BrPhantom 0 Denunciar post Postado Julho 26, 2007 jgarcia, você ja resolveu meu problema uma vez, a pouco tempo, mas lembro q n dava para reiniciar em modo de segurança, mas eu nem liguei mt... Bem, o tempo foi passando, agora quando estou utilizando o computador, aparecem msgs de erro, tipo avisando sobre sobrecarga da memoria read. Como sou leigo no assunto e lembrei do forum, resolvi pedir ajuda aqui. Quando utilizo programas mais pesados como: emule e bitorrent, ou executo algum jogo como GTA SA, NFS Carbon (q sao relativamente "pesados") ocorre esta sobrecarga e o erro fecha o programa/jogo ou entao reinicializa o computador. Na tela inicial do computador diz q o meu HD primario esta em condições ruins. Sempre quando passo um antivirus/antispyware no pc, aparecem novos malwares... :unsure: Pois é, aqui esta o log do HijackThis: Logfile of HijackThis v1.99.1Scan saved at 10:49:54, on 26/7/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\csrss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\svchost.exeC:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exeC:\Arquivos de programas\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\RTHDCPL.EXEC:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exeC:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Arquivos de programas\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exeC:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\system32\svchost.exeC:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exeC:\Arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exeC:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exeC:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exeC:\Programas\Outros\Daemon Tools 4.06\daemon.exeC:\Programas\Audio\Winamp\winampa.exeC:\Arquivos de programas\LClock\LClock.exeC:\Arquivos de programas\VisualTooltip\VisualToolTip.exeC:\Arquivos de programas\Styler\Styler.exeC:\Arquivos de programas\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeC:\Documents and Settings\Windows\Meus documentos\Minhas imagens\Picasa2\PicasaMediaDetector.exeC:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exeC:\Arquivos de programas\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exeC:\WINDOWS\system32\ctfmon.exeC:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exeC:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exeC:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exeC:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\System32\alg.exeC:\Arquivos de programas\Hewlett-Packard\Digital Imaging\Bin\hpqSTE08.exeC:\Hijackthis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 201.6.119.155:8080O1 - Hosts: 201.230.193.71 update.nprotect.comO1 - Hosts: 201.230.193.71 update.nprotect.netO1 - Hosts: 201.230.193.71 guard.gunbound.netO1 - Hosts: 201.230.193.71 irc.westwood.comO1 - Hosts: 201.230.193.71 servserv.westwood.comO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: ContextualAds Class - {3AAC4C68-AFC8-11DB-80EF-8AF955D89593} - C:\Arquivos de programas\TrustIn Contextual\trustincontext.dll (file missing)O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLLO2 - BHO: (no name) - {6EF05952-B48D-4944-AA91-57A6A1A48EF8} - C:\Arquivos de programas\Puxa Rápido\IEBHO.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Arquivos de programas\Alcohol Toolbar\v3.1.0.0\Alcohol_Toolbar.dllO2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dllO2 - BHO: WeeklyExecuter Class - {f015f320-ab08-11db-abbd-0800200c9a66} - C:\WINDOWS\inetloader.dll (file missing)O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn\yt.dllO3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Arquivos de programas\Alcohol Toolbar\v3.1.0.0\Alcohol_Toolbar.dllO3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\ARQUIV~1\MEGAUP~1\MEGAUP~1.DLLO3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dllO3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Arquivos de programas\Styler\TB\StylerTB.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dllO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe"O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exeO4 - HKLM\..\Run: [HP Component Manager] "C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe"O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exeO4 - HKLM\..\Run: [DeviceDiscovery] C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exeO4 - HKLM\..\Run: [DAEMON Tools] "C:\Programas\Outros\Daemon Tools 4.06\daemon.exe" -lang 1033O4 - HKLM\..\Run: [LogonStudio] "C:\Arquivos de programas\WinCustomize\LogonStudio\logonstudio.exe" /RANDOMO4 - HKLM\..\Run: [WinampAgent] C:\Programas\Audio\Winamp\winampa.exeO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [LClock] C:\Arquivos de programas\LClock\LClock.exeO4 - HKLM\..\Run: [VisualTooltip] C:\Arquivos de programas\VisualTooltip\VisualToolTip.exeO4 - HKLM\..\Run: [Styler] C:\Arquivos de programas\Styler\Styler.exeO4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Arquivos de programas\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exeO4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\Windows\Meus documentos\Minhas imagens\Picasa2\PicasaMediaDetector.exeO4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [Atualizador - Puxa Rápido] C:\Arquivos de programas\Puxa Rápido\Atualiza.exeO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [NBJ] "C:\Arquivos de programas\Ahead\Nero BackItUp\NBJ.exe"O4 - Startup: Adobe Gamma.lnk = C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exeO4 - Startup: Registration Heroes of Might & Magic 5.LNK = C:\Arquivos de programas\Ubisoft\Heroes of Might and Magic V Collector Edition\registration\RegistrationReminder.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exeO8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Programas\Outros\Offline Explorer Enterprise 4.5\Add_UrlO.htmO8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Programas\Outros\Offline Explorer Enterprise 4.5\Add_AllO.htmO8 - Extra context menu item: Abrir em uma nova guia do plano de fundo - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/229?ec96f9dd87ad4c99ad74a7eb7c2ee2c1O8 - Extra context menu item: Abrir em uma nova guia do primeiro plano - res://C:\Arquivos de programas\Windows Live Toolbar\Components\pt-br\msntabres.dll.mui/230?ec96f9dd87ad4c99ad74a7eb7c2ee2c1O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspxO8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002O8 - Extra context menu item: Transload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5004O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_01\bin\ssv.dllO9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exeO14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.aspO15 - Trusted Zone: http://toolbar.imageshack.usO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cabO16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - http://toolbar.imageshack.us/toolbar/ImageShackToolbar.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cabO16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{1A04E348-2876-450E-8599-A9A14A78028E}: NameServer = 85.255.116.26,85.255.112.104O17 - HKLM\System\CCS\Services\Tcpip\..\{B260EF36-AE6B-4A58-A9C2-1296E65F3AF5}: NameServer = 85.255.116.26,85.255.112.104O17 - HKLM\System\CCS\Services\Tcpip\..\{F8FC3B79-3790-4B62-896A-8AFDFBD6D686}: NameServer = 85.255.116.26,85.255.112.104O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.26 85.255.112.104O17 - HKLM\System\CS1\Services\Tcpip\..\{1A04E348-2876-450E-8599-A9A14A78028E}: NameServer = 85.255.116.26,85.255.112.104O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.26 85.255.112.104O17 - HKLM\System\CS2\Services\Tcpip\..\{1A04E348-2876-450E-8599-A9A14A78028E}: NameServer = 85.255.116.26,85.255.112.104O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.26 85.255.112.104O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLLO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLLO21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dllO23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: Autodesk Licensing Service - Autodesk - C:\Arquivos de programas\Arquivos comuns\Autodesk Shared\Service\AdskScSrv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: Macromedia Licensing Service - Unknown owner - C:\Arquivos de programas\Arquivos comuns\Macromedia Shared\Service\Macromedia Licensing.exeO23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Arquivos de programas\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe Aqui o Log do EliBagle: Fri Jul 13 17:23:46 2007EliBagle v10.45 (c)2007 S.G.H. / Satinfo S.L.----------------------------------------------Lista de Acciones (por Acción Directa):C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Renombrado a .VIRC:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado BagleC:\DOCUMENTS AND SETTINGS\WINDOWS\DADOS DE APLICATIVOS\HIDIRES\HIDR.EXE --> Eliminado BagleC:\DOCUMENTS AND SETTINGS\WINDOWS\DADOS DE APLICATIVOS\HIDIRES\ROSA.SYS --> Eliminado Bagle (rootkit)C:\WINDOWS\SYSTEM32\HLDRRR.EXE --> Bagle.dldr Renombrado a .VIREliminada Carpeta "%WinDir%\exefld"Restaurada Clave: "SafeBoot\Minimal y Network" Fri Jul 13 17:43:32 2007EliBagle v10.45 (c)2007 S.G.H. / Satinfo S.L.----------------------------------------------Lista de Acciones (por Exploración):Explorando Unidad C:\C:\Meus Jogos\Command & Conquer\Generals + Zero Hour\Mods\COMMAND & CONQUER GENERALS ZERO HOUR NAVAL WARS MOD.ZIP --> Eliminado Bagle.dldrC:\WINDOWS\system32\FLEC003.EXE --> Eliminado Bagle.dldrC:\WINDOWS\system32\WINTEMS.EXE.VIR --> Eliminado Bagle Fri Jul 13 18:00:30 2007EliBagle v10.45 (c)2007 S.G.H. / Satinfo S.L.----------------------------------------------Lista de Acciones (por Acción Directa):C:\WINDOWS\SYSTEM32\HLDRRR.EXE.VIR --> EliminadoEliminada Carpeta "%AppData%\Hidires" Fri Jul 13 18:01:05 2007EliBagle v10.45 (c)2007 S.G.H. / Satinfo S.L.----------------------------------------------Lista de Acciones (por Exploración):Explorando Unidad C:\ Bem, espero q estas informações sejam suficiente, mas caso precise de mais, estou aguardando ordens. Obrigado pela atenção. :thumbsup: Compartilhar este post Link para o post Compartilhar em outros sites
jgarcia 1 Denunciar post Postado Julho 26, 2007 Opa BrPhantom, Baixe o ComboFix em: ComboFix 1) Dê um duplo-clique no combofix.exe e tecle "Y" para prosseguir. O processo vai durar, em média, 10 minutos; 2) O ComboFix reiniciará o PC automaticamente, a fim de que o processo de remoção seja finalizado (somente se houver infecção); 3) Quando a varredura acabar, será gerado um log, que estará em C:\ComboFix.txt; 4) Não clique na janela do ComboFix, nem feche clicando no X, enquanto a ferramenta estiver sendo executada, pois isto implicará na desconfiguração de seu desktop (ele ficará todo branco); 5) Para parar ou sair do ComboFix, tecle "N"; 6) Preciso que você cole o conteúdo do ComboFix.txt em sua próxima resposta. Abraços. Compartilhar este post Link para o post Compartilhar em outros sites
BrPhantom 0 Denunciar post Postado Julho 26, 2007 Opa jgarcia, obrigado pela prontidao... :thumbsup: ta ae o resultado: "Windows" - 2007-07-26 12:55:25 [GMT -3:00] - ComboFix 07-07-24 - Service Pack 2 NTFS ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))C:\Arquivos de programas\videopluginC:\Arquivos de programas\videoplugin\Uninstall.exeC:\DOCUME~1\Windows\DADOSD~1.\macromedia\Flash Player\#SharedObjects\VHK67M7G\www.broadcaster.comC:\DOCUME~1\Windows\DADOSD~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.comC:\DOCUME~1\Windows\DADOSD~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.solC:\WINDOWS\system32\kdijb.exe((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))-------\LEGACY_ROSA((((((((((((((((((((((((( Files Created from 2007-06-26 to 2007-07-26 )))))))))))))))))))))))))))))))2007-07-26 12:55 51,200 --a------ C:\WINDOWS\nircmd.exe2007-07-24 23:08 <DIR> d-------- C:\videos2007-07-23 12:02 2,368 --a------ C:\WINDOWS\system32\SVKP.sys2007-07-23 11:25 146,432 --a------ C:\uninstall.exe2007-07-21 19:36 <DIR> d-------- C:\Luiz Gonzaga Colecao 248 Mp3.21Jan03 By Lobb0 Fileguys Pootz2007-07-19 09:33 <DIR> d-------- C:\Jabcomix 02-01-20062007-07-18 20:52 <DIR> d-------- C:\Arquivos de programas\Virtual Earth 3D2007-07-12 22:20 <DIR> d-------- C:\Arquivos de programas\SpywareBlaster2007-07-12 21:45 <DIR> d-------- C:\Hijackthis2007-07-12 21:33 <DIR> d-------- C:\Arquivos de programas\Puxa R pido2007-07-12 20:14 95,872 --a------ C:\WINDOWS\system32\AvastSS.scr2007-07-12 20:14 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys2007-07-12 20:14 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys2007-07-12 20:14 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe2007-07-12 20:14 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys2007-07-12 20:14 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys2007-07-12 20:14 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys2007-07-12 19:49 21,504 --a------ C:\WINDOWS\system32\alrsvcv.dll2007-07-12 19:46 21,504 --a------ C:\WINDOWS\system32\aaaamonv.dll2007-07-12 19:46 <DIR> d-------- C:\Arquivos de programas\TrustIn Contextual2007-07-12 19:26 <DIR> d-------- C:\Arquivos de programas\XoftSpySE2007-07-12 19:24 <DIR> d-------- C:\WINDOWS\8432012DEF1D486CAA3BA5F6C1D81B01.TMP2007-07-12 18:33 <DIR> d-------- C:\Arquivos de programas\Arovax AntiSpyware2007-07-12 18:18 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Novatix2007-07-10 21:59 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\Spybot - Search & Destroy2007-07-03 18:05 15,950 --a------ C:\WINDOWS\system32\winmds.exe2007-07-01 15:24 <DIR> d-------- C:\DOCUME~1\Windows\DADOSD~1\Image Zone Express2007-07-01 15:19 32,190 --a------ C:\temp\white_shading_0_0_600.dat2007-07-01 15:19 32,190 --a------ C:\temp\dark_shading_0_0_600.dat2007-07-01 15:19 2,048 --a------ C:\temp\hpgt46.dat2007-07-01 15:19 192 --a------ C:\temp\staticOffset_0_0_600.dat2007-07-01 15:19 1 --a------ C:\temp\white_shading_0_0_2400.dat2007-07-01 15:19 1 --a------ C:\temp\white_shading_0_0_1200.dat2007-07-01 15:19 1 --a------ C:\temp\staticOffset_0_0_2400.dat2007-07-01 15:19 1 --a------ C:\temp\staticOffset_0_0_1200.dat2007-07-01 15:19 1 --a------ C:\temp\staticGain_0_0_600.dat2007-07-01 15:19 1 --a------ C:\temp\staticGain_0_0_2400.dat2007-07-01 15:19 1 --a------ C:\temp\staticGain_0_0_1200.dat2007-07-01 15:19 1 --a------ C:\temp\dark_shading_0_0_2400.dat2007-07-01 15:19 1 --a------ C:\temp\dark_shading_0_0_1200.dat2007-07-01 15:19 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DADOSD~1\MSScanAppDataDir2007-06-29 10:51 <DIR> d-------- C:\Arquivos de programas\DVD Decrypter2007-06-27 21:49 <DIR> d-------- C:\Arquivos de programas\Windows Live(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))2007-07-26 15:54:36 -------- d-----w C:\Arquivos de programas\Puxa Rápido2007-07-26 11:54:25 -------- d-----w C:\Arquivos de programas\FullT2007-07-25 02:07:41 -------- d-----w C:\DOCUME~1\Windows\DADOSD~1\GetRightToGo2007-07-21 03:00:15 -------- d--h--w C:\Arquivos de programas\InstallShield Installation Information2007-07-19 15:13:22 -------- d-----w C:\Arquivos de programas\GameVicio2007-07-19 14:37:55 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll2007-07-19 07:08:15 -------- d-----w C:\Arquivos de programas\Warcraft III2007-07-19 00:07:41 3,773 ----a-w C:\WINDOWS\mozver.dat2007-07-16 18:32:31 -------- d-----w C:\DOCUME~1\Windows\DADOSD~1\Publish Providers2007-07-16 00:21:26 -------- d-----w C:\Arquivos de programas\OnGame2007-07-10 01:43:47 -------- d-----w C:\Arquivos de programas\Electronic Arts2007-07-10 00:14:54 -------- d-----w C:\Arquivos de programas\War Rock Toolbar2007-07-10 00:14:42 -------- d-----w C:\Arquivos de programas\WarRock2007-07-05 23:32:53 -------- d-----w C:\Arquivos de programas\eMule2007-07-03 18:40:12 -------- d-----w C:\Arquivos de programas\VisualTooltip2007-07-03 18:40:12 -------- d-----w C:\Arquivos de programas\Styler2007-07-03 18:40:11 -------- d-----w C:\Arquivos de programas\LClock2007-06-29 04:32:10 4,628 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx2007-06-29 04:32:10 335,136 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat2007-06-29 04:32:10 31,008 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat2007-06-29 04:32:10 1,628 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx2007-06-28 00:49:40 -------- d-----w C:\Arquivos de programas\Messenger Plus! Live2007-06-23 23:44:11 -------- d-----w C:\Arquivos de programas\Rockstar Games2007-06-23 02:49:36 -------- d-----w C:\DOCUME~1\Windows\DADOSD~1\Lavasoft2007-06-23 02:49:30 -------- d-----w C:\Arquivos de programas\Lavasoft2007-06-22 01:04:03 -------- d-----w C:\Arquivos de programas\EA GAMES2007-06-22 00:41:27 -------- d-----w C:\Arquivos de programas\GameSpy Arcade2007-06-20 00:36:55 -------- d-----w C:\DOCUME~1\Windows\DADOSD~1\Hamachi2007-06-14 01:30:18 25,544 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys2007-06-14 01:28:39 -------- d-----w C:\Arquivos de programas\Hamachi2007-06-10 01:18:48 -------- d-----w C:\Arquivos de programas\Marcos Velasco Security2007-06-09 01:32:00 -------- d-----w C:\Arquivos de programas\Direct X2007-05-31 23:42:53 -------- d-----w C:\DOCUME~1\Windows\DADOSD~1\PE Explorer2007-05-31 23:42:20 -------- d-----w C:\Arquivos de programas\PE Explorer2007-05-27 04:27:04 -------- d-----w C:\DOCUME~1\Windows\DADOSD~1\vlc2007-05-27 04:26:43 -------- d-----w C:\Arquivos de programas\VideoLAN2007-05-27 04:06:33 482,816 ----a-w C:\WINDOWS\system32RLUQ.exe2007-05-27 04:06:33 402,944 ----a-w C:\WINDOWS\system32AKV.exe2007-05-22 17:48:11 977 ----a-w C:\WINDOWS\eReg.dat((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3AAC4C68-AFC8-11DB-80EF-8AF955D89593}] C:\Arquivos de programas\TrustIn Contextual\trustincontext.dll[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f015f320-ab08-11db-abbd-0800200c9a66}] C:\WINDOWS\inetloader.dll[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RTHDCPL"="RTHDCPL.EXE" [2005-05-25 12:37 C:\WINDOWS\RTHDCPL.EXE]"Alcmtr"="ALCMTR.EXE" [2005-05-03 15:43 C:\WINDOWS\ALCMTR.EXE]"nwiz"="nwiz.exe" [2006-06-01 17:22 C:\WINDOWS\system32\nwiz.exe]"SunJavaUpdateSched"="C:\Arquivos de programas\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]"NvMediaCenter"="NvMCTray.dll" [2006-06-01 17:22 C:\WINDOWS\system32\nvmctray.dll]"HP Software Update"="C:\Arquivos de programas\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-05-11 22:12]"HP Component Manager"="C:\Arquivos de programas\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 19:51]"DeviceDiscovery"="C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 18:37]"DAEMON Tools"="C:\Programas\Outros\Daemon Tools 4.06\daemon.exe" [2006-09-14 17:09]"LogonStudio"="C:\Arquivos de programas\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 17:38]"WinampAgent"="C:\Programas\Audio\Winamp\winampa.exe" [2006-11-21 14:38]"LClock"="C:\Arquivos de programas\LClock\LClock.exe" [2004-09-20 01:27]"VisualTooltip"="C:\Arquivos de programas\VisualTooltip\VisualToolTip.exe" [2006-10-06 09:21]"Styler"="C:\Arquivos de programas\Styler\Styler.exe" [2006-05-03 10:48]"Share-to-Web Namespace Daemon"="C:\Arquivos de programas\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 10:42]"Picasa Media Detector"="C:\Documents and Settings\Windows\Meus documentos\Minhas imagens\Picasa2\PicasaMediaDetector.exe" [2007-05-02 03:08]"avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 12:42]"Atualizador - Puxa Rápido"="C:\Arquivos de programas\Puxa Rápido\Atualiza.exe" [][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 21:45]"NBJ"="C:\Arquivos de programas\Ahead\Nero BackItUp\NBJ.exe" [2004-09-22 16:10]C:\Documents and Settings\Windows\Menu Iniciar\Programas\Inicializar\Adobe Gamma.lnk - C:\Arquivos de programas\Arquivos comuns\Adobe\Calibration\Adobe Gamma Loader.exe [2006-09-20 19:47:11]Registration Heroes of Might & Magic 5.LNK - C:\Arquivos de programas\Ubisoft\Heroes of Might and Magic V Collector Edition\registration\RegistrationReminder.exe [2007-07-19 11:43:11]C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\Adobe Reader Speed Launch.lnk - C:\Arquivos de programas\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2005-05-11 22:23:26]R1 NPPTNT2;NPPTNT2;\??\C:\WINDOWS\system32\npptNT2.sysR2 extradrv;Extra Driver;C:\WINDOWS\system32\DRIVERS\extradrv.sysR2 SVKP;SVKP;\??\C:\WINDOWS\system32\SVKP.sysR2 WIBUKEY;WIBU-KEY Kernel Driver;C:\WINDOWS\system32\DRIVERS\Wibukey.sysR3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver;C:\WINDOWS\system32\DRIVERS\e1e5132.sysR3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver;C:\WINDOWS\system32\drivers\msmpu401.sysR3 MTsensor;ATK0110 ACPI UTILITY;C:\WINDOWS\system32\DRIVERS\ASACPI.sysR3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);C:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYSR3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver;C:\WINDOWS\system32\DRIVERS\usbuhci.sysR3 vaxscsi;vaxscsi;C:\WINDOWS\system32\Drivers\vaxscsi.sysS2 ramdrive;RAM Driver;C:\WINDOWS\system32\DRIVERS\ramdrive.sysS3 CEDRIVER50;CEDRIVER50;\??\C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\Pirata\Melhores Hacks\Cheat_Engine_and_Hacks_para_GunBound_Pirata_by_Be_Sk8\Cheat Engine and Hacks para GunBound Pirata by Be_Sk8\Instala‡Æo Cheat Engine\DBK32.sysS3 Dual2;Dual2;\??\C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\Pirata\Garisa hacks\aims\UltraBOT(2)\Dual2.sysS3 lredbooo;lredbooo;\??\C:\DOCUME~1\Windows\CONFIG~1\Temp\lredbooo.sysS3 MotDev;Motorola Inc. USB Device;C:\WINDOWS\system32\DRIVERS\motodrv.sysS3 motmodem;Motorola USB CDC ACM Driver;C:\WINDOWS\system32\DRIVERS\motmodem.sysS3 Revolution1;Revolution1;\??\C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\# Os q funfam\Revolution_Engine\Revolution Engine\Revolution.sysS3 saruen;saruen;\??\C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\SPEED BOT GBS\speedbot\Bp + SB + I + PE\SaruenGang 1.01\saruen.sysS3 ultra1;ultra1;\??\C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\Bypass\Funfando\Pack\Engine\ultra.sysS3 Wdf01000;Wdf01000;C:\WINDOWS\system32\DRIVERS\Wdf01000.sys[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\A]AutoRun\command- A:\Autorun.exe[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\B]AutoRun\command- B:\RunGame.exeContents of the 'Scheduled Tasks' folder2007-07-26 03:00:00 C:\WINDOWS\tasks\At1.job2007-07-26 12:00:00 C:\WINDOWS\tasks\At10.job2007-07-26 13:00:00 C:\WINDOWS\tasks\At11.job2007-07-26 14:00:00 C:\WINDOWS\tasks\At12.job2007-07-26 15:00:00 C:\WINDOWS\tasks\At13.job2007-07-26 16:00:00 C:\WINDOWS\tasks\At14.job2007-07-25 17:00:00 C:\WINDOWS\tasks\At15.job2007-07-25 18:00:00 C:\WINDOWS\tasks\At16.job2007-07-25 19:00:00 C:\WINDOWS\tasks\At17.job2007-07-25 20:00:00 C:\WINDOWS\tasks\At18.job2007-07-25 21:00:00 C:\WINDOWS\tasks\At19.job2007-07-26 04:00:00 C:\WINDOWS\tasks\At2.job2007-07-25 22:00:00 C:\WINDOWS\tasks\At20.job2007-07-25 23:00:00 C:\WINDOWS\tasks\At21.job2007-07-26 00:00:00 C:\WINDOWS\tasks\At22.job2007-07-26 01:00:00 C:\WINDOWS\tasks\At23.job2007-07-26 02:00:00 C:\WINDOWS\tasks\At24.job2007-07-26 03:13:24 C:\WINDOWS\tasks\At25.job2007-07-26 13:45:13 C:\WINDOWS\tasks\At26.job2007-07-26 13:45:13 C:\WINDOWS\tasks\At27.job2007-07-26 13:45:13 C:\WINDOWS\tasks\At28.job2007-07-26 13:45:13 C:\WINDOWS\tasks\At29.job2007-07-26 05:00:00 C:\WINDOWS\tasks\At3.job2007-07-26 13:45:13 C:\WINDOWS\tasks\At30.job2007-07-26 13:45:13 C:\WINDOWS\tasks\At31.job2007-07-26 13:45:13 C:\WINDOWS\tasks\At32.job2007-07-26 13:45:13 C:\WINDOWS\tasks\At33.job2007-07-26 13:45:13 C:\WINDOWS\tasks\At34.job2007-07-26 13:45:13 C:\WINDOWS\tasks\At35.job2007-07-26 16:03:55 C:\WINDOWS\tasks\At36.job2007-07-26 16:03:55 C:\WINDOWS\tasks\At37.job2007-07-26 16:03:55 C:\WINDOWS\tasks\At38.job2007-07-26 00:34:22 C:\WINDOWS\tasks\At39.job2007-07-26 06:00:00 C:\WINDOWS\tasks\At4.job2007-07-26 00:34:22 C:\WINDOWS\tasks\At40.job2007-07-26 00:34:22 C:\WINDOWS\tasks\At41.job2007-07-26 00:34:22 C:\WINDOWS\tasks\At42.job2007-07-26 00:34:22 C:\WINDOWS\tasks\At43.job2007-07-26 00:34:22 C:\WINDOWS\tasks\At44.job2007-07-26 00:34:22 C:\WINDOWS\tasks\At45.job2007-07-26 00:34:22 C:\WINDOWS\tasks\At46.job2007-07-26 03:13:25 C:\WINDOWS\tasks\At47.job2007-07-26 03:13:25 C:\WINDOWS\tasks\At48.job2007-07-26 07:00:00 C:\WINDOWS\tasks\At5.job2007-07-26 08:00:00 C:\WINDOWS\tasks\At6.job2007-07-26 09:00:00 C:\WINDOWS\tasks\At7.job2007-07-26 10:00:00 C:\WINDOWS\tasks\At8.job2007-07-26 11:00:00 C:\WINDOWS\tasks\At9.job2007-07-26 15:07:00 C:\WINDOWS\tasks\Verificar Atualizações para a Barra de Ferramentas do Windows Live.job2007-07-26 16:04:00 C:\WINDOWS\tasks\XoftSpySE 2.job2007-07-24 06:00:12 C:\WINDOWS\tasks\XoftSpySE.job**************************************************************************catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2007-07-26 13:04:08Windows 5.1.2600 Service Pack 2 NTFSscanning hidden processes ...scanning hidden registry entries ...[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DE7CBC09-E0F2-56FA-A851-14F3E2778FC9}][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F97AF4AE-58F8-11F0-DA1F-13EAA9E15C19}]"hajinkhbbbmljphi"=hex:6a,61,6c,64,6e,68,6a,64,61,69,6a,6e,6d,64,65,61,64,6a,61,6e,00,.."iapgdifagcjjecddpi"=hex:6a,61,6c,64,6b,68,64,6c,61,6b,6b,6c,62,6c,6b,6a,6e,6a,70,63,00,..scanning hidden files ...scan completed successfullyhidden files: 0**************************************************************************Completion time: 2007-07-26 13:06:11 - machine was rebootedC:\ComboFix-quarantined-files.txt ... 2007-07-26 13:05 --- E O F --- abraço Compartilhar este post Link para o post Compartilhar em outros sites
jgarcia 1 Denunciar post Postado Julho 26, 2007 Opa BrPhantom, Baixe o F-Secure Blacklight em: F-Secure Blacklight Salve-o em sua área de trabalho (desktop) e o execute. Aceite o acordo. Clique em Scan e aguarde. Se ele encontrar algum arquivo, ignore, pois quero apenas o log. Ao final do scan será gerado o arquivo fsbl-xxxxx.log (onde xxx são números). Preciso que você copie o log e poste em sua próxima resposta. Abraços. Compartilhar este post Link para o post Compartilhar em outros sites
BrPhantom 0 Denunciar post Postado Julho 26, 2007 Bem, nao foi encontrado nada... e o log q eu achei foi um q estava no desktop: fsbl-20070726231248 neles continha essas informações: 07/26/07 20:12:48 [Info]: BlackLight Engine 1.0.64 initialized07/26/07 20:12:48 [Info]: OS: 5.1 build 2600 (Service Pack 2)07/26/07 20:12:48 [Note]: 7019 407/26/07 20:12:48 [Note]: 7005 007/26/07 20:12:58 [Note]: 7006 007/26/07 20:12:58 [Note]: 7011 116807/26/07 20:12:59 [Note]: 7026 007/26/07 20:12:59 [Note]: 7026 007/26/07 20:13:03 [Note]: FSRAW library version 1.7.102207/26/07 20:18:20 [Note]: 2000 101207/26/07 20:18:47 [Note]: 7007 0 achei estranho esse log, é apenas isso mesmo? Compartilhar este post Link para o post Compartilhar em outros sites
jgarcia 1 Denunciar post Postado Julho 27, 2007 Opa BrPhantom, Execute o Active Scan da Panda e retorne com o resultado. Abraços. Compartilhar este post Link para o post Compartilhar em outros sites
BrPhantom 0 Denunciar post Postado Julho 28, 2007 jgarcia, Na hr de comecar o scan, o avast avisou de risco de worm, mas desabilitei e comecei novamente. Scan bem grande hein... demoro um bocado hehe :D to com 3 hds aki... total de 460 gb(usados) +/- acho q isso fez demorar mt... Por sinal ficou tao grande q vou hospedar aki... (417KB em bloco de notas :upset: ) http://www.sendspace.com/file/9g67gu vlw ae pela força abraço Compartilhar este post Link para o post Compartilhar em outros sites
BrPhantom 0 Denunciar post Postado Julho 31, 2007 opa, jgarcia, você conseguiu veririfar algo neste log?qual a proxuma etapa?obrigado Compartilhar este post Link para o post Compartilhar em outros sites
jgarcia 1 Denunciar post Postado Agosto 1, 2007 Opa BrPhantom, Vamos lá. Habilite o Windows para mostrar todos os arquivos (até ocultos). 1ª Etapa Baixe o CCleaner em: CCleaner Baixe, mas não execute ainda. Baixe o Killbox em: Killbox 1. Execute o Killbox, clique em Delete on Reboot. 2. Copie a lista abaixo em negrito para a área de transferência. Selecione tudo com o auxílio do mouse --> vá até a aba Editar na barra do navegador --> clique em Copiar. C:\WINDOWS\system32\closeapp.exe C:\WINDOWS\system32\mwsrvacc.exe C:\WINDOWS\system32\Sys\DKYO.007 C:\WINDOWS\system32\Sys\DMPI.007 C:\WINDOWS\system32\Sys\KSWA.007 C:\WINDOWS\system32\Sys\YGDF.007 C:\WINDOWS\system32AKV.exe C:\WINDOWS\system32RLUQ.006 C:\WINDOWS\system32RLUQ.007 C:\WINDOWS\system32RLUQ.exe C:\WINDOWS\system32YLXS.006 C:\WINDOWS\system32YLXS.007 C:\Arquivos de programas\HGI\AKV.exe C:\Arquivos de programas\HGI\HGI.003 C:\Arquivos de programas\HGI\HGI.007 C:\Arquivos de programas\FullT\setup\gendel32.ex_ C:\Arquivos de programas\Softnyx Canada\GunBound Classic\Hacks\Selecionados\Cheat_Engine_and_Hacks_para_GunBound_Pirata_by_Be_Sk8\Cheat Engine and Hacks para GunBound Pirata by Be_Sk8\Instalação Cheat Engine\dbk32.sys C:\Documents and Settings\Matheus\Celular\Downloads do forum\Programas\Conversor para .mid\AnMing Mp3 to ringtone pro v1.2\cracks\lz0wph01-2006-06-21.rar C:\Documents and Settings\Matheus\Programas essenciais\CyberScript32\CyberScript32\sistema\dlls\nHTMLn.dll C:\Documents and Settings\Matheus\Programas essenciais\CyberScript32.rar C:\Documents and Settings\Matheus\Programas essenciais\Videos\bsplayer139.829.exe C:\Documents and Settings\Matheus\Programas essenciais\Virus e anti-virus\Anti Spyware\Mais Recomendados\Xoftspyse V 4.31.232.rar C:\Documents and Settings\Matheus\Programas essenciais\Virus e anti-virus\Hacking\ardamax\hldtl.zip C:\Documents and Settings\Matheus\Programas essenciais\Virus e anti-virus\Hacking\ardamax\install_akl.exe C:\Documents and Settings\Matheus\Programas essenciais\Virus e anti-virus\Virus\Downloads\netbus17.exe C:\Documents and Settings\Matheus\Programas essenciais\Virus e anti-virus\Virus\Downloads\Remote Logger 2.2.zip C:\Documents and Settings\Matheus Temporario\Hacks\Downloads\netbus17.exe C:\Documents and Settings\Matheus Temporario\Hacks\Downloads\Remote Logger 2.2.zip C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\GC\Hacks\CE_Lite_www.cheatsbrasil.com\CE Lite - www.gbcheats.net\nv7800gt.sys C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\GC\Hacks\CE_Lite_www.cheatsbrasil.com.rar C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\Bypass\Funfando\Pack\Engine\ultra.sys C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\extra\descobrindo_cpf\WPE_Pro___Tutorial\WPE PRO.exe C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\extra\descobrindo_cpf\WPE_Pro___Tutorial\WpeSpy.dll C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\extra\KL\KL\setup_akl.exe C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\Pirata\Garisa hacks\Trainners\ReDNoS-NA\ReDNoS-NA\Bypass-Trainer\GR.sys C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Atalhos\Gundound\Pirata\Melhores Hacks\Cheat_Engine_and_Hacks_para_GunBound_Pirata_by_Be_Sk8\Cheat Engine and Hacks para GunBound Pirata by Be_Sk8\Instalação Cheat Engine\dbk32.sys C:\Documents and Settings\Windows\Desktop\Pastas\Jogos\Hacks\Gunbound\novo\+-\RamiroEngine\RamiroEngine\cheetah.sys C:\Meus Jogos\Need For Speed Carbon\Downloads\Cheats\16trainer.rar C:\Meus Programas\Internet Download Manager v4.03.5.rar D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653976.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653977.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653978.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653979.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653980.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653981.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653982.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653983.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653984.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653985.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653986.exe D:\System Volume Information\_restore{53DAA61A-7706-4532-BF65-9967EF498DBA}\RP323\A0653987.exe E:\Documents and Settings\Matheus\Cheats Brasil\Couter Strike\Robster Productions\Halflife Logo Creator\HLC.exe E:\Documents and Settings\Matheus\Cheats Brasil\Gunbound\Downloads\Hacks GBS\Gold_Hack.rar 3. Retorne ao Killbox. Clique em File > Paste from clipboard. Clique em All Files. 4. Aperte em "X". Responda "não" à pergunta. 2ª Etapa Reinicie em Modo Normal. Delete o conteúdo da pasta C:\!Killbox. Execute o CCleaner e clique em Executar Cleaner. Execute o Active Scan novamente e verifique se ainda detecta algo. Um abraço. Compartilhar este post Link para o post Compartilhar em outros sites
Sam Spade 2 Denunciar post Postado Dezembro 17, 2007 Tópico Arquivado Como o autor não respondeu por mais de 20 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Tópico Arquivado Como o autor não respondeu por mais de 20 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
