Thank you.
Here are the logs...
Combofix:
ComboFix 08-05-12.1 - Teresa Calado 2008-05-14 17:22:11.13 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.0.1252.351.2070.18.37 [GMT 1:00]
Executando de: C:\Documents and Settings\Teresa Calado\Ambiente de trabalho\ComboFix.exe
* Criado um novo ponto de restauro
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
C:\WINDOWS\system32\59aebd.exe
C:\WINDOWS\system32\59fbc4.exe
C:\WINDOWS\system32\5a07f9.exe
C:\WINDOWS\system32\5a0f5b.exe
C:\WINDOWS\system32\5a5cc0.exe
C:\WINDOWS\system32\5a67dc.exe
C:\WINDOWS\system32\711864.exe
C:\WINDOWS\system32\880346.exe
C:\WINDOWS\system32\880970.exe
C:\WINDOWS\system32\ihkmp.ini
.
((((((((((((((((((((((( Ficheiros criados de 2008-04-14 to 2008-05-14 ))))))))))))))))))))))))))))))))
.
2008-05-13 14:17 . 2008-05-13 14:17 1,506 --a------ C:\WINDOWS\system32\8802b9.exe
2008-05-13 14:17 . 2008-05-13 14:17 1,506 --a------ C:\WINDOWS\system32\87fd7a.exe
2008-05-13 14:17 . 2008-05-13 14:17 1,506 --a------ C:\WINDOWS\system32\87a92f.exe
2008-05-13 14:17 . 2008-05-13 14:17 1,506 --a------ C:\WINDOWS\system32\87a3e0.exe
2008-05-13 14:17 . 2008-05-13 14:17 1,506 --a------ C:\WINDOWS\system32\87a121.exe
2008-05-13 14:17 . 2008-05-13 14:17 1,506 --a------ C:\WINDOWS\system32\879bd2.exe
2008-05-13 13:53 . 2008-05-13 13:53 1,506 --a------ C:\WINDOWS\system32\717d39.exe
2008-05-13 13:53 . 2008-05-13 13:53 1,506 --a------ C:\WINDOWS\system32\7177f9.exe
2008-05-13 13:53 . 2008-05-13 13:53 1,506 --a------ C:\WINDOWS\system32\7172b9.exe
2008-05-13 13:53 . 2008-05-13 13:53 1,506 --a------ C:\WINDOWS\system32\716ced.exe
2008-05-13 13:53 . 2008-05-13 13:53 1,506 --a------ C:\WINDOWS\system32\711e50.exe
2008-05-13 13:52 . 2008-05-13 13:52 1,506 --a------ C:\WINDOWS\system32\70bf48.exe
2008-05-13 13:29 . 2008-05-13 13:29 1,506 --a------ C:\WINDOWS\system32\5b30c9.exe
2008-05-13 13:28 . 2008-05-13 13:28 1,506 --a------ C:\WINDOWS\system32\5b2947.exe
2008-05-13 13:28 . 2008-05-13 13:28 1,506 --a------ C:\WINDOWS\system32\5ad710.exe
2008-05-13 13:28 . 2008-05-13 13:28 1,506 --a------ C:\WINDOWS\system32\5ace85.exe
2008-05-13 13:28 . 2008-05-13 13:28 1,506 --a------ C:\WINDOWS\system32\5ace18.exe
2008-05-13 13:28 . 2008-05-13 13:28 1,506 --a------ C:\WINDOWS\system32\5ac3f6.exe
2008-05-13 13:28 . 2008-05-13 13:28 1,506 --a------ C:\WINDOWS\system32\5a7355.exe
2008-05-13 13:28 . 2008-05-13 13:28 1,506 --a------ C:\WINDOWS\system32\5a6a4d.exe
2008-05-13 13:26 . 2008-05-13 13:26 7,168 --a------ C:\WINDOWS\system32\luwu472.exe
2008-05-13 13:25 . 2008-05-13 14:27 481 --a------ C:\WINDOWS\system32\wsbkom.tmp
2008-04-28 11:28 . 2008-05-13 14:54 <DIR> d-------- C:\fixwareout
2008-04-28 11:03 . 2008-04-28 11:03 <DIR> d-------- C:\WINDOWS\ERUNT
2008-04-28 10:58 . 2008-05-13 14:48 <DIR> d-------- C:\SDFix
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-05-14 16:18 --------- d-----w C:\Documents and Settings\Teresa Calado\Application Data\MegauploadToolbar
2008-05-14 11:11 --------- d-----w C:\Documents and Settings\Teresa Calado\Application Data\AVG7
2008-05-01 12:21 --------- d-----w C:\Programas\CCleaner
2008-04-29 22:04 --------- d-----w C:\Programas\eMule
2008-04-13 18:47 --------- d-----w C:\Programas\MSN Messenger
2008-04-13 18:47 --------- d-----w C:\Programas\Messenger Plus! Live
2008-03-25 19:05 --------- d-----w C:\Programas\Ficheiros comuns\Adobe
2008-03-25 18:58 --------- d-----w C:\Documents and Settings\Teresa Calado\Application Data\AdobeUM
2001-11-23 04:08 712,704 ----a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
2007-02-10 16:02 848 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-01-20 12:34 143,304,480 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-20 12:34 5,161,248 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
.
------- Sigcheck -------
.
((((((((((((((((((((((((((((( snapshot_2008-04-20_13.52.51.70 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-20 12:42:32 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-14 11:09:43 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2006-06-20 14:44:04 379,704 ----a-w C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll
+ 2006-06-20 14:44:02 117,560 ----a-w C:\WINDOWS\Downloaded Program Files\PURen-us.dll
+ 2008-04-27 19:47:55 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
+ 2008-05-13 13:33:13 6,516,736 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\
00000001\ntuser.dat
+ 2008-05-13 13:33:13 282,624 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\
00000002\UsrClass.dat
+ 2008-04-27 19:47:55 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE
+ 2008-04-28 10:03:50 6,123,520 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\
00000001\ntuser.dat
+ 2008-04-28 10:03:50 282,624 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\
00000002\UsrClass.dat
- 2008-04-13 18:40:20 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\i ndex.dat
+ 2008-05-14 11:09:52 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\i ndex.dat
- 2008-04-13 18:40:20 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Definiçõe s locais\Histórico\History.IE5\index.dat
+ 2008-05-14 11:09:52 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Definiçõe s locais\Histórico\History.IE5\index.dat
+ 2008-05-14 11:09:52 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Definiçõe s locais\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-20 12:33:39 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.da t
+ 2008-05-14 16:22:02 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.da t
- 2007-10-11 14:12:48 1,468,968 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2008-03-20 17:06:36 1,480,232 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
- 2007-10-08 14:46:18 14,640 ------w C:\WINDOWS\system32\spmsg.dll
+ 2008-03-20 13:41:20 14,640 ------w C:\WINDOWS\system32\spmsg.dll
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Nota* entradas vazias & legítimas por defeito não são mostradas.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-11-20 13:00 13312]
"msnmsgr"="C:\Programas\MSN Messenger\msnmsgr.exe" [2007-01-19 13:54 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"VTTimer"="VTTimer.exe" [2004-10-22 04:53 53248 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-01-11 00:33 143360 C:\WINDOWS\system32\VTTrayp.exe]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 11:20 77824 C:\WINDOWS\SOUNDMAN.EXE]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40 2577632]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.e xe" [2001-07-09 11:50 155648]
"iTunesHelper"="C:\Programas\iTunes\iTunesHelper.e xe" [2006-02-23 16:45 278528]
"QuickTime Task"="C:\Programas\QuickTime\qttask.exe" [2006-06-02 12:20 282624]
"Cmaudio"="cmicnfg.cpl" []
"SunJavaUpdateSched"="C:\Programas\Java\jre1.6.0_0 5\bin\jusched.exe" [2008-02-22 05:25 144784]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-15 12:29 579584]
"TkBellExe"="C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe" [2008-02-26 00:03 185896]
"Adobe Reader Speed Launcher"="C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-11-20 13:00 13312]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-12-26 18:57 219136]
"ttool"="C:\WINDOWS\9129837.exe" [ ]
C:\Documents and Settings\Teresa Calado\Menu Iniciar\Programas\Arranque\
Ferramenta de Verifica‡Æo de M¡dia do Cyber-shot Viewer.lnk - C:\Programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2006-07-28 22:21:00 155648]
C:\Documents and Settings\All Users\Menu Iniciar\Programas\Arranque\
VIA RAID TOOL.lnk - C:\Programas\VIA\RAID\raid_tool.exe [2005-08-04 22:45:17 565248]
WinZip Quick Pick.lnk - C:\Programas\WinZip\WZQKPICK.EXE [2005-08-05 23:31:10 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\luwu472.exe"=
R2 SVKP;SVKP;C:\WINDOWS\System32\SVKP.sys [2006-10-27 13:17]
S3 PavSRK.sys;PavSRK.sys;C:\WINDOWS\System32\PavSRK.s ys []
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Conteúdo da pasta 'Tarefas Agendadas'
"2008-03-21 17:17:07 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Programas\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-05-08 00:00:01 C:\WINDOWS\Tasks\At26.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At27.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At28.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At29.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At30.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At31.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At32.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At33.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-02-10 00:39:36 C:\WINDOWS\Tasks\At34.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-03-28 10:00:01 C:\WINDOWS\Tasks\At35.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-06 10:00:00 C:\WINDOWS\Tasks\At36.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-13 11:00:01 C:\WINDOWS\Tasks\At37.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-14 12:00:02 C:\WINDOWS\Tasks\At38.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-14 13:00:00 C:\WINDOWS\Tasks\At39.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-14 14:00:00 C:\WINDOWS\Tasks\At40.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-14 15:00:01 C:\WINDOWS\Tasks\At41.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-14 16:00:00 C:\WINDOWS\Tasks\At42.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-13 17:00:00 C:\WINDOWS\Tasks\At43.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-13 18:00:01 C:\WINDOWS\Tasks\At44.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-13 19:00:00 C:\WINDOWS\Tasks\At45.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-13 20:00:00 C:\WINDOWS\Tasks\At46.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-13 21:00:00 C:\WINDOWS\Tasks\At47.job"
- C:\WINDOWS\System32\o83Gmp01.exe
"2008-05-13 22:00:00 C:\WINDOWS\Tasks\At48.job"
- C:\WINDOWS\System32\o83Gmp01.exe
.
************************************************** ************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-05-14 17:29:15
Windows 5.1.2600 NTFS
Procurando processos ocultos ...
Procurando entradas auto inicializáveis ocultas ...
Procurando ficheiros ocultos ...
Varredura completada com sucesso
Ficheiros ocultos: 0
************************************************** ************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\v sdatant]
"ImagePath"=""
.
Tempo para conclusão: 2008-05-14 17:37:46
ComboFix-quarantined-files.txt 2008-05-14 16:37:39
ComboFix2.txt 2008-04-20 12:53:31
ComboFix3.txt 2008-03-26 14:01:37
ComboFix4.txt 2008-02-20 01:05:58
Pre-Run: 3,980,427,264 bytes livres
Post-Run: 4,138,594,304 bytes livres
196
HJT:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:41:41, on 14-05-2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programas\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\VTTimer.exe
C:\WINDOWS\System32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programas\iTunes\iTunesHelper.exe
C:\Programas\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Programas\Java\jre1.6.0_05\bin\jusched.exe
C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programas\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Programas\VIA\RAID\raid_tool.exe
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programas\WinZip\WZQKPICK.EXE
C:\Programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Programas\iPod\bin\iPodService.exe
C:\Programas\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Programas\Internet Explorer\IEXPLORE.EXE
C:\Programas\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programas\Ficheiros comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programas\MegauploadToolbar\megauploadtoolbar.d ll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: del.icio.us Toolbar Helper - {7AA07AE6-01EF-44EC-93CA-9D7CD41CCDB6} - C:\Programas\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Programas\MegauploadToolbar\megauploadtoolbar.d ll
O3 - Toolbar: del.icio.us - {981FE6A8-260C-4930-960F-C3BC82746CB0} - C:\Programas\del.icio.us\Internet Explorer Buttons\dlcsIE.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programas\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programas\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programas\Java\jre1.6.0_05\bin\jusched.exe "
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Programas\Ficheiros comuns\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programas\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Serviço de rede')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Ferramenta de Verificação de Mídia do Cyber-shot Viewer.lnk = C:\Programas\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Programas\VIA\RAID\raid_tool.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programas\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/wind...?1198687186843
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -
http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://download.macromedia.com/pub/...sh/swflash.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Programas\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programas\iPod\bin\iPodService.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programas\Sygate\SPF\smc.exe
--
End of file - 6669 bytes
PC Help Forum
» Security & Safety
» [Fixed] Hijackthis! Logs
»
HJT log - help please
HJT log - help please
