [Verificar] e selecione a partição onde o Windows está instalado

*Ao finalizar o scan, clique [sIM] > [OK] > [Ver Resultados] > [Remover Selecionados]

*Cole o relatório apresentado

[pitty21 0]

Boa noite

 

Segue o relatório do mbam.

 

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Versão da Base de Dados: 6570

 

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514

 

13/05/2011 21:48:17

mbam-log-2011-05-13 (21-48-17).txt

 

Tipo de Verificação: Verificação Completa (C:\|D:\|)

Objetos escaneados: 316816

Tempo decorrido: 1 hora(s), 10 minuto(s), 19 segundo(s)

 

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 0

Valores de Registro Infectados: 0

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 0

Arquivos Infectados: 0

 

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Infectadas:

(Não foram detectados ítens maliciosos)

 

Valores de Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

 

Pastas Infectadas:

(Não foram detectados ítens maliciosos)

 

Arquivos Infectados:

(Não foram detectados ítens maliciosos)

 

Obrigada pela sua ajuda.

[wings 22]

OK...

 

O PC está limpo. :)

 

 

Um abraço.

[pitty21 0]

OK...

 

O PC está limpo. :)

 

 

Um abraço.

 

Wings, obrigada pela sua ajuda.

 

Só por curiosidade o que é JSEfile notepad.exe 1%?

 

Grata.

[wings 22]

Está relacionado a associação de arquivos.

 

Java Script.

[wings 22]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.