Estou enfrentando problemas em meu computador com este cookie. já usei o panda antivirus online, o trendmicro online, spyhunter, spybot e o avg antivirus 8 (programa que estou usando) também não pega.
Alguém poderia dar uma ajuda?
Agradeço antecipadamente,
Luis
Segue abaixo o log do Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:18:15, on 18/3/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Windows Defender\MsMpEng.exe
C:\Arquivos de programas\Sygate\SPF\smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Windows Defender\MSASCui.exe
C:\WINDOWS\Xerox\PanelMgr\ssmmgr.exe
C:\ARQUIV~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Arquivos de programas\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
C:\Arquivos de programas\FireTrust\MailWasher Pro\MailWasher.exe
C:\Arquivos de programas\SpeedFan\speedfan.exe
C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\ARQUIV~1\AVG\AVG8\avgam.exe
C:\ARQUIV~1\AVG\AVG8\avgrsx.exe
C:\ARQUIV~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Arquivos de programas\Windows Live\Contacts\wlcomm.exe
C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe
C:\Arquivos de programas\Adobe\Acrobat 7.0\Distillr\AcroTray.exe
C:\ARQUIV~1\MICROS~3\Office12\OUTLOOK.EXE
C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Palm\Palm.exe
C:\Arquivos de programas\Palm\Hotsync.exe
C:\Arquivos de programas\WinRAR\WinRAR.exe
C:\DOCUME~1\lab\CONFIG~1\Temp\Rar$EX00.219\HijackT his.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &
http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.folha.uol.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehCef.dll
O2 - BHO: G-Buster Browser Defense ABN AMRO - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\ARQUIV~1\GbPlugin\gbiehabn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.d ll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SmcService] C:\ARQUIV~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Windows Defender] "C:\Arquivos de programas\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Xerox PanelMgr] C:\WINDOWS\Xerox\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\ARQUIV~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MailWasherPro.lnk = C:\Arquivos de programas\FireTrust\MailWasher Pro\MailWasher.exe
O4 - Startup: SpeedFan.lnk = C:\Arquivos de programas\SpeedFan\speedfan.exe
O8 - Extra context menu item: Converter destino de link em Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converter destino de link em PDF existente - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converter em Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converter em PDF existente - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converter links selecionados em Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converter links selecionados em PDF existente - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converter seleção em Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converter seleção em PDF existente - res://C:\Arquivos de programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\ARQUIV~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\ARQUIV~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Criar Favorito Móvel... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\ARQUIV~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Arquivos de programas\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: SEARCH_PAGE_URL=&
http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (WficaCtl Object) -
http://docvirt.no-ip.com/plugins/wfica.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) -
https://www14.bancobrasil.com.br/plugin/GbpDist.cab
O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) -
https://wwws.realsecureweb.com.br/mp...bPluginABN.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ARQUIV~1\ARQUIV~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: GbPluginAbn - C:\ARQUIV~1\GbPlugin\gbiehabn.dll
O20 - Winlogon Notify: GbPluginBb - C:\ARQUIV~1\GBPLUGIN\gbieh.dll
O20 - Winlogon Notify: GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\ARQUIV~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Arquivos de programas\Sygate\SPF\smc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Arquivos de programas\Windows Live\installer\WLSetupSvc.exe (file missing)
--
End of file - 11439 bytes
Vejam o log da detecção da proteção residente do avg8 (isso é o resultado de 3 dias, fora o que eu já deletei):
Detecção da Proteção Residente
Infecção;"Objeto";"Resultado";"Tempo de detecção";"Tipo de objeto";"Processar"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Objeto potencialmente perigoso";"18/3/2009, 17:17:43";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 17:17:40";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"18/3/2009, 16:17:50";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 16:17:44";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 14:11:20";"Arquivo";"C:\WINDOWS\explorer.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"18/3/2009, 10:20:21";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 10:20:19";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 09:44:14";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Excluídos";"18/3/2009, 09:44:10";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"18/3/2009, 09:00:45";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 09:00:43";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Excluídos";"18/3/2009, 08:54:27";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.2o7;"C:\Documents and Settings\lab\Cookies\lab@msnportal.112.2o7[1].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 08:44:25";"Arquivo";"C:\Arquivos de programas\CCleaner\CCleaner.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 08:41:17";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"18/3/2009, 08:38:09";"Arquivo";"C:\Arquivos de programas\Internet Explorer\iexplore.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 08:32:24";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Excluídos";"18/3/2009, 08:32:19";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"18/3/2009, 08:02:07";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Serving-sys;"C:\Documents and Settings\lab\Cookies\lab@serving-sys[2].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 08:02:05";"Arquivo";"C:\WINDOWS\explorer.exe"
Encontrado Tracking cookie.Serving-sys;"C:\Documents and Settings\lab\Cookies\lab@bs.serving-sys[1].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 08:02:04";"Arquivo";"C:\WINDOWS\explorer.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"18/3/2009, 08:02:04";"Arquivo";"C:\WINDOWS\explorer.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"17/3/2009, 21:22:25";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"17/3/2009, 21:22:18";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"17/3/2009, 18:35:50";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"17/3/2009, 18:35:44";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"17/3/2009, 17:57:04";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Excluídos";"17/3/2009, 17:57:00";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"17/3/2009, 17:16:16";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"17/3/2009, 17:16:11";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"17/3/2009, 16:47:33";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"17/3/2009, 16:47:31";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"17/3/2009, 14:08:47";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"17/3/2009, 14:08:38";"Arquivo";"C:\Arquivos de programas\Java\jre6\bin\java.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"17/3/2009, 13:25:36";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Webtrends;"C:\Documents and Settings\lab\Cookies\lab@m.webtrends[2].txt";"Movido para a Quarentena de Vírus";"17/3/2009, 13:25:34";"Arquivo";"C:\Arquivos de programas\Java\jre6\bin\java.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"17/3/2009, 13:25:34";"Arquivo";"C:\Arquivos de programas\Java\jre6\bin\java.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"17/3/2009, 09:58:15";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"17/3/2009, 09:58:14";"Arquivo";"C:\Arquivos de programas\AVG\AVG8\avgcsrvx.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"17/3/2009, 09:15:08";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Excluídos";"17/3/2009, 08:36:48";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Excluídos";"17/3/2009, 08:28:20";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"16/3/2009, 16:54:59";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"16/3/2009, 13:11:22";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Excluídos";"15/3/2009, 20:56:06";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Excluídos";"15/3/2009, 20:43:10";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"15/3/2009, 20:14:14";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"15/3/2009, 19:33:37";"Arquivo";"C:\Arquivos de programas\CCleaner\CCleaner.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"15/3/2009, 10:53:59";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"15/3/2009, 10:38:03";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.2o7;"C:\Documents and Settings\lab\Cookies\lab@msnportal.112.2o7[1].txt";"Movido para a Quarentena de Vírus";"15/3/2009, 10:03:32";"Arquivo";"C:\Arquivos de programas\Enigma Software Group\SpyHunter\SpyHunter3.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Movido para a Quarentena de Vírus";"15/3/2009, 10:03:32";"Arquivo";"C:\Arquivos de programas\Enigma Software Group\SpyHunter\SpyHunter3.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Excluídos";"15/3/2009, 10:01:40";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[2].txt";"Movido para a Quarentena de Vírus";"15/3/2009, 09:34:38";"Arquivo";"C:\Arquivos de programas\Enigma Software Group\SpyHunter\SpyHunter3.exe"
Encontrado Tracking cookie.Doubleclick;"C:\Documents and Settings\lab\Cookies\lab@doubleclick[1].txt";"Movido para a Quarentena de Vírus";"15/3/2009, 09:34:38";"Arquivo";"C:\Arquivos de programas\Enigma Software Group\SpyHunter\SpyHunter3.exe"
Encontrado Tracking cookie.Atdmt;"C:\Documents and Settings\lab\Cookies\lab@atdmt[1].txt";"Movido para a Quarentena de Vírus";"15/3/2009, 09:21:52";"Arquivo";"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"
Seguindo as orientações dadas aqui para um outro colega com problema semelhante, rodei o MalwareBytes'Anti-Malware no modo de segurança. ele encontrou algumas pragas. o log está abaixo:
Malwarebytes' Anti-Malware 1.34
Versão do banco de dados: 1866
Windows 5.1.2600 Service Pack 3
18/3/2009 18:18:42
mbam-log-2009-03-18 (18-18-42).txt
Tipo de Verificação: Completa (C:\|D:\|E:\|F:\|)
Objetos verificados: 184601
Tempo decorrido: 34 minute(s), 0 second(s)
Processos da Memória infectados: 0
Módulos de Memória Infectados: 0
Chaves do Registro infectadas: 1
Valores do Registro infectados: 1
Ítens do Registro infectados: 0
Pastas infectadas: 0
Arquivos infectados: 2
Processos da Memória infectados:
(Nenhum ítem malicioso foi detectado)
Módulos de Memória Infectados:
(Nenhum ítem malicioso foi detectado)
Chaves do Registro infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ModuleUsage\c:/windows/downloaded program files/abn.gpc (Trojan.Agent) -> Quarantined and deleted successfully.
Valores do Registro infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\abn.gpc (Trojan.Agent) -> Quarantined and deleted successfully.
Ítens do Registro infectados:
(Nenhum ítem malicioso foi detectado)
Pastas infectadas:
(Nenhum ítem malicioso foi detectado)
Arquivos infectados:
C:\WINDOWS\Downloaded Program Files\abn.gpc (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\GbPluginABN.inf (Trojan.Agent) -> Quarantined and deleted successfully.
Será que estou livre?
Luis
Ainda infectado... Infelizmente os avisos do AVG continuam a sinalizar que o tracking cookie ainda está ativo...
Se alguém puder ajudar agradeço imensamente.
Obrigado
Luis
Tracking Cookie atdmt
. Nós temos 759.308 usuários, convidamos você fazer parte de nossa comunidade também! Se ainda não encontrou o que procura use nossa pesquisa. Esperamos que aprecie nosso trabalho.
