[Arquivado] problemas com world of warcraft : meu pc reinicia ao

[emmanueleco 0]

to tento um problema com meu pc , ele reinicia toda vez q logo meu char no wow, usei um programa mencionado aqui para analizar, to add o post do log.text a seguir :

Logfile of random's system information tool 1.04 (written by random/random)

Run by Administrador at 2008-12-06 13:52:07

Microsoft Windows XP Professional Service Pack 2

System drive C: has 24 GB (43%) free of 56 GB

Total RAM: 446 MB (27% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:52:41, on 6/12/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe

C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe

C:\Arquivos de programas\LogMeIn\x86\LMIGuardian.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\RioMSC.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\VTtrayp.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

C:\Arquivos de programas\Turbo\Manager\desp2k.exe

C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

C:\Arquivos de programas\D-Tools\daemon.exe

C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe

C:\Arquivos de programas\LogMeIn\x86\LMIGuardian.exe

C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe

C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Arquivos de programas\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

C:\Arquivos de programas\Google\Web Accelerator\GoogleWebAccWarden.exe

C:\Arquivos de programas\Google\Web Accelerator\googlewebaccclient.exe

C:\Arquivos de programas\Internet Explorer\iexplore.exe

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Arquivos de programas\HP\Digital Imaging\bin\hpqSTE08.exe

C:\RSIT.exe

C:\Arquivos de programas\trend micro\Administrador.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac

R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P0.dll

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P0.dll

O2 - BHO: rightonadz browser optimizer - {5766fd7a-cf44-0900-6e21-53207acfed9b} - C:\WINDOWS\system32\{71c7b984-6f54-73fd-e4d6-a65600d78c65}.dll (file missing)

O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Arquivos de programas\Google\Web Accelerator\GoogleWebAccToolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\arquivos de programas\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\arquivos de programas\google\googletoolbar1.dll

O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Arquivos de programas\P2P_Energy\tbP2P0.dll

O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Arquivos de programas\Google\Web Accelerator\GoogleWebAccToolbar.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [desp2k] C:\Arquivos de programas\Turbo\Manager\desp2k.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [PlayNowGames] C:\Arquivos de programas\PlayNow\PlayNowClient.exe

O4 - HKLM\..\Run: [hid_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerify

O4 - HKLM\..\Run: [avast!] C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Arquivos de programas\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [hotdlll] C:\WINDOWS\orkss.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [bios] C:\WINDOWS\system32\bios.exe

O4 - HKCU\..\Run: [LightDialer] C:\Arquivos de programas\Turbo\Discador Turbo\DISCADOR.EXE

O4 - HKCU\..\Run: [MsnMsgr] "C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [instant Access] C:\WINDOWS\system32\linkprd.exe /res

O4 - HKCU\..\Run: [PedalToTheMetalSetup.exe] C:\DOCUME~1\ADMINI~1\Desktop\PEDALT~1.EXE /r

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [program logo] C:\DOCUME~1\ADMINI~1\DADOSD~1\MESSBI~1\Lite thunk.exe

O4 - HKCU\..\Run: [iexplorerskut] C:\WINDOWS\system32\dllhostc.exe

O4 - HKCU\..\Run: [explorer] C:\WINDOWS\systemq.exe

O4 - HKCU\..\Run: [iexplorer] C:\WINDOWS\system32\nvsvc33.exe

O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Arquivos de programas\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t

O4 - HKCU\..\Run: [MicrosoftUpgrade] C:\WINDOWS\inetinfx.exe

O4 - HKCU\..\Run: [cefplugie] C:\WINDOWS\system32\ashservec.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; Embedded Web Browser from: http://bsalsa.com/; InfoPath.1; .NET CLR 2.0.50727)" -"http://limao.miniclip.com/games/snowboard-madness/br/"

O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Arquivos de programas\Video Add-on\isfmntr.exe

O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Arquivos de programas\Video Add-on\icthis.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Portal_Bonito_Screensaver_3.0.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Arquivos de programas\Google\Web Accelerator\GoogleWebAccWarden.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Arquivos de programas\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {DB7BF79A-FC51-4B5A-92BC-A65731174380} (InstantAction Game Launcher) - http://www.instantaction.com/download/iaplayer.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe

O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/CONFIG~1/Temp/msohtml1/01/clip_image001.jpg

O24 - Desktop Component 1: (no name) - file:///C:/Documents%20and%20Settings/Administrador/Configurações%20locais/Temporary%20Internet%20Files/Content.IE5/O3M068W5/1193C5~1[1].GIF

 

--

End of file - 12452 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\AF8D2787918AD8F7.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Facilitador de Leitor de Link Adobe PDF - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

P2P Energy Toolbar - C:\Arquivos de programas\P2P_Energy\tbP2P0.dll [2008-11-22 1784856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5766fd7a-cf44-0900-6e21-53207acfed9b}]

rightonadz browser optimizer - C:\WINDOWS\system32\{71c7b984-6f54-73fd-e4d6-a65600d78c65}.dll []

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69A87B7D-DE56-4136-9655-716BA50C19C7}]

&Google Web Accelerator Helper - C:\Arquivos de programas\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Arquivos de programas\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Auxiliar de Conexão do Windows Live - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\arquivos de programas\google\googletoolbar1.dll [2007-07-21 2403392]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Arquivos de programas\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-10-05 737776]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

Windows Live Toolbar Helper - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Arquivos de programas\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\arquivos de programas\google\googletoolbar1.dll [2007-07-21 2403392]

{2bae58c2-79f9-45d1-a286-81f911301c3a} - P2P Energy Toolbar - C:\Arquivos de programas\P2P_Energy\tbP2P0.dll [2008-11-22 1784856]

{DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - Google Web Accelerator - C:\Arquivos de programas\Google\Web Accelerator\GoogleWebAccToolbar.dll [2007-07-09 311296]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-07 53248]

"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-03-11 147456]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-06-30 88203]

"HP Software Update"=C:\Arquivos de programas\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

"desp2k"=C:\Arquivos de programas\Turbo\Manager\desp2k.exe [2005-03-16 61440]

"SunJavaUpdateSched"=C:\Arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

"PlayNowGames"=C:\Arquivos de programas\PlayNow\PlayNowClient.exe []

"hid_start"=C:\WINDOWS\system32\gzmrotate.dll DllVerify []

"avast!"=C:\ARQUIV~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]

"DAEMON Tools-1033"=C:\Arquivos de programas\D-Tools\daemon.exe [2004-08-22 81920]

"hotdlll"=C:\WINDOWS\orkss.exe []

"Adobe Reader Speed Launcher"=C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

"LogMeIn GUI"=C:\Arquivos de programas\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]

"bios"=C:\WINDOWS\system32\bios.exe []

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"start"=C:\Arquivos de programas\Video Add-on\isfmntr.exe []

"some"=C:\Arquivos de programas\Video Add-on\icthis.exe []

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightDialer"=C:\Arquivos de programas\Turbo\Discador Turbo\DISCADOR.EXE [2006-03-06 864256]

"MsnMsgr"=C:\Arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

"swg"=C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-27 68856]

"Instant Access"=C:\WINDOWS\system32\linkprd.exe /res []

"PedalToTheMetalSetup.exe"=C:\DOCUME~1\ADMINI~1\Desktop\PEDALT~1.EXE /r []

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

"program logo"=C:\DOCUME~1\ADMINI~1\DADOSD~1\MESSBI~1\Lite thunk.exe []

"iexplorerskut"=C:\WINDOWS\system32\dllhostc.exe []

"explorer"=C:\WINDOWS\systemq.exe []

"iexplorer"=C:\WINDOWS\system32\nvsvc33.exe []

"DriverUpdaterPro"=C:\Arquivos de programas\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe [2008-06-26 2294308]

"MicrosoftUpgrade"=C:\WINDOWS\inetinfx.exe []

"cefplugie"=C:\WINDOWS\system32\ashservec.exe []

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"=C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~3.EXE [2008-08-06 447928]

 

C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar

HP Digital Imaging Monitor.lnk - C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe

Run Google Web Accelerator.lnk - C:\Arquivos de programas\Google\Web Accelerator\GoogleWebAccWarden.exe

 

C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar

Portal_Bonito_Screensaver_3.0.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]

C:\WINDOWS\system32\LMIinit.dll [2008-10-16 87352]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe"="C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Documents and Settings\Administrador\Desktop\emanuel doc\utorrent.exe"="C:\Documents and Settings\Administrador\Desktop\emanuel doc\utorrent.exe:*:Enabled:µTorrent"

"C:\Arquivos de programas\OnGame\GunBoundWC\GunBound.gme"="C:\Arquivos de programas\OnGame\GunBoundWC\GunBound.gme:*:Enabled:GunBound"

"C:\Arquivos de programas\Java\jre1.6.0_05\bin\javaw.exe"="C:\Arquivos de programas\Java\jre1.6.0_05\bin\javaw.exe:*:Enabled:Java Platform SE binary"

"C:\Arquivos de programas\GameSpy Arcade\Aphex.exe"="C:\Arquivos de programas\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"

"C:\Arquivos de programas\Rio\Rio Music Manager\riomm.exe"="C:\Arquivos de programas\Rio\Rio Music Manager\riomm.exe:*:Enabled:Rio Music Manager"

"C:\Arquivos de programas\Java\jre1.6.0_07\bin\javaw.exe"="C:\Arquivos de programas\Java\jre1.6.0_07\bin\javaw.exe:*:Enabled:Java Platform SE binary"

"C:\Arquivos de programas\Warcraft III\Warcraft III.exe"="C:\Arquivos de programas\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"

"C:\Arquivos de programas\Warcraft III\War3.exe"="C:\Arquivos de programas\Warcraft III\War3.exe:*:Enabled:Warcraft III"

"C:\Arquivos de programas\Electronic Arts\The Battle for Middle-earth II\game.dat"="C:\Arquivos de programas\Electronic Arts\The Battle for Middle-earth II\game.dat:*:Enabled:The Battle for Middle-earth II"

"C:\World of Warcraft\Repair.exe"="C:\World of Warcraft\Repair.exe:*:Enabled:Blizzard Repair Utility"

"C:\Program Files\Starcraft\StarCraft.exe"="C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f0356248-3a12-11dc-b6b4-0015581c5432}]

shell\Auto\command - tel.xls.exe

shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL tel.xls.exe

 

 

======List of files/folders created in the last 1 months======

 

2008-12-06 13:51:33 ----A---- C:\RSIT.exe

2008-12-06 13:50:58 ----D---- C:\Arquivos de programas\trend micro

2008-12-06 13:50:57 ----D---- C:\rsit

2008-12-04 20:55:43 ----D---- C:\Arquivos de programas\World of Warcraft

2008-12-04 20:54:28 ----D---- C:\Arquivos de programas\WoWus

2008-12-01 15:59:12 ----D---- C:\Documents and Settings\Administrador\Dados de aplicativos\WoWus

2008-11-21 21:53:56 ----D---- C:\Arquivos de programas\InCode Solutions

2008-11-21 14:13:56 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\HP Product Assistant

2008-11-20 12:40:23 ----A---- C:\WINDOWS\system32\msnmessagenc.exe

2008-11-20 12:39:38 ----D---- C:\WINDOWS\system32\Prefetchxs

2008-11-16 23:13:05 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\LogMeIn

2008-11-16 23:12:58 ----A---- C:\WINDOWS\system32\LMIport.dll

2008-11-16 23:12:57 ----A---- C:\WINDOWS\system32\LMIRfsClientNP.dll

2008-11-16 23:12:41 ----A---- C:\WINDOWS\system32\LMIinit.dll

2008-11-16 23:12:13 ----D---- C:\Arquivos de programas\LogMeIn

2008-11-16 22:11:21 ----D---- C:\Arquivos de programas\PC Inspector File Recovery

2008-11-12 12:38:18 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$

2008-11-12 12:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2008-11-08 20:31:30 ----A---- C:\WINDOWS\system32\d3dx9_27.dll

 

======List of files/folders modified in the last 1 months======

 

2008-12-06 13:50:58 ----RD---- C:\Arquivos de programas

2008-12-06 13:43:01 ----D---- C:\WINDOWS\Temp

2008-12-06 13:42:07 ----D---- C:\WINDOWS

2008-12-06 13:38:48 ----D---- C:\Documents and Settings\Administrador\Dados de aplicativos\uTorrent

2008-12-06 11:05:13 ----D---- C:\WINDOWS\Prefetch

2008-12-06 10:11:23 ----D---- C:\WINDOWS\system32\CatRoot2

2008-12-06 10:03:44 ----D---- C:\WINDOWS\system32

2008-12-04 22:33:05 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-12-04 21:02:02 ----D---- C:\Arquivos de programas\Arquivos comuns\Blizzard Entertainment

2008-12-01 17:04:54 ----D---- C:\WINDOWS\Minidump

2008-12-01 16:36:00 ----SHD---- C:\WINDOWS\Installer

2008-12-01 16:36:00 ----HD---- C:\Config.Msi

2008-12-01 16:35:58 ----D---- C:\WINDOWS\system32\drivers

2008-12-01 16:35:57 ----D---- C:\Arquivos de programas\D-Tools

2008-11-30 12:52:06 ----SD---- C:\WINDOWS\Downloaded Program Files

2008-11-30 10:13:53 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem.txt

2008-11-28 16:21:48 ----D---- C:\Arquivos de programas\Google

2008-11-28 15:41:47 ----A---- C:\WINDOWS\NeroDigital.ini

2008-11-26 17:02:06 ----D---- C:\WINDOWS\Help

2008-11-26 15:21:30 ----A---- C:\WINDOWS\system32\aswBoot.exe

2008-11-25 20:22:23 ----RSHDC---- C:\WINDOWS\system32\dllcache

2008-11-25 10:38:58 ----A---- C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem.txt

2008-11-25 10:29:40 ----HD---- C:\WINDOWS\inf

2008-11-22 14:03:54 ----D---- C:\Arquivos de programas\P2P_Energy

2008-11-22 14:03:48 ----D---- C:\Arquivos de programas\Portal Bonito Screensaver

2008-11-21 14:14:00 ----D---- C:\WINDOWS\WinSxS

2008-11-20 14:01:18 ----D---- C:\WINDOWS\system32\CatRoot

2008-11-20 13:32:23 ----D---- C:\Documents and Settings

2008-11-20 13:10:51 ----D---- C:\WINDOWS\network diagnostic

2008-11-20 11:45:34 ----D---- C:\Program Files

2008-11-16 22:11:20 ----HD---- C:\Arquivos de programas\InstallShield Installation Information

2008-11-15 21:16:41 ----D---- C:\WINDOWS\Cursors

2008-11-15 21:12:15 ----D---- C:\WINDOWS\system32\DirectX

2008-11-15 14:15:25 ----D---- C:\WINDOWS\system32\CatRoot_bak

2008-11-15 13:20:56 ----D---- C:\Arquivos de programas\Circle Developement

2008-11-14 21:06:28 ----D---- C:\Arquivos de programas\Warcraft III

2008-11-12 12:38:23 ----A---- C:\WINDOWS\imsins.BAK

2008-11-12 12:38:16 ----HD---- C:\WINDOWS\$hf_mig$

2008-11-09 20:23:57 ----D---- C:\Documents and Settings\All Users\Dados de aplicativos\Adobe

2008-11-09 20:23:30 ----D---- C:\Arquivos de programas\Arquivos comuns\Adobe

2008-11-09 20:23:30 ----D---- C:\Arquivos de programas\Adobe

2008-11-08 20:22:00 ----D---- C:\Arquivos de programas\Electronic Arts

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]

R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]

R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]

R1 intelppm;Driver de Processador Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40192]

R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]

R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]

R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Arquivos de programas\LogMeIn\x86\RaInfo.sys []

R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []

R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-06-30 1094848]

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]

R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]

R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]

R3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2003-04-04 30336]

R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]

R3 usbaudio;Driver de áudio USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]

R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]

R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]

R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-07-07 226560]

S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]

S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2008-05-08 223128]

S3 FXDRV;FXDRV; \??\E:\Fxdrv.sys []

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]

S3 MSTEE;Conversor em T entre locais de fluxo contínuo Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]

S3 NdisIP;Conexão de TV e vídeo da Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]

S3 npkcrypt;npkcrypt; \??\C:\Arquivos de programas\Gravity\Ragnarok Online\npkcrypt.sys []

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]

S3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-09-05 6912]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

S3 usbser;Motorola USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-04 25600]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]

S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]

R2 avast! Antivirus;avast! Antivirus; C:\Arquivos de programas\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]

R2 LMIMaint;LogMeIn Maintenance Service; C:\Arquivos de programas\LogMeIn\x86\RaMaint.exe [2008-10-16 116032]

R2 LogMeIn;LogMeIn; C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe [2008-07-24 63040]

R2 MDM;Machine Debug Manager; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]

R2 RioMSC;Rio MSC Manager; C:\WINDOWS\system32\RioMSC.exe [2004-08-26 282624]

R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]

R3 avast! Web Scanner;avast! Web Scanner; C:\Arquivos de programas\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]

S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]

S3 gusvc;Google Updater Service; C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-22 137200]

S3 IDriverT;InstallDriver Table Manager; C:\Arquivos de programas\Arquivos comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 ose;Office Source Engine; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 usnjsvc;Serviço de Compartilhamento de Pastas Messenger do USN Journal Reader; C:\Arquivos de programas\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2004-08-04 14336]

S3 WLSetupSvc;Windows Live Setup Service; C:\Arquivos de programas\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]

 

-----------------EOF-----------------

[MGuitar 11]

- Faça o download do ComboFix e salve-o na área de trabalho;

 

● Desative temporariamente o seu antivirus para não detectar a ferramenta como vírus;

● Duplo clique no ícone combofix.exe para iniciar o scan;

● Leia o contrato que aparecerá e clique em Sim para continuar;

● Abrirá uma janela do Console de Recuperação, clique em Sim para instalar. Se aparecer outra janela do Console, clique em OK > Sim;

● Aguarde enquanto o ComboFix faz o scan;

● Se ocorrer algum problema durante o scan, reinicie seu computador em Modo de Segurança e repita o procedimento;

● Não clique na janela do ComboFix e procure não utilizar o teclado também, para não atrapalhar a varredura da ferramenta;

● Se quiser sair ou parar o ComboFix, tecle N;

● Quando terminar seu micro será reiniciado. Após o reinicio, a ferramenta executará novamente, aguarde;

● Será gerado um log em C:\ComboFix.txt.

 

Cole este log em sua próxima resposta.

[emmanueleco 0]

ta ai cara:

ComboFix 08-12-07.01 - Administrador 2008-12-08 18:38:32.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1046.18.159 [GMT -2:00]

Executando de: c:\documents and settings\Administrador\Desktop\ComboFix.exe

* Criado um novo ponto de restauro

.

 

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\arquivos de programas\Adssite Advanced Toolbar

c:\arquivos de programas\Adssite Advanced Toolbar\buttons.xml

c:\arquivos de programas\Adssite Advanced Toolbar\search.xml

c:\arquivos de programas\Adssite Advanced Toolbar\uninstall.exe

c:\arquivos de programas\AntiSpyGolden 5.1

c:\arquivos de programas\AntiSpyGolden 5.1\AntiSpyGolden AntiSpyGolden.url

c:\arquivos de programas\AntiSpyGolden 5.1\DbgHelp.Dll

c:\arquivos de programas\AntiSpyGolden 5.1\generalConfig.xml

c:\arquivos de programas\AntiSpyGolden 5.1\ignored.lst

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11092007-171037.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11092007-171057.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11102007-105306.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11112007-190905.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11112007-210309.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11122007-075604.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11122007-133741.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11132007-135711.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11132007-204142.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11142007-115401.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11142007-123637.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11152007-100202.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11152007-143519.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11152007-153057.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11162007-102759.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11172007-124744.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11182007-103933.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11182007-202013.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11192007-080600.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11192007-120900.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11192007-135143.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11192007-182706.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11192007-183209.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11192007-183222.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11202007-131506.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11202007-213057.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11212007-215509.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11222007-074707.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11222007-091720.html

c:\arquivos de programas\AntiSpyGolden 5.1\Logs\scan_log_11222007-160537.html

c:\arquivos de programas\AntiSpyGolden 5.1\monitorConfig.xml

c:\arquivos de programas\AntiSpyGolden 5.1\scannerConfig.xml

c:\arquivos de programas\AntiSpyGolden 5.1\usageStats.xml

c:\arquivos de programas\instant access

c:\arquivos de programas\instant access\Center\NoCreditCard.lnk

c:\arquivos de programas\instant access\Center\NoCreditCard.upd

c:\arquivos de programas\instant access\Center\tray1.ico

c:\arquivos de programas\instant access\DesktopIcons\NoCreditCard.lnk

c:\arquivos de programas\instant access\Multi\20070801140806\Common\module.php

c:\arquivos de programas\instant access\Multi\20070801140806\dialerexe.ini

c:\arquivos de programas\instant access\Multi\20070801140806\js\js_api_dialer.php

c:\arquivos de programas\instant access\Multi\20070801140806\medias\button1.gif

c:\arquivos de programas\instant access\Multi\20070801140806\medias\button2.gif

c:\arquivos de programas\instant access\Multi\20070801140806\medias\button3.gif

c:\arquivos de programas\instant access\Multi\20070801140806\medias\button4.gif

c:\arquivos de programas\instant access\Multi\20070801140806\medias\dialer.ico

c:\arquivos de programas\Video Add-on

c:\arquivos de programas\Video Add-on\ot.ico

c:\arquivos de programas\Video Add-on\Thumbs.db

c:\arquivos de programas\Video Add-on\ts.ico

c:\documents and settings\Administrador\Dados de aplicativos\Adssite Advanced Toolbar

c:\documents and settings\Administrador\Dados de aplicativos\Adssite Advanced Toolbar\advertbuttons.xml

c:\documents and settings\Administrador\Dados de aplicativos\Adssite Advanced Toolbar\selected.xml

c:\documents and settings\Administrador\Favoritos\Online Security Test.url

c:\windows\dialerexe.ini

c:\windows\IE4 Error Log.txt

c:\windows\inidirx.ini

c:\windows\ponto.DLL

c:\windows\system32\adssite-remove.exe

c:\windows\system32\drivers\npf.sys

c:\windows\system32\MEGATRON.ini

c:\windows\system32\nvs2.inf

c:\windows\system32\packet.dll

c:\windows\system32\pthreadVC.dll

c:\windows\system32\rightonadz-uninst.exe

c:\windows\system32\saepsqegns.dat

c:\windows\system32\saepsqegns_nav.dat

c:\windows\system32\saepsqegns_navps.dat

c:\windows\system32\wpcap.dll

 

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Legacy_NPF

-------\Service_NPF

 

 

(((((((((((((((( Arquivos/Ficheiros criados de 2008-11-08 to 2008-12-08 ))))))))))))))))))))))))))))

.

 

2008-12-06 21:24 . 2008-12-06 21:24 <DIR> d-------- c:\arquivos de programas\directx

2008-12-06 13:51 . 2008-12-06 13:51 305,705 --a------ C:\RSIT.exe

2008-12-06 13:50 . 2008-12-06 13:51 <DIR> d-------- C:\rsit

2008-12-06 13:50 . 2008-12-06 13:52 <DIR> d-------- c:\arquivos de programas\trend micro

2008-12-04 20:55 . 2008-12-06 14:07 <DIR> d-------- c:\arquivos de programas\World of Warcraft

2008-12-04 20:54 . 2008-12-04 20:54 <DIR> d-------- c:\arquivos de programas\WoWus

2008-12-01 15:59 . 2008-12-06 13:32 <DIR> d-------- c:\documents and settings\Administrador\Dados de aplicativos\WoWus

2008-11-27 10:41 . 2008-11-15 19:11 203,004 -ra------ C:\SmallRing.vp6

2008-11-27 10:40 . 2008-11-27 08:36 0 --a------ C:\setup.lok

2008-11-27 10:40 . 2008-11-27 08:36 0 --a------ C:\aswAr.run

2008-11-22 14:03 . 2004-12-13 14:01 7,205,974 --a------ c:\windows\Porsaver.scr

2008-11-21 21:53 . 2008-11-21 21:53 <DIR> d-------- c:\arquivos de programas\InCode Solutions

2008-11-21 14:13 . 2008-11-21 14:13 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\HP Product Assistant

2008-11-20 13:32 . 2007-05-23 15:20 <DIR> d--h----- c:\documents and settings\LogMeInRemoteUser\Modelos

2008-11-20 13:32 . 2007-05-23 12:13 <DIR> d-------- c:\documents and settings\LogMeInRemoteUser\Meus documentos

2008-11-20 13:32 . 2007-05-23 12:13 <DIR> dr------- c:\documents and settings\LogMeInRemoteUser\Menu Iniciar

2008-11-20 13:32 . 2007-05-23 12:13 <DIR> d-------- c:\documents and settings\LogMeInRemoteUser\Favoritos

2008-11-20 13:32 . 2007-05-23 12:13 <DIR> dr-h----- c:\documents and settings\LogMeInRemoteUser\Dados de aplicativos

2008-11-20 13:32 . 2008-12-08 18:40 <DIR> d--h----- c:\documents and settings\LogMeInRemoteUser\Configurações locais

2008-11-20 13:32 . 2007-05-23 12:13 <DIR> d--h----- c:\documents and settings\LogMeInRemoteUser\Ambiente de rede

2008-11-20 13:32 . 2007-05-23 12:13 <DIR> d--h----- c:\documents and settings\LogMeInRemoteUser\Ambiente de impressão

2008-11-20 13:32 . 2008-11-20 13:50 <DIR> d-------- c:\documents and settings\LogMeInRemoteUser

2008-11-20 12:40 . 2008-11-20 12:40 200,192 --a------ c:\windows\system32\msnmessagenc.exe

2008-11-20 12:39 . 2008-11-21 21:36 <DIR> d-------- c:\windows\system32\Prefetchxs

2008-11-16 23:13 . 2008-11-16 23:13 <DIR> d-------- c:\documents and settings\All Users\Dados de aplicativos\LogMeIn

2008-11-16 23:12 . 2008-12-08 15:16 <DIR> d-------- c:\arquivos de programas\LogMeIn

2008-11-16 23:12 . 2008-10-16 20:35 87,352 --a------ c:\windows\system32\LMIinit.dll

2008-11-16 23:12 . 2008-10-16 20:35 83,288 --a------ c:\windows\system32\LMIRfsClientNP.dll

2008-11-16 23:12 . 2008-07-24 18:46 47,640 --a------ c:\windows\system32\drivers\LMIRfsDriver.sys

2008-11-16 23:12 . 2008-10-16 20:35 28,984 --a------ c:\windows\system32\LMIport.dll

2008-11-16 23:12 . 2008-11-16 23:12 1,024 --a------ C:\.rnd

2008-11-16 22:11 . 2008-11-16 22:11 <DIR> d-------- c:\arquivos de programas\PC Inspector File Recovery

2008-11-16 22:11 . 2002-02-18 18:40 6,200 --a------ c:\windows\system32\INT13EXT.VXD

 

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-06 15:38 --------- d-----w c:\documents and settings\Administrador\Dados de aplicativos\uTorrent

2008-12-04 23:02 --------- d-----w c:\arquivos de programas\Arquivos comuns\Blizzard Entertainment

2008-12-01 18:35 --------- d-----w c:\arquivos de programas\D-Tools

2008-11-28 18:21 --------- d-----w c:\arquivos de programas\Google

2008-11-22 16:03 --------- d-----w c:\arquivos de programas\Portal Bonito Screensaver

2008-11-22 16:03 --------- d-----w c:\arquivos de programas\P2P_Energy

2008-11-17 00:11 --------- d--h--w c:\arquivos de programas\InstallShield Installation Information

2008-11-15 15:20 --------- d-----w c:\arquivos de programas\Circle Developement

2008-11-14 23:06 --------- d-----w c:\arquivos de programas\Warcraft III

2008-11-09 22:23 --------- d-----w c:\arquivos de programas\Arquivos comuns\Adobe

2008-11-08 22:22 --------- d-----w c:\arquivos de programas\Electronic Arts

2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys

2008-10-21 14:28 --------- d-----w c:\arquivos de programas\Microsoft Silverlight

2008-10-12 21:38 --------- d-----w c:\arquivos de programas\WoW-Brasil

2008-10-12 01:05 --------- d-----w c:\arquivos de programas\OnGame

2008-10-08 15:25 --------- d-----w c:\arquivos de programas\Maxis

2008-09-29 14:24 87,040 ----a-w C:\rs.DLL

2008-09-29 14:24 52,736 ----a-w C:\ISXRhabotGlobal.DLL

2008-09-29 14:24 17,408 ----a-w C:\ISXCombat.DLL

2008-02-15 20:54 2,293,848 ----a-w c:\arquivos de programas\FLV PlayerFCSetup.exe

2008-02-15 20:52 3,955,352 ----a-w c:\arquivos de programas\FLV PlayerRCATSetup.exe

2008-02-15 20:30 411,248 ----a-w c:\arquivos de programas\FLV PlayerRCSetup.exe

.

 

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\arquivos de programas\P2P_Energy\tbP2P0.dll" [2008-11-22 1784856]

 

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

2008-11-22 14:04 1784856 --a------ c:\arquivos de programas\P2P_Energy\tbP2P0.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{2bae58c2-79f9-45d1-a286-81f911301c3a}"= "c:\arquivos de programas\P2P_Energy\tbP2P0.dll" [2008-11-22 1784856]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{2BAE58C2-79F9-45D1-A286-81F911301C3A}"= "c:\arquivos de programas\P2P_Energy\tbP2P0.dll" [2008-11-22 1784856]

 

[HKEY_CLASSES_ROOT\clsid\{2bae58c2-79f9-45d1-a286-81f911301c3a}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightDialer"="c:\arquivos de programas\Turbo\Discador Turbo\DISCADOR.EXE" [2006-03-06 864256]

"MsnMsgr"="c:\arquivos de programas\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

"swg"="c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 68856]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

"DriverUpdaterPro"="c:\arquivos de programas\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe" [2008-06-26 2294308]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"HP Software Update"="c:\arquivos de programas\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"desp2k"="c:\arquivos de programas\Turbo\Manager\desp2k.exe" [2005-03-16 61440]

"SunJavaUpdateSched"="c:\arquivos de programas\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]

"avast!"="c:\arquiv~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]

"DAEMON Tools-1033"="c:\arquivos de programas\D-Tools\daemon.exe" [2004-08-22 81920]

"Adobe Reader Speed Launcher"="c:\arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"LogMeIn GUI"="c:\arquivos de programas\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]

"VTTimer"="VTTimer.exe" [2005-03-07 c:\windows\system32\VTTimer.exe]

"VTTrayp"="VTtrayp.exe" [2005-03-11 c:\windows\system32\VTTrayp.exe]

"SoundMan"="SOUNDMAN.EXE" [2005-08-17 c:\windows\SOUNDMAN.EXE]

"AGRSMMSG"="AGRSMMSG.exe" [2005-06-30 c:\windows\AGRSMMSG.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

 

c:\documents and settings\Administrador\Menu Iniciar\Programas\Inicializar\

Portal_Bonito_Screensaver_3.0.exe [2007-06-28 7823422]

 

c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\

HP Digital Imaging Monitor.lnk - c:\arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

Run Google Web Accelerator.lnk - c:\arquivos de programas\Google\Web Accelerator\GoogleWebAccWarden.exe [2007-07-09 1134592]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

2008-10-16 20:35 87352 c:\windows\system32\LMIinit.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"vidc.iv41"= ir41_32.dll

"msacm.iac2"= c:\progra~1\REPLAY~1\iac25_32.ax

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Documents and Settings\\Administrador\\Desktop\\emanuel doc\\utorrent.exe"=

"c:\\Arquivos de programas\\Java\\jre1.6.0_05\\bin\\javaw.exe"=

"c:\\Arquivos de programas\\Rio\\Rio Music Manager\\riomm.exe"=

"c:\\Arquivos de programas\\Java\\jre1.6.0_07\\bin\\javaw.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"9420:TCP"= 9420:TCP:Akamai Network Manager

"5000:UDP"= 5000:UDP:Akamai Network Manager

 

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-05-07 111184]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-05-07 20560]

R2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\arquivos de programas\LogMeIn\x86\RaInfo.sys [2008-07-24 12856]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\c:\windows\system32\drivers\LMIRfsDriver.sys [2008-11-16 47640]

S3 FXDRV;FXDRV;\??\E:\Fxdrv.sys []

S4 LMIRfsClientNP;LMIRfsClientNP; []

.

Conteúdo da pasta 'Tarefas Agendadas'

 

2008-12-08 c:\windows\Tasks\AF8D2787918AD8F7.job

- c:\docume~1\admini~1\dadosd~1\messbi~1\Error Army Shim.exe []

.

- - - - ORFÃOS REMOVIDOS - - - -

 

BHO-{5766fd7a-cf44-0900-6e21-53207acfed9b} - c:\windows\system32\{71c7b984-6f54-73fd-e4d6-a65600d78c65}.dll

WebBrowser-{584AAC83-CDBD-4016-9518-96B5016BB0D3} - (no file)

HKCU-Run-PedalToTheMetalSetup.exe - c:\docume~1\ADMINI~1\Desktop\PEDALT~1.EXE

HKCU-Run-program logo - c:\docume~1\ADMINI~1\DADOSD~1\MESSBI~1\Lite thunk.exe

HKCU-Run-iexplorerskut - c:\windows\system32\dllhostc.exe

HKCU-Run-cefplugie - c:\windows\system32\ashservec.exe

HKCU-RunOnce-Shockwave Updater - c:\windows\system32\Adobe\SHOCKW~1\SWHELP~3.EXE -Update -1100465 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; Embedded Web Browser from: http://bsalsa.com/; InfoPath.1; .NET

HKLM-Run-PlayNowGames - c:\arquivos de programas\PlayNow\PlayNowClient.exe

 

 

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.google.com.br/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = iexplore

IE: &Windows Live Search - c:\arquivos de programas\Windows Live Toolbar\msntb.dll/search.htm

IE: E&xportar para o Microsoft Excel - c:\arquiv~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

 

c:\windows\Downloaded Program Files\iaplayer.dll - O16 -: {DB7BF79A-FC51-4B5A-92BC-A65731174380}

hxxp://www.instantaction.com/download/iaplayer.cab

c:\windows\Downloaded Program Files\cab.inf

 

c:\windows\Downloaded Program Files\GoPetsWeb.ocx - O16 -: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8}

hxxps://secure.gopetslive.com/dev/GoPetsWeb.cab

c:\windows\Downloaded Program Files\GoPetsWeb.inf

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-08 18:43:53

Windows 5.1.2600 Service Pack 2 NTFS

 

Procurando processos ocultos ...

 

Procurando entradas auto inicializáveis ocultas ...

 

Procurando ficheiros/arquivos ocultos ...

 

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

 

**************************************************************************

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

 

- - - - - - - > 'winlogon.exe'(596)

c:\windows\system32\LMIinit.dll

c:\windows\system32\LMIRfsClientNP.dll

.

------------------------ Outros Processos em Execução ------------------------

.

c:\arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe

c:\arquivos de programas\Alwil Software\Avast4\ashServ.exe

c:\arquivos de programas\LogMeIn\x86\ramaint.exe

c:\windows\system32\WgaTray.exe

c:\arquivos de programas\LogMeIn\x86\LogMeIn.exe

c:\arquivos de programas\LogMeIn\x86\LMIGuardian.exe

c:\arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\RioMSC.exe

c:\windows\system32\wdfmgr.exe

c:\arquivos de programas\Alwil Software\Avast4\ashMaiSv.exe

c:\arquivos de programas\Alwil Software\Avast4\ashWebSv.exe

c:\arquivos de programas\LogMeIn\x86\LMIGuardian.exe

c:\arquivos de programas\Google\Web Accelerator\GoogleWebAccClient.exe

c:\arquivos de programas\HP\Digital Imaging\bin\hpqste08.exe

.

**************************************************************************

.

Tempo para conclusão: 2008-12-08 18:47:29 - Máquina reiniciou

ComboFix-quarantined-files.txt 2008-12-08 20:47:21

 

Pré-execução: 28 pasta(s) 27.273.920.512 bytes disponíveis

Pós execução: 28 pasta(s) 27,436,363,776 bytes disponíveis

 

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 

291 --- E O F --- 2008-11-20 16:01:20

[MGuitar 11]

Selecione e copie o texto aqui abaixo. Cole o texto copiado dentro do bloco de notas de seu computador e salve-o na área de trabalho com o nome CFScript.txt

 

Folder::

c:\windows\system32\Prefetchxs

File::

c:\windows\system32\msnmessagenc.exe

C:\.rnd

C:\rs.DLL

c:\windows\Tasks\AF8D2787918AD8F7.job

c:\docume~1\admini~1\dadosd~1\messbi~1\Error Army Shim.exe

 

Arraste o CFScript para o ComboFix como na imagem aqui abaixo e aguarde a execução automática da ferramenta:

 

 

● Se for solicitado à você, pressione Enter para iniciar o processo de remoção;

● Não use o mouse nem o teclado quando o ComboFix estiver rodando;

● Quando terminar, será gerado um novo log que estará em C:\ComboFix.txt;

● Seu computador será reiniciado automaticamente;

 

Na sua próxima resposta, cole o ComboFix.txt e um novo log do HijackThis.

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.