C:\WINDOWS\system32\Atsys.exe
C:\WINDOWS\system32\msnsgr.exe (se for do windows messenger, não tem problema apagar? o hijackthis considera ele como This is a unknown process.)
E isso:
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
?
Unknown application.
Unnecessary (deactivated) entry that can be fixed. This entry was classified from our visitors as good.
O hijack diz isso na verificação de log online.
O4 - HKLM\..\Run: [MsOficceXP] C:\WINDOWS\system32\Atsys.exe
O4 - HKLM\..\Run: [Micro Office] C:\WINDOWS\system32\msnsgr.exe
E isso:
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing)
Unnecessary (deactivated) entry that can be fixed. The entry Messenger has been identified as safe.
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (file missing)
Unnecessary (deactivated) entry that can be fixed. The entry Windows Messenger has been identified as safe.
E quanto a esses processos:
O17 - HKLM\System\CCS\Services\Tcpip\..\{02EA583D-EE08-4BCC-812B-E62BC7463EDC}: Domain = @ (pode ser do apache?)
Do you know the IP or Domain '@'? If not, fix this entry.
O17 - HKLM\System\CS1\Services\Tcpip\..\{02EA583D-EE08-4BCC-812B-E62BC7463EDC}: Domain = @ (apache novamente?)
Do you know the IP or Domain '@'? If not, fix this entry.
(as duas chaves acima, do domain @ se repetem mais duas vezes.)
O23 - Service: MySQL - Unknown owner - C:\Arquivos.exe (file missing)(mysql...)
Unknown service. (Arquivos.exe)
E quando ao 023, o mysql? ele acusa de file missing, mas meu mysql e tal funciona direito. É vírus?
Agradeço a atenção,
OBS: Log completo em anexo.