Resolvendo problemas com sites !

[Serafan]

c:\documents and settings\All Users\Menu Iniciar\Programas\Ardamax Keylogger
c:\documents and settings\All Users\Menu Iniciar\Programas\Ardamax Keylogger\Ardamax Keylogger.lnk
c:\documents and settings\All Users\Menu Iniciar\Programas\Ardamax Keylogger\Help.lnk
c:\documents and settings\All Users\Menu Iniciar\Programas\Ardamax Keylogger\Log Viewer.lnk

Parei de ler aqui. Seu computador ESTAVA infectado com o Ardamax KEYLOGGER, ao que tudo indica, o mesmo foi excluido com êxito do seu computador pelo ComboFix by sUBs~.

Outra parte que li, foi o final da mensagem, e pra minha surpresa (sarcasticmode) mais um vírus dos pesados havia sido encontrado.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer

Sugiro que você faça o seguinte:

- Faça o download do Malwarebytes Anti-Malware
http://www.malwarebytes.org/mbam-download.php

• Desative o antivírus;
• Faça a instalação dando um duplo clique em "mbam-setup";
• Marque "Atualizar Malwarebytes Anti-Malware" e "Executar Malwarebytes Anti-Malware", e clique em concluir;
• Marque "Verificação Completa" e depois clique em Verificar;
• Quando o scan terminar, clique em Ok e em "Mostrar Resultados" para ver o log;
• Se algo for detectado, veja se tudo está marcado e clique em "Remover";
• O log é automaticamente gravado e pode ser consultado clicando em "Logs" do menu principal;
• Copie e cole o conteúdo desse log na sua próxima resposta.

[sacrott]

Aqui fica o log que me apareceu.
Aguardo alguma ajuda urgente, não consigo abrir o site www.ne-miguelito.com.

Código:

.
Conteúdo da pasta 'Tarefas Agendadas'

2010-09-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-252222327-4265913071-1583749728-1001Core.job
- c:\users\Jose Torcato\AppData\Local\Google\Update\GoogleUpdate***** [2010-09-01 03:54]

2010-09-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-252222327-4265913071-1583749728-1001UA.job
- c:\users\Jose Torcato\AppData\Local\Google\Update\GoogleUpdate***** [2010-09-01 03:54]
.
.
------- Scan Suplementar -------
.
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Jose Torcato\AppData\Roaming\Mozilla\Firefox\Profiles\74fqcc27.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\users\Jose Torcato\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX*****,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX*****"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tempo para conclusão: 2010-09-07  20:25:47
ComboFix-quarantined-files.txt  2010-09-07 19:25

Pré-execução: 13.338.083.328 bytes livres
Pós execução: 16.890.679.296 bytes livres

- - End Of File - - BCDA6588F3A9974069BCC857216A4D2A

[Serafan]

Aqui fica o log que me apareceu.
Aguardo alguma ajuda urgente, não consigo abrir o site www.ne-miguelito.com.

Bom, como você pode ver, este fórum é destinado à suporte para o tibia, e não para qualquer outro site/programa;

Infelizmente eu não posso lhe ajudar, porque não conheço o site que você citou, logo, não posso abordar um assunto com ignorância, apenas confundiria você;

Suporte a erros decorridos durante o acesso ao site do tibia.com são resolvidos com o uso do programa ComboFix by sUBs~ em 99% dos casos, pois o acesso é bloqueado por um erro de registro simples ou apenas cachês "sujos";

Para demais sites, sugiro que consulte um técnico especializado, que possa sentar na frente do seu computador afim de lhe ajudar conhecendo, estudando e analisando o seu problema, providenciando a melhor solução;

Fica aqui o meu "me desculpe" mas essa não é a minha "jurisdição".

[Cadhos]

ótimo, ajudará muitas pessoa.

Sugiro botar apenas para apenas desativar o antí-virus se souber dos riscos que está levando

[ericomichelon]

Log

Código:

ComboFix 10-09-09.04 - Erico 10/09/2010  15:07:10.1.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1252.55.1046.18.2046.1214 [GMT -3:00]
Executando de: c:\users\Erico\Desktop\ComboFix*****
.

((((((((((((((((   Arquivos/Ficheiros criados de 2010-08-10 to 2010-09-10  ))))))))))))))))))))))))))))
.

2010-09-10 18:11 . 2010-09-10 18:11    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-09-09 14:42 . 2010-09-09 14:42    127034    ------r-    c:\windows\bwUnin-8.1.1.50-8876480SL*****
2010-09-09 14:41 . 2010-09-09 14:41    10134    ----a-r-    c:\users\Erico\AppData\Roaming\Microsoft\Installer\{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}\ARPPRODUCTICON*****
2010-09-09 14:40 . 2010-09-09 14:40    10134    ----a-r-    c:\users\Erico\AppData\Roaming\Microsoft\Installer\{C89C8D86-4423-4A58-AA40-DD259ACE07C1}\ARPPRODUCTICON*****
2010-08-28 17:28 . 2010-08-28 17:28    --------    d-----w-    c:\users\Erico\AppData\Roaming\skypePM
2010-08-28 17:24 . 2010-09-08 22:23    --------    d-----w-    c:\users\Erico\AppData\Roaming\Skype
2010-08-28 17:24 . 2010-09-08 22:23    --------    d-----w-    c:\program files\Common Files\Skype
2010-08-28 17:24 . 2010-08-28 17:24    --------    d-----r-    c:\program files\Skype
2010-08-28 17:23 . 2010-08-28 17:24    --------    d-----w-    c:\programdata\Skype
2010-08-18 12:48 . 2010-08-18 12:48    --------    d-----w-    c:\users\Erico\AppData\Roaming\Leadertech
2010-08-18 12:48 . 2010-08-18 12:48    --------    d-----w-    c:\users\Erico\AppData\Local\Logishrd
2010-08-18 12:47 . 2010-08-18 12:49    --------    d-----w-    c:\programdata\Logishrd
2010-08-18 12:42 . 2010-09-08 22:23    --------    d-----w-    c:\program files\Common Files\Real
2010-08-18 12:42 . 2010-09-08 22:23    --------    d-----w-    c:\program files\Real
2010-08-18 12:42 . 2010-08-18 12:42    --------    d-----w-    c:\users\Erico\AppData\Roaming\Logishrd
2010-08-18 02:18 . 2010-08-18 12:42    --------    d-----w-    c:\users\Erico\AppData\Roaming\Logitech
2010-08-18 02:18 . 2010-09-08 22:23    --------    d-----w-    c:\program files\Common Files\LogiShrd
2010-08-18 02:16 . 2007-01-30 04:46    69632    ----a-w-    c:\windows\system32\KemXML.dll
2010-08-18 02:16 . 2007-01-30 04:46    163840    ----a-w-    c:\windows\system32\kemutb.dll
2010-08-18 02:16 . 2007-01-30 04:46    110592    ----a-w-    c:\windows\system32\KemWnd.dll
2010-08-18 02:16 . 2007-01-30 04:46    135168    ----a-w-    c:\windows\system32\KemUtil.dll
2010-08-18 02:15 . 2010-09-08 22:23    --------    d-----w-    c:\programdata\Logitech
2010-08-18 02:15 . 2010-09-09 14:42    --------    d-----w-    c:\program files\Logitech
2010-08-18 02:15 . 2010-09-09 14:41    --------    d-----w-    c:\program files\Common Files\Logitech
2010-08-18 02:15 . 2010-08-18 02:15    --------    d-----w-    c:\program files\Common Files\InstallShield
2010-08-17 20:28 . 2010-09-09 19:05    --------    d-----w-    C:\Compartilhamento
2010-08-17 01:44 . 2010-09-08 23:08    --------    d-----w-    c:\users\Erico\AppData\Local\ElevatedDiagnostics
2010-08-17 00:46 . 2010-09-08 22:23    --------    d-----w-    c:\users\Erico\MINHA PASTA
2010-08-17 00:43 . 2010-09-08 22:23    --------    d-----w-    c:\users\Erico\Pagoude e tudo mais
2010-08-17 00:32 . 2010-09-08 22:23    --------    d-----w-    c:\users\Erico\MÚSICAS
2010-08-17 00:32 . 2010-08-24 00:43    --------    d-----w-    c:\users\Erico\Estudos
2010-08-17 00:32 . 2010-08-17 00:34    --------    d-----w-    c:\users\Erico\HTC_HD2
2010-08-17 00:31 . 2010-08-17 21:11    --------    d-----w-    c:\users\Erico\Backup
2010-08-14 14:05 . 2010-08-14 14:05    --------    d-----w-    c:\users\Public\CyberLink
2010-08-14 14:04 . 2010-08-14 14:04    --------    d-----w-    c:\users\Erico\AppData\Local\Cyberlink
2010-08-14 14:03 . 2010-08-14 14:04    --------    d-----w-    c:\users\Erico\AppData\Local\Adobe
2010-08-14 14:03 . 2010-08-14 14:03    --------    d-----w-    c:\users\Erico\AppData\Roaming\CyberLink
2010-08-14 13:49 . 2010-06-28 20:37    165456    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2010-08-14 13:49 . 2010-06-28 20:32    17744    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2010-08-14 13:49 . 2010-06-28 20:33    23376    ----a-w-    c:\windows\system32\drivers\aswRdr.sys
2010-08-14 13:49 . 2010-06-28 20:37    46672    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2010-08-14 13:49 . 2010-06-28 20:32    50256    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2010-08-14 13:48 . 2010-06-28 20:57    38848    ----a-w-    c:\windows\avastSS*****
2010-08-14 13:48 . 2010-06-28 20:57    165032    ----a-w-    c:\windows\system32\aswBoot*****
2010-08-14 13:48 . 2010-08-14 13:48    --------    d-----w-    c:\programdata\Alwil Software
2010-08-14 13:48 . 2010-08-14 13:48    --------    d-----w-    c:\program files\Alwil Software
2010-08-14 13:47 . 2010-08-14 14:03    --------    d-----w-    c:\users\Erico\AppData\Local\Ahead
2010-08-14 13:42 . 2010-08-14 13:42    --------    d-----w-    c:\users\Erico\AppData\Roaming\Ahead
2010-08-14 13:42 . 2010-08-14 13:42    --------    d-----w-    c:\programdata\Ahead
2010-08-14 13:41 . 2010-08-14 13:42    --------    d-----w-    c:\program files\Common Files\Ahead
2010-08-14 13:41 . 2010-08-14 13:41    --------    d-----w-    c:\programdata\Nero
2010-08-14 13:41 . 2010-08-14 13:41    --------    d-----w-    c:\program files\Nero
2010-08-14 13:32 . 2010-08-14 13:32    --------    d-----w-    c:\program files\Bonjour
2010-08-14 13:29 . 2010-08-14 13:29    --------    d-----w-    c:\program files\Common Files\Macrovision Shared
2010-08-14 13:19 . 2010-09-10 16:04    --------    d-----w-    c:\users\Erico\Tracing
2010-08-14 13:19 . 2010-08-14 13:19    --------    d-----w-    c:\program files\Microsoft Silverlight
2010-08-14 13:18 . 2010-08-14 13:18    --------    d-----w-    c:\program files\Microsoft
2010-08-14 13:17 . 2010-08-14 13:17    --------    d-----w-    c:\program files\Windows Live SkyDrive
2010-08-14 13:17 . 2010-08-14 13:18    --------    d-----w-    c:\program files\Windows Live
2010-08-14 13:13 . 2010-08-14 13:13    --------    d-----w-    c:\program files\Common Files\Windows Live
2010-08-14 13:08 . 2010-08-14 14:03    --------    d-----w-    c:\programdata\CyberLink
2010-08-14 13:08 . 2010-09-09 14:42    --------    d--h--w-    c:\program files\InstallShield Installation Information
2010-08-14 13:08 . 2010-08-14 13:08    --------    d-----w-    c:\program files\Common Files\CyberLink
2010-08-14 13:06 . 2010-08-14 13:08    --------    d-----w-    c:\program files\CyberLink
2010-08-14 13:06 . 2010-08-14 13:06    29480    ----a-w-    c:\windows\system32\msxml3a.dll
2010-08-14 13:06 . 2010-08-14 13:06    53319    ----a-w-    c:\programdata\Temp\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild*****
2010-08-14 13:04 . 2010-08-14 13:04    --------    d-----w-    c:\program files\Microsoft Works
2010-08-14 13:04 . 2010-08-14 13:04    --------    d-----w-    c:\windows\PCHEALTH
2010-08-14 13:01 . 2010-08-14 13:01    --------    d-----r-    C:\MSOCache
2010-08-14 13:00 . 2010-08-14 13:00    --------    d-----w-    c:\program files\Common Files\Java
2010-08-14 12:58 . 2010-08-14 12:58    423656    ----a-w-    c:\windows\system32\deployJava1.dll
2010-08-14 12:58 . 2010-08-14 12:58    --------    d-----w-    c:\program files\Java
2010-08-14 12:52 . 2009-09-04 20:44    515416    ----a-w-    c:\windows\system32\XAudio2_5.dll
2010-08-14 12:52 . 2009-09-04 20:44    238936    ----a-w-    c:\windows\system32\xactengine3_5.dll
2010-08-14 12:52 . 2009-09-04 20:29    235344    ----a-w-    c:\windows\system32\d3dx11_42.dll
2010-08-14 12:52 . 2009-09-04 20:29    5501792    ----a-w-    c:\windows\system32\d3dcsx_42.dll
2010-08-14 12:52 . 2009-09-04 20:29    1974616    ----a-w-    c:\windows\system32\D3DCompiler_42.dll
2010-08-14 12:50 . 2010-08-14 12:50    --------    d-----w-    c:\program files\DVD Decrypter
2010-08-14 12:47 . 2010-09-08 22:16    --------    d-----w-    c:\program files\Mozilla Firefox 4.0 Beta 3
2010-08-14 12:46 . 2010-08-14 12:49    --------    d-----w-    c:\program files\Google
2010-08-14 12:46 . 2001-10-28 20:42    116224    ----a-w-    c:\windows\system32\pdfcmnnt.dll
2010-08-14 12:46 . 2010-08-14 12:46    --------    d-----w-    c:\program files\PDFCreator
2010-08-14 12:46 . 1998-07-06 04:00    23552    ----a-w-    c:\windows\system32\MSMPIDE.DLL
2010-08-14 12:45 . 2010-08-14 12:45    --------    d-----w-    c:\windows\system32\Adobe
2010-08-14 12:45 . 2010-08-14 12:45    --------    d-----w-    c:\program files\uTorrent
2010-08-14 12:44 . 2010-08-14 14:05    --------    d-----w-    c:\users\Erico\AppData\Roaming\uTorrent
2010-08-14 12:44 . 2010-08-14 13:32    --------    d-----w-    c:\program files\Common Files\Adobe
2010-08-14 12:44 . 2010-08-14 12:44    --------    d-----w-    c:\programdata\eMule
2010-08-14 12:44 . 2010-08-14 12:44    --------    d-----w-    c:\users\Erico\AppData\Local\eMule
2010-08-14 12:44 . 2010-08-14 12:44    --------    d-----w-    c:\program files\eMule
2010-08-14 12:23 . 2010-08-14 12:50    --------    d-----w-    c:\users\Erico\AppData\Local\Google
2010-08-14 12:22 . 2010-08-14 14:04    93648    ----a-w-    c:\users\Erico\AppData\Local\GDIPFONTCACHEV1.DAT
2010-08-14 12:22 . 2010-08-14 12:23    --------    d-----w-    c:\users\Erico\AppData\Local\Deployment
2010-08-14 12:22 . 2010-08-14 12:22    --------    d-----w-    c:\users\Erico\AppData\Local\Apps
2010-08-14 12:18 . 2010-08-28 17:18    --------    d-----w-    C:\Downloads
2010-08-14 12:17 . 2010-08-14 12:17    --------    d-----w-    c:\users\Erico\AppData\Local\Microsoft Help
2010-08-14 12:17 . 2009-09-28 02:12    490088    ----a-w-    c:\windows\system32\nvuninst*****
2010-08-14 12:16 . 2010-08-14 12:16    --------    d-----w-    c:\program files\Microsoft SDKs
2010-08-14 12:16 . 2010-08-14 13:05    --------    d-----w-    c:\programdata\Microsoft Help
2010-08-14 12:16 . 2010-08-14 12:16    --------    d-----w-    c:\program files\Microsoft Visual Studio 9.0
2010-08-14 12:16 . 2010-08-14 12:16    --------    d-----w-    c:\program files\Microsoft.NET
2010-08-14 12:15 . 2010-08-14 12:15    --------    d-----w-    c:\program files\Common Files\Corel
2010-08-14 12:15 . 2010-08-14 12:15    --------    d-----w-    c:\programdata\Corel
2010-08-14 12:13 . 2010-08-14 12:13    --------    d-----w-    c:\windows\system32\Macromed
2010-08-14 12:13 . 2010-09-10 18:10    --------    d-----w-    c:\users\Erico\AppData\Roaming\Free Download Manager
2010-08-14 12:13 . 2010-08-14 12:13    --------    d-----w-    c:\programdata\FreeDownloadManager.ORG
2010-08-14 12:13 . 2010-08-14 12:13    --------    d-----w-    c:\program files\Free Download Manager
2010-08-14 12:12 . 2010-08-14 12:12    --------    d-----w-    c:\program files\Corel
2010-08-14 12:11 . 2010-08-14 12:11    0    ----a-w-    c:\windows\nsreg.dat
2010-08-14 12:11 . 2010-08-14 12:11    --------    d-----w-    c:\users\Erico\AppData\Local\Mozilla
2010-08-14 12:11 . 2010-09-10 15:56    --------    d-sh--w-    c:\windows\Installer
2010-08-14 12:10 . 2010-03-30 14:02    610    ----a-w-    c:\windows\OEMLOGO7.reg
2010-08-14 12:06 . 2010-05-21 17:14    221568    ------w-    c:\windows\system32\MpSigStub*****
2010-08-14 12:00 . 2010-09-10 15:00    --------    d-----w-    c:\windows\system32\wbem\Performance
2010-08-14 05:56 . 2010-08-14 01:03    --------    d-----w-    c:\windows\Panther
2010-08-14 01:02 . 2010-08-14 01:02    --------    d-----w-    C:\Recovery

.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-10 15:00 . 2009-07-29 18:38    654272    ----a-w-    c:\windows\system32\prfh0416.dat
2010-09-10 15:00 . 2009-07-29 18:38    124724    ----a-w-    c:\windows\system32\prfc0416.dat
2010-09-10 02:22 . 2009-07-14 04:52    --------    d-----w-    c:\program files\Windows Sidebar
2010-09-10 02:22 . 2009-07-14 07:50    --------    d-----w-    c:\program files\Windows Journal
2010-09-10 02:22 . 2009-07-14 04:52    --------    d-----w-    c:\program files\Windows Photo Viewer
2010-09-10 02:22 . 2009-07-14 04:52    --------    d-----w-    c:\program files\Windows Defender
2010-09-10 02:22 . 2009-07-14 04:52    --------    d-----w-    c:\program files\DVD Maker
2010-09-10 02:22 . 2009-07-14 02:37    --------    d-----w-    c:\program files\Windows Mail
2010-08-18 02:16 . 2010-08-18 02:16    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2010-08-14 13:06 . 2003-03-18 23:14    505128    ----a-w-    c:\windows\system32\msvcp71.dll
2010-08-14 13:06 . 2003-02-21 07:42    353576    ----a-w-    c:\windows\system32\msvcr71.dll
2010-08-14 12:00 . 2010-08-14 12:00    0    ---ha-w-    c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-08-14 01:02 . 2010-08-14 01:02    --------    d-sh--we    c:\programdata\Modelos
2010-08-14 01:02 . 2010-08-14 01:02    --------    d-sh--we    c:\programdata\Menu Iniciar
2010-08-14 01:02 . 2010-08-14 01:02    --------    d-sh--we    c:\programdata\Favoritos
2010-08-14 01:02 . 2010-08-14 01:02    --------    d-sh--we    c:\programdata\Documentos
2010-08-14 01:02 . 2010-08-14 01:02    --------    d-sh--we    c:\programdata\Dados de aplicativos
2010-08-14 01:02 . 2010-08-14 01:02    --------    d-sh--we    c:\program files\Common Files\Sistema
2010-08-14 01:02 . 2010-08-14 01:02    --------    d-sh--we    c:\program files\Arquivos Comuns
2009-06-10 21:26 . 2009-07-14 02:04    9633792    --sha-r-    c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42    396800    --sha-w-    c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail*****
.

((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por defeito não são mostradas. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Free Download Manager"="c:\program files\Free Download Manager\fdm*****" [2009-01-31 3399727]
"Google Update"="c:\users\Erico\AppData\Local\Google\Update\GoogleUpdate*****" [2010-08-14 136176]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor*****" [2007-05-16 153136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl*****" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM*****" [2009-12-11 948672]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched*****" [2010-05-14 248552]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv*****" [2010-02-03 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs*****" [2010-03-13 75048]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck*****" [2007-03-01 153136]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI*****" [2010-06-28 2837864]
"Kernel and Hardware Abstraction Layer"="KHALMNPR*****" [2007-01-23 101136]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper*****" [2007-01-12 488984]
"LVCOMSX"="c:\program files\Common Files\LogiShrd\LComMgr\LVComSX*****" [2007-01-12 244512]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger***** [2010-9-9 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint***** [2010-9-9 688128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate***** [2010-08-14 136176]
R3 FXDrv32;FXDrv32;D:\FXDrv32.sys [x]
S1 aswSP;aswSP; [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/14 10:08];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 15:58 87536]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-08-19 189440]

.
Conteúdo da pasta 'Tarefas Agendadas'

2010-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate***** [2010-08-14 12:46]

2010-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate***** [2010-08-14 12:46]

2010-08-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2932839343-234985235-1370105787-1001Core.job
- c:\users\Erico\AppData\Local\Google\Update\GoogleUpdate***** [2010-08-14 12:23]

2010-09-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2932839343-234985235-1370105787-1001UA.job
- c:\users\Erico\AppData\Local\Google\Update\GoogleUpdate***** [2010-08-14 12:23]
.
.
------- Scan Suplementar -------
.
uStart Page = hxxp://www.google.com.br/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos*****/200
IE: Baixar com o Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Baixar tudo com o Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Baixar vídeo com o Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download selecionado pelo Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL*****/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\users\Erico\AppData\Roaming\Mozilla\Firefox\Profiles\2s2hrz5e.default\
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\Erico\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX*****,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX*****"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
LOG

@Denied: (Full) (Everyone)
.
--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'Explorer*****'(4012)
c:\program files\Logitech\SetPoint\lgscroll.dll
.
Tempo para conclusão: 2010-09-10  15:13:32
ComboFix-quarantined-files.txt  2010-09-10 18:13

Pré-execução: 58.462.244.864 bytes disponíveis
Pós execução: 59.295.748.096 bytes disponíveis

- - End Of File - - C375EBB2A3B3F96158CF5DFBB8CF38DD

[Serafan]

Olá ericomichelon,

Só pelo fato de não entrar no site do mercadolivre, sem mesmo analisar o seu log, acredito que já sei qual é o problema.

Tente entrar nestes 3 sites e me diga o resultado:

www.virustotal.com
www.microsoft.com
www.avast.com

Aguardo resposta, :thumb: !

[ericomichelon]

serafanbtw, sem problemas para entrar nos sites que voce indicou, o navegador entrou sem problemas. alem do mercadolivre ele também nao entra em sites como:

www.armaniexchange.com
http://coolspotters.com/
http://weezythanxyou.com/
http://www.justintimberlake.com/
http://www.trapmuzik.com/

e no site do ebay (www.ebay.com) ele entra normal, consigo navegar pelo site tranquilamente, fazer pesquisas e tudo, porem quando clico para entra na minha conta (My eBay) o navegador tranca e nao vai.

[Serafan]

serafanbtw, sem problemas para entrar nos sites que voce indicou, o navegador entrou sem problemas. alem do mercadolivre ele também nao entra em sites como:

www.armaniexchange.com
http://coolspotters.com/
http://weezythanxyou.com/
http://www.justintimberlake.com/
http://www.trapmuzik.com/

e no site do ebay (www.ebay.com) ele entra normal, consigo navegar pelo site tranquilamente, fazer pesquisas e tudo, porem quando clico para entra na minha conta (My eBay) o navegador tranca e nao vai.

• Vá até o site "baixaki.com.br" e faça download do navegador Google Chrome (o mais atual).
• Instale-o e defina-o como seu navegador padrão;
• Vá em inciar > painel de controle > conexões de rede e de internet > conexões de rede;
• Clique com o botão direito do mouse em Conexão local e em seguida em Reparar;
• Vá em iniciar > executar;
• Digite na caixa de dialogo que apareceu: cmd
• Na janela do prompt de comando escreva: ipconfig /flushdns e aperte enter;
• Escreva novamente ipconfig /flushdns e aperte enter, e repita essa mesma ação mais 2 vezes, totalizando 4 (quatro);
• Feche o prompt de comando e tente navegar novamente nos sites que você citou.

Poste aqui o resultado,
Aguardo resposta, :thumb: !

[ericomichelon]

nada feito amigo, o problema persiste.
só para deixar claro,possuo o windows 7, mas mesmo assim realizei a operaçao do executar, mas nada de corrigir o problema. quanto ao navegador eu já utizilo o google chrome, e já tentei nos outros navegadores tbm, nada certo.
:S

e agora? nem o técnico que vem aqui descobriu o que podia ser...disse que nunca viu isso antes

[Serafan]

Vamos denovo, hehe:

Desative o seu antivírus e o seu firewall temporariamente.
Vá até o google chrome e clique em personalizar e controlar o google chrome (uma chave inglesa no canto superior direito da sua tela), e em seguida em opções.

Na aba configurações avançadas você desmarca a opção ativar proteção contra pishing e malware.

Clique em configuração de conteúdo e na guia da esquerda navegue até pop-ups. Agora marque a opção permitir que todos sites mostrem pop-ups.

Vá em iniciar > painel de controle > conexões de rede e de internet > opções da internet.
Na aba segurança você definirá o nível de segurança desta zona como baixo.

Na aba privacidade você definirá as configurações como aceitar todos os cookies.

Na aba conteúdo clique em limpar estado ssl.

Na aba avançadas role a barra bem para baixo e verifique se usar ssl 2.0 e usar ssl 3.0 estão marcadas, caso não estejam, marque-as.
Ainda na barra avançadas você vai ao topo da caixa e marque a opção usar http 1.1 e desmarque usar http 1.1 através de conexões via proxy.

Vá até meu computador > disco local (c > windows > system32 (ou system64 se o seu windows for 64 bits) > drivers > etc.
Clique com o botão direito do mouse em cima de hosts e em propriedades.
Desmarque a opção somente leitura e confirme clicando em ok.
Dê um duplo clique no arquivo e selecione para abrir com o bloco de notas.

No txt que apareceu você apaga TUDO que estiver escrito e escreve apenas isso:

127.0.0.1 localhost

Salve as alterações e clique novamente com o botão direito no arquivo hosts e em seguida em propriedades. Agora, marque a opção somente leitura e confirme com um ok.


Tente entrar novamente nos sites, (em todos eles) pra ver se agora já dá pra entrar em algum.
Caso não dê, reinicie o computador e o modem, desative o antivírus e o firewall, tente novamente e retorne aqui com o resultado.