pc reboots or shut down when encoding(RESOLVED)
-
pc reboots or shut down when encoding(RESOLVED)
well I really didnt knew if this was a hardware or other thing problem so I decided to post first my HijackThis log so that someone could gave me a little help. the problem is that my pc restarts or shuts down by itself anytime I'm encoding a movie file. since that problem never hapened till like a month ago(before that I used to encode movies without a problem) and i'm like a little noob when it comes to pc so i decided to ask for helpe, sorry if this is in the wrong thread but that is my HijackThis log file:
Logfile of HijackThis v1.99.1
Scan saved at 10:41:45, on 25/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 9.exe
C:\WINDOWS\system32\hphmon05.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\vsnpmi03.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Corel\Graphics9\Register\Remind32.exe
C:\Arquivos de programas\Telemar\Velox\app\EnterNet.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\ARQUIV~1\Telemar\Velox\app\pppoeservice.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\mIRC\mirc.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Kazinhu\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.novadata.com.br/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.novadata.com.br/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://download.alexa.com/index.cgi?...=megaupload-20
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SNPMI03] C:\WINDOWS\vsnpmi03.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Arquivos de programas\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Registro da Corel.lnk = C:\Arquivos de programas\Corel\Graphics9\Register\Remind32.exe
O8 - Extra context menu item: Alexa Web Search - http://client.alexa.com/holiday/scri...ons/search.htm
O8 - Extra context menu item: Get Alexa Data - http://client.alexa.com/holiday/scri...s/sitedata.htm
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/scri...ons/mailto.htm
O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/scri...ns/related.htm
O8 - Extra context menu item: Write a Review... - http://client.alexa.com/holiday/scri...ons/review.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.novadata.com.br/
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\ARQUIV~1\Telemar\Velox\app\pppoeservice.exe
-
Welcome,
I see you have alexa spyware on your computer, alexa is flagged as spyware by every scanner I know and may be the problem you are experienceing.
Let's do two things first:
Download and install
Ewido anti-spyware
4.0 (uninstall any previous version first).- Click the Download BUTTON. On the next page click the
Download now BUTTON. - Save and then install (Run) from the save location.
- Open/Run ewido anti-spyware
- Wait a few moments and Ewido should Auto update itself (note date of last
update). If it doesn't update, click the update ICON at top of
screen:
- Click on the Update now LINK at the top of the window
- Click on the Start update button
- Wait for the update to download and install
- This is very important to get the LATEST
updates
- Click on the Status ICON
- Under "Your computers Security"
Click change status on Resident shield to inactive
(ONLY consider activation of that feature once you are
clean)
- Click on the Scanner ICON at the top of the window
- Click on the Settings tab then select Recommended Actions
and choose Quarantine
Close ALL open Windows / Programs / Folders. Please start
Ewido, and run a full scan:
- Click on the default Status ICON and select
the Scan now LINK.
OR
- Click on the Scanner ICON . Select the Scan
TAB.
- Select Complete System Scan. Ewido will now begin to scan your
system.
- If Ewido finds anything it will list them in the Preview WINDOW:
- Make sure that Set all elements to: shows
Quarantine, if not click on the link and choose
Quarantine from the popup menu. - Select Apply all actions at the bottom of the window (and the
items found will be quarantined - and recoverable, if any items are needed
back).
- When the scan has completed, click on the Save Scan Report button
and save the scan to your Desktop where it can be easily found. - Copy and paste the EWIDO scan results into your next
post. - Close Ewido.
Then:
Open Hijackthis.
Click the "Open the Misc Tools" section Button.
Click the "Open Uninstall Manager" Button.
Click the "Save list..." Button.
Save it to your desktop. Copy and paste the contents into your reply.
I need a new hijackthis log
I need the Ewido log
I need the uninstall list
Thanks
-
Well here I am again, sorry for the delay. By the way anything on any of the logs that is in an language you can't understand ask me cause it's problably in portuguese. Well 1st of all here the new HijackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 20:22:45, on 25/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\ARQUIV~1\Telemar\Velox\app\pppoeservice.exe
C:\ARQUIV~1\Telemar\Velox\app\enternet.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 9.exe
C:\WINDOWS\system32\hphmon05.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\vsnpmi03.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\ewido anti-spyware 4.0\guard.exe
C:\Arquivos de programas\ewido anti-spyware 4.0\ewido.exe
C:\Documents and Settings\Kazinhu\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.novadata.com.br/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://register.hp.com/servlet/WebRe...D=BR54Q2F01TI5
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [SNPMI03] C:\WINDOWS\vsnpmi03.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [!ewido] "C:\Arquivos de programas\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.novadata.com.br/
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Arquivos de programas\ewido anti-spyware 4.0\guard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\ARQUIV~1\Telemar\Velox\app\pppoeservice.exe
Second of all here is the Ewido log :
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 20:17:59 25/8/2006
+ Scan result:
C:\Arquivos de programas\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : No action taken.
:mozilla.181:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.177:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.20:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.63:C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Dados de aplicativos\Mozilla\Firefox\Profiles\g1ywwvrp.defa ult\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Washington\Cookies\washington@2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Cookies\zélia@2 o7[2].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.105:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.108:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.42:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.43:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.44:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.60:C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Dados de aplicativos\Mozilla\Firefox\Profiles\g1ywwvrp.defa ult\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.61:C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Dados de aplicativos\Mozilla\Firefox\Profiles\g1ywwvrp.defa ult\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.62:C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Dados de aplicativos\Mozilla\Firefox\Profiles\g1ywwvrp.defa ult\cookies.txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Washington\Cookies\washington@adbrite[1].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Washington\Cookies\washington@www.adbrite[1].txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.207:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.208:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Advertising : No action taken.
:mozilla.133:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.22:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.8:C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Dados de aplicativos\Mozilla\Firefox\Profiles\g1ywwvrp.defa ult\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Kazinhu\Cookies\kazinhu@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Washington\Cookies\washington@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Cookies\zélia@a tdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.105:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.51:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.103:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.198:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Casalemedia : No action taken.
:mozilla.38:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Clickhype : No action taken.
:mozilla.39:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Clickhype : No action taken.
:mozilla.54:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.15:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.16:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Mãe\Cookies\mãe@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Cookies\zélia@d oubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.229:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.231:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.232:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.233:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.234:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Euroclick : No action taken.
:mozilla.185:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.186:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.187:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.188:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.115:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.116:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.117:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.160:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.161:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.162:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.163:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.164:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Washington\Cookies\washington@fastclick[1].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Washington\Cookies\washington@media.fastc lick[1].txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.190:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Hotlog : No action taken.
:mozilla.159:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
:mozilla.72:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.73:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Onestat : No action taken.
:mozilla.74:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Onestat : No action taken.
C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Cookies\zélia@a ds.pointroll[1].txt -> TrackingCookie.Pointroll : No action taken.
:mozilla.102:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.59:C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Dados de aplicativos\Mozilla\Firefox\Profiles\g1ywwvrp.defa ult\cookies.txt -> TrackingCookie.Revenue : No action taken.
:mozilla.188:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.189:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.190:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.191:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Mãe\Cookies\mãe@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Mãe\Cookies\mãe@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Cookies\zélia@b s.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Cookies\zélia@s erving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.194:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.195:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.196:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.197:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Sexcounter : No action taken.
:mozilla.218:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.219:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.118:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.119:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.97:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.98:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.99:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Statcounter : No action taken.
:mozilla.227:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.228:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.230:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.126:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
:mozilla.28:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.6:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.6:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.56:C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Dados de aplicativos\Mozilla\Firefox\Profiles\g1ywwvrp.defa ult\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.110:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.111:C:\Documents and Settings\Washington\Dados de aplicativos\Mozilla\Firefox\Profiles\bc8xvw92.defa ult\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.33:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.34:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.35:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.36:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.37:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.57:C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Dados de aplicativos\Mozilla\Firefox\Profiles\g1ywwvrp.defa ult\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.58:C:\Documents and Settings\Zélia.BD9CB18E8E374EE.000\Dados de aplicativos\Mozilla\Firefox\Profiles\g1ywwvrp.defa ult\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.84:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.85:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.86:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.87:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Zedo : No action taken.
:mozilla.88:C:\Documents and Settings\Kazinhu\Dados de aplicativos\Mozilla\Firefox\Profiles\3geltgdb.defa ult\cookies.txt -> TrackingCookie.Zedo : No action taken.
::Report end
Third and least, the uninstall list :
µTorrent
ACDSee Classic
Adobe Acrobat 4.0
Adobe Flash Player 9 ActiveX
Adobe Reader 6.0
Adobe Shockwave Player
Atualização de Segurança para o Windows Media Player (KB911564)
Atualização de Segurança para o Windows Media Player 10 (KB917734)
Atualização de Segurança para Windows XP (KB890046)
Atualização de Segurança para Windows XP (KB893756)
Atualização de Segurança para Windows XP (KB896358)
Atualização de Segurança para Windows XP (KB896423)
Atualização de Segurança para Windows XP (KB896424)
Atualização de Segurança para Windows XP (KB896428)
Atualização de Segurança para Windows XP (KB899587)
Atualização de Segurança para Windows XP (KB899591)
Atualização de Segurança para Windows XP (KB900725)
Atualização de Segurança para Windows XP (KB901017)
Atualização de Segurança para Windows XP (KB901214)
Atualização de Segurança para Windows XP (KB902400)
Atualização de Segurança para Windows XP (KB904706)
Atualização de Segurança para Windows XP (KB905414)
Atualização de Segurança para Windows XP (KB905749)
Atualização de Segurança para Windows XP (KB908519)
Atualização de Segurança para Windows XP (KB911562)
Atualização de Segurança para Windows XP (KB911567)
Atualização de Segurança para Windows XP (KB911927)
Atualização de Segurança para Windows XP (KB912919)
Atualização de Segurança para Windows XP (KB913433)
Atualização de Segurança para Windows XP (KB913580)
Atualização de Segurança para Windows XP (KB914388)
Atualização de Segurança para Windows XP (KB914389)
Atualização de Segurança para Windows XP (KB917159)
Atualização de Segurança para Windows XP (KB917344)
Atualização de Segurança para Windows XP (KB917422)
Atualização de Segurança para Windows XP (KB917953)
Atualização de Segurança para Windows XP (KB918439)
Atualização de Segurança para Windows XP (KB918899)
Atualização de Segurança para Windows XP (KB920214)
Atualização de Segurança para Windows XP (KB920670)
Atualização de Segurança para Windows XP (KB920683)
Atualização de Segurança para Windows XP (KB921398)
Atualização de Segurança para Windows XP (KB921883)
Atualização de Segurança para Windows XP (KB922616)
Atualização para Windows XP (KB894391)
Atualização para Windows XP (KB898461)
Atualização para Windows XP (KB900485)
Atualização para Windows XP (KB908531)
Atualização para Windows XP (KB910437)
Atualização para Windows XP (KB911280)
Atualização para Windows XP (KB916595)
avast! Antivirus
BitComet 0.70
BSPlayer
C-Media 3D Audio
Compressor WinRAR
Corel Applications
Disco de recordações HP
DVD Decrypter (Remove Only)
DVD-lab PRO 1.53
ebgcInfra
ebgcRes
ebgcSDK
eMule
ewido anti-spyware 4.0
HijackThis 1.99.1
HP Photo and Imaging 2.1 - Scanjet 2400 Series
HP Software Update
Intel(R) Extreme Graphics 2 Driver
J2SE Runtime Environment 5.0 Update 3
K-Lite Mega Codec Pack 1.56
LimeWire 4.12.6
Marvell Miniport Driver
Messenger Plus! Live
MessengerDiscovery Live 1.00.10
Microsoft Office 2000 Premium
mIRC
Mozilla Firefox (1.5)
MPEG Encoder 3
Nero OEM
NeroVision Express 2
NeroVision Express 2 Content
Photosmart 140,240,7200,7600,7700,7900 Series
PowerISO
QuickTime 3.0
Super Collapse! 3
TMPGEnc 3.0 XPress
Velox
VideoCAM NB 300
VideoEdit Converter Pro
Virtual Cable Tester
Winamp (remove only)
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinZip
-
Hi,
µTorrent- I would uninstall from add/remove program
BitComet 0.70- I would uninstall/ same as above
LimeWire 4.12.6- I would uninstall/same as above
ebgcInfra- what is this?
ebgcRes- what is this?
ebgcSDK- what is this?
Sun Java is way out of date and is a security risk as is:
* Go to Start > Control Panel double-click on the Software icon > add/remove programs.
* Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
It should have next icon next to it: 
Select it and click Remove.
* Then Download and install the newest version from here:
Sun Java
I also would run Ewido again but this time use the quarantine feature per instructions to remove the adware and tracking cookies.
Then post a new hijackthis log and maybe we can finish up.
-
ebgcInfra
ebgcRes
ebgcSDK
they're files for a game caled super collapse 3, i got a error message while instaling this game and now when i tried to uninstall i got an error message too and the game didnt was uninstalled. i downloadd it from gameouse. what should I do with it?
Here's the new HijackThis log:
Logfile of HijackThis v1.99.1
Scan saved at 02:43:24, on 26/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 9.exe
C:\WINDOWS\system32\hphmon05.exe
C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\vsnpmi03.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Arquivos de programas\ewido anti-spyware 4.0\ewido.exe
C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Messenger\msmsgs.exe
C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
C:\Arquivos de programas\ewido anti-spyware 4.0\guard.exe
C:\ARQUIV~1\Telemar\Velox\app\pppoeservice.exe
C:\ARQUIV~1\Telemar\Velox\app\enternet.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe
C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Kazinhu\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.novadata.com.br/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://register.hp.com/servlet/WebRe...D=BR54Q2F01TI5
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb0 9.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SNPMI03] C:\WINDOWS\vsnpmi03.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [!ewido] "C:\Arquivos de programas\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Arquivos de programas\Messenger\msmsgs.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=http://www.novadata.com.br/
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Arquivos de programas\ewido anti-spyware 4.0\guard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\ARQUIV~1\Telemar\Velox\app\pppoeservice.exe
-
HI,
Run hijackthis, click scan button and put checks next to these:
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
Nothing open but hijackthis and click on fix checked.
Now reboot into safe mode by tapping your F8 key upon restart and safe mode screen appears, select safe mode and press enter.
Go to add/remove program and remove these:
ebgcInfra
ebgcRes
ebgcSDK
Super Collapse! 3
Reboot norml mode and tell me how your computer is behaving now please.
-
man it's way waaaaay better =) not rebboting or shuting down anymore, thanks a lot man. you really helped me out =)
-
Your welcome,
If you are no longer having any more trouble here is some preventative measures for you.
Be sure to re-hide hidden files/folders if you were asked to unhide them
Here are some preventive measures you can take to keep your computer from getting infected again. also keep all these and Ad-awareSE and SpybotS&D updated.
http://www.d-a-l.com/help/showthread.php?t=32403
Flush your restore points in ME and XP, by turning System Restore off and then back on.
This will create a fresh restore point.
Explained Here:
Windows XP: http://vil.nai.com/vil/SystemHelpDoc...ysRestore.aspx
Explained Here
Microsoft ME:
http://service1.symantec.com/SUPPORT...rc=sec_doc_nam
RegProtect
This small registry protection tool will save you hours of heartache by notifying you when some program good or bad is trying to access your registry.
You have the option of allowing(good) items or blocking(bad)items.
http://www.diamondcs.com.au/index.php?page=regprot
To reduce the re-infection potential for malware and protect yourself against spyware, here are a few helpful suggestions:
1. Keep Windows and Internet Explorer current with the latest critical security updates from Microsoft. This will patch many of the security holes through which attackers can gain access to your computer. You CANNOT complete this update using an alternate browser.
http://v5.windowsupdate.microsoft.co....aspx?ln=en-us
http://www.microsoft.com/windows/ie/default.asp
2. Run your antivirus software regularly, and to keep its definitions up-to-date. If you are thinking about switching, there are a some good free Antivirus programs that are decent, including AVG and Avast!.
AVG: http://free.grisoft.com/doc/1
Avast: http://www.avast.com/eng/avast_4_home.html
3. In addtion to using Ad-aware consider using another free malware scanning/removal program:
Windows Defender
http://www.microsoft.com/athome/secu...e/default.mspx
4. Consider using a free firewall if you are not already using one. Some good free ones are:
Kerio
http://www.sunbelt-software.com/Kerio.cfm
OutPost Personal Firewall:
Outpost
5. Consider using an alternate free browser for general web surfing but you must use IE for windows update.
Mozilla Firefox: www.mozilla.org/products/firefox/
6. Consider increasing your browser security by using these programs:
SpywareGuard will protect your homepage from being hijacked: http://www.javacoolsoftware.com/spywareguard.html
SpywareBlaster will increase browser protection by blocking Thousands of known malware sites by adding them to IE's restricted sites zone. Download it here:
http://www.javacoolsoftware.com/spywareblaster.html
If you use SpywareBlaster, you can also use a customblocklist to add even more entries into IE restricted sites zone. Go to this site for the current list and how to use instructions: http://customblockinglist.cjb.net/
IE-SPYAD is similar in that it adds thousands more known malware sites to IE's restricted zone. Download it here:
https://netfiles.uiuc.edu/ehowes/www/resource.htm
Block access to Untrustworthy Sites
You can prevent your computer from visiting a myriad of untrustworthy sites and ad-servers by installing a customised hosts file. One of the best available is the: MVPS Hosts File. Simply follow the instructions to install the file in the correct location. This will not only make surfing safer but will improve website load times and block popups from many of the large ad-servers.
*Remember just like your primary anti-virus software, it is important to keep all of these programs up-to-date and use them on a regular basis. It's Free
-
Thanks man, i'm instaling these programs in my computer =) now I think I wont have much problems with him. thanks again for your time and help.
-
