[Resolvido] &nbspIE 8.0 gera erro ao navegar

[Edvan 30]

IE 8.0 gera erro ao navegar, rodei o combofix e voltou a navegar normalmente, o IE travava muito e gerava um erro.

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:11:18, on 12/12/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\ARQUIV~1\ALWILS~1\Avast5\avastUI.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\Arquivos de programas\Mozilla Firefox\firefox.exe

C:\Arquivos de programas\Mozilla Firefox\plugin-container.exe

C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

C:\DOCUME~1\f002785\CONFIG~1\Temp\is-U3ILV.tmp\mbam-setup.tmp

C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe

C:\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\Alwil Software\Avast5\aswWebRepIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: www.bb.com.br

O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: io INFORMATION (BootLite) - Unknown owner - C:\Arquivos de Programas\G4G6SQOF\I8S4A4.exe

O23 - Service: Gbp Service (GbpSv) - Unknown owner - C:\ARQUIV~1\GbPlugin\GbpSv.exe (file missing)

O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

 

--

End of file - 5881 bytes

 

----------------xx-------------

 

 

ComboFix 12-12-10.01 - f002785 12/12/2012 15:53:25.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.55.1046.18.1014.681 [GMT -3:00]

Executando de: c:\documents and settings\f002785\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

ADS - system32: deleted 2 bytes in 1 streams.

ADS - drivers: deleted 71 bytes in 2 streams.

.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system\chron32.dll

c:\windows\system32\IeXHbBH.dll

c:\windows\system32\SET13E.tmp

c:\windows\system32\SET13F.tmp

c:\windows\system32\SET140.tmp

.

.

(((((((((((((((( Arquivos/Ficheiros criados de 2012-11-12 to 2012-12-12 ))))))))))))))))))))))))))))

.

.

.

.

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-30 22:51 . 2012-03-14 18:55 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-10-30 22:51 . 2012-02-10 19:46 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-10-30 22:51 . 2012-02-10 19:46 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2012-10-30 22:51 . 2012-02-10 19:46 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-10-30 22:51 . 2012-02-10 19:46 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2012-10-30 22:51 . 2012-02-10 19:46 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys

2012-10-30 22:51 . 2012-02-10 19:46 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-10-30 22:51 . 2012-02-10 19:46 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2012-10-30 22:51 . 2012-03-14 18:55 41224 ----a-w- c:\windows\avastSS.scr

2012-10-30 22:50 . 2012-02-10 19:46 227648 ----a-w- c:\windows\system32\aswBoot.exe

2012-02-08 20:53 . 2012-02-13 11:26 134104 ----a-w- c:\arquivos de programas\mozilla firefox\components\browsercomps.dll

.

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por padrão não são apresentadas.

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-10-30 22:50 121528 ----a-w- c:\arquivos de programas\Alwil Software\Avast5\ashShell.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2008-07-31 16806912]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2007-05-11 05:06 40048 ----a-w- c:\arquivos de programas\Adobe\Reader 8.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-13 21:21 1695232 ------w- c:\arquivos de programas\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Octoshape Streaming Services]

2011-03-24 15:11 107800 ----a-w- c:\documents and settings\f002785\Dados de aplicativos\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2012-09-06 14:03 39408 ----a-w- c:\arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Documents and Settings\\f002785\\Dados de aplicativos\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"=

.

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [01/03/2012 13:54 45896]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14/03/2012 15:55 738504]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10/02/2012 16:46 361032]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/02/2012 16:46 21256]

R3 NdisrdMP;NdisrdMP;c:\windows\system32\drivers\GbpNdisrd.sys [01/03/2012 13:55 42192]

S2 BootLite;io INFORMATION;c:\arquivos de programas\G4G6SQOF\I8S4A4.exe [27/02/2012 08:39 425984]

S2 GbpSv;Gbp Service;c:\arquiv~1\GbPlugin\GbpSv.exe --> c:\arquiv~1\GbPlugin\GbpSv.exe [?]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [06/09/2012 11:35 40776]

S3 Ndisrd;GAS Tecnologia Service;c:\windows\system32\drivers\GbpNdisrd.sys [01/03/2012 13:55 42192]

.

Conteúdo da pasta 'Tarefas Agendadas'

.

2012-12-12 c:\windows\Tasks\avast! Emergency Update.job

- c:\arquivos de programas\Alwil Software\Avast5\AvastEmUpdate.exe [2012-09-06 22:50]

.

2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2012-03-14 18:58]

.

2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\arquivos de programas\Google\Update\GoogleUpdate.exe [2012-03-14 18:58]

.

.

------- Scan Suplementar -------

.

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

TCP: DhcpNameServer = 10.4.65.16

FF - ProfilePath - c:\documents and settings\f002785\Dados de aplicativos\Mozilla\Firefox\Profiles\w67nm3fm.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.br/

.

- - - - ORFÃOS REMOVIDOS - - - -

.

Toolbar-Locked - (no file)

Notify- GbPluginBb - c:\arquivos de programas\GbPlugin\gbieh.dll

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-12-12 16:03

Windows 5.1.2600 Service Pack 3 NTFS

.

Procurando processos ocultos ...

.

Procurando entradas auto inicializáveis ocultas ...

.

Procurando ficheiros/arquivos ocultos ...

.

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

.

**************************************************************************

.

Tempo para conclusão: 2012-12-12 16:04:14

ComboFix-quarantined-files.txt 2012-12-12 19:04

.

Pré-execução: 5 pasta(s) 302.792.712.192 bytes disponíveis

Pós execução: 7 pasta(s) 303.486.017.536 bytes disponíveis

.

WindowsXP-KB310994-SP2-Pro-BootDisk-PTG.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - E936062C132D3584224CB4C91E832446

[Edvan 30]

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

 

Versão da Base de Dados: v2012.12.12.11

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 6.0.2900.5512

f002785 :: FUN0079 [administrador]

 

12/12/2012 16:14:43

mbam-log-2012-12-12 (16-14-43).txt

 

Tipo de Verificação: Verificação Completa (C:\|)

Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM

Opções de verificação desativadas: P2P

Objetos escaneados: 324689

Tempo decorrido: 16 minuto(s), 13 segundo(s)

 

Processos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

 

Módulos de Memória Detectados: 0

(Não foram detectados ítens maliciosos)

 

Chaves de Registro Detectadas: 1

HKLM\SYSTEM\CurrentControlSet\Services\BootLite (Trojan.FakeAdobe) -> Enviado para a Quarentena e deletado com sucesso.

 

Valores de Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Itens de Dados no Registro Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Pastas Detectadas: 0

(Não foram detectados ítens maliciosos)

 

Arquivos Detectados: 2

C:\Arquivos de programas\G4G6SQOF\I8S4A4.exe (Trojan.FakeAdobe) -> Enviado para a Quarentena e deletado com sucesso.

C:\Qoobox\Quarantine\C\WINDOWS\system32\IeXHbBH.dll.vir (Trojan.Agent) -> Enviado para a Quarentena e deletado com sucesso.

 

(fim)

[DigRam 144]

Boa Noite! Edvan

 

|- Baixe: < > ( ... par tigzy )

 

|- Salve-o no desktop!

|- Feche aplicativos que estejam abertos!

|- Execute RogueKiller.exe e aceite a Eula.

 

 

|- Ps: Para Windows Vista ou 7,execute RogueKiller.exe como administrador.

|- Aguarde a finalização de seu Pre-scan.

 

 

|- Dê início ao diagnóstico,clicando no botão "Verificar".

|- Exemplo: Mode: Verificar -- Date: mm/dd/2012 00:52:24

|- Poste o relatório: RKreport[1].txt

 

A+

[Edvan 30]

 

encontrou 2 registros clico em deletar??

 

RogueKiller V8.4.0 [Dec 12 2012] Por Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Site : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

 

Sistema Operacional : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Iniciado em : Modo Normal

Usuario : f002785 [Privilegios de Admnistrador]

Modo : Verificar -- Data : 12/13/2012 08:09:54

 

¤¤¤ Entradas ruins : 0 ¤¤¤

 

¤¤¤ Entradas do Registro : 2 ¤¤¤

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> ENCONTRADO

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ENCONTRADO

 

¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

 

¤¤¤ Driver : [Carregado] ¤¤¤

 

¤¤¤ Arquivo de Hosts: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

 

127.0.0.1 localhost

 

 

¤¤¤ Verificaçao do MBR: ¤¤¤

 

+++++ PhysicalDrive0: SAMSUNG HD322HJ +++++

--- User ---

[MBR] a9e6402071900d9aaaee94ecac7540ad

[bSP] a2d00f0bac9c0084ffe5b87c99fb8ac6 : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305234 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Concluido : << RKreport[1]_S_12132012_02d0809.txt >>

RKreport[1]_S_12132012_02d0809.txt

[DigRam 144]

Olá! Edvan

 

encontrou 2 registros clico em deletar??

¤¤¤ Entradas do Registro : 2 ¤¤¤

[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> ENCONTRADO

 

|- Delete ou corrija,somente,esta entrada.

|- Desmarque a outra!

 

A+

[Edvan 30]

Sem querer deletei as duas, algum problema??

[DigRam 144]

Sem querer deletei as duas, algum problema??

Olá! Edvan

 

|- Não!

 

-/-

 

|- Se estiver tudo Ok,pode remover as ferramentas que utilizou.

 

A+

[Edvan 30]

OK, para remover posso usar o DelFix| ( ... de Xplode )?

[DigRam 144]

OK, para remover posso usar o DelFix| ( ... de Xplode )?

Olá! Edvan

 

|- Já deveria ter utilizado! rsr...

 

Abs!

[Edvan 30]

Já deveria ter utilizado! rsr...

 

Ja ja nao vou nem mais precisar de você..rsrsrrs..

 

Mais algum procedimento?

 

# DelFix v6.2 - Logfile created 12/13/2012 at 10:38:07

# Updated 11/11/2012 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : f002785 - FUN0079

# Running from : C:\Documents and Settings\f002785\Desktop\delfix.exe

# Option [Delete]

 

 

~~~~~~ Folder(s) ~~~~~~

 

Deleted : C:\Qoobox

 

~~~~~~ File(s) ~~~~~~

 

Deleted : C:\ComboFix.txt

Deleted : C:\HiJackThis.exe

Deleted : C:\hijackthis.log

Deleted : C:\WINDOWS\grep.exe

Deleted : C:\WINDOWS\PEV.exe

Deleted : C:\WINDOWS\NIRCMD.exe

Deleted : C:\WINDOWS\MBR.exe

Deleted : C:\WINDOWS\SED.exe

Deleted : C:\WINDOWS\SWREG.exe

Deleted : C:\WINDOWS\SWSC.exe

Deleted : C:\WINDOWS\SWXCACLS.exe

Deleted : C:\WINDOWS\Zip.exe

 

~~~~~~ Registry ~~~~~~

 

Key Deleted : HKLM\SOFTWARE\Swearware

Key Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

 

~~~~~~ Other ~~~~~~

 

-> Prefetch Emptied

 

*************************

 

DelFix[s1].txt - [1000 octets] - [13/12/2012 10:38:07]

 

########## EOF - C:\DelFix[s1].txt - [1124 octets] ##########

[DigRam 144]

Olá! Edvan

 

Ja ja nao vou nem mais precisar de você..rsrsrrs..

|- É....Estou vendo surgir,aos meus olhos,um Analista de Segurança.

|- Se está tudo Ok,mais nenhum procedimento será necessário.

 

A+

[Edvan 30]

|-

É....Estou vendo surgir,aos meus olhos,um Analista de Segurança.

 

Quem sabe amigo!.

 

Pode fechar o tópico.

[DigRam 144]

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.