menor de capital

Magazine
Go Back   Computador Juice > Computer Software > Vírus, spyware e Segurança
Reload this Page

Minha Internet velocidade é bom no meu laptop, mas o seu real lento no meu PC desktop.

Registar Site Spy Member List Doação Pesquisa Today's Posts Mark Forums Read Fórum Regimento

Register


 Default 

Minha Internet velocidade é bom no meu laptop, mas o seu real lento no meu PC desktop.




Reply
 
Thread Tools
  #1  
Old 30 de dezembro de 2008, 15:11
Membro Grupo
  
meu irmão é desligado para ligado ao computador portátil. depois, quando ele é ligado ao original pc ..... meu computador, a velocidade é realmente começando a chupar ....... eu não sei. o download que geralmente aconteceu em aroun 14 kb agora acontece em max.4kb. como, por exemplo, Facebook abre fino que antes, já pouco se desligou há muito tempo em abrir alguma coisa.

Estou destacamento hijack log só no meu caso. Por favor, ajudem.


veja a minha velocidade teste tenho 128 velocidade ........ não sei se na sua mega ou quilo ....... mas penso que muito provavelmente a sua última.
http://www.speedtest.net/result/381473298.png

Logfile da Trend Micro HijackThis v2.0.2
Scan guardado em 2:58:15, em 12/31/2008
Plataforma: Windows XP SP2 (WinNT 5/01/2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Executando processos:
D: \ WINDOWS \ System32 \ smss.exe
D: \ WINDOWS \ system32 \ Csrss.exe
D: \ WINDOWS \ system32 \ winlogon.exe
D: \ WINDOWS \ system32 \ Services.exe
D: \ WINDOWS \ system32 \ lsass.exe
D: \ WINDOWS \ system32 \ svchost.exe
D: \ WINDOWS \ system32 \ svchost.exe
D: \ WINDOWS \ System32 \ svchost.exe
D: \ WINDOWS \ system32 \ svchost.exe
D: \ WINDOWS \ system32 \ svchost.exe
D: \ WINDOWS \ system32 \ spoolsv.exe
D: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ Mdm.exe
D: \ WINDOWS \ system32 \ slserv.exe
D: \ WINDOWS \ system32 \ Wdfmgr.exe
D: \ WINDOWS \ system32 \ wscntfy.exe
D: \ WINDOWS \ system32 \ taskmgr.exe
D: \ Program Files \ Ares \ Ares.exe
D: \ WINDOWS \ explorer.exe
E: \ TODAS AS Softwares \ HiJackThis.exe
D: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = about: em branco
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
F2 - REG: system.ini: Shell = explorer.exe
O2 - BHO: DAPHelper Class - (0000CC75-ACF3-4cac-A0A9-DD3868E06852) - D: \ Program Files \ DAP \ DAPBHO.dll
O2 - BHO: IDM Helper - (0055C089-8582-441B-A0BF-17B458C2A3A8) - D: \ Arquivos de Programas \ Internet Download Manager \ IDMIECC.dll
O2 - BHO: AskBar BHO - (201f27d4-3704-41d6-89c1-aa35e39143ed) - D: \ Program Files \ AskBarDis \ bar \ bin \ askBar.dll
O2 - BHO: Skype add-on (regente) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no arquivo)
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - d: \ Arquivos de programas \ google \ googletoolbar2.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - d: \ Arquivos de programas \ google \ googletoolbar2.dll
O3 - Toolbar: (no name) - (DE9C389F-3316-41A7-809B-AA305ED9D922) - (no arquivo)
O3 - Toolbar: Ask Toolbar - (3041d03e-fd4b-44e0-b742-2d9b88305f98) - D: \ Program Files \ AskBarDis \ bar \ bin \ askBar.dll
O4 - HKLM \ .. \ Run: [QuickTime Task] "D: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [googletalk] D: \ Arquivos de Programas \ Google \ Google Talk \ googletalk.exe / Autostart
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [ctfmon.exe] D: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "D: \ Program Files \ DNA \ btdna.exe"
O8 - Extra context menu item: & Baixar com & DAP - D: \ PROGRA ~ 1 \ DAP \ dapextie.htm
O8 - Extra context menu item: Download & all with DAP - D: \ PROGRA ~ 1 \ DAP \ dapextie2.htm
O8 - Extra context menu item: Baixar todos os links com IDM - D: \ Arquivos de Programas \ Internet Download Manager \ IEGetAll.htm
O8 - Extra context menu item: Download FLV vídeo com conteúdo IDM - D: \ Arquivos de Programas \ Internet Download Manager \ IEGetVL.htm
O8 - Extra context menu item: Download com IDM - D: \ Arquivos de Programas \ Internet Download Manager \ IEExt.htm
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / D: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O9 - Extra button: (no name) - (85d1f590-48F4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - (85d1f590-48F4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - D: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) (OnlineScanner Controle) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (5D86DDB5-BDF9-441B-9E9E-D4730F4EE499) (BDSCANONLINE Control) -- http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1222679603245
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - D: \ PROGRA ~ 1 \ common ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - Winlogon Notify:! SASWinLogon - D: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D: \ Program Files \ Ares \ chatServer.exe
O23 - Service: Distributed - Unknown owner - D: \ Program Files \ Common Files \ Microsoft Shared \ Msinfo \ ServerNet.exe (arquivo ausente)
O23 - Service: Google Updater Service (gusvc) - Google - D: \ Arquivos de Programas \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - D: \ Program Files \ PC Tools AntiVirus \ PCTAVSvc.exe
O23 - Service: ServiceLayer - Nokia. - D: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - D: \ WINDOWS \ SYSTEM32 \ slserv.exe

--
Fim do arquivo - 6000 bytes
  #2  
Old 30 de dezembro de 2008, 16:32
Moderador Grupo
  
Baixar Malwarebytes' Anti-Malware (MBAM)
  • Dê um clique duplo mbam-setup.exe e siga as instruções para instalar o programa.
  • Ao final, certifique-se de uma marca de verificação é colocada ao lado da seguinte forma:
    • Actualizar Malwarebytes' Anti-Malware
    • Lançamento Malwarebytes' Anti-Malware
  • Em seguida, clique em Concluir.
  • Se uma atualização for encontrada, ela vai baixar e instalar a versão mais recente.
  • Uma vez carregado o programa, selecione Execute verificação rápidaE, em seguida, clique em Scan.
  • Quando a pesquisa estiver concluída, clique em OKE, em seguida, Mostrar resultados para ver os resultados.
  • Tenha certeza de que tudo está marcada, e clique em Remover Selecionados.
  • Desinfecção Quando estiver concluída, será aberto um log no Bloco de Notas e você pode ser solicitado a reiniciar. (Veja Nota Extra)
  • O log é automaticamente salvo pelo MBAM e pode ser visualizada clicando no separador no MBAM Logs.
  • Copie e cole todo o relatório em sua próxima resposta.

Nota adicional: Se MBAM encontrar um arquivo que é difícil de remover, você será presenteado com 1 de 2 solicitações, clique em OK para deixar MBAM e quer avançar com o processo de desinfecção, se solicitado para reiniciar o computador, faça-o imediatamente.

----------

Baixar aleatório do sistema de informação ferramenta (RSIT) por acaso / aleatório e de guardá-lo para o seu desktop.
  • Dê um clique duplo sobre RSIT.exe para ser executado.
  • Clique Continuar a renúncia tela.
  • Assim que tiver terminado, dois logs serão abertos.
  • log.txt <será maximizada e info.txt <será minimizado
  • Por favor, postar o conteúdo de ambos toras na próxima resposta.
__________________
  #3  
Old 1 de janeiro de 2009, 11:09
Membro Grupo
  
Logfile aleatório do sistema de informação ferramenta 1,05 (escrito por acaso / aleatório)
Corre por Burhan em 2009/01/01 23:01:39
Microsoft Windows XP Professional Service Pack 2
Sistema de unidade D: possui 1 GB (16%), isenta de 10 GB
Total RAM: 126 MB (17% livre)

Logfile da Trend Micro HijackThis v2.0.2
Scan guardado em 11:01:43, em 1/1/2009
Plataforma: Windows XP SP2 (WinNT 5/01/2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Executando processos:
D: \ WINDOWS \ System32 \ smss.exe
D: \ WINDOWS \ system32 \ Csrss.exe
D: \ WINDOWS \ system32 \ winlogon.exe
D: \ WINDOWS \ system32 \ Services.exe
D: \ WINDOWS \ system32 \ lsass.exe
D: \ WINDOWS \ system32 \ svchost.exe
D: \ WINDOWS \ system32 \ svchost.exe
D: \ WINDOWS \ System32 \ svchost.exe
D: \ WINDOWS \ system32 \ svchost.exe
D: \ WINDOWS \ system32 \ svchost.exe
D: \ WINDOWS \ system32 \ spoolsv.exe
D: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ Mdm.exe
D: \ WINDOWS \ system32 \ ctfmon.exe
D: \ WINDOWS \ system32 \ Wdfmgr.exe
D: \ WINDOWS \ System32 \ alg.exe
D: \ WINDOWS \ system32 \ wscntfy.exe
D: \ WINDOWS \ system32 \ taskmgr.exe
D: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe
D: \ WINDOWS \ explorer.exe
D: \ Documents and Settings \ Burhan \ Desktop \ RSIT.exe
E: \ TODAS AS Softwares \ Burhan.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = about: em branco
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
F2 - REG: system.ini: Shell = explorer.exe
O2 - BHO: DAPHelper Class - (0000CC75-ACF3-4cac-A0A9-DD3868E06852) - D: \ Program Files \ DAP \ DAPBHO.dll
O2 - BHO: Skype add-on (regente) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no arquivo)
O3 - Toolbar: (no name) - (DE9C389F-3316-41A7-809B-AA305ED9D922) - (no arquivo)
O4 - HKLM \ .. \ Run: [QuickTime Task] "D: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [googletalk] D: \ Arquivos de Programas \ Google \ Google Talk \ googletalk.exe / Autostart
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [ctfmon.exe] D: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "D: \ Program Files \ DNA \ btdna.exe"
O8 - Extra context menu item: & Baixar com & DAP - D: \ PROGRA ~ 1 \ DAP \ dapextie.htm
O8 - Extra context menu item: Download & all with DAP - D: \ PROGRA ~ 1 \ DAP \ dapextie2.htm
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / D: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O9 - Extra button: (no name) - (85d1f590-48F4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - (85d1f590-48F4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - D: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (5D86DDB5-BDF9-441B-9E9E-D4730F4EE499) (BDSCANONLINE Control) -- http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1222679603245
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - D: \ PROGRA ~ 1 \ common ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - Winlogon Notify:! SASWinLogon - D: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D: \ Program Files \ Ares \ chatServer.exe
O23 - Service: Distributed - Unknown owner - D: \ Program Files \ Common Files \ Microsoft Shared \ Msinfo \ ServerNet.exe (arquivo ausente)
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - D: \ Program Files \ PC Tools AntiVirus \ PCTAVSvc.exe
O23 - Service: ServiceLayer - Nokia. - D: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - D: \ WINDOWS \ SYSTEM32 \ slserv.exe

--
Fim do processo - 4970 bytes

====== Registry dump ======

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (0000CC75-ACF3-4cac-A0A9-DD3868E06852)]
DAPHelper Classe - D: \ Program Files \ DAP \ DAPBHO.dll [2007-11-27 98304]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (22BF413B-C6D2-4d91-82A9-A0F997BA588C)]
Skype add-on (regente) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll [2008-05-30 1410344]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
SSVHelper Class - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (7E853D72-626A-48EC-A868-BA8D5E23E045)]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar]
(DE9C389F-3316-41A7-809B-AA305ED9D922)

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"QuickTime Task" = D: \ Program Files \ QuickTime \ qttask.exe [2006-09-01 282624]
"googletalk" = D: \ Arquivos de Programas \ Google \ Google Talk \ googletalk.exe [2007/01/02 3739648]
"SunJavaUpdateSched" = D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [2008/06/10 144784]

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntVersion \ Run]
"ctfmon.exe" = D: \ WINDOWS \ system32 \ ctfmon.exe [2004-08-03 15360]
"BitTorrent DNA" = D: \ Program Files \ DNA \ btdna.exe [2008/12/30 342848]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ ctfmon.exe]
D: \ WINDOWS \ system32 \ ctfmon.exe [2004-08-03 15360]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ PCSuiteTrayApplication]
[]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ PCTAVApp]
D: \ Program Files \ PC Tools AntiVirus \ PCTAV.exe [2008-09-25 1370000]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \! SASWinLogon]
D: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll [2008/07/23 352256]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks]
"(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = D: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ safeboot \ Minimal \ SBCSSvc]

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ safeboot \ network \ PCTAVSvc]

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ safeboot \ network \ SBCSSvc]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntVersion \ Policies \ Explorer]
"NoDrives" = 0
"NoDriveAutoRun" = FFFFFFFF
"NoDriveTypeAutoRun" = 36

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" =
"NoDrives" =
"NoDriveAutoRun" =

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ serviços es \ SharedAccess \ Parameters \ firewallpolicy \ standard profile \ authorizedapplications \ list]
"% windir% \ system32 \ Sessmgr.exe" = "% windir% \ system32 \ Sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"D: \ Program Files \ Ares \ Ares.exe" = "D: \ Program Files \ Ares \ Ares.exe: *: Enabled: Ares p2p for windows"
"D: \ Program Files \ NetMeeting \ conf.exe" = "D: \ Program Files \ NetMeeting \ conf.exe: *: Enabled: Windows ® NetMeeting ®"
"D: \ Program Files \ Opera \ Opera.exe" = "D: \ Program Files \ Opera \ Opera.exe: *: Enabled: Opera Internet Browser"
"D: \ Arquivos de Programas \ Google \ Google Talk \ googletalk.exe" = "D: \ Arquivos de Programas \ Google \ Google Talk \ googletalk.exe: *: Enabled: Google Talk"
"D: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe" = "D: \ Pro grama Files \ Yahoo! \ Messenger \ YahooMessenger.exe: *: Enable d: Yahoo! Messenger"
"D: \ Program Files \ Yahoo! \ Messenger \ YServer.exe" = "D: \ Program Files \ Yahoo! \ Messenger \ YServer.exe: *: Enabled: Yahoo! FT Server"
"D: \ Program Files \ AIM6 \ aim6.exe" = "D: \ Program Files \ AIM6 \ aim6.exe: *: Enabled: AIM"
"D: \ Program Files \ Skype \ Phone \ Skype.exe" = "D: \ Program Files \ Skype \ Phone \ Skype.exe: *: Enabled: Skype"
"D: \ Arquivos de Programas \ Trillian \ trillian.exe" = "D: \ Arquivos de Programas \ Trillian \ trillian.exe: *: Enabled: Trilliam"
"D: \ Program Files \ Miranda IM \ miranda32.exe" = "D: \ Program Files \ Miranda IM \ miranda32.exe: *: Enabled: Miranda IM"
"D: \ Program Files \ LimeWire \ LimeWire.exe" = "D: \ Program Files \ LimeWire \ LimeWire.exe: *: Enabled: LimeWire"
"D: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "D: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"D: \ Program Files \ MSN Messenger \ livecall.exe" = "D: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Telefone)"
"D: \ Program Files \ DNA \ btdna.exe" = "D: \ Program Files \ DNA \ btdna.exe: *: Enabled: DNA"
"D: \ Program Files \ BitTorrent \ bittorrent.exe" = "D: \ Program Files \ BitTorrent \ bittorrent.exe: *: Enabled: BitTorre nt"

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ serviços es \ SharedAccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list]
"% windir% \ system32 \ Sessmgr.exe" = "% windir% \ system32 \ Sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22019"
"D: \ Program Files \ MSN Messenger \ msncall.exe" = "D: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Telefone)"
"D: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "D: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"D: \ Program Files \ MSN Messenger \ livecall.exe" = "D: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Telefone)"

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ actuais ntversion \ explorer \ mountpoints2 \ (dafa2220-8123-11dd-aa9c-00065b298742)]
shell \ AutoRun \ command - G: \ CONFIG \ S-1-5-21-1482476501-1644491937-682003330-1013 \ Cfg.exe
shell \ open \ command - G: \ CONFIG \ S-1-5-21-1482476501-1644491937-682003330-1013 \ Cfg.exe


====== Lista dos arquivos / pastas criadas no passado 1 mês ======

2009/01/01 20:51:34 ---- SHD ---- D: \ FOUND.174
2008-12-31 19:12:10 ---- SHD ---- D: \ FOUND.173
2008-12-30 23:08:48 ---- SHD ---- D: \ FOUND.172
2008-12-30 18:53:42 ---- SHD ---- D: \ FOUND.171
2008-12-30 16:16:01 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ BitTorrent
2008-12-30 16:15:44 ---- D ---- D: \ Program Files \ DNA
2008-12-30 16:15:44 ---- D ---- D: \ Program Files \ BitTorrent
2008-12-30 16:15:44 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ DNA
2008-12-30 14:46:46 ---- SHD ---- D: \ FOUND.170
2008-12-29 23:24:22 ---- SHD ---- D: \ FOUND.169
2008-12-29 15:06:17 ---- D ---- D: \ Documents and Settings \ Burhan \ Dados de aplicativos \ IDM
2008-12-29 13:39:04 ---- SHD ---- D: \ FOUND.168
2008-12-28 05:25:52 ---- D ---- D: \ Arquivos de Programas \ IrfanView
2008-12-26 22:39:46 ---- SHD ---- D: \ FOUND.167
2008-12-26 15:36:18 ---- SHD ---- D: \ FOUND.166
2008-12-26 12:37:24 ---- SHD ---- D: \ FOUND.165
2008-12-25 21:19:38 ---- SHD ---- D: \ FOUND.164
2008-12-20 14:47:41 ---- D ---- D: \ Program Files \ HyCam2
2008-12-20 12:02:48 ---- D ---- D: \ Arquivos de Programas \ Frets on Fire
2008-12-20 09:54:02 ---- SHD ---- D: \ FOUND.163
2008-12-17 11:38:48 ---- SHD ---- D: \ FOUND.162
2008-12-15 23:31:13 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ LimeWire
2008-12-15 23:03:16 ---- SHD ---- D: \ FOUND.161
2008-12-15 16:52:14 ---- SHD ---- D: \ FOUND.160
2008-12-13 13:47:12 ---- SHD ---- D: \ FOUND.159
2008-12-10 21:05:58 ---- SHD ---- D: \ FOUND.158
2008-12-09 23:27:12 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ J River
2008-12-09 13:10:10 ---- D ---- D: \ Program Files \ Common Files \ NSV
2008-12-06 05:52:44 ---- SHD ---- D: \ FOUND.157
2008/12/06 01:43:41 N ---- ---- D: \ WINDOWS \ system32 \ vxblock.dll
2008/12/06 01:43:41 N ---- ---- D: \ WINDOWS \ system32 \ pxwave.dll
2008/12/06 01:43:41 N ---- ---- D: \ WINDOWS \ system32 \ pxmas.dll
2008/12/06 01:43:41 N ---- ---- D: \ WINDOWS \ system32 \ pxhpinst.exe
2008/12/06 01:43:41 N ---- ---- D: \ WINDOWS \ system32 \ pxdrv.dll
2008/12/06 01:43:40 N ---- ---- D: \ WINDOWS \ system32 \ px.dll
2008-12-06 01:43:14 ---- D ---- D: \ Arquivos de Programas \ Winamp
2008-12-06 01:43:14 ---- A ---- D: \ WINDOWS \ winamp.ini
2008-12-05 14:40:22 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ Netscape
2008-12-05 14:39:56 ---- D ---- D: \ Arquivos de Programas \ Netscape
2008/12/04 17:34:26 ---- SHD ---- D: \ FOUND.156
2008-12-04 08:55:46 ---- SHD ---- D: \ FOUND.155
2008-12-02 22:24:47 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ InstallShield

====== Lista dos arquivos / pastas modificadas nos últimos 1 mês ======

2008-12-31 05:00:54 ---- N ---- D: \ WINDOWS \ SchedLgU.Txt
2008-12-24 22:49:44 ---- A ---- D: \ WINDOWS \ ModemLog_Smart Link 56K Voice Modem.txt

====== Lista dos maquinistas (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======

R1 P3; Intel PentiumIII Processor Driver; D: \ WINDOWS \ system32 \ DRIVERS \ P3.sys [2004-08-03 42496]
R1 SASDIFSV; SASDIFSV; \? \ D: \ Program Files \ SUPERAntiSpyware \ SASDIFSV.SYS []
R1 SASKUTIL; SASKUTIL; \? \ D: \ Program Files \ SUPERAntiSpyware \ SASKUTIL.sys []
R1 WS2IFSL; Windows Socket 2,0 Não-IFS Support Service Provider Ambiente; D: \ WINDOWS \ system32 \ drivers \ ws2ifsl.sys [2001-08-23 12032]
R2 AVFilter; AVFilter, D: \ WINDOWS \ system32 \ drivers \ AVFilter.sys [2008-02-12 21904]
R2 dmsmbios; dmsmbios; \? \ D: \ WINDOWS \ system32 \ dmsmbios.sys []
R3 ac97intc; Intel (R) 82801 Audio Driver Instale Service (WDM), D: \ WINDOWS \ system32 \ drivers \ ac97intc.sys [2001-08-17 96256]
R3 AVHook; AVHook, D: \ WINDOWS \ system32 \ drivers \ AVHook.sys [2007-12-06 28568]
R3 AVRec; AVRec, D: \ WINDOWS \ system32 \ drivers \ AVRec.sys [2007-12-06 21912]
R3 EL90XBC; 3Com EtherLink XL 90XB / C Adapter Driver; D: \ WINDOWS \ system32 \ DRIVERS \ el90xbc5.sys [2001-08-17 66591]
R3 i81x; i81x, D: \ WINDOWS \ system32 \ DRIVERS \ i81xnt5.sys [2004/08/03 161020]
R3 MODEMCSA; Unimodem Streaming Filtro Dispositivo; D: \ WINDOWS \ system32 \ drivers \ MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5; Mtlmnt5, D: \ WINDOWS \ system32 \ DRIVERS \ Mtlmnt5.sys [2004/08/03 126686]
R3 Slntamr; Smart Link 56K Modem Driver; D: \ WINDOWS \ system32 \ DRIVERS \ slntamr.sys [2004/08/03 404990]
R3 SlWdmSup; SlWdmSup, D: \ WINDOWS \ system32 \ DRIVERS \ SlWdmSup.sys [2004-08-03 13240]
R3 usbhub; USB2 Enabled Hub, D: \ WINDOWS \ system32 \ DRIVERS \ usbhub.sys [2004-08-03 57600]
R3 usbuhci; Microsoft USB Universal Host Controller Miniport Driver; D: \ WINDOWS \ system32 \ DRIVERS \ Usbuhci.sys [2004-08-03 20480]
S1 b88b9e8e; b88b9e8e; D: \ WINDOWS \ system32 \ drivers \ b88b9e8e.sys [2008/08/05 109150]
S3 AvFlt; Antivirus Filter Driver; D: \ WINDOWS \ system32 \ drivers \ av5flt.sys []
S3 CCDECODE; Closed Caption Decoder; D: \ WINDOWS \ system32 \ DRIVERS \ CCDECODE.sys [2004-08-03 17024]
S3 iAimFP0; iAimFP0, D: \ WINDOWS \ system32 \ DRIVERS \ wADV01nt.sys [2004-08-03 12415]
S3 iAimFP1; iAimFP1, D: \ WINDOWS \ system32 \ DRIVERS \ wADV02NT.sys [2004-08-03 12127]
S3 iAimFP2; iAimFP2, D: \ WINDOWS \ system32 \ DRIVERS \ wADV05NT.sys [2004-08-03 11775]
S3 iAimFP3; iAimFP3, D: \ WINDOWS \ system32 \ DRIVERS \ wSiINTxx.sys [2004-08-03 12063]
S3 iAimFP4; iAimFP4, D: \ WINDOWS \ system32 \ DRIVERS \ wVchNTxx.sys [2004-08-03 19455]
S3 iAimFP5; iAimFP5, D: \ WINDOWS \ system32 \ DRIVERS \ wADV07nt.sys [2004-08-03 11807]
S3 iAimFP6; iAimFP6, D: \ WINDOWS \ system32 \ DRIVERS \ wADV08nt.sys [2004-08-03 11295]
S3 iAimFP7; iAimFP7, D: \ WINDOWS \ system32 \ DRIVERS \ wADV09nt.sys [2004-08-03 11871]
S3 iAimTV0; iAimTV0, D: \ WINDOWS \ system32 \ DRIVERS \ wATV01nt.sys [2004-08-03 29311]
S3 iAimTV1; iAimTV1, D: \ WINDOWS \ system32 \ DRIVERS \ wATV02NT.sys [2004-08-03 19551]
S3 iAimTV3; iAimTV3, D: \ WINDOWS \ system32 \ DRIVERS \ wATV04nt.sys [2004-08-03 33599]
S3 iAimTV4; iAimTV4, D: \ WINDOWS \ system32 \ DRIVERS \ wCh7xxNT.sys [2004-08-03 23615]
S3 iAimTV5; iAimTV5, D: \ WINDOWS \ system32 \ DRIVERS \ wATV10nt.sys [2004-08-03 25471]
S3 iAimTV6; iAimTV6, D: \ WINDOWS \ system32 \ DRIVERS \ wATV06nt.sys [2004-08-03 22271]
S3 MBAMSwissArmy; MBAMSwissArmy; \? \ D: \ WINDOWS \ system32 \ drivers \ mbamswissarmy.sys []
S3 MSTEE; Microsoft Streaming Tee / Sink-to-Sink Converter, D: \ WINDOWS \ system32 \ drivers \ MSTEE.sys [2004/08/03 5504]
S3 Mtlstrm; Mtlstrm, D: \ WINDOWS \ system32 \ DRIVERS \ Mtlstrm.sys [2004/08/03 1309184]
S3 NABTSFEC; NABTS / FEC VBI Codec; D: \ WINDOWS \ system32 \ DRIVERS \ NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP; Microsoft TV / Vídeo Connection, D: \ WINDOWS \ system32 \ DRIVERS \ NdisIP.sys [2004-08-03 10880]
S3 nmwcd; Nokia USB Phone Parent; D: \ WINDOWS \ system32 \ drivers \ nmwcd.sys [2007-02-22 137216]
S3 nmwcdc; Nokia USB Genérico, D: \ WINDOWS \ system32 \ drivers \ nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj; Nokia USB Port; D: \ WINDOWS \ system32 \ drivers \ nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm; Nokia Modem USB, D: \ WINDOWS \ system32 \ drivers \ nmwcdcm.sys [2007-02-22 12288]
S3 NtMtlFax; NtMtlFax, D: \ WINDOWS \ system32 \ DRIVERS \ NtMtlFax.sys [2004/08/03 180360]
S3 SASENUM; SASENUM; \? \ D: \ Program Files \ SUPERAntiSpyware \ SASENUM.SYS []
S3 SBRE; SBRE; \? \ D: \ WINDOWS \ system32 \ drivers \ SBREdrv.sys []
S3 SLIP; BDA Slip De-framer, D: \ WINDOWS \ system32 \ DRIVERS \ SLIP.sys [2004-08-03 11136]
S3 SlNtHal; SlNtHal, D: \ WINDOWS \ system32 \ DRIVERS \ Slnthal.sys [2004-08-03 95424]
S3 streamip; BDA IPSink, D: \ WINDOWS \ system32 \ DRIVERS \ StreamIP.sys [2004-08-03 15360]
S3 usbprint; Microsoft USB PRINTER Class; D: \ WINDOWS \ system32 \ DRIVERS \ Usbprint.sys [2004-08-03 25856]
S3 USBSTOR; USB Mass Storage Driver; D: \ WINDOWS \ system32 \ DRIVERS \ USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb; WpdUsb, D: \ WINDOWS \ System32 \ Drivers \ Wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC; World Standard Teletext Codec; D: \ WINDOWS \ system32 \ DRIVERS \ WSTCODEC.SYS [2004-08-03 19328]
S3 XIRLINK; IBM PC Camera; D: \ WINDOWS \ system32 \ DRIVERS \ C-itnt.sys [1999-10-19 435655]

====== Lista de serviços (R = Running, S = Stopped, 0 = Boot, 1 = System, 2 = Auto, 3 = Demand, 4 = Disabled )======

R2 MDM; Machine Debug Manager, D: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ Mdm.exe [2003-06-19 322120]
R2 UMWdf; Windows User Mode Driver Framework, D: \ WINDOWS \ system32 \ Wdfmgr.exe [2004-08-11 38912]
S2 Distribuídos; Distribuídos; D: \ Program Files \ Common Files \ Microsoft Shared \ Msinfo \ ServerNet.exe []
S2 PCTAVSvc; PC Tools AntiVirus Engine, D: \ Program Files \ PC Tools AntiVirus \ PCTAVSvc.exe [2008-09-23 995520]
S2 SLService; SmartLinkService; D: \ WINDOWS \ system32 \ slserv.exe [2004-08-04 73796]
S3 AresChatServer; Ares Chatroom servidor; D: \ Program Files \ Ares \ chatServer.exe [2007-03-20 263168]
S3 aspnet_state; ASP.NET Serviço de Estado; D: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0.50727 \ aspn et_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;. NET Runtime Optimization Service v2.0.50727_X86, D: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0.50727 \ msco rsvw.exe [2005-09-23 66240]
S3 ose; Office Source Engine; D: \ Program Files \ Common Files \ Microsoft Shared \ Source Engine \ Ose.exe [2003-07-28 89136]
S3 ServiceLayer, ServiceLayer, D: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe [2007/06/15 300544]
S3 usnjsvc; Messenger Sharing Folders USN Journal Reader serviço; D: \ Program Files \ MSN Messenger \ usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc; Windows Live Setup Service; D: \ Program Files \ Windows Live \ installer \ WLSetupSvc.exe [2007-10-25 266240]

----------------- ----------------- EOF
  #4  
Old 1 de janeiro de 2009, 11:11
Membro Grupo
  
info.txt logfile aleatório do sistema de informação ferramenta 1/02 2008/09/26 23:02:40

====== Uninstall list ======

-> D: \ WINDOWS \ Isuninst.exe-f "D: \ Program Files \ IbmPcCamera \ Uninst.isu"
-> rundll32.exe setupapi.dll, InstallHinfSection DefaultUnInstall 132 D: \ WINDOWS \ INF \ PCHealth.inf
ACDSee -> D: \ PROGRA ~ 1 \ ACDSYS ~ 1 \ ACDSee \ UNWISE.EXE D: \ PROGRA ~ 1 \ ACDSYS ~ 1 \ ACDSee \ INSTALL.LOG
Adobe Flash Player ActiveX -> D: \ WINDOWS \ system32 \ Macromed \ Flash \ uninstall_acti veX.exe
Adobe Flash Player Plugin -> D: \ WINDOWS \ system32 \ Macromed \ Flash \ uninstall_plug in.exe
OBJETIVO 6 -> D: \ Program Files \ AIM6 \ Uninst.exe
Ares 2.0.9 -> "D: \ Program Files \ Ares \ uninstall.exe"
Astro123 v1.40--> "D: \ Program Files \ Astro123 \ unins000.exe"
Axialis AX-Icons 4.5 -> D: \ Program Files \ Axialis \ AX-Icons \ uninstall.exe "AX-Icons 4.5" "AXIcons.exe"
CCleaner (remover apenas )-->" D: \ Program Files \ CCleaner \ Uninst.exe "
CDisplay 1.8 -> "D: \ Program Files \ CDisplay \ unins000.exe"
Download Accelerator Plus -> D: \ PROGRA ~ 1 \ DAP \ UNWISE.EXE D: \ PROGRA ~ 1 \ DAP \ INSTALL.LOG
ESET Online Scanner -> D: \ WINDOWS \ system32 \ OnlineScannerUninstaller.ex e
FFDShow [rev 2019] [2008/06/22 ]-->" D: \ Program Files \ FFDShow \ unins000.exe "
Flash Studio PRO Trial -> "D: \ Program Files \ Flash Studio PRO Trial \ unins000.exe"
FLV Player 2.0, construir 24 -> C: \ Program Files \ FLV Player \ Uninst.exe
Foxit Reader -> C: \ Program Files \ Foxit Software \ Foxit Reader \ uninstall.exe
Glary Registry Repair 2.9 -> "D: \ Program Files \ Glary Registry Repair \ unins000.exe"
Google Earth -> MsiExec.exe / I (1D14373E-7970-4F2F-A467-ACA4F0EA21E3)
Google Talk (remover apenas )-->" D: \ Arquivos de Programas \ Google \ Google Talk \ uninstall.exe "
Google Toolbar para Internet Explorer -> MsiExec.exe / I (DBEA1034-5882-4A88-8033-81C4EF0CFA29)
Google Toolbar para Internet Explorer -> regsvr32 / u / s "D: \ Arquivos de programas \ google \ googletoolbar2.dll"
HijackThis 2.0.2 -> "D: \ Documents and Settings \ Burhan \ Meus Documentos \ TODAS AS Softwares \ HijackThis.exe" / uninstall
Hotfix para o Windows XP (KB915865 )-->" D: \ WINDOWS \ $ NtUninstallKB915865 $ \ spuninst \ spunin st.exe "
Internet Download Manager -> D: \ Arquivos de Programas \ Internet Download Manager \ uninstall.exe
Malwarebytes' Anti-Malware -> "D: \ Program Files \ Malwarebytes' Anti-Malware \ unins000.exe"
Microsoft National Language Support Downlevel APIs -> "D: \ WINDOWS \ $ NtServicePackUninstallNLSDownlevelMa pping $ \ spuninst \ spuninst.exe"
Microsoft Office Excel Viewer 2003 -> MsiExec.exe / I (90840409-6000-11D3-8CFE-0150048383C9)
Microsoft Office XP Professional com FrontPage -> MsiExec.exe / I (90280409-6000-11D3-8CFE-0050048383C9)
Microsoft Visual Basic 6.0 Enterprise Edition -> "D: \ Arquivos de Programas \ Microsoft Visual Studio \ VB98 \ Setup \ 1033 \ Setup.exe"
Microsoft Web Publishing Wizard 1.53 -> Rundll32 Advpack.dll, LaunchINFSection D: \ WINDOWS \ INF \ wpie3x86.inf, WebPostUninstall
Mobysaurus Thesaurus -> "D: \ WINDOWS \ system32 \ SpoonUninstall.exe" <uninstall> D: \ WINDOWS \ system32 \ SpoonUninstall-Mobysaurus Thesaurus.dat
Nokia Connectivity Cable Driver -> MsiExec.exe / X (11964613-805F-432D-A12B-169554B793E7)
Nokia Multimedia Player -> D: \ PROGRA ~ 1 \ common ~ 1 \ INSTAL ~ 1 \ Driver \ 7 \ INTEL3 ~ 1 \ I Driver.exe / M (4D6183C0-005C-4B1F-8261-4B0F71F1C4A5)
Nokia PC Suite -> D: \ Documents and Settings \ All Users \ Dados de aplicativos \ Installations \ (A982E6CC-9F0D-4948-9B18-BDFD55DE4A72) \ Nokia_PC_Suite_6_84_10_3_EA.exe
Nokia PC Suite -> MsiExec.exe / I (A982E6CC-9F0D-4948-9B18-BDFD55DE4A72)
Opera 9,51 -> MsiExec.exe / X (179624B1-2683-45ED-965A-B72189EB5820)
PC Connectivity Solution -> MsiExec.exe / I (99A40651-0BC2-4095-8F9A-A40FAB224FEF)
PowerDVD -> Rundll32 D: \ PROGRA ~ 1 \ common ~ 1 \ INSTAL ~ 1 \ motor \ 6 \ INTEL3 ~ 1 \ Ct or.dll, LaunchSetup "D: \ Program Files \ InstallShield Installation Information \ (6811CAA0-BF12 - 11D4-9EA1-0050BAE317E1) \ Setup.exe "-uninstall
QuickTime -> MsiExec.exe / I (F07B861C-72B9-40A4-8B1A-AAED4C06A7E8)
RichFX Jogador -> Rundll32 D: \ PROGRA ~ 1 \ common ~ 1 \ RichFX \ npvpg004.dll, Uninstall _Player
Skype ™ 3.8 -> MsiExec.exe / X (5C82DAE5-6EB0-4374-9254-BE3319BA4E82)
TIMES Educação - um nível Física -> D: \ WINDOWS \ Uninst.exe-f "D: \ Program Files \ TIMES Educação \ A Nível \ Física \ DeIsL2.isu"-CD: \ PROGRA ~ 1 \ TIMESE ~ 1 \ ALEVEL ~ 1 \ Física \ _ISREG32.DL L
TZ Connection Booster 2.6 -> "D: \ Program Files \ TZ Connection Booster \ unins000.exe"
USB Drive AntiVirus 2.3 -> "D: \ Program Files \ USBAntiVirus \ unins000.exe"
Viewpoint Media Player -> D: \ Program Files \ Viewpoint \ Viewpoint Media Player \ mtsAxInstaller.exe / u
Windows Driver Package - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0) -> D: \ PROGRA ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ WINDOWS \ system32 \ DRVSTORE \ pccswpddri_044C8712DB 44F83D9DE6C376991EE9254E0A69E4 \ pccswpddriver.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1) -> D: \ PROGRA ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ WINDOWS \ system32 \ DRVSTORE \ pccs_bluet_8B37DC7291 8CCD58A6EC20373AF6242B037A293B \ pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (02/15/2007 3.1) -> D: \ PROGRA ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ WINDOWS \ system32 \ DRVSTORE \ pccs_bluet_F12A08B6F7 76984A95553486F64C541356F86E38 \ pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1) -> D: \ PROGRA ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ WINDOWS \ system32 \ DRVSTORE \ nokbtmdm_5E1541AFF1E1 EA3554CE566743CCAD323ED1C108 \ nokbtmdm.inf
O Windows Installer 3.1 (KB893803 )-->" D: \ WINDOWS \ $ MSI31Uninstall_KB893803v2 $ \ spuninst \ spuninst.exe "
Windows Live installer -> MsiExec.exe / X (A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320)
Windows Live Messenger -> MsiExec.exe / I (571700F0-DB9D-4B3A-B03D-35A14BB5939F)
Windows Media Format Runtime -> "D: \ Arquivos de Programas \ Windows Media Player \ Wmsetsdk.exe" / UninstallAll
Windows Media Player 10 -> "D: \ Arquivos de Programas \ Windows Media Player \ Setup_wm.exe" / Uninstall
WinRAR Archiver -> D: \ Program Files \ WinRAR \ uninstall.exe
Yahoo! Messenger -> D: \ PROGRA ~ 1 \ YAHOO! \ Messen ~ 1 \ UNWISE.EXE / UD: \ PROGRA ~ 1 \ YAHOO! \ Messen ~ 1 \ INSTALL.LOG

====== Ambiente variáveis ======

"ComSpec" =% SystemRoot% \ system32 \ cmd.exe
"Path" =% systemroot% \ system32;% systemroot%;% systemr oot% \ system32 \ wbem; D: \ Program Files \ PC Connectivity Solution; D: \ PROGRAM FILES \ QUICKTIME \ QTSYSTEM
"windir" =% SystemRoot%
"FP_NO_HOST_CHECK" = NÃO
"SO" = Windows_NT
"PROCESSOR_ARCHITECTURE" = x86
"PROCESSOR_LEVEL" = 6
"PROCESSOR_IDENTIFIER" = x86 Family 6 Model 8 Stepping 10, GenuineIntel
"PROCESSOR_REVISION" = 080a
"NUMBER_OF_PROCESSORS" = 1
"PATHEXT" =. COM;. EXE,. MTD;. CMD;. VBS;. VBE;. JS;. Jse,. FSM;. WSH
"TEMP" =% SystemRoot% \ TEMP
"TMP" =% SystemRoot% \ TEMP
"CLASSPATH" =.; D: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip
"QTJAVA" = D: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip

----------------- ----------------- EOF
  #5  
Old 1 de janeiro de 2009, 11:14
Membro Grupo
  
Malwarebytes' Anti-Malware 1/28
Database version: 1234
5/1/2600 Windows Service Pack 2

12/31/2008 6:04:35
mbam-log-2008-12-31 (06-04-35). txt

Scan type: Full Scan (D: \ |)
Objetos digitalizados: 107121
Tempo decorrido: 24 minuto (s), 0 segundo (s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Valores do Registro infectados: 0
Dados de Registro Items Infected: 0
Pastas infectadas: 0
Arquivos infectados: 0

Memory Processes Infected:
(N º itens maliciosos detectados)

Memory Modules Infected:
(N º itens maliciosos detectados)

Registry Keys Infected:
HKEY_CLASSES_ROOT \ AppID \ (bdbebf18-7615-4971-9ac3-bd6ffb7ad6c1) (Adware.WebDir) -> quarentena e eliminado com sucesso.
HKEY_CLASSES_ROOT \ AppID \ DLP.DLL (Trojan.BHO) -> quarentena e eliminado com sucesso.

Valores do Registro infectados:
(N º itens maliciosos detectados)

Dados de Registro Items Infected:
(N º itens maliciosos detectados)

Folders Infected:
(N º itens maliciosos detectados)

Arquivos Infectados:
(N º itens maliciosos detectados)
  #6  
Old 1 de janeiro de 2009, 12:55
Moderador Grupo
  
Abrir HijackThis e escolha Faça um sistema de verificação só.

Coloque uma marca de verificação ao lado dos seguintes entradas: (se houver)

F2 - REG: system.ini: Shell = explorer.exe

Importante: Feche todas as janelas abertas, excepto para o HijackThis e clique em Fix controlados.

Uma vez concluído, saia HijackThis.

----------

Download ComboFix © por SUBS de um dos links abaixo. Certifique-se de guardá-lo para o topo Desktop.

Link # 1
Link # 2

** Nota: É importante que ele é guardado directamente para o seu desktop

NÃO executá-lo ainda!

Nota: as instruções abaixo foram criados especificamente para este usuário. Se você não é esse usuário, NÃO siga estas instruções, uma vez que poderia danificar o funcionamento de seu sistema

Excluir esses arquivos / pastas, como se segue:

1. Ir para Iniciar > Correr > Tipo Notepad.exe e clique em OK para abrir o Bloco de Notas.
Ele deve ser Notepad, Wordpad não.
2. Copie o código abaixo o texto na caixa de realce todo o texto e pressionar Ctrl + C

Código:
Killall:: Arquivo:: D: \ FOUND.174 D: \ FOUND.173 D: \ FOUND.172 D: \ FOUND.171 D: \ FOUND.170 D: \ FOUND.169 D: \ FOUND.168 D: \ FOUND.167 D: \ FOUND.166 D: \ FOUND.165 D: \ FOUND.164 D: \ FOUND.163 D: \ FOUND.162 D: \ FOUND.161 D: \ FOUND.160 D: \ FOUND ,159 D: \ FOUND.158 D: \ FOUND.157 D: \ FOUND.156 D: \ FOUND.155 Registry:: [-HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Browser Helper Objects \ (7E853D72 - 626A-48EC-A868-BA8D5E23E045)] [-HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar] (DE9C389F-3316-41A7-809B-AA305ED9D922) [-HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ ( dafa2220-8123-11dd-aa9c-00065b298742)]
3. Vá até a janela e clique em Bloco de notas Editar > Colar
4. Em seguida, clique em Arquivo > Salvar
5. Nome do arquivo CFScript.txt - Salve o arquivo para o seu desktop
6. Em seguida, arraste o CFScript (mantenha o botão esquerdo do mouse ao arrastar o arquivo) e largá-la (liberar o botão esquerdo do mouse) em ComboFix.exe como você vê na imagem abaixo. Importante: Realize estas instruções cuidadosamente!



ComboFix irá começar a executar, basta seguir as instruções na tela.
Após o reboot (no caso ele pede para reiniciar), que irá produzir um log para você.
Post que log (Combofix.txt) em sua próxima resposta.

Nota: Não mouseclick ComboFix da janela enquanto ele está sendo executado. Isso pode fazer com que seu sistema de congelar
__________________
Reply

Register
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Contato -- Privacidade -- Mapa do Site -- Topo

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd. SEO por vBSEO © 2009, rastreamento, Inc.