:) Olá matmaibat!

:seta: Baixe o ERUNT e salve-o no desktop

*Crie uma pasta em C:\ chamada ERUNT e extraia para ela

*Execute o arquivo C:\ERUNT\ERUNT.exe

*Clique [OK] > [OK] > [sim] > [OK]

____________________

:seta: Sugiro que você salve ou imprima essas instruções abaixo, pois em alguns momentos você poderá precisar usar o computador sem o acesso à internet:

Faça o download do ComboFix

Salve-o no Desktop (área de trabalho).

* Desabilite as proteções residente de: antivírus, antispywares e firewall ( menos o do Windows! )

* Feche todas as janelas e execute a ferramenta.

* Ps: A execução, por comando, também é possível:

* Vá em Iniciar --> Executar --> Digite ou cole:

"%userprofile%\desktop\Combofix.exe" /killall

/applications/core/interface/imageproxy/imageproxy.php?img=http://img181.imageshack.us/img181/5825/combofixejr8.gif&key=0d882a59a7a65b06e1b50e837804afc9002b25433ef74e0c3f66f43a58058f7b" alt="combofixejr8.gif" />

* Clique em Ok.

* Na solicitação: "Negação de garantia de software" --> Clique em Sim.

/applications/core/interface/imageproxy/imageproxy.php?img=http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif&key=0010234c6eff8b98a829fe5910d3fd47cc8c551f0c1836fc4748c11079a71d03" alt="RcAuto1.gif" />

* Não possuindo o "Console de Recuperação",aceite optar pela instalação do mesmo.

* Terminando,clique Sim ou Yes. --> Aguarde.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

:!: Caso aconteça a notificação de: Aplicativo Win32 inválido ou alguma mensagem parecida com esta, delete a ferramenta ComboFix.exe e faça, novamente, seu download.

* Salve-a no Desktop,renomeada como: Kombo.exe

* Ps: Nomeie durante o salvamento,e não após salvá-la!

* Ps: Surgindo alguma mensagem de erro, rode o ComboFix.exe em "Modo Seguro". <-- Link!

* Ps: Na presença de atividades rootkit,teremos a seguinte janela de notificação:

/applications/core/interface/imageproxy/imageproxy.php?img=http://img.photobucket.com/albums/v666/sUBs/Rookit_found.gif&key=eb1b849776e4208479b15adbf0e86845810495533720ff18c63647e4d0943f29" alt="Rookit_found.gif" />

* Ps: Anote essas detecções, e dê o OK. Neste caso poste estas detecções que você terá anotado em sua próxima resposta juntamente com os logs pedidos.

* Ps: Para completar as remoções, talvez haja necessidade da ferramenta reiniciar o computador. <-- Aguarde!

* Ps: Para evitar problemas, siga todas as recomendações propostas.

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

* Abrir-se-á a janela Auto Scan. --> Aguarde!

* Para finalizar remoções, o ComboFix poderá reiniciar o computador.

* Se houver necessidade, digite a opção ( 1 ) --> Aperte Enter! --> Aguarde a conclusão!

* Durante o scan, evite manusear o mouse ou teclado! <-- Importante!

* Caso, por algum motivo de força maior, precise parar ou sair do ComboFix,tecle "N" ou "2" --> Aperte Enter.

<><><><><><><><><><><><>

Poste o log do Combofix que estará em C:\ComboFix.txt juntamente com um novo log do Hijackthis em sua próxima resposta e nos diga como está o seu PC depois disto.

Ficamos no aguardo.

Olá, Antonio Vieira Sobrinho.

Bom, tive que rodar o comboFix em modo de segurança pois em modo normal ele trava quando chega na parte de Scan, ai tenho que resetar o pc.

Segue o log:

ComboFix 11-03-08.09 - Marco Antonio 09/03/2011 14:56:01.1.6 - x64 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.7934.6477 [GMT -3:00]
Executando de: c:\users\Marco Antonio\Desktop\ComboFix.exe
AV: COMODO Antivirus Disabled/Updated {675CEE69-9702-A524-3989-6D7CC8BF3695}
FW: COMODO Firewall Disabled {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
SP: COMODO Defense+ Disabled/Updated {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Dealio Toolbar
c:\program files (x86)\Dealio Toolbar\IE\4.3\config.ini
c:\program files (x86)\Dealio Toolbar\IE\4.3\deALiotoolbarie.dll
c:\program files (x86)\Dealio Toolbar\Res\amazon.gif
c:\program files (x86)\Dealio Toolbar\Res\apple.gif
c:\program files (x86)\Dealio Toolbar\Res\barnes.gif
c:\program files (x86)\Dealio Toolbar\Res\bestbuy.gif
c:\program files (x86)\Dealio Toolbar\Res\dealio_logo.gif
c:\program files (x86)\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files (x86)\Dealio Toolbar\Res\ebay.gif
c:\program files (x86)\Dealio Toolbar\Res\icon_settings.gif
c:\program files (x86)\Dealio Toolbar\Res\macys.gif
c:\program files (x86)\Dealio Toolbar\Res\newegg.gif
c:\program files (x86)\Dealio Toolbar\Res\overstock.gif
c:\program files (x86)\Dealio Toolbar\Res\search-button-hover.gif
c:\program files (x86)\Dealio Toolbar\Res\search-button.gif
c:\program files (x86)\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files (x86)\Dealio Toolbar\Res\search-chevron.gif
c:\program files (x86)\Dealio Toolbar\Res\search_amazon.gif
c:\program files (x86)\Dealio Toolbar\Res\search_dealio.gif
c:\program files (x86)\Dealio Toolbar\Res\search_ebay.gif
c:\program files (x86)\Dealio Toolbar\Res\search_yahoo.gif
c:\program files (x86)\Dealio Toolbar\Res\target.gif
c:\program files (x86)\Dealio Toolbar\Res\walmart.gif
c:\program files (x86)\Dealio Toolbar\Res\widgets.xml
c:\program files (x86)\Dealio Toolbar\WidgiHelper.exe
c:\users\Marco Antonio\AppData\Roaming\Microsoft\Windows\Recent\tempnolog.html
c:\users\Marco Antonio\AppData\Roaming\Microsoft\Windows\Recent\temppesquisas.html
c:\users\Marco Antonio\AppData\Roaming\Microsoft\Windows\Recent\tempprogramas.html
c:\users\Marco Antonio\AppData\Roaming\Microsoft\Windows\Recent\tempsites.html
c:\users\Marco Antonio\AppData\Roaming\Microsoft\Windows\Recent\tempteclas.html
c:\users\Marco Antonio\sys32config.dll
c:\windows\SysWow64\wdir
c:\windows\SysWow64\wdir\iData\Logs\D05022011.SVT
c:\windows\SysWow64\wdir\iData\Screens\D05022011T192814.JPG
c:\windows\SysWow64\wdir\iData\Screens\D05022011T192819.JPG
c:\windows\SysWow64\wdir\iData\Screens\D05022011T192820.JPG
c:\windows\SysWow64\wdir\iData\Screens\D05022011T192823.JPG
c:\windows\SysWow64\wdir\iData\Screens\D05022011T192825.JPG
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2011-02-09 to 2011-03-09 ))))))))))))))))))))))))))))
.
.
2011-03-09 18:05 . 2011-03-09 18:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-09 00:31 . 2011-02-11 07:30 7947600 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{17AE5D27-0854-4DB6-9252-0109D2C403AD}\mpengine.dll
2011-03-08 05:00 . 2011-03-08 05:00 -------- d-----w- c:\users\Marco Antonio\AppData\Local\Sony
2011-03-08 05:00 . 2011-03-08 05:00 -------- d-----w- c:\users\Marco Antonio\Podcasts
2011-03-08 05:00 . 2011-03-08 05:00 -------- d-----w- c:\program files (x86)\Common Files\Sony Shared
2011-03-08 04:59 . 2011-03-08 05:00 -------- d-----w- c:\program files (x86)\Sony
2011-03-08 04:59 . 2011-03-08 04:59 -------- d-----w- c:\programdata\Sony Corporation
2011-03-08 04:59 . 2011-03-08 04:59 143360 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-03-08 04:59 . 2011-03-08 04:59 143360 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-03-08 04:59 . 2011-03-08 04:59 143360 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-03-08 04:59 . 2011-03-08 04:59 143360 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-03-08 04:59 . 2011-03-08 04:59 143360 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-03-08 04:59 . 2011-03-08 04:59 143360 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-03-08 04:59 . 2011-03-08 04:59 143360 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-03-08 04:59 . 2011-03-08 04:59 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-03-08 04:58 . 2011-03-08 04:59 -------- d-----w- c:\program files (x86)\QuickTime
2011-03-08 04:58 . 2011-03-08 04:58 -------- d-----w- c:\programdata\Apple Computer
2011-03-08 04:58 . 2011-03-08 04:58 -------- d-----w- c:\users\Marco Antonio\AppData\Local\Apple
2011-03-08 04:58 . 2011-03-08 04:58 -------- d-----w- c:\programdata\Apple
2011-03-08 04:58 . 2011-03-08 04:58 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-03-08 04:50 . 2011-03-08 05:00 -------- d-----w- c:\users\Marco Antonio\AppData\Roaming\Sony
2011-03-08 04:50 . 2011-03-08 04:51 -------- d-----w- c:\program files (x86)\Sony Media Go Install
2011-02-28 02:19 . 2011-01-17 06:12 320512 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-02-28 02:19 . 2011-01-17 06:12 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-02-28 02:19 . 2011-01-17 05:30 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-02-28 02:19 . 2011-01-17 05:30 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-02-26 21:26 . 2011-02-26 21:26 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2011-02-26 21:26 . 2011-02-26 21:26 -------- d-----w- c:\program files (x86)\Application Updater
2011-02-23 20:20 . 2011-02-23 20:20 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-02-23 17:42 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-23 17:42 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-02-23 17:34 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 17:34 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-23 17:34 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-02-23 17:34 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-22 23:27 . 2011-02-22 23:27 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2011-02-22 23:27 . 2011-02-22 23:27 -------- d-----w- c:\users\Marco Antonio\SystemRequirementsLab
2011-02-22 23:26 . 2011-02-22 23:26 -------- d-----w- c:\windows\Sun
2011-02-10 00:07 . 2011-02-10 00:07 -------- d-----w- C:\Salt.2010.DVDrip.AC3.Xvid-SOuVLaAKI.[usaBit.com]
2011-02-10 00:06 . 2011-02-10 00:07 -------- d-----w- C:\Toy.Story.3.2010.R5.XviD.AC3-NYDIC
2011-02-09 17:47 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-02-09 17:47 . 2010-12-18 05:29 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-02-09 17:47 . 2010-10-27 05:18 5510528 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-09 17:47 . 2010-10-27 05:16 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-02-09 17:47 . 2010-10-27 04:43 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-02-09 17:47 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-02-09 17:47 . 2010-10-27 04:40 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-02-09 17:46 . 2011-01-05 04:00 3127808 ----a-w- c:\windows\system32\win32k.sys
2011-02-09 17:46 . 2010-12-21 06:16 214016 ----a-w- c:\windows\system32\winsrv.dll
2011-02-09 17:46 . 2011-01-26 06:53 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-02-09 17:46 . 2011-01-26 06:53 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-09 17:46 . 2011-01-26 06:31 144384 ----a-w- c:\windows\system32\cdd.dll
2011-02-09 17:45 . 2011-01-07 08:06 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-09 17:45 . 2011-01-07 07:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-02-09 17:45 . 2011-01-07 05:49 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 17:45 . 2011-01-07 05:33 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-09 03:01 . 2010-06-24 14:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-02 20:11 . 2010-11-12 21:48 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-21 21:53 . 2010-11-13 03:45 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-13 15:13 . 2010-09-11 02:41 362784 ----a-w- c:\windows\system32\guard64.dll
2011-01-13 15:13 . 2010-09-11 02:41 285480 ----a-w- c:\windows\SysWow64\guard32.dll
2011-01-13 15:13 . 2010-09-11 02:40 89840 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-13 15:13 . 2010-09-11 02:40 39888 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-13 15:13 . 2010-09-11 02:40 14184 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-13 15:13 . 2010-09-11 02:40 250008 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-12-17 20:53 . 2010-12-17 20:51 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2010-12-17 20:53 . 2010-12-17 20:51 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-12-17 20:50 . 2010-12-17 20:51 835440 ----a-w- c:\windows\SysWow64\pbsvc.exe
2010-12-16 23:30 . 2010-12-16 23:20 2829 ----a-w- c:\windows\War3Unin.pif
2010-12-16 23:30 . 2010-12-16 23:20 139264 ----a-w- c:\windows\War3Unin.exe
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
Nota entradas vazias e legítimas por defeito não são mostradas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-09-23 4240760]
"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2011-01-24 427008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-01-28 526336]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-09-06 413696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-01-13 250008]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-01-13 39888]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-01-13 202752]
R2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13 136176]
R2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-01-13 6327296]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-01-13 185344]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-12-06 13352]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-13 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2011-01-13 14184]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
.
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2011-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13 03:50]
.

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-13 03:50]
.
.

• - - - ORFÃOS REMOVIDOS - - - -

• - End Of File - - ED391414C7F649AD9BE2EE69A9585EB3

Hijack Atualizado:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [searchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11796 bytes

@Edit:

Meu computador está uma maravilha...kkkkk

o programa que falei que não funcionava direito está funcionando perfeito.

e o site não trava mais...

vlw.

ainda existe algo ruim no log?

obrigado.

Meu computador está uma maravilha...kkkkko programa que falei que não funcionava direito está funcionando perfeito.

e o site não trava mais...

vlw.

ainda existe algo ruim no log?

:) Vários problemas foram removidos pelo Combofix. Mas ainda há alguns outros.

_________________________

:seta: Siga, por gentileza, estas dicas:

Tutorial do Malwarebytes Anti-Malware

Tutorial do Ad-Remover

__________________________

:seta: Depois disso é só voltar aqui no fórum e postar um novo log do Hijackthis, o log do Malwarebytes e o log do Ad-Remover que estará em C:\Ad-Report-CLEAN[1].log e nos diga como está o seu PC depois disto.

Ficamos no aguardo de sua resposta.

Segue os logs:

Malwarebytes' Anti-Malware:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Versão da Base de Dados: 6004

Windows 6.1.7600
Internet Explorer 9.0.8080.16413

09/03/2011 19:11:03
mbam-log-2011-03-09 (19-11-03).txt

Tipo de Verificação: Verificação Completa (C:\|)
Objetos escaneados: 950140
Tempo decorrido: 1 hora(s), 13 minuto(s), 16 segundo(s)

Processos de Memória Infectados: 1
Módulos de Memória Infectados: 0
Chaves de Registro Infectadas: 2
Valores de Registro Infectados: 3
Itens de Dados no Registro Infectados: 0
Pastas Infectadas: 0
Arquivos Infectados: 6

Processos de Memória Infectados:
c:\program files (x86)\application updater\applicationupdater.exe (PUP.Dealio) -> 1996 -> Unloaded process successfully.

Módulos de Memória Infectados:
(Não foram detectados ítens maliciosos)

Chaves de Registro Infectadas:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> Quarantined and deleted successfully.

Valores de Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Quarantined and deleted successfully.

Itens de Dados no Registro Infectados:
(Não foram detectados ítens maliciosos)

Pastas Infectadas:
(Não foram detectados ítens maliciosos)

Arquivos Infectados:
c:\program files (x86)\application updater\applicationupdater.exe (PUP.Dealio) -> Quarantined and deleted successfully.
c:\program files (x86)\premiumsoft\navicat 8.0 mysql\Crack.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\dealio toolbar\widgihelper.exe.vir (PUP.Dealio) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\program files (x86)\dealio toolbar\IE\4.3\dealiotoolbarie.dll.vir (PUP.Dealio) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\Users\marco antonio\sys32config.dll.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files (x86)\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Quarantined and deleted successfully.

AD-REMOVER:

======= REPORT FROM AD-REMOVER 2.0.0.2,F | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 01/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Launched at 17:51:09 on 09/03/2011, Normal boot

Microsoft Windows 7 Ultimate (X64)
Marco Antonio@MATHEUS-PC (System manufacturer System Product Name)

============== SEARCH ==============

Service: "Application Updater" Service found

Folder found: C:\Program Files (x86)\Application Updater
Folder found: C:\Users\Marco Antonio\AppData\LocalLow\Search Settings
Folder found: C:\Program Files (x86)\Common Files\Spigot

Key found: HKLM\Software\Application Updater
Key found: HKLM\Software\Dealio
Key found: HKLM\Software\Search Settings
Key found: HKCU\Software\AppDataLow\Software\Toolbar
Key found: HKCU\Software\AppDataLow\Software\Search Settings
Key found: HKLM\Software\Cheat Engine\OpenCandy
Key found: HKLM\Software\Wow6432Node\Cheat Engine\OpenCandy
Key found: HKLM\Software\Classes\Installer\Products\59B0DDD9E3F1E354F921AEBCD06D6BFC

Value found: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SearchSettings

============== ADDITIONNAL SCAN ==============

** Internet Explorer Version [9.0.8080.16413] **

HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Start Page - hxxp://www.garena.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll)
HKCU_ElevationPolicy\{874B8560-E5B7-4E21-BB82-CD2443BF7BB5} - C:\Program Files (x86)\DreaMule\emule.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files (x86)\Java\jre6\bin\ssv.dll)
BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Auxiliar de Conexão do Windows Live ID" (C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll)
BHO\{bf00e119-21a3-4fd1-b178-3b8537e75c92} - "IeMonitorBho Class" (C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 File(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 File(s)

C:\Ad-Report-SCAN[1].txt - 09/03/2011 17:51:13 (3119 Byte(s))

End at: 17:51:41, 09/03/2011

============== E.O.F ==============

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:37, on 09/03/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marco Antonio\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.garena.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.minilua.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.minilua.com/q/%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11520 bytes

Está bom o pc.

Nenhum erro voltou a ocorrer.

Obrigado.

:) Vários problemas foram removidos pelo Malwarebytes.

___________________________

======= REPORT FROM AD-REMOVER 2.0.0.2,F | ONLY XP/VISTA/7 ======= 

============== SEARCH ==============

:!: Mas no seu log do Ad-Remover está constando que você usou somente a função de pesquisa (Search). Abra novamente o Ad-remover e escolha a opção Clean, que é a opção que remove os problemas encontrados.

_____________________________

:seta: No seu log está constando também que você está sem antivirus e é muito importante ter um. Sugiro um ótimo antivirus gratuito para você, como o Avira AntiVir Personal Edition Classic 2010.

Para instalar, configurar e usar corretamente o Avira antivir é só seguir as dicas destes tutoriais:

Tutorial do Avira AntiVir Personal Edition Classic 2010 (Instalação e Configuração)

Tutorial do Avira AntiVir Personal Edition Classic 2010 (como usá-lo corretamente)

• Depois de instalar e configurar o Avira Antivir seguindo as dicas dos tutoriais acima, atualize-o (faça um update) e reinicie o seu computador e entre pelo Modo de Segurança (apertando a tecla F8 (ou a tecla F5 em alguns computadores) repetidas vezes quando o computador estiver reiniciando e escolhendo a opção Modo Seguro com rede). Aí quando o computador tiver reiniciado, clique com o botão direito do mouse sobre o símbolo do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Iniciar o AntiVir > clique na opção Verif. sistema agora > e aguarde a conclusão do escaneamento.

Obs: Caso não seja possível fazer o escaneamento com o Avira Antivir no Modo Seguro do Windows, faça-o no modo normal.

_______________________________________________________________

:seta: Quando você tiver removido os virus que o Avira Antivir encontrar, reinicie o computador normalmente. Clique com o botão direito do mouse sobre o ícone do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Iniciar o AntiVir > clique na opção Relatórios > dê um duplo clique com o botão esquerdo do mouse sobre o log mais recente e clique no botão Arquivo de relatório > Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar) > Depois disso é só voltar aqui no fórum e postar este log do Avira Antivir juntamente com um novo log do Hijackthis e o novo log do Ad-Remover que estará em C:\Ad-Report-CLEAN[2].log para que eles possam ser analizados.

Ficamos no aguardo de sua resposta.

Olá,

errei no ad-r...

Segue o logo:

AD-REMOVER:

======= REPORT FROM AD-REMOVER 2.0.0.2,F | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 01/03/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:15:56 on 09/03/2011, Normal boot

Microsoft Windows 7 Ultimate (X64)
Marco Antonio@MATHEUS-PC (System manufacturer System Product Name)

============== ACTION(S) ==============

Folder deleted: C:\Program Files (x86)\Application Updater
Folder deleted: C:\Users\Marco Antonio\AppData\LocalLow\Search Settings
Folder deleted: C:\Program Files (x86)\Common Files\Spigot

(!) -- Temporary files deleted.

Key deleted: HKLM\Software\Application Updater
Key deleted: HKLM\Software\Search Settings
Key deleted: HKCU\Software\AppDataLow\Software\Toolbar
Key deleted: HKCU\Software\AppDataLow\Software\Search Settings
Key deleted: HKLM\Software\Cheat Engine\OpenCandy
Key deleted: HKLM\Software\Classes\Installer\Products\59B0DDD9E3F1E354F921AEBCD06D6BFC

============== ADDITIONNAL SCAN ==============

** Internet Explorer Version [9.0.8080.16413] **

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll)
HKCU_ElevationPolicy\{874B8560-E5B7-4E21-BB82-CD2443BF7BB5} - C:\Program Files (x86)\DreaMule\emule.exe (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
BHO\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - "SSVHelper Class" (C:\Program Files (x86)\Java\jre6\bin\ssv.dll)
BHO\{9030D464-4C02-4ABF-8ECC-5164760863C6} - "Auxiliar de Conexão do Windows Live ID" (C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll)
BHO\{bf00e119-21a3-4fd1-b178-3b8537e75c92} - "IeMonitorBho Class" (C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll)

========================================

C:\Program Files (x86)\Ad-Remover\Quarantine: 4 File(s)
C:\Program Files (x86)\Ad-Remover\Backup: 16 File(s)

C:\Ad-Report-CLEAN[1].txt - 09/03/2011 20:15:59 (3186 Byte(s))
C:\Ad-Report-SCAN[1].txt - 09/03/2011 17:51:13 (3257 Byte(s))
C:\Ad-Report-SCAN[2].txt - 09/03/2011 19:16:24 (3159 Byte(s))

End at: 20:17:03, 09/03/2011

============== E.O.F ==============

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:39, on 09/03/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Windows\DAODx.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marco Antonio\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11374 bytes

Quanto ao antivirus eu estou usando o pacote do Comodo Firewall + Antivirus + Defense+. Uso ele porque gosto do Firewall, agora sei que o antivirus dele eh caidinho...

sugere usar os dois?

venh como o log do avira em breve grato.

@Edit:

Se lembra do site que falei?

continua travando....

obrigado.

Quanto ao antivirus eu estou usando o pacote do Comodo Firewall + Antivirus + Defense+. Uso ele porque gosto do Firewall, agora sei que o antivirus dele eh caidinho...sugere usar os dois?

venh como o log do avira em breve grato.

:seta: Sugiro que você desative o antivirus do Comodo e use só o firewall dele que é muito bom. E como antivirus sugiro que você use o Avira ou outro bom de sua preferência.

_____________________

@Edit:Se lembra do site que falei?

continua travando....

obrigado.

Vamos continuar com as limpezas e vermos se o problema é causado por virus ou se é outro tipo de problema.

Olá, sabe me informar se preciso desinstalar e baixar so o firewall?

quanto ao defense+? ele também vai junto? obrigado.

>
Olá, sabe me informar se preciso desinstalar e baixar so o firewall?

quanto ao defense+? ele também vai junto? obrigado.

O Defense + você pode continuar a usar. Não precisa desinstalá-lo, é só desativar o antivirus dele, ele oferece esta opção de desativar o antivirus?

Olá, sim posso desativa-lo mais não deletar, e o sandbox? posso deixar?

Quanto ao log do avira não conseguir achar, está em inglês o programa e mesmo eu fuçando eu não achei.

Segue o log:

HijackThis: Depois do Avira.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:09:13, on 10/03/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\DAODx.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marco Antonio\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2905346
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Messenger Plus BR - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12046 bytes

Olá, sim posso desativa-lo mais não deletar, e o sandbox? posso deixar?

Sim, é só desativá-lo então. E quanto ao sandbox pode continuar a usar normalmente.

_________________________

Quanto ao log do avira não conseguir achar, está em inglês o programa e mesmo eu fuçando eu não achei

:seta: Para acessar o log do Avira, clique com o botão direito do mouse sobre o ícone do Avira (aquele guarda-chuva vermelho aberto ao lado do relógio do Windows) e escolha a opção Start AntiVir > clique na opção Reports> dê um duplo clique com o botão esquerdo do mouse sobre o log mais recente e clique no botão Report file > Depois será aberta uma tela com o log, então é só selecionar este Log (Clique no menu: Editar » Selecionar Tudo), depois disso volte novamente no menu: Editar » e clique na opção: Copiar) > Depois disso é só voltar aqui no fórum e postar este log do Avira Antivir para que ele possa ser analizado.

Olá,

segue o log:

Avira AntiVir Personal:

Avira AntiVir Personal
Report file date: quarta-feira, 9 de março de 2011 21:14

Scanning for 2477613 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 x64
Windows version : (plain) [6.1.7600]
Boot mode : Safe mode
Username : Marco Antonio
Computer name : MATHEUS-PC

Version information:
BUILD.DAT : 10.0.0.611 31824 Bytes 14/01/2011 13:42:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 10/01/2011 17:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 15:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 10/01/2011 17:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 11/02/2010 02:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 12:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 17:23:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09/02/2011 00:09:26
VBASE003.VDF : 7.11.3.1 2048 Bytes 09/02/2011 00:09:27
VBASE004.VDF : 7.11.3.2 2048 Bytes 09/02/2011 00:09:27
VBASE005.VDF : 7.11.3.3 2048 Bytes 09/02/2011 00:09:28
VBASE006.VDF : 7.11.3.4 2048 Bytes 09/02/2011 00:09:28
VBASE007.VDF : 7.11.3.5 2048 Bytes 09/02/2011 00:09:29
VBASE008.VDF : 7.11.3.6 2048 Bytes 09/02/2011 00:09:29
VBASE009.VDF : 7.11.3.7 2048 Bytes 09/02/2011 00:09:30
VBASE010.VDF : 7.11.3.8 2048 Bytes 09/02/2011 00:09:30
VBASE011.VDF : 7.11.3.9 2048 Bytes 09/02/2011 00:09:31
VBASE012.VDF : 7.11.3.10 2048 Bytes 09/02/2011 00:09:31
VBASE013.VDF : 7.11.3.59 157184 Bytes 14/02/2011 00:09:43
VBASE014.VDF : 7.11.3.97 120320 Bytes 16/02/2011 00:09:47
VBASE015.VDF : 7.11.3.148 128000 Bytes 19/02/2011 00:09:49
VBASE016.VDF : 7.11.3.183 140288 Bytes 22/02/2011 00:09:53
VBASE017.VDF : 7.11.3.216 124416 Bytes 24/02/2011 00:09:56
VBASE018.VDF : 7.11.3.251 159232 Bytes 28/02/2011 00:10:03
VBASE019.VDF : 7.11.4.33 148992 Bytes 02/03/2011 00:10:05
VBASE020.VDF : 7.11.4.73 150016 Bytes 06/03/2011 00:10:07
VBASE021.VDF : 7.11.4.108 122880 Bytes 08/03/2011 00:10:11
VBASE022.VDF : 7.11.4.109 2048 Bytes 08/03/2011 00:10:11
VBASE023.VDF : 7.11.4.110 2048 Bytes 08/03/2011 00:10:12
VBASE024.VDF : 7.11.4.111 2048 Bytes 08/03/2011 00:10:12
VBASE025.VDF : 7.11.4.112 2048 Bytes 08/03/2011 00:10:13
VBASE026.VDF : 7.11.4.113 2048 Bytes 08/03/2011 00:10:13
VBASE027.VDF : 7.11.4.114 2048 Bytes 08/03/2011 00:10:14
VBASE028.VDF : 7.11.4.115 2048 Bytes 08/03/2011 00:10:14
VBASE029.VDF : 7.11.4.116 2048 Bytes 08/03/2011 00:10:15
VBASE030.VDF : 7.11.4.117 2048 Bytes 08/03/2011 00:10:15
VBASE031.VDF : 7.11.4.141 86016 Bytes 09/03/2011 00:10:17
Engineversion : 8.2.4.180
AEVDF.DLL : 8.1.2.1 106868 Bytes 10/01/2011 17:23:26
AESCRIPT.DLL : 8.1.3.56 1261945 Bytes 10/03/2011 00:11:00
AESCN.DLL : 8.1.7.2 127349 Bytes 10/01/2011 17:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 10/01/2011 17:23:26
AERDL.DLL : 8.1.9.2 635252 Bytes 10/01/2011 17:23:25
AEPACK.DLL : 8.2.4.11 520566 Bytes 10/03/2011 00:10:55
AEOFFICE.DLL : 8.1.1.17 205177 Bytes 10/03/2011 00:10:49
AEHEUR.DLL : 8.1.2.83 3338613 Bytes 10/03/2011 00:10:43
AEHELP.DLL : 8.1.16.1 246134 Bytes 10/03/2011 00:10:27
AEGEN.DLL : 8.1.5.2 397683 Bytes 10/03/2011 00:10:25
AEEMU.DLL : 8.1.3.0 393589 Bytes 10/01/2011 17:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 10/03/2011 00:10:21
AEBB.DLL : 8.1.1.0 53618 Bytes 10/01/2011 17:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 10/01/2011 17:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 10/01/2011 17:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 17:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 10/01/2011 17:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 10/01/2011 17:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 10/01/2011 17:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 10/01/2011 17:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 17:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 10/01/2011 17:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 17:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 16:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 10/01/2011 17:23:52

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: quarta-feira, 9 de março de 2011 21:14

Starting search for hidden objects.
The driver could not be initialized.

The scan of running processes will be started
Scan process 'avscan.exe' - '65' Module(s) have been scanned
Scan process 'avcenter.exe' - '73' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[iNFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[iNFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '178' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\Program Files (x86)\Warcraft III\DreamLoader.dll
[DETECTION] Is the TR/Black.Gen2 Trojan
C:\Program Files (x86)\Warcraft III\Dream_Config.exe
[DETECTION] Is the TR/Spy.413184.7 Trojan
C:\Program Files (x86)\Warcraft III\Dream_Loader.dll
[DETECTION] Is the TR/Spy.1552896 Trojan
C:\Users\Marco Antonio\Documents\Meus Downloads\MSN_Spy_Master_FULL_www.quick-downloads.com.rar
[0] Archive type: RAR
[DETECTION] Contains recognition pattern of the DR/Spy.VB.byf dropper
--> Setup.exe
[DETECTION] Contains recognition pattern of the DR/Spy.VB.byf dropper
C:\Users\Marco Antonio\Downloads\DeviceDoctor1.0.0.1Portable.rar
[0] Archive type: RAR
[DETECTION] Is the TR/Gendal.71680.D Trojan
--> DeviceDoctor1.0.0.1Portable\Portable Device Doctor v1.0.0.1.exe
[1] Archive type: 7-Zip SFX (self extracting)
--> Birungueta.exe
[DETECTION] Is the TR/Gendal.71680.D Trojan
C:\Users\Marco Antonio\Downloads\dreamdota_v13 (1).zip
[0] Archive type: ZIP
[DETECTION] Is the TR/Black.Gen2 Trojan
--> Dream_Dota.dll
[1] Archive type: OVL
--> Object
[DETECTION] Is the TR/Black.Gen2 Trojan
--> Dream_Loader.dll
[DETECTION] Is the TR/Black.Gen2 Trojan
C:\Users\Marco Antonio\Downloads\dreamdota_v13.zip
[0] Archive type: ZIP
[DETECTION] Is the TR/Black.Gen2 Trojan
--> Dream_Dota.dll
[1] Archive type: OVL
--> Object
[DETECTION] Is the TR/Black.Gen2 Trojan
--> Dream_Loader.dll
[DETECTION] Is the TR/Black.Gen2 Trojan
C:\Windows\SysWOW64\winsmfiles\wma446.exe
[DETECTION] Is the TR/Dropper.Gen Trojan

Beginning disinfection:
C:\Windows\SysWOW64\winsmfiles\wma446.exe
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '493a956f.qua'.
C:\Users\Marco Antonio\Downloads\dreamdota_v13.zip
[DETECTION] Is the TR/Black.Gen2 Trojan
[NOTE] The file was moved to the quarantine directory under the name '51a9bac5.qua'.
C:\Users\Marco Antonio\Downloads\dreamdota_v13 (1).zip
[DETECTION] Is the TR/Black.Gen2 Trojan
[NOTE] The file was moved to the quarantine directory under the name '03f6e02d.qua'.
C:\Users\Marco Antonio\Downloads\DeviceDoctor1.0.0.1Portable.rar
[DETECTION] Is the TR/Gendal.71680.D Trojan
[NOTE] The file was moved to the quarantine directory under the name '65f2af9b.qua'.
C:\Users\Marco Antonio\Documents\Meus Downloads\MSN_Spy_Master_FULL_www.quick-downloads.com.rar
[DETECTION] Contains recognition pattern of the DR/Spy.VB.byf dropper
[NOTE] The file was moved to the quarantine directory under the name '205e82b3.qua'.
C:\Program Files (x86)\Warcraft III\Dream_Loader.dll
[DETECTION] Is the TR/Spy.1552896 Trojan
[NOTE] The file was moved to the quarantine directory under the name '5f5eb0b3.qua'.
C:\Program Files (x86)\Warcraft III\Dream_Config.exe
[DETECTION] Is the TR/Spy.413184.7 Trojan
[NOTE] The file was moved to the quarantine directory under the name '13e69cf9.qua'.
C:\Program Files (x86)\Warcraft III\DreamLoader.dll
[DETECTION] Is the TR/Black.Gen2 Trojan
[NOTE] The file was moved to the quarantine directory under the name '6ffedca9.qua'.

End of the scan: quarta-feira, 9 de março de 2011 23:03
Used time: 1:37:23 Hour(s)

The scan has been done completely.

157001 Scanned directories
1969338 Files were scanned
10 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
8 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
1969328 Files not concerned
9039 Archives were scanned
0 Warnings
8 Notes

:thumbsup: Mais problemas foram removidos pelo Avira.

__________________________

:seta: Siga, por gentileza, esta dica:

Tutorial do Norman Malware Cleaner

Na sua próxima resposta poste o conteúdo do log do Norman Malware Cleaner juntamente com um novo log do Hijackthis e nos diga como está o seu PC depois disto.

Ficamos na espera.

Olá,

Bom, o log do Norman eu não consegui achar...

entretanto segue o log do Hijackthis depois do Norman.

@obs: Não consigo usar o Norman em modo normal pois quando começa o scan ele trava, tive que usar em modo seguro.

Obrigado.

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:18:25, on 10/03/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marco Antonio\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2905346
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Messenger Plus BR - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12108 bytes

o log do Norman qual está no local onde você instalou o Norman Malware Cleaner, caso você tenha salvo ele em seu Desktop, o log também está no Desktop. Você notou se quando terminou o escaneamento com ele se ele informou que tinha removido alguns virus?

Olá,

Segue os log:

@Obs: Como eu tive que tentar varias vezes ele gerou varios logs.

Norman Malware Cleaner: Log 1

Norman Malware Cleaner
Version 1.8.3
Copyright © 1990 - 2010, Norman ASA. Built 2011/03/09 23:28:18

Norman Scanner Engine Version: 6.07.03
Nvcbin.def Version: 6.07.00, Date: 2011/03/09 23:28:18, Variants: 10454660

Scan started: 2011/03/10 17:16:49

Running pre-scan cleanup routine:
Operating System: Microsoft Windows 7 6.1.7600
Logged on user: MATHEUS-PC\Marco Antonio

Removed registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -> DisableRegistryTools = 0x00000000
Removed registry value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer -> NoDrives = 0x00000000
Removed registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer -> NoDrives = 0x00000000

Scanning kernel...

Kernel scan complete

Scanning running processes and process memory...

Norman Malware Cleaner: Log 2

Norman Malware Cleaner
Version 1.8.3
Copyright © 1990 - 2010, Norman ASA. Built 2011/03/09 23:28:18

Norman Scanner Engine Version: 6.07.03
Nvcbin.def Version: 6.07.00, Date: 2011/03/09 23:28:18, Variants: 10454660

Scan started: 2011/03/10 17:27:34

Running pre-scan cleanup routine:
Operating System: Microsoft Windows 7 6.1.7600 (Safe mode)
Logged on user: MATHEUS-PC\Marco Antonio

Scanning kernel...

Kernel scan complete

Scanning running processes and process memory...

Number of processes/threads found: 128
Number of processes/threads scanned: 128
Number of processes/threads not scanned: 0
Number of infected processes/threads terminated: 0
Total scanning time: 3s 151ms

Scanning file system...

Scanning: prescan

Scanning: C:\.

C:\Level Up! Games\--\newRF.cab_DOWN_/.\RF.lc (Error whilst scanning file: I/O Error (0x00220005))

C:\Level Up! Games\RF Online\newRF.cab_DOWN_/.\RF.lc (Error whilst scanning file: I/O Error (0x00220005))

C:\Program Files (x86)\Warcraft III\DreamLoader.dll (Infected with W32/Suspicious_Gen2.HDZND)
Deleted file

Running post-scan cleanup routine:

Aborted by user
Number of files found: 433551
Number of archives unpacked: 2243
Number of files scanned: 433547
Number of files not scanned: 4
Number of files skipped due to exclude list: 0
Number of infected files found: 1
Number of infected files repaired/deleted: 1
Number of infections removed: 1
Total scanning time: 41m 5s

Norman Malware Cleaner: Log 3

Norman Malware Cleaner
Version 1.8.3
Copyright © 1990 - 2010, Norman ASA. Built 2011/03/09 23:28:18

Norman Scanner Engine Version: 6.07.03
Nvcbin.def Version: 6.07.00, Date: 2011/03/09 23:28:18, Variants: 10454660

Scan started: 2011/03/10 18:31:40

Running pre-scan cleanup routine:
Operating System: Microsoft Windows 7 6.1.7600 (Safe mode)
Logged on user: MATHEUS-PC\Marco Antonio

Scanning kernel...

Kernel scan complete

Scanning running processes and process memory...

Number of processes/threads found: 110
Number of processes/threads scanned: 110
Number of processes/threads not scanned: 0
Number of infected processes/threads terminated: 0
Total scanning time: 0s 686ms

Scanning file system...

Scanning: prescan

Scanning: C:\.

C:\Level Up! Games\--\newRF.cab_DOWN_/.\RF.lc (Error whilst scanning file: I/O Error (0x00220005))

C:\Level Up! Games\RF Online\newRF.cab_DOWN_/.\RF.lc (Error whilst scanning file: I/O Error (0x00220005))

C:\System Volume Information\{38088~1 (Error opening file: Access denied)

C:\System Volume Information\{40ACD~1 (Error opening file: Access denied)

C:\System Volume Information\{40ACE~1 (Error opening file: Access denied)

C:\System Volume Information\{5927D~1 (Error opening file: Access denied)

C:\System Volume Information\{AC6F8~1 (Error opening file: Access denied)

C:\System Volume Information\{AC6F8~2 (Error opening file: Access denied)

C:\System Volume Information\{AC6F8~3 (Error opening file: Access denied)

C:\System Volume Information\{C3C1A~1 (Error opening file: Access denied)

C:\System Volume Information\{C3C1A~2 (Error opening file: Access denied)

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F4988_wisptis.exe.90B92711_707E_4B8F_BC75_2D5171F9C340 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/FL_Microsoft_VisualStudio_Publish_dll_91752_____X86.3643236F_FC70_11D3_A536_0090278A1BB8 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/FL_msvcr71_dll_11_____X86.3643236F_FC70_11D3_A536_0090278A1BB8 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/FL_Microsoft_VisualStudio_Tools_Applicatio_142489_____X86.3643236F_FC70_11D3_A536_0090278A1BB8 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/FL_Microsoft_VisualStudio_Tools_Applicatio_142484_____X86.3643236F_FC70_11D3_A536_0090278A1BB8 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2332_WkImg90.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2484_WkImgSrv.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2335_WkWat90.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2336_WkWbl90.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2331_WkGL90.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2329_wkcvqd01.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2330_wkcvqr01.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2485_wkls31.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2196_ltimg13n.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2190_LFCMP13n.DLL.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2192_Lfpng13n.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2194_LTDIS13n.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2195_ltfil13n.DLL.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Desktop\Pendrive\OFFICE 2007\Enterprise.WW\EnterWW.cab/F2197_ltkrn13n.dll.7D0F94BE_01EA_437E_ACD5_83E665F9465F (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Documents\Meus Downloads\cs16fullCPv11(1).exe/noname.nsis/file2164 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Documents\Meus Downloads\cs16fullCPv11(1).exe/noname.nsis/file3660 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Documents\Meus Downloads\cs16fullCPv11.exe.megamanager/noname.nsis/file46 (Error whilst scanning file: I/O Error (0x00000026))

C:\Users\Marco Antonio\Documents\Meus Downloads\RF Trainer v1.3.exe (Infected with W32/Agent.MVMW)
Deleted file

C:\Users\Marco Antonio\Downloads\Ally_+_Clan_Crest.exe (Infected with W32/Smalltroj.YWRV)
Deleted file

C:\Users\Marco Antonio\Downloads\dreamdota_v13 (1).zip/Dream_Loader.dll (Infected with W32/Suspicious_Gen2.HDZND)
Deleted file

C:\Users\Marco Antonio\Downloads\dreamdota_v13 (1).zip/winmm.dll (Infected with Patched.GY)
Deleted file

C:\Users\Marco Antonio\Downloads\dreamdota_v13.zip/Dream_Loader.dll (Infected with W32/Suspicious_Gen2.HDZND)
Deleted file

C:\Users\Marco Antonio\Downloads\dreamdota_v13.zip/winmm.dll (Infected with Patched.GY)
Deleted file

C:\Users\Marco Antonio\Downloads\EasyAntiCheat (1).exe (Infected with W32/Suspicious_Gen2.GSSTQ)
Deleted file

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/geo_index.txt (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/pn_index.txt (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/16_10.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/16_12.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/16_18.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/16_19.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/16_20.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/16_21.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/16_24.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/16_25.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_10.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_11.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_15.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_16.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_17.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_19.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_20.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_21.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_22.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_23.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_24.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/17_25.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_10.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_11.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_14.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_15.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_16.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_19.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_20.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_21.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_22.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_23.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_24.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/18_25.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_10.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_11.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_13.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_14.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_15.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_16.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_17.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_18.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_19.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_20.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_21.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_22.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_23.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_24.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_25.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/19_26.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_10.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_11.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_13.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_14.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_15.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_16.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_17.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_18.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_19.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_20.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_21.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_22.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_23.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_24.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_25.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/20_26.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_11.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_14.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_15.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_16.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_17.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_18.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_19.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_20.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_21.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_22.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_23.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_24.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/21_25.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_13.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_14.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_15.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_16.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_17.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_18.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_19.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_20.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_21.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_22.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_23.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_24.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/22_25.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_11.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_12.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_13.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_14.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_15.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_16.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_17.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_18.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_19.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_20.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_21.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_22.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_23.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_24.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/23_25.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_11.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_12.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_13.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_14.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_15.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_16.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_17.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_18.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_19.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_20.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_21.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_22.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_23.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_24.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/24_25.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_11.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_12.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_14.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_15.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_16.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_17.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_18.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_19.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_20.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_21.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/25_23.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/26_11.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/26_12.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Geodatas/26_14.l2j (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/16_10.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/16_12.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/16_18.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/16_19.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/16_20.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/16_21.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/16_24.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/16_25.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_10.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_11.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_15.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_16.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_17.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_19.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_20.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_21.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_22.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_23.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_24.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/17_25.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_10.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_11.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_14.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_15.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_16.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_19.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_20.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_21.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_22.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_23.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_24.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/18_25.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_10.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_11.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_13.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_14.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_15.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_16.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_17.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_18.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_19.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_20.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_21.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_22.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_23.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_24.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_25.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/19_26.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_10.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_11.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_13.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_14.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_15.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_16.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_17.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_18.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_19.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_20.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_21.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_22.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_23.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_24.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_25.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/20_26.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_11.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_14.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_15.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_16.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_17.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_18.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_19.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_20.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_21.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_22.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_23.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_24.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/21_25.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_13.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_14.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_15.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_16.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_17.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_18.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_19.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_20.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_21.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_22.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_23.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_24.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/22_25.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_11.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_12.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_13.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_14.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_15.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_16.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_17.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_18.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_19.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_20.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_21.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_22.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_23.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_24.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/23_25.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_11.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_12.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_13.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_14.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_15.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_16.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_17.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_18.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_19.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_20.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_21.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_22.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_23.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_24.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/24_25.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_11.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_12.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_14.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_15.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_16.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_17.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_18.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_19.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_20.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_21.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/25_23.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/26_11.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/26_12.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\L2jfree_Geodata_369_by_Fascist.7z/Pathnodes/26_14.pn (Error whilst scanning file: I/O Error (0x00002000))

C:\Users\Marco Antonio\Downloads\media.player.codec.pack.v3.9.6.setup.exe/noname.nsis/file0/file18 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Downloads\ranzatti42c1529cc2f0d60322a7c0ee3766e219.rar.vi5hgrm.partial/The.Lord.of.the.Rings.The.Return.of.the.King.2002.720p.BluRay.DTS.x264-ESiR.srt (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Downloads\SteamInstall_CS.exe/file15 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Downloads\TeamSpeak3-Client-win32-3.0.0-beta36.exe/noname.nsis/file0/file7 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Downloads\veetle-0.9.18.exe/noname.nsis/file0/file87 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Downloads\WYD7554.exe/noname.nsis/file5466 (Error whilst scanning file: I/O Error (0x00220005))

C:\Users\Marco Antonio\Downloads\WYD7554.exe/noname.nsis/file6156 (Error whilst scanning file: I/O Error (0x00220005))

Running post-scan cleanup routine:

Estes foram os logs que deram algo como resultado.

PS: Os outros não foi iniciado devido a eu estar tentando rodar o programa no modo normal.

Sendo que só rodou em modo de segurança.

Obrigado.

@dreamdota.

Bom se não sabe ele é um programa confiavel.... agora ele necessita de virus pra poder rodar....

pq ele edita o cliente do jogo ou algo parecido ai é acusado como virus..

:thumbsup: Outros problemas foram removidos pelo Norman.

____________________________

:seta: Siga, por gentileza, as dicas deste tutorial para fazer um escaneamento de seu PC pelo Nod32 Online:

Tutorial do antivirus Nod32 Online

Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:

C:\Arquivos de programas\Eset\Eset Online Scanner\log.txt

Na sua próxima resposta poste este log do Nod32 Online juntamente com um novo log do Hijackthis e nos diga, por gentileza, como está o seu PC após seguir este procedimento. Ficamos no aguardo de sua resposta.

Olá,

O Scan demorou muito mais de 6h de scan.... por isso a demora.

Segue os Logs:

ESETSmart:

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok

version=7

OnlineScannerApp.exe=1.0.0.1

OnlineScanner.ocx=1.0.0.6425

api_version=3.0.2

EOSSerial=e5cdd24a7444bf408ae95bb9b68ca1fe

end=stopped

remove_checked=true

archives_checked=true

unwanted_checked=true

unsafe_checked=true

antistealth_checked=true

utc_time=2011-03-11 05:27:50

local_time=2011-03-11 02:27:50 (-0300, Hora oficial do Brasil)

country="Brazil"

lang=1033

osver=5.1.2600 NT Service Pack 2

compatibility_mode=512 16777215 100 0 0 0 0 0

compatibility_mode=1797 16775165 100 94 0 35461002 0 0

compatibility_mode=3073 16777213 80 75 0 4011055 0 0

compatibility_mode=5893 16776573 100 52 0 51408819 0 0

compatibility_mode=8192 67108863 100 0 0 0 0 0

scanned=7407

found=0

cleaned=0

scan_time=419

version=7

OnlineScannerApp.exe=1.0.0.1

OnlineScanner.ocx=1.0.0.6425

api_version=3.0.2

EOSSerial=e5cdd24a7444bf408ae95bb9b68ca1fe

end=finished

remove_checked=true

archives_checked=true

unwanted_checked=true

unsafe_checked=true

antistealth_checked=true

utc_time=2011-03-12 01:57:30

local_time=2011-03-11 10:57:30 (-0300, Hora oficial do Brasil)

country="Brazil"

lang=1033

osver=5.1.2600 NT Service Pack 2

compatibility_mode=512 16777215 100 0 0 0 0 0

compatibility_mode=1797 16775165 100 94 0 35468728 0 0

compatibility_mode=3073 16777213 80 75 0 4018781 0 0

compatibility_mode=5893 16776573 100 52 0 51416545 0 0

compatibility_mode=8192 67108863 100 0 0 0 0 0

scanned=679577

found=9

cleaned=9

scan_time=23270

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:03:30, on 11/03/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marco Antonio\Desktop\HiJackThis.exe
C:\program files (x86)\avira\antivir desktop\avcenter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2905346
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Messenger Plus BR - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - Startup: Typle.lnk = C:\Program Files (x86)\Typle2.0v\Typle.exe
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12017 bytes

:) 9 problemas foram removidos pelo Nod32 Online.

_________________________

:seta: Siga, por gentileza as dicas deste tutorial para fazer uma limpeza de seu PC com o Spyware Doctor:

Tutorial do Spyware Doctor Starter Edition

Na sua próxima resposta poste este log do Spyware Doctor juntamente com um novo log do Hijackthis e nos diga como está o seu Pc depois disto.

Ficamos no aguardo.

Olá Amigo,

Segue os Logs:

PC Tools Spyware Doctor:

PC Tools Spyware Doctor

Date
Status
12/03/2011 00:55:05:302
Serviço Iniciado
Aplicações de Serviço do Spyware Doctor iniciadas
12/03/2011 00:55:05:303
Mecanismo Antimalware
Configuração do mecanismo antimalware carregada com sucesso.
12/03/2011 00:55:12:934
Verificação Iniciada
Tipo de Verificação - Intelli-Scan
12/03/2011 00:55:26:521
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
12/03/2011 00:55:26:521
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
12/03/2011 00:55:26:522
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
12/03/2011 00:55:26:522
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
12/03/2011 00:55:26:523
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
12/03/2011 00:55:26:523
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
12/03/2011 00:55:27:568
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers, (Default)
12/03/2011 00:55:27:570
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid, (Default)
12/03/2011 00:55:27:570
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid
12/03/2011 00:55:27:571
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers
12/03/2011 00:55:27:573
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents, (Default)
12/03/2011 00:55:27:574
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid, (Default)
12/03/2011 00:55:27:575
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid
12/03/2011 00:55:27:575
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents
12/03/2011 00:55:43:495
Verificação Concluída
Tipo de Verificação - Intelli-Scan
Itens Processados - 264068
Ameaças Detectadas - 2
Infecções Detectadas - 14
Infecções Ignoradas - 0
12/03/2011 00:55:44:832
Status do IntelliGuard
Todos os IntelliGuards foram Ativados
12/03/2011 00:55:51:789
Resultados do Immunizer
A seção do ActiveX foi imunizada. Itens 5113 processados.
12/03/2011 00:57:02:508
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
12/03/2011 00:57:02:513
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
12/03/2011 00:57:02:518
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
12/03/2011 00:57:02:523
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
12/03/2011 00:57:02:525
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
12/03/2011 00:57:02:526
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
12/03/2011 00:57:02:602
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
12/03/2011 00:57:02:603
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
12/03/2011 00:57:02:604
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
12/03/2011 00:57:02:605
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
12/03/2011 00:57:02:605
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
12/03/2011 00:57:02:606
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
12/03/2011 00:57:02:721
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents
12/03/2011 00:57:02:726
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid
12/03/2011 00:57:02:731
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid, (Default)
12/03/2011 00:57:02:735
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents, (Default)
12/03/2011 00:57:02:738
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers
12/03/2011 00:57:02:741
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid
12/03/2011 00:57:02:744
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid, (Default)
12/03/2011 00:57:02:747
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers, (Default)
12/03/2011 00:57:02:855
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents
12/03/2011 00:57:02:856
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid
12/03/2011 00:57:02:856
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid, (Default)
12/03/2011 00:57:02:857
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents, (Default)
12/03/2011 00:57:02:859
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers
12/03/2011 00:57:02:860
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid
12/03/2011 00:57:02:861
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid, (Default)
12/03/2011 00:57:02:861
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers, (Default)
12/03/2011 00:57:04:901
Resumo de Infecções em Quarentena/Removidas
Quarentena - 14
Falha na Quarentena - 0
Removido - 14
Falha na Remoção - 0
12/03/2011 00:57:28:841
Verificação Iniciada
Tipo de Verificação - Verificação Completa
12/03/2011 00:58:13:377
Verificação Concluída
Tipo de Verificação - Verificação Completa
Itens Processados - 83010
Ameaças Detectadas - 0
Infecções Detectadas - 0
Infecções Ignoradas - 0
12/03/2011 00:59:23:206
Verificação Iniciada
Tipo de Verificação - Intelli-Scan
12/03/2011 00:59:48:521
Verificação Concluída
Tipo de Verificação - Intelli-Scan
Itens Processados - 264049
Ameaças Detectadas - 0
Infecções Detectadas - 0
Infecções Ignoradas - 0

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:01:22, on 12/03/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
C:\Program Files (x86)\Spyware Doctor\pctsGui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marco Antonio\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2905346
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Messenger Plus BR - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - Startup: Typle.lnk = C:\Program Files (x86)\Typle2.0v\Typle.exe
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12684 bytes

Olá Amigo,

Segue os Logs:

PC Tools Spyware Doctor:

PC Tools Spyware Doctor

Date
Status
12/03/2011 00:55:05:302
Serviço Iniciado
Aplicações de Serviço do Spyware Doctor iniciadas
12/03/2011 00:55:05:303
Mecanismo Antimalware
Configuração do mecanismo antimalware carregada com sucesso.
12/03/2011 00:55:12:934
Verificação Iniciada
Tipo de Verificação - Intelli-Scan
12/03/2011 00:55:26:521
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
12/03/2011 00:55:26:521
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
12/03/2011 00:55:26:522
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
12/03/2011 00:55:26:522
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
12/03/2011 00:55:26:523
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
12/03/2011 00:55:26:523
Detectada uma infecção neste computador
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
12/03/2011 00:55:27:568
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers, (Default)
12/03/2011 00:55:27:570
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid, (Default)
12/03/2011 00:55:27:570
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid
12/03/2011 00:55:27:571
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers
12/03/2011 00:55:27:573
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents, (Default)
12/03/2011 00:55:27:574
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid, (Default)
12/03/2011 00:55:27:575
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid
12/03/2011 00:55:27:575
Detectada uma infecção neste computador
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents
12/03/2011 00:55:43:495
Verificação Concluída
Tipo de Verificação - Intelli-Scan
Itens Processados - 264068
Ameaças Detectadas - 2
Infecções Detectadas - 14
Infecções Ignoradas - 0
12/03/2011 00:55:44:832
Status do IntelliGuard
Todos os IntelliGuards foram Ativados
12/03/2011 00:55:51:789
Resultados do Immunizer
A seção do ActiveX foi imunizada. Itens 5113 processados.
12/03/2011 00:57:02:508
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
12/03/2011 00:57:02:513
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
12/03/2011 00:57:02:518
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
12/03/2011 00:57:02:523
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
12/03/2011 00:57:02:525
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
12/03/2011 00:57:02:526
Infecção em quarentena
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
12/03/2011 00:57:02:602
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
12/03/2011 00:57:02:603
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Group
12/03/2011 00:57:02:604
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ImagePath
12/03/2011 00:57:02:605
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Start
12/03/2011 00:57:02:605
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, ErrorControl
12/03/2011 00:57:02:606
Infecção excluída
Nome da Ameaça - Trojan-Downloader.Murlo
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme, Type
12/03/2011 00:57:02:721
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents
12/03/2011 00:57:02:726
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid
12/03/2011 00:57:02:731
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid, (Default)
12/03/2011 00:57:02:735
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents, (Default)
12/03/2011 00:57:02:738
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers
12/03/2011 00:57:02:741
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid
12/03/2011 00:57:02:744
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid, (Default)
12/03/2011 00:57:02:747
Infecção em quarentena
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers, (Default)
12/03/2011 00:57:02:855
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents
12/03/2011 00:57:02:856
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid
12/03/2011 00:57:02:856
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents\Clsid, (Default)
12/03/2011 00:57:02:857
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.IEEvents, (Default)
12/03/2011 00:57:02:859
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers
12/03/2011 00:57:02:860
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Chave de Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid
12/03/2011 00:57:02:861
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers\Clsid, (Default)
12/03/2011 00:57:02:861
Infecção excluída
Nome da Ameaça - Adware.MediaMotor
Tipo - Valor do Registro
Nível de Risco - Alto
Infecção - HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\IEMonitor.cBrowsers, (Default)
12/03/2011 00:57:04:901
Resumo de Infecções em Quarentena/Removidas
Quarentena - 14
Falha na Quarentena - 0
Removido - 14
Falha na Remoção - 0
12/03/2011 00:57:28:841
Verificação Iniciada
Tipo de Verificação - Verificação Completa
12/03/2011 00:58:13:377
Verificação Concluída
Tipo de Verificação - Verificação Completa
Itens Processados - 83010
Ameaças Detectadas - 0
Infecções Detectadas - 0
Infecções Ignoradas - 0
12/03/2011 00:59:23:206
Verificação Iniciada
Tipo de Verificação - Intelli-Scan
12/03/2011 00:59:48:521
Verificação Concluída
Tipo de Verificação - Intelli-Scan
Itens Processados - 264049
Ameaças Detectadas - 0
Infecções Detectadas - 0
Infecções Ignoradas - 0

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 01:01:22, on 12/03/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\DAODx.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
C:\Program Files (x86)\Spyware Doctor\pctsGui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marco Antonio\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2905346
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O1 - Hosts: 255.255.255.255 easyanticheat.se # misleading site
O1 - Hosts: 255.255.255.255 www.easyanticheat.se # misleading site
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Messenger Plus BR - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - Startup: Typle.lnk = C:\Program Files (x86)\Typle2.0v\Typle.exe
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12684 bytes

:) Mais itens foram removidos pelo Spyware Doctor.

:seta: Abra o HijackThis, clique em Do a system scan only, marque as entradas abaixo e clique em Fix checked:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2905346

O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)

__________________________

:seta: Siga também esta dica:

Tutorial do Dr. Web CureIt

Na sua próxima resposta poste este log do Dr. Web CureIt juntamente com um novo log do Hijackthis e nos diga como está o seu Pc depois disto.

Ficamos no aguardo.

Amigo, estou com problema no scan.

depois de um certo tempo ele não consegue ler uma parte da memoria e cancela o scan.

obrigado.

>
Amigo, estou com problema no scan.

depois de um certo tempo ele não consegue ler uma parte da memoria e cancela o scan.

obrigado.

:seta: Tente fazer o escaneamento com o Dr. Web no modo seguro do Windows e veja se é possível.

Se mesmo no modo seguro não for possível, siga esta outra dica:

Tutorial do antivírus BitDefender Online

Após o término do escaneamento será gerado um relatório (log) que estará no seguinte local do seu computador:

C:\Windows\BDOSCAN8\bdoscan.log

Na sua próxima resposta poste este log do BitDefender Online juntamente com um novo log do Hijackthis e nos diga, por gentileza, como está o seu PC após seguir este procedimento.

Ficamos no aguardo de sua resposta.

Ola amigo, está sem condições de usar o dr.web ele so funciona em modo de segurança, demora mais de 10h pra acabar o scan e se eu deixar de noite qd ele acha um virus ele trava pois pede pra eu decidir o que fazer com ele.

mais segue o relatorio do bitdefender:

QuickScan Beta:

QuickScan Beta 32-bit v0.9.9.77
-------------------------------
Scan date: Fri Mar 18 16:30:51 2011
Machine ID: D22AAB5B

Found 1 infected file!
----------------------

C:\Program Files (x86)\Warcraft III\DreamLoader.dll --> Trojan.Generic.5112739
--> Process war3.exe (4716)

Processes
---------
(unsigned) DAODx.exe 3304 C:\Windows\DAODx.exe
(unsigned) Warcraft III 4716 C:\Program Files (x86)\Warcraft III\war3.exe

(verified) AntiVir Desktop 3192 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(verified) AntiVir Desktop 2008 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(verified) AntiVir Desktop 2060 C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(verified) AntiVir Desktop 3252 C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(verified) AntiVir Desktop 1656 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(verified) Bing Bar 2268 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(verified) Google Chrome 4708 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 4928 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 5020 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) Google Chrome 5832 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(verified) mysqld.exe 1228 C:\Program Files (x86)\MySQL\MySQL Server 6.0\bin\mysqld.exe
(verified) PC Tools Auxiliary Service 2128 C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
(verified) PC Tools GUI Application 5536 C:\Program Files (x86)\Spyware Doctor\pctsGui.exe
(verified) PC Tools Security Service 2180 C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
(verified) PC Tools Tray Application 2280 C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
(verified) PnkBstrA.exe 1812 C:\Windows\SysWOW64\PnkBstrA.exe
(verified) PnkBstrB.exe 1496 C:\Windows\SysWOW64\PnkBstrB.exe
(verified) Registry Monitor 3688 C:\Windows\PixArt\PAC7302\Monitor.exe
(verified) Sistema Operacional Microsoft® Windows® 2136 C:\Windows\SysWOW64\rundll32.exe
(verified) TeamViewer 2424 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(verified) USB 3.0 Monitor 1000 C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(verified) Windows Live Communications Platform 128 C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(verified) Windows Live Messenger 6064 C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

Network activity
----------------
Process wlcomm.exe (128) connected on port 1863 (MSN) --> 64.4.61.171
Process chrome.exe (4928) connected on port 80 (HTTP) --> 72.14.204.104
Process chrome.exe (4928) connected on port 80 (HTTP) --> 72.14.204.100
Process chrome.exe (4928) connected on port 443 (HTTP over SSL) --> 72.14.204.104
Process chrome.exe (4928) connected on port 80 (HTTP) --> 72.14.204.100
Process chrome.exe (4928) connected on port 80 (HTTP) --> 72.14.204.104
Process chrome.exe (4928) connected on port 80 (HTTP) --> 72.14.204.100
Process chrome.exe (4928) connected on port 80 (HTTP) --> 72.14.204.100
Process chrome.exe (4928) connected on port 80 (HTTP) --> 72.14.204.100
Process chrome.exe (4928) connected on port 80 (HTTP) --> 72.14.204.100
Process chrome.exe (4928) connected on port 80 (HTTP) --> 204.245.162.35
Process chrome.exe (4928) connected on port 80 (HTTP) --> 204.245.162.35
Process chrome.exe (4928) connected on port 80 (HTTP) --> 66.220.149.29
Process chrome.exe (4928) connected on port 80 (HTTP) --> 66.220.149.29
Process chrome.exe (4928) connected on port 80 (HTTP) --> 74.125.115.100
Process chrome.exe (4928) connected on port 80 (HTTP) --> 204.188.136.148
Process chrome.exe (4928) connected on port 80 (HTTP) --> 204.188.136.148
Process chrome.exe (4928) connected on port 80 (HTTP) --> 204.188.136.148
Process chrome.exe (4928) connected on port 80 (HTTP) --> 204.188.136.148
Process chrome.exe (4928) connected on port 80 (HTTP) --> 69.171.224.39
Process chrome.exe (4928) connected on port 80 (HTTP) --> 69.171.224.39
Process chrome.exe (4928) connected on port 80 (HTTP) --> 66.235.142.57

Process mysqld.exe (1228) listens on ports: 3306 (MySQL)
Process war3.exe (4716) listens on ports: 6112 (Battle.net)

Autoruns and critical files
---------------------------
(unsigned) Application C:\Program Files (x86)\Google\Chrome\Application
(unsigned) QuickTime C:\Program Files (x86)\QuickTime\QTTask.exe

(verified) AntiVir Desktop C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(verified) Google Update C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(verified) PC Tools Tray Application C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
(verified) Sistema Operacional Microsoft® Windows® c:\windows\system32\userinit.exe
(verified) USB 3.0 Monitor C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(verified) Windows Live Messenger C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(verified) Windows® Internet Explorer c:\windows\syswow64\webcheck.dll

Browser plugins
---------------
(unsigned) Java(TM) Platform SE 6 U22 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
(unsigned) Media Go Detector C:\Program Files (x86)\Sony\Media Go\npmediago.dll
(unsigned) Mega Manager IE Click Catcher c:\program files (x86)\megaupload\mega manager\megaiemn.dll

(verified) AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
(verified) bdoscandel.exe C:\Windows\bdoscandel.exe
(verified) bdscanonline C:\Windows\Downloaded Program Files\oscan82.ocx
(verified) BitDefender QuickScan C:\Users\Marco Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.78_0\npqscan.dll
(verified) Conduit Toolbar c:\program files (x86)\messenger_plus_br\prxtbmess.dll
(verified) Flash® Player Installer/Uninstaller C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
(verified) GanymedeNet.Detector C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll
(verified) Google Toolbar for Internet Explorer c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
(verified) Google Update C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
(verified) GoogleToolbarNotifier c:\program files (x86)\google\googletoolbarnotifier\5.6.5805.1910\swg.dll

(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.dll
(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.exe
(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\isusweb.dll

Missing files
-------------
File not found: "c:\program files (x86)\microsoft\bingbar\bingext.dll"
--> HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\InprocServer32\"(default)"
--> HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\InprocServer32\"(default)"

Scan
----
(unsigned) MD5: afff0fff53ae04747c340868ab1cfa27 C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll
(unsigned) MD5: ee0477f95aaf614c5cb14f324ca48c3d C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll
(unsigned) MD5: e567556d03a0b22b21eef77879de5dd4 C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll
(unsigned) MD5: 3bcdffbf6f488524abb81c9af96ee18f C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll
(unsigned) MD5: 36c8a0c6b94dfcac251c47a15b36911e C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll
(unsigned) MD5: 424eaa2bee337c4152850e3753aa4fdf C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll
(unsigned) MD5: 21f8d04c3f8d0895d195903d337e68df C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll
(unsigned) MD5: 550bfbf0aa0e45374c2c122663adb1e8 C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll
(unsigned) MD5: bd8e5b4b16db2a53709ea74df7b22282 C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll
(unsigned) MD5: 864e4cec9f60c25a8a93ad3784da2e64 C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll
(unsigned) MD5: 1bee87a4dcfea2bd0bfd5dd6a9998bc1 C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll
(unsigned) MD5: 9d56d808efff44645801c4fa9699cc9e C:\Program Files (x86)\Avira\AntiVir Desktop\avarkt.dll
(unsigned) MD5: dc4075c135ef78f6bc8674bb4c87e0b5 C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll
(unsigned) MD5: c33cae84f54bba013761f158f5afd344 C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll
(unsigned) MD5: 509e3090ec3d291c2626384eead5ffb6 C:\Program Files (x86)\Avira\AntiVir Desktop\avscplr.dll
(unsigned) MD5: 63511764a4466d22f8abf522b7f297d3 C:\Program Files (x86)\Avira\AntiVir Desktop\ccavscanex.dll
(unsigned) MD5: 24839c20b147e454203c64dd18801e23 C:\Program Files (x86)\Avira\AntiVir Desktop\ccavscanexrc.dll
(unsigned) MD5: 7488bce9f9c852f0931d29b0d76292bd C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll
(unsigned) MD5: e65e277c50bd5967b5e92c7744dba7bc C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll
(unsigned) MD5: 54ceee9d7aa46f3311d247bf57bbee36 C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll
(unsigned) MD5: 400ab97179f05ba68b755d8971f262f2 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll
(unsigned) MD5: 7d541c5e5cdfb46d68ac60012c5d7acd C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll
(unsigned) MD5: 47766f6b79a25af04ed3f6f2b02aa4cb C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll
(unsigned) MD5: 690d275ff0a963902086d3af38d0f5dd C:\Program Files (x86)\Avira\AntiVir Desktop\extdlgfw.dll
(unsigned) MD5: 06da96b54ef94dee0bfa8912e0da7427 C:\Program Files (x86)\Avira\AntiVir Desktop\luke.dll
(unsigned) MD5: 7464c6694036b42ba237eb723a34d0f4 C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
(unsigned) MD5: ba23a50231538321fdfab8dadcfaffb2 C:\Program Files (x86)\Garena\dlls\WC3J.dll
(unsigned) MD5: ad1ab19a95fc2b0d0db580fe86da713b C:\Program Files (x86)\Garena\War3Hook.dll
(unsigned) MD5: 3ed8e561044723c6039a8a20a3ae60cc C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
(unsigned) MD5: 37b6a2d134c725e1f8acbc77f39f0ef4 c:\program files (x86)\megaupload\mega manager\megaiemn.dll
(unsigned) MD5: 0aee5668eb59912f32ff245bfa72465f C:\Program Files (x86)\QuickTime\QTTask.exe
(unsigned) MD5: a52cf2bd90c36c10155c1a0f93b52e7e C:\Program Files (x86)\Sony\Media Go\npmediago.dll
(unsigned) MD5: e25fa0f42cabf854f1c3126ec902f01e C:\Program Files (x86)\Warcraft III\Dream_Dota.dll
(unsigned) MD5: 6b6265b173753aaab695da848283af39 C:\Program Files (x86)\Warcraft III\Dream_Loader.dll
(unsigned) MD5: 43d13110e03253736fe22df4a0546b66 C:\Program Files (x86)\Warcraft III\DreamLoader.dll
(unsigned) MD5: 047344f31d198bdd42dd2d37279ca9cb C:\Program Files (x86)\Warcraft III\game.dll
(unsigned) MD5: 1aa06c81a0621e277e755b965b5e4b5f C:\Program Files (x86)\Warcraft III\ijl15.dll
(unsigned) MD5: bb1defb5c29144511d344bcb88349269 C:\Program Files (x86)\Warcraft III\Mss32.dll
(unsigned) MD5: 619a6224216b515fd0b9bc9a0ed829f5 C:\Program Files (x86)\Warcraft III\redist\miles\Mp3dec.asi
(unsigned) MD5: 70d5832a3035fd160c39d92bb2b2a859 C:\Program Files (x86)\Warcraft III\redist\miles\Mssdolby.m3d
(unsigned) MD5: 4cee323703a165fa508d61b4a793a4e7 C:\Program Files (x86)\Warcraft III\redist\miles\Msseax2.m3d
(unsigned) MD5: a4904cb4f66b4e363787eb38fef3d7cb C:\Program Files (x86)\Warcraft III\redist\miles\Mssfast.m3d
(unsigned) MD5: a021dc07920c74ec096e98b01540517a C:\Program Files (x86)\Warcraft III\redist\miles\Reverb3.flt
(unsigned) MD5: 67fb8e4d0c1251dbb2c5b73d19b7e70b C:\Program Files (x86)\Warcraft III\Storm.dll
(unsigned) MD5: ebc2e03f095a4a4a12bd47d3679b7fe1 C:\Program Files (x86)\Warcraft III\war3.exe
(unsigned) MD5: 44f9af438aec0a2615b32b551686586d C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll
(unsigned) MD5: 7861b395e3c4f623f432c9d8c47fb083 C:\Program Files (x86)\Yuna Software\Messenger Plus!\MsgPlusLive.dll
(unsigned) MD5: f13c8e46f1fbb62074ef44d9f98bdcba C:\Program Files (x86)\Yuna Software\Messenger Plus!\MsgPlusRes.dll
(unsigned) MD5: f53d581348c6cb5dfe9d90c0466e7230 C:\Users\Marco Antonio\Desktop\DATA\DLL\RuneNotifier.dll
(unsigned) MD5: 53ea061ecc67223a430f153c3682ad54 c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
(unsigned) MD5: 6954474ce8d7c32918cf3448160f8dfc C:\Windows\DAODx.exe
(unsigned) MD5: ea54fcfe07006a7ea0b289b07f26e074 C:\Windows\system32\GameMon.des

The following file(s) must be uploaded for server-side scanning:
C:\Program Files (x86)\Warcraft III\war3.exe

Upload started - 1 file(s)
war3.exe (487424)
Upload speed - 34 KB/s
Upload finished - 1 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 15 sec
Total traffic - 0.51 MB sent, 0.37 KB recvd
Scanned 946 files and modules - 111 seconds

==============================================================================

HijackThis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:26, on 18/03/2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spyware Doctor\pctsTray.exe
C:\Windows\DAODx.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Marco Antonio\Desktop\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Messenger Plus BR - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Messenger Plus BR Toolbar - {1d80d668-2160-46a2-b3a7-e166795b0b28} - C:\Program Files (x86)\Messenger_Plus_BR\prxtbMess.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{175245D4-FA35-4BAF-8A9C-A9B0F3967531}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12592 bytes

Avira AntiVir Personal:

Avira AntiVir Personal
Report file date: sexta-feira, 18 de março de 2011 14:04

Scanning for 2499944 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 x64
Windows version : (plain) [6.1.7600]
Boot mode : Normally booted
Username : SISTEMA
Computer name : MATHEUS-PC

Version information:
BUILD.DAT : 10.0.0.635 31822 Bytes 07/03/2011 12:15:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 10/01/2011 17:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 15:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 10/01/2011 17:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 11/02/2010 02:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 12:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 17:23:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09/02/2011 00:09:26
VBASE003.VDF : 7.11.3.1 2048 Bytes 09/02/2011 00:09:27
VBASE004.VDF : 7.11.3.2 2048 Bytes 09/02/2011 00:09:27
VBASE005.VDF : 7.11.3.3 2048 Bytes 09/02/2011 00:09:28
VBASE006.VDF : 7.11.3.4 2048 Bytes 09/02/2011 00:09:28
VBASE007.VDF : 7.11.3.5 2048 Bytes 09/02/2011 00:09:29
VBASE008.VDF : 7.11.3.6 2048 Bytes 09/02/2011 00:09:29
VBASE009.VDF : 7.11.3.7 2048 Bytes 09/02/2011 00:09:30
VBASE010.VDF : 7.11.3.8 2048 Bytes 09/02/2011 00:09:30
VBASE011.VDF : 7.11.3.9 2048 Bytes 09/02/2011 00:09:31
VBASE012.VDF : 7.11.3.10 2048 Bytes 09/02/2011 00:09:31
VBASE013.VDF : 7.11.3.59 157184 Bytes 14/02/2011 00:09:43
VBASE014.VDF : 7.11.3.97 120320 Bytes 16/02/2011 00:09:47
VBASE015.VDF : 7.11.3.148 128000 Bytes 19/02/2011 00:09:49
VBASE016.VDF : 7.11.3.183 140288 Bytes 22/02/2011 00:09:53
VBASE017.VDF : 7.11.3.216 124416 Bytes 24/02/2011 00:09:56
VBASE018.VDF : 7.11.3.251 159232 Bytes 28/02/2011 00:10:03
VBASE019.VDF : 7.11.4.33 148992 Bytes 02/03/2011 00:10:05
VBASE020.VDF : 7.11.4.73 150016 Bytes 06/03/2011 00:10:07
VBASE021.VDF : 7.11.4.108 122880 Bytes 08/03/2011 00:10:11
VBASE022.VDF : 7.11.4.150 133120 Bytes 10/03/2011 02:02:42
VBASE023.VDF : 7.11.4.183 122368 Bytes 14/03/2011 02:04:01
VBASE024.VDF : 7.11.4.228 123392 Bytes 16/03/2011 20:52:52
VBASE025.VDF : 7.11.4.229 2048 Bytes 16/03/2011 20:52:52
VBASE026.VDF : 7.11.4.230 2048 Bytes 16/03/2011 20:52:52
VBASE027.VDF : 7.11.4.231 2048 Bytes 16/03/2011 20:52:53
VBASE028.VDF : 7.11.4.232 2048 Bytes 16/03/2011 20:52:53
VBASE029.VDF : 7.11.4.233 2048 Bytes 16/03/2011 20:52:53
VBASE030.VDF : 7.11.4.234 2048 Bytes 16/03/2011 20:52:53
VBASE031.VDF : 7.11.4.248 43008 Bytes 17/03/2011 20:52:55
Engineversion : 8.2.4.188
AEVDF.DLL : 8.1.2.1 106868 Bytes 10/01/2011 17:23:26
AESCRIPT.DLL : 8.1.3.57 1261947 Bytes 17/03/2011 20:53:08
AESCN.DLL : 8.1.7.2 127349 Bytes 10/01/2011 17:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 10/01/2011 17:23:26
AERDL.DLL : 8.1.9.8 639346 Bytes 15/03/2011 02:04:27
AEPACK.DLL : 8.2.4.12 520567 Bytes 15/03/2011 02:04:23
AEOFFICE.DLL : 8.1.1.17 205177 Bytes 10/03/2011 00:10:49
AEHEUR.DLL : 8.1.2.87 3371383 Bytes 17/03/2011 20:53:06
AEHELP.DLL : 8.1.16.1 246134 Bytes 10/03/2011 00:10:27
AEGEN.DLL : 8.1.5.3 397684 Bytes 17/03/2011 20:52:59
AEEMU.DLL : 8.1.3.0 393589 Bytes 10/01/2011 17:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 10/03/2011 00:10:21
AEBB.DLL : 8.1.1.0 53618 Bytes 10/01/2011 17:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 10/01/2011 17:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 10/01/2011 17:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 17:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 10/01/2011 17:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 10/01/2011 17:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 10/01/2011 17:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 10/01/2011 17:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 17:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 10/01/2011 17:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 17:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 16:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 10/01/2011 17:23:52

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: sexta-feira, 18 de março de 2011 14:04

Starting search for hidden objects.
HKEY_USERS\S-1-5-21-57599344-4116369096-1785428274-1000\Software\Microsoft\MSNMessenger\SQM\canary
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\wmploc.dll,-128
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\themeui.dll,-2682
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\unregmp2.exe,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\ehome\ehres.dll,-100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\devicecenter.dll,-1000
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\explorer.exe,-7021
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\oobefldr.dll,-110
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\oobefldr.dll,-112
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\program files\windows sidebar\sidebar.exe,-1005
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\fxsresm.dll,-114
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\progra~2\wic4a1~1\photog~1\moviem~2.dll,-1131
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\progra~2\wic4a1~1\photog~1\wl09bb~1.dll,-3098
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\xpsrchvw.exe,-102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\networkexplorer.dll,-1
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10060
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10101
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10058
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10061
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10059
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10209
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10055
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10057
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10103
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10056
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10054
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@gameux.dll,-10102
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\notepad.exe,-469
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@sendmail.dll,-21
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@zipfldr.dll,-10148
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@sendmail.dll,-4
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\windows\system32\fxsresm.dll,-120
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\program files (x86)\common files\system\wab32res.dll,-10100
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@ieframe.dll,-12512
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\program files (x86)\windows live\companion\companionlang.dll,-600
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1004
[NOTE] The registry entry is invisible.
HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\D3\96383CDB\@c:\program files (x86)\windows live\writer\windowslivewritershortcuts.dll,-1003
[NOTE] The registry entry is invisible.
C:\Program Files\Common Files\Microsoft Shared\Windows Live
C:\Program Files\Common Files\Microsoft Shared\Windows Live
[NOTE] The registry entry is invisible.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\offlinedetectionpending
 [NOTE] The registry entry is invisible.

The scan of running processes will be started
Scan process 'war3.exe' - '103' Module(s) have been scanned
Scan process 'Garena.exe' - '170' Module(s) have been scanned
Scan process 'avscan.exe' - '73' Module(s) have been scanned
Scan process 'avscan.exe' - '31' Module(s) have been scanned
Scan process 'avcenter.exe' - '95' Module(s) have been scanned
Scan process 'wlcomm.exe' - '109' Module(s) have been scanned
Scan process 'skypePM.exe' - '66' Module(s) have been scanned
Scan process 'Skype.exe' - '167' Module(s) have been scanned
Scan process 'avgnt.exe' - '71' Module(s) have been scanned
Scan process 'nusb3mon.exe' - '36' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '210' Module(s) have been scanned
Scan process 'Monitor.exe' - '31' Module(s) have been scanned
Scan process 'DAODx.exe' - '23' Module(s) have been scanned
Scan process 'TeamViewer_Service.exe' - '80' Module(s) have been scanned
Scan process 'pctsTray.exe' - '74' Module(s) have been scanned
Scan process 'SeaPort.EXE' - '51' Module(s) have been scanned
Scan process 'pctsSvc.exe' - '144' Module(s) have been scanned
Scan process 'rundll32.exe' - '35' Module(s) have been scanned
Scan process 'pctsAuxs.exe' - '38' Module(s) have been scanned
Scan process 'PnkBstrB.exe' - '35' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '32' Module(s) have been scanned
Scan process 'mysqld.exe' - '35' Module(s) have been scanned
Scan process 'avguard.exe' - '72' Module(s) have been scanned
Scan process 'sched.exe' - '50' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[iNFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[iNFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '153' files ).

Starting the file scan:

Begin scan in 'C:\'
C:\Program Files (x86)\Warcraft III\DreamLoader.dll
[DETECTION] Is the TR/Black.Gen2 Trojan
C:\Users\Marco Antonio\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\13d3a3c3-4992ac4f
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.E Java virus
--> adobeflash.class
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.E Java virus
C:\Users\Marco Antonio\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\47acfba0-3239c90f
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.E Java virus
--> adobeflash.class
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.E Java virus
C:\Users\Marco Antonio\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\13de6a2a-405bc364
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.E Java virus
--> adobeflash.class
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.E Java virus

Beginning disinfection:
C:\Users\Marco Antonio\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\13de6a2a-405bc364
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.E Java virus
[NOTE] The file was moved to the quarantine directory under the name '48f539ee.qua'.
C:\Users\Marco Antonio\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\47acfba0-3239c90f
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.E Java virus
[NOTE] The file was moved to the quarantine directory under the name '50611645.qua'.
C:\Users\Marco Antonio\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\13d3a3c3-4992ac4f
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.E Java virus
[NOTE] The file was moved to the quarantine directory under the name '023d4ca1.qua'.
C:\Program Files (x86)\Warcraft III\DreamLoader.dll
[DETECTION] Is the TR/Black.Gen2 Trojan
[WARNING] The file was ignored!

End of the scan: sexta-feira, 18 de março de 2011 14:57
Used time: 33:41 Minute(s)

The scan has been canceled!

13977 Scanned directories
622978 Files were scanned
4 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
3 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
622974 Files not concerned
3550 Archives were scanned
1 Warnings
3 Notes
555945 Objects were scanned with rootkit scan
42 Hidden objects were found