[Arquivado] pc desliga só... eoutras coisas...

[isaiaslopes3 0]

novos problemas: o pc ja desligou sozinho do nada umas tres vezes desde quinta. o relogio quando ligo fica dessincronizado.

no gerenciador de tarefas apareceu um tal de Ravmone (coisa assim) e que eu nunca vi na vida... o teclado tb nesses dias parou de funcionar algumas teclas... bom o teclado e o pc hoje ainda nao derao nada...

 

sim.. eu queria ver se vcs me ajudam a deletar um programa tb, é o flashget que é gerenciador de downs... o programa ta deletado, mas nao consigo deletar um tal de jetcar coisa assim. quando to com o mouse em algum site, aparece as vezes umas letrinhas orientais mesmo em cima de onde eu pretendo clicar... ja tentei deletar mas nao consigo...

 

 

Logfile of HijackThis v1.99.1

Scan saved at 12:10:46, on 19/8/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Arquivos de programas\eMule2\emule.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Arquivos de programas\MSN Messenger\usnsvc.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Scoop2004\mirc.exe

C:\Arquivos de programas\Microsoft Office\OFFICE11\WINWORD.EXE

C:\Instalação de programas\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.digi.com.br/

R3 - URLSearchHook: CUOLSearchHook Object - {1FE8243E-0A3A-41B9-B9CE-EFFEE51974D3} - C:\Arquivos de programas\Arquivos comuns\uol\urlsearch\UOLSearchHook.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {8E6CFDFE-79A8-421C-B854-04081690CE6B} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Arquivos de programas\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar1.02.5000.1021\pt-br\msntb.dll

O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\ARQUIV~1\FlashGet\getflash.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar1.02.5000.1021\pt-br\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\fgiebar.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\RavMonE.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [eMuleAutoStart] C:\Arquivos de programas\eMule2\emule.exe -AutoStart

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab50997.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

[raphael436 0]

Faça download do killbox

Rode o KillBox, marque Delete on Reboot e coloque em Full Path of File to Delete:

C:\WINDOWS\RavMonE.exe

Clique no botão x. Responda Sim à pergunta.

 

Faça o download do ComboFix

É importante que o salve no seu desktop (ambiente de trabalho)

Feche todas as janelas e programas.

Dê um duplo-clique no combofix.exe, marque 1 e dê o enter.

É um pouco demorado, por favor seja paciente. Não clique com o mouse enquando a ferramenta estiver em execução, isto pode fazer que o computador pare, Para parar ou sair do ComboFix, tecle "N".

Quando a ferramenta terminar de rodar, gerará um log. Que estará em C:\ComboFix.txt, copie-o na sua resposta, faça também um novo log do HijackThis para colocar na sua resposta.

[raphael436 0]

Faça download do killbox

Rode o KillBox, marque Delete on Reboot e coloque em Full Path of File to Delete:

C:\WINDOWS\RavMonE.exe

Clique no botão x. Responda Sim à pergunta.

 

Faça o download do ComboFix

É importante que o salve no seu desktop (ambiente de trabalho)

Feche todas as janelas e programas.

Dê um duplo-clique no combofix.exe, marque 1 e dê o enter.

É um pouco demorado, por favor seja paciente. Não clique com o mouse enquando a ferramenta estiver em execução, isto pode fazer que o computador pare, Para parar ou sair do ComboFix, tecle "N".

Quando a ferramenta terminar de rodar, gerará um log. Que estará em C:\ComboFix.txt, copie-o na sua resposta, faça também um novo log do HijackThis para colocar na sua resposta.

[isaiaslopes3 0]

Logfile of HijackThis v1.99.1

Scan saved at 12:50:57, on 22/8/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\Arquivos de programas\QuickTime\qttask.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Arquivos de programas\eMule2\emule.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\internet explorer\iexplore.exe

C:\Instalação de programas\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.digi.com.br/

R3 - URLSearchHook: CUOLSearchHook Object - {1FE8243E-0A3A-41B9-B9CE-EFFEE51974D3} - C:\Arquivos de programas\Arquivos comuns\uol\urlsearch\UOLSearchHook.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {8E6CFDFE-79A8-421C-B854-04081690CE6B} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Arquivos de programas\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar1.02.5000.1021\pt-br\msntb.dll

O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\ARQUIV~1\FlashGet\getflash.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\MSN Apps\MSN Toolbar1.02.5000.1021\pt-br\msntb.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Arquivos de programas\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\ARQUIV~1\FlashGet\fgiebar.dll

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [eMuleAutoStart] C:\Arquivos de programas\eMule2\emule.exe -AutoStart

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab50997.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\guard.exe

 

 

ComboFix 07-08-17.2 - "Home" 2007-08-22 12:25:46.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.7 [GMT -3:00]

 

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

C:\.protected

C:\DOCUME~1\Home\DADOSD~1\DriveCleaner 2006 Free

C:\DOCUME~1\Home\DADOSD~1\DriveCleaner 2006 Free\Logs\update.log

C:\WINDOWS\dat.txt

C:\WINDOWS\rs.txt

C:\WINDOWS\search_res.txt

C:\WINDOWS\system32\drivers\etc\.protected

 

 

((((((((((((((((((((((((( Files Created from 2007-07-22 to 2007-08-22 )))))))))))))))))))))))))))))))

 

 

2007-08-22 12:09 <DIR> d-------- C:\!KillBox

2007-08-16 20:51 <DIR> d-------- C:\Arquivos de programas\Active GIF Creator 3.0

2007-08-16 20:30 <DIR> d-------- C:\Arquivos de programas\Liatro

2007-07-30 18:56 <DIR> d-------- C:\9d5811698e74b2d743e2f28d819c

2007-07-30 18:50 <DIR> d-------- C:\WINDOWS\system32\LogFiles

2007-07-30 18:50 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF

 

 

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

 

2007-08-11 21:06 --------- d-------- C:\Arquivos de programas\eMule2

2007-08-01 15:16 1676 --a------ C:\WINDOWS\system32\tmp.reg

2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll

2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll

2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe

2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll

2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll

2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll

2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll

2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll

2007-07-09 19:14 --------- d--h----- C:\Arquivos de programas\InstallShield Installation Information

2007-07-09 19:14 --------- d-------- C:\Arquivos de programas\Motorola Phone Tools

2007-07-09 19:14 --------- d-------- C:\Arquivos de programas\Avanquest update

2007-07-09 19:09 22768 --a------ C:\WINDOWS\system32\drivers\usbsermpt.sys

2007-07-09 18:48 --------- d-------- C:\Arquivos de programas\Motorola

2007-07-01 21:35 --------- d-------- C:\Arquivos de programas\K-Lite Codec Pack

2007-06-30 15:40 --------- d-------- C:\Arquivos de programas\FlashGet

2007-06-26 17:16 --------- d-------- C:\Arquivos de programas\MSXML 4.0

2007-06-26 03:10 1104896 --a------ C:\WINDOWS\system32\msxml3.dll

2007-06-24 16:25 --------- d-------- C:\Arquivos de programas\Google

2007-06-19 10:31 282112 --a------ C:\WINDOWS\system32\gdi32.dll

2007-06-17 00:11 51200 --a------ C:\WINDOWS\nircmd.exe

2007-06-13 10:21 1035264 --a------ C:\WINDOWS\explorer.exe

2007-06-05 20:04 1020928 --a------ C:\Arquivos de programas\Flash(2).exe

2001-11-23 01:08 712704 -ra------ C:\WINDOWS\inf\OTHER\AUDIO3D.DLL

 

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

*Note* empty entries & legit default entries are not shown

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8E6CFDFE-79A8-421C-B854-04081690CE6B}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Cmaudio"="cmicnfg.cpl" []

"QuickTime Task"="C:\Arquivos de programas\QuickTime\qttask.exe" [2006-05-21 18:39]

"avast!"="C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 12:42]

"!AVG Anti-Spyware"="C:\Arquivos de programas\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 06:25]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:45]

"eMuleAutoStart"="C:\Arquivos de programas\eMule2\emule.exe" [2006-03-02 14:18]

 

R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5b.sys

S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\fetnd5.sys

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3193026a-45d3-11dc-874b-00142a97d982}]

Auto\command- E:\RavMonE.exe e

AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{76bfed9c-4f00-11dc-8765-00142a97d982}]

Auto\command- E:\RavMonE.exe e

AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d79e0d4d-69d7-11db-85ef-00142a97d982}]

Auto\command- E:\RavMonE.exe e

AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e11fab6b-e77e-11db-86a5-00142a97d982}]

Auto\command- E:\RavMonE.exe e

AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e

 

 

**************************************************************************

 

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-08-22 12:30:25

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

 

Completion time: 2007-08-22 12:32:06

C:\ComboFix-quarantined-files.txt ... 2007-08-22 12:31

C:\ComboFix2.txt ... 2007-06-27 23:27

 

--- E O F ---

[raphael436 0]

Apague a pasta C:/!KillBox

Abra o HijackThis e clique em Do a system scan only.

Marque SOMENTE a entrada abaixo e clique em Fix checked

O2 - BHO: (no name) - {8E6CFDFE-79A8-421C-B854-04081690CE6B} - (no file)

 

Faz um san em http://www.bitdefender.com.br/ clicando em BitDefender scan online e coloque o log do final do scan na sua resposta.

[isaiaslopes3 0]

foi o seguinte: passei esse scan mas nao apareceu nenhum log... como demorava muito eu aproveitei pra resolver algumas coisas enquanto scaneava. pelo que eu vi no log em andamento, a unica coisa que aparecia que sobre o ariquivo scoop.exe, que é de mirc. so que eu ja tenho esse programa a 3 anos. axo que houve ma interpretaçao...o pc nao desliga mais só. o relogio voltou ao normal, os erros de sistema pararam de ocorrer tb... a unica coisa que eu gostaria é tirar o flashget, porque fica aparecendo as vezes quando eu vou clicar com o mouse em algum lugar...

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.