|
| |||||||
 |
 |
| | Thread Tools |
|
#1
29 de março de 2009, 08:59
| ||||||||||||
| ||||||||||||
| Em primeiro lugar eu estou supondo que este é o lugar certo para colocar este. Entrei no painel de controle e desempenho e encontrou um par de problemas de desempenho, dizendo:
Começando lentamente: http://i7.photobucket.com/albums/y27...tartslowly.jpg Desligando: http://i7.photobucket.com/albums/y27...downslowly.jpg Eu também correu HijackThis e chegou a esta mensagem: http://i7.photobucket.com/albums/y27...rormessage.jpg Esta é provavelmente uma pergunta realmente estúpido, mas como posso corrigir isso? Se vocês poderiam me aponte na direcção certa que seria ótimo.
__________________
__________________
Euro Championships ponta = Espanha & Torres <- Porra eu devia ter colocado uma aposta sobre eles Make Poverty History Justiça para as 96 <- Por favor, dê uma olhada Meu Sistema: Auto HistoryGirls Build!
|
|
#2
29 de março de 2009, 11:19
| |||
| |||
| Com o Vista você tem que clicar o botão direito no ícone do HJT e escolha "Executar como Administrador". Já fez alguma manutenção recentemente? A limpeza de disco, desfragmentar?
__________________  |
|
#3
30 de março de 2009, 10:11
| |||
| |||
| Sim, eu tenho que executar a limpeza de disco e desfragmentar recentemente teria que ser o que está causando os problemas? Novo Log HijackThis: Citação:
__________________ Euro Championships ponta = Espanha & Torres <- Porra eu devia ter colocado uma aposta sobre eles Make Poverty History Justiça para as 96 <- Por favor, dê uma olhada |
|
#4
30 de março de 2009, 10:30
| |||
| |||
| Abrir HijackThis e escolha Faça um sistema de verificação só. Coloque uma marca de verificação ao lado dos seguintes entradas: (se houver)
Importante: Feche todas as janelas excepto no HijackThis e clique em Fix controlados. Sair HijackThis. ---------- Download ComboFix © por SUBS de um dos links abaixo. Certifique-se de guardá-lo para o topo Desktop. Link # 1 Link # 2 ** Nota: É importante que ele é guardado directamente para o seu desktop Feche todos os browsers abertos. (Firefox, Internet Explorer, etc) antes de iniciar ComboFix. Temporariamente desabilitar seu antivírus, E qualquer antispyware proteção em tempo real antes realizar uma varredura. Clique este link para ver uma lista de programas de segurança que devem ser desativados e como desativá-los. Dê um clique duplo combofix.exe e siga as instruções. Quando terminar ComboFix irá produzir um log para você. Publicar a Log ComboFix na sua próxima resposta. Importante: Não mouseclick ComboFix da janela enquanto ele está sendo executado. Isso pode fazer com que a barraca. Lembre-se de reativar a sua protecção antivírus e antispyware ComboFix quando estiver completa. Se você tiver problemas com ComboFix utilização, ver Como usar o ComboFix
__________________ |
|
#5
30 de março de 2009, 11:37
| |||
| |||
| Em primeiro lugar obrigado pela ajuda e conselhos. Eu fiz o que você disse HJT e que estava bem. No entanto eu tenho feito como o link diz respeito desativar a Proteção Residente AVG, mas apesar disso quando eu tento executar o ComboFix, ele ainda diz AVG anti-vírus está funcionando assim que eu não estou muito certo por quê. Você sugeriria talvez reiniciando meu sistema?
__________________ Euro Championships ponta = Espanha & Torres <- Porra eu devia ter colocado uma aposta sobre eles Make Poverty History Justiça para as 96 <- Por favor, dê uma olhada |
|
#6
30 de março de 2009, 13:39
| |||
| |||
| AVG e Combofix ter esse problema. Basta executar o ComboFix de qualquer maneira. Se o AVG tenta bloqueá-lo em seguida, basta que ele seja executado.
__________________ |
|
#7
30 de março de 2009, 14:21
| |||
| |||
| Direito ok tudo feito. Log conforme solicitado. Citação:
__________________ Euro Championships ponta = Espanha & Torres <- Porra eu devia ter colocado uma aposta sobre eles Make Poverty History Justiça para as 96 <- Por favor, dê uma olhada |
|
#8
30 de março de 2009, 15:17
| |||
| |||
| Excluir esses arquivos / pastas, como se segue: 1. Ir para Iniciar > Correr > Tipo Notepad.exe e clique em OK para abrir o Bloco de Notas. Ele deve ser Notepad, Wordpad não. 2. Copie o código abaixo o texto na caixa de realce todo o texto e pressionar Ctrl + C Código: Killall:: Registry:: [-HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft Security Center \ Monitoring \ SymantecAntiVirus] [-HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft Security Center \ Monitoring \ SymantecFirewall] [-HKEY_CURRENT_USER \ software \ microsoft \ windows \ CurrentVersion \ Explorer \ mountpoints2 \ E] [-HKEY_CURRENT_USER \ software \ microsoft \ windows \ currentversion \ explorer \ mountpoints2 \ (c1865685-0291-11dc-b943-806e6f6e6963)] Firefox:: FF - prefs.js: browser.search.defaulturl - hxxp: / / / search.conduit.com / ResultsExt.aspx? ctid = CT1178131 & SearchSource = 3 & q = FF - prefs.js: browser.search.selectedEngine - Web Search 4. Em seguida, clique em Arquivo > Salvar 5. Nome do arquivo CFScript.txt - Salve o arquivo para o seu desktop 6. Em seguida, arraste o CFScript (mantenha o botão esquerdo do mouse ao arrastar o arquivo) e largá-la (liberar o botão esquerdo do mouse) em ComboFix.exe como você vê na imagem abaixo. Importante: Realize estas instruções cuidadosamente!  ComboFix irá começar a executar, basta seguir as instruções na tela. Após o reboot (no caso ele pede para reiniciar), que irá produzir um log para você. Post que log (Combofix.txt) em sua próxima resposta. Nota: Não mouseclick ComboFix da janela enquanto ele está sendo executado. Isso pode fazer com que seu sistema de congelar ---------- Faça o download do Norton Removal Tool (SymNRT) para o seu desktop. Uma vez baixado, por favor feche todos os navegadores, também guardar qualquer trabalho, pois isto pode exigir uma reinicialização.
---------- O seu Java está desatualizado. As versões mais antigas têm vulnerabilidades que sites maliciosos podem usar para infectar seu sistema. Primeiro instale a nova Sun Java Runtime Environment Certifique-se de fechar todas as janelas do navegador antes de iniciar a instalação. Remover a versão antiga (s) Baixar JavaRa
Nota adicional: O Java Quick Starter (JQS.exe) acrescenta um serviço para melhorar o arranque inicial tempo de Java applets e aplicações. Para desativar o serviço JQS se não quiser usá-lo, vá para Iniciar> Painel de Controle> Java> Advanced> Diversos e unmarque a caixa Java Quick Starter. Clique em OK e reinicie o computador. ---------- Baixar ATF Cleaner por Atribune para o seu desktop. Suplente link para download Nota: Vista os usuários devem usar Executar como administrador
Note que o sistema irá correr mais lento para reiniciar uma ou duas depois de ter utilizado esta ferramenta de modo que não entre em pânico. Importante: Reinicie o computador antes de continuar. ---------- Como está o computador que está executando agora?
__________________ |
|
#9
31 de março de 2009, 09:25
| |||
| |||
| Novo Log ComboFix: ComboFix 09-03-29.04 - Chloe 2009-03-31 16:37:20.2 - NTFSx86 Microsoft ® Windows Vista ™ Ultimate 6.0.6001.1.1252.1.1033.18.2046.1173 [GMT 1:00] Executando de: C: \ Users \ Chloe \ Desktop \ ComboFix.exe Comandos utilizados:: C: \ Users \ Chloe \ Desktop \ CFScript.txt AV: AVG Anti-Virus Free * On-access scanning ativado * (Atualizado) FW: ZoneAlarm Firewall ativado * * * Criado um novo ponto restaurar . ((((((((((((((((((((((((( Arquivos criados a partir de 2009/02/28 a 2009/03/31 ))))))))))) )))))))))))))))))))) . 2009-03-31 17:15. 2009/03/31 17:15 45,056 - a ------ C: \ WINDOWS \ system32 \ acovcnt.exe 2009-03-30 22:26. 2009-03-30 22:26 d -------- C: \ Arquivos de Programas \ MediaMonkey 2009-03-29 16:23. 2008-06-20 02:14 781.344 - a ------ C: \ WINDOWS \ system32 \ PresentationNative_v0300.dll 2009-03-29 16:23. 2008-06-20 02:14 622.080 - a ------ C: \ WINDOWS \ system32 \ icardagt.exe 2009-03-29 16:23. 2008-06-20 02:14 326.160 - a ------ C: \ WINDOWS \ system32 \ PresentationHost.exe 2009-03-29 16:23. 2008-06-20 02:14 105.016 - a ------ C: \ WINDOWS \ system32 \ e_v0300.dll PresentationCFFRasterizerNativ 2009-03-29 16:23. 2008/06/20 02:14 97,800 - a ------ C: \ WINDOWS \ system32 \ infocardapi.dll 2009-03-29 16:23. 2008/06/20 02:14 43,544 - a ------ C: \ WINDOWS \ system32 \ PresentationHostProxy.dll 2009-03-29 16:23. 2008/06/20 02:14 37,384 - a ------ C: \ WINDOWS \ system32 \ infocardcpl.cpl 2009-03-29 16:23. 2008/06/20 02:14 11,264 - a ------ C: \ WINDOWS \ system32 \ icardres.dll 2009-03-29 16:15. 2008-07-27 19:03 282.112 - a ------ C: \ WINDOWS \ system32 \ mscoree.dll 2009-03-29 16:15. 2008/07/27 19:03 96,760 - a ------ C: \ WINDOWS \ system32 \ dfshim.dll 2009-03-29 16:15. 2008/07/27 19:03 41,984 - a ------ C: \ WINDOWS \ system32 \ netfxperf.dll 2009-03-29 16:14. 2008-07-27 19:03 158.720 - a ------ C: \ WINDOWS \ system32 \ mscoreer.dll 2009-03-29 16:14. 2008/07/27 19:03 83,968 - a ------ C: \ WINDOWS \ system32 \ mscories.dll 2009-03-29 13:52. 2009-03-29 13:53 d -------- C: \ Program Files \ Defraggler 2009-03-29 13:26. 2008-02-23 05:38 170.496 - a ------ C: \ WINDOWS \ system32 \ tcpipcfg.dll 2009-03-29 13:26. 2008/02/23 03:41 22,528 - a ------ C: \ WINDOWS \ system32 \ netiougc.exe 2009-03-29 13:25. 2009-02-16 00:10 1.221.512 - a ------ C: \ WINDOWS \ system32 \ zpeng25.dll 2009-03-17 21:57. 2009-03-17 21:57 d -------- C: \ Program Files \ Microsoft 2009-03-17 21:56. 2009-03-17 21:56 d -------- C: \ WINDOWS \ PCHealth 2009-03-16 22:43. 2009-03-28 22:36 <DIR> d - h ----- C: \ $ AVG8.VAULT $ 2009-03-16 20:59. 2009-03-16 20:59 25 - a ------ C: \ WINDOWS \ cdplayer.ini 2009-03-14 00:34. 2008-12-05 05:32 428.544 - a ------ C: \ WINDOWS \ system32 \ Encdec.dll 2009-03-14 00:34. 2008-12-05 05:32 293.376 - a ------ C: \ WINDOWS \ system32 \ Psisdecd.dll 2009-03-14 00:34. 2008-12-05 05:31 217.088 - a ------ C: \ WINDOWS \ system32 \ psisrndr.ax 2009-03-14 00:34. 2008-12-05 05:31 177.664 - a ------ C: \ WINDOWS \ system32 \ mpg2splt.ax 2009-03-14 00:34. 2008/12/05 05:31 80,896 - a ------ C: \ WINDOWS \ system32 \ MSNP.ax 2009-03-14 00:29. 2009-03-14 00:29 d -------- C: \ ProgramData \ (00D89592-F643-4D8D-8f0f-AFAE0F14D4C3) 2009-03-14 00:29. 2009-03-14 00:29 d -------- C: \ Program Files \ iTunes 2009-03-14 00:29. 2009-03-14 00:29 d -------- C: \ Program Files \ iPod 2009-03-14 00:29. 2008-04-17 13:12 107.368 - a ------ C: \ WINDOWS \ system32 \ GEARAspi.dll 2009-03-14 00:29. 2009/01/15 13:19 23,848 - a ------ C: \ WINDOWS \ system32 \ drivers \ GEARAspiWDM.sys 2009-03-14 00:26. 2009-03-14 00:27 d -------- C: \ Program Files \ QuickTime 2009-03-12 23:39. 2009-03-12 23:39 d -------- C: ProgramData \ \ Kontiki 2009-03-12 23:39. 2009-03-12 23:39 d -------- C: \ Program Files \ Kontiki 2009-03-12 23:39. 2009-03-12 23:39 d -------- C: \ Program Files \ Channel4 2009-03-12 23:38. 2009-03-12 23:38 d -------- C: \ ProgramData \ Channel4 2009-03-11 22:33. 2009-03-31 17:16 d -------- C: \ Users \ Chloe \ Tracing 2009-03-11 22:22. 2009-03-11 22:22 d -------- C: \ Program Files \ Windows Live SkyDrive 2009-03-11 22:22. 2009-03-17 21:57 d -------- C: \ Program Files \ Windows Live 2009-03-11 21:57. 2009-03-11 21:57 d -------- C: \ Program Files \ Common Files \ Windows Live 2009-03-11 13:13. 2009-03-11 21:47 d -------- C: \ Program Files \ Amazônia 2009-03-11 13:13. 2009-03-11 13:13 107.272 - a ------ C: \ WINDOWS \ system32 \ drivers \ aswSP.sys 2009-03-11 02:09. 2009-01-15 04:36 1.383.424 - a ------ C: \ WINDOWS \ system32 \ Mshtml.tlb 2009-03-11 02:09. 2009-01-15 07:11 827.392 - a ------ C: \ WINDOWS \ system32 \ wininet.dll 2009-03-11 02:05. 2008-12-16 04:29 8.147.456 - a ------ C: \ WINDOWS \ system32 \ Wmploc.dll 2009-03-11 02:05. 2008/12/16 06:31 7,680 - a ------ C: \ WINDOWS \ system32 \ Spwmp.dll 2009-03-11 02:05. 2008/12/16 06:31 4,096 - a ------ C: \ WINDOWS \ system32 \ msdxm.ocx 2009-03-11 02:05. 2008/12/16 06:31 4,096 - a ------ C: \ WINDOWS \ system32 \ dxmasf.dll 2009-03-11 02:03. 2008-12-16 03:42 288.768 - a ------ C: \ WINDOWS \ system32 \ drivers \ Srv.sys 2009-03-11 02:03. 2008-11-27 05:43 268.288 - a ------ C: \ WINDOWS \ system32 \ schannel.dll 2009-03-11 02:02. 2009-02-09 04:10 2.033.152 - a ------ C: \ WINDOWS \ system32 \ win32k.sys 2009-02-06 19:52. 2009/02/06 19:52 49,504 - a ------ C: \ WINDOWS \ system32 \ sirenacm.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2009-03-31 16:15 --------- d --- aw C: ProgramData \ TEMP 2009/03/31 16:14 350,195 --- ha-w C: \ WINDOWS \ system32 \ drivers \ vsconfig.xml 2009-03-29 14:42 --------- d ----- wc: \ ProgramData \ Spybot - Search & Destroy 2009-03-29 14:42 --------- d ----- wc: \ Program Files \ Spybot - Search & Destroy 2009-03-29 14:42 --------- d ----- wc: \ Arquivos de programas \ CCleaner 2009-03-19 16:48 --------- d ----- wc: \ Users \ Chloe \ AppData \ Roaming \ uTorrent 2009-03-16 19:58 --------- d ----- wc: \ Program Files \ Common Files \ Real 2009-03-13 23:29 --------- d ----- wc: \ ProgramData \ Apple Computer 2009-03-13 23:29 --------- d ----- wc: \ Program Files \ Common Files \ Apple 2009-03-13 23:27 --------- d ----- wc: \ Arquivos de programas \ Bonjour 2009-03-12 22:24 --------- d ----- wc: \ Arquivos de programas \ Google 2009-03-11 23:07 --------- d ----- wc: \ Program Files \ Microsoft Silverlight 2009-03-11 23:05 --------- d ----- wc: \ Program Files \ Windows Mail 2009/03/11 12:13 325,128 ---- aw C: \ WINDOWS \ system32 \ drivers \ avgldx86.sys 2009-03-11 11:52 --------- d ----- wc: \ ProgramData \ avg8 2009/02/15 23:11 293,528 ---- aw C: \ WINDOWS \ system32 \ drivers \ vsdatant.sys 2009/01/14 20:20 55,232 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ GDIPFONTCACHEV1.DAT 2008/12/31 21:51 13,025 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ nvModes.dat 2008-12-31 14:32 174 Sha - w C: \ Program Files \ desktop.ini 2008/11/19 15:31 81,920 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ ezpinst.exe 2008/11/19 15:31 47,360 ---- aw C: \ Users \ Chloe \ AppData \ Roaming \ pcouffin.sys 2007/05/31 18:23 77,160 ---- aw C: \ Users \ Chloe \ Dsetup.dll 2007/05/31 18:23 503,144 ---- aw C: \ Users \ Chloe \ DXSETUP.exe 2007-05-31 18:23 1.673.576 ---- aw C: \ Users \ Chloe \ Dsetup32.dll . ((((((((((((((((((((((((((((( SnapShot@2009-03-30_22.13.33.29 )))))))))) ))))))))))))))))))))))))))))))) . + 2009-03-31 16:14:31 2.048 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ AppData \ Lo cal \ lastalive0.dat + 2009-03-31 16:14:31 2.048 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ AppData \ Lo cal \ lastalive1.dat - 2009-03-30 21:07:56 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ NTUSER.DAT + 2009-03-31 16:15:44 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ LocalService \ NTUSER.DAT - 2009-03-30 21:07:56 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ NetworkService \ NTUSER.D AT + 2009-03-31 16:15:44 1.048.576 - sha-w C: \ Windows \ ServiceProfiles \ NetworkService \ NTUSER.D AT - 2009-03-30 21:07:06 16.384 - sha-w C: \ WINDOWS \ system32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows Histórico \ History.IE5 \ index.d na + 2009-03-31 16:14:35 16.384 - sha-w C: \ WINDOWS \ system32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ History \ History.IE5 \ index.d na - 2009-03-30 21:07:06 32.768 - sha-w C: \ WINDOWS \ system32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Temporary Internet Files \ Content.IE5 \ index.dat + 2009-03-31 16:14:35 32.768 - sha-w C: \ WINDOWS \ system32 \ config \ systemprofile \ AppData \ L ocal \ Microsoft \ Windows \ Temporary Internet Files \ Content.IE5 \ index.dat - 2009-03-30 21:07:06 16.384 - sha-w C: \ WINDOWS \ system32 \ config \ systemprofile \ AppData \ oaming R \ Microsoft \ Windows \ Cookies \ index.dat + 2009-03-31 16:14:35 16.384 - sha-w C: \ WINDOWS \ system32 \ config \ systemprofile \ AppData oaming R \ \ Microsoft \ Windows \ Cookies \ index.dat - 2009-03-30 19:05:35 126.818 ---- aw C: \ WINDOWS \ system32 \ perfc007.dat + 2009-03-31 15:21:23 126.818 ---- aw C: \ WINDOWS \ system32 \ perfc007.dat - 2009-03-30 19:05:35 119.076 ---- aw C: \ WINDOWS \ system32 \ perfc009.dat + 2009-03-31 15:21:23 119.076 ---- aw C: \ WINDOWS \ system32 \ perfc009.dat - 2009-03-30 19:05:35 127.578 ---- aw C: \ WINDOWS \ system32 \ perfc00C.dat + 2009-03-31 15:21:23 127.578 ---- aw C: \ WINDOWS \ system32 \ perfc00C.dat - 2009-03-30 19:05:35 124.352 ---- aw C: \ WINDOWS \ system32 \ perfc010.dat + 2009-03-31 15:21:23 124.352 ---- aw C: \ WINDOWS \ system32 \ perfc010.dat - 2009-03-30 19:05:35 130.866 ---- aw C: \ WINDOWS \ system32 \ perfc013.dat + 2009-03-31 15:21:23 130.866 ---- aw C: \ WINDOWS \ system32 \ perfc013.dat - 2009-03-30 19:05:35 130.272 ---- aw C: \ WINDOWS \ system32 \ perfc019.dat + 2009-03-31 15:21:23 130.272 ---- aw C: \ WINDOWS \ system32 \ perfc019.dat - 2009-03-30 19:05:35 620.942 ---- aw C: \ WINDOWS \ system32 \ perfh007.dat + 2009-03-31 15:21:23 620.942 ---- aw C: \ WINDOWS \ system32 \ perfh007.dat - 2009-03-30 19:05:35 644.794 ---- aw C: \ WINDOWS \ system32 \ perfh009.dat + 2009-03-31 15:21:23 644.794 ---- aw C: \ WINDOWS \ system32 \ perfh009.dat - 2009-03-30 19:05:35 672.380 ---- aw C: \ WINDOWS \ system32 \ perfh00C.dat + 2009-03-31 15:21:23 672.380 ---- aw C: \ WINDOWS \ system32 \ perfh00C.dat - 2009-03-30 19:05:35 666.234 ---- aw C: \ WINDOWS \ system32 \ perfh010.dat + 2009-03-31 15:21:23 666.234 ---- aw C: \ WINDOWS \ system32 \ perfh010.dat - 2009-03-30 19:05:35 669.852 ---- aw C: \ WINDOWS \ system32 \ perfh013.dat + 2009-03-31 15:21:23 669.852 ---- aw C: \ WINDOWS \ system32 \ perfh013.dat - 2009-03-30 19:05:35 657.990 ---- aw C: \ WINDOWS \ system32 \ perfh019.dat + 2009-03-31 15:21:23 657.990 ---- aw C: \ WINDOWS \ system32 \ perfh019.dat - 2009-03-30 19:03:55 17.414 ---- aw C: \ WINDOWS \ System32 \ WDI \ (86432a0b-3c7d-4ddf-a89c-172faa90485d) \ S-1-5-21-3600620296-2450975610 - 132854369-1000_UserData.bin + 2009-03-31 16:17:14 18.026 ---- aw C: \ WINDOWS \ System32 \ WDI \ (86432a0b-3c7d-4ddf-a89c-172faa90485d) \ S-1-5-21-3600620296-2450975610 - 132854369-1000_UserData.bin - 2009-03-30 19:03:55 81.750 ---- aw C: \ WINDOWS \ System32 \ WDI \ BootPerformanceDiagnostics _SystemData.bin + 2009-03-31 16:17:14 81.884 ---- aw C: \ WINDOWS \ System32 \ WDI \ BootPerformanceDiagnostics _SystemData.bin - 2009-03-30 19:03:54 68.204 ---- aw C: \ WINDOWS \ System32 \ WDI \ tics_SystemData.bin ShutdownPerformanceDiagnos + 2009-03-31 15:15:30 68.346 ---- aw C: \ WINDOWS \ System32 \ WDI \ tics_SystemData.bin ShutdownPerformanceDiagnos . - Snapshot reset à data actual -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Nota * entradas vazias & legit entradas padrão não são mostrados REGEDIT4 [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ actuais ntVersion \ Run] "RocketDock" = "c: \ Program Files \ RocketDock \ RocketDock.exe" [2007-09-02 495616] "msnmsgr" = "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" [2009-02-06 3885408] "WMPNSCFG" = "C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "ASUS Screen Saver Protector" = "c: \ windows \ ASScrPro.exe" [2007-05-15 33136] "IFXSPMGT" = "c: \ windows \ system32 \ ifxspmgt.exe" [2007-02-26 677408] "ZoneAlarm Client" = "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe" [2009-02-16 981384] "NeroFilterCheck" = "c: \ Program Files \ Apoint \ Apoint.exe" [2007-03-01 857648] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ policies \ system] "EnableUIADesktopToggle" = 0 (0x0) [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Windows] "AppInit_DLLs" = avgrsstx.dll APSHook.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ drivers32] "msacm.ac3filter" = ac3filter.acm [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ lsa] Pacotes de notificação REG_MULTI_SZ SceCli ASWLNPkg [HKLM \ ~ \ startupfolder \ C: ^ ProgramData ^ Microsoft ^ Wind ows ^ Menu Iniciar ^ Programas ^ Inicializar ^ WinZip Quick Office.lnk] path = C: \ ProgramData \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ WinZip Quick Office.lnk backup = C: \ WINDOWS \ pss \ WinZip Quick Pick.lnk.CommonStartup backupExtension =. CommonStartup [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ 4oD] - a ------ 2007-04-23 12:23 1032640 C: \ Program Files \ MSN Messenger \ MsnMsgr.Exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Adobe Reader Speed Launcher] - a ------ 2008-06-12 02:38 34672 D: \ Program Files \ Reader \ Reader_sl.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ shared tools \ msconfig startupreg \ ASUS Camera ScreenSaver] - a ------ 2007-05-15 05:12 37232 C: \ WINDOWS \ ASScrProlog.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ shared tools \ msconfig startupreg \ \ ATKMEDIA] - a ------ 2006-11-02 16:27 61440 C: \ Program Files \ ASUS \ ATK Media \ DMedia.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ AVG8_TRAY] - a ------ 2009-03-11 13:13 1601304 c: \ progra ~ 1 \ AVG \ AVG8 \ avgtray.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ shared tools \ msconfig startupreg \ \ CognizanceTS] -ra ------ 2003-12-21 22:11 17920 C: \ PROGRA ~ 1 \ ASUSSE ~ 1 \ ASUSSE ~ 1 \ Bin \ ASTSVCC.dll [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ ehTray.exe] - a ------ 2008-01-19 08:33 125952 c: \ windows \ ehome \ ehtray.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ shared tools \ msconfig startupreg \ Google Update] - a ---- t-2009-03-17 22:06 133104 C: \ Users \ Chloe \ AppData \ Local \ Google \ Update \ pdate.exe GoogleU [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ iTunesHelper] - a ------ 2009-03-11 14:52 342312 C: \ Program Files \ iTunes \ iTunesHelper.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ msnmsgr] - a ------ 2009-02-06 19:51 3885408 C: \ Program Files \ Windows Live \ Messenger \ MsnMsgr.Exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvCplDaemon] - a ------ 2007-04-04 12:40 8429568 c: \ windows \ system32 \ ctfmon.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvMediaCenter] - a ------ 2007-04-04 12:40 81920 C: \ WINDOWS \ system32 \ ctfmon.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ shared tools \ msconfig startupreg \ NvCplDaemon] - a ------ 2007-04-04 12:40 86016 C: \ WINDOWS \ system32 \ igfxtray.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ QuickTime Task] - a ------ 2009-01-05 17:18 413696 C: \ Program Files \ QuickTime \ qttask.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ shared tools \ msconfig startupreg \ RocketDock] - a ------ 2007-09-02 13:58 495616 C: \ Program Files \ RocketDock \ RocketDock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ SpybotSD TeaTimer] -rahs ---- 2009-03-05 16:07 2260480 C: \ Arquivos de Programas \ Spybot - Search & Destroy \ TeaTimer.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ SunJavaUpdateSched] - a ------ 2008-06-10 04:27 144784 C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ TkBellExe] - a ------ 2009-03-16 20:58 198160 C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ shared tools \ msconfig startupreg \ Windows Defender] - a ------ 2008-01-19 08:38 1008184 C: \ Program Files \ Windows Defender \ MSASCui.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ WMPNSCFG] - a ------ 2008-01-19 08:33 202240 C: \ Program Files \ Windows Media Player \ ctfmon.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ shared tools \ msconfig startupreg \ \ (0228e555-4f9c-4e35-a3ec-b109a192b4c2)] - a ------ 2005-07-15 22:48 479232 C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ shared tools \ msconfig startupreg \ SMSERIAL] - a ------ 2007-02-15 10:07 4390912 c: \ windows \ RtHDVCpl.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring] "DisableMonitoring" = dword: 00000001 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ ZoneLabsFirewall] "DisableMonitoring" = dword: 00000001 [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ DomainProfile] "EnableFirewall" = 0 (0x0) [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ FirewallRules] "(71E74FA5-D1FA-4a82-9121-AE2CACB2ED04)" = Profile = Private | c: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Telefone) "(2FE2345B-5C77-485E-9855-FC6024DE75EC)" = Profile = Private | c: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Telefone) "(CC9CFD37-6799-47CF-9AEE-1063F21C5548)" = Profile = Private | c: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Telefone) "(3D44E6E8-68F3-42F0-B97E-1081F1354874)" = UDP: C: \ Arquivos de Programas \ LimeWire \ LimeWire.exe: LimeWire 4.12.15 "(B2393435-26B3-4482-A391-C964F3370D66)" = TCP: C: \ Arquivos de Programas \ LimeWire \ LimeWire.exe: LimeWire 4.12.15 "(1B1039C9-3AEF-4B2E-85CA-DA79FB7CDBD3)" = Disabled: C: \ Arquivos de programas \ Windows Live Messenger \ livecall.exe \: Windows Live Messenger (Telefone) "(F9EC3544-5A35-4D84-A067-E7167563791A)" = Disabled: C: \ Arquivos de programas \ Windows Live Messenger \ livecall.exe \: Windows Live Messenger (Telefone) "(A9CE85F3-M9BA-4875-B169-9DEF59911C8A)" = Disabled: C: \ Arquivos de programas \ Windows Live Messenger \ livecall.exe \: Windows Live Messenger (Telefone) "TCP Query User (0FAAFA32-F5A3-4c35-9afd-A648E4B3016E) c: \ \ Arquivos de Programas \ \ utorrent \ \ utorrent.exe" = UDP: C: \ Arquivos de Programas \ utorrent utorrent.exe \: uTorrent "UDP Query User (CDC85196-C503-4F00-82DC-B95F8D021895) c: \ \ Arquivos de Programas \ \ utorrent \ \ utorrent.exe" = TCP: C: \ Arquivos de Programas \ utorrent utorrent.exe \: uTorrent "TCP Query User (5D761702-BEB7-4B94-B693-1A7EF8E441ED) c: \ \ Arquivos de programas \ \ webtv fácil e rádio \ \ easywebtv.exe" = UDP: C: \ Program Files \ webtv fácil e rádio \ easywebtv.exe : Web TV \ Rádio \ Media "UDP Query User (A7E2F9B1-976E-49b1-960A-8FE671DECB26) c: \ \ Arquivos de programas \ \ webtv fácil e rádio \ \ easywebtv.exe" = TCP: C: \ Program Files \ webtv fácil e rádio \ easywebtv.exe : Web TV \ Rádio \ Media "(978D57EE-8CEF-4E88-B3CC-472590D8A602)" = C: \ Arquivos de programas \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Telefone) "(038AD6DB-57BA-4294-b6be-DC5AC329D87A)" = C: \ Arquivos de programas \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Telefone) "TCP Query User (20F3997A-2406-42BC-9A96-17DBA8717938) c: \ \ Program Files \ \ Soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ Soulseek slsk.exe \: SoulSeek "UDP Query User (EBEDABDC-8DFA-4EA4-83A0-5D79C8A2BE45) c: \ \ Program Files \ \ Soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ Soulseek slsk.exe \: SoulSeek "TCP Query User (A2D20908-089C-441B-B9C8-C8811AFCAB9E) c: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe" = UDP: C: \ Arquivos de programas \ limewire limewire \: LimeWire "UDP Query User (0B6B64F6-D6E9-4D1D-B83A-E6E85E360C05) c: \ \ Arquivos de programas \ \ LimeWire \ \ LimeWire.exe" = TCP: C: \ Arquivos de programas \ limewire limewire \: LimeWire "(2E890455-237D-4ABA-BE37-B5E6E1862834)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Telefone) "(DDAAC8F6-7557-495a-82B3-EBFF9330A2CC)" = C: \ Arquivos de programas \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Telefone) "(5131D757-BC24-44C9-8EA5-E268DFC6DCAC)" = C: \ Arquivos de programas \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Telefone) "TCP Query User (4C52E1A6-D998-41D5-8E99-27F21E3CA7CB) c: \ \ Arquivos de programas \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Arquivos de programas \ Mozilla Firefox \ firefox.exe: Firefox "UDP Query User (80235B6B-2462-4AC3-8A59-7534841DE76B) c: \ \ Arquivos de programas \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Arquivos de programas \ Mozilla Firefox \ firefox.exe: Firefox "TCP Query User (049DD1E6-8191-4983-A59D-240E79B46042) c: \ \ Arquivos de Programas \ \ utorrent \ \ utorrent.exe" = UDP: C: \ Arquivos de Programas \ utorrent utorrent.exe \: uTorrent "UDP Query User (9A00A32D-A675-4425-8F5E-1528AAB521FB) c: \ \ Arquivos de Programas \ \ utorrent \ \ utorrent.exe" = TCP: C: \ Arquivos de Programas \ utorrent utorrent.exe \: uTorrent "TCP Query User (348698D9-5A1D-4e1c-AC00-DBDC43BE0ACF) c: \ \ Program Files \ \ Soulseek \ \ slsk.exe" = UDP: C: \ Program Files \ Soulseek \ slsk.exe: SoulSeek "UDP Query User (60AFF659-3A7C-488C-9CCA-0A8589DD32FA) c: \ \ Program Files \ \ Soulseek \ \ slsk.exe" = TCP: C: \ Program Files \ Soulseek slsk.exe \: SoulSeek "TCP Query User (3EF98A58-7B3C-42b1-8A5A-CF7DEF59C2A7) c: \ \ Arquivos de programas \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ SopCast sopcast.exe \: SopCast Main Application "UDP Query User (D8A0735D-6D19-4482-a90a-35A9D023DEBE) c: \ \ Arquivos de programas \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ SopCast sopcast.exe \: SopCast Main Application "TCP Query User (7B392C25-D64F-4897-B5CC-5C9B83106BB0) c: \ \ Arquivos de programas \ \ Mozilla Firefox \ \ firefox.exe" = UDP: C: \ Arquivos de programas \ Mozilla Firefox \ firefox.exe: Firefox "UDP Query User (9990806D-9198-4760-93E7-C65D44E1FE8A) c: \ \ Arquivos de programas \ \ Mozilla Firefox \ \ firefox.exe" = TCP: C: \ Arquivos de programas \ Mozilla Firefox \ firefox.exe: Firefox "TCP Query User (9998DAB7-D775-4620-A491-D752230551A3) c: \ \ Arquivos de programas \ internet explorer \ \ iexplore.exe" = UDP: C: \ Arquivos de programas \ internet explorer \ iexplore.exe: Internet Explorer "UDP Query User (B9293167-A4DC-43ED-893B-B5B1B89F9988) c: \ \ Arquivos de programas \ internet explorer \ \ iexplore.exe" = TCP: C: \ Arquivos de programas \ internet explorer \ iexplore.exe: Internet Explorer "TCP Query User (B04F6C2B-953A-469D-AFD8-4F3AE27A4941) c: \ \ Users \ \ Chloe \ \ appdata \ roaming \ \ s opCast \ \ adv \ \ sopadver.exe" = UDP: C: \ Users \ Chloe \ AppData \ Roaming \ sopcast \ adv \ adver.exe sop: sopadver.exe "UDP Query User (914B6A2A-9A2A-43a8-B4EA-BB1EEDC476B5) c: \ \ Users \ \ Chloe \ \ appdata \ roaming \ \ s opCast \ \ adv \ \ sopadver.exe" = TCP: C: \ Users \ Chloe \ AppData \ Roaming \ sopcast \ adv \ adver.exe sop: sopadver.exe "TCP Query User (69F8C35B-6614-4033-B40E-59012B10975A) c: \ \ Arquivos de programas \ \ DreaMule \ \ BitComet.exe" = UDP: C: \ Arquivos de Programas \ BearFlix BitComet.exe \: BearFlix "UDP Query User (89ABF64F-F79E-456D-9136-82A8675A3E17) c: \ \ Arquivos de programas \ \ DreaMule \ \ BitComet.exe" = TCP: C: \ Arquivos de Programas \ BearFlix BitComet.exe \: BearFlix "(8D76BC83-ABC9-406B-8945-366EA3B7074B)" = UDP: C: \ Arquivos de Programas \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client "(9FC79C86-3E66-4A61-aa2A-FAB0C61E0453)" = TCP: C: \ Arquivos de Programas \ SmartFTP Client \ SmartFTP.exe: SmartFTP Client "TCP Query User (9FF9F89E-5323-45DB-89F0-BA37B84180EE) c: \ \ Program Files \ \ tvants \ \ tvants.exe" = UDP: C: \ Program Files \ tvants \ tvants.exe: TVAnts "UDP Query User (C10505B7-BDD4-49BB-93E6-E73B8E6C4E33) c: \ \ Program Files \ \ tvants \ \ tvants.exe" = TCP: C: \ Program Files \ tvants \ tvants.exe: TVAnts "TCP Query User (A9E241F3-D69C-4E67-938B-33C91AB576A1) c: \ \ Arquivos de programas \ \ TVUPlayer \ \ tvuplayer.exe" = UDP: C: \ Arquivos de programas \ TVUPlayer tvuplayer.exe \: TVU Player Componente "UDP Query User (D3542B64-2CF9-4C20-B6CB-1D9096FF27EB) c: \ \ Arquivos de programas \ \ TVUPlayer \ \ tvuplayer.exe" = TCP: C: \ Arquivos de programas \ TVUPlayer tvuplayer.exe \: TVU Player Componente "(F8B68D6E-3A24-4B31-8261-FB3CA92B5740)" = C: \ Arquivos de programas \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Telefone) "TCP Query User (4E95BA55-EDF5-491D-9059-F11FF353A128) c: \ \ Users \ \ Chloe \ \ appdata \ roaming \ \ s opCast \ \ adv \ \ sopadver.exe" = UDP: C: \ Users \ Chloe \ AppData \ Roaming \ sopcast \ adv \ adver.exe sop: sopadver.exe "UDP Query User (55C79E39-F1AC-45C7-8f99-995A835F089A) c: \ \ Users \ \ Chloe \ \ appdata \ roaming \ \ s opCast \ \ adv \ \ sopadver.exe" = TCP: C: \ Users \ Chloe \ AppData \ Roaming \ sopcast \ adv \ adver.exe sop: sopadver.exe "TCP Query User (A3EF2380-6740-4FD5-913E-D67F54A54B11) c: \ \ Arquivos de programas \ \ sopcast \ \ sopcast.exe" = UDP: C: \ Program Files \ SopCast sopcast.exe \: SopCast Main Application "UDP Query User (E9C164FD-CB41-4d08-9dBA-BDDB929D1C86) c: \ \ Arquivos de programas \ \ sopcast \ \ sopcast.exe" = TCP: C: \ Program Files \ SopCast sopcast.exe \: SopCast Main Application "TCP Query User (C1148110-2D5B-4810-8651-98FBFD3A6751) c: \ \ Arquivos de programas \ internet explorer \ \ iexplore.exe" = UDP: C: \ Arquivos de programas \ internet explorer \ iexplore.exe: Internet Explorer "UDP Query User (F15683E5-A578-47EE-BEB1-4541978254F4) c: \ \ Arquivos de programas \ internet explorer \ \ iexplore.exe" = TCP: C: \ Arquivos de programas \ internet explorer \ iexplore.exe: Internet Explorer "TCP Query User (CCA39E89-B85B-41BA-9A33-CA6DB37579E4) D: \ \ Arquivos de programas \ \ clue.exe" = UDP: D: \ Arquivos de programas clue.exe \: Clue "UDP Query User (39F3C83F-DCF0-43B4-B149-19F3630B3078) D: \ \ Arquivos de programas \ \ clue.exe" = TCP: D: \ Arquivos de programas clue.exe \: Clue "(01834D55-82B5-480D-beff-52EDB82BB8B5)" = C: \ Program Files \ Windows Live \ Messenger \ livecall.exe: Windows Live Messenger (Telefone) "(90ECB35B-6897-4166-A35A-04BC39978BA9)" = C: \ Arquivos de Programas \ AVG \ AVG8 \ avgemc.exe: avgemc.exe "(504F647E-1476-4948-AA42-DC1DF85CA9A8)" = C: \ Program Files \ AVG \ AVG8 \ avgupd.exe: avgupd.exe "(CC411EBB-9ACA-4217-9994-ABB961E83B3C)" = UDP: C: \ Program Files \ uTorrent uTorrent.exe \: μTorrent (TCP-In) "(031AA3B5-F93B-4E4B-9ED7-66C6B9FFF3E8)" = TCP: C: \ Program Files \ uTorrent uTorrent.exe \: μTorrent (UDP-In) "(1D54F818-ABAC-418F-8F39-17EA7664FABE)" = UDP: C: \ Program Files \ Bonjour \ mDNSResponder.exe: Bonjour "(3C9FFAF4-40EA-450F-A906-D34D3E2EFA72)" = TCP: C: \ Program Files \ Bonjour mDNSResponder.exe \: Bonjour "(6AC9F5D1-C3AC-4878-8740-8A3E10F857E2)" = UDP: C: \ Arquivos de programas \ iTunes \ iTunes.exe: iTunes "(77045B5E-EC2E-4749-ac23-32130CD39567)" = TCP: C: \ Arquivos de programas \ iTunes \ iTunes.exe: iTunes "(00BE12C0-42CB-4B64-AA07-80A45C05B97C)" = Disabled: UDP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008 "(0A529C81-B8E4-4809-A54B-B5141A997A78)" = Disabled: TCP: C: \ Program Files \ Sports Interactive \ Football Manager 2008 \ fm.exe: Football Manager 2008 [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ PublicProfile] "EnableFirewall" = 0 (0x0) [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ StandardProfile] "EnableFirewall" = 0 (0x0) R1 AvgLdx86; AVG Free AVI Loader Driver x86; c: \ windows \ system32 \ drivers \ avgldx86.sys [2008-12-24 325128] R1 AvgTdiX; AVG8 Network Redirector; c: \ windows \ system32 \ drivers \ aswSP.sys [2009-03-11 107272] R1 ItSDisk; ItSDisk; c: \ windows \ system32 \ drivers \ itsdis k.sys [2006-05-16 23496] R1 PersonalSecureDrive; PersonalSecureDrive; c: \ windows \ system32 \ drivers \ psd.sys [2007-01-23 39080] R2 ASBroker; Logon Session Broker; c: \ windows \ system32 \ svchost.exe-k Cognizance [2008-08-07 21504] R2 ASChannel; Local Canal de Comunicação; c: \ windows \ system32 \ svchost.exe-k Cognizance [2008-08-07 21504] R2 avg8emc; AVG Free8 E-mail Scanner; c: \ progra ~ 1 \ AVG \ AVG8 \ avgemc.exe [2009-03-11 903960] R2 avg8wd; AVG Free8 WatchDog; c: \ progra ~ 1 \ AVG \ AVG8 \ avgwdsvc.exe [2009-03-11 298264] R2 HDDlife HDD Access service; HDDlife HDD Access service; C: \ Program Files \ BinarySense \ HDDlife 3 \ hldasvc.exe [2007-08-09 816376] R2 SBSDWSCService; SBSD Security Center Service; C: \ Arquivos de Programas \ Spybot - Search & Destroy \ SDWinSec.exe [2007-07-15 1153368] R2 StkSSrv; Syntek AVStream USB2.0 WebCam Service; c: \ windows \ system32 \ StkCSrv.exe [2007-02-07 24576] R3 AtcL001; NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; c: \ windows \ system32 \ drivers \ atl01v32.sy s [2007-03-15 48128] R3 StkCMini; Syntek AVStream USB2.0 1.3M WebCam; c: \ windows \ system32 \ drivers \ StkCMini.sys [2007-02-13 1245056] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Svchost] bthsvcs REG_MULTI_SZ BthServ Cognizance REG_MULTI_SZ ASBroker ASChannel [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntversion \ explorer \ mountpoints2 \ H] \ shell \ AutoRun \ command - H: \ LaunchU3.exe [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ explorer \ mountpoints2 \ (1a4a90a1-32d4-11dc-aa3d-001bfc03310e)] \ shell \ AutoRun \ command - H: \ LaunchU3.exe . Conteúdo da 'Tarefas agendadas' pasta 2009/01/11 c: \ windows \ Tasks \ Defrag Job # 00.job - C: \ Program Files \ DiskTrix \ UltimateDefrag \ UDefrag.exe [] 2009/03/26 c: \ windows \ Tasks \ GoogleUpdateTaskUserS-1-5-21-3600620296-2450975610-132854369-1000.job - C: \ Users \ Chloe \ AppData \ Local \ Google \ Update \ GoogleU pdate.exe [2009-03-17 22:06] 2009/03/30 c: \ windows \ Tasks \ User_Feed_Synchronization-(5963E371-2796-42F4-9a54-042DA9F406BC). Emprego - C: \ windows \ system32 \ msfeedssync.exe [2008-01-19 08:33] . . Scan Suplementar ------- ------- . uStart Page = hxxp: / / www.google.co.uk/ uInternet Settings, ProxyOverride = *. local IE: E & xportar para o Microsoft Excel - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office10 \ EXCEL.EXE/3000 FF - ProfilePath - C: \ Users \ Chloe \ AppData \ Roaming \ Mozilla \ Firefox \ Arquivos de Pro \ ppnzryw9.default \ FF - prefs.js: browser.search.defaulturl - hxxp: / / search.conduit.com / ResultsExt.aspx? Ctid = CT1178131 & SearchSource = 3 & q = FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp: / / www.google.co.uk/ FF - componente: C: \ Program Files \ AVG \ AVG8 \ Firefox \ componentes \ avgssff.dll FF - componente: C: \ Program Files \ AVG \ AVG8 \ ToolbarFF \ componentes \ vmAVGConnector. Dll FF - componente: C: \ Program Files \ Real \ RealPlayer \ browserrecord \ componentes \ npr pbrowserrecordplugin.dll Componente FF -: C: \ Users \ Chloe \ AppData \ Roaming \ Mozilla \ Firefox \ Arquivos de Pro \ ppnzryw9.default \ extensions \ (463F6CA5-EE3C-4BE1-B7E6-7FEE11953374) \ plataforma \ WINDOWS \ components \ FoxyTunes. dll FF - plugin: C: \ Program Files \ Mozilla Firefox \ plugins \ np-mswmp.dll Plugin FF -: C: \ Users \ Chloe \ AppData \ Local \ Google \ Update \ 1.2.141 .5 \ npGoogleOneClick7.dll Plugin FF -: D: \ Arquivos de programas \ Reader browser \ \ nppdf32.dll FIREFOX POLÍTICAS ---- ---- FF - user.js: general.useragent.extra.zencast - Creative ZENcast v1.02.08); user_pref (general.useragent.extra.zencast, Creative ZENcast v2.00.07. ************************************************** ************************ CatchMe 0.3.1375 W2K/XP/Vista - rootkit / stealth malware detector por Gmer, http://www.gmer.net Rootkit scan 2009-03-31 17:16:10 Windows 6.0.6001 Service Pack 1 NTFS digitalizar processos escondidos ... "10ûÿét0ûÿ3ö9sHu [1166747253] 0x75636F44 "10ûÿét0ûÿ3ö9sHu [1166747253] 0x6F6D6D6F escaneamento automático entradas escondidas ... digitalizar os arquivos ocultos ... varredura foi concluída com êxito ficheiros ocultos: 0 ************************************************** ************************ . --------------------- DLLs Loaded Sob Running Processes --------------------- - - - - - - -> 'Lsass.exe' (704) c: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ bin \ ASWLNPkg.dll c: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ bin \ ItMsg.dll - - - - - - -> 'Explorer.exe' (3304) c: \ Program Files \ RocketDock \ RocketDock.dll c: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ SFSShell.dll c: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ ItMsg.dll . ------------------------ Other Running Processes ----------------------- -- . c: \ windows \ system32 \ audiodg.exe c: \ windows \ system32 \ ZoneLabs \ vsmon.exe c: \ windows \ system32 \ wlanext.exe C: \ Program Files \ ATK Hotkey \ ASLDRSrv.exe C: \ Program Files \ ATKGFNEX \ GFNEXSrv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe c: \ progra ~ 1 \ AVG \ AVG8 \ avgrsx.exe c: \ progra ~ 1 \ AVG \ AVG8 \ avgnsx.exe C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ IAANTmon.exe c: \ windows \ system32 \ IFXTCS.exe C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe c: \ windows \ system32 \ IfxPsdSv.exe c: \ windows \ system32 \ PSIService.exe C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe c: \ Program Files \ ASUS \ NB Probe \ SPM \ spmgr.exe C: \ Program Files \ AVG \ AVG8 \ avgcsrvx.exe c: \ Program Files \ ASUS Security Center \ ASUS Security Protect Manager \ Bin \ asghost.exe C: \ Program Files \ ATK Hotkey \ HControl.exe C: \ Program Files \ ATKOSD2 \ ATKOSD2.exe C: \ Program Files \ Wireless Console 2 \ wcourier.exe C: \ Program Files \ ASUS \ Splendid \ ACMON.exe C: \ Program Files \ P4G \ BatteryLife.exe c: \ windows \ system32 \ ACEngSvr.exe C: \ Program Files \ ATK Hotkey \ ATKOSD.exe c: \ windows \ system32 \ IfxUAGUI.exe c: \ Program Files \ Infineon \ Security Platform Software \ PSDrt.exe c: \ Program Files \ Infineon \ Security Platform Software \ SpTNA.exe c: \ windows \ system32 \ wbem \ WMIADAP.exe c: \ windows \ system32 \ Dllhost.exe . ************************************************** ************************ . Tempo para conclusão: 2009-03-31 17:23:29 - Máquina reiniciou ComboFix-quarantined-files.txt 2009-03-31 16:23:16 ComboFix2.txt 2009-03-30 21:16:26 Pre-Run: 39213060096 bytes free Post-Run: 38632595456 bytes free Atual = 1 Default = 1 falha = 0 LastKnownGood = 41 = Define 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18, 19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35, 36,37,38,39,40,41 396 --- EOF --- 2009-03-29 15:30:34
__________________ Euro Championships ponta = Espanha & Torres <- Porra eu devia ter colocado uma aposta sobre eles Make Poverty History Justiça para as 96 <- Por favor, dê uma olhada |
|
#10
31 de março de 2009, 09:48
| |||
| |||
| Quanto à remoção Norton eu nunca instalou o Norton aqui assim porque é o Symantec listadas?
__________________ Euro Championships ponta = Espanha & Torres <- Porra eu devia ter colocado uma aposta sobre eles Make Poverty History Justiça para as 96 <- Por favor, dê uma olhada |
