Msn travando e uma página estranha no IE

[Hiago Drigo]

Olá, para começar vou falar do Msn, pesquisei muito, muuuuito mesmo...

Na maioria vi alguns falar algo sobre vírus, outras vezes que é a versão mesmo que está com problema. Alguns dizem que trava quando está tentando passar uma foto, corelacionando isso tudo, percebi que na maioria das vezes que trava estou mesmo passando uma imagem.

"A mais como são essas travadas?"

Então, do nada trava e as vezes volta logo após de 30, 60 segundos e por aí vai... Porém, ultimamente parece que esta travada momentânea não está mais sendo tão 'rápida', parece que cada vez está prolongando mais e mais, só fechando pelo Gerenciador para destravalo.

Um outro problema(?) é que quando abro uma nova aba no Internet Explorer aparece isso. Site-IP

Acho que começou quando instalei um programinha chamado sXe (Para Counter-Strike), por não usar muito o navegador não dei muita relevância, mas acho que pode talvez ter alguma interferência com o msn...

Características do computador: (não sei se vai ajudar mais ta aí)

-AMD Sempron 3000+ 1.6 GHz

-1 Gb RAM

-500 Gb HD

-MS 7 Ultimate 32 bits

Log Combofix (não sei se vai ajudar mais ta aí)²

ComboFix 10-09-17.04 - Hiago 19/09/2010 17:20:50.3.1 - x86

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.1023.394 [GMT -3:00]

Executando de: e:\ex-hd\Instaladores\ComboFix.exe

.

(((((((((((((((( Arquivos/Ficheiros criados de 2010-08-19 to 2010-09-19 ))))))))))))))))))))))))))))

.

2010-09-19 20:30 . 2010-09-19 20:30 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-09-19 20:30 . 2010-09-19 20:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-09-16 09:26 . 2008-07-31 13:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll

2010-09-16 09:26 . 2008-07-31 13:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll

2010-09-16 09:26 . 2008-07-12 11:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll

2010-09-16 09:26 . 2008-07-12 11:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll

2010-09-16 09:25 . 2008-07-12 11:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll

2010-09-16 09:22 . 2010-09-16 16:34 -------- d-----w- C:\Riot Games

2010-09-16 04:28 . 2010-09-19 20:29 -------- d-----w- c:\users\Hiago\AppData\Local\PMB Files

2010-09-16 04:28 . 2010-09-16 04:29 -------- d-----w- c:\programdata\PMB Files

2010-09-16 04:27 . 2010-09-16 04:27 -------- d-----w- c:\program files\Pando Networks

2010-09-15 12:51 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe

2010-09-13 02:22 . 2010-09-13 02:38 -------- d-----w- c:\users\Hiago\AppData\Roaming\TS3Client

2010-09-13 02:19 . 2010-09-13 02:19 -------- d-----w- c:\program files\TeamSpeak 3 Client

2010-09-09 04:35 . 2010-09-09 04:35 -------- d-----w- c:\program files\SopCast

2010-09-08 04:11 . 2010-09-08 04:11 -------- d-----w- c:\program files\Orban

2010-09-08 04:10 . 2010-09-08 04:11 -------- d-----w- c:\program files\Megacubo

2010-09-02 04:55 . 2010-09-02 04:55 1574284 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{93DA13C0-C8BF-4288-AD02-F4619E880203}-autorun.inf.exe

2010-09-02 04:45 . 2010-09-02 04:45 1574284 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{583D0BD1-2B91-48CC-8F36-A2F5F43F1FBD}-Faculdade.exe

2010-09-01 16:37 . 2010-09-01 16:37 -------- d-----w- c:\users\Hiago\Faculdade

2010-09-01 16:29 . 2010-09-11 20:45 -------- d-----w- c:\users\Hiago\lala

2010-09-01 16:28 . 2010-09-11 20:46 -------- d-----w- c:\users\Hiago\dota

2010-09-01 04:01 . 2010-09-02 02:50 -------- d-----w- c:\program files\RocketDock

2010-09-01 03:54 . 2010-09-01 03:54 1574284 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{D95EF859-50BB-4D3D-B7A7-377B6ACB79E9}-Faculdade.exe

2010-09-01 03:54 . 2010-09-01 03:54 1574284 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{07B04EF7-4566-41BE-964B-B6F8B0A0F177}-lala.exe

2010-08-30 19:15 . 2010-09-19 20:30 -------- d-----w- c:\users\Hiago\AppData\Local\temp

2010-08-30 18:51 . 2010-08-30 18:51 -------- d-----w- c:\program files\CCleaner

2010-08-25 18:20 . 2010-08-25 18:20 -------- d-----w- c:\users\Hiago\AppData\Roaming\DivX

2010-08-25 18:19 . 2010-08-25 18:20 -------- d-----w- c:\program files\XP Codec Pack

2010-08-25 18:04 . 2010-08-25 18:04 -------- d-----w- c:\users\Hiago\AppData\Roaming\Win7codecs

2010-08-25 18:03 . 2010-08-25 18:03 -------- d-----w- c:\program files\Win7codecs

2010-08-25 18:00 . 2010-08-25 18:17 -------- d-----w- c:\programdata\Win7codecs

2010-08-25 17:59 . 2010-08-25 17:59 -------- d-----w- c:\windows\system32\custom matrices

2010-08-25 17:58 . 2010-08-25 18:00 -------- d-----w- c:\windows\system32\C2MP

2010-08-25 17:58 . 2010-08-25 17:58 -------- d-----w- c:\windows\system32\QuickTime

2010-08-25 14:11 . 2010-04-07 07:10 571904 ----a-w- c:\windows\system32\oleaut32.dll

2010-08-21 05:02 . 2010-09-09 04:16 -------- d-----w- c:\program files\Common Files\Steam

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-09-16 20:34 . 2010-07-22 05:25 -------- d-----w- c:\users\Hiago\AppData\Roaming\teamspeak2

2010-09-16 04:49 . 2010-06-27 00:08 -------- d-----w- c:\program files\JDownloader

2010-09-16 00:06 . 2010-05-15 02:32 -------- d-----w- c:\programdata\Microsoft Help

2010-09-13 00:20 . 2010-07-20 05:03 13 ----a-w- C:\pipe11.dat

2010-09-11 23:08 . 2010-05-20 17:11 -------- d-----w- c:\users\Hiago\AppData\Roaming\Tibia

2010-09-08 12:45 . 2010-05-22 16:21 -------- d-----w- c:\program files\Microsoft Silverlight

2010-08-20 18:23 . 2010-07-18 13:29 -------- d-----w- c:\program files\Google

2010-08-20 03:10 . 2010-08-20 02:47 -------- d-----w- c:\users\Hiago\AppData\Roaming\Dev-Cpp

2010-08-19 01:44 . 2009-07-14 08:31 654272 ----a-w- c:\windows\system32\prfh0416.dat

2010-08-19 01:44 . 2009-07-14 08:31 124724 ----a-w- c:\windows\system32\prfc0416.dat

2010-08-17 20:41 . 2010-05-15 01:44 110000 ----a-w- c:\users\Hiago\AppData\Local\GDIPFONTCACHEV1.DAT

2010-08-16 05:10 . 2010-08-16 05:10 -------- d-----w- c:\program files\Duplicate Cleaner

2010-08-13 14:21 . 2010-08-13 14:20 -------- d-----w- c:\program files\QuickTime

2010-08-13 14:20 . 2010-08-13 14:20 -------- d-----w- c:\programdata\Apple Computer

2010-08-13 14:18 . 2010-08-13 14:18 -------- d-----w- c:\program files\Common Files\Apple

2010-08-13 14:16 . 2010-08-13 14:16 -------- d-----w- c:\program files\Apple Software Update

2010-08-13 14:16 . 2010-08-13 14:16 -------- d-----w- c:\programdata\Apple

2010-08-10 19:14 . 2010-05-15 02:16 -------- d-----w- c:\program files\Common Files\Adobe

2010-08-09 12:46 . 2010-08-05 04:05 -------- d-----w- c:\programdata\PCPitstop

2010-08-08 22:38 . 2010-05-15 02:45 -------- d-----w- c:\program files\Messenger Plus! Live

2010-08-08 03:21 . 2010-08-08 03:21 -------- d-----w- c:\program files\Common Files\Java

2010-08-08 03:20 . 2010-05-15 12:07 -------- d-----w- c:\program files\Java

2010-08-04 06:14 . 2010-08-04 06:14 -------- d-----w- c:\users\Hiago\AppData\Roaming\fltk.org

2010-08-04 06:11 . 2010-08-04 06:08 -------- d-----w- c:\users\Hiago\AppData\Roaming\flightgear.org

2010-08-03 16:40 . 2010-08-03 16:40 217127 ----a-w- c:\windows\drv43260.dll

2010-08-03 16:40 . 2010-08-03 16:40 208935 ----a-w- c:\windows\drv33260.dll

2010-07-29 06:30 . 2010-08-10 18:48 197632 ----a-w- c:\windows\system32\ir32_32.dll

2010-07-29 06:30 . 2010-08-10 18:48 82944 ----a-w- c:\windows\system32\iccvid.dll

2010-07-26 13:13 . 2010-07-26 13:13 108032 ----a-w- c:\windows\system32\ff_vfw.dll

2010-07-22 05:25 . 2010-07-22 05:23 -------- d-----w- c:\program files\Teamspeak2_RC2

2010-07-17 08:00 . 2010-05-15 12:07 423656 ----a-w- c:\windows\system32\deployJava1.dll

2010-07-16 03:38 . 2010-07-16 03:38 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll

2010-07-16 03:38 . 2010-07-16 03:38 578880 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2010-06-30 06:25 . 2010-08-10 19:14 978432 ----a-w- c:\windows\system32\wininet.dll

2010-06-28 07:00 . 2010-06-28 07:00 1003520 ----a-w- c:\windows\system32\VSFilter.dll

2010-06-23 15:35 . 2010-06-23 15:35 790528 ----a-w- c:\windows\system32\xvidcore.dll

2010-06-23 15:35 . 2010-06-23 15:35 134144 ----a-w- c:\windows\system32\xvidvfw.dll

2010-06-22 02:47 . 2010-08-10 18:48 310784 ----a-w- c:\windows\system32\drivers\srv.sys

2010-06-22 02:47 . 2010-08-10 18:48 307200 ----a-w- c:\windows\system32\drivers\srv2.sys

2010-06-22 02:47 . 2010-08-10 18:48 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys

2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat

2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

.

((((((((((((((((((((((((((((( SnapShot_2010-08-30_19.12.21 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-09-13 02:21 . 2010-09-13 02:21 62976 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90RUS.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 46080 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90KOR.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 46592 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90JPN.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 64512 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ITA.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 66048 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90FRA.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 65024 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESP.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 65024 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ESN.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 56832 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90ENU.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 66560 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90DEU.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 39936 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHT.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 38912 c:\windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1\MFC90CHS.DLL

+ 2010-09-13 02:21 . 2010-09-13 02:21 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90u.dll

+ 2010-09-13 02:21 . 2010-09-13 02:21 59904 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfcm90.dll

+ 2010-05-15 02:08 . 2010-09-19 19:20 33728 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 04:55 . 2010-09-19 19:21 45218 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin

- 2010-05-14 12:57 . 2010-08-30 16:29 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-05-14 12:57 . 2010-09-19 19:18 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2010-05-14 12:57 . 2010-09-19 19:18 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-05-14 12:57 . 2010-08-30 16:29 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:41 . 2010-09-19 19:18 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:41 . 2010-08-30 16:29 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-05-14 13:14 . 2010-09-19 19:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-05-14 13:14 . 2010-08-30 16:30 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:34 . 2010-09-16 04:33 72248 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

+ 2010-05-14 13:14 . 2010-09-19 19:19 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-05-14 13:14 . 2010-08-30 16:30 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-05-14 13:14 . 2010-08-30 16:30 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-05-14 13:14 . 2010-09-19 19:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-05-14 14:14 . 2010-09-19 19:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-05-14 14:14 . 2010-08-30 16:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2010-05-14 21:08 . 2010-08-30 16:33 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat

+ 2010-05-14 21:08 . 2010-09-19 19:22 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat

- 2010-05-14 21:08 . 2010-08-30 16:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat

+ 2010-05-14 21:08 . 2010-09-19 19:22 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat

+ 2010-05-14 21:08 . 2010-09-19 19:22 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat

- 2010-05-14 21:08 . 2010-08-30 16:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat

+ 2010-05-14 14:14 . 2010-09-19 19:22 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2010-05-14 14:14 . 2010-08-30 16:33 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2010-05-14 14:14 . 2010-09-19 19:19 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2010-05-14 14:14 . 2010-08-30 16:30 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2010-05-15 02:36 . 2010-09-16 00:06 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe

+ 2010-05-15 02:36 . 2010-09-16 00:06 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe

+ 2010-05-15 02:36 . 2010-09-16 00:06 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe

+ 2010-06-05 06:01 . 2010-09-08 05:44 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

- 2010-06-05 06:01 . 2010-06-05 06:01 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll

+ 2010-05-15 04:08 . 2010-09-19 04:09 4144 c:\windows\System32\wdi\ERCQueuedResolutions.dat

+ 2010-05-15 01:41 . 2010-09-19 19:21 8914 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2486252356-3404230368-1959589781-1001_UserData.bin

- 2010-08-30 16:29 . 2010-08-30 16:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2010-09-19 19:18 . 2010-09-19 19:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2010-09-19 19:18 . 2010-09-19 19:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2010-08-30 16:29 . 2010-08-30 16:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2010-09-13 02:20 . 2010-09-13 02:20 655872 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcr90.dll

+ 2010-09-13 02:20 . 2010-09-13 02:20 572928 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcp90.dll

+ 2010-09-13 02:20 . 2010-09-13 02:20 225280 c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada\msvcm90.dll

+ 2010-09-13 02:20 . 2010-09-13 02:20 161784 c:\windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e\ATL90.dll

+ 2010-09-15 12:51 . 2010-08-20 04:25 316928 c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_d6ab9bc23bf9f1c6\spoolsv.exe

+ 2010-09-15 12:51 . 2010-08-21 05:32 316928 c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_d6339da722cfb4be\spoolsv.exe

+ 2009-07-13 23:27 . 2009-07-14 01:16 189440 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.20791_none_62af191d7e030c05\sqmapi.dll

+ 2009-07-13 23:27 . 2009-07-14 01:16 189440 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16666_none_624aed8864c8971b\sqmapi.dll

+ 2009-07-14 04:47 . 2010-09-14 08:24 399024 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

- 2009-07-14 04:47 . 2010-08-23 06:51 399024 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2010-08-21 07:30 . 2010-09-14 08:24 923128 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2486252356-3404230368-1959589781-1001-8192.dat

+ 2008-08-08 17:11 . 2008-08-08 17:11 232960 c:\windows\Installer\2a7746a.msi

+ 2010-08-05 20:43 . 2010-08-05 20:43 126976 c:\windows\Installer\27329d4.msp

+ 2010-05-15 02:36 . 2010-09-16 00:06 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe

+ 2010-05-15 02:36 . 2010-09-16 00:06 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe

+ 2010-05-15 02:36 . 2010-09-16 00:06 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe

+ 2010-05-15 02:36 . 2010-09-16 00:06 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe

+ 2010-05-15 02:36 . 2010-09-16 00:06 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe

+ 2010-05-15 02:36 . 2010-09-16 00:06 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe

+ 2007-02-28 17:21 . 2007-02-28 17:21 131472 c:\windows\Downloaded Program Files\msgrchkr.dll

+ 2007-02-23 02:41 . 2007-02-23 02:41 304544 c:\windows\Downloaded Program Files\MessengerStatsPAClient.dll

+ 2010-09-13 02:21 . 2010-09-13 02:21 3783672 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfc90u.dll

+ 2010-09-13 02:21 . 2010-09-13 02:21 3768312 c:\windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf\mfc90.dll

+ 2010-09-16 00:04 . 2010-08-31 04:25 2058752 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.20791_none_62af191d7e030c05\iertutil.dll

+ 2010-09-16 00:04 . 2010-08-31 04:32 2058752 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.7600.16666_none_624aed8864c8971b\iertutil.dll

+ 2009-07-14 02:03 . 2010-09-19 19:34 7077888 c:\windows\System32\SMI\Store\Machine\schema.dat

- 2009-07-14 02:03 . 2010-08-30 16:55 7077888 c:\windows\System32\SMI\Store\Machine\schema.dat

+ 2010-09-16 00:04 . 2010-08-31 04:32 2058752 c:\windows\System32\iertutil.dll

- 2009-07-14 04:34 . 2010-08-25 14:25 3611005 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2009-07-14 04:34 . 2010-09-16 00:17 3611005 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat

+ 2010-08-05 20:41 . 2010-08-05 20:41 1502208 c:\windows\Installer\27329c9.msp

+ 2010-08-05 21:08 . 2010-08-05 21:08 3463680 c:\windows\Installer\27329ae.msp

+ 2010-08-13 17:04 . 2010-08-13 17:04 8111104 c:\windows\Installer\2732994.msp

+ 2010-06-30 16:22 . 2010-06-30 16:22 2003456 c:\windows\Installer\113056a.msi

+ 2010-05-15 02:36 . 2010-09-16 00:06 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe

+ 2010-05-15 02:36 . 2010-09-16 00:06 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

+ 2010-05-15 02:36 . 2010-09-16 00:06 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe

- 2010-05-15 02:36 . 2010-08-10 20:03 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe

+ 2010-05-15 02:36 . 2010-09-16 00:06 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe

+ 2010-03-30 11:29 . 2010-03-30 11:29 9182056 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONMAIN.DLL

+ 2009-07-14 08:28 . 2010-09-16 00:04 32590044 c:\windows\winsxs\ManifestCache\e4e8be02b8fae2a7_blobs.bin

+ 2010-09-08 05:42 . 2010-09-08 05:42 20303872 c:\windows\Installer\8b8095d.msp

.

-- Snapshot resetado para data atual --

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]

"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2010-09-16 2969496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-20 202256]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-11 61440]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-06-17 40368]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

[HKLM\~\startupfolder\C:^Users^Hiago^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]

path=c:\users\Hiago\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

backup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup

backupExtension=.Startup

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-18 136176]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]

S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]

S2 iprip;RIP de Escuta;c:\windows\System32\svchost.exe [2009-07-14 20992]

S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-26 42368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

ipripsvc REG_MULTI_SZ iprip

.

Conteúdo da pasta 'Tarefas Agendadas'

2010-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-18 13:29]

2010-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-18 13:29]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.google.com.br/

mStart Page = hxxp://search.localstrike.com.ar/

IE: &Enviar para o OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

TCP: {0D66B3D3-FE59-491E-AB3D-35548C13ECA5} = 192.168.254.254,192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

FF - ProfilePath - c:\users\Hiago\AppData\Roaming\Mozilla\Firefox\Profiles\govzufjb.default\

FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll

FF - plugin: c:\progra~1\MICROS~2\Office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\MICROS~2\Office14\NPSPWRAP.DLL

FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".com.br");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

- - - - ORFÃOS REMOVIDOS - - - -

AddRemove-ElfBot NG_is1 - c:\users\Hiago\Desktop\ELF\ElfBot NG\unins000.exe

AddRemove-TMIPC - c:\users\Hiago\Desktop\IPChanger\UNinstaller.exe

AddRemove-{248C8A6E-D97F-43EB-B86E-AB0F267C93CF}_is1 - c:\users\Hiago\Desktop\ELF\BynaCam\unins000.exe

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_USERS\S-1-5-21-2486252356-3404230368-1959589781-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* g*Ð*]

@Class="Shell"

[HKEY_USERS\S-1-5-21-2486252356-3404230368-1959589781-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.* g*Ð*\OpenWithList]

@Class="Shell"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Tempo para conclusão: 2010-09-19 17:34:02

ComboFix-quarantined-files.txt 2010-09-19 20:34

ComboFix2.txt 2010-08-30 19:15

ComboFix3.txt 2010-05-28 02:21

Pré-execução: 123.149.037.568 bytes disponíveis

Pós execução: 122.902.872.064 bytes disponíveis

- - End Of File - - BEC08ECDD40103A96B5ECEC3248A3066

E por fim, espero que este tópico esteja no lugar certo, e que vocês poderão me ajudar caso seja isso mesmo um problema.

Desde já, muito obrigado por qualquer ajuda!

[marcmira]

o mais pratico voce ja fez , que seria remover esse programa pra cs e testar pra ver se resolveu?

[Hiago Drigo]

Quando vi que após instalar tal programa essa página apareceu, desinstalei com pensamento que isso iria acabar, porém ainda restou vestígios econtinua.

[André Simões]

Bom, o problema do IE é fácil de resolver...

(No Internet Explorer) Va ate a aba Ferramentas(se voce não axar tecle Alt), em seguida, Opções da Internet.

Nessa caixa, ja ira aparecer o endereço de internet da Home Page. Ai é so Digitar o site qu voce quer como sua Home Page (ex: http://www.google.com/). Veja se resolveu!

Quanto ao msn, ja qu voce ja passou o combofix e não resolveu, tente desinstalar e instala-lo novamnte.

Abraços

[Ash Cation]

Nossa Windows 7 Ultimate com 1GB de Ram , só o Ultimate sem nada aberto já da 900MB de consumo.

Recomendo instalar o XP SP3 32Bits , é a melhor opção para você.

Só de abrir MSN e 1 pagina do IE , já da mais de 1GB.

Pelo menos aqui é assim , pode ser virus claro , mas acho que um XP ai , ficaria bem melhor.

[Hiago Drigo]

Bom, quando a mudar página inicial eu sei perfeitamente.

Este não é o problema.

Só aparece aquela página quando abro uma NOVA ABA, ou seja, não carrega outra página, é alguma coisa aqui do arquivo sei lá, e caso eu clique em algo ali provavelmente irá vir vírus ou sei lá o que.

________

Quanto 1gb pro 7, realmente é pouco, só que não tenho problemas ou nada a reclamar, e olha que uso programas bem pesados e, ainda as vezes abro simultaniamente eles

Eu já estava pensando em mudar a memória mais logo pensei em mudar tudo e como isso não é tão urgente assim vou esperar mais um pouco para comprar algo de qualidade, tudo de uma vez.

[NEF]

Baixe, instale e execute os programas abaixo:

CCLEANER: http://www.superdownloads.com.br/download/53/ccleaner/

Malware Bytes: http://www.superdownloads.com.br/download/119/malwarebytes-anti-malware/

[Hiago Drigo]

CCleaner já uso constantemente.

Esse outro já usei tempos atrás. Atualmente estou com dois antivírus, Avira e o Microsfot Security Essentials, para complementar tenho o combofix, karpersky(só para remover esses malwares), tenho um Drweb(acho que é isso), sempre que dá problemas assim, recorro à eles, porém nem sempre resolve (raro).

[Hiago Drigo]

Log do Malware

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Versão da Base de Dados: 4678

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

24/09/2010 05:55:43

mbam-log-2010-09-24 (05-55-43).txt

Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|F:\|H:\|)

Objetos escaneados: 272221

Tempo decorrido: 1 hora(s), 59 minuto(s), 11 segundo(s)

Processos de Memória Infectados: 0

Módulos de Memória Infectados: 0

Chaves de Registro Infectadas: 0

Valores de Registro Infectados: 0

Itens de Dados no Registro Infectados: 0

Pastas Infectadas: 0

Arquivos Infectados: 6

Processos de Memória Infectados:

(Não foram detectados ítens maliciosos)

Módulos de Memória Infectados:

(Não foram detectados ítens maliciosos)

Chaves de Registro Infectadas:

(Não foram detectados ítens maliciosos)

Valores de Registro Infectados:

(Não foram detectados ítens maliciosos)

Itens de Dados no Registro Infectados:

(Não foram detectados ítens maliciosos)

Pastas Infectadas:

(Não foram detectados ítens maliciosos)

Arquivos Infectados:

E:\Ex-HD\Jogos\Warcraft III\xpam.exe (Trojan.MultiDropper) -> Quarantined and deleted successfully.

E:\Ex-HD\Jogos\GHostOne\WardenBNLS\.svn\text-base\WardenUpdater.exe.svn-base (Spyware.Passwords) -> Quarantined and deleted successfully.

E:\Ex-HD\Jogos\GHostOne\WardenBNLS\.svn\text-base\BNLS.exe.svn-base (Spyware.Passwords) -> Quarantined and deleted successfully.

H:\Nova pasta\Hiago\ELF\ElfBot NG\loader.exe (PWS.Tibia) -> Quarantined and deleted successfully.

C:\Program Files\Adobe\Adobe Photoshop CS3\Msvcrt.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

C:\Program Files\Adobe\Adobe Photoshop CS3\Shfolder.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.

Bom ele achou alguns aí, esses do Photoshop nãoenho conhecimento pode até nem ser nada, falto positivo.

GhostOne e o do Elftbot/loader, eu já sabia que ia dar algo do tipo, pois esses progrmas para jogos são como 'BOTS'(Meio que programinha não legalizado para alguns jogos).

Agora o que encontrou na pasta Warcraft, talvez seja ele o problema.